Accepting request 60194 from network

Accepted submit request 60194 from user msmeissn OBS-URL: https://build.opensuse.org/request/show/60194 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=64
2011-02-07 21:10:35 +00:00 · 2011-02-07 21:10:35 +00:00 · 8ac25c6b62
commit 8ac25c6b62
parent c5919dcc2b ceda754f5a
26 changed files with 115 additions and 254 deletions
--- a/openssh-5.7p1-selinux.diff
+++ b/openssh-5.7p1-selinux.diff
@ -1,173 +0,0 @@
 Index: openssh-5.7p1/ChangeLog
 ===================================================================
 --- openssh-5.7p1.orig/ChangeLog
 +++ openssh-5.7p1/ChangeLog
@@ -1,3 +1,10 @@
 +20110125
 + - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
 +   openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
 +   port-linux.c to avoid compilation errors. Add -lselinux to ssh when
 +   building with SELinux support to avoid linking failure; report from
 +   amk AT spamfence.net; ok dtucker
 +
 20110122
  - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
    RSA_get_default_method() for the benefit of openssl versions that don't
 Index: openssh-5.7p1/configure.ac
 ===================================================================
 --- openssh-5.7p1.orig/configure.ac
 +++ openssh-5.7p1/configure.ac
@@ -1,4 +1,4 @@
 -# $Id: configure.ac,v 1.469 2011/01/21 22:37:05 dtucker Exp $
 +# $Id: configure.ac,v 1.470 2011/01/25 01:16:17 djm Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
 -AC_REVISION($Revision: 1.469 $)
 +AC_REVISION($Revision: 1.470 $)
 AC_CONFIG_SRCDIR([ssh.c])
 # local macros
@@ -737,7 +737,6 @@ mips-sony-bsd|mips-sony-newsos4)
 			[ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
 				[Define if you have Solaris process contracts])
 			  SSHDLIBS="$SSHDLIBS -lcontract"
 -			  AC_SUBST(SSHDLIBS)
 			  SPC_MSG="yes" ], )
 		],
 	)
@@ -748,7 +747,6 @@ mips-sony-bsd|mips-sony-newsos4)
 			[ AC_DEFINE(USE_SOLARIS_PROJECTS, 1,
 				[Define if you have Solaris projects])
 			SSHDLIBS="$SSHDLIBS -lproject"
 -			AC_SUBST(SSHDLIBS)
 			SP_MSG="yes" ], )
 		],
 	)
@@ -3515,11 +3513,14 @@ AC_ARG_WITH(selinux,
 			  LIBS="$LIBS -lselinux"
 			],
 			AC_MSG_ERROR(SELinux support requires libselinux library))
 +		SSHLIBS="$SSHLIBS $LIBSELINUX"
 		SSHDLIBS="$SSHDLIBS $LIBSELINUX"
 		AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
 		LIBS="$save_LIBS"
 	fi ]
 )
 +AC_SUBST(SSHLIBS)
 +AC_SUBST(SSHDLIBS)
 # Check whether user wants Linux audit support
 LINUX_AUDIT_MSG="no"
@@ -4356,6 +4357,9 @@ echo "         Libraries: ${LIBS}"
 if test ! -z "${SSHDLIBS}"; then
 echo "         +for sshd: ${SSHDLIBS}"
 fi
 +if test ! -z "${SSHLIBS}"; then
 +echo "          +for ssh: ${SSHLIBS}"
 +fi
 echo ""
 Index: openssh-5.7p1/Makefile.in
 ===================================================================
 --- openssh-5.7p1.orig/Makefile.in
 +++ openssh-5.7p1/Makefile.in
@@ -1,4 +1,4 @@
 -# $Id: Makefile.in,v 1.320 2011/01/17 10:15:29 dtucker Exp $
 +# $Id: Makefile.in,v 1.321 2011/01/25 01:16:16 djm Exp $
