From 8db8f2ceebce022f8a2d5c0b82f80bd538054756 Mon Sep 17 00:00:00 2001
From: zyppe <210hcl@gmail.com>
Date: Thu, 29 Feb 2024 15:48:09 +0800
Subject: [PATCH] Initialize for libssh

---
 .gitignore                                    |   1 +
 .libssh.metadata                              |   1 +
 ...le-timeout-test-on-slow-buildsystems.patch |  53 ++
 baselibs.conf                                 |   1 +
 libssh-0.9.8.tar.xz.asc                       |  16 +
 libssh.changes                                | 644 ++++++++++++++++++
 libssh.keyring                                | Bin 0 -> 3432 bytes
 libssh.spec                                   | 140 ++++
 libssh_client.config                          |   2 +
 libssh_server.config                          |   2 +
 10 files changed, 860 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 .libssh.metadata
 create mode 100644 0001-disable-timeout-test-on-slow-buildsystems.patch
 create mode 100644 baselibs.conf
 create mode 100644 libssh-0.9.8.tar.xz.asc
 create mode 100644 libssh.changes
 create mode 100644 libssh.keyring
 create mode 100644 libssh.spec
 create mode 100644 libssh_client.config
 create mode 100644 libssh_server.config

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..6adcdca
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+libssh-0.9.8.tar.xz
diff --git a/.libssh.metadata b/.libssh.metadata
new file mode 100644
index 0000000..bf43997
--- /dev/null
+++ b/.libssh.metadata
@@ -0,0 +1 @@
+c721047cbc9b5e47a580abca084d843d40f643041301326f3476f75ffb66efdb libssh-0.9.8.tar.xz
diff --git a/0001-disable-timeout-test-on-slow-buildsystems.patch b/0001-disable-timeout-test-on-slow-buildsystems.patch
new file mode 100644
index 0000000..af48349
--- /dev/null
+++ b/0001-disable-timeout-test-on-slow-buildsystems.patch
@@ -0,0 +1,53 @@
+Index: libssh-0.9.6/tests/unittests/torture_misc.c
+===================================================================
+--- libssh-0.9.6.orig/tests/unittests/torture_misc.c	2021-08-26 15:14:47.337264821 +0200
++++ libssh-0.9.6/tests/unittests/torture_misc.c	2021-08-26 15:15:24.513466534 +0200
+@@ -211,11 +211,13 @@ static void torture_timeout_elapsed(void
+     ssh_timestamp_init(&ts);
+     usleep(30000);
+ 
++#ifndef SLOW_TEST_SYSTEM
+     assert_true(ssh_timeout_elapsed(&ts,25));
+     assert_false(ssh_timeout_elapsed(&ts,30000));
+     assert_false(ssh_timeout_elapsed(&ts,75));
+     assert_true(ssh_timeout_elapsed(&ts,0));
+     assert_false(ssh_timeout_elapsed(&ts,-1));
++#endif /* SLOW_TEST_SYSTEM */
+ }
+ 
+ static void torture_timeout_update(void **state){
+@@ -223,11 +225,13 @@ static void torture_timeout_update(void
+     (void) state;
+     ssh_timestamp_init(&ts);
+     usleep(50000);
++#ifndef SLOW_TEST_SYSTEM
+     assert_int_equal(ssh_timeout_update(&ts,25), 0);
+     assert_in_range(ssh_timeout_update(&ts,30000),29000,29960);
+     assert_in_range(ssh_timeout_update(&ts,75),1,40);
+     assert_int_equal(ssh_timeout_update(&ts,0),0);
+     assert_int_equal(ssh_timeout_update(&ts,-1),-1);
++#endif /* SLOW_TEST_SYSTEM */
+ }
+ 
+ static void torture_ssh_analyze_banner(void **state) {
+Index: libssh-0.9.6/DefineOptions.cmake
+===================================================================
+--- libssh-0.9.6.orig/DefineOptions.cmake	2021-08-26 15:14:47.337264821 +0200
++++ libssh-0.9.6/DefineOptions.cmake	2021-08-26 15:14:50.093279775 +0200
+@@ -22,6 +22,7 @@ option(WITH_ABI_BREAK "Allow ABI break"
+ option(WITH_GEX "Enable DH Group exchange mechanisms" ON)
+ option(FUZZ_TESTING "Build with fuzzer for the server" OFF)
+ option(PICKY_DEVELOPER "Build with picky developer flags" OFF)
++option(SLOW_TEST_SYSTEM "Disable tests that fail on slow systems" OFF)
+ 
+ if (WITH_ZLIB)
+     set(WITH_LIBZ ON)
+@@ -53,3 +54,8 @@ endif (NOT GLOBAL_BIND_CONFIG)
+ if (NOT GLOBAL_CLIENT_CONFIG)
+   set(GLOBAL_CLIENT_CONFIG "/etc/ssh/ssh_config")
+ endif (NOT GLOBAL_CLIENT_CONFIG)
++
++if (SLOW_TEST_SYSTEM)
++  set (SLOW_TEST_SYSTEM ON)
++  add_definitions(-DSLOW_TEST_SYSTEM)
++endif (SLOW_TEST_SYSTEM)
diff --git a/baselibs.conf b/baselibs.conf
new file mode 100644
index 0000000..564c042
--- /dev/null
+++ b/baselibs.conf
@@ -0,0 +1 @@
+libssh4
diff --git a/libssh-0.9.8.tar.xz.asc b/libssh-0.9.8.tar.xz.asc
new file mode 100644
index 0000000..926d330
--- /dev/null
+++ b/libssh-0.9.8.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEjf9T4Y8qvI2PPJIjfuD8TcwBTj0FAmWAe10ACgkQfuD8TcwB
+Tj2wZhAAptsl1Cz7L6KYl8EWFLCtAdG4whjzOJD/bIFW0ri4uEwdnUH+T+7LRsMH
+rmgFxpNbqVLSKEI9FISaOwiG63DpFjr9haQR5BsXli2TO2Fil2m39gIkMvtHk3ig
+phsWU1UDUe3mm5ustCwqJAp3hb4GiOsHavWDBb4RXUkMPC8UFqw+eFWm52/u5wY6
+ttZdVjh/x9PTuKz7SsE6K1H3QFEBc66Oj3GOOzYTJh0cxrzFA1RSH+4olPp4H50S
+vry8XYo7SiiZYmreygy0gmEO07FF5/3Dkzmz2r9oFALBsYmVtOzo3DTL7UB64o4T
+DT48hlebAIO0w3UW11yssVi9I4TJ0nUGLHk1YZvskMnuPqc4yi+lcGZmoQIRLI6D
+NT+hCz0nEsAStnIWxXx6XV3wnjthpAgP+/PyF/gGw5JNsjuJ4sij9Mq3UIjtoHHP
+hfb2GF41ubHfVvbTtriJU0YI16DPYFxgm9dWtJnOP1TvE1mGYYSOAH35s29WodeJ
+0z4agDwwdkaWX4yT5exvvcO5+S+MaHa1RnuY0zLfymCs2IM0m4SiSPzy0fVJqTNb
+kOTqBHFbEcC7KkLXZ+jSZf9IDGovxzWDE8qyyRBK8/DP+/0kEJoZQ2ZOEoi+QYXj
+ws73zAE6PSTB1BQkJgDLF41yGtGgx+OjM42Kaa/b+6SiYiMbfFA=
+=A2pI
+-----END PGP SIGNATURE-----
diff --git a/libssh.changes b/libssh.changes
new file mode 100644
index 0000000..08452c5
--- /dev/null
+++ b/libssh.changes
@@ -0,0 +1,644 @@
+* Thu Jan 11 2024 wolfgang.frisch@suse.com
+- Update to version 0.9.8
+  * Fix CVE-2023-6004: Command injection using proxycommand (bsc#1218209)
+  * Fix CVE-2023-48795: Potential downgrade attack using strict kex (bsc#1218126)
+  * Fix CVE-2023-6918: Missing checks for return values of MD functions (bsc#1218186)
