From cf2a4eda225948292fa1acdb10c0e548b8b183b52a8bdfd3f6f4b36277d41129 Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Mon, 8 Oct 2007 14:50:28 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=11

---
 openssh-4.6p1-blocksigalrm.diff | 32 +++++++++++++++++++-------------
 openssh-askpass-gnome.spec      |  7 +++----
 openssh.changes                 |  5 +++++
 openssh.spec                    | 14 +++++++-------
 4 files changed, 34 insertions(+), 24 deletions(-)

diff --git a/openssh-4.6p1-blocksigalrm.diff b/openssh-4.6p1-blocksigalrm.diff
index ec7f6fb..4c7765a 100644
--- a/openssh-4.6p1-blocksigalrm.diff
+++ b/openssh-4.6p1-blocksigalrm.diff
@@ -16,27 +16,33 @@
  
  	if (level > log_level)
  		return;
-@@ -351,6 +353,15 @@
+@@ -351,6 +353,7 @@
  		pri = LOG_ERR;
  		break;
  	}
-+	/* Prevent a race between the grace_alarm
-+	 * which writes a log message and terminates
-+	 * and main sshd code that leads to deadlock 
-+	 * as syslog is not async safe.
-+	 */ 
-+	sigemptyset(&nset);
-+	sigaddset(&nset, SIGALRM);
-+	sigprocmask(SIG_BLOCK, &nset, &oset);
-+
++	
  	if (txt != NULL) {
  		snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt);
  		vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args);
-@@ -372,5 +383,7 @@
+@@ -363,6 +366,14 @@
+ 		snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
+ 		write(STDERR_FILENO, msgbuf, strlen(msgbuf));
+ 	} else {
++		/* Prevent a race between the grace_alarm
++		* which writes a log message and terminates
++		* and main sshd code that leads to deadlock 
++		* as syslog is not async safe.
++		*/ 
++		sigemptyset(&nset);
++		sigaddset(&nset, SIGALRM);
++		sigprocmask(SIG_BLOCK, &nset, &oset);
+ #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
+ 		openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
+ 		syslog_r(pri, &sdata, "%.500s", fmtbuf);
+@@ -372,5 +383,6 @@
  		syslog(pri, "%.500s", fmtbuf);
  		closelog();
  #endif
-+
++		sigprocmask(SIG_SETMASK, &oset, NULL);
  	}
-+	sigprocmask(SIG_SETMASK, &oset, NULL);
  }
diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec
index 4962c03..f7b4724 100644
--- a/openssh-askpass-gnome.spec
+++ b/openssh-askpass-gnome.spec
@@ -15,11 +15,11 @@ BuildRequires:  gtk2-devel krb5-devel opensc-devel openssh openssl-devel pam-dev
 License:        BSD 3-Clause
 Group:          Productivity/Networking/SSH
 Version:        4.6p1
-Release:        60
+Release:        67
 Requires:       openssh = %{version} openssh-askpass = %{version}
-Autoreqprov:    on
+AutoReqProv:    on
 Summary:        A GNOME-Based Passphrase Dialog for OpenSSH
-URL:            http://www.openssh.com/
+Url:            http://www.openssh.com/
 %define _name openssh
 Source:         %{_name}-%{version}.tar.bz2
 Patch:          %{_name}-%{version}.dif
@@ -109,7 +109,6 @@ rm -rf $RPM_BUILD_ROOT
 %files
 %defattr(-,root,root)
 %attr(0755,root,root) /usr/%_lib/ssh/gnome-ssh-askpass
-
 %changelog
 * Tue Dec 12 2006 - anicka@suse.cz
 - update to 4.5p1
diff --git a/openssh.changes b/openssh.changes
index d76f5a6..28cc1a4 100644
--- a/openssh.changes
+++ b/openssh.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Oct  8 16:34:06 CEST 2007 - anicka@suse.cz
+
+- block SIGALRM only during calling syslog() [#331032] 
+
 -------------------------------------------------------------------
 Thu Sep 13 15:50:39 CEST 2007 - nadvornik@suse.cz
 
diff --git a/openssh.spec b/openssh.spec
index 1a11d39..ef46cac 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -20,19 +20,19 @@ Name:           openssh
 %define _appdefdir      %{_prefix}/share/X11/app-defaults
 %endif
 BuildRequires:  audit-devel krb5-devel opensc-devel openssl-devel pam-devel tcpd-devel xorg-x11-devel
-License:        BSD 3-Clause, X11/MIT
+License:        BSD 3-Clause; X11/MIT
 Group:          Productivity/Networking/SSH
 Obsoletes:      ssh
 Provides:       ssh
 Requires:       /bin/netstat
 PreReq:         /usr/sbin/groupadd /usr/sbin/useradd %insserv_prereq  %fillup_prereq /bin/mkdir /bin/cat permissions
 Conflicts:      nonfreessh
-Autoreqprov:    on
+AutoReqProv:    on
 Version:        4.6p1
-Release:        53
+Release:        60
 %define xversion 1.2.4.1
 Summary:        Secure Shell Client and Server (Remote Login Program)
-URL:            http://www.openssh.com/
+Url:            http://www.openssh.com/
 Source:         %{name}-%{version}.tar.bz2
 Source1:        %{name}-SuSE.tar.bz2
 Source2:        sshd.pamd
@@ -66,6 +66,7 @@ Patch44:        %{name}-%{version}-audit.patch
 Patch45:        %{name}-%{version}-challenge.patch
 Patch46:        %{name}-%{version}-untrusted-cookie-CVE-2007-4752.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+
 %package      askpass
 Summary:        A passphrase dialog for OpenSSH and the X Window System
 Requires:       openssh = %{version}
@@ -104,7 +105,6 @@ Authors:
     Tudor Bosman <tudorb@jm.nu>
     Damien Miller <djm@ibs.com.au>
 
-
 %description askpass
 Ssh (Secure  Shell) is a program for logging into a remote machine and
 for executing commands on a remote machine. This package contains an X
@@ -241,7 +241,6 @@ install -m 755 %{S:9} $RPM_BUILD_ROOT/%{_fwdefdir}/sshd
 %post
 %{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
 %run_permissions
-
 %verifyscript
 %verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
 
@@ -298,8 +297,9 @@ rm -rf $RPM_BUILD_ROOT
 %doc %_mandir/man1/ssh-askpass.1x.gz
 %doc %_mandir/man1/x11-ssh-askpass.1x.gz
 %config %_appdefdir/SshAskpass
-
 %changelog
+* Mon Oct 08 2007 - anicka@suse.cz
+- block SIGALRM only during calling syslog() [#331032]
 * Thu Sep 13 2007 - nadvornik@suse.cz
 - fixed checking of an untrusted cookie, CVE-2007-4752 [#308521]
 * Tue Aug 28 2007 - anicka@suse.cz