 # uncomment if you run a non bourne compatable shell. Ie. csh
 #SHELL = @SH@
@@ -47,6 +47,7 @@ CFLAGS=@CFLAGS@
 CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
 LIBS=@LIBS@
 LIBAUDIT=@LIBAUDIT@
 +SSHLIBS=@SSHLIBS@
 SSHDLIBS=@SSHDLIBS@
 LIBEDIT=@LIBEDIT@
 AR=@AR@
@@ -143,7 +144,7 @@ libssh.a: $(LIBSSH_OBJS)
 	$(RANLIB) $@
 ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
 -	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 +	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS)
 sshd$(EXEEXT): libssh.a	$(LIBCOMPAT) $(SSHDOBJS)
 	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(LIBAUDIT)
 Index: openssh-5.7p1/openbsd-compat/port-linux.c
 ===================================================================
 --- openssh-5.7p1.orig/openbsd-compat/port-linux.c
 +++ openssh-5.7p1/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
 -/* $Id: port-linux.c,v 1.11 2011/01/17 07:50:24 dtucker Exp $ */
 +/* $Id: port-linux.c,v 1.12 2011/01/25 01:16:18 djm Exp $ */
 /*
  * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -205,6 +205,20 @@ ssh_selinux_change_context(const char *n
 	xfree(oldctx);
 	xfree(newctx);
 }
 +
 +void
 +ssh_selinux_setfscreatecon(const char *path)
 +{
 +		security_context_t context;
 +
 +		if (path == NULL) {
 +			setfscreatecon(NULL);
 +			return;
 +		}
 +		matchpathcon(path, 0700, &context);
 +		setfscreatecon(context);
 +}
 +
 #endif /* WITH_SELINUX */
 #ifdef LINUX_OOM_ADJUST
 Index: openssh-5.7p1/openbsd-compat/port-linux.h
 ===================================================================
 --- openssh-5.7p1.orig/openbsd-compat/port-linux.h
 +++ openssh-5.7p1/openbsd-compat/port-linux.h
@@ -1,4 +1,4 @@
 -/* $Id: port-linux.h,v 1.4 2009/12/08 02:39:48 dtucker Exp $ */
 +/* $Id: port-linux.h,v 1.5 2011/01/25 01:16:18 djm Exp $ */
 /*
  * Copyright (c) 2006 Damien Miller <djm@openbsd.org>
@@ -24,6 +24,7 @@ int ssh_selinux_enabled(void);
 void ssh_selinux_setup_pty(char *, const char *);
 void ssh_selinux_setup_exec_context(char *);
 void ssh_selinux_change_context(const char *);
 +void ssh_selinux_setfscreatecon(const char *);
 #endif
 #ifdef LINUX_OOM_ADJUST
 Index: openssh-5.7p1/ssh.c
 ===================================================================
 --- openssh-5.7p1.orig/ssh.c
 +++ openssh-5.7p1/ssh.c
@@ -857,15 +857,12 @@ main(int ac, char **av)
 	    strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
 	if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
 #ifdef WITH_SELINUX
 -		char *scon;
 -
 -		matchpathcon(buf, 0700, &scon);
 -		setfscreatecon(scon);
 +		ssh_selinux_setfscreatecon(buf);
 #endif
 		if (mkdir(buf, 0700) < 0)
 			error("Could not create directory '%.200s'.", buf);
 #ifdef WITH_SELINUX
 -		setfscreatecon(NULL);
 +		ssh_selinux_setfscreatecon(NULL);
 #endif
 	}
 	/* load options.identity_files */
--- a/openssh-5.7p1.tar.bz2
+++ b/openssh-5.7p1.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:e8e4d63cbfdd0c97f8856693b4412e0bda78bb152ec1cb6f426193dc16d412c3
 size 894451
--- a/openssh-5.8p1-askpass-fix.diff