+  * Allow @ in usernames when parsing from URI composes
+- Update to version 0.9.7
+  * Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm
+    guessing (bsc#1211188)
+  * Fix CVE-2023-2283: a possible authorization bypass in
+    pki_verify_data_signature under low-memory conditions (bsc#1211190)
+  * Fix several memory leaks in GSSAPI handling code
+* Thu Aug 26 2021 asn@cryptomilk.org
+- Update to version 0.9.6 (bsc#1189608, CVE-2021-3634)
+  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6
+* Mon Sep 21 2020 asn@cryptomilk.org
+- Add missing BR for openssh needed for tests
+* Sun Sep 13 2020 dmueller@suse.com
+- update to 0.9.5 (bsc#1174713, CVE-2020-16135):
+  * CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
+  * Improve handling of library initialization (T222)
+  * Fix parsing of subsecond times in SFTP (T219)
+  * Make the documentation reproducible
+  * Remove deprecated API usage in OpenSSL
+  * Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
+  * Define version in one place (T226)
+  * Prevent invalid free when using different C runtimes than OpenSSL (T229)
+  * Compatibility improvements to testsuite
+* Thu Apr  9 2020 asn@cryptomilk.org
+- Update to version 0.9.4
+  * https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
+  * Fix possible Denial of Service attack when using AES-CTR-ciphers
+    CVE-2020-1730 (bsc#1168699)
+* Tue Feb 18 2020 dimstar@opensuse.org
+- Drop the hack to pull curl-mini: we moved the split a bit higher
+  up and now have a non-curl linked variant of cmake in
+  openSUSE:Factory.
+* Tue Dec 10 2019 asn@cryptomilk.org
+- Update to version 0.9.3
+  * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution (bsc#1158095)
+  * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
+  * SSH-01-006 General: Various unchecked Null-derefs cause DOS
+  * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
+  * SSH-01-010 SSH: Deprecated hash function in fingerprinting
+  * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
+  * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
+  * SSH-01-001 State Machine: Initial machine states should be set explicitly
+  * SSH-01-002 Kex: Differently bound macros used to iterate same array
+  * SSH-01-005 Code-Quality: Integer sign confusion during assignments
+  * SSH-01-008 SCP: Protocol Injection via unescaped File Names
+  * SSH-01-009 SSH: Update documentation which RFCs are implemented
+  * SSH-01-012 PKI: Information leak via uninitialized stack buffer
+* Mon Dec  9 2019 dimstar@opensuse.org
+- Rename suffix define to pkg_suffix: rpm 4.15 has suffix reserved
+  for internal use.
+* Thu Nov  7 2019 asn@cryptomilk.org
+- Update to version 0.9.2
+  * Fixed libssh-config.cmake
+  * Fixed issues with rsa algorithm negotiation (T191)
+  * Fixed detection of OpenSSL ed25519 support (T197)
+* Fri Oct 25 2019 asn@cryptomilk.org
+- Update to version 0.9.1
+  * Added support for Ed25519 via OpenSSL
+  * Added support for X25519 via OpenSSL
+  * Added support for localuser in Match keyword
+  * Fixed Match keyword to be case sensitive
+  * Fixed compilation with LibreSSL
+  * Fixed error report of channel open (T75)
+  * Fixed sftp documentation (T137)
+  * Fixed known_hosts parsing (T156)
+  * Fixed build issue with MinGW (T157)
+  * Fixed build with gcc 9 (T164)
+  * Fixed deprecation issues (T165)
+  * Fixed known_hosts directory creation (T166)
+* Wed Jul 10 2019 tchvatal@suse.com
+- Split out configuration to separate package to not mess up the
+  library packaging and coinstallation
+* Fri Jun 28 2019 asn@cryptomilk.org
+- Update to verion 0.9.0
+  * Added support for AES-GCM
+  * Added improved rekeying support
+  * Added performance improvements
+  * Disabled blowfish support by default
+  * Fixed several ssh config parsing issues
+  * Added support for DH Group Exchange KEX
+  * Added support for Encrypt-then-MAC mode
+  * Added support for parsing server side configuration file
+  * Added support for ECDSA/Ed25519 certificates
+  * Added FIPS 140-2 compatibility
+  * Improved known_hosts parsing
+  * Improved documentation
+  * Improved OpenSSL API usage for KEX, DH, and signatures
+- Removed 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
+- Removed 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
+- Removed 0001-tests-Add-aes-gcm-ciphers-tests.patch
+- Add libssh client and server config files
+* Wed May 29 2019 idonmez@suse.com
+- Fix the typo in Obsoletes for -devel-doc subpackage
+- Actually remove the description for -devel-doc subpackage
+* Thu May 23 2019 jmcdonough@suse.com
+- Add support for new AES-GCM encryption types; (bsc#1134193)
+  * Add 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
+  * Add 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
+  * Add 0001-tests-Add-aes-gcm-ciphers-tests.patch
+* Thu Feb 28 2019 coolo@suse.com
+- Avoid build cycle between curl and libssh by using obs hint to
+  prefer curl-mini
+* Mon Feb 25 2019 asn@cryptomilk.org
+- Update to version 0.8.7
+  * Fixed handling extension flags in the server implementation
+  * Fixed exporting ed25519 private keys
+  * Fixed corner cases for rsa-sha2 signatures
+  * Fixed some issues with connector
+* Mon Feb 11 2019 tchvatal@suse.com
+- Drop doxygen from dependencies to avoid buildcycle
+  * the documentation is available online anyway for anyone to
+    consume and consult http://api.libssh.org
+* Tue Jan  8 2019 pmonrealgonzalez@suse.com
+- Added the tests in a multiple build description file *test* to
+  break the cycle for cmocka, curl, doxygen and libssh.
