[OE-core] [zeus][PATCH] openssh: backport patch to fix "cert not yet valid" test

Fri Feb 21 16:12:05 UTC 2020

On 2/20/20 7:29 PM, Anuj Mittal wrote:
> Fixes [YOCTO #13796]
Could you please take ownership of the bug. Its weird we both worked on
the same issue and had a fix done about the same time.

Ill replace my version in stable/zeus-nut with this patch.

- Armin
>
> Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
> ---
>  ...at-bozo-decided-to-use-2020-as-a-future-d.patch | 46 ++++++++++++++++++++++
>  meta/recipes-connectivity/openssh/openssh_8.0p1.bb |  1 +
>  2 files changed, 47 insertions(+)
>  create mode 100644 meta/recipes-connectivity/openssh/openssh/0001-upstream-what-bozo-decided-to-use-2020-as-a-future-d.patch
>
> diff --git a/meta/recipes-connectivity/openssh/openssh/0001-upstream-what-bozo-decided-to-use-2020-as-a-future-d.patch b/meta/recipes-connectivity/openssh/openssh/0001-upstream-what-bozo-decided-to-use-2020-as-a-future-d.patch
> new file mode 100644
> index 0000000..e2930c3
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssh/openssh/0001-upstream-what-bozo-decided-to-use-2020-as-a-future-d.patch
> @@ -0,0 +1,46 @@
> +From 3cccc0a2ab597b8273bddf08e9a3cc5551d7e530 Mon Sep 17 00:00:00 2001
> +From: "djm at openbsd.org" <djm at openbsd.org>
> +Date: Fri, 3 Jan 2020 03:02:26 +0000
> +Subject: [PATCH] upstream: what bozo decided to use 2020 as a future date in a
> + regress
> +
> +test?
> +
> +OpenBSD-Regress-ID: 3b953df5a7e14081ff6cf495d4e8d40e153cbc3a
> +
> +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/ff31f15773ee173502eec4d7861ec56f26bba381]
> +
> +[Dropped the script version and copyright year change at the top]
> +
> +Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
> +---
> + regress/cert-hostkey.sh | 2 +-
> + regress/cert-userkey.sh | 2 +-
> + 2 files changed, 2 insertions(+), 2 deletions(-)
> +
> +diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
> +index 3ce7779..74d5a53 100644
> +--- a/regress/cert-hostkey.sh
> ++++ b/regress/cert-hostkey.sh
> +@@ -248,7 +248,7 @@ test_one() {
> + test_one "user-certificate"	failure "-n $HOSTS"
> + test_one "empty principals"	success "-h"
> + test_one "wrong principals"	failure "-h -n foo"
> +-test_one "cert not yet valid"	failure "-h -V20200101:20300101"
> ++test_one "cert not yet valid"	failure "-h -V20300101:20320101"
> + test_one "cert expired"		failure "-h -V19800101:19900101"
> + test_one "cert valid interval"	success "-h -V-1w:+2w"
> + test_one "cert has constraints"	failure "-h -Oforce-command=false"
> +diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
> +index 6849e99..de455b8 100644
> +--- a/regress/cert-userkey.sh
> ++++ b/regress/cert-userkey.sh
> +@@ -327,7 +327,7 @@ test_one() {
> + test_one "correct principal"	success "-n ${USER}"
> + test_one "host-certificate"	failure "-n ${USER} -h"
> + test_one "wrong principals"	failure "-n foo"
> +-test_one "cert not yet valid"	failure "-n ${USER} -V20200101:20300101"
> ++test_one "cert not yet valid"	failure "-n ${USER} -V20300101:20320101"
> + test_one "cert expired"		failure "-n ${USER} -V19800101:19900101"
> + test_one "cert valid interval"	success "-n ${USER} -V-1w:+2w"
> + test_one "wrong source-address"	failure "-n ${USER} -Osource-address=10.0.0.0/8"
> diff --git a/meta/recipes-connectivity/openssh/openssh_8.0p1.bb b/meta/recipes-connectivity/openssh/openssh_8.0p1.bb
> index 2ffbc9a..3d16f9d 100644
> --- a/meta/recipes-connectivity/openssh/openssh_8.0p1.bb
> +++ b/meta/recipes-connectivity/openssh/openssh_8.0p1.bb
> @@ -25,6 +25,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
>             file://sshd_check_keys \
>             file://add-test-support-for-busybox.patch \
>             file://0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch \
> +           file://0001-upstream-what-bozo-decided-to-use-2020-as-a-future-d.patch \
>             "
>  SRC_URI[md5sum] = "bf050f002fe510e1daecd39044e1122d"
>  SRC_URI[sha256sum] = "bd943879e69498e8031eb6b7f44d08cdc37d59a7ab689aa0b437320c3481fd68"