OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: r...@openpkg.org
Module: openpkg-src Date: 02-Oct-2009 13:17:30
Branch: HEAD Handle: 2009100212172801
Modified files:
openpkg-src/openssh openssh.patch openssh.patch.alias
openssh.patch.chroot openssh.patch.lpk
openssh.patch.scpbindir openssh.patch.sftplogging
openssh.patch.watchdog openssh.spec
Log:
upgrading package: openssh 5.2p1 -> 5.3p1
Summary:
Revision Changes Path
1.25 +7 -7 openpkg-src/openssh/openssh.patch
1.15 +11 -11 openpkg-src/openssh/openssh.patch.alias
1.16 +8 -8 openpkg-src/openssh/openssh.patch.chroot
1.3 +48 -48 openpkg-src/openssh/openssh.patch.lpk
1.18 +4 -4 openpkg-src/openssh/openssh.patch.scpbindir
1.17 +15 -15 openpkg-src/openssh/openssh.patch.sftplogging
1.4 +38 -38 openpkg-src/openssh/openssh.patch.watchdog
1.222 +2 -2 openpkg-src/openssh/openssh.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.patch
============================================================================
$ cvs diff -u -r1.24 -r1.25 openssh.patch
--- openpkg-src/openssh/openssh.patch 25 Feb 2009 11:30:07 -0000 1.24
+++ openpkg-src/openssh/openssh.patch 2 Oct 2009 11:17:28 -0000 1.25
@@ -1,7 +1,7 @@
Index: Makefile.in
---- Makefile.in.orig 2008-11-05 06:20:46 +0100
-+++ Makefile.in 2009-02-25 11:19:48 +0100
-@@ -232,7 +232,7 @@
+--- Makefile.in.orig 2009-08-28 02:47:38 +0200
++++ Makefile.in 2009-10-02 13:09:48 +0200
+@@ -234,7 +234,7 @@
-rm -rf autom4te.cache
(cd scard && $(MAKE) -f Makefile.in distprep)
@@ -12,7 +12,7 @@
Index: auth-pam.h
--- auth-pam.h.orig 2004-09-11 14:17:26 +0200
-+++ auth-pam.h 2009-02-25 11:19:48 +0100
++++ auth-pam.h 2009-10-02 13:09:48 +0200
@@ -28,7 +28,7 @@
#ifdef USE_PAM
@@ -23,10 +23,10 @@
void start_pam(Authctxt *);
Index: version.h
---- version.h.orig 2009-02-23 01:09:26 +0100
-+++ version.h 2009-02-25 11:19:48 +0100
+--- version.h.orig 2009-07-05 23:13:04 +0200
++++ version.h 2009-10-02 13:09:48 +0200
@@ -3,4 +3,4 @@
- #define SSH_VERSION "OpenSSH_5.2"
+ #define SSH_VERSION "OpenSSH_5.3"
#define SSH_PORTABLE "p1"
-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.patch.alias
============================================================================
$ cvs diff -u -r1.14 -r1.15 openssh.patch.alias
--- openpkg-src/openssh/openssh.patch.alias 25 Feb 2009 11:30:07 -0000
1.14
+++ openpkg-src/openssh/openssh.patch.alias 2 Oct 2009 11:17:28 -0000
1.15
@@ -1,6 +1,6 @@
Index: auth1.c
---- auth1.c.orig 2008-07-09 12:54:05 +0200
-+++ auth1.c 2009-02-25 11:20:14 +0100
+--- auth1.c.orig 2009-03-08 01:40:28 +0100
++++ auth1.c 2009-10-02 13:10:17 +0200
@@ -40,6 +40,9 @@
#endif
#include "monitor_wrap.h"
@@ -11,7 +11,7 @@
/* import */
extern ServerOptions options;
-@@ -392,6 +395,10 @@
+@@ -384,6 +387,10 @@
{
u_int ulen;
char *user, *style = NULL;
@@ -22,7 +22,7 @@
/* Get the name of the user that we wish to log in as. */
packet_read_expect(SSH_CMSG_USER);
-@@ -403,6 +410,25 @@
+@@ -395,6 +402,25 @@
if ((style = strchr(user, ':')) != NULL)
*style++ = '\0';
@@ -49,8 +49,8 @@
authctxt->style = style;
Index: auth2.c
---- auth2.c.orig 2008-11-05 06:20:46 +0100
-+++ auth2.c 2009-02-25 11:20:14 +0100
+--- auth2.c.orig 2009-06-22 08:11:07 +0200
++++ auth2.c 2009-10-02 13:10:17 +0200
@@ -49,6 +49,9 @@
#include "dispatch.h"
#include "pathnames.h"
@@ -99,8 +99,8 @@
/* setup auth context */
authctxt->pw = PRIVSEP(getpwnamallow(user));
Index: servconf.c
---- servconf.c.orig 2009-01-28 06:31:23 +0100
