From eed00f93e8999712191e39c59c15e23461520f43 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Tue, 16 Oct 2018 14:15:19 -0400
Subject: gnu: libssh: Update to 0.7.6 [fixes CVE-2018-10933].

* gnu/packages/ssh.scm (libssh): Update to 0.7.6.
* gnu/packages/patches/libssh-hostname-parser-bug.patch: Adjust patch.
---
 .../patches/libssh-hostname-parser-bug.patch       | 22 ++------
 gnu/packages/ssh.scm                               | 64 ++++++++++------------
 2 files changed, 34 insertions(+), 52 deletions(-)

(limited to 'gnu')

diff --git a/gnu/packages/patches/libssh-hostname-parser-bug.patch b/gnu/packages/patches/libssh-hostname-parser-bug.patch
index 69f46cbdd6..de2336e86d 100644
--- a/gnu/packages/patches/libssh-hostname-parser-bug.patch
+++ b/gnu/packages/patches/libssh-hostname-parser-bug.patch
@@ -1,31 +1,17 @@
-Fix "Hostname" parsing in OpenSSH config files, as reported
-at <https://red.libssh.org/issues/260>.
-
-From: Niels Ole Salscheider <niels_ole@salscheider-online.de>
-Date: Mon, 8 May 2017 17:36:13 +0200
-Subject: [PATCH] Fix reading of the first parameter
-
-This is a fixup for 7b8b5eb4eac314a3a29be812bef0264c6611f6e7.
-Previously, it would return as long as the parameter was _not_ seen
-before. It also did not handle the case for the unsupported opcode (-1)
+It does not handle the case for the unsupported opcode (-1)
 which would cause a segfault when accessing the "seen" array.
----
- src/config.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
 
 diff --git a/src/config.c b/src/config.c
-index 7c03b27..238a655 100644
+index c5313ec8..72e07639 100644
 --- a/src/config.c
 +++ b/src/config.c
-@@ -218,8 +218,9 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
+@@ -218,7 +218,8 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
    }
  
    opcode = ssh_config_get_opcode(keyword);
 -  if (*parsing == 1 && opcode != SOC_HOST) {
--      if (seen[opcode] == 0) {
 +  if (*parsing == 1 && opcode != SOC_HOST &&
 +      opcode > SOC_UNSUPPORTED && opcode < SOC_END) {
-+      if (seen[opcode] == 1) {
+       if (seen[opcode] != 0) {
            return 0;
        }
-       seen[opcode] = 1;
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 362d427a2e..829977f5c5 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -65,40 +65,36 @@ (define-module (gnu packages ssh)
   #:use-module (srfi srfi-1))
 
 (define-public libssh
-  ;; This commit from the 'v0-7' branch contains 7 memory-management-related
-  ;; bug fixes that we'd rather have.
-  (let ((commit "239d0f75b5f909174c2ef7fb08d23bcfa6b20ba0")
-        (revision "0"))
-    (package
-      (name "libssh")
-      (version (git-version "0.7.5" revision commit))
-      (source (origin
-                (method git-fetch)
-                (uri (git-reference
-                      (url "https://git.libssh.org/projects/libssh.git")
-                      (commit commit)))
-                (sha256
-                 (base32
-                  "01w72w1jsgs9ilj3n1gp6qkmdxr9n74i5h2nipi3x1vzm7bv8na1"))
-                (patches (search-patches "libssh-hostname-parser-bug.patch"))
-                (file-name (git-file-name name version))))
-      (build-system cmake-build-system)
-      (outputs '("out" "debug"))
-      (arguments
-       '(#:configure-flags '("-DWITH_GCRYPT=ON")
-
-         ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
-         #:tests? #f))
-      (inputs `(("zlib" ,zlib)
-                ("libgcrypt" ,libgcrypt)))
-      (synopsis "SSH client library")
-      (description
-       "libssh is a C library implementing the SSHv2 and SSHv1 protocol for
-client and server implementations.  With libssh, you can remotely execute
-programs, transfer files, and use a secure and transparent tunnel for your
-remote applications.")
-      (home-page "https://www.libssh.org")
-      (license license:lgpl2.1+))))
+  (package
+    (name "libssh")
+    (version "0.7.6")
+    (source (origin
+              (method git-fetch)
+              (uri (git-reference
+                    (url "https://git.libssh.org/projects/libssh.git")
+                    (commit (string-append "libssh-" version))))
+              (patches (search-patches "libssh-hostname-parser-bug.patch"))
+              (sha256
+               (base32
+                "0slwqa36mhyb6brdv2jvb9fxp7rvsv3ziv67kaxx615jxn52l5pa"))
+              (file-name (git-file-name name version))))
+    (build-system cmake-build-system)
+    (outputs '("out" "debug"))
+    (arguments
+     '(#:configure-flags '("-DWITH_GCRYPT=ON")
+
+       ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
+       #:tests? #f))
+    (inputs `(("zlib" ,zlib)
+              ("libgcrypt" ,libgcrypt)))
+    (synopsis "SSH client library")
+    (description
+     "libssh is a C library implementing the SSHv2 and SSHv1 protocol for client
+and server implementations.  With libssh, you can remotely execute programs,
+transfer files, and use a secure and transparent tunnel for your remote
+applications.")
+    (home-page "https://www.libssh.org")
+    (license license:lgpl2.1+)))
 
 (define-public libssh2
   (package
-- 
cgit v1.2.3