From patchwork Wed Jul 3 14:23:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dario Binacchi X-Patchwork-Id: 3162 Return-Path: X-Original-To: linux-amarula@patchwork.amarulasolutions.com Delivered-To: linux-amarula@patchwork.amarulasolutions.com Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by ganimede.amarulasolutions.com (Postfix) with ESMTPS id 2F1333F102 for ; Wed, 3 Jul 2024 16:23:26 +0200 (CEST) Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-58d7b8f1e1bsf391125a12.0 for ; Wed, 03 Jul 2024 07:23:26 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1720016606; cv=pass; d=google.com; s=arc-20160816; b=uhEqWIATZpmdkii1lUpJzPwTk2mPkfWXnS9SbY/w1hirBALSgEHT8/i4O8y4TIgBiQ oSYHqJqaHd7o5gz9qlIt1UokgxJtdkXFXk8Rk8QZlSRryoq73rqKOm1hpiE5ln+ycZC0 u3igowwFYJZ94AamuFR6dyp2o3z62nLtg3hoLO/FoA0jhczssDjxGWJkH1BwZC3BqDAK GGoMngVxuIn51zZ+nsob+54ak7zRgcRi2wNVuJ9SyXrQ4ts1fwnVZfUtS7jcRkDM260Y /wMIVWW7+5BPwexeJpkB+E6JpRrap901nb1iqC8ibWnO3lB9L0p1GOQo5EX2IJC4SBYK t7ug== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-archive:list-help:list-post:list-id :mailing-list:precedence:mime-version:message-id:date:subject:cc:to :from:dkim-signature; bh=z5h5X5+LgOtTnV7eWuhPBV/0qbzFuBffpiLO3/F23Kg=; fh=ge65n/c/XF7PDggBcWGIO7qdWXtPVGTe7ep/IyFOCdI=; b=jzGD32ilbahZXASC71HzGFB5OlcQNd3zqbrpsQMDmRebDBnVLbimEcwfBBbXfRpMBo dB1G0le88wVrUJ7PwTni4ZrupnIjVw39/RDFcjki3hxiCRwwCtaw8joYYobMDAiCf5za pcio6KWoSi/Q2HAbdf07CmSQ2kitnCifRU3OI3bInmZZfwETtJ6JGmnEvAjlNjACqkU9 CEmVClpIwla19dAGbgyw4c6u3h0/0u2gaHncALIxeCKjDQDcmVwgTm+2aGmfQfGFkUGm 4BW0g80d+U00lH8I8u4WwlCxK5gKhJGDnTsYOyrFhS+NvJj85+HhZONXJGfebLlBh2cq JT5g==; darn=patchwork.amarulasolutions.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amarulasolutions.com header.s=google header.b=VXHR8Yqp; spf=pass (google.com: domain of dario.binacchi@amarulasolutions.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=dario.binacchi@amarulasolutions.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=amarulasolutions.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amarulasolutions.com; s=google; t=1720016606; x=1720621406; darn=patchwork.amarulasolutions.com; h=list-unsubscribe:list-archive:list-help:list-post:list-id :mailing-list:precedence:x-original-authentication-results :x-original-sender:mime-version:message-id:date:subject:cc:to:from :from:to:cc:subject:date:message-id:reply-to; bh=z5h5X5+LgOtTnV7eWuhPBV/0qbzFuBffpiLO3/F23Kg=; b=pbug2TjlVkJeksKOuUguYnHDWjhylaTa0+me01BN4RQ3MTdpazYOKHncngttwheVAc OsY940qCheioiJA8HMXSknHqBw4DoAAatc5C7GEKt+2fLQxZPdPCu86jHIj0g0VyDle9 /YZvBSrn5C93tCVDUFWJRjYKVOGaygnP8CepA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720016606; x=1720621406; h=list-unsubscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence :x-original-authentication-results:x-original-sender:mime-version :message-id:date:subject:cc:to:from:x-beenthere:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=z5h5X5+LgOtTnV7eWuhPBV/0qbzFuBffpiLO3/F23Kg=; b=Kq9rDtzZp2MJ97jD6ftneIv0jAvZtvKB3YthTaeFoGfXk7kAXatGENzeYoJw46YfiC PuEjlw66IRNsy6+ZL7GXQ5n1FIBoUPjiozwYy4O8v9BqR6VNgFoyNg/cGaMc3yPzIYFf 3+kd8Fv9PyxiORTsSctmSKpRySOUlziHZ4zgqk6eYVn5UR+GnqDi9sNJnsa8ugtI9sPd 1GAdEpYifklPBo31xsoQTDI5p+RxbdHk1cLx5vli53Gc3nFJpk/DrtSwu7vKNP6M/j9j cq05L9sn3b9GnyMsCm7PTuGzrbYBiPzqOzVkY5B+9s+dNowGxesP2FmD1s4eFW6wwOh4 +BtA== X-Forwarded-Encrypted: i=2; AJvYcCWhTnWug/XqQ9FmPXXtZbHLLt5zHbHQEsPzpKRbme8Kq3zJqkeN81AQWChHjo1toM5cCq2bR6WmwX4i8xWj44b3EsyInN2Jqc71g/dDLu9qBkMXISGgUUud2E4BrA== X-Gm-Message-State: AOJu0YwwmiQj4j13O/RN7Eb1p2xXYAdBYSrm3UzMULwPLcRfqmK2t8bR N0WB6bst6DqNnVSoZmQj6YJAzImcRIKjTld/FDxllw1TlnK3e9+oz5KQBTkiRiRiiQ== X-Google-Smtp-Source: AGHT+IHezQLEqwn0ubpSo56IG9jl/ts4LSBUePyIxLTbpquvtu630n5KvWwbe7dbNpLvNz8pbu90Ng== X-Received: by 2002:a05:6402:13d2:b0:57c:bec1:ff4b with SMTP id 4fb4d7f45d1cf-58ce525f4e4mr1788271a12.10.1720016605695; Wed, 03 Jul 2024 07:23:25 -0700 (PDT) X-BeenThere: linux-amarula@amarulasolutions.com Received: by 2002:a05:6402:10c6:b0:57d:1766:62e9 with SMTP id 4fb4d7f45d1cf-58628ffd4eals3930849a12.2.-pod-prod-00-eu; Wed, 03 Jul 2024 07:23:24 -0700 (PDT) X-Received: by 2002:a05:6402:5110:b0:57d:d59:461b with SMTP id 4fb4d7f45d1cf-58ce64d3475mr1925196a12.13.1720016604233; Wed, 03 Jul 2024 07:23:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720016604; cv=none; d=google.com; s=arc-20160816; b=K3wXDOZiJ4Jo6UlzOjbJ6kNhfkK7l398IWbofgIZEXlgbdnZNMYxgBDP6+uslTKkuO vcegoGEStvQgQtfCnsM1IsyzF5c0HDImsl/XLQy7d5jjgVdLB6bPE3T26EU+mvb9P+FX GhaD0WkUVJBjjoSxm6yGeLa+BFjG8Pn0E8JO7WuIlPUOgqwRev+Jov7ZJv1PXb78OpfG HghXz6Iv+Pb37fsYwGBHIpA9Ir59qVDE0QAMMkiyPQuUhyNT1juRNiSqYwBgGKKd0xEZ NIePWDlapWchxI1WQxCbJNidw/9+ZIEz1JerPT2E7zYADWQlCaysGT6TfmHn5OoiCpQh 14zA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:dkim-signature; bh=VGoyz0uOf8ibJFrgvXkFKYJcVvPHQ8ivSlnoi0QSrn8=; fh=4aH47D1o6z03SLGX3S5iBqzHxVYI/WCfhxxmm+dgjk8=; b=QkJHcY0PbqZ+LZK9z8iLMJOBT9EJrVV49XLmE/AHjM5RXUDCs3iEbIo4fjo77NcbZQ IZDHr3RPBTAn7vsYz50dJ2UZEtzTxQxS7fnLO7XS+0jP6BXh1STR5Dt9sKqUZr8lMFdC KPAMktEC673r2J90FsXd6Rv84HPaRKD0ReDIYP2NgpUqAofqIdQ9ffgIXyZMLgRzV/SN bXxYu+tn05o+gTuVqO11FReLh5latokU3B1FlICvmXprtBFvs+VbpuuszUb/q5UALxhk gUA7ERBQY9RAmdrywVCpZNYVw+h6556vgHuOYqxi76SEn450Qm5sZ5w1mlIGoMxgE8kO FZHw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amarulasolutions.com header.s=google header.b=VXHR8Yqp; spf=pass (google.com: domain of dario.binacchi@amarulasolutions.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=dario.binacchi@amarulasolutions.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=amarulasolutions.com Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41]) by mx.google.com with SMTPS id 4fb4d7f45d1cf-584d8c14c13sor5939715a12.1.2024.07.03.07.23.24 for (Google Transport Security); Wed, 03 Jul 2024 07:23:24 -0700 (PDT) Received-SPF: pass (google.com: domain of dario.binacchi@amarulasolutions.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41; X-Received: by 2002:a05:6402:1906:b0:58c:77b4:404b with SMTP id 4fb4d7f45d1cf-58ce573b23dmr1363550a12.15.1720016603737; Wed, 03 Jul 2024 07:23:23 -0700 (PDT) Received: from localhost.localdomain ([2001:b07:6474:ebbf:1a37:2bf3:7cf8:1941]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5861381868csm7021866a12.55.2024.07.03.07.23.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Jul 2024 07:23:20 -0700 (PDT) From: Dario Binacchi To: buildroot@buildroot.org Cc: linux-amarula@amarulasolutions.com, Dario Binacchi Subject: [PATCH 1/1] package/libssh2: update the patches to be applied with fuzz 0 Date: Wed, 3 Jul 2024 16:23:08 +0200 Message-ID: <20240703142308.2752594-1-dario.binacchi@amarulasolutions.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-Original-Sender: dario.binacchi@amarulasolutions.com X-Original-Authentication-Results: mx.google.com; dkim=pass header.i=@amarulasolutions.com header.s=google header.b=VXHR8Yqp; spf=pass (google.com: domain of dario.binacchi@amarulasolutions.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=dario.binacchi@amarulasolutions.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=amarulasolutions.com Content-Type: text/plain; charset="UTF-8" Precedence: list Mailing-list: list linux-amarula@amarulasolutions.com; contact linux-amarula+owners@amarulasolutions.com List-ID: X-Spam-Checked-In-Group: linux-amarula@amarulasolutions.com X-Google-Group-Id: 476853432473 List-Post: , List-Help: , List-Archive: List-Unsubscribe: , Commit 8f88a644ed7d6 ("support/scripts/apply-patches.sh: set the maximum fuzz factor to 0") reduced the fuzz factor. Due to this change, libssh2 fails to build with output: Applying 0002-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch using patch: patching file src/kex.c Hunk #1 succeeded at 3037 (offset 5 lines). Hunk #2 succeeded at 3062 (offset 5 lines). Hunk #3 succeeded at 3315 (offset 5 lines). Hunk #4 succeeded at 3406 (offset 5 lines). Hunk #5 succeeded at 3440 (offset 5 lines). Hunk #6 succeeded at 3476 (offset 5 lines). Hunk #7 succeeded at 3489 (offset 5 lines). Hunk #8 succeeded at 3523 (offset 5 lines). Hunk #9 succeeded at 3569 (offset 5 lines). Hunk #10 succeeded at 3591 (offset 5 lines). Hunk #11 succeeded at 3633 (offset 5 lines). Hunk #12 succeeded at 3654 (offset 5 lines). Hunk #13 succeeded at 3687 (offset 5 lines). Hunk #14 succeeded at 3709 (offset 5 lines). Hunk #15 succeeded at 3892 (offset 5 lines). Hunk #16 succeeded at 3918 (offset 5 lines). Hunk #17 succeeded at 3967 (offset 5 lines). patching file src/libssh2_priv.h Hunk #1 succeeded at 699 (offset -37 lines). Hunk #2 succeeded at 873 (offset -38 lines). Hunk #3 succeeded at 914 (offset -38 lines). Hunk #4 succeeded at 1149 (offset -38 lines). patching file src/packet.c Hunk #1 succeeded at 605 (offset -19 lines). Hunk #2 succeeded at 656 (offset -19 lines). Hunk #3 succeeded at 1404 (offset -23 lines). Hunk #4 succeeded at 1474 (offset -23 lines). patching file src/packet.h Hunk #1 FAILED at 72. 1 out of 1 hunk FAILED -- saving rejects to file src/packet.h.rej This commit refreshes the package patches on the current package version. Signed-off-by: Dario Binacchi --- ...d-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/package/libssh2/0002-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch b/package/libssh2/0002-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch index 2ccedee19e93..2abed8432054 100644 --- a/package/libssh2/0002-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch +++ b/package/libssh2/0002-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch @@ -15,6 +15,8 @@ Closes #1291 Upstream: https://github.com/libssh2/libssh2/commit/d34d9258b8420b19ec3f97b4cc5bf7aa7d98e35a Signed-off-by: Fabrice Fontaine +[Dario: make the patch to be applied with fuzz factor 0] +Signed-off-by: Dario Binacchi --- src/kex.c | 63 +++++++++++++++++++++++------------ src/libssh2_priv.h | 18 +++++++--- @@ -387,14 +389,14 @@ diff --git a/src/packet.h b/src/packet.h index 1d90b8af12..955351e5f6 100644 --- a/src/packet.h +++ b/src/packet.h -@@ -72,6 +72,6 @@ int _libssh2_packet_burn(LIBSSH2_SESSION * session, +@@ -71,6 +71,6 @@ int _libssh2_packet_burn(LIBSSH2_SESSION * session, int _libssh2_packet_write(LIBSSH2_SESSION * session, unsigned char *data, unsigned long data_len); int _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, - size_t datalen, int macstate); + size_t datalen, int macstate, uint32_t seq); - #endif /* LIBSSH2_PACKET_H */ + #endif /* __LIBSSH2_PACKET_H */ diff --git a/src/session.c b/src/session.c index 35e7929fe7..9d89ade8ec 100644 --- a/src/session.c