Accepting request 185789 from home:elvigia:branches:network

- Update for 6.2p2 - Update to version 6.2p2 * ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption * ssh(1)/sshd(8): Added support for encrypt-then-mac (EtM) MAC modes * ssh(1)/sshd(8): Added support for the UMAC-128 MAC * sshd(8): Added support for multiple required authentication * sshd(8)/ssh-keygen(1): Added support for Key Revocation Lists * ssh(1): When SSH protocol 2 only is selected (the default), ssh(1) now immediately sends its SSH protocol banner to the server without waiting to receive the server's banner, saving time when connecting. * dozens of other changes, see http://www.openssh.org/txt/release-6.2 OBS-URL: https://build.opensuse.org/request/show/185789 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=51
2013-08-05 07:15:19 +00:00 · 2013-08-05 07:15:19 +00:00 · 616ae5907d
commit 616ae5907d
parent d3a2cdd766
7 changed files with 54 additions and 44 deletions
--- a/openssh-5.9p1-audit.patch
+++ b/openssh-5.9p1-audit.patch
@ -1,31 +1,27 @@
 # add support for Linux audit (FATE #120269)
 ================================================================================
-Index: openssh-5.8p1/Makefile.in
-===================================================================
--- openssh-5.8p1.orig/Makefile.in
-+++ openssh-5.8p1/Makefile.in
-@@ -47,6 +47,7 @@ CFLAGS=@CFLAGS@
- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
- LIBS=@LIBS@
+--- openssh-6.2p2.orig/Makefile.in
+++ openssh-6.2p2/Makefile.in
+@@ -47,6 +47,7 @@ LIBS=@LIBS@
+ K5LIBS=@K5LIBS@
+ GSSLIBS=@GSSLIBS@
 SSHLIBS=@SSHLIBS@
 +LIBAUDIT=@LIBAUDIT@
 SSHDLIBS=@SSHDLIBS@
 LIBEDIT=@LIBEDIT@
 AR=@AR@
-@@ -146,7 +147,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
- 	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS)
+@@ -144,7 +145,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
+ 	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS)
 
 sshd$(EXEEXT): libssh.a	$(LIBCOMPAT) $(SSHDOBJS)
-	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS)
-+	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(LIBAUDIT)
+-	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
+	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(LIBAUDIT)
 
 scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
 	$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-Index: openssh-5.8p1/auth.c
-===================================================================
--- openssh-5.8p1.orig/auth.c
-+++ openssh-5.8p1/auth.c
-@@ -293,6 +293,12 @@ auth_log(Authctxt *authctxt, int authent
+--- openssh-6.2p2.orig/auth.c
+++ openssh-6.2p2/auth.c
+@@ -298,6 +298,12 @@ auth_log(Authctxt *authctxt, int authent
 		    get_canonical_hostname(options.use_dns), "ssh", &loginmsg);
 # endif
 #endif
@ -38,7 +34,7 @@ Index: openssh-5.8p1/auth.c
 #ifdef SSH_AUDIT_EVENTS
 	if (authenticated == 0 && !authctxt->postponed)
 		audit_event(audit_classify_auth(method));
-@@ -592,6 +598,10 @@ getpwnamallow(const char *user)
+@@ -606,6 +612,10 @@ getpwnamallow(const char *user)
 		record_failed_login(user,
 		    get_canonical_hostname(options.use_dns), "ssh");
 #endif
@ -49,11 +45,9 @@ Index: openssh-5.8p1/auth.c
 #ifdef SSH_AUDIT_EVENTS
 		audit_event(SSH_INVALID_USER);
 #endif /* SSH_AUDIT_EVENTS */
-Index: openssh-5.8p1/config.h.in
-===================================================================
--- openssh-5.8p1.orig/config.h.in
-+++ openssh-5.8p1/config.h.in
-@@ -1460,6 +1460,9 @@
+--- openssh-6.2p2.orig/config.h.in
+++ openssh-6.2p2/config.h.in
+@@ -1554,6 +1554,9 @@
 /* Define if you want SELinux support. */
 #undef WITH_SELINUX
 
@ -63,11 +57,9 @@ Index: openssh-5.8p1/config.h.in
 /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
    significant byte first (like Motorola and SPARC, unlike Intel). */
 #if defined AC_APPLE_UNIVERSAL_BUILD
-Index: openssh-5.8p1/configure.ac
-===================================================================
--- openssh-5.8p1.orig/configure.ac
-+++ openssh-5.8p1/configure.ac
-@@ -3522,6 +3522,20 @@ AC_ARG_WITH(selinux,
+--- openssh-6.2p2.orig/configure.ac
+++ openssh-6.2p2/configure.ac
+@@ -3653,6 +3653,20 @@ AC_ARG_WITH([selinux],
 AC_SUBST([SSHLIBS])
 AC_SUBST([SSHDLIBS])
 