-+++ servconf.c 2009-02-25 12:21:31 +0100
+--- servconf.c.orig 2009-06-21 12:26:17 +0200
++++ servconf.c 2009-10-02 13:10:17 +0200
@@ -128,6 +128,9 @@
options->adm_forced_command = NULL;
options->chroot_directory = NULL;
@@ -160,7 +160,7 @@
filename, linenum, arg);
Index: servconf.h
--- servconf.h.orig 2009-01-28 06:31:23 +0100
-+++ servconf.h 2009-02-25 11:20:14 +0100
++++ servconf.h 2009-10-02 13:10:17 +0200
@@ -151,6 +151,14 @@
int num_permitted_opens;
@@ -177,8 +177,8 @@
void initialize_server_options(ServerOptions *);
Index: sshd_config.5
---- sshd_config.5.orig 2009-02-23 01:00:24 +0100
-+++ sshd_config.5 2009-02-25 11:20:14 +0100
+--- sshd_config.5.orig 2009-08-28 02:27:08 +0200
++++ sshd_config.5 2009-10-02 13:10:17 +0200
@@ -104,6 +104,15 @@
Note that disabling agent forwarding does not improve security
unless users are also denied shell access, as they can always install
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.patch.chroot
============================================================================
$ cvs diff -u -r1.15 -r1.16 openssh.patch.chroot
--- openpkg-src/openssh/openssh.patch.chroot 25 Feb 2009 11:30:07 -0000
1.15
+++ openpkg-src/openssh/openssh.patch.chroot 2 Oct 2009 11:17:28 -0000
1.16
@@ -1,6 +1,6 @@
Index: scp.c
--- scp.c.orig 2008-11-03 09:23:45 +0100
-+++ scp.c 2009-02-25 12:22:04 +0100
++++ scp.c 2009-10-02 13:10:45 +0200
@@ -140,6 +140,11 @@
/* This is the program to execute for the secured connection. ("ssh" or -S)
*/
char *ssh_program = _PATH_SSH_PROGRAM;
@@ -58,9 +58,9 @@
/* Follow "protocol", send data. */
(void) response();
Index: session.c
---- session.c.orig 2009-01-28 06:29:49 +0100
-+++ session.c 2009-02-25 12:22:04 +0100
-@@ -1539,6 +1539,25 @@
+--- session.c.orig 2009-08-20 08:20:50 +0200
++++ session.c 2009-10-02 13:10:45 +0200
+@@ -1532,6 +1532,25 @@
free(tmp);
free(chroot_path);
}
@@ -84,11 +84,11 @@
+ }
+# endif /* USE_CHROOT */
- #ifdef HAVE_LOGIN_CAP
- if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) {
+ #ifdef HAVE_SETPCRED
+ if (setpcred(pw->pw_name, (char **)NULL) == -1)
Index: sftp-server.c
---- sftp-server.c.orig 2008-07-04 06:10:19 +0200
-+++ sftp-server.c 2009-02-25 12:22:04 +0100
+--- sftp-server.c.orig 2009-08-28 02:43:13 +0200
++++ sftp-server.c 2009-10-02 13:10:45 +0200
@@ -1387,6 +1387,38 @@
logit("session opened for local user %s from [%s]",
pw->pw_name, client_addr);
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.patch.lpk
============================================================================
$ cvs diff -u -r1.2 -r1.3 openssh.patch.lpk
--- openpkg-src/openssh/openssh.patch.lpk 25 Feb 2009 11:30:07 -0000
1.2
+++ openpkg-src/openssh/openssh.patch.lpk 2 Oct 2009 11:17:28 -0000
1.3
@@ -1,18 +1,18 @@
Index: Makefile.in
---- Makefile.in.orig 2008-11-05 06:20:46 +0100
-+++ Makefile.in 2009-02-25 12:22:32 +0100
-@@ -86,7 +86,7 @@
- auth-krb5.o \
+--- Makefile.in.orig 2009-08-28 02:47:38 +0200
++++ Makefile.in 2009-10-02 13:11:31 +0200
+@@ -88,7 +88,7 @@
auth2-gss.o gss-serv.o gss-serv-krb5.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
-- audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o
-+ audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o ldapauth.o
+ audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \
+- roaming_common.o
++ roaming_common.o ldapauth.o
MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out
ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out
sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out
ssh_config.5.out
MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1
ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8
sshd_config.5 ssh_config.5
Index: README.lpk
---- /dev/null 2009-02-25 12:22:00 +0100
-+++ README.lpk 2009-02-25 12:22:32 +0100
+--- /dev/null 2009-10-02 13:11:22 +0200
++++ README.lpk 2009-10-02 13:11:08 +0200
@@ -0,0 +1,267 @@
+OpenSSH LDAP PUBLIC KEY PATCH
+Copyright (c) 2003 Eric AUGE (e...@phear.org)
@@ -283,7 +283,7 @@
+ - Andrea Barisani <and...@inversepath.com>
Index: auth-rsa.c
--- auth-rsa.c.orig 2008-07-02 14:37:30 +0200
-+++ auth-rsa.c 2009-02-25 12:22:32 +0100
++++ auth-rsa.c 2009-10-02 13:11:08 +0200
@@ -174,10 +174,96 @@
FILE *f;
u_long linenum = 0;
@@ -382,8 +382,8 @@
file = authorized_keys_file(pw);
debug("trying public RSA key file %s", file);
Index: auth2-pubkey.c
---- auth2-pubkey.c.orig 2008-07-04 04:54:25 +0200
-+++ auth2-pubkey.c 2009-02-25 12:22:32 +0100
+--- auth2-pubkey.c.orig 2009-03-08 01:40:28 +0100
++++ auth2-pubkey.c 2009-10-02 13:11:08 +0200
@@ -55,6 +55,10 @@
#include "monitor_wrap.h"
#include "misc.h"
@@ -395,7 +395,7 @@
/* import */
extern ServerOptions options;
extern u_char *session_id2;
-@@ -187,10 +191,79 @@
+@@ -183,10 +187,79 @@
u_long linenum = 0;
Key *found;
char *fp;
@@ -476,9 +476,9 @@
f = auth_openkeyfile(file, pw, options.strict_modes);
Index: config.h.in
---- config.h.in.orig 2009-02-23 01:18:12 +0100
-+++ config.h.in 2009-02-25 12:22:32 +0100
-@@ -563,6 +563,9 @@
+--- config.h.in.orig 2009-09-26 08:31:14 +0200
++++ config.h.in 2009-10-02 13:11:08 +0200
+@@ -575,6 +575,9 @@
/* Define to 1 if you have the <linux/if_tun.h> header file. */
#undef HAVE_LINUX_IF_TUN_H
@@ -489,9 +489,9 @@
#undef HAVE_LOGIN
Index: configure.ac
---- configure.ac.orig 2009-02-16 05:37:03 +0100
-+++ configure.ac 2009-02-25 12:22:32 +0100
-@@ -1314,6 +1314,37 @@
+--- configure.ac.orig 2009-09-11 06:56:08 +0200
++++ configure.ac 2009-10-02 13:11:08 +0200
+@@ -1319,6 +1319,37 @@
esac ]
)
@@ -529,7 +529,7 @@
dnl Checks for library functions. Please keep in alphabetical order
AC_CHECK_FUNCS( \
arc4random \
-@@ -4163,6 +4194,7 @@
+@@ -4229,6 +4260,7 @@
echo " Smartcard support: $SCARD_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wrappers support: $TCPW_MSG"
@@ -538,9 +538,9 @@
echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
Index: configure
---- configure.orig 2009-02-23 01:18:14 +0100
-+++ configure 2009-02-25 12:22:32 +0100
-@@ -1340,6 +1340,7 @@
+--- configure.orig 2009-09-26 08:31:15 +0200
++++ configure 2009-10-02 13:11:09 +0200
+@@ -1468,6 +1468,7 @@
--with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH)
--with-libedit[=PATH] Enable libedit support for sftp
--with-audit=module Enable EXPERIMENTAL audit support
(modules=debug,bsm)
@@ -548,7 +548,7 @@
--with-ssl-dir=PATH Specify path to OpenSSL installation
--without-openssl-header-check Disable OpenSSL version consistency check
--with-ssl-engine Enable OpenSSL (hardware) ENGINE support
-@@ -12767,6 +12768,85 @@
+@@ -13411,6 +13412,85 @@
fi
@@ -634,7 +634,7 @@
-@@ -30543,6 +30623,7 @@
+@@ -32225,6 +32305,7 @@
echo " Smartcard support: $SCARD_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wrappers support: $TCPW_MSG"
@@ -643,11 +643,11 @@
echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
Index: ldapauth.c
---- /dev/null 2009-02-25 12:22:00 +0100
-+++ ldapauth.c 2009-02-25 12:22:32 +0100
+--- /dev/null 2009-10-02 13:11:22 +0200
