FreeBSD Bugzilla – Attachment 207053 Details for
Bug 240242
devel/bzr: Update to 2.7.0.6622
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Update to bzr r6622
bzr.patch (text/plain), 7.90 KB, created by
fullermd
on 2019-08-31 23:06:59 UTC
(
hide
)
Description:
Update to bzr r6622
Filename:
MIME Type:
Creator:
fullermd
Created:
2019-08-31 23:06:59 UTC
Size:
7.90 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 500187) >+++ Makefile (working copy) >@@ -2,10 +2,11 @@ > # $FreeBSD$ > > PORTNAME= bzr >-PORTVERSION= 2.7.0 >-PORTREVISION= 2 >+PORTVERSION= 2.7.0.${BZR_REV} > CATEGORIES= devel >-MASTER_SITES= CHEESESHOP >+MASTER_SITES= https://bazaar.launchpad.net/~bzr-pqm/bzr/2.7/tarball/ >+DISTFILES= ${BZR_REV} >+DIST_SUBDIR= ${PORTNAME} > > MAINTAINER= fullermd@over-yonder.net > COMMENT= Distributed version control system by Canonical >@@ -29,6 +30,9 @@ > PYDISTUTILS_PKGNAME= bzr > MAKE_ENV= BZR_LOG=/dev/null > >+BZR_REV= 6622 >+WRKSRC= ${WRKDIR}/~bzr-pqm/bzr/2.7 >+ > post-install: > ${INSTALL_MAN} ${WRKSRC}/bzr.1 ${STAGEDIR}${MAN1PREFIX}/man/man1 > ${STRIP_CMD} ${STAGEDIR}${PYTHONPREFIX_SITELIBDIR}/bzrlib/*.so >Index: distinfo >=================================================================== >--- distinfo (revision 500187) >+++ distinfo (working copy) >@@ -1,2 +1,3 @@ >-SHA256 (bzr-2.7.0.tar.gz) = c9f6bbe0a50201dadc5fddadd94ba50174193c6cf6e39e16f6dd0ad98a1df338 >-SIZE (bzr-2.7.0.tar.gz) = 11526191 >+TIMESTAMP = 1567291226 >+SHA256 (bzr/6622) = b5ae411ef4672422b9f69118cc5d3f8a3217d3ab05bf25d18ad69b60b1a07666 >+SIZE (bzr/6622) = 10945747 >Index: files/patch-ssh_hostname >=================================================================== >--- files/patch-ssh_hostname (nonexistent) >+++ files/patch-ssh_hostname (working copy) >@@ -0,0 +1,167 @@ >+Source: https://launchpadlibrarian.net/370632961/24_ssh_hostnames-lp1710979 >+Description: Refuse to connect to ssh hostnames starting with a dash. Fixes LP:1710979 >+Author: Jelmer Vernooij <jelmer@jelmer.uk> >+Origin: commit, Revision ID: jelmer@jelmer.uk-20170819145828-qk2p7qlg5j2fbsiz >+ >+* Security fix: hostnames starting with a dash in bzr+ssh URLs >+ are now filtered out when using a subprocess SSH client. >+ . >+ Thanks to Augie Fackler for reporting. >+ (Jelmer Vernooij, #1710979) >+ >+ >+=== modified file 'bzrlib/tests/test_ssh_transport.py' >+--- >+ bzrlib/tests/test_ssh_transport.py | 38 ++++++++++++++++++++++++++++++++++++- >+ bzrlib/transport/ssh.py | 16 +++++++++++++-- >+ 2 files changed, 51 insertions(+), 3 deletions(-) >+ >+Index: bzrlib/tests/test_ssh_transport.py >+=================================================================== >+--- bzrlib/tests/test_ssh_transport.py >++++ bzrlib/tests/test_ssh_transport.py >+@@ -22,6 +22,7 @@ from bzrlib.transport.ssh import ( >+ SSHCorpSubprocessVendor, >+ LSHSubprocessVendor, >+ SSHVendorManager, >++ StrangeHostname, >+ ) >+ >+ >+@@ -161,6 +162,19 @@ class SSHVendorManagerTests(TestCase): >+ >+ class SubprocessVendorsTests(TestCase): >+ >++ def test_openssh_command_tricked(self): >++ vendor = OpenSSHSubprocessVendor() >++ self.assertEqual( >++ vendor._get_vendor_specific_argv( >++ "user", "-oProxyCommand=blah", 100, command=["bzr"]), >++ ["ssh", "-oForwardX11=no", "-oForwardAgent=no", >++ "-oClearAllForwardings=yes", >++ "-oNoHostAuthenticationForLocalhost=yes", >++ "-p", "100", >++ "-l", "user", >++ "--", >++ "-oProxyCommand=blah", "bzr"]) >++ >+ def test_openssh_command_arguments(self): >+ vendor = OpenSSHSubprocessVendor() >+ self.assertEqual( >+@@ -171,6 +185,7 @@ class SubprocessVendorsTests(TestCase): >+ "-oNoHostAuthenticationForLocalhost=yes", >+ "-p", "100", >+ "-l", "user", >++ "--", >+ "host", "bzr"] >+ ) >+ >+@@ -184,9 +199,16 @@ class SubprocessVendorsTests(TestCase): >+ "-oNoHostAuthenticationForLocalhost=yes", >+ "-p", "100", >+ "-l", "user", >+- "-s", "host", "sftp"] >++ "-s", "--", "host", "sftp"] >+ ) >+ >++ def test_openssh_command_tricked(self): >++ vendor = SSHCorpSubprocessVendor() >++ self.assertRaises( >++ StrangeHostname, >++ vendor._get_vendor_specific_argv, >++ "user", "-oProxyCommand=host", 100, command=["bzr"]) >++ >+ def test_sshcorp_command_arguments(self): >+ vendor = SSHCorpSubprocessVendor() >+ self.assertEqual( >+@@ -209,6 +231,13 @@ class SubprocessVendorsTests(TestCase): >+ "-s", "sftp", "host"] >+ ) >+ >++ def test_lsh_command_tricked(self): >++ vendor = LSHSubprocessVendor() >++ self.assertRaises( >++ StrangeHostname, >++ vendor._get_vendor_specific_argv, >++ "user", "-oProxyCommand=host", 100, command=["bzr"]) >++ >+ def test_lsh_command_arguments(self): >+ vendor = LSHSubprocessVendor() >+ self.assertEqual( >+@@ -231,6 +260,13 @@ class SubprocessVendorsTests(TestCase): >+ "--subsystem", "sftp", "host"] >+ ) >+ >++ def test_plink_command_tricked(self): >++ vendor = PLinkSubprocessVendor() >++ self.assertRaises( >++ StrangeHostname, >++ vendor._get_vendor_specific_argv, >++ "user", "-oProxyCommand=host", 100, command=["bzr"]) >++ >+ def test_plink_command_arguments(self): >+ vendor = PLinkSubprocessVendor() >+ self.assertEqual( >+Index: bzrlib/transport/ssh.py >+=================================================================== >+--- bzrlib/transport/ssh.py >++++ bzrlib/transport/ssh.py >+@@ -46,6 +46,10 @@ else: >+ from paramiko.sftp_client import SFTPClient >+ >+ >++class StrangeHostname(errors.BzrError): >++ _fmt = "Refusing to connect to strange SSH hostname %(hostname)s" >++ >++ >+ SYSTEM_HOSTKEYS = {} >+ BZR_HOSTKEYS = {} >+ >+@@ -360,6 +364,11 @@ class SubprocessVendor(SSHVendor): >+ # tests, but beware of using PIPE which may hang due to not being read. >+ _stderr_target = None >+ >++ @staticmethod >++ def _check_hostname(arg): >++ if arg.startswith('-'): >++ raise StrangeHostname(hostname=arg) >++ >+ def _connect(self, argv): >+ # Attempt to make a socketpair to use as stdin/stdout for the SSH >+ # subprocess. We prefer sockets to pipes because they support >+@@ -424,9 +433,9 @@ class OpenSSHSubprocessVendor(Subprocess >+ if username is not None: >+ args.extend(['-l', username]) >+ if subsystem is not None: >+- args.extend(['-s', host, subsystem]) >++ args.extend(['-s', '--', host, subsystem]) >+ else: >+- args.extend([host] + command) >++ args.extend(['--', host] + command) >+ return args >+ >+ register_ssh_vendor('openssh', OpenSSHSubprocessVendor()) >+@@ -439,6 +448,7 @@ class SSHCorpSubprocessVendor(Subprocess >+ >+ def _get_vendor_specific_argv(self, username, host, port, subsystem=None, >+ command=None): >++ self._check_hostname(host) >+ args = [self.executable_path, '-x'] >+ if port is not None: >+ args.extend(['-p', str(port)]) >+@@ -460,6 +470,7 @@ class LSHSubprocessVendor(SubprocessVend >+ >+ def _get_vendor_specific_argv(self, username, host, port, subsystem=None, >+ command=None): >++ self._check_hostname(host) >+ args = [self.executable_path] >+ if port is not None: >+ args.extend(['-p', str(port)]) >+@@ -481,6 +492,7 @@ class PLinkSubprocessVendor(SubprocessVe >+ >+ def _get_vendor_specific_argv(self, username, host, port, subsystem=None, >+ command=None): >++ self._check_hostname(host) >+ args = [self.executable_path, '-x', '-a', '-ssh', '-2', '-batch'] >+ if port is not None: >+ args.extend(['-P', str(port)]) > >Property changes on: files/patch-ssh_hostname >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=207053">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
fullermd:
maintainer-approval+
Actions:
View
|
Diff
Attachments on
bug 240242
:
207053
|
207199