@ -88,7 +80,7 @@ Index: openssh-5.8p1/configure.ac
 # Check whether user wants Kerberos 5 support
 KRB5_MSG="no"
 AC_ARG_WITH([kerberos5],
-@@ -4316,6 +4330,7 @@ echo "                       PAM support
+@@ -4569,6 +4583,7 @@ echo "                       PAM support
 echo "                   OSF SIA support: $SIA_MSG"
 echo "                 KerberosV support: $KRB5_MSG"
 echo "                   SELinux support: $SELINUX_MSG"
@ -96,10 +88,8 @@ Index: openssh-5.8p1/configure.ac
 echo "                 Smartcard support: $SCARD_MSG"
 echo "                     S/KEY support: $SKEY_MSG"
 echo "              TCP Wrappers support: $TCPW_MSG"
-Index: openssh-5.8p1/loginrec.c
-===================================================================
--- openssh-5.8p1.orig/loginrec.c
-+++ openssh-5.8p1/loginrec.c
+--- openssh-6.2p2.orig/loginrec.c
+++ openssh-6.2p2/loginrec.c
@@ -176,6 +176,10 @@
 #include "auth.h"
 #include "buffer.h"
@ -111,7 +101,7 @@ Index: openssh-5.8p1/loginrec.c
 #ifdef HAVE_UTIL_H
 # include <util.h>
 #endif
-@@ -202,6 +206,9 @@ int utmp_write_entry(struct logininfo *l
+@@ -198,6 +202,9 @@ int utmp_write_entry(struct logininfo *l
 int utmpx_write_entry(struct logininfo *li);
 int wtmp_write_entry(struct logininfo *li);
 int wtmpx_write_entry(struct logininfo *li);
@ -121,7 +111,7 @@ Index: openssh-5.8p1/loginrec.c
 int lastlog_write_entry(struct logininfo *li);
 int syslogin_write_entry(struct logininfo *li);
 
-@@ -442,6 +449,10 @@ login_write(struct logininfo *li)
+@@ -438,6 +445,10 @@ login_write(struct logininfo *li)
 
 	/* set the timestamp */
 	login_set_current_time(li);
@ -132,7 +122,7 @@ Index: openssh-5.8p1/loginrec.c
 #ifdef USE_LOGIN
 	syslogin_write_entry(li);
 #endif
-@@ -1406,6 +1417,87 @@ wtmpx_get_entry(struct logininfo *li)
+@@ -1402,6 +1413,87 @@ wtmpx_get_entry(struct logininfo *li)
 }
 #endif /* USE_WTMPX */
 
@ -220,10 +210,8 @@ Index: openssh-5.8p1/loginrec.c
 /**
  ** Low-level libutil login() functions
  **/
-Index: openssh-5.8p1/loginrec.h
-===================================================================
--- openssh-5.8p1.orig/loginrec.h
-+++ openssh-5.8p1/loginrec.h
+--- openssh-6.2p2.orig/loginrec.h
+++ openssh-6.2p2/loginrec.h
@@ -127,5 +127,9 @@ char *line_stripname(char *dst, const ch
 char *line_abbrevname(char *dst, const char *src, int dstsize);
 
--- a/openssh-6.1p1.tar.gz
+++ b/openssh-6.1p1.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d1c157f6c0852e90c191cc7c9018a583b51e3db4035489cb262639d337a1c411
-size 1134820
--- a/openssh-6.2p2.tar.gz
+++ b/openssh-6.2p2.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7f29b9d2ad672ae0f9e1dcbff871fc5c2e60a194e90c766432e32161b842313b
+size 1182922
--- a/openssh-askpass-gnome.changes
+++ b/openssh-askpass-gnome.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Sat Aug  3 18:12:20 UTC 2013 - crrodriguez@opensuse.org
+
+- Update for 6.2p2 
+
 -------------------------------------------------------------------
 Tue Nov 13 10:51:12 UTC 2012 - meissner@suse.com

--- a/openssh-askpass-gnome.spec
+++ b/openssh-askpass-gnome.spec
@ -26,7 +26,7 @@ BuildRequires:  openssl-devel
 BuildRequires:  pam-devel
 BuildRequires:  tcpd-devel
 BuildRequires:  update-desktop-files
-Version:        6.1p1
+Version:        6.2p2
 Release:        0
 Requires:       openssh = %{version}
 Summary:        A GNOME-Based Passphrase Dialog for OpenSSH
--- a/openssh.changes
+++ b/openssh.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Sat Aug  3 17:57:06 UTC 2013 - crrodriguez@opensuse.org
+
+- Update to version 6.2p2 
+* ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption
+* ssh(1)/sshd(8): Added support for encrypt-then-mac (EtM) MAC modes
+* ssh(1)/sshd(8): Added support for the UMAC-128 MAC
+* sshd(8): Added support for multiple required authentication
+* sshd(8)/ssh-keygen(1): Added support for Key Revocation Lists
+* ssh(1): When SSH protocol 2 only is selected (the default), ssh(1)
+  now immediately sends its SSH protocol banner to the server without
+  waiting to receive the server's banner, saving time when connecting.
+* dozens of other changes, see http://www.openssh.org/txt/release-6.2
+
 -------------------------------------------------------------------
 Mon Jul  1 18:54:31 UTC 2013 - coolo@suse.com

--- a/openssh.spec
+++ b/openssh.spec
@ -34,7 +34,7 @@ Requires:       /bin/netstat
 PreReq:         pwdutils %{insserv_prereq} %{fillup_prereq} coreutils
 Conflicts:      nonfreessh
 Recommends:     xauth
-Version:        6.1p1
+Version:        6.2p2
 Release:        0
 %define xversion 1.2.4.1
 Summary:        Secure Shell Client and Server (Remote Login Program)
@ -127,6 +127,9 @@ export CFLAGS="%{optflags} $PIEFLAGS -fstack-protector"
 export CXXFLAGS="%{optflags} $PIEFLAGS -fstack-protector"
 export LDFLAGS="-pie"
 %configure \
+%if 0%{?has_systemd}
+    --with-pid-dir=/run \
+%endif
    --with-ssl-engine \
 %if 0%{suse_version} >= 1140
    --with-libedit \