rpms/openssh/devel openssh-5.1p1-cloexec.patch, 1.1, 1.2 openssh-5.1p1-nss-keys.patch, 1.1, 1.2 openssh.spec, 1.132, 1.133
Tomáš Mráz
tmraz at fedoraproject.org
Thu Dec 11 21:49:12 UTC 2008
- Previous message (by thread): rpms/anaconda/F-9 anaconda-11.4.0.83-sparc-upd-instroot-nov9vforglibc.patch, NONE, 1.1 anaconda.spec, 1.694, 1.695 anaconda-11.4.0.83-DEBUG.patch, 1.1, NONE
- Next message (by thread): rpms/gobject-introspection/devel .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/openssh/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv5578
Modified Files:
openssh-5.1p1-cloexec.patch openssh-5.1p1-nss-keys.patch
openssh.spec
Log Message:
* Thu Dec 11 2008 Tomas Mraz <tmraz at redhat.com> - 5.1p1-4
- set FD_CLOEXEC on channel sockets (#475866)
- adjust summary
- adjust nss-keys patch so it is applicable without selinux patches (#470859)
openssh-5.1p1-cloexec.patch:
Index: openssh-5.1p1-cloexec.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh-5.1p1-cloexec.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- openssh-5.1p1-cloexec.patch 23 Jul 2008 14:47:19 -0000 1.1
+++ openssh-5.1p1-cloexec.patch 11 Dec 2008 21:48:41 -0000 1.2
@@ -1,6 +1,36 @@
+diff -up openssh-5.1p1/channels.c.cloexec openssh-5.1p1/channels.c
+--- openssh-5.1p1/channels.c.cloexec 2008-12-11 22:24:49.000000000 +0100
++++ openssh-5.1p1/channels.c 2008-12-11 22:29:52.000000000 +0100
+@@ -60,6 +60,7 @@
+ #include <termios.h>
+ #include <unistd.h>
+ #include <stdarg.h>
++#include <fcntl.h>
+
+ #include "openbsd-compat/sys-queue.h"
+ #include "xmalloc.h"
+@@ -230,6 +231,18 @@ channel_register_fds(Channel *c, int rfd
+
+ /* XXX set close-on-exec -markus */
+
++ if (rfd != -1) {
++ fcntl(rfd, F_SETFD, FD_CLOEXEC);
++ }
++
++ if (wfd != -1 && wfd != rfd) {
++ fcntl(wfd, F_SETFD, FD_CLOEXEC);
++ }
++
++ if (efd != -1 && efd != rfd && efd != wfd) {
++ fcntl(efd, F_SETFD, FD_CLOEXEC);
++ }
++
+ c->rfd = rfd;
+ c->wfd = wfd;
+ c->sock = (rfd == wfd) ? rfd : -1;
diff -up openssh-5.1p1/sshconnect2.c.cloexec openssh-5.1p1/sshconnect2.c
---- openssh-5.1p1/sshconnect2.c.cloexec 2008-07-23 15:21:23.000000000 +0200
-+++ openssh-5.1p1/sshconnect2.c 2008-07-23 15:23:19.000000000 +0200
+--- openssh-5.1p1/sshconnect2.c.cloexec 2008-12-11 22:24:49.000000000 +0100
++++ openssh-5.1p1/sshconnect2.c 2008-12-11 22:24:49.000000000 +0100
@@ -38,6 +38,7 @@
#include <stdio.h>
#include <string.h>
@@ -19,7 +49,7 @@
if (dup2(from[1], STDOUT_FILENO) < 0)
diff -up openssh-5.1p1/sshconnect.c.cloexec openssh-5.1p1/sshconnect.c
--- openssh-5.1p1/sshconnect.c.cloexec 2008-07-02 14:34:30.000000000 +0200
-+++ openssh-5.1p1/sshconnect.c 2008-07-23 15:21:23.000000000 +0200
++++ openssh-5.1p1/sshconnect.c 2008-12-11 22:24:49.000000000 +0100
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <string.h>
openssh-5.1p1-nss-keys.patch:
Index: openssh-5.1p1-nss-keys.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh-5.1p1-nss-keys.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- openssh-5.1p1-nss-keys.patch 23 Jul 2008 17:33:16 -0000 1.1
+++ openssh-5.1p1-nss-keys.patch 11 Dec 2008 21:48:41 -0000 1.2
@@ -1,6 +1,6 @@
diff -up openssh-5.1p1/key.c.nss-keys openssh-5.1p1/key.c
