From 1d6da849c359c48dda5b70b7c518d59ddc4f7de0 Mon Sep 17 00:00:00 2001 From: Paul Howarth Date: Mar 18 2012 14:53:07 +0000 Subject: Don't try to use openssl's AES-CTR functions The code supporting openssl's AES-CTR functions does not currently work: (http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml) --- diff --git a/libssh2-1.4.0-f4f229.patch b/libssh2-1.4.0-f4f229.patch new file mode 100644 index 0000000..d413f3f --- /dev/null +++ b/libssh2-1.4.0-f4f229.patch @@ -0,0 +1,60 @@ +From f4f2298ef3635acd031cc2ee0e71026cdcda5864 Mon Sep 17 00:00:00 2001 +From: Paul Howarth +Date: Sun, 18 Mar 2012 12:07:27 +0000 +Subject: [PATCH] aes: the init function fails when OpenSSL has AES support + +The internal init function only worked fine when the configure script +didn't detect the OpenSSL AES_CTR function! + +Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml +Reported by: Paul Howarth +--- + src/openssl.c | 4 +++- + src/openssl.h | 6 ------ + 2 files changed, 3 insertions(+), 7 deletions(-) + +diff --git a/src/openssl.c b/src/openssl.c +index 40818c0..481982c 100644 +--- a/src/openssl.c ++++ b/src/openssl.c +@@ -201,7 +201,7 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, + return ret == 1 ? 0 : 1; + } + +-#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) ++#if LIBSSH2_AES_CTR + + #include + #include +@@ -362,6 +362,8 @@ void _libssh2_init_aes_ctr(void) + _libssh2_EVP_aes_256_ctr(); + } + ++#else ++void _libssh2_init_aes_ctr(void) {} + #endif /* LIBSSH2_AES_CTR */ + + /* TODO: Optionally call a passphrase callback specified by the +diff --git a/src/openssl.h b/src/openssl.h +index a196184..6d2aeed 100644 +--- a/src/openssl.h ++++ b/src/openssl.h +@@ -148,15 +148,9 @@ void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char + #define _libssh2_cipher_aes256 EVP_aes_256_cbc + #define _libssh2_cipher_aes192 EVP_aes_192_cbc + #define _libssh2_cipher_aes128 EVP_aes_128_cbc +-#ifdef HAVE_EVP_AES_128_CTR +-#define _libssh2_cipher_aes128ctr EVP_aes_128_ctr +-#define _libssh2_cipher_aes192ctr EVP_aes_192_ctr +-#define _libssh2_cipher_aes256ctr EVP_aes_256_ctr +-#else + #define _libssh2_cipher_aes128ctr _libssh2_EVP_aes_128_ctr + #define _libssh2_cipher_aes192ctr _libssh2_EVP_aes_192_ctr + #define _libssh2_cipher_aes256ctr _libssh2_EVP_aes_256_ctr +-#endif + #define _libssh2_cipher_blowfish EVP_bf_cbc + #define _libssh2_cipher_arcfour EVP_rc4 + #define _libssh2_cipher_cast5 EVP_cast5_cbc +-- +1.7.7.6 + diff --git a/libssh2.spec b/libssh2.spec index 7627806..85700bf 100644 --- a/libssh2.spec +++ b/libssh2.spec @@ -9,7 +9,7 @@ Name: libssh2 Version: 1.4.0 -Release: 2%{?dist} +Release: 3%{?dist} Summary: A library implementing the SSH2 protocol Group: System Environment/Libraries License: BSD @@ -18,6 +18,7 @@ Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz Patch0: libssh2-1.2.9-utf8.patch Patch1: libssh2-1.4.0-c4a0e0.patch Patch2: libssh2-1.4.0-cc4f9d.patch +Patch3: libssh2-1.4.0-f4f229.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildRequires: openssl-devel BuildRequires: zlib-devel @@ -74,6 +75,9 @@ developing applications that use libssh2. # (upstream patch, #804156) %patch2 -p1 +# Don't try to use openssl's AES-CTR functions (upstream patch) +%patch3 -p1 + # Make sshd transition appropriately if building in an SELinux environment chcon $(/usr/sbin/matchpathcon -n /etc/rc.d/init.d/sshd) tests/ssh2.sh || : chcon -R $(/usr/sbin/matchpathcon -n /etc) tests/etc || : @@ -135,6 +139,10 @@ rm -rf %{buildroot} %{_libdir}/pkgconfig/libssh2.pc %changelog +* Sun Mar 18 2012 Paul Howarth 1.4.0-3 +- Don't try to use openssl's AES-CTR functions + (http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml) + * Fri Mar 16 2012 Paul Howarth 1.4.0-2 - fix libssh2 failing key re-exchange when write channel is saturated (#804156) - drop %%defattr, redundant since rpm 4.4