From 9810ecd029c56220fd36c3c0a6af99cd347b821f4e13924b221d4b2bf058c97b Mon Sep 17 00:00:00 2001
From: Petr Cerny <null@suse.de>
Date: Tue, 10 May 2011 15:21:03 +0000
Subject: [PATCH 1/2] Accepting request 69985 from
 home:msmeissn:branches:network

bump hostkey length to 2048

OBS-URL: https://build.opensuse.org/request/show/69985
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=9
---
 openssh-SuSE.tar.bz2 | 4 ++--
 openssh.changes      | 6 ++++++
 openssh.spec         | 2 +-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/openssh-SuSE.tar.bz2 b/openssh-SuSE.tar.bz2
index 8708b10..af1915f 100644
--- a/openssh-SuSE.tar.bz2
+++ b/openssh-SuSE.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:a73f20ff86a679a64f3b94a666dc9e7e1b442fb2da09ddb56f9a01f4dbdbc241
-size 1975
+oid sha256:f8266c1a050015a77ba8f6f1fd51aa1ce60d5b913564392bb205f94fedd4548c
+size 1965
diff --git a/openssh.changes b/openssh.changes
index 81b03a8..7432396 100644
--- a/openssh.changes
+++ b/openssh.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue May 10 15:08:17 UTC 2011 - meissner@novell.com
+
+- Change default keysizes of rsa and dsa from 1024 to 2048
+  to match ssh-keygen manpage recommendations.
+
 -------------------------------------------------------------------
 Fri Feb  4 11:19:25 UTC 2011 - lchiquitto@novell.com
 
diff --git a/openssh.spec b/openssh.spec
index e71c6bb..7eb6245 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -30,7 +30,7 @@ PreReq:         pwdutils %insserv_prereq  %fillup_prereq coreutils
 Conflicts:      nonfreessh
 AutoReqProv:    on
 Version:        5.8p1
-Release:        2
+Release:        1
 %define xversion 1.2.4.1
 Summary:        Secure Shell Client and Server (Remote Login Program)
 Url:            http://www.openssh.com/

From fc3180d72bc0a8ba768dcbd308b67355b8c4c6080e3870b09494a78a19b0f641 Mon Sep 17 00:00:00 2001
From: Marcus Meissner <meissner@suse.com>
Date: Wed, 7 Sep 2011 15:50:44 +0000
Subject: [PATCH 2/2] Accepting request 80152 from
 home:elvigia:branches:network

-  Update to verison 5.8p2
* Fixed vuln in systems without dev/random, we arenot affected
* Fixes problems building with selinux enabled
- Fix build with as-needed and no-add-needed

- Enable libedit/autocompletion support in sftp

OBS-URL: https://build.opensuse.org/request/show/80152
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=10
---
 converter-linking.patch         | 11 +++++++
 openssh-5.8p1-syntax-error.diff | 13 --------
 openssh-5.8p1.tar.bz2           |  3 --
 openssh-5.8p2.tar.bz2           |  3 ++
 openssh-askpass-gnome.spec      | 18 +++++------
 openssh.changes                 | 13 ++++++++
 openssh.spec                    | 56 +++++++++++++++------------------
 7 files changed, 62 insertions(+), 55 deletions(-)
 create mode 100644 converter-linking.patch
 delete mode 100644 openssh-5.8p1-syntax-error.diff
 delete mode 100644 openssh-5.8p1.tar.bz2
 create mode 100644 openssh-5.8p2.tar.bz2

