From 07ce1138c5cf41f596b3b8cf05fc80ef497ee503 Mon Sep 17 00:00:00 2001
From: Milan Bouchet-Valat <nalimilan@club.fr>
Date: Thu, 10 Feb 2022 19:11:46 +0100
Subject: [PATCH] Upgrade libssh2

---
 .../md5                                       |  1 +
 .../sha512                                    |  1 +
 deps/libssh2.mk                               |  6 ++++
 deps/libssh2.version                          |  4 +--
 deps/patches/libssh2-userauth-check.patch     | 30 +++++++++++++++++++
 5 files changed, 40 insertions(+), 2 deletions(-)
 create mode 100644 deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/md5
 create mode 100644 deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/sha512
 create mode 100644 deps/patches/libssh2-userauth-check.patch

diff --git a/deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/md5 b/deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/md5
new file mode 100644
index 0000000000000..f96b5116bd657
--- /dev/null
+++ b/deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/md5
@@ -0,0 +1 @@
+d0b060310da22a245fc488a300288198
diff --git a/deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/sha512 b/deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/sha512
new file mode 100644
index 0000000000000..bca28f329da25
--- /dev/null
+++ b/deps/checksums/libssh2-635caa90787220ac3773c1d5ba11f1236c22eae8.tar.gz/sha512
@@ -0,0 +1 @@
+17770f8de4f081840e765d6f7842d562e20f46972fb53a15e3c9e10421f3654a559c5dd1dfbafd7b4a0e5205d800e848b9c9c26ec1d8fc0d229d5070b6d19463
diff --git a/deps/libssh2.mk b/deps/libssh2.mk
index 990de300fac71..5c4cbf580ec1f 100644
--- a/deps/libssh2.mk
+++ b/deps/libssh2.mk
@@ -28,6 +28,12 @@ ifeq ($(LIBSSH2_ENABLE_TESTS), 0)
 LIBSSH2_OPTS += -DBUILD_TESTING=OFF
 endif
 
+
+$(BUILDDIR)/$(LIBSSH2_SRC_DIR)/deps/patches/libssh2-userauth-check.patch-applied: $(SRCCACHE)/$(LIBSSH2_SRC_DIR)/source-extracted
+	cd $(LIBSSH2_SRC_DIR) && \
+		patch -p1 -f < $(SRCDIR)/patches/libssh2-userauth-check.patch
+	echo 1 > $@
+
 $(BUILDDIR)/$(LIBSSH2_SRC_DIR)/build-configured: $(SRCCACHE)/$(LIBSSH2_SRC_DIR)/source-extracted
 	mkdir -p $(dir $@)
 	cd $(dir $@) && \
diff --git a/deps/libssh2.version b/deps/libssh2.version
index 09023514a2a51..1182a2e24e1d1 100644
--- a/deps/libssh2.version
+++ b/deps/libssh2.version
@@ -1,2 +1,2 @@
-LIBSSH2_BRANCH=libssh2-1.9.0
-LIBSSH2_SHA1=42d37aa63129a1b2644bf6495198923534322d64
+LIBSSH2_BRANCH=libssh2-1.10.0
+LIBSSH2_SHA1=2d64e90f3ded394b91d3a2e774ca203a4179f69aebee03003e5a6fa621e41d51
diff --git a/deps/patches/libssh2-userauth-check.patch b/deps/patches/libssh2-userauth-check.patch
new file mode 100644
index 0000000000000..1dc6108ebece7
--- /dev/null
+++ b/deps/patches/libssh2-userauth-check.patch
@@ -0,0 +1,30 @@
+From 37ee0aa214655b63e7869d1d74ff1ec9f9818a5e Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 17 Dec 2021 17:46:29 +0100
+Subject: [PATCH] userauth: check for too large userauth_kybd_auth_name_len
+ (#650)
+
+... before using it.
+
+Reported-by: MarcoPoloPie
+Fixes #649
+---
+ src/userauth.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/userauth.c b/src/userauth.c
+index 40ef915..caa5635 100644
+--- a/src/userauth.c
++++ b/src/userauth.c
+@@ -1769,6 +1769,11 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session,
+             if(session->userauth_kybd_data_len >= 5) {
+                 /* string    name (ISO-10646 UTF-8) */
+                 session->userauth_kybd_auth_name_len = _libssh2_ntohu32(s);
++                if(session->userauth_kybd_auth_name_len >
++                   session->userauth_kybd_data_len - 5)
++                    return _libssh2_error(session,
++                                          LIBSSH2_ERROR_OUT_OF_BOUNDARY,
++                                          "Bad keyboard auth name");
+                 s += 4;
+             }
+             else {