[Pkg-utopia-maintainers] Bug#1069059: cockpit update from DSA-5655-1 without binary builds (build failures)
Martin Pitt
mpitt at debian.org
Tue Apr 16 08:26:02 BST 2024
Control: tag -1 upstream fixed-upstream patch
Control: forwarded -1 https://github.com/cockpit-project/cockpit/pull/19790
Hello Salvatore and Santiago,
Salvatore Bonaccorso [2024-04-15 19:28 +0200]:
> The update for cockpit in DSA 5655-1 had problems with the
> test-sshbridge test, causing FTBFS:
>
> >From the tail of the test failure:
>
> # cockpit-protocol-DEBUG: test-ssh: output queue empty
>
> (cockpit-ssh:3731): cockpit-ssh-WARNING **: 20:51:17.702: (src/ssh/cockpitsshrelay.c:1423):cockpit_ssh_connect: runtime check failed: (ssh_options_set (data->session, SSH_OPTIONS_HOST, host) == 0)
>
> (cockpit-ssh:3731): cockpit-ssh-WARNING **: 20:51:17.702: (src/ssh/cockpitsshrelay.c:1424):cockpit_ssh_connect: runtime check failed: (ssh_options_parse_config (data->session, NULL) == 0)
> # cockpit-protocol-DEBUG: test-ssh: reading input 1
> # cockpit-protocol-DEBUG: test-ssh: received a 82 byte payload
> # cockpit-protocol-DEBUG: test-ssh: want more data
> **
> cockpit-ssh:ERROR:src/ssh/test-sshbridge.c:560:wait_until_transport_init: assertion failed (json_object_get_string_member (init, "command") == "init"): ("authorize" == "init")
> Bail out! cockpit-ssh:ERROR:src/ssh/test-sshbridge.c:560:wait_until_transport_init: assertion failed (json_object_get_string_member (init, "command") == "init"): ("authorize" == "init")
> cockpit-ssh-Message: 20:51:17.704: cockpit-ssh some_host: -1 couldn't connect: Hostname required 'some_host' '22'
> cockpit-ssh-Message: 20:51:17.704: couldn't write control message: Broken pipe
> cockpit-ssh-Message: 20:51:17.704: couldn't write authorize message: Inappropriate ioctl for device
> FAIL test-sshbridge (exit status: 134)
Argh, I can reproduce. The test passes with the previous
http://snapshot.debian.org/package/libssh/0.10.5-3/ but fails with current 0.10.6-0+deb12u1.
The reason is annoyingly mundane, and already got fixed upstream half a year ago:
https://github.com/cockpit-project/cockpit/commit/518d36c3492020525
I prepared a package update with that fix cherry-picked. See attached debdiff.
It builds fine in a clean bookworm container now.
But I don't know how exactly to target and upload this: to bookworm-security or
-updates? It's a follow-up for a previous security update to make that actually
work, but not a security update in itself.
Santiago Vila [2024-04-15 20:28 +0200]:
> For completeness: this was already happening in bullseye and bookworm
> before the DSA. (Reminder for myself: report all the bugs I found
> last week while rebuilding bullseye and bookworm).
Right, that makes sense. There are no C code changes between 287 and 287.1.
Thanks, and sorry for the trouble,
Martin
-------------- next part --------------
diff -Nru cockpit-287.1/debian/changelog cockpit-287.1/debian/changelog
--- cockpit-287.1/debian/changelog 2024-04-02 11:11:19.000000000 +0200
+++ cockpit-287.1/debian/changelog 2024-04-16 09:20:17.000000000 +0200
@@ -1,3 +1,11 @@
+cockpit (287.1-0+deb12u2) bookworm-security; urgency=medium
+
+ * Add 0001-ssh-Use-valid-host-name-in-test-sshbridge.patch:
+ Use valid host name in test-sshbridge. Fixes FTBFS due to unit test
+ failure when building against libssh 0.10.6. (Closes: #1069059)
+
+ -- Martin Pitt <mpitt at debian.org> Tue, 16 Apr 2024 09:20:17 +0200
+
cockpit (287.1-0+deb12u1) bookworm-security; urgency=medium
* New upstream security update:
diff -Nru cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch
--- cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch 1970-01-01 01:00:00.000000000 +0100
+++ cockpit-287.1/debian/patches/0001-ssh-Use-valid-host-name-in-test-sshbridge.patch 2024-04-16 09:19:18.000000000 +0200
@@ -0,0 +1,36 @@
+From 518d36c349202052578a459872c3657760226648 Mon Sep 17 00:00:00 2001
+From: Martin Pitt <mpitt at redhat.com>
+Date: Fri, 29 Dec 2023 07:12:11 +0100
+Subject: [PATCH] ssh: Use valid host name in test-sshbridge
+
+libssh 0.10.6 made host name parsing stricter. `some_host` is not a
+valid general host name, and is rejected with the latest version.
+---
+ src/ssh/test-sshbridge.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/ssh/test-sshbridge.c b/src/ssh/test-sshbridge.c
+index e0ff9a7a9..9c561e29a 100644
+--- a/src/ssh/test-sshbridge.c
++++ b/src/ssh/test-sshbridge.c
+@@ -323,7 +323,7 @@ setup (TestCase *tc,
+ if (!fixture->knownhosts_home)
+ g_assert_cmpint (mkdir (tc->home_ssh_dir, 0700), ==, 0);
+
+- g_string_append (content, "Host some_host\n");
++ g_string_append (content, "Host somehost\n");
+ g_string_append_printf (content, "\tHostname %s\n", hostname);
+
+ if (fixture->ssh_config_port == PORT_VALID)
+@@ -346,7 +346,7 @@ setup (TestCase *tc,
+ if (fixture->ssh_config_user == USER_INVALID_HOST_PRIORITY)
+ g_string_append_printf (new_host, "%s@", g_get_user_name ());
+ /* Host in the ssh config file */
+- g_string_append (new_host, "some_host");
++ g_string_append (new_host, "somehost");
+ /* The port in host should take priority over the port in ssh config */
+ if (fixture->ssh_config_port == PORT_INVALID_HOST_PRIORITY)
+ g_string_append_printf (new_host, ":%hu", tc->ssh_port);
+--
+2.44.0
+
diff -Nru cockpit-287.1/debian/patches/series cockpit-287.1/debian/patches/series
--- cockpit-287.1/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ cockpit-287.1/debian/patches/series 2024-04-16 09:20:00.000000000 +0200
@@ -0,0 +1 @@
+0001-ssh-Use-valid-host-name-in-test-sshbridge.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20240416/6573dd4b/attachment.sig>
More information about the Pkg-utopia-maintainers
mailing list