diff --git a/converter-linking.patch b/converter-linking.patch
new file mode 100644
index 0000000..9c8ecc8
--- /dev/null
+++ b/converter-linking.patch
@@ -0,0 +1,11 @@
+--- converter/Makefile.orig
++++ converter/Makefile
+@@ -8,7 +8,7 @@ ssh-keyconverter.o: ssh-keyconverter.c .
+ 	gcc $(RPM_OPT_FLAGS) -c -I../ $< -o $@
+ 
+ ssh-keyconverter: ssh-keyconverter.o ../libssh.a ../openbsd-compat/libopenbsd-compat.a
+-	gcc $< -L../ -L../openbsd-compat/ -lssh -lopenbsd-compat -lssh -lpam -ldl -lwrap -lutil -lz -lnsl -lcrypt -lssl -o $@
++	gcc -Wl,--no-as-needed $(RPM_OPT_FLAGS) -L../ -L../openbsd-compat/ $< -lssl -lcrypto -lssh -lopenbsd-compat -lssl -lssh -lpam -ldl -lwrap -lutil -lz -lnsl -lcrypt -o $@
+ 
+ install: ssh-keyconverter ssh-keyconverter.1
+ 	if [ ! -d $(DESTDIR)$(bindir) ]; then install -d -m 755 $(DESTDIR)$(bindir); fi
diff --git a/openssh-5.8p1-syntax-error.diff b/openssh-5.8p1-syntax-error.diff
deleted file mode 100644
index 1f423c4..0000000
--- a/openssh-5.8p1-syntax-error.diff
+++ /dev/null
@@ -1,13 +0,0 @@
-Index: openssh-5.8p1/openbsd-compat/port-linux.c
-===================================================================
---- openssh-5.8p1.orig/openbsd-compat/port-linux.c
-+++ openssh-5.8p1/openbsd-compat/port-linux.c
-@@ -213,7 +213,7 @@ ssh_selinux_setfscreatecon(const char *p
- 
- 	if (!ssh_selinux_enabled())
- 		return;
--	if (path == NULL)
-+	if (path == NULL) {
- 		setfscreatecon(NULL);
- 		return;
- 	}
diff --git a/openssh-5.8p1.tar.bz2 b/openssh-5.8p1.tar.bz2
deleted file mode 100644
index df68870..0000000
--- a/openssh-5.8p1.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:41f2622b7c804dae31eda39c67d7ccedb1ec418b0811e626b85a6ec184b21108
-size 894842
diff --git a/openssh-5.8p2.tar.bz2 b/openssh-5.8p2.tar.bz2
new file mode 100644
index 0000000..c2f4012
--- /dev/null
+++ b/openssh-5.8p2.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:517e6b2b0c528a7300315db224cf8b2377f87d71d7a0775572f1ce811d6b218a
+size 900171
diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec
index ffd3899..eb24e7a 100644
--- a/openssh-askpass-gnome.spec
+++ b/openssh-askpass-gnome.spec
@@ -22,7 +22,7 @@ Name:           openssh-askpass-gnome
 BuildRequires:  gtk2-devel krb5-devel openssh openssl-devel pam-devel tcpd-devel update-desktop-files
 License:        BSD3c(or similar)
 Group:          Productivity/Networking/SSH
-Version:        5.8p1
+Version:        5.8p2
 Release:        1
 Requires:       openssh = %{version} openssh-askpass = %{version}
 AutoReqProv:    on
@@ -30,14 +30,14 @@ Summary:        A GNOME-Based Passphrase Dialog for OpenSSH
 Url:            http://www.openssh.com/
 %define _name openssh
 Source:         %{_name}-%{version}.tar.bz2
-Patch:          %{_name}-%{version}-sshd_config.diff
-Patch1:         %{_name}-%{version}-pam-fix2.diff
-Patch2:         %{_name}-%{version}-saveargv-fix.diff
-Patch3:         %{_name}-%{version}-pam-fix3.diff
-Patch4:         %{_name}-%{version}-gssapimitm.patch
-Patch5:         %{_name}-%{version}-eal3.diff
-Patch6:         %{_name}-%{version}-engines.diff
-Patch7:         %{_name}-%{version}-blocksigalrm.diff
+Patch:          %{_name}-5.8p1-sshd_config.diff
+Patch1:         %{_name}-5.8p1-pam-fix2.diff
+Patch2:         %{_name}-5.8p1-saveargv-fix.diff
+Patch3:         %{_name}-5.8p1-pam-fix3.diff
+Patch4:         %{_name}-5.8p1-gssapimitm.patch
+Patch5:         %{_name}-5.8p1-eal3.diff
+Patch6:         %{_name}-5.8p1-engines.diff
+Patch7:         %{_name}-5.8p1-blocksigalrm.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
diff --git a/openssh.changes b/openssh.changes
index 7432396..9999674 100644
--- a/openssh.changes
+++ b/openssh.changes
@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Mon Aug 29 23:47:58 UTC 2011 - crrodriguez@opensuse.org
+
+-  Update to verison 5.8p2
+* Fixed vuln in systems without dev/random, we arenot affected
+* Fixes problems building with selinux enabled
+- Fix build with as-needed and no-add-needed
+
+-------------------------------------------------------------------
+Sat Aug 13 20:46:17 UTC 2011 - crrodriguez@opensuse.org
+
+- Enable libedit/autocompletion support in sftp
+
 -------------------------------------------------------------------
 Tue May 10 15:08:17 UTC 2011 - meissner@novell.com
 
