According to repology.org: RHEL-8: 0.9.4 RHEL-9: 0.9.6 Debian 11: 0.9.5 openSUSE Leap 15.3: 0.8.7 Ubuntu 20.04: 0.9.3 And the rest of distros has something newer anyways. Requiring 0.8.1 or newer allows us to drop the terrible hack where we rename functions at meson level using #define. Note, 0.8.0 is the version of libssh where the rename happened. It also allows us to stick with SHA-256 hash algorithm for public keys. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt; --- v2 of: https://listman.redhat.com/archives/libvir-list/2022-September/234296.html diff to v1: - Require even newer version so that more code can be dropped. libvirt.spec.in | 2 +- meson.build | 15 +-------------- src/rpc/virnetlibsshsession.c | 8 +------- 3 files changed, 3 insertions(+), 22 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index b199c624b8..654057bf57 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -378,7 +378,7 @@ BuildRequires: wireshark-devel %endif %if %{with_libssh} -BuildRequires: libssh-devel >= 0.7.0 +BuildRequires: libssh-devel >= 0.8.1 %endif BuildRequires: rpcgen diff --git a/meson.build b/meson.build index ed9f4b3f70..24b12515c2 100644 --- a/meson.build +++ b/meson.build @@ -1025,24 +1025,11 @@ else libpcap_dep = dependency('', required: false) endif -libssh_version = '0.7' +libssh_version = '0.8.1' if conf.has('WITH_REMOTE') libssh_dep = dependency('libssh', version: '>=' + libssh_version, required: get_option('libssh')) if libssh_dep.found() conf.set('WITH_LIBSSH', 1) - - # Check if new functions exists, if not redefine them with old deprecated ones. - # List of [ new_function, deprecated_function ]. - functions = [ - [ 'ssh_get_server_publickey', 'ssh_get_publickey' ], - [ 'ssh_session_is_known_server', 'ssh_is_server_known' ], - [ 'ssh_session_update_known_hosts', 'ssh_write_knownhost' ], - ] - foreach name : functions - if not cc.has_function(name[0], dependencies: libssh_dep) - conf.set(name[0], name[1]) - endif - endforeach endif else libssh_dep = dependency('', required: false) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index a3adc85728..b1420bea2c 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -39,12 +39,6 @@ VIR_LOG_INIT("rpc.netlibsshsession"); #define VIR_NET_LIBSSH_BUFFER_SIZE 1024 -#if LIBSSH_VERSION_INT < SSH_VERSION_INT(0, 8, 1) -# define VIR_SSH_HOSTKEY_HASH SSH_PUBLICKEY_HASH_SHA1 -#else -# define VIR_SSH_HOSTKEY_HASH SSH_PUBLICKEY_HASH_SHA256 -#endif - /* TRACE_LIBSSH=<level> enables tracing in libssh itself. * The meaning of <level> is described here: * https://api.libssh.org/master/group__libssh__log.html @@ -212,7 +206,7 @@ virLibsshServerKeyAsString(virNetLibsshSession *sess) /* calculate remote key hash, using SHA256 algorithm that is * the default in modern OpenSSH, fallback to SHA1 for older * libssh. The returned value must be freed */ - ret = ssh_get_publickey_hash(key, VIR_SSH_HOSTKEY_HASH, + ret = ssh_get_publickey_hash(key, SSH_PUBLICKEY_HASH_SHA256, &keyhash, &keyhashlen); ssh_key_free(key); if (ret < 0) { -- 2.35.1