+++ b/openssh-5.8p1-askpass-fix.diff
--- a/openssh-5.8p1-audit.patch
+++ b/openssh-5.8p1-audit.patch
@ -1,19 +1,19 @@
 # add support for Linux audit (FATE #120269)
 ================================================================================
-Index: openssh-5.7p1/Makefile.in
+Index: openssh-5.8p1/Makefile.in
 ===================================================================
--- openssh-5.7p1.orig/Makefile.in
+--- openssh-5.8p1.orig/Makefile.in
-+++ openssh-5.7p1/Makefile.in
+++ openssh-5.8p1/Makefile.in
-@@ -46,6 +46,7 @@ LD=@LD@
+@@ -47,6 +47,7 @@ CFLAGS=@CFLAGS@
 CFLAGS=@CFLAGS@
 CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
 LIBS=@LIBS@
 SSHLIBS=@SSHLIBS@
 +LIBAUDIT=@LIBAUDIT@
 SSHDLIBS=@SSHDLIBS@
 LIBEDIT=@LIBEDIT@
 AR=@AR@
-@@ -145,7 +146,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
+@@ -146,7 +147,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
- 	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ 	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS)
 sshd$(EXEEXT): libssh.a	$(LIBCOMPAT) $(SSHDOBJS)
 -	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS)
@ -21,10 +21,10 @@ Index: openssh-5.7p1/Makefile.in
 scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
 	$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-Index: openssh-5.7p1/auth.c
+Index: openssh-5.8p1/auth.c
 ===================================================================
--- openssh-5.7p1.orig/auth.c
+--- openssh-5.8p1.orig/auth.c
-+++ openssh-5.7p1/auth.c
+++ openssh-5.8p1/auth.c
@@ -293,6 +293,12 @@ auth_log(Authctxt *authctxt, int authent
 		    get_canonical_hostname(options.use_dns), "ssh", &loginmsg);
 # endif
@ -49,10 +49,10 @@ Index: openssh-5.7p1/auth.c
 #ifdef SSH_AUDIT_EVENTS
 		audit_event(SSH_INVALID_USER);
 #endif /* SSH_AUDIT_EVENTS */
-Index: openssh-5.7p1/config.h.in
+Index: openssh-5.8p1/config.h.in
 ===================================================================
--- openssh-5.7p1.orig/config.h.in
+--- openssh-5.8p1.orig/config.h.in
-+++ openssh-5.7p1/config.h.in
+++ openssh-5.8p1/config.h.in
@@ -1460,6 +1460,9 @@
 /* Define if you want SELinux support. */
 #undef WITH_SELINUX
@ -63,13 +63,13 @@ Index: openssh-5.7p1/config.h.in
 /* Define to 1 if your processor stores words with the most significant byte
    first (like Motorola and SPARC, unlike Intel and VAX). */
 #undef WORDS_BIGENDIAN
-Index: openssh-5.7p1/configure.ac
+Index: openssh-5.8p1/configure.ac
 ===================================================================
--- openssh-5.7p1.orig/configure.ac
+--- openssh-5.8p1.orig/configure.ac
-+++ openssh-5.7p1/configure.ac
+++ openssh-5.8p1/configure.ac
-@@ -3521,6 +3521,20 @@ AC_ARG_WITH(selinux,
+@@ -3522,6 +3522,20 @@ AC_ARG_WITH(selinux,
- 	fi ]
+ AC_SUBST(SSHLIBS)
- )
+ AC_SUBST(SSHDLIBS)
 +# Check whether user wants Linux audit support
 +LINUX_AUDIT_MSG="no"
@ -88,7 +88,7 @@ Index: openssh-5.7p1/configure.ac
 # Check whether user wants Kerberos 5 support
 KRB5_MSG="no"
 AC_ARG_WITH(kerberos5,