diff --git a/openssh.spec b/openssh.spec
index 7eb6245..4a68f42 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -23,13 +23,14 @@ Name:           openssh
 %define _appdefdir      %{_prefix}/share/X11/app-defaults
 BuildRequires:  audit-devel krb5-devel openssl-devel pam-devel tcpd-devel xorg-x11-devel
 BuildRequires:  libselinux-devel
+BuildRequires:  libedit-devel
 License:        BSD3c(or similar) ; MIT License (or similar)
 Group:          Productivity/Networking/SSH
 Requires:       /bin/netstat
 PreReq:         pwdutils %insserv_prereq  %fillup_prereq coreutils
 Conflicts:      nonfreessh
 AutoReqProv:    on
-Version:        5.8p1
+Version:        5.8p2
 Release:        1
 %define xversion 1.2.4.1
 Summary:        Secure Shell Client and Server (Remote Login Program)
@@ -44,25 +45,25 @@ Source6:        README.kerberos
 Source7:        ssh.reg
 Source8:        ssh-askpass
 Source9:        sshd.fw
-Patch:          %{name}-%{version}-sshd_config.diff
-Patch1:         %{name}-%{version}-askpass-fix.diff
-Patch2:         %{name}-%{version}-pam-fix2.diff
-Patch3:         %{name}-%{version}-saveargv-fix.diff
-Patch4:         %{name}-%{version}-pam-fix3.diff
-Patch5:         %{name}-%{version}-gssapimitm.patch
-Patch6:         %{name}-%{version}-eal3.diff
-Patch7:         %{name}-%{version}-engines.diff
-Patch8:         %{name}-%{version}-blocksigalrm.diff
-Patch9:         %{name}-%{version}-send_locale.diff
-Patch10:        %{name}-%{version}-xauthlocalhostname.diff
-Patch12:        %{name}-%{version}-xauth.diff
-Patch14:        %{name}-%{version}-default-protocol.diff
-Patch15:        %{name}-%{version}-audit.patch
-Patch16:        %{name}-%{version}-pts.diff
-Patch17:        %{name}-%{version}-homechroot.patch
-Patch18:        %{name}-%{version}-sshconfig-knownhostschanges.diff
-Patch19:        %{name}-%{version}-host_ident.diff
-Patch20:        %{name}-%{version}-syntax-error.diff
+Patch:          %{name}-5.8p1-sshd_config.diff
+Patch1:         %{name}-5.8p1-askpass-fix.diff
+Patch2:         %{name}-5.8p1-pam-fix2.diff
+Patch3:         %{name}-5.8p1-saveargv-fix.diff
+Patch4:         %{name}-5.8p1-pam-fix3.diff
+Patch5:         %{name}-5.8p1-gssapimitm.patch
+Patch6:         %{name}-5.8p1-eal3.diff
+Patch7:         %{name}-5.8p1-engines.diff
+Patch8:         %{name}-5.8p1-blocksigalrm.diff
+Patch9:         %{name}-5.8p1-send_locale.diff
+Patch10:        %{name}-5.8p1-xauthlocalhostname.diff
+Patch12:        %{name}-5.8p1-xauth.diff
+Patch14:        %{name}-5.8p1-default-protocol.diff
+Patch15:        %{name}-5.8p1-audit.patch
+Patch16:        %{name}-5.8p1-pts.diff
+Patch17:        %{name}-5.8p1-homechroot.patch
+Patch18:        %{name}-5.8p1-sshconfig-knownhostschanges.diff
+Patch19:        %{name}-5.8p1-host_ident.diff
+Patch20:        converter-linking.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %package        askpass
@@ -107,29 +108,24 @@ Window System passphrase dialog for OpenSSH.
 %patch17
 %patch18
 %patch19 -p1
-%patch20 -p1
+%patch20
 cp -v %{SOURCE4} .
 cp -v %{SOURCE6} .
 cd ../x11-ssh-askpass-%{xversion}
 %patch1
 
 %build
-# This package failed when testing with -Wl,-as-needed being default.
-# So we disable it here, if you want to retest, just delete this comment and the line below.
-export SUSE_ASNEEDED=0
-%{?suse_update_config:%{suse_update_config}}
-aclocal
-autoheader
-autoconf
+autoreconf -fiv
 %ifarch s390 s390x %sparc
 PIEFLAGS="-fPIE"
 %else
 PIEFLAGS="-fpie"
 %endif
-#Obsoleted CFLAGS="-DUSE_POSIX_THREADS $RPM_OPT_FLAGS" CXXFLAGS="-DUSE_POSIX_THREADS $RPM_O \
-#Obsoleted LDFLAGS="-lpthread" \
 LDFLAGS="-pie" CFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" CXXFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" \
 ./configure --with-ssl-engine \
+%if 0%{suse_version} >= 1140
+    --with-libedit \
+%endif
     --mandir=%{_mandir} \
     --prefix=%{prefix} \
     --infodir=%{_infodir} \