+* Sun Dec 30 2018 asn@cryptomilk.org
+- Update to version 0.8.6
+  * Fixed compilation issues with different OpenSSL versions
+  * Fixed StrictHostKeyChecking in new knownhosts API
+  * Fixed ssh_send_keepalive() with packet filter
+  * Fixed possible crash with knownhosts options
+  * Fixed issus with rekeying
+  * Fixed strong ECDSA keys
+  * Fixed some issues with rsa-sha2 extentions
+  * Fixed access violation in ssh_init() (static linking)
+  * Fixed ssh_channel_close() handling
+* Mon Oct 29 2018 asn@cryptomilk.org
+- Update to version 0.8.5
+  * Added support to get known_hosts locations with ssh_options_get()
+  * Fixed preferred algorithm for known hosts negotiations
+  * Fixed KEX with some server implementations (e.g. Cisco)
+  * Fixed issues with MSVC
+  * Fixed keyboard-interactive auth in server mode
+    (regression from CVE-2018-10933)
+  * Fixed gssapi auth in server mode (regression from CVE-2018-10933)
+  * Fixed socket fd handling with proxy command
+  * Fixed a memory leak with OpenSSL
+* Tue Oct 16 2018 asn@cryptomilk.org
+- Update to version 0.8.4
+  * Fixed CVE-2018-10933; (bsc#1108020)
+  * Fixed building without globbing support
+  * Fixed possible memory leaks
+  * Avoid SIGPIPE on sockets
+* Fri Sep 21 2018 asn@cryptomilk.org
+- Update to version 0.8.3
+  * Added support for rsa-sha2
+  * Added support to parse private keys in openssh container format
+    (other than ed25519)
+  * Added support for diffie-hellman-group18-sha512 and
+    diffie-hellman-group16-sha512
+  * Added ssh_get_fingerprint_hash()
+  * Added ssh_pki_export_privkey_base64()
+  * Added support for Match keyword in config file
+  * Improved performance and reduced memory footprint for sftp
+  * Fixed ecdsa publickey auth
+  * Fixed reading a closed channel
+  * Added support to announce posix-rename@openssh.com and
+    hardlink@openssh.com in the sftp server
+- Removed patch: 0001-poll-Fix-size-types-in-ssh_event_free.patch
+* Thu Aug 30 2018 asn@cryptomilk.org
+- Update to version 0.8.2
+  * Added sha256 fingerprints for pubkeys
+  * Improved compiler flag detection
+  * Fixed race condition in reading sftp messages
+  * Fixed doxygen generation and added modern style
+  * Fixed library initialization on Windows
+  * Fixed __bounded__ attribute detection
+  * Fixed a bug in the options parser
+  * Fixed documentation for new knwon_hosts API
+- Added patch: 0001-poll-Fix-size-types-in-ssh_event_free.patch
+  * Fix compiler warning on SLE12
+* Mon Aug 27 2018 vcizek@suse.com
+- Add missing zlib-devel dependency which was previously pulled in
+  by libopenssl-devel
+* Tue Aug 14 2018 asn@cryptomilk.org
+- Remove the libssh_threads.so symlink
+* Mon Aug 13 2018 asn@cryptomilk.org
+- Update to version 0.8.1
+  * Fixed version number in the header
+  * Fixed version number in pkg-config and cmake config
+  * Fixed library initialization
+  * Fixed attribute detection
+* Fri Aug 10 2018 asn@cryptomilk.org
+- Update to version 0.8.0
+  * Removed support for deprecated SSHv1 protocol
+  * Added new connector API for clients
+  * Added new known_hosts parsing API
+  * Added support for OpenSSL 1.1
+  * Added support for chacha20-poly1305 cipher
+  * Added crypto backend for mbedtls crypto library
+  * Added ECDSA support with gcrypt backend
+  * Added advanced client and server testing using cwrap.org
+  * Added support for curve25519-sha256 alias
+  * Added support for global known_hosts file
+  * Added support for symbol versioning
+  * Improved ssh_config parsing
+  * Improved threading support
+- Removed 0001-libcrypto-Remove-AES_ctr128_encrypt.patch
+- Removed 0001-libcrypto-Introduce-a-libcrypto-compat-file.patch
+- Removed 0001-libcrypto-Use-newer-API-for-HMAC.patch
+- Removed 0001-libcrypto-Use-a-pointer-for-EVP_MD_CTX.patch
+- Removed 0001-libcrypto-Use-a-pointer-for-EVP_CIPHER_CTX.patch
+- Removed 0001-pki_crypto-Use-getters-and-setters-for-opaque-keys-a.patch
+- Removed 0001-threads-Use-new-API-call-for-OpenSSL-CRYPTO-THREADID.patch
+- Removed 0001-cmake-Use-configure-check-for-CRYPTO_ctr128_encrypt.patch
+- Removed 0001-config-Bugfix-Dont-skip-unseen-opcodes.patch
+* Fri Mar  9 2018 jmcdonough@suse.com
+- Disable timeout testing on slow build systems (bsc#1084713)
+  * 0001-disable-timeout-test-on-slow-buildsystems.patch
+* Sun Dec 24 2017 fabian@ritter-vogt.de
+- Add patch to fix parsing of config files (boo#1067782):
+  * 0001-config-Bugfix-Dont-skip-unseen-opcodes.patch
+* Fri Sep 15 2017 vcizek@suse.com
+- add support for building with OpenSSL 1.1 (bsc#1055266)
+  * added patches:
+  * 0001-cmake-Use-configure-check-for-CRYPTO_ctr128_encrypt.patch
+  * 0001-libcrypto-Introduce-a-libcrypto-compat-file.patch
+  * 0001-libcrypto-Remove-AES_ctr128_encrypt.patch
+  * 0001-libcrypto-Use-a-pointer-for-EVP_MD_CTX.patch
+  * 0001-libcrypto-Use-a-pointer-for-EVP_CIPHER_CTX.patch
+  * 0001-libcrypto-Use-newer-API-for-HMAC.patch
+  * 0001-pki_crypto-Use-getters-and-setters-for-opaque-keys-a.patch
+  * 0001-threads-Use-new-API-call-for-OpenSSL-CRYPTO-THREADID.patch
+* Mon Jul 31 2017 astieger@suse.com
+- add package keyring and verify source signature
+* Thu Apr 13 2017 asn@cryptomilk.org
+- Update to version 0.7.5
+  * Fixed a memory allocation issue with buffers
+  * Fixed PKI on Windows
+  * Fixed some SSHv1 functions
+  * Fixed config hostname expansion
+* Wed Feb  8 2017 asn@cryptomilk.org
+- Update to version 0.7.4
+  * Added id_ed25519 to the default identity list
+  * Fixed sftp EOF packet handling
+  * Fixed ssh_send_banner() to confirm with RFC 4253
+  * Fixed some memory leaks
+- Removed patch gcc5-fixes.patch
+* Wed Dec  7 2016 jengelh@inai.de
+- Update descriptions. Drop redundant pkgconfig require
+  (it's autodetected).