++++ ldapauth.c 2009-10-02 13:11:09 +0200
@@ -0,0 +1,576 @@
+/*
-+ * $Id: openssh.patch.lpk,v 1.2 2009/02/25 11:30:07 rse Exp $
++ * $Id: openssh.patch.lpk,v 1.3 2009/10/02 11:17:28 rse Exp $
+ */
+
+/*
@@ -1223,11 +1223,11 @@
+
+#endif /* WITH_LDAP_PUBKEY */
Index: ldapauth.h
---- /dev/null 2009-02-25 12:22:00 +0100
-+++ ldapauth.h 2009-02-25 12:22:32 +0100
+--- /dev/null 2009-10-02 13:11:22 +0200
++++ ldapauth.h 2009-10-02 13:11:09 +0200
@@ -0,0 +1,124 @@
+/*
-+ * $Id: openssh.patch.lpk,v 1.2 2009/02/25 11:30:07 rse Exp $
++ * $Id: openssh.patch.lpk,v 1.3 2009/10/02 11:17:28 rse Exp $
+ */
+
+/*
@@ -1351,8 +1351,8 @@
+
+#endif
Index: lpk-user-example.txt
---- /dev/null 2009-02-25 12:22:00 +0100
-+++ lpk-user-example.txt 2009-02-25 12:22:32 +0100
+--- /dev/null 2009-10-02 13:11:22 +0200
++++ lpk-user-example.txt 2009-10-02 13:11:09 +0200
@@ -0,0 +1,117 @@
+
+Post to ML -> User Made Quick Install Doc.
@@ -1472,8 +1472,8 @@
+
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Index: openssh-lpk_openldap.schema
---- /dev/null 2009-02-25 12:22:00 +0100
-+++ openssh-lpk_openldap.schema 2009-02-25 12:22:32 +0100
+--- /dev/null 2009-10-02 13:11:22 +0200
++++ openssh-lpk_openldap.schema 2009-10-02 13:11:09 +0200
@@ -0,0 +1,19 @@
+#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey
@@ -1495,8 +1495,8 @@
+ MUST ( sshPublicKey $ uid )
+ )
Index: openssh-lpk_sun.schema
---- /dev/null 2009-02-25 12:22:00 +0100
-+++ openssh-lpk_sun.schema 2009-02-25 12:22:32 +0100
+--- /dev/null 2009-10-02 13:11:22 +0200
++++ openssh-lpk_sun.schema 2009-10-02 13:11:09 +0200
@@ -0,0 +1,21 @@
+#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey
@@ -1520,8 +1520,8 @@
+ MUST ( sshPublicKey $ uid )
+ )
Index: servconf.c
---- servconf.c.orig 2009-01-28 06:31:23 +0100
-+++ servconf.c 2009-02-25 12:24:13 +0100
+--- servconf.c.orig 2009-06-21 12:26:17 +0200
++++ servconf.c 2009-10-02 13:11:59 +0200
@@ -42,6 +42,10 @@
#include "channels.h"
#include "groupaccess.h"
@@ -1623,7 +1623,7 @@
+ { _DEFAULT_STI_TOKEN, sSearchTimeout, SSHCFG_GLOBAL },
+ { _DEFAULT_LDP_TOKEN, sLdapConf, SSHCFG_GLOBAL },
+#endif
- { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL },
+ { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
{ "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
{ "permittunnel", sPermitTunnel, SSHCFG_GLOBAL },
@@ -1307,6 +1376,107 @@
@@ -1736,7 +1736,7 @@
fatal("%s line %d: Missing handler for opcode %s (%d)",
Index: servconf.h
--- servconf.h.orig 2009-01-28 06:31:23 +0100
-+++ servconf.h 2009-02-25 12:22:32 +0100
++++ servconf.h 2009-10-02 13:11:09 +0200
@@ -16,6 +16,10 @@
#ifndef SERVCONF_H
#define SERVCONF_H
@@ -1759,9 +1759,9 @@
int num_permitted_opens;
Index: sshd.c
---- sshd.c.orig 2009-01-28 06:31:23 +0100
-+++ sshd.c 2009-02-25 12:22:32 +0100
-@@ -126,6 +126,10 @@
+--- sshd.c.orig 2009-06-21 12:26:17 +0200
++++ sshd.c 2009-10-02 13:11:09 +0200
+@@ -127,6 +127,10 @@
int deny_severity;
#endif /* LIBWRAP */
@@ -1772,7 +1772,7 @@
#ifndef O_NOCTTY
#define O_NOCTTY 0
#endif
-@@ -1483,6 +1487,16 @@
+@@ -1484,6 +1488,16 @@
exit(1);
}
@@ -1790,9 +1790,9 @@
/* Store privilege separation user for later use if required. */
Index: sshd_config.5
---- sshd_config.5.orig 2009-02-23 01:00:24 +0100
-+++ sshd_config.5 2009-02-25 12:22:32 +0100
-@@ -1005,6 +1005,62 @@
+--- sshd_config.5.orig 2009-08-28 02:27:08 +0200
++++ sshd_config.5 2009-10-02 13:11:09 +0200
+@@ -1010,6 +1010,62 @@
program.
