[bug#33067] [PATCH] gnu: libssh: Update to 0.7.6 [fixes CVE-2018-10933].

[Leo Famulari]

This update should be tested with users of guile-ssh.

Also, Ludo, the bug report of the patch removed here is no longer online
(they have a new bug tracker at <https://bugs.libssh.org/>). The patch
doesn't apply, but since I can't read the bug report, I don't know if
the problem is fixed upstream, or if we should adapt our patch.

* gnu/packages/ssh.scm (libssh): Update to 0.7.6.
[source]: Remove 'libssh-hostname-parser-bug.patch'.
* gnu/packages/patches/libssh-hostname-parser-bug.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/local.mk                                  |  1 -
 .../patches/libssh-hostname-parser-bug.patch  | 31 ---------
 gnu/packages/ssh.scm                          | 63 +++++++++----------
 3 files changed, 29 insertions(+), 66 deletions(-)
 delete mode 100644 gnu/packages/patches/libssh-hostname-parser-bug.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index b8248e8da..8171fb2db 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -901,7 +901,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch        \
   %D%/packages/patches/libsndfile-CVE-2017-8362.patch          \
   %D%/packages/patches/libsndfile-CVE-2017-12562.patch         \
-  %D%/packages/patches/libssh-hostname-parser-bug.patch                \
   %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch     \
   %D%/packages/patches/libtar-CVE-2013-4420.patch              \
   %D%/packages/patches/libtheora-config-guess.patch            \
diff --git a/gnu/packages/patches/libssh-hostname-parser-bug.patch 
b/gnu/packages/patches/libssh-hostname-parser-bug.patch
deleted file mode 100644
index 69f46cbdd..000000000
--- a/gnu/packages/patches/libssh-hostname-parser-bug.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Fix "Hostname" parsing in OpenSSH config files, as reported
-at <https://red.libssh.org/issues/260>.
-
-From: Niels Ole Salscheider <address@hidden>
-Date: Mon, 8 May 2017 17:36:13 +0200
-Subject: [PATCH] Fix reading of the first parameter
-
-This is a fixup for 7b8b5eb4eac314a3a29be812bef0264c6611f6e7.
-Previously, it would return as long as the parameter was _not_ seen
-before. It also did not handle the case for the unsupported opcode (-1)
-which would cause a segfault when accessing the "seen" array.
----
- src/config.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/config.c b/src/config.c
-index 7c03b27..238a655 100644
---- a/src/config.c
-+++ b/src/config.c
-@@ -218,8 +218,9 @@ static int ssh_config_parse_line(ssh_session session, 
const char *line,
-   }
- 
-   opcode = ssh_config_get_opcode(keyword);
--  if (*parsing == 1 && opcode != SOC_HOST) {
--      if (seen[opcode] == 0) {
-+  if (*parsing == 1 && opcode != SOC_HOST &&
-+      opcode > SOC_UNSUPPORTED && opcode < SOC_END) {
-+      if (seen[opcode] == 1) {
-           return 0;
-       }
-       seen[opcode] = 1;
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 362d427a2..6ade3e55b 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -65,40 +65,35 @@
   #:use-module (srfi srfi-1))
 
 (define-public libssh
-  ;; This commit from the 'v0-7' branch contains 7 memory-management-related
-  ;; bug fixes that we'd rather have.
-  (let ((commit "239d0f75b5f909174c2ef7fb08d23bcfa6b20ba0")
-        (revision "0"))
-    (package
-      (name "libssh")
-      (version (git-version "0.7.5" revision commit))
-      (source (origin
-                (method git-fetch)
-                (uri (git-reference
-                      (url "https://git.libssh.org/projects/libssh.git";)
-                      (commit commit)))
-                (sha256
-                 (base32
-                  "01w72w1jsgs9ilj3n1gp6qkmdxr9n74i5h2nipi3x1vzm7bv8na1"))
-                (patches (search-patches "libssh-hostname-parser-bug.patch"))
-                (file-name (git-file-name name version))))
-      (build-system cmake-build-system)
-      (outputs '("out" "debug"))
-      (arguments
-       '(#:configure-flags '("-DWITH_GCRYPT=ON")
-
-         ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
-         #:tests? #f))
-      (inputs `(("zlib" ,zlib)
-                ("libgcrypt" ,libgcrypt)))
-      (synopsis "SSH client library")
-      (description
-       "libssh is a C library implementing the SSHv2 and SSHv1 protocol for
-client and server implementations.  With libssh, you can remotely execute
-programs, transfer files, and use a secure and transparent tunnel for your
-remote applications.")
-      (home-page "https://www.libssh.org";)
-      (license license:lgpl2.1+))))
+  (package
+    (name "libssh")
+    (version "0.7.6")
+    (source (origin
+              (method git-fetch)
+              (uri (git-reference
+                    (url "https://git.libssh.org/projects/libssh.git";)
+                    (commit (string-append "libssh-" version))))
+              (sha256
+               (base32
+                "0slwqa36mhyb6brdv2jvb9fxp7rvsv3ziv67kaxx615jxn52l5pa"))
+              (file-name (git-file-name name version))))
+    (build-system cmake-build-system)
+    (outputs '("out" "debug"))
+    (arguments
+     '(#:configure-flags '("-DWITH_GCRYPT=ON")
+
+       ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
+       #:tests? #f))
+    (inputs `(("zlib" ,zlib)
+              ("libgcrypt" ,libgcrypt)))
+    (synopsis "SSH client library")
+    (description
+     "libssh is a C library implementing the SSHv2 and SSHv1 protocol for 
client
+and server implementations.  With libssh, you can remotely execute programs,
+transfer files, and use a secure and transparent tunnel for your remote
+applications.")
+    (home-page "https://www.libssh.org";)
+    (license license:lgpl2.1+)))
 
 (define-public libssh2
   (package
-- 
2.19.1