+* Wed Oct  7 2015 asn@cryptomilk.org
+- Update to version 0.7.2
+  * Fixed OpenSSL detection on Windows
+  * Fixed return status for ssh_userauth_agent()
+  * Fixed KEX to prefer hmac-sha2-256
+  * Fixed sftp packet handling
+  * Fixed return values of ssh_key_is_(public|private)
+  * Fixed bug in global success reply
+* Mon Jul 20 2015 tchvatal@suse.com
+- Enable testsuite run to check the state of libssh itself
+- Use SUSE macros to define environment clearly
+- Enable gssapi by adding krb5 dependency
+* Tue Jun 30 2015 asn@cryptomilk.org
+- Update to version 0.7.1
+  * Fixed SSH_AUTH_PARTIAL auth with auto public key
+  * Fixed memory leak in session options
+  * Fixed allocation of ed25519 public keys
+  * Fixed channel exit-status and exit-signal
+  * Reintroduce ssh_forward_listen()
+* Mon May 11 2015 asn@cryptomilk.org
+- Update to version 0.7.0
+  * Added support for ed25519 keys
+  * Added SHA2 algorithms for HMAC
+  * Added improved and more secure buffer handling code
+  * Added callback for auth_none_function
+  * Added support for ECDSA private key signing
+  * Added more tests
+  * Fixed a lot of bugs
+  * Improved API documentation
+* Wed May  6 2015 dmueller@suse.com
+- add gcc5-fixes.patch: Fix build against GCC 5.x
+* Thu Apr 30 2015 asn@cryptomilk.org
+- Update to version 0.6.5
+  * Fixed CVE-2015-3146
+  * Fixed port handling in config file
+  * Fixed the build with libgcrypt
+  * Fixed SFTP endian issues (rlo #179)
+  * Fixed uninitilized sig variable (rlo #167)
+  * Fixed polling issues which could result in a hang
+  * Fixed handling of EINTR in ssh_poll() (rlo #186)
+  * Fixed C99 issues with __func__
+  * Fixed some memory leaks
+  * Improved macro detection on Windows
+* Thu Jan 22 2015 coolo@suse.com
+- removing argument from popd
+- add baselibs.conf as source
+* Fri Dec 19 2014 asn@cryptomilk.org
+- Update to version 0.6.4
+  * Fixed CVE-2014-8132.
+  * Added SHA-2 for session ID signing with ECDSA keys.
+  * Added support for ECDSA host keys.
+  * Added support for more ECDSA hostkey algorithms.
+  * Added ssh_pki_key_ecdsa_name() API.
+  * Fixed setting the bindfd only after successful listen.
+  * Fixed issues with user created sockets.
+  * Fixed several issues in libssh C++ wrapper.
+  * Fixed several documentation issues.
+  * Fixed channel exit-signal request.
+  * Fixed X11 request screen number in messages.
+  * Fixed several memory leaks.
+* Tue Mar  4 2014 asn@cryptomilk.org
+- Update to version 0.6.3
+  * Fix CVE-2014-0017.
+* Mon Feb 10 2014 asn@cryptomilk.org
+- Update to version 0.6.1
+  * Added support for libgcrypt 1.6.
+  * Added ssh_channel_accept_forward().
+  * Added known_hosts heuristic during connection (#138).
+  * Added getters for session cipher names.
+  * Fixed decrypt of zero length buffer.
+  * Fixed padding in RSA signature blobs.
+  * Fixed DSA signature extraction.
+  * Fixed some memory leaks.
+  * Fixed read of non-connected socket.
+  * Fixed thread dectection.
+* Wed Jan  8 2014 asn@cryptomilk.org
+- Update to version 0.6.0
+  * Added new publicy key API.
+  * Added new userauth API.
+  * Added ssh_get_publickey_hash() function.
+  * Added ssh_get_poll_flags() function.
+  * Added gssapi-mic userauth.
+  * Added GSSAPIServerIdentity option.
+  * Added GSSAPIClientIdentity option.
+  * Added GSSAPIDelegateCredentials option.
+  * Added new callback based server API.
+  * Added Elliptic Curve DSA (ECDSA) support (with OpenSSL).
+  * Added Elliptic Curve Diffie Hellman (ECDH) support.
+  * Added Curve25519 for ECDH key exchange.
+  * Added improved logging system.
+  * Added SSH-agent forwarding.
+  * Added key-reexchange.
+  * Added more unit tests.
+  * Improved documentation.
+  * Fixed timeout handling.
+* Thu Dec 19 2013 kukuk@suse.de
+- Remove remove-pedantic-errors.diff, does not apply anymore and is
+  not needed anymore.
+* Thu Oct 31 2013 javier@opensuse.org
+- Update to version 0.6.0rc1
+  * Added new publicy key API.
+  * Added new userauth API.
+  * Added gssapi-mic userauth.
+  * Added new callback based server API.
+  * Added Elliptic Curve DSA (ECDSA) support (with OpenSSL).
+  * Added Elliptic Curve Diffie Hellman (ECDH) support.
+  * Added improved logging system.
+  * Added SSH-agent forwarding.
+  * Added key-reexchange.
+  * Improved documentation.
+  * Fixed timeout handling.
+* Mon Jul 29 2013 asn@cryptomilk.org
+- Add baselibs.conf
+- Require xz to fix build on older distro versions.
+* Fri Jul 26 2013 asn@cryptomilk.org
+- Update to version 0.5.5
+  * BUG 103: Fix ProxyCommand parsing.
+  - Remove patch fix-proxycomand-parsing1.diff
+  - Remove patch fix-proxy-command-none.diff
+  * Fix setting -D_FORTIFY_SOURCE=2.
+  * Fix pollset error return if emtpy.
+  * Fix NULL pointer checks in channel functions.
+  * Several bugfixes.
+* Thu Jul 25 2013 lbeltrame@kde.org
+- Add fix-proxycomand-parsing1.diff: fix ProxyCommand parsing in
+  libssh (upstream libssh bug 103)
+- Add fix-proxy-command-none.diff: fix ProxyCommand when it is
+  "none" (upstream libssh bug 103)
+* Tue Jan 22 2013 asn@cryptomilk.org
+- Update to version 0.5.4
+  * CVE-2013-0176 - NULL dereference leads to denial of service
+  * Fixed several NULL pointer dereferences in SSHv1.
+  * Fixed a free crash bug in options parsing.
+* Tue Nov 20 2012 asn@cryptomilk.org
+- Update to version 0.5.3
+  * CVE-2012-4559 Fixed multiple double free() flaws.
+  * CVE-2012-4560 Fixed multiple buffer overflow flaws.
+  * CVE-2012-4561 Fixed multiple invalid free() flaws.
+  * rlo #84 - Fix bug in sftp_mkdir not returning on error.
+  * rlo #85 - Fixed a possible channel infinite loop if the connection dropped.
+  * rlo #88 - Added missing channel request_state and set it to accepted.
+  * rlo #89 - Reset error state to no error on successful SSHv1 authentiction.
+  * Fixed a possible use after free in ssh_free().
+  * Fixed multiple possible NULL pointer dereferences.
+  * Fixed multiple memory leaks in error paths.
+  * Fixed timeout handling.
+  * Fixed regression in pre-connected socket setting.
+  * Handle all unknown global messages.
+* Tue Feb  7 2012 jengelh@medozas.de
+- Ensure pkgconfig symbols are provided
+* Tue Jan 31 2012 jengelh@medozas.de
+- Remove redundant tags/sections per specfile guideline suggestions
+- Parallel building using %%_smp_mflags
+- Make pkgconfig provides available
+- Add patch to work around compilation problems on SLES11SP1
+* Sat Sep 17 2011 asn@cryptomilk.org
+- Update to version 0.5.2
+  * Increased window size x10.
+  * Fixed SSHv1.
+  * Fixed bugged lists.
+  * Fixed use-after-free + inconsistent callbacks call in poll.
+  * Fixed scp documentation.
+  * Fixed possible infinite loop in channel_read().
+  * Fixed handling of short reads of sftp_async_read().
+  * Fixed handling request service timeout in blocking mode.
+  * Fixed ssh_auth_list() documentation.
+  * Fixed incorrect return values in ssh_channel_write().
+  * Fixed an infinite loop in the termination callback.
+  * Fixed handling of SSH_AGAIN in channel_open().
+  * Fixed "status -5 inflating zlib packet"
+* Tue Sep  6 2011 crrodriguez@opensuse.org
+- Build with OPENSSL_LOAD_CONF so we respect user's choice
+  of which  "openssl engine" to use for crypto (aes-ni,intel-accel)
+* Tue Aug  9 2011 asn@cryptomilk.org
+- Update to version 0.5.1
+  * Added checks for NULL pointers in string.c.
+  * Set the channel max packet size to 32768.
+  * Don't (de)compress empty buffers.
+  * Fixed ssh_scp_write so it works when doing recursive copy.
+  * Fixed another source of endless wait.
+  * Fixed an endless loop in case of a channel_open error.
+  * Fixed session timeout handling.
+  * Fixed ssh_channel_from_local() loop.
+  * Fixed permissions of scp example when we copy a file.
+  * Workaround ssh_get_user_home_dir on LDAP users.
+  * Added pkg-config support for libssh_threads.
+  * Fixed compilation without server and sftp modes.
+  * Fix static .lib overwriting on Windows.
+* Tue May 31 2011 asn@cryptomilk.org
+- Update to version 0.5.0
+  * Added ssh_ prefix to all functions.
+  * Added complete Windows support.
+  * Added improved server support.
+  * Added unit tests for a lot of functions.
+  * Added asynchronous service request.
+  * Added a multiplatform ssh_getpass() function.
+  * Added a tutorial.
+  * Added a lot of documentation.
+  * Fixed a lot of bugs.
+  * Fixed several memory leaks.
+* Sat Jan 15 2011 asn@cryptomilk.org
+- Update to version 0.4.8
+  * Fixed memory leaks in session signing.
+  * Fixed memory leak in ssh_print_hexa.
+  * Fixed problem with ssh_connect w/ timeout and fd > 1024.
+  * Fixed some warnings on OS/2.
+  * Fixed installation path for OS/2.
+* Mon Dec 27 2010 asn@cynapses.org
+- Update to version 0.4.7
+  * Fixed a possible memory leak in ssh_get_user_home().
+  * Fixed a memory leak in sftp_xstat.
+  * Fixed uninitialized fd->revents member.
+  * Fixed timout value in ssh_channel_accept().
+  * Fixed length checks in ssh_analyze_banner().
+  * Fixed a possible data overread and crash bug.
+  * Fixed setting max_fd which breaks ssh_select().
+  * Fixed some pedantic build warnings.
+  * Fixed a memory leak with session->bindaddr.
+* Sun Sep  5 2010 asn@cynapses.org
+- Update to version 0.4.6
+  * Added a cleanup function to free the ws2_32 library.
+  * Fixed build with gcc 3.4.
+  * Fixed the Windows build on Vista and newer.
+  * Fixed the usage of WSAPoll() on Windows.
+  * Fixed "@deprecated" in doxygen
+  * Fixed some mingw warnings.
+  * Fixed handling of opened channels.
+  * Fixed keepalive problem on older openssh servers.
+  * Fixed testing for big endian on Windows.
+  * Fixed the Windows preprocessor macros and defines.
+* Tue Jul 13 2010 anschneider@exsuse.de
+- Update to version 0.4.5
+  * Added option to bind a client to an ip address.
+  * Fixed the ssh socket polling function.
+  * Fixed Windows related bugs in bsd_poll().
+  * Fixed serveral build warnings.
+* Mon May 31 2010 anschneider@exsuse.de
+- Update to version 0.4.4
+  * Fixed some bugs ein path expand functions.
+* Mon May 17 2010 anschneider@exsuse.de
+- Update to version 0.4.3
+  * Added global/keepalive responses.
+  * Added runtime detection of WSAPoll().
+  * Added a select(2) based poll-emulation if poll(2) is not available.
+  * Added a function to expand an escaped string.
+  * Added a function to expand the tilde from a path.
+  * Added a proxycommand support.
+  * Added ssh_privatekey_type public function
+  * Added the possibility to define _OPENSSL_DIR and _ZLIB_DIR.
+  * Fixed sftp_chown.
+  * Fixed sftp_rename on protocol version 3.
+  * Fixed a blocking bug in channel_poll.
+  * Fixed config parsing wich has overwritten user specified values.
+  * Fixed hashed [host]:port format in knownhosts
+  * Fixed Windows build.
+  * Fixed doublefree happening after a negociation error.
+  * Fixed aes*-ctr with <= OpenSSL 0.9.7b.
+  * Fixed some documentation.
+  * Fixed exec example which has broken read usage.
+  * Fixed broken algorithm choice for server.
+  * Fixed a typo that we don't export all symbols.
+  * Removed the unneeded dependency to doxygen.
+  * Build examples only on the Linux plattform.
+* Mon Mar 15 2010 anschneider@exsuse.de
+- Update to version 0.4.2
+  * Added owner and group information in sftp attributes.
+  * Added missing SSH_OPTIONS_FD option.
+  * Added printout of owner and group in the sftp example.
+  * Added a prepend function for ssh_list.
+  * Added send back replies to openssh's keepalives.
+  * Fixed documentation in scp code
+  * Fixed longname parsing, this only workings with readdir.
+  * Fixed and added support for several identity files.
+  * Fixed sftp_parse_longname() on Windows.
+  * Fixed a race condition bug in ssh_scp_close()
+  * Remove config support for SSHv1 Cipher variable.
+  * Rename ssh_list_add to ssh_list_append.
+  * Rename ssh_list_get_head to ssh_list_pop_head
+* Mon Feb 15 2010 anschneider@exsuse.de
+- Fixed Requires.
+* Sat Feb 13 2010 anschneider@exsuse.de
+- Update to version 0.4.1
+  * Added support for aes128-ctr, aes192-ctr and aes256-ctr encryption.
+  * Added an example for exec.
+  * Added private key type detection feature in privatekey_from_file().
+  * Fixed zlib compression fallback.
+  * Fixed kex bug that client preference should be prioritary
+  * Fixed known_hosts file set by the user.
+  * Fixed a memleak in channel_accept().
+  * Fixed underflow when leave_function() are unbalanced
+  * Fixed memory corruption in handle_channel_request_open().
+  * Fixed closing of a file handle case of errors in privatekey_from_file().
+  * Fixed ssh_get_user_home_dir() to be thread safe.
+  * Fixed the doxygen documentation.
