[meta-openssl102-fips][PATCH 5/6] openssh: set kex->sessin_id via sshbuf_put in ssh-cavs


Yi Zhao
 

The kex->session_id has been replaced from u_char * to sshbuf and
kex->session_id_len has been removed in openssh 8.5[1]. Update ssh-cavs
to adapt it.

Fixes:
ssh-cavs.c:198:12: error: 'struct kex' has no member named 'session_id_len'; did you mean 'session_id'?
198 | ssh->kex->session_id_len = test->session_id_len;
| ^~~~~~~~~~~~~~
| session_id

[1] https://github.com/openssh/openssh-portable/commit/39be3dc209f28f9c1ebfeba42adde8963b01e1cd

Signed-off-by: Yi Zhao <yi.zhao@...>
---
...avs-set-kex-sessin_id-via-sshbuf_put.patch | 45 +++++++++++++++++++
recipes-connectivity/openssh/openssh_fips.inc | 1 +
2 files changed, 46 insertions(+)
create mode 100644 recipes-connectivity/openssh/openssh/0001-ssh-cavs-set-kex-sessin_id-via-sshbuf_put.patch

diff --git a/recipes-connectivity/openssh/openssh/0001-ssh-cavs-set-kex-sessin_id-via-sshbuf_put.patch b/recipes-connectivity/openssh/openssh/0001-ssh-cavs-set-kex-sessin_id-via-sshbuf_put.patch
new file mode 100644
index 0000000..20e8604
--- /dev/null
+++ b/recipes-connectivity/openssh/openssh/0001-ssh-cavs-set-kex-sessin_id-via-sshbuf_put.patch
@@ -0,0 +1,45 @@
+From 3841d7c1057e62a57c49e5042080202739c9bf98 Mon Sep 17 00:00:00 2001
+From: Yi Zhao <yi.zhao@...>
+Date: Thu, 8 Apr 2021 15:09:21 +0800
+Subject: [PATCH] ssh-cavs: set kex->sessin_id via sshbuf_put
+
+The kex->session_id has been replaced from u_char * to sshbuf and
+kex->session_id_len has been removed in openssh 8.5[1]. Update ssh-cavs
+to adapt it.
+
+Fixes:
+ssh-cavs.c:198:12: error: 'struct kex' has no member named 'session_id_len'; did you mean 'session_id'?
+ 198 | ssh->kex->session_id_len = test->session_id_len;
+ | ^~~~~~~~~~~~~~
+ | session_id
+
+[1] https://github.com/openssh/openssh-portable/commit/39be3dc209f28f9c1ebfeba42adde8963b01e1cd
+
+Upstream-Status: Inappropriate [oe specific]
+
+Signed-off-by: Yi Zhao <yi.zhao@...>
+---
+ ssh-cavs.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/ssh-cavs.c b/ssh-cavs.c
+index 641a453..48bae74 100644
+--- a/ssh-cavs.c
++++ b/ssh-cavs.c
+@@ -194,8 +194,11 @@ static int sshkdf_cavs(struct kdf_cavs *test)
+ goto out;
+ }
+
+- ssh->kex->session_id = test->session_id;
+- ssh->kex->session_id_len = test->session_id_len;
++ if (sshbuf_put(ssh->kex->session_id, test->session_id, test->session_id_len) != 0) {
++ printf("cannot convert session_id into sshbuf\n");
++ ret = 1;
++ goto out;
++ }
+
+ /* setup kex */
+
+--
+2.17.1
+
diff --git a/recipes-connectivity/openssh/openssh_fips.inc b/recipes-connectivity/openssh/openssh_fips.inc
index 961f2d5..194a6f4 100644
--- a/recipes-connectivity/openssh/openssh_fips.inc
+++ b/recipes-connectivity/openssh/openssh_fips.inc
@@ -11,6 +11,7 @@ SRC_URI += " \
file://openssh-6.6p1-ctr-cavstest.patch \
file://openssh-6.7p1-kdf-cavs.patch \
file://0001-ssh-cavs-fix-the-double-free-error.patch \
+ file://0001-ssh-cavs-set-kex-sessin_id-via-sshbuf_put.patch \
"

do_install_append() {
--
2.25.1

Join yocto@lists.yoctoproject.org to automatically receive all group messages.