openssh: applied upstream fix for "cert not yet valid" test

applied upstream fix for openssh's "cert not yet valid" test Upstream Status: Backport: https://github.com/openssh/openssh-portable/commit/ff31f15773ee173502eec4d7861ec56f26bba381 (From OE-Core rev: f0a949fe33da47fd0a587abb942ff60f0a56ed0d) Signed-off-by: Mingde (Matthew) Zeng<matthew.zeng@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Mingde (Matthew) Zeng <matthew.zeng@windriver.com> 2020-01-20 18:24:57 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-01-21 12:52:53 +0000
commit: ca9a8fb991f4ec636939d949d24fe742f1922c49 (patch)
tree: d27dd313b292f146fc5e2d801f2a87f2c84e8f63 /meta/recipes-connectivity/openssh
parent: 9896be8f750ef6a99b3a11e806a0007e19ecabaf (diff)
download: poky-ca9a8fb991f4ec636939d949d24fe742f1922c49.tar.gz
2 files changed, 61 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch b/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch
new file mode 100644
index 0000000000..7171ec0834
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch
@@ -0,0 +1,60 @@
+From 0a68d6cfe255f8bcdd5f9db0d008a8f0a60b237a Mon Sep 17 00:00:00 2001
+From: "Mingde (Matthew) Zeng" <matthew.zeng@windriver.com>
+Date: Wed, 15 Jan 2020 15:51:42 -0500
+Subject: [PATCH] Manually applied upstream fix for openssh test
+Upstream Status: Backport:
+    https://github.com/openssh/openssh-portable/commit/ff31f15773ee173502eec4d7861ec56f26bba381
+Signed-off-by: Mingde (Matthew) Zeng<matthew.zeng@windriver.com>
+---
+ regress/cert-hostkey.sh | 4 ++--
+ regress/cert-userkey.sh | 5 ++---
+ 2 files changed, 4 insertions(+), 5 deletions(-)
+diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
+index 86ea6250..60e3ec02 100644
+--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
+@@ -1,4 +1,4 @@
+-#      $OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $
+#      $OpenBSD: cert-hostkey.sh,v 1.23 2020/01/03 03:02:26 djm Exp $
+ #      Placed in the Public Domain.
+ tid="certified host keys"
+@@ -252,7 +252,7 @@ test_one() {
+ test_one "user-certificate"    failure "-n $HOSTS"
+ test_one "empty principals"    success "-h"
+ test_one "wrong principals"    failure "-h -n foo"
+-test_one "cert not yet valid"  failure "-h -V20200101:20300101"
+test_one "cert not yet valid"  failure "-h -V20300101:20320101"
+ test_one "cert expired"                failure "-h -V19800101:19900101"
+ test_one "cert valid interval" success "-h -V-1w:+2w"
+ test_one "cert has constraints"        failure "-h -Oforce-command=false"
+diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
+index 38c14a69..f0e30945 100644
+--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
+@@ -1,4 +1,4 @@
+-#      $OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $
+#      $OpenBSD: cert-userkey.sh,v 1.25 2020/01/03 03:02:26 djm Exp $
+ #      Placed in the Public Domain.
+ tid="certified user keys"
+@@ -338,7 +338,7 @@ test_one() {
+ test_one "correct principal"   success "-n ${USER}"
+ test_one "host-certificate"    failure "-n ${USER} -h"
+ test_one "wrong principals"    failure "-n foo"
+-test_one "cert not yet valid"  failure "-n ${USER} -V20200101:20300101"
+test_one "cert not yet valid"  failure "-n ${USER} -V20300101:20320101"
+ test_one "cert expired"                failure "-n ${USER} -V19800101:19900101"
+ test_one "cert valid interval" success "-n ${USER} -V-1w:+2w"
+ test_one "wrong source-address"        failure "-n ${USER} -Osource-address=10.0.0.0/8"
+@@ -399,4 +399,3 @@ done
+ rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
+ rm -f $OBJ/authorized_principals_$USER
+-
+--
+2.24.1
diff --git a/meta/recipes-connectivity/openssh/openssh_8.1p1.bb b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb
index f8be7ba178..8e7896cf4a 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.1p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb
@@ -26,6 +26,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
           file://add-test-support-for-busybox.patch \
           file://openssh-8.1p1-seccomp-nanosleep.patch \
           file://0001-seccomp-Allow-clock_gettime64-in-sandbox.patch \
+           file://0001-Manually-applied-upstream-fix-for-openssh-test.patch \
           "
 SRC_URI[md5sum] = "513694343631a99841e815306806edf0"
 SRC_URI[sha256sum] = "02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff"
author	Mingde (Matthew) Zeng <matthew.zeng@windriver.com>	2020-01-20 18:24:57 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-01-21 12:52:53 +0000
commit	ca9a8fb991f4ec636939d949d24fe742f1922c49 (patch)
tree	d27dd313b292f146fc5e2d801f2a87f2c84e8f63 /meta/recipes-connectivity/openssh
parent	9896be8f750ef6a99b3a11e806a0007e19ecabaf (diff)
download	poky-ca9a8fb991f4ec636939d949d24fe742f1922c49.tar.gz