+* Thu Dec 10 2009 anschneider@exsuse.de
+- Update to version 0.4.0
+  * Added scp support.
+  * Added support for sending signals (RFC 4254, section 6.9).
+  * Added MSVC support.
+  * Added support for ~/.ssh/config.
+  * Added sftp extension support.
+  * Added X11 forwarding support for client.
+  * Added forward listening.
+  * Added support for openssh extensions (statvfs, fstatvfs).
+  * Added a cleaned up interface for setting options.
+  * Added a generic way to handle sockets asynchronously.
+  * Added logging of the sftp flags used to open a file.
+  * Added full poll() support and poll-emulation for win32.
+  * Added missing 64bit functions in sftp.
+  * Added support for ~/ and SSH_DIR/ in filenames instead of %%s/.
+  * Fixed Fix channel_get_exit_status bug.
+  * Fixed calltrace logging to make it optional.
+  * Fixed compilation on Solaris.
+  * Fixed resolving of ip addresses.
+  * Fixed libssh compilation without server support.
+  * Fixed possible memory corruptions (ticket #14).
+* Mon Sep 14 2009 anschneider@exsuse.de
+- Update to version 0.3.4.
+  * Added ssh_basename and ssh_dirname.
+  * Added a portable ssh_mkdir function.
+  * Added a sftp_tell64() function.
+  * Added missing NULL pointer checks to crypt_set_algorithms_server.
+  * Fixed ssh_write_knownhost if ~/.ssh doesn't exist.
+  * Fixed a possible integer overflow in buffer_get_data().
+  * Fixed possible security bug in packet_decrypt().
+* Tue Aug 18 2009 anschneider@exsuse.de
+- Update to version 0.3.3.
+  * Fixed double free pointer crash in dsa_public_to_string.
+  * Fixed channel_get_exit_status bug.
+  * Fixed ssh_finalize which didn't clear the flag.
+  * Fixed memory leak introduced by previous bugfix.
+  * Fixed channel_poll broken when delayed EOF recvd.
+  * Fixed stupid "can't parse known host key" bug.
+  * Fixed possible memory corruption (ticket #14).
+* Tue Aug  4 2009 anschneider@exsuse.de
+- Update to version 0.3.2
+  * Added ssh_init() function.
+  * Added sftp_readlink() function.
+  * Added sftp_symlink() function.
+  * Fixed ssh_write_knownhost().
+  * Fixed compilation on Solaris.
+  * Fixed SSHv1 compilation.
+* Tue Jul 14 2009 anschneider@exsuse.de
+- Update to version 0.3.1
+  * Added return code SSH_SERVER_FILE_NOT_FOUND.
+  * Fixed compilation of SSHv1.
+  * Fixed several memory leaks.
+  * Fixed possible infinite loops.
+  * Fixed a possible crash bug.
+  * Fixed build warnings.
+  * Fixed cmake on BSD.
+* Thu May 21 2009 anschneider@exsuse.de
+- Update to version 0.3.0
+  * Added support for ssh-agent authentication.
+  * Added POSIX like sftp implementation.
+  * Added error checking to all functions.
+  * Added const to arguments where it was needed.
+  * Added a channel_get_exit_status() function.
+  * Added a channel_read_buffer() function, channel_read() is now
+    a POSIX like function.
+  * Added a more generic auth callback function.
+  * Added printf attribute checking for log and error functions.
+  * Added runtime function tracer support.
+  * Added NSIS build support with CPack.
+  * Added openssh hashed host support.
+  * Added API documentation for all public functions.
+  * Added asynchronous SFTP read function.
+  * Added a ssh_bind_set_fd() function.
+  * Fixed known_hosts parsing.
+  * Fixed a lot of build warnings.
+  * Fixed the Windows build.
+  * Fixed a lot of memory leaks.
+  * Fixed a double free corruption in the server support.
+  * Fixed the "ssh_accept:" bug in server support.
+  * Fixed important channel bugs.
+  * Refactored the socket handling.
+  * Switched to CMake build system.
+  * Improved performance.
+* Mon Nov 17 2008 anschneider@suse.de
+- Add 'Provides: libssh' to the library that the debuginfo package
+  can be installed.
+- Fix channel performance by changing the window len.
+- Use libssh2 as name for the library package.
+- Remove rpmlintrc
+* Tue Oct  7 2008 aj@suse.de
+- Disable parallel build since it breaks the build.
+* Tue Sep 30 2008 ro@suse.de
+- Add rpmlintrc (desired package name is already taken by another
+  package)
+* Tue Sep 30 2008 ro@suse.de
+- Fix debug package requires
+* Tue Sep 30 2008 ro@suse.de
+- Fixed filelist
+* Thu Aug 21 2008 anschneider@suse.de
+- Map the permissions field to the type field for sftp v3.
+- Add errno mapping for sftp functions
+* Wed Aug 20 2008 anschneider@suse.de
+- Initial libssh package
diff --git a/libssh.keyring b/libssh.keyring
new file mode 100644
index 0000000000000000000000000000000000000000..411bf36750f0fc4a8856034415e39c7116559ee4
GIT binary patch
literal 3432
zcma*p_ct4i!ocx}QL!m1M$D?3u}kf!7>&Kfo>jzNwfC+*)QGKCjjC0OQpBF2iW)Uz
zuiB;D=e_5i^FF`a_q_kZ=X}pM8%R!|t2L&GM+F!>lQPCyyIvl`cuN@$-G>|ou&}^A
zn93lyCo!q)4>ia3)el-n*1nj^vXJGQThLGx{NnCp;L^s1(PBlSFEXaSzqiqHCY|Id
zZL;oMaJk9*-Y}D^u@0LTMT-kB>#wDZL;*&GW~y!D9OJcT_H}-W3Uz%p8N&m4CUS7>
zD-$(<Q0Rin2ZbvT#4@%p*p-6Qpdn}&eXD!b!oW3Vdv^x`%vCCkv$DP~_2;fG63dDF
z)Vs*PTRs0wyTTsNR1PXoSSG@*;uag+hDv{3K1O>KGF!hH;-%I|{sgrT=$64vNgx3y
zk6cyafMfnTZk;oDS-&XwToz$?4HG2<BD)9|X7ff8jPsXm%i$S=KY8d3tEZznrNI)=
zqjaR2ssOtUGg1@3&Nq2i=-WuipLf^WR->@AT|d5v#;2?GmSH}<BXQipud9?v=-6?)