-@@ -4315,6 +4329,7 @@ echo "                       PAM support
+@@ -4316,6 +4330,7 @@ echo "                       PAM support
 echo "                   OSF SIA support: $SIA_MSG"
 echo "                 KerberosV support: $KRB5_MSG"
 echo "                   SELinux support: $SELINUX_MSG"
@ -96,10 +96,10 @@ Index: openssh-5.7p1/configure.ac
 echo "                 Smartcard support: $SCARD_MSG"
 echo "                     S/KEY support: $SKEY_MSG"
 echo "              TCP Wrappers support: $TCPW_MSG"
-Index: openssh-5.7p1/loginrec.c
+Index: openssh-5.8p1/loginrec.c
 ===================================================================
--- openssh-5.7p1.orig/loginrec.c
+--- openssh-5.8p1.orig/loginrec.c
-+++ openssh-5.7p1/loginrec.c
+++ openssh-5.8p1/loginrec.c
@@ -176,6 +176,10 @@
 #include "auth.h"
 #include "buffer.h"
@ -220,10 +220,10 @@ Index: openssh-5.7p1/loginrec.c
 /**
  ** Low-level libutil login() functions
  **/
-Index: openssh-5.7p1/loginrec.h
+Index: openssh-5.8p1/loginrec.h
 ===================================================================
--- openssh-5.7p1.orig/loginrec.h
+--- openssh-5.8p1.orig/loginrec.h
-+++ openssh-5.7p1/loginrec.h
+++ openssh-5.8p1/loginrec.h
@@ -127,5 +127,9 @@ char *line_stripname(char *dst, const ch
 char *line_abbrevname(char *dst, const char *src, int dstsize);
--- a/openssh-5.8p1-blocksigalrm.diff
+++ b/openssh-5.8p1-blocksigalrm.diff
--- a/openssh-5.8p1-default-protocol.diff
+++ b/openssh-5.8p1-default-protocol.diff
--- a/openssh-5.8p1-eal3.diff
+++ b/openssh-5.8p1-eal3.diff
@ -1,7 +1,7 @@
-Index: openssh-5.7p1/sshd.8
+Index: openssh-5.8p1/sshd.8
 ===================================================================
--- openssh-5.7p1.orig/sshd.8
+--- openssh-5.8p1.orig/sshd.8
-+++ openssh-5.7p1/sshd.8
+++ openssh-5.8p1/sshd.8
@@ -855,7 +855,7 @@ Contains Diffie-Hellman groups used for
 The file format is described in
 .Xr moduli 5 .
@ -30,10 +30,10 @@ Index: openssh-5.7p1/sshd.8
 .Xr sshd_config 5 ,
 .Xr inetd 8 ,
 .Xr sftp-server 8
-Index: openssh-5.7p1/sshd_config.5
+Index: openssh-5.8p1/sshd_config.5
 ===================================================================
--- openssh-5.7p1.orig/sshd_config.5
+--- openssh-5.8p1.orig/sshd_config.5
-+++ openssh-5.7p1/sshd_config.5
+++ openssh-5.8p1/sshd_config.5
@@ -497,7 +497,7 @@ or
 .Pp
 .Pa /etc/hosts.equiv
--- a/openssh-5.8p1-engines.diff
+++ b/openssh-5.8p1-engines.diff
@ -1,7 +1,7 @@
-Index: openssh-5.7p1/ssh-add.c
+Index: openssh-5.8p1/ssh-add.c
 ===================================================================
--- openssh-5.7p1.orig/ssh-add.c
+--- openssh-5.8p1.orig/ssh-add.c
-+++ openssh-5.7p1/ssh-add.c
+++ openssh-5.8p1/ssh-add.c
@@ -43,6 +43,7 @@
 #include <openssl/evp.h>
@ -21,10 +21,10 @@ Index: openssh-5.7p1/ssh-add.c
 	/* At first, get a connection to the authentication agent. */
 	ac = ssh_get_authentication_connection();
 	if (ac == NULL) {
-Index: openssh-5.7p1/ssh-agent.c
+Index: openssh-5.8p1/ssh-agent.c
 ===================================================================
