[libssh2] Don't try to use openssl's AES-CTR functions
Paul Howarth
pghmcfc at fedoraproject.org
Sun Mar 18 14:54:35 UTC 2012
commit 1d6da849c359c48dda5b70b7c518d59ddc4f7de0
Author: Paul Howarth <paul at city-fan.org>
Date: Sun Mar 18 14:53:07 2012 +0000
Don't try to use openssl's AES-CTR functions
The code supporting openssl's AES-CTR functions does not currently work:
(http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml)
libssh2-1.4.0-f4f229.patch | 60 ++++++++++++++++++++++++++++++++++++++++++++
libssh2.spec | 10 ++++++-
2 files changed, 69 insertions(+), 1 deletions(-)
---
diff --git a/libssh2-1.4.0-f4f229.patch b/libssh2-1.4.0-f4f229.patch
new file mode 100644
index 0000000..d413f3f
--- /dev/null
+++ b/libssh2-1.4.0-f4f229.patch
@@ -0,0 +1,60 @@
+From f4f2298ef3635acd031cc2ee0e71026cdcda5864 Mon Sep 17 00:00:00 2001
+From: Paul Howarth <paul at city-fan.org>
+Date: Sun, 18 Mar 2012 12:07:27 +0000
+Subject: [PATCH] aes: the init function fails when OpenSSL has AES support
+
+The internal init function only worked fine when the configure script
+didn't detect the OpenSSL AES_CTR function!
+
+Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml
+Reported by: Paul Howarth
+---
+ src/openssl.c | 4 +++-
+ src/openssl.h | 6 ------
+ 2 files changed, 3 insertions(+), 7 deletions(-)
+
+diff --git a/src/openssl.c b/src/openssl.c
+index 40818c0..481982c 100644
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -201,7 +201,7 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
+ return ret == 1 ? 0 : 1;
+ }
+
+-#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR)
++#if LIBSSH2_AES_CTR
+
+ #include <openssl/aes.h>
+ #include <openssl/evp.h>
+@@ -362,6 +362,8 @@ void _libssh2_init_aes_ctr(void)
+ _libssh2_EVP_aes_256_ctr();
+ }
+
++#else
++void _libssh2_init_aes_ctr(void) {}
+ #endif /* LIBSSH2_AES_CTR */
+
+ /* TODO: Optionally call a passphrase callback specified by the
+diff --git a/src/openssl.h b/src/openssl.h
+index a196184..6d2aeed 100644
+--- a/src/openssl.h
++++ b/src/openssl.h
+@@ -148,15 +148,9 @@ void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char
+ #define _libssh2_cipher_aes256 EVP_aes_256_cbc
+ #define _libssh2_cipher_aes192 EVP_aes_192_cbc
+ #define _libssh2_cipher_aes128 EVP_aes_128_cbc
+-#ifdef HAVE_EVP_AES_128_CTR
+-#define _libssh2_cipher_aes128ctr EVP_aes_128_ctr
+-#define _libssh2_cipher_aes192ctr EVP_aes_192_ctr
+-#define _libssh2_cipher_aes256ctr EVP_aes_256_ctr
+-#else
+ #define _libssh2_cipher_aes128ctr _libssh2_EVP_aes_128_ctr
+ #define _libssh2_cipher_aes192ctr _libssh2_EVP_aes_192_ctr
+ #define _libssh2_cipher_aes256ctr _libssh2_EVP_aes_256_ctr
+-#endif
+ #define _libssh2_cipher_blowfish EVP_bf_cbc
+ #define _libssh2_cipher_arcfour EVP_rc4
+ #define _libssh2_cipher_cast5 EVP_cast5_cbc
+--
+1.7.7.6
+
diff --git a/libssh2.spec b/libssh2.spec
index 7627806..85700bf 100644
--- a/libssh2.spec
+++ b/libssh2.spec
@@ -9,7 +9,7 @@
Name: libssh2
Version: 1.4.0
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: A library implementing the SSH2 protocol
Group: System Environment/Libraries
License: BSD
@@ -18,6 +18,7 @@ Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz
Patch0: libssh2-1.2.9-utf8.patch
Patch1: libssh2-1.4.0-c4a0e0.patch
Patch2: libssh2-1.4.0-cc4f9d.patch
+Patch3: libssh2-1.4.0-f4f229.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
BuildRequires: openssl-devel
BuildRequires: zlib-devel
@@ -74,6 +75,9 @@ developing applications that use libssh2.
# (upstream patch, #804156)
%patch2 -p1
+# Don't try to use openssl's AES-CTR functions (upstream patch)
+%patch3 -p1
+
# Make sshd transition appropriately if building in an SELinux environment
chcon $(/usr/sbin/matchpathcon -n /etc/rc.d/init.d/sshd) tests/ssh2.sh || :
chcon -R $(/usr/sbin/matchpathcon -n /etc) tests/etc || :
@@ -135,6 +139,10 @@ rm -rf %{buildroot}
%{_libdir}/pkgconfig/libssh2.pc
%changelog
+* Sun Mar 18 2012 Paul Howarth <paul at city-fan.org> 1.4.0-3
+- Don't try to use openssl's AES-CTR functions
+ (http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml)
+
* Fri Mar 16 2012 Paul Howarth <paul at city-fan.org> 1.4.0-2
- fix libssh2 failing key re-exchange when write channel is saturated (#804156)
- drop %%defattr, redundant since rpm 4.4
More information about the scm-commits
mailing list