zEFl^7%MWlpPmdQYRRGfLVs}1vgvFDr6%@0(K300ZJTX!3RY`)`CaE)#hx`LVvr}%e
zw1yY=Vl9bO0{7wPt+iuxg<oG5>!`IX4V3Z4b)oAz=2pZRy9};;0<bn_kHW4QJPZ?9
zFgKvbSpU$^a#zQG7AK5?ngP4ulU-$2=Jd6T^k!DL6~I_`{q;q=hhIf)1TMT-6|QOK
z#hda}=ONmQm@=o48D>gB`uUi48bFN)z-#1IbhGocxAtPwvvqQ_e_?0u$tGj%<)&ck
z8Q|`Xa(&_QQV`|oC>IZuA-InR1aJeH@b8g=i0|P8@rdY%fglo60(u}m9uR^Dd=N$m
z)YY0y1%mMaBp|B4(I7_fG-dsvRDkl6bCGmiA5G$Wu-n+uzoaaMu@$LFQM>wT1WY?3
zkl`S1YZ{^K;Uc068akUF1?XQKYWin<?<+A|Y2ZU<kZ^2GPcRAH38F?<39)cFRo0M{
zfK)D$ybXdHo>R_qf+5tTaDS_T&5Ma%Qm@G;UzWb@ER&0dP!?BHkITj|CtGNKbVNej
z^lkm9-UehnIPes}p8v8%fo!NF=Q^yS+AIR;^i0_BpS^!=Kj~h~_;AMZ4aWG-`p&!R
zpR#c?AE884S%wnC0!E2!;Y>4$>5i8V5ANh!F7EuIOa^XfzIy*w!jmz`@A~n$ZZ3Kg
z_oO8&P2}g~Fh|=CGB}UT*PCi)s-!iX!EppqJumx>_>mJMVZVI0?SbIjgQ{c_NSakw
z`4M;YuIJ}Z9T^iUjIA37yxz}`Mmtk$DQGlQZ;o7J6d{8@R}%Vub^jQ{AoY1A!V6a}
zv)ZQ)9{<)V|MRryQ3(L|g3`GU8lUg+XGNQ0987ZjhsSeg755GLk>uV|j8CTO-17Gv
zp;H2@iV;>N2EwE?4A%-Jox5bFe5|m>t#R1^fctzM(v~NmEYbIh+dMvRX}aigPdaE%
z?Nu{Q8@b}hI16GDuQ{koe6uP1gVwzmj*n|oJw`I`<@$kdICa^!IpsB8Hl<_3bj@{R
zmU>q6v#(>p&V~FexOG?~`+s5PW$kKX{U2dc{}#si{}A?1UUBM_cZOh|e%=GAb4Kd6
zX+>srORAGXdV`JT-=yuy#W_)o!oK<w5n8|m4<5;?^L~}u)hu%kA`n62Cf3wg7lNVh
zQKuQrvg+-QJ_O+}Y^L8Z#vl`fv4QJuZN_L*mKxwri6mHuztuWXot>ZSI-9@xf^BSv
z%Hk}`Yyao{>7sq?s3>&C@=*tymxWj=yV^oAKmHzcTphuh`yDHy4=kVKb4hh>DFyk-
zU>-M>wcYvD^B8qsX(~3PB-dPhXkLknp5KaY-ZvbDy87eWgJ-Bw9f8=4N$8C91iw8`
zxj*TZjb$9wiJnswT}*k;O^OA**D2X9!-em&Su-eTo|Cn54lh)QPr;w+x&gCH@u7_-
zEQZR+2z`&wMOyH6uMiEFGewgo`PtW&$&<ujL+<=8NfYy%(%gz79oCu7Lb}g<rU!!s
zr6$F>5lODY-`63il0sKZbPatrF_~toqOs)!+e-?K*ID_Amsgsij+&6!VzOiML>Vxu
zrco_mQ;jwd<&lWc7-53eO(L}0lB|1YJ#F88*WM>ZZcrE#eiJEks%aCtQb%tjjR8BV
ze7pCKRwR=|cZgMesASEajgof2Q-(qgESH*UV_8zy#P7$N3%ykl@H*wxT&qn<Y2QS)
zb0!JEFN?I0uQb)=!x_P6ZykS$#hiDc5w{vyLh_9q|Am*Qy`7V_x1cS`_3wiH#}^^c
z@CIk{e=7T@FSsZbpvTa>ymykBQMd5%ow{~hF8%j}XMNe#iHeLGSoPE)gOBbfoSALf
zF?Id99)$^fWAle0j3GA8$=k(dm|1WKh^YXkr)_>fIZ>LNGUFuWq_5mS#HG@*PjJEQ
zACBeFxIa7yBjx`~J5-Doq1CXpq^eOvX?jP}k|sAm#uCHfwFU$pi%jP&lN)i$i<_<%
zI#iH+507AW6^$2<rFB>V7H8@fG~a&Wx-THchjmwYw&=@&@rvXivU!*&R<0WENa@&U
zw49x3)}*`1l7lmjgiRu1s^nx<&`BfX@d8O}pC=;Dm@oHpi!NUXN4qbJ(ywyFJOT%*
zGt*8_A;rAPm-So5$dFu#0;sp@%kpA->Z9tJ(U=;XJC|feP;3osXIaj=qvT`Ic%BEf
zMW1;8Wb||V1yWEW;B>RaL(dU%C6CpshsL)Z@IWA2<@He-4n)I~_vGcynDD7n(F%9M
ztLI{euUf!LrBHpc^W?3`t&vasi6N}_tKo*D_)WA=zE!@?{A&?VL$KoO)~|}TvfS7+
zUXclP7$|wNZ6!TZU{elwB=Wp2$7HA(H6Xwl4^tcrnF>Le61(<)4BH5lK`(He^UGy*
z%b`7!GiNz&5S>wD4`49*&E0Cr$t-DGPI5I&KYqekSA0EePKz{T#EXasY{9c6dv{yv
zL%{X<f3FEUcO4}anUf#2&WFuY9Dlxiy<hKu?~}3{>H@+be$s7xul(fTdfJuJ;uyp)
z6t3uCz<)`528o7Nyd$l2l|Y5&XPoxUyIdGMRwuhk6WWJ9^{u<7yf3T#u|{}N_jm0p
ziG*>B&4R**r*0}{4{oPZYS;#x*!+in_-dxU5>=M*(Q(>mhqs_R4`+9##H{rQDNmd$
z<3GL8m+<sdGPM2bt85rcnlbx3j&ys+ad~WnSHEpcNB8I?{?K>A2c+HN0Em|MzNi4e
zszZ^O3|CJCW&}y2kY0M)Q)(7n%-OHtW{!&MCPB`pRyAe6PtJ9^PT^+x5Ms?2lpEcg
zxLE42T2Q;)-@I2rN3bZf`ZGVsESUm*azDxK)1S)?X1dOY6Fk110>vSA>xs@(83LvN
zrqZ8RqPwhP2MbDS8dN(KLk<<PcIoI7CV{$~1iP)O)}3Dv#?U$O>M0^X91Y&-2YtVD
z7BEl8V*IU1za57kjLA}OZbyBE4RPh&y<U51m;K|*WkyL(d-Ze_B8|+AJ2#`{oy2p~
z%fX><C6}K?76V0o^C`_khP8GWv)*38V@BzX25k^&b_2E^DS0BY)Z@F1=8unNeq}hY
zxARwiM-i^4o2J$i>8`PFdQ<wg2&gHeMis)8M2ZRHuARlw*ihq+!WUbMBzb$s1MX)3
zzNUB}D*?mbHw5~h;Tcl|GLikW819plx6<MSCR1{4S$tQEiccC_9kqt}-@J)R@KO@2
zn?l>S*AN%(*I0Dhl5g_`w+fV-wDz^?%e-M<C3)!{^t4?_TS_UL^8wlmS0VjkPt0b0
z!2pFBbm^l_JIf1@?xcus3k^TE5jk9&CKbocB|@#VrP+QMzk%ap@W3IK(5a6k_Y;C@
zPo%@WHEP%btZO6Qe^okPJv4Zxfj7jfayx1{G7NeWeJaLAp|sVUSF}$RJ3^z*!VLRz
zvt_0Sp9q^0<xU>C+^^F)pKXO*>8GLAobn_18oHSlg1D@CVQ@t^{77jP+?~bsVsupi
zx!ysj!tWst*4B-=Dlp12NVb<o>B|9bzI+YYMDxj^+?*_K=k1?_vXW+YMq5Fgxu<yI
z73AXcQXG+%_Af+SWC4-kK~oR45ff-Lb1iWx_+rleU3#diM(^1R;zGf90!!plR61*C
zs=9p%aNF+C0P%>;00GLv7ozi8D%0m6&DgGm$ag&vThM`$#;S<X723K2s$e<|&q7lQ
zW1P`E+<>->ro4Abem9=|F=4Q<)fXi_hC?5-{)I4qJ<*-gGX^b5V}^M4xQA-l?J3`=
z+j%iAdqjf#6K6CNg}+~#7iki!4|J-=5~{hT*G;m(8i?A7`d1HoY>4HBTts484LyV#
WZDm2tMA4T=UAs2at-!xR8~z2&g;JCN

literal 0
HcmV?d00001

diff --git a/libssh.spec b/libssh.spec
new file mode 100644
index 0000000..4d3dc5b
--- /dev/null
+++ b/libssh.spec
@@ -0,0 +1,140 @@
+#
+# spec file for package libssh
+#
+# Copyright (c) 2022-2023 ZhuningOS
+#
+
+
+%global flavor %{nil}
+%if "%{flavor}" == "test"
+%define pkg_suffix -test
+%ifarch s390 s390x ppc64le
+  %define slow_test_system "ON"
+%else
+  %define slow_test_system "OFF"
+%endif
+%bcond_without test
+%else
+%define pkg_suffix %{nil}