--- openssh-5.7p1.orig/ssh-agent.c
+--- openssh-5.8p1.orig/ssh-agent.c
-+++ openssh-5.7p1/ssh-agent.c
+++ openssh-5.8p1/ssh-agent.c
@@ -52,6 +52,7 @@
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@ -44,10 +44,10 @@ Index: openssh-5.7p1/ssh-agent.c
 	__progname = ssh_get_progname(av[0]);
 	init_rng();
 	seed_rng();
-Index: openssh-5.7p1/ssh-keygen.c
+Index: openssh-5.8p1/ssh-keygen.c
 ===================================================================
--- openssh-5.7p1.orig/ssh-keygen.c
+--- openssh-5.8p1.orig/ssh-keygen.c
-+++ openssh-5.7p1/ssh-keygen.c
+++ openssh-5.8p1/ssh-keygen.c
@@ -22,6 +22,7 @@
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@ -68,10 +68,10 @@ Index: openssh-5.7p1/ssh-keygen.c
 	log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
 	init_rng();
-Index: openssh-5.7p1/ssh-keysign.c
+Index: openssh-5.8p1/ssh-keysign.c
 ===================================================================
--- openssh-5.7p1.orig/ssh-keysign.c
+--- openssh-5.8p1.orig/ssh-keysign.c
-+++ openssh-5.7p1/ssh-keysign.c
+++ openssh-5.8p1/ssh-keysign.c
@@ -38,6 +38,7 @@
 #include <openssl/evp.h>
 #include <openssl/rand.h>
@ -92,10 +92,10 @@ Index: openssh-5.7p1/ssh-keysign.c
 	for (i = 0; i < 256; i++)
 		rnd[i] = arc4random();
 	RAND_seed(rnd, sizeof(rnd));
-Index: openssh-5.7p1/ssh.c
+Index: openssh-5.8p1/ssh.c
 ===================================================================
--- openssh-5.7p1.orig/ssh.c
+--- openssh-5.8p1.orig/ssh.c
-+++ openssh-5.7p1/ssh.c
+++ openssh-5.8p1/ssh.c
@@ -75,6 +75,7 @@
 #include <openssl/err.h>
 #include "openbsd-compat/openssl-compat.h"
@ -115,10 +115,10 @@ Index: openssh-5.7p1/ssh.c
 	/* Initialize the command to execute on remote host. */
 	buffer_init(&command);
-Index: openssh-5.7p1/sshd.c
+Index: openssh-5.8p1/sshd.c
 ===================================================================
--- openssh-5.7p1.orig/sshd.c
+--- openssh-5.8p1.orig/sshd.c
-+++ openssh-5.7p1/sshd.c
+++ openssh-5.8p1/sshd.c
@@ -77,6 +77,7 @@
 #include <openssl/md5.h>
 #include <openssl/rand.h>
--- a/openssh-5.8p1-gssapimitm.patch
+++ b/openssh-5.8p1-gssapimitm.patch
--- a/openssh-5.8p1-homechroot.patch
+++ b/openssh-5.8p1-homechroot.patch
--- a/openssh-5.8p1-host_ident.diff
+++ b/openssh-5.8p1-host_ident.diff
--- a/openssh-5.8p1-pam-fix2.diff
+++ b/openssh-5.8p1-pam-fix2.diff
--- a/openssh-5.8p1-pam-fix3.diff
+++ b/openssh-5.8p1-pam-fix3.diff
--- a/openssh-5.8p1-pts.diff
+++ b/openssh-5.8p1-pts.diff
--- a/openssh-5.8p1-saveargv-fix.diff
+++ b/openssh-5.8p1-saveargv-fix.diff
--- a/openssh-5.8p1-send_locale.diff
+++ b/openssh-5.8p1-send_locale.diff
--- a/openssh-5.8p1-sshconfig-knownhostschanges.diff
+++ b/openssh-5.8p1-sshconfig-knownhostschanges.diff
--- a/openssh-5.8p1-sshd_config.diff
+++ b/openssh-5.8p1-sshd_config.diff
--- a/openssh-5.8p1-syntax-error.diff
+++ b/openssh-5.8p1-syntax-error.diff
@ -0,0 +1,13 @@
 Index: openssh-5.8p1/openbsd-compat/port-linux.c
 ===================================================================
 --- openssh-5.8p1.orig/openbsd-compat/port-linux.c