--- openssh-5.1p1/key.c.nss-keys 2008-07-11 09:35:09.000000000 +0200
-+++ openssh-5.1p1/key.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/key.c 2008-11-18 19:11:41.000000000 +0100
@@ -96,6 +96,54 @@ key_new(int type)
return k;
}
@@ -78,7 +78,7 @@
diff -up openssh-5.1p1/ssh-dss.c.nss-keys openssh-5.1p1/ssh-dss.c
--- openssh-5.1p1/ssh-dss.c.nss-keys 2006-11-07 13:14:42.000000000 +0100
-+++ openssh-5.1p1/ssh-dss.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/ssh-dss.c 2008-11-18 19:11:41.000000000 +0100
@@ -39,6 +39,10 @@
#include "log.h"
#include "key.h"
@@ -138,7 +138,7 @@
*lenp = SIGBLOB_LEN;
diff -up openssh-5.1p1/ssh-agent.c.nss-keys openssh-5.1p1/ssh-agent.c
--- openssh-5.1p1/ssh-agent.c.nss-keys 2008-07-04 15:10:49.000000000 +0200
-+++ openssh-5.1p1/ssh-agent.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/ssh-agent.c 2008-11-18 19:11:41.000000000 +0100
@@ -80,6 +80,10 @@
#include "scard.h"
#endif
@@ -283,7 +283,7 @@
error("Unknown message %d", type);
diff -up openssh-5.1p1/authfd.h.nss-keys openssh-5.1p1/authfd.h
--- openssh-5.1p1/authfd.h.nss-keys 2006-08-05 04:39:39.000000000 +0200
-+++ openssh-5.1p1/authfd.h 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/authfd.h 2008-11-18 19:11:41.000000000 +0100
@@ -49,6 +49,12 @@
#define SSH2_AGENTC_ADD_ID_CONSTRAINED 25
#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
@@ -307,10 +307,10 @@
int
ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
diff -up openssh-5.1p1/configure.ac.nss-keys openssh-5.1p1/configure.ac
---- openssh-5.1p1/configure.ac.nss-keys 2008-07-23 19:16:00.000000000 +0200
-+++ openssh-5.1p1/configure.ac 2008-07-23 19:16:00.000000000 +0200
-@@ -3328,6 +3328,20 @@ AC_ARG_WITH(linux-audit,
- fi ]
+--- openssh-5.1p1/configure.ac.nss-keys 2008-11-18 19:11:41.000000000 +0100
++++ openssh-5.1p1/configure.ac 2008-11-18 19:12:38.000000000 +0100
+@@ -3436,6 +3436,20 @@ AC_ARG_WITH(kerberos5,
+ ]
)
+# Check whether user wants NSS support
@@ -327,20 +327,20 @@
+ ])
+AC_SUBST(LIBNSS)
+
- # Check whether user wants Kerberos 5 support
- KRB5_MSG="no"
- AC_ARG_WITH(kerberos5,
-@@ -4157,6 +4171,7 @@ echo " OSF SIA support
- echo " KerberosV support: $KRB5_MSG"
- echo " SELinux support: $SELINUX_MSG"
- echo " Linux audit support: $LINUX_AUDIT_MSG"
+ # Looking for programs, paths and files
+
+ PRIVSEP_PATH=/var/empty
+@@ -4163,6 +4177,7 @@ echo " TCP Wrappers support
+ echo " MD5 password support: $MD5_MSG"
+ echo " libedit support: $LIBEDIT_MSG"
+ echo " Solaris process contract support: $SPC_MSG"
+echo " NSS support: $LIBNSS_MSG"
- echo " Smartcard support: $SCARD_MSG"
- echo " S/KEY support: $SKEY_MSG"
- echo " TCP Wrappers support: $TCPW_MSG"
+ echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
+ echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
+ echo " BSD Auth support: $BSD_AUTH_MSG"
diff -up /dev/null openssh-5.1p1/README.nss
---- /dev/null 2008-07-15 11:15:04.125063641 +0200
-+++ openssh-5.1p1/README.nss 2008-07-23 19:16:00.000000000 +0200
+--- /dev/null 2008-11-17 17:51:52.160001870 +0100
++++ openssh-5.1p1/README.nss 2008-11-18 19:11:41.000000000 +0100
@@ -0,0 +1,36 @@
+How to use NSS tokens with OpenSSH?