+%bcond_with test
+%endif
+Name:           libssh%{pkg_suffix}
+Version:        0.9.8
+Release:        150400.3.3.1
+Summary:        The SSH library
+License:        LGPL-2.1-or-later
+Group:          Development/Libraries/C and C++
+URL:            https://www.libssh.org
+Source0:        https://www.libssh.org/files/0.9/libssh-%{version}.tar.xz
+Source1:        https://www.libssh.org/files/0.9/libssh-%{version}.tar.xz.asc
+Source2:        https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/libssh.keyring
+Source3:        libssh_client.config
+Source4:        libssh_server.config
+Source99:       baselibs.conf
+Patch0:         0001-disable-timeout-test-on-slow-buildsystems.patch
+BuildRequires:  cmake
+BuildRequires:  gcc-c++
+BuildRequires:  krb5-devel
+BuildRequires:  openssl-devel
+BuildRequires:  pkgconfig
+BuildRequires:  xz
+BuildRequires:  zlib-devel
+# doxygen generated documentation used to be in subpkg
+Obsoletes:      %{name}-devel-doc <= 0.8.6
+%if %{with test}
+BuildRequires:  libcmocka-devel
+BuildRequires:  openssh
+%endif
+
+%description
+An SSH implementation in the form of a library. With libssh, you can remotely
+execute programs, transfer files, use a secure and transparent tunnel for your
+remote programs. It supports SFTP as well.
+
+This package provides libssh from https://www.libssh.org that should not be
+confused with libssh2 available from https://www.libssh2.org (libssh2 package)
+
+%package -n libssh4
+Summary:        SSH library
+Group:          System/Libraries
+Requires:       %{name}-config >= %{version}
+
+%description -n libssh4
+An SSH implementation in the form of a library. With libssh, you can remotely
+execute programs, transfer files, use a secure and transparent tunnel for your
+remote programs. It supports SFTP as well.
+
+This package provides libssh from https://www.libssh.org that should not be
+confused with libssh2 available from https://www.libssh2.org (libssh2 package)
+
+%package config
+Summary:        SSH library configuration files
+Group:          Productivity/Networking/SSH
+
+%description config
+Configuration files for the SSH library.
+
+%package devel
+Summary:        SSH library development headers
+Group:          Development/Libraries/C and C++
+Requires:       cmake
+Requires:       libssh4 = %{version}
+
+%description devel
+Development headers for the SSH library.
+
+%prep
+%autosetup -p1 -n libssh-%{version}
+
+%build
+%cmake \
+    -DCMAKE_C_FLAGS:STRING="%{optflags} -DOPENSSL_LOAD_CONF" \
+%if %{with test}
+    -DUNIT_TESTING="ON" \
+    -DSLOW_TEST_SYSTEM=%{slow_test_system} \
+%endif
+    -DWITH_GSSAPI=ON \
+    -DWITH_EXAMPLES="OFF" \
+    -DGLOBAL_CLIENT_CONFIG="%{_sysconfdir}/libssh/libssh_client.config" \
+    -DGLOBAL_BIND_CONFIG="%{_sysconfdir}/libssh/libssh_server.config"
+
+make %{?_smp_mflags}
+
+%install
+%if !%{with test}
+%cmake_install
+
+install -d -m755 %{buildroot}%{_sysconfdir}/libssh
+install -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/libssh/libssh_client.config
+install -m644 %{SOURCE4} %{buildroot}%{_sysconfdir}/libssh/libssh_server.config
+%endif
+
+%check
+%if %{with test}
+%ctest
+%endif
+
+%if !%{with test}
+%post -n libssh4 -p /sbin/ldconfig
+%postun -n libssh4 -p /sbin/ldconfig
+
+%files -n libssh4
+%doc AUTHORS README ChangeLog
+%{_libdir}/libssh.so.*
+
+%files config
+%dir %{_sysconfdir}/libssh
+%config(noreplace) %{_sysconfdir}/libssh/libssh_client.config
+%config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
+
+%files devel
+%{_includedir}/libssh
+%{_libdir}/libssh.so
+%{_libdir}/pkgconfig/libssh.pc
+%dir %{_libdir}/cmake/libssh
+%{_libdir}/cmake/libssh/libssh-config.cmake
+%{_libdir}/cmake/libssh/libssh-config-relwithdebinfo.cmake
+%{_libdir}/cmake/libssh/libssh-config-version.cmake
+%endif
+
+%changelog
diff --git a/libssh_client.config b/libssh_client.config
new file mode 100644
index 0000000..a5343a2
--- /dev/null
+++ b/libssh_client.config
@@ -0,0 +1,2 @@
+# Parse OpenSSH configuration file for consistency
+Include /etc/ssh/ssh_config
diff --git a/libssh_server.config b/libssh_server.config
new file mode 100644
index 0000000..497b505
--- /dev/null
+++ b/libssh_server.config
@@ -0,0 +1,2 @@
+# Parse OpenSSH configuration file for consistency
+Include /etc/ssh/sshd_config