The default is
.Pa /usr/X11R6/bin/xauth .
@@ -1857,7 +1857,7 @@
.Xr sshd 8
Index: sshd_config
--- sshd_config.orig 2008-07-02 14:35:43 +0200
-+++ sshd_config 2009-02-25 12:22:32 +0100
++++ sshd_config 2009-10-02 13:11:09 +0200
@@ -109,6 +109,19 @@
# no default banner path
#Banner none
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.patch.scpbindir
============================================================================
$ cvs diff -u -r1.17 -r1.18 openssh.patch.scpbindir
--- openpkg-src/openssh/openssh.patch.scpbindir 25 Feb 2009 11:30:07
-0000 1.17
+++ openpkg-src/openssh/openssh.patch.scpbindir 2 Oct 2009 11:17:28
-0000 1.18
@@ -1,6 +1,6 @@
Index: session.c
---- session.c.orig 2009-01-28 06:29:49 +0100
-+++ session.c 2009-02-25 12:24:37 +0100
+--- session.c.orig 2009-08-20 08:20:50 +0200
++++ session.c 2009-10-02 13:12:14 +0200
@@ -101,6 +101,10 @@
c[sizeof(INTERNAL_SFTP_NAME) - 1] == ' ' || \
c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\t'))
@@ -12,7 +12,7 @@
/* func */
Session *session_new(void);
-@@ -783,6 +787,20 @@
+@@ -781,6 +785,20 @@
do_exec(Session *s, const char *command)
{
int ret;
@@ -33,7 +33,7 @@
if (options.adm_forced_command) {
original_command = command;
-@@ -819,6 +837,8 @@
+@@ -817,6 +835,8 @@
ret = do_exec_no_pty(s, command);
original_command = NULL;
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.patch.sftplogging
============================================================================
$ cvs diff -u -r1.16 -r1.17 openssh.patch.sftplogging
--- openpkg-src/openssh/openssh.patch.sftplogging 25 Feb 2009 11:30:07
-0000 1.16
+++ openpkg-src/openssh/openssh.patch.sftplogging 2 Oct 2009 11:17:28
-0000 1.17
@@ -1,6 +1,6 @@
Index: servconf.c
---- servconf.c.orig 2009-01-28 06:31:23 +0100
-+++ servconf.c 2009-02-25 12:25:26 +0100
+--- servconf.c.orig 2009-06-21 12:26:17 +0200
++++ servconf.c 2009-10-02 13:12:31 +0200
@@ -128,6 +128,12 @@
options->adm_forced_command = NULL;
options->chroot_directory = NULL;
@@ -132,7 +132,7 @@
* connect time, so that you can specify paths like:
Index: servconf.h
--- servconf.h.orig 2009-01-28 06:31:23 +0100
-+++ servconf.h 2009-02-25 12:25:01 +0100
++++ servconf.h 2009-10-02 13:12:31 +0200
@@ -34,6 +34,19 @@
#define PERMIT_NO_PASSWD 2
#define PERMIT_YES 3
@@ -167,8 +167,8 @@
void initialize_server_options(ServerOptions *);
Index: session.c
---- session.c.orig 2009-01-28 06:29:49 +0100
-+++ session.c 2009-02-25 12:25:01 +0100
+--- session.c.orig 2009-08-20 08:20:50 +0200
++++ session.c 2009-10-02 13:12:31 +0200
@@ -152,6 +152,15 @@
static int is_child = 0;
@@ -185,7 +185,7 @@
/* Name and directory of socket for authentication agent forwarding. */
static char *auth_sock_name = NULL;
static char *auth_sock_dir = NULL;
-@@ -1285,6 +1294,67 @@
+@@ -1283,6 +1292,67 @@
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
auth_sock_name);
@@ -254,8 +254,8 @@
if (options.permit_user_env && !options.use_login) {
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
Index: sftp-server.8
---- sftp-server.8.orig 2008-07-21 10:20:40 +0200
-+++ sftp-server.8 2009-02-25 12:25:01 +0100
+--- sftp-server.8.orig 2009-06-21 09:52:28 +0200
++++ sftp-server.8 2009-10-02 13:12:31 +0200
@@ -49,6 +49,20 @@
.Cm Subsystem
declaration.
