From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 5059 invoked by alias); 30 May 2015 21:22:16 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 5049 invoked by uid 89); 30 May 2015 21:22:15 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 X-HELO: resqmta-ch2-06v.sys.comcast.net Received: from resqmta-ch2-06v.sys.comcast.net (HELO resqmta-ch2-06v.sys.comcast.net) (69.252.207.38) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted) ESMTPS; Sat, 30 May 2015 21:22:14 +0000 Received: from resomta-ch2-03v.sys.comcast.net ([69.252.207.99]) by resqmta-ch2-06v.sys.comcast.net with comcast id aMMw1q00529Cfhx01MNC7v; Sat, 30 May 2015 21:22:12 +0000 Received: from 5200-glenwood.net ([69.140.37.22]) by resomta-ch2-03v.sys.comcast.net with comcast id aMNB1q00M0UgAyD01MNCKp; Sat, 30 May 2015 21:22:12 +0000 Received: from [192.168.1.194] (helo=arsenic.5200-glenwood.net) by helium with smtp (Exim 4.82) (envelope-from ) id 1YyoCp-0006eP-Oc for cygwin-apps@cygwin.com; Sat, 30 May 2015 17:22:11 -0400 From: Andrew Schulman To: cygwin-apps@cygwin.com Subject: Re: cygport upload: patch for openssh 6.8p1 Date: Sat, 30 May 2015 21:22:00 -0000 Message-ID: References: <1432929978.7892.19.camel@cygwin.com> In-Reply-To: <1432929978.7892.19.camel@cygwin.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--=_5gakmad3r5hrost44gnt89pcvhspbhjdl9.MFSBCHJLHS" X-Archive: encrypt X-SW-Source: 2015-05/txt/msg00093.txt.bz2 ----=_5gakmad3r5hrost44gnt89pcvhspbhjdl9.MFSBCHJLHS Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Content-length: 1384 > On Sun, 2015-05-24 at 12:32 -0400, Andrew Schulman wrote: > > Since the latest update to openssh, ssh-keygen's output format for key > > fingerprints has changed. The default hash algorithm is now base64-enc= oded > > SHA256 instead of MD5, and the hash name precedes its value, like > >=20 > > SHA256:lvRrjAXmEhzDp5kQqzelsei8s5hXJ+zLaqJ2yiGXmYc > >=20 > > This breaks the current logic for detecting key fingerprints in cygport= 's > > lib/pkg_upload.cygpart. The attached patch fixes the problem. (You mi= ght know > > a more precise regex for the base64-encoded hash value than I do. I co= uldn't > > find any documentation of it anywhere, and just settled for > >=20 > > SHA256:.{44} >=20 > There's another problem: this is new to 6.8; any out-of-date Cygwin > systems, or even current RHEL or Fedora 21 systems, won't have this, nor > do they support the -E flag which could be used to specify md5. >=20 > Any thoughts on a better regex or on keeping compatibility with other > systems? Right, OK. See the attached revised patch, which uses [0-9a-f]{2}(:[0-9a-f]{2}){15}|SHA256:.{44} to detect the key fingerprint. The left side is the same as now, for pre-6= .8 systems, which use MD5 without a label. The right side is for version 6.8 = and later, where the default is SHA256 with the label 'SHA256:' prepended. So = this should cover all cases. Andrew ----=_5gakmad3r5hrost44gnt89pcvhspbhjdl9.MFSBCHJLHS Content-Type: application/octet-stream; name=pkg_upload_key_fingerprint.patch Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=pkg_upload_key_fingerprint.patch Content-length: 903 LS0tIGxpYi9wa2dfdXBsb2FkLmN5Z3BhcnQJMjAxNS0wMy0yMyAwMjowNTo0 My40OTM2MjUwMDAgLTA0MDAKKysrIGxpYi9wa2dfdXBsb2FkLmN5Z3BhcnQJ MjAxNS0wNS0yNCAxMjoxNTozMS45Njk3MDA5MDAgLTA0MDAKQEAgLTc0LDcg Kzc0LDcgQEAKIAkJaWYgc3NoLWFkZCAtbCA+L2Rldi9udWxsIDI+L2Rldi9u dWxsCiAJCXRoZW4KIAkJCSMgc3NoLWFnZW50IGlzIGFscmVhZHkgcnVubmlu Zy4gR2V0IGtleSBmaW5nZXJwcmludDoKLQkJCWtleV9maW5nZXJwcmludD0k KHNzaC1rZXlnZW4gLWwgLWYgIiRTU0hfS0VZIiB8IGVncmVwIC1vICdbMC05 YS1mXXsyfSg6WzAtOWEtZl17Mn0pezE1fScpIFwKKwkJCWtleV9maW5nZXJw cmludD0kKHNzaC1rZXlnZW4gLWwgLWYgIiRTU0hfS0VZIiB8IGVncmVwIC1v ICdbMC05YS1mXXsyfSg6WzAtOWEtZl17Mn0pezE1fXxTSEEyNTY6Lns0NH0n KSBcCiAJCQl8fCBlcnJvciAiQ2FuJ3QgcmVhZCBrZXkgZmluZ2VycHJpbnQg b2YgJHtTU0hfS0VZfS4gTm90IGEgcHJpdmF0ZSBrZXkgZmlsZSwgb3IgY29y cmVzcG9uZGluZyBwdWJsaWMga2V5IGZpbGUgaXMgbWlzc2luZz8iCiAKIAkJ CSMgTG9hZCBrZXkgaW50byBzc2gtYWdlbnQsIGlmIGl0J3Mgbm90IGFscmVh ZHkgbG9hZGVkIChwcm9tcHRzIGZvciBwYXNzcGhyYXNlKToK ----=_5gakmad3r5hrost44gnt89pcvhspbhjdl9.MFSBCHJLHS--