+
@@ -380,7 +380,7 @@
+ $ ssh-keygen -n -D 'My PKCS11 Token' 'My Key ID'
diff -up openssh-5.1p1/authfd.c.nss-keys openssh-5.1p1/authfd.c
--- openssh-5.1p1/authfd.c.nss-keys 2006-09-01 07:38:36.000000000 +0200
-+++ openssh-5.1p1/authfd.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/authfd.c 2008-11-18 19:11:41.000000000 +0100
@@ -626,6 +626,45 @@ ssh_update_card(AuthenticationConnection
return decode_reply(type);
}
@@ -429,7 +429,7 @@
* by normal applications.
diff -up openssh-5.1p1/readconf.h.nss-keys openssh-5.1p1/readconf.h
--- openssh-5.1p1/readconf.h.nss-keys 2008-06-29 16:04:03.000000000 +0200
-+++ openssh-5.1p1/readconf.h 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/readconf.h 2008-11-18 19:11:41.000000000 +0100
@@ -84,6 +84,8 @@ typedef struct {
char *preferred_authentications;
char *bind_address; /* local socket address for connection to sshd */
@@ -440,8 +440,8 @@
int num_identity_files; /* Number of files for RSA/DSA identities. */
diff -up /dev/null openssh-5.1p1/nsskeys.c
---- /dev/null 2008-07-15 11:15:04.125063641 +0200
-+++ openssh-5.1p1/nsskeys.c 2008-07-23 19:16:00.000000000 +0200
+--- /dev/null 2008-11-17 17:51:52.160001870 +0100
++++ openssh-5.1p1/nsskeys.c 2008-11-18 19:11:41.000000000 +0100
@@ -0,0 +1,327 @@
+/*
+ * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -772,7 +772,7 @@
+#endif /* HAVE_LIBNSS */
diff -up openssh-5.1p1/ssh.c.nss-keys openssh-5.1p1/ssh.c
--- openssh-5.1p1/ssh.c.nss-keys 2008-07-04 04:53:50.000000000 +0200
-+++ openssh-5.1p1/ssh.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/ssh.c 2008-11-18 19:11:41.000000000 +0100
@@ -104,6 +104,9 @@
#ifdef SMARTCARD
#include "scard.h"
@@ -825,8 +825,8 @@
fatal("load_public_identity_files: getpwuid failed");
pwname = xstrdup(pw->pw_name);
diff -up /dev/null openssh-5.1p1/nsskeys.h
---- /dev/null 2008-07-15 11:15:04.125063641 +0200
-+++ openssh-5.1p1/nsskeys.h 2008-07-23 19:16:00.000000000 +0200
+--- /dev/null 2008-11-17 17:51:52.160001870 +0100
++++ openssh-5.1p1/nsskeys.h 2008-11-18 19:11:41.000000000 +0100
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -869,7 +869,7 @@
+#endif
diff -up openssh-5.1p1/Makefile.in.nss-keys openssh-5.1p1/Makefile.in
--- openssh-5.1p1/Makefile.in.nss-keys 2008-07-08 16:21:12.000000000 +0200
-+++ openssh-5.1p1/Makefile.in 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/Makefile.in 2008-11-18 19:11:41.000000000 +0100
@@ -71,7 +71,7 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o b
atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \
@@ -881,7 +881,7 @@
sshconnect.o sshconnect1.o sshconnect2.o mux.o
diff -up openssh-5.1p1/key.h.nss-keys openssh-5.1p1/key.h
--- openssh-5.1p1/key.h.nss-keys 2008-06-12 20:40:35.000000000 +0200
-+++ openssh-5.1p1/key.h 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/key.h 2008-11-18 19:11:41.000000000 +0100
@@ -29,11 +29,17 @@
#include <openssl/rsa.h>
#include <openssl/dsa.h>
@@ -933,7 +933,7 @@
int key_equal(const Key *, const Key *);
diff -up openssh-5.1p1/ssh-add.c.nss-keys openssh-5.1p1/ssh-add.c
--- openssh-5.1p1/ssh-add.c.nss-keys 2008-02-28 09:13:52.000000000 +0100
-+++ openssh-5.1p1/ssh-add.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/ssh-add.c 2008-11-18 19:11:41.000000000 +0100
@@ -44,6 +44,14 @@
#include <openssl/evp.h>
#include "openbsd-compat/openssl-compat.h"
@@ -1162,7 +1162,7 @@
struct passwd *pw;
diff -up openssh-5.1p1/ssh-rsa.c.nss-keys openssh-5.1p1/ssh-rsa.c
--- openssh-5.1p1/ssh-rsa.c.nss-keys 2006-09-01 07:38:37.000000000 +0200