@@ -278,8 +278,8 @@
for more information.
.Pp
Index: sftp-server.c
---- sftp-server.c.orig 2008-07-04 06:10:19 +0200
-+++ sftp-server.c 2009-02-25 12:25:01 +0100
+--- sftp-server.c.orig 2009-08-28 02:43:13 +0200
++++ sftp-server.c 2009-10-02 13:12:31 +0200
@@ -59,6 +59,12 @@
/* Our verbosity */
LogLevel log_level = SYSLOG_LEVEL_ERROR;
@@ -569,9 +569,9 @@
setmode(in, O_BINARY);
setmode(out, O_BINARY);
Index: sshd_config.5
---- sshd_config.5.orig 2009-02-23 01:00:24 +0100
-+++ sshd_config.5 2009-02-25 12:25:01 +0100
-@@ -539,6 +539,10 @@
+--- sshd_config.5.orig 2009-08-28 02:27:08 +0200
++++ sshd_config.5 2009-10-02 13:12:31 +0200
+@@ -544,6 +544,10 @@
DEBUG and DEBUG1 are equivalent.
DEBUG2 and DEBUG3 each specify higher levels of debugging output.
Logging with a DEBUG level violates the privacy of users and is not
recommended.
@@ -582,7 +582,7 @@
.It Cm MACs
Specifies the available MAC (message authentication code) algorithms.
The MAC algorithm is used in protocol version 2
-@@ -814,6 +818,37 @@
+@@ -819,6 +823,37 @@
.It Cm ServerKeyBits
Defines the number of bits in the ephemeral protocol version 1 server key.
The minimum value is 512, and the default is 1024.
@@ -622,7 +622,7 @@
.Xr sshd 8
Index: sshd_config
--- sshd_config.orig 2008-07-02 14:35:43 +0200
-+++ sshd_config 2009-02-25 12:25:01 +0100
++++ sshd_config 2009-10-02 13:12:31 +0200
@@ -112,6 +112,17 @@
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.patch.watchdog
============================================================================
$ cvs diff -u -r1.3 -r1.4 openssh.patch.watchdog
--- openpkg-src/openssh/openssh.patch.watchdog 25 Feb 2009 11:30:07
-0000 1.3
+++ openpkg-src/openssh/openssh.patch.watchdog 2 Oct 2009 11:17:28
-0000 1.4
@@ -4,9 +4,9 @@
http://www.sc.isc.tohoku.ac.jp/~hgot/sources/openssh-4.4p1-watchdog.patch.tgz
Index: clientloop.c
---- clientloop.c.orig 2009-02-14 06:28:21 +0100
-+++ clientloop.c 2009-02-25 12:25:48 +0100
-@@ -154,6 +154,7 @@
+--- clientloop.c.orig 2009-08-28 03:21:07 +0200
++++ clientloop.c 2009-10-02 13:12:46 +0200
+@@ -155,6 +155,7 @@
static u_int buffer_high;/* Soft max buffer size. */
static int connection_in; /* Connection to server (input). */
static int connection_out; /* Connection to server (output). */
@@ -14,7 +14,7 @@
static int need_rekeying; /* Set to non-zero if rekeying is requested. */
static int session_closed = 0; /* In SSH2: login session closed. */
-@@ -567,16 +568,19 @@
+@@ -568,16 +569,19 @@
* event pending.
*/
@@ -41,7 +41,7 @@
/*
* We have to clear the select masks, because we return.
-@@ -592,8 +596,43 @@
+@@ -593,8 +597,43 @@
snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno));
buffer_append(&stderr_buffer, buf, strlen(buf));
quit_pending = 1;
@@ -87,7 +87,7 @@
}
static void
-@@ -1311,6 +1350,7 @@
+@@ -1312,6 +1351,7 @@
debug("Entering interactive session.");
start_time = get_current_time();
@@ -96,8 +96,8 @@
/* Initialize variables. */
escape_pending1 = 0;
Index: readconf.c
---- readconf.c.orig 2009-02-14 06:28:21 +0100
-+++ readconf.c 2009-02-25 12:25:48 +0100
+--- readconf.c.orig 2009-07-05 23:12:27 +0200
++++ readconf.c 2009-10-02 13:12:46 +0200
@@ -118,7 +118,7 @@
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
@@ -115,7 +115,7 @@
{ "numberofpasswordprompts", oNumberOfPasswordPrompts },
{ "loglevel", oLogLevel },
{ "dynamicforward", oDynamicForward },
-@@ -501,6 +502,10 @@
+@@ -502,6 +503,10 @@
intptr = &options->no_host_authentication_for_localhost;
goto parse_flag;
@@ -126,7 +126,7 @@
case oNumberOfPasswordPrompts:
intptr = &options->number_of_password_prompts;
goto parse_int;
-@@ -1019,6 +1024,7 @@
+@@ -1024,6 +1029,7 @@
options->strict_host_key_checking = -1;
options->compression = -1;
options->tcp_keep_alive = -1;
@@ -134,7 +134,7 @@
options->compression_level = -1;
options->port = -1;
options->address_family = -1;
-@@ -1119,6 +1125,8 @@
+@@ -1125,6 +1131,8 @@
options->compression = 0;
if (options->tcp_keep_alive == -1)
options->tcp_keep_alive = 1;
@@ -144,8 +144,8 @@
options->compression_level = 6;
if (options->port == -1)
Index: readconf.h
---- readconf.h.orig 2009-02-14 06:28:21 +0100
-+++ readconf.h 2009-02-25 12:25:48 +0100
+--- readconf.h.orig 2009-07-05 23:12:27 +0200
++++ readconf.h 2009-10-02 13:12:46 +0200
@@ -57,6 +57,9 @@
int compression_level; /* Compression level 1 (fast) to 9
* (best). */
@@ -157,8 +157,8 @@
int port; /* Port to connect. */
Index: servconf.c
---- servconf.c.orig 2009-01-28 06:31:23 +0100
-+++ servconf.c 2009-02-25 12:25:48 +0100
+--- servconf.c.orig 2009-06-21 12:26:17 +0200
++++ servconf.c 2009-10-02 13:12:46 +0200
@@ -80,6 +80,8 @@
options->xauth_location = NULL;
options->strict_modes = -1;
@@ -214,7 +214,7 @@
goto parse_flag;
Index: servconf.h
--- servconf.h.orig 2009-01-28 06:31:23 +0100
-+++ servconf.h 2009-02-25 12:25:48 +0100
++++ servconf.h 2009-10-02 13:12:46 +0200
@@ -67,6 +67,10 @@
char *xauth_location; /* Location of xauth program */
int strict_modes; /* If true, require string home dir modes. */
@@ -227,9 +227,9 @@
char *macs; /* Supported SSH2 macs. */
int protocol; /* Supported protocol versions. */
Index: serverloop.c
---- serverloop.c.orig 2009-02-14 06:33:09 +0100
-+++ serverloop.c 2009-02-25 12:25:48 +0100
-@@ -106,6 +106,8 @@
+--- serverloop.c.orig 2009-09-09 03:07:28 +0200
++++ serverloop.c 2009-10-02 13:12:46 +0200
+@@ -107,6 +107,8 @@
static int connection_closed = 0; /* Connection to client closed. */
static u_int buffer_high; /* "Soft" max buffer size. */
static int no_more_sessions = 0; /* Disallow further sessions. */
@@ -238,7 +238,7 @@
/*
* This SIGCHLD kludge is used to detect when the child exits. The server
-@@ -280,6 +282,7 @@
+@@ -281,6 +283,7 @@
{
struct timeval tv, *tvp;
int ret;
@@ -246,7 +246,7 @@
int client_alive_scheduled = 0;
int program_alive_scheduled = 0;
-@@ -349,6 +352,19 @@
+@@ -350,6 +353,19 @@
if (max_time_milliseconds == 0 || client_alive_scheduled)
max_time_milliseconds = 100;
@@ -266,7 +266,7 @@
if (max_time_milliseconds == 0)
tvp = NULL;
else {
-@@ -376,6 +392,23 @@
+@@ -377,6 +393,23 @@
}
}
@@ -290,7 +290,7 @@
notify_done(*readsetp);
}
-@@ -556,7 +589,9 @@
