Control: tag -1 upstream fixed-upstream patch Control: forwarded -1 https://github.com/cockpit-project/cockpit/pull/19790
Hello Salvatore and Santiago,
Salvatore Bonaccorso [2024-04-15 19:28 +0200]:
> The update for cockpit in DSA 5655-1 had problems with the
> test-sshbridge test, causing FTBFS:
>
> >From the tail of the test failure:
>
> # cockpit-protocol-DEBUG: test-ssh: output queue empty
>
> (cockpit-ssh:3731): cockpit-ssh-WARNING **: 20:51:17.702:
> (src/ssh/cockpitsshrelay.c:1423):cockpit_ssh_connect: runtime check failed:
> (ssh_options_set (data->session, SSH_OPTIONS_HOST, host) == 0)
>
> (cockpit-ssh:3731): cockpit-ssh-WARNING **: 20:51:17.702:
> (src/ssh/cockpitsshrelay.c:1424):cockpit_ssh_connect: runtime check failed:
> (ssh_options_parse_config (data->session, NULL) == 0)
> # cockpit-protocol-DEBUG: test-ssh: reading input 1
> # cockpit-protocol-DEBUG: test-ssh: received a 82 byte payload
> # cockpit-protocol-DEBUG: test-ssh: want more data
> **
> cockpit-ssh:ERROR:src/ssh/test-sshbridge.c:560:wait_until_transport_init:
> assertion failed (json_object_get_string_member (init, "command") == "init"):
> ("authorize" == "init")
> Bail out!
> cockpit-ssh:ERROR:src/ssh/test-sshbridge.c:560:wait_until_transport_init:
> assertion failed (json_object_get_string_member (init, "command") == "init"):
> ("authorize" == "init")
> cockpit-ssh-Message: 20:51:17.704: cockpit-ssh some_host: -1 couldn't
> connect: Hostname required 'some_host' '22'
> cockpit-ssh-Message: 20:51:17.704: couldn't write control message: Broken pipe
> cockpit-ssh-Message: 20:51:17.704: couldn't write authorize message:
> Inappropriate ioctl for device
> FAIL test-sshbridge (exit status: 134)
Argh, I can reproduce. The test passes with the previous
http://snapshot.debian.org/package/libssh/0.10.5-3/ but fails with current
0.10.6-0+deb12u1.
The reason is annoyingly mundane, and already got fixed upstream half a year
ago:
https://github.com/cockpit-project/cockpit/commit/518d36c3492020525
I prepared a package update with that fix cherry-picked. See attached debdiff.
It builds fine in a clean bookworm container now.
But I don't know how exactly to target and upload this: to bookworm-security or
-updates? It's a follow-up for a previous security update to make that actually
work, but not a security update in itself.
Santiago Vila [2024-04-15 20:28 +0200]:
> For completeness: this was already happening in bullseye and bookworm
> before the DSA. (Reminder for myself: report all the bugs I found
> last week while rebuilding bullseye and bookworm).
Right, that makes sense. There are no C code changes between 287 and 287.1.
Thanks, and sorry for the trouble,
Martin
diff -Nru cockpit-287.1/debian/changelog cockpit-287.1/debian/changelog --- cockpit-287.1/debian/changelog 2024-04-02 11:11:19.000000000 +0200 +++ cockpit-287.1/debian/changelog 2024-04-16 09:20:17.000000000 +0200 @@ -1,3 +1,11 @@ +cockpit (287.1-0+deb12u2) bookworm-security; urgency=medium + + * Add 0001-ssh-Use-valid-host-name-in-test-sshbridge.patch: + Use valid host name in test-sshbridge. Fixes FTBFS due to unit test + failure when building against libssh 0.10.6. (Closes: #1069059) + + -- Martin Pitt <mp...@debian.org> Tue, 16 Apr 2024 09:20:17 +0200 + cockpit (287.1-0+deb12u1) bookworm-security; urgency=medium * New upstream security update: diff -Nru cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch --- cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch 1970-01-01 01:00:00.000000000 +0100 +++ cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch 2024-04-16 09:19:18.000000000 +0200 @@ -0,0 +1,36 @@ +From 518d36c349202052578a459872c3657760226648 Mon Sep 17 00:00:00 2001 +From: Martin Pitt <mp...@redhat.com> +Date: Fri, 29 Dec 2023 07:12:11 +0100 +Subject: [PATCH] ssh: Use valid host name in test-sshbridge + +libssh 0.10.6 made host name parsing stricter. `some_host` is not a +valid general host name, and is rejected with the latest version. +--- + src/ssh/test-sshbridge.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/ssh/test-sshbridge.c b/src/ssh/test-sshbridge.c +index e0ff9a7a9..9c561e29a 100644 +--- a/src/ssh/test-sshbridge.c ++++ b/src/ssh/test-sshbridge.c +@@ -323,7 +323,7 @@ setup (TestCase *tc, + if (!fixture->knownhosts_home) + g_assert_cmpint (mkdir (tc->home_ssh_dir, 0700), ==, 0); + +- g_string_append (content, "Host some_host\n"); ++ g_string_append (content, "Host somehost\n"); + g_string_append_printf (content, "\tHostname %s\n", hostname); + + if (fixture->ssh_config_port == PORT_VALID) +@@ -346,7 +346,7 @@ setup (TestCase *tc, + if (fixture->ssh_config_user == USER_INVALID_HOST_PRIORITY) + g_string_append_printf (new_host, "%s@", g_get_user_name ()); + /* Host in the ssh config file */ +- g_string_append (new_host, "some_host"); ++ g_string_append (new_host, "somehost"); + /* The port in host should take priority over the port in ssh config */ + if (fixture->ssh_config_port == PORT_INVALID_HOST_PRIORITY) + g_string_append_printf (new_host, ":%hu", tc->ssh_port); +-- +2.44.0 + diff -Nru cockpit-287.1/debian/patches/series cockpit-287.1/debian/patches/series --- cockpit-287.1/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ cockpit-287.1/debian/patches/series 2024-04-16 09:20:00.000000000 +0200 @@ -0,0 +1 @@ +0001-ssh-Use-valid-host-name-in-test-sshbridge.patch
signature.asc
Description: PGP signature
_______________________________________________ Pkg-utopia-maintainers mailing list Pkg-utopia-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