 +++ openssh-5.8p1/openbsd-compat/port-linux.c
@@ -213,7 +213,7 @@ ssh_selinux_setfscreatecon(const char *p
 	if (!ssh_selinux_enabled())
 		return;
 -	if (path == NULL)
 +	if (path == NULL) {
 		setfscreatecon(NULL);
 		return;
 	}
--- a/openssh-5.8p1-xauth.diff
+++ b/openssh-5.8p1-xauth.diff
@ -2,7 +2,7 @@ Index: session.c
 ===================================================================
 --- session.c.orig
 +++ session.c
-@@ -2463,8 +2463,41 @@ void
+@@ -2463,8 +2463,40 @@ void
 session_close(Session *s)
 {
 	u_int i;
@ -23,7 +23,7 @@ Index: session.c
 +			/* Remove authority data from .Xauthority if appropriate. */
 +			debug("Running %.500s remove %.100s\n",
 +				options.xauth_location, s->auth_display);
-+            
+
 +			snprintf(cmd, sizeof cmd, "unset XAUTHORITY && HOME=\"%.200s\" %s -q -",
 +                     		s->pw->pw_dir, options.xauth_location);
 +            		f = popen(cmd, "w");
@ -40,7 +40,6 @@ Index: session.c
 +		}
 +	}
 +
 +        
 	if (s->ttyfd != -1)
 		session_pty_cleanup(s);
 	if (s->term)
--- a/openssh-5.8p1-xauthlocalhostname.diff
+++ b/openssh-5.8p1-xauthlocalhostname.diff
--- a/openssh-5.8p1.tar.bz2
+++ b/openssh-5.8p1.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:41f2622b7c804dae31eda39c67d7ccedb1ec418b0811e626b85a6ec184b21108
 size 894842
--- a/openssh-askpass-gnome.changes
+++ b/openssh-askpass-gnome.changes
@ -1,3 +1,8 @@
 -------------------------------------------------------------------
 Fri Feb  4 11:19:14 UTC 2011 - lchiquitto@novell.com
 - Update to 5.8p1
 -------------------------------------------------------------------
 Mon Jan 24 11:51:10 UTC 2011 - lchiquitto@novell.com
--- a/openssh-askpass-gnome.spec
+++ b/openssh-askpass-gnome.spec
@ -22,7 +22,7 @@ Name:           openssh-askpass-gnome
 BuildRequires:  gtk2-devel krb5-devel openssh openssl-devel pam-devel tcpd-devel update-desktop-files
 License:        BSD3c(or similar)
 Group:          Productivity/Networking/SSH
-Version:        5.7p1
+Version:        5.8p1
 Release:        1
 Requires:       openssh = %{version} openssh-askpass = %{version}
 AutoReqProv:    on
@ -30,7 +30,7 @@ Summary:        A GNOME-Based Passphrase Dialog for OpenSSH
 Url:            http://www.openssh.com/
 %define _name openssh
 Source:         %{_name}-%{version}.tar.bz2
-Patch:          %{_name}-%{version}.dif
+Patch:          %{_name}-%{version}-sshd_config.diff
 Patch1:         %{_name}-%{version}-pam-fix2.diff
 Patch2:         %{_name}-%{version}-saveargv-fix.diff
 Patch3:         %{_name}-%{version}-pam-fix3.diff
--- a/openssh.changes
+++ b/openssh.changes
@ -1,3 +1,20 @@
 -------------------------------------------------------------------
 Fri Feb  4 11:19:25 UTC 2011 - lchiquitto@novell.com
 - Update to 5.8p1
 * Fix vulnerability in legacy certificate signing introduced in
   OpenSSH-5.6 and found by Mateusz Kocielski.
 * Fix compilation failure when enableing SELinux support.
 * Do not attempt to call SELinux functions when SELinux is
   disabled.