+@@ -560,7 +593,9 @@
u_int max_time_milliseconds;
u_int previous_stdout_buffer_bytes;
u_int stdout_buffer_bytes;
@@ -301,7 +301,7 @@
debug("Entering interactive session.");
-@@ -623,6 +658,8 @@
+@@ -627,6 +662,8 @@
server_init_dispatch();
@@ -310,7 +310,7 @@
/* Main loop of the server for the interactive session mode. */
for (;;) {
-@@ -703,6 +740,9 @@
+@@ -707,6 +744,9 @@
cleanup_exit(255);
}
@@ -320,7 +320,7 @@
/* Process any channel events. */
channel_after_select(readset, writeset);
-@@ -712,6 +752,24 @@
+@@ -716,6 +756,24 @@
/* Process output to the client and to program stdin. */
process_output(writeset);
}
@@ -345,7 +345,7 @@
if (readset)
xfree(readset);
if (writeset)
-@@ -720,7 +778,9 @@
+@@ -724,7 +782,9 @@
/* Cleanup and termination code. */
/* Wait until all output has been sent to the client. */
@@ -356,7 +356,7 @@
debug("End of interactive session; stdin %ld, stdout (read %ld, sent
%ld), stderr %ld bytes.",
stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes);
-@@ -748,6 +808,12 @@
+@@ -752,6 +812,12 @@
/* We no longer want our SIGCHLD handler to be called. */
mysignal(SIGCHLD, SIG_DFL);
@@ -369,7 +369,7 @@
while ((wait_pid = waitpid(-1, &wait_status, 0)) < 0)
if (errno != EINTR)
packet_disconnect("wait: %.100s", strerror(errno));
-@@ -821,6 +887,7 @@
+@@ -825,6 +891,7 @@
mysignal(SIGCHLD, sigchld_handler);
child_terminated = 0;
@@ -377,7 +377,7 @@
connection_in = packet_get_connection_in();
connection_out = packet_get_connection_out();
-@@ -837,6 +904,8 @@
+@@ -841,6 +908,8 @@
server_init_dispatch();
@@ -386,7 +386,7 @@
for (;;) {
process_buffered_input_packets();
-@@ -853,6 +922,12 @@
+@@ -857,6 +926,12 @@
cleanup_exit(255);
}
@@ -400,9 +400,9 @@
if (!rekeying) {
channel_after_select(readset, writeset);
Index: ssh.1
---- ssh.1.orig 2009-02-14 06:34:05 +0100
-+++ ssh.1 2009-02-25 12:25:48 +0100
-@@ -470,6 +470,7 @@
+--- ssh.1.orig 2009-06-21 09:48:52 +0200
++++ ssh.1 2009-10-02 13:12:46 +0200
+@@ -453,6 +453,7 @@
.It GSSAPIAuthentication
.It GSSAPIDelegateCredentials
.It HashKnownHosts
@@ -412,7 +412,7 @@
.It HostKeyAlgorithms
Index: ssh_config.5
--- ssh_config.5.orig 2009-02-23 00:53:58 +0100
-+++ ssh_config.5 2009-02-25 12:25:48 +0100
++++ ssh_config.5 2009-10-02 13:12:46 +0200
@@ -500,6 +500,23 @@
will not be converted automatically,
but may be manually hashed using
@@ -438,9 +438,9 @@
Specifies whether to try rhosts based authentication with public key
authentication.
Index: sshd_config.5
---- sshd_config.5.orig 2009-02-23 01:00:24 +0100
-+++ sshd_config.5 2009-02-25 12:25:48 +0100
-@@ -934,6 +934,30 @@
+--- sshd_config.5.orig 2009-08-28 02:27:08 +0200
++++ sshd_config.5 2009-10-02 13:12:46 +0200
+@@ -939,6 +939,30 @@
escalation by containing any corruption within the unprivileged processes.
The default is
.Dq yes .
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssh/openssh.spec
============================================================================
$ cvs diff -u -r1.221 -r1.222 openssh.spec
--- openpkg-src/openssh/openssh.spec 15 May 2009 06:33:04 -0000 1.221
+++ openpkg-src/openssh/openssh.spec 2 Oct 2009 11:17:29 -0000 1.222
@@ -22,7 +22,7 @@
##
# package versions
-%define V_base 5.2
+%define V_base 5.3
%define V_portable p1
%define V_connect 100
%define V_hpn 5.2p1-hpn13v6
@@ -38,7 +38,7 @@
Group: SSH
License: BSD
Version: %{V_base}%{V_portable}
-Release: 20090515
+Release: 20091002
# package options
%option with_fsl yes
@@ .
______________________________________________________________________
OpenPKG http://openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