diff --git a/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch b/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch new file mode 100644 index 0000000000..7171ec0834 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch
@@ -0,0 +1,60 @@
		1	From 0a68d6cfe255f8bcdd5f9db0d008a8f0a60b237a Mon Sep 17 00:00:00 2001
		2	From: "Mingde (Matthew) Zeng" <matthew.zeng@windriver.com>
		3	Date: Wed, 15 Jan 2020 15:51:42 -0500
		4	Subject: [PATCH] Manually applied upstream fix for openssh test
		5
		6	Upstream Status: Backport:
		7	https://github.com/openssh/openssh-portable/commit/ff31f15773ee173502eec4d7861ec56f26bba381
		8
		9	Signed-off-by: Mingde (Matthew) Zeng<matthew.zeng@windriver.com>
		10	---
		11	regress/cert-hostkey.sh \| 4 ++--
		12	regress/cert-userkey.sh \| 5 ++---
		13	2 files changed, 4 insertions(+), 5 deletions(-)
		14
		15	diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
		16	index 86ea6250..60e3ec02 100644
		17	--- a/regress/cert-hostkey.sh
		18	+++ b/regress/cert-hostkey.sh
		19	@@ -1,4 +1,4 @@
		20	-# $OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $
		21	+# $OpenBSD: cert-hostkey.sh,v 1.23 2020/01/03 03:02:26 djm Exp $
		22	# Placed in the Public Domain.
		23
		24	tid="certified host keys"
		25	@@ -252,7 +252,7 @@ test_one() {
		26	test_one "user-certificate" failure "-n $HOSTS"
		27	test_one "empty principals" success "-h"
		28	test_one "wrong principals" failure "-h -n foo"
		29	-test_one "cert not yet valid" failure "-h -V20200101:20300101"
		30	+test_one "cert not yet valid" failure "-h -V20300101:20320101"
		31	test_one "cert expired" failure "-h -V19800101:19900101"
		32	test_one "cert valid interval" success "-h -V-1w:+2w"
		33	test_one "cert has constraints" failure "-h -Oforce-command=false"
		34	diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
		35	index 38c14a69..f0e30945 100644
		36	--- a/regress/cert-userkey.sh
		37	+++ b/regress/cert-userkey.sh
		38	@@ -1,4 +1,4 @@
		39	-# $OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $
		40	+# $OpenBSD: cert-userkey.sh,v 1.25 2020/01/03 03:02:26 djm Exp $
		41	# Placed in the Public Domain.
		42
		43	tid="certified user keys"
		44	@@ -338,7 +338,7 @@ test_one() {
		45	test_one "correct principal" success "-n ${USER}"
		46	test_one "host-certificate" failure "-n ${USER} -h"
		47	test_one "wrong principals" failure "-n foo"
		48	-test_one "cert not yet valid" failure "-n ${USER} -V20200101:20300101"
		49	+test_one "cert not yet valid" failure "-n ${USER} -V20300101:20320101"
		50	test_one "cert expired" failure "-n ${USER} -V19800101:19900101"
		51	test_one "cert valid interval" success "-n ${USER} -V-1w:+2w"
		52	test_one "wrong source-address" failure "-n ${USER} -Osource-address=10.0.0.0/8"
		53	@@ -399,4 +399,3 @@ done
		54
		55	rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
		56	rm -f $OBJ/authorized_principals_$USER
		57	-
		58	--
		59	2.24.1
		60


diff --git a/meta/recipes-connectivity/openssh/openssh_8.1p1.bb b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb index f8be7ba178..8e7896cf4a 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.1p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb
@@ -26,6 +26,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
26	file://add-test-support-for-busybox.patch \	26	file://add-test-support-for-busybox.patch \
27	file://openssh-8.1p1-seccomp-nanosleep.patch \	27	file://openssh-8.1p1-seccomp-nanosleep.patch \
28	file://0001-seccomp-Allow-clock_gettime64-in-sandbox.patch \	28	file://0001-seccomp-Allow-clock_gettime64-in-sandbox.patch \
		29	file://0001-Manually-applied-upstream-fix-for-openssh-test.patch \
29	"	30	"
30	SRC_URI[md5sum] = "513694343631a99841e815306806edf0"	31	SRC_URI[md5sum] = "513694343631a99841e815306806edf0"
31	SRC_URI[sha256sum] = "02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff"	32	SRC_URI[sha256sum] = "02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff"