!73 [sync] PR-71: 回合社区补丁，修复从ipv6地址解析hostname失败的问题

From: @openeuler-sync-bot Reviewed-by: @gebidelidaye Signed-off-by: @gebidelidaye
2024-02-17 01:47:04 +00:00 · 2024-02-17 01:47:04 +00:00 · db07e8b313
commit db07e8b313
parent d26d910ddc d7c3e1aa9c
2 changed files with 145 additions and 1 deletions
--- a/backport-Fix-regression-in-IPv6-addresses-in-hostname-parsing.patch
+++ b/backport-Fix-regression-in-IPv6-addresses-in-hostname-parsing.patch
@ -0,0 +1,137 @@
 From 4f997aee7c7d7ea346b3e8ba505da0b7601ff318 Mon Sep 17 00:00:00 2001
 From: Jakub Jelen <jjelen@redhat.com>
 Date: Fri, 22 Dec 2023 10:32:40 +0100
 Subject: [PATCH] Fix regression in IPv6 addresses in hostname parsing
 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 Reference:
 https://git.libssh.org/projects/libssh.git/patch/?id=4f997aee7c7d7
 ---
 include/libssh/config_parser.h | 11 ++++++++---
 src/config.c                   |  4 ++--
 src/config_parser.c            | 16 +++++++++++-----
 src/options.c                  | 10 ++--------
 4 files changed, 23 insertions(+), 18 deletions(-)
 diff --git a/include/libssh/config_parser.h b/include/libssh/config_parser.h
 index e974917..ee647bf 100644
 --- a/include/libssh/config_parser.h
 +++ b/include/libssh/config_parser.h
@@ -26,6 +26,8 @@
 #ifndef CONFIG_PARSER_H_
 #define CONFIG_PARSER_H_
 +#include <stdbool.h>
 +
 char *ssh_config_get_cmd(char **str);
 char *ssh_config_get_token(char **str);
@@ -45,13 +47,16 @@ int ssh_config_get_yesno(char **str, int notfound);
  *                       be stored or NULL if we do not care about the result.
  * @param[out]  port     Pointer to the location, where the new port will
  *                       be stored or NULL if we do not care about the result.
 + * @param[in]   ignore_port Set to true if the we should not attempt to parse
 + *                       port number.
  *
  * @returns     SSH_OK if the provided string is in format of SSH URI,
  *              SSH_ERROR on failure
  */
 int ssh_config_parse_uri(const char *tok,
 -        char **username,
 -        char **hostname,
 -        char **port);
 +                         char **username,
 +                         char **hostname,
 +                         char **port,
 +                         bool ignore_port);
 #endif /* LIBSSH_CONFIG_H_ */
 diff --git a/src/config.c b/src/config.c
 index 54a1a6e..cb0890b 100644
 --- a/src/config.c
 +++ b/src/config.c
@@ -324,7 +324,7 @@ ssh_config_parse_proxy_jump(ssh_session session, const char *s, bool do_parsing)
         }
         if (parse_entry) {
             /* We actually care only about the first item */
 -            rv = ssh_config_parse_uri(cp, &username, &hostname, &port);
 +            rv = ssh_config_parse_uri(cp, &username, &hostname, &port, false);
             /* The rest of the list needs to be passed on */
             if (endp != NULL) {
                 next = strdup(endp + 1);
@@ -335,7 +335,7 @@ ssh_config_parse_proxy_jump(ssh_session session, const char *s, bool do_parsing)
             }
         } else {
             /* The rest is just sanity-checked to avoid failures later */
 -            rv = ssh_config_parse_uri(cp, NULL, NULL, NULL);
 +            rv = ssh_config_parse_uri(cp, NULL, NULL, NULL, false);
         }
         if (rv != SSH_OK) {
             goto out;
 diff --git a/src/config_parser.c b/src/config_parser.c
 index 87bac5d..a2da0a6 100644
 --- a/src/config_parser.c
 +++ b/src/config_parser.c
@@ -134,9 +134,10 @@ int ssh_config_get_yesno(char **str, int notfound)
 }
 int ssh_config_parse_uri(const char *tok,
 -        char **username,
 -        char **hostname,
 -        char **port)
 +                         char **username,
 +                         char **hostname,
 +                         char **port,
 +                         bool ignore_port)
 {
     char *endp = NULL;
     long port_n;
@@ -182,12 +183,17 @@ int ssh_config_parse_uri(const char *tok,
         if (endp == NULL) {
             goto error;
         }
 -    } else {
 -        /* Hostnames or aliases expand to the last colon or to the end */
 +    } else if (!ignore_port) {
 +        /* Hostnames or aliases expand to the last colon (if port is requested)
 +         * or to the end */
         endp = strrchr(tok, ':');
         if (endp == NULL) {
             endp = strchr(tok, '\0');
         }
 +    } else {
 +        /* If no port is requested, expand to the end of line
 +         * (to accommodate the IPv6 addresses) */
 +        endp = strchr(tok, '\0');
     }
     if (tok == endp) {
         /* Zero-length hostnames are not valid */
 diff --git a/src/options.c b/src/options.c
 index 7c03e7a..0890ff2 100644
 --- a/src/options.c
 +++ b/src/options.c
@@ -491,17 +491,11 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
                 ssh_set_error_invalid(session);
                 return -1;
             } else {
 -                char *username = NULL, *hostname = NULL, *port = NULL;
 -                rc = ssh_config_parse_uri(value, &username, &hostname, &port);
 +                char *username = NULL, *hostname = NULL;
 +                rc = ssh_config_parse_uri(value, &username, &hostname, NULL, true);
                 if (rc != SSH_OK) {
                     return -1;
                 }
 -                if (port != NULL) {
 -                    SAFE_FREE(username);
 -                    SAFE_FREE(hostname);
 -                    SAFE_FREE(port);
 -                    return -1;
 -                }
                 if (username != NULL) {
                     SAFE_FREE(session->opts.username);
                     session->opts.username = username;
 -- 
 2.33.0
--- a/libssh.spec
+++ b/libssh.spec
@ -1,6 +1,6 @@
 Name:           libssh
 Version:        0.9.6
-Release:        8
+Release:        9
 Summary:        A library implementing the SSH protocol
 License:        LGPLv2+
 URL:            http://www.libssh.org
@ -58,6 +58,7 @@ Patch45:        backport-0002-CVE-2023-6918-Remove-unused-evp-functions-and-type
 Patch46:        backport-0003-CVE-2023-6918-Systematically-check-return-values-whe.patch
 Patch47:        backport-0004-CVE-2023-6918-kdf-Detect-context-init-failures.patch
 Patch48:        backport-0010-CVE-2023-6004-torture_config-Allow-multiple-in-usern.patch
 Patch49:        backport-Fix-regression-in-IPv6-addresses-in-hostname-parsing.patch
 BuildRequires:  cmake gcc-c++ gnupg2 openssl-devel pkgconfig zlib-devel
 BuildRequires:  krb5-devel libcmocka-devel openssh-clients openssh-server
@ -143,6 +144,12 @@ popd
 %doc ChangeLog README
 %changelog
 * Wed Feb 7 2024 renmingshuai <renmingshuai@huawei.com> - 0.9.6-9
 - Type:bugfix
 - Id:
 - SUG:NA
 - DESC:Fix regression in IPv6 addresses in hostname parsing
 * Thu Dec 28 2023 renmingshuai <renmingshuai@huawei.com> - 0.9.6-8
 - Type:CVE
 - Id:CVE-2023-6004,CVE-2023-6918,CVE-2023-48795