-+++ openssh-5.1p1/ssh-rsa.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/ssh-rsa.c 2008-11-18 19:11:41.000000000 +0100
@@ -32,6 +32,10 @@
#include "compat.h"
#include "ssh.h"
@@ -1235,7 +1235,7 @@
buffer_put_cstring(&b, "ssh-rsa");
diff -up openssh-5.1p1/ssh-keygen.c.nss-keys openssh-5.1p1/ssh-keygen.c
--- openssh-5.1p1/ssh-keygen.c.nss-keys 2008-07-14 03:28:29.000000000 +0200
-+++ openssh-5.1p1/ssh-keygen.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/ssh-keygen.c 2008-11-18 19:11:41.000000000 +0100
@@ -53,6 +53,11 @@
#include "scard.h"
#endif
@@ -1339,7 +1339,7 @@
if (download)
diff -up openssh-5.1p1/readconf.c.nss-keys openssh-5.1p1/readconf.c
--- openssh-5.1p1/readconf.c.nss-keys 2008-06-29 16:04:03.000000000 +0200
-+++ openssh-5.1p1/readconf.c 2008-07-23 19:16:00.000000000 +0200
++++ openssh-5.1p1/readconf.c 2008-11-18 19:11:41.000000000 +0100
@@ -124,6 +124,7 @@ typedef enum {
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.132
retrieving revision 1.133
diff -u -r1.132 -r1.133
--- openssh.spec 17 Oct 2008 08:34:36 -0000 1.132
+++ openssh.spec 11 Dec 2008 21:48:41 -0000 1.133
@@ -60,10 +60,10 @@
%define libedit 0
%endif
-Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
+Summary: An open source implementation of SSH protocol versions 1 and 2
Name: openssh
Version: 5.1p1
-Release: 3%{?dist}%{?rescue_rel}
+Release: 4%{?dist}%{?rescue_rel}
URL: http://www.openssh.com/portable.html
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
@@ -148,12 +148,12 @@
BuildRequires: xauth
%package clients
-Summary: The OpenSSH client applications
+Summary: An open source SSH client applications
Requires: openssh = %{version}-%{release}
Group: Applications/Internet
%package server
-Summary: The OpenSSH server daemon
+Summary: An open source SSH server daemon
Group: System Environment/Daemons
Requires: openssh = %{version}-%{release}
Requires(post): chkconfig >= 0.9, /sbin/service
@@ -175,8 +175,7 @@
arbitrary TCP/IP ports can also be forwarded over the secure channel.
OpenSSH is OpenBSD's version of the last free version of SSH, bringing
-it up to date in terms of security and features, as well as removing
-all patented algorithms to separate libraries.
+it up to date in terms of security and features.
This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
@@ -186,14 +185,12 @@
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.
-You'll also need to install the openssh package on OpenSSH clients.
%description server
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
the secure shell daemon (sshd). The sshd daemon allows SSH clients to
-securely connect to your SSH server. You also need to have the openssh
-package installed.
+securely connect to your SSH server.
%description askpass
OpenSSH is a free version of SSH (Secure SHell), a program for logging
@@ -482,6 +479,11 @@
%endif
%changelog
+* Thu Dec 11 2008 Tomas Mraz <tmraz at redhat.com> - 5.1p1-4
+- set FD_CLOEXEC on channel sockets (#475866)
+- adjust summary
+- adjust nss-keys patch so it is applicable without selinux patches (#470859)
+
* Fri Oct 17 2008 Tomas Mraz <tmraz at redhat.com> - 5.1p1-3
- fix compatibility with some servers (#466818)
- Previous message (by thread): rpms/anaconda/F-9 anaconda-11.4.0.83-sparc-upd-instroot-nov9vforglibc.patch, NONE, 1.1 anaconda.spec, 1.694, 1.695 anaconda-11.4.0.83-DEBUG.patch, 1.1, NONE
- Next message (by thread): rpms/gobject-introspection/devel .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list