 - Remove patch that is now upstream:
 * openssh-5.7p1-selinux.diff
 -------------------------------------------------------------------
 Thu Feb  3 16:42:01 UTC 2011 - pcerny@novell.com
 - specfile/patches cleanup 
 -------------------------------------------------------------------
 Mon Jan 24 11:24:59 UTC 2011 - lchiquitto@novell.com
--- a/openssh.spec
+++ b/openssh.spec
@ -29,8 +29,8 @@ Requires:       /bin/netstat
 PreReq:         pwdutils %insserv_prereq  %fillup_prereq coreutils
 Conflicts:      nonfreessh
 AutoReqProv:    on
-Version:        5.7p1
+Version:        5.8p1
-Release:        1
+Release:        2
 %define xversion 1.2.4.1
 Summary:        Secure Shell Client and Server (Remote Login Program)
 Url:            http://www.openssh.com/
@ -44,7 +44,7 @@ Source6:        README.kerberos
 Source7:        ssh.reg
 Source8:        ssh-askpass
 Source9:        sshd.fw
-Patch:          %{name}-%{version}.dif
+Patch:          %{name}-%{version}-sshd_config.diff
 Patch1:         %{name}-%{version}-askpass-fix.diff
 Patch2:         %{name}-%{version}-pam-fix2.diff
 Patch3:         %{name}-%{version}-saveargv-fix.diff
@ -62,10 +62,10 @@ Patch16:        %{name}-%{version}-pts.diff
 Patch17:        %{name}-%{version}-homechroot.patch
 Patch18:        %{name}-%{version}-sshconfig-knownhostschanges.diff
 Patch19:        %{name}-%{version}-host_ident.diff
-Patch20:        %{name}-%{version}-selinux.diff
+Patch20:        %{name}-%{version}-syntax-error.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-%package      askpass
+%package        askpass
 License:        BSD3c(or similar) ; MIT License (or similar)
 Summary:        A passphrase dialog for OpenSSH and the X Window System
 Requires:       openssh = %{version}
@ -130,30 +130,30 @@ PIEFLAGS="-fpie"
 #Obsoleted LDFLAGS="-lpthread" \
 LDFLAGS="-pie" CFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" CXXFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" \
 ./configure --with-ssl-engine \
-	--mandir=%{_mandir} \
+    --mandir=%{_mandir} \
-	--prefix=%{prefix} \
+    --prefix=%{prefix} \
-	--infodir=%{_infodir} \
+    --infodir=%{_infodir} \
-	--sysconfdir=/etc/ssh \
+    --sysconfdir=/etc/ssh \
-	--libexecdir=%{prefix}/%_lib/ssh \
+    --libexecdir=%{prefix}/%_lib/ssh \
-	--with-tcp-wrappers \
+    --with-tcp-wrappers \
-	--with-selinux \
+    --with-selinux \
-	--with-pam \
+    --with-pam \
-	--with-kerberos5=/usr \
+    --with-kerberos5=/usr \
-	--with-privsep-path=/var/lib/empty \
+    --with-privsep-path=/var/lib/empty \
-	--disable-strip \
+    --disable-strip \
-	--with-linux-audit \
+    --with-linux-audit \
-	--with-xauth=%{_prefix}/bin/xauth \
+    --with-xauth=%{_prefix}/bin/xauth \
-        --target=%{_target_cpu}-suse-linux
+    --target=%{_target_cpu}-suse-linux
-#        --with-afs=/usr \
+#   --with-afs=/usr \
 make %{?_smp_mflags}
 (cd converter; make %{?_smp_mflags})
 cd contrib
 cd ../../x11-ssh-askpass-%{xversion}
 CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS"
 ./configure \
-	--mandir=%{_mandir} \
+    --mandir=%{_mandir} \
-	--prefix=%{_prefix} \
+    --prefix=%{_prefix} \
-	--libexecdir=%{prefix}/%_lib/ssh
+    --libexecdir=%{prefix}/%_lib/ssh
 xmkmf
 make includes USRLIBDIR=%_prefix/%_lib
 make %{?_smp_mflags} USRLIBDIR=%_prefix/%_lib CCOPTIONS="$RPM_OPT_FLAGS"