packages: openssh/openssh-heimdal.patch, openssh/openssh-lpk.patch, openssh...

caleb caleb at pld-linux.org
Mon Jan 24 16:44:22 CET 2011 

Author: caleb                        Date: Mon Jan 24 15:44:22 2011 GMT
Module: packages                      Tag: HEAD
---- Log message:
- Up to 5.7p1
- Removed selinux patch, applied upstream
- Updated heimdal and ldap patches

---- Files affected:
packages/openssh:
   openssh-heimdal.patch (1.9 -> 1.10) , openssh-lpk.patch (1.5 -> 1.6) , openssh.spec (1.345 -> 1.346) , openssh-selinux.patch (1.7 -> NONE)  (REMOVED)

---- Diffs:

================================================================
Index: packages/openssh/openssh-heimdal.patch
diff -u packages/openssh/openssh-heimdal.patch:1.9 packages/openssh/openssh-heimdal.patch:1.10
--- packages/openssh/openssh-heimdal.patch:1.9	Mon Apr  5 15:17:06 2010
+++ packages/openssh/openssh-heimdal.patch	Mon Jan 24 16:44:15 2011
@@ -1,16 +1,15 @@
-diff -urN openssh-3.9p1.org/configure.ac openssh-3.9p1/configure.ac
---- openssh-3.9p1.org/configure.ac	2004-08-17 19:25:31.977492488 +0200
-+++ openssh-3.9p1/configure.ac	2004-08-17 19:25:48.157032824 +0200
-@@ -2265,13 +2265,13 @@
- 				       [ char *tmp = heimdal_version; ],
+--- openssh-5.7p1/configure.ac.orig	2011-01-22 00:37:05.000000000 +0200
++++ openssh-5.7p1/configure.ac	2011-01-24 16:21:01.711393457 +0200
+@@ -3572,14 +3572,14 @@
  				       [ AC_MSG_RESULT(yes)
  					 AC_DEFINE(HEIMDAL)
--					 K5LIBS="-lkrb5 -ldes"
+ 					 K5LIBS="-lkrb5"
 -					 K5LIBS="$K5LIBS -lcom_err -lasn1"
-+					 K5LIBS="-lkrb5"
 +					 K5LIBS="$K5LIBS -lasn1"
  					 AC_CHECK_LIB(roken, net_write,
  					   [K5LIBS="$K5LIBS -lroken"])
+ 					 AC_CHECK_LIB(des, des_cbc_encrypt,
+ 					   [K5LIBS="$K5LIBS -ldes"])
  				       ],
  				       [ AC_MSG_RESULT(no)
 -					 K5LIBS="-lkrb5 -lk5crypto -lcom_err"

================================================================
Index: packages/openssh/openssh-lpk.patch
diff -u packages/openssh/openssh-lpk.patch:1.5 packages/openssh/openssh-lpk.patch:1.6
--- packages/openssh/openssh-lpk.patch:1.5	Tue Aug 24 13:15:01 2010
+++ packages/openssh/openssh-lpk.patch	Mon Jan 24 16:44:15 2011
@@ -220,18 +220,17 @@
  /* Define if your libraries define login() */
  #undef HAVE_LOGIN
  
-diff -Nuar --exclude '*.orig' --exclude '*.rej' openssh-5.1p1.orig/configure openssh-5.1p1+lpk/configure
---- openssh-5.1p1.orig/configure	2008-07-21 01:30:50.000000000 -0700
-+++ openssh-5.1p1+lpk/configure	2008-08-23 15:02:47.000000000 -0700
-@@ -1340,6 +1340,7 @@
+--- openssh-5.7p1/configure.orig	2011-01-22 11:29:11.000000000 +0200
++++ openssh-5.7p1/configure	2011-01-24 16:33:06.271393457 +0200
+@@ -1348,6 +1348,7 @@
    --with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH)
    --with-libedit[=PATH]   Enable libedit support for sftp
-   --with-audit=module     Enable EXPERIMENTAL audit support (modules=debug,bsm)
+   --with-audit=module     Enable audit support (modules=debug,bsm,linux)
 +  --with-ldap[=PATH]      Enable LDAP pubkey support (optionally in PATH)
    --with-ssl-dir=PATH     Specify path to OpenSSL installation
    --without-openssl-header-check Disable OpenSSL version consistency check
    --with-ssl-engine       Enable OpenSSL (hardware) ENGINE support
-@@ -12568,6 +12569,85 @@
+@@ -12198,6 +12199,85 @@
  fi
  
  
@@ -317,7 +316,7 @@
  
  
  
-@@ -30135,6 +30215,7 @@
+@@ -31970,6 +32050,7 @@
  echo "                 Smartcard support: $SCARD_MSG"
  echo "                     S/KEY support: $SKEY_MSG"
  echo "              TCP Wrappers support: $TCPW_MSG"
@@ -1202,13 +1201,12 @@
 +puTTY). Login should succeed.
 +
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-diff -Nuar --exclude '*.orig' --exclude '*.rej' openssh-5.1p1.orig/Makefile.in openssh-5.1p1+lpk/Makefile.in
---- openssh-5.1p1.orig/Makefile.in	2008-07-08 07:21:12.000000000 -0700
-+++ openssh-5.1p1+lpk/Makefile.in	2008-08-23 15:02:47.000000000 -0700
-@@ -91,7 +91,7 @@
+--- openssh-5.7p1/Makefile.in.orig	2011-01-17 12:15:29.000000000 +0200
++++ openssh-5.7p1/Makefile.in	2011-01-24 16:35:51.174726790 +0200
+@@ -93,7 +93,7 @@
  	auth2-gss.o gss-serv.o gss-serv-krb5.o \
  	loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
- 	audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \
+ 	sftp-server.o sftp-common.o \
 -	roaming_common.o roaming_serv.o
 +	roaming_common.o roaming_serv.o ldapauth.o
  
@@ -1533,9 +1531,9 @@
 +- CONTACT :
 +  - Eric AUGE <eau at phear.org>
 +  - Andrea Barisani <andrea at inversepath.com>
---- openssh-5.6p1/servconf.c~	2010-08-24 14:07:30.000000000 +0300
-+++ openssh-5.6p1/servconf.c	2010-08-24 14:09:08.999656164 +0300
-@@ -42,6 +42,10 @@
+--- openssh-5.7p1/servconf.c.orig	2010-11-20 06:19:38.000000000 +0200
++++ openssh-5.7p1/servconf.c	2011-01-24 16:38:27.381393458 +0200
+@@ -46,6 +46,10 @@
  #include "channels.h"
  #include "groupaccess.h"
  
@@ -1546,10 +1544,10 @@
  static void add_listen_addr(ServerOptions *, char *, int);
  static void add_one_listen_addr(ServerOptions *, char *, int);
  
-@@ -136,6 +136,24 @@
- 	options->revoked_keys_file = NULL;
- 	options->trusted_user_ca_keys = NULL;
+@@ -139,6 +143,24 @@
  	options->authorized_principals_file = NULL;
+ 	options->ip_qos_interactive = -1;
+ 	options->ip_qos_bulk = -1;
 +#ifdef WITH_LDAP_PUBKEY
 + 	/* XXX dirty */
 + 	options->lpk.ld = NULL;
@@ -1571,10 +1569,10 @@
  }
  
  void
-@@ -258,6 +281,32 @@
- 		options->permit_tun = SSH_TUNMODE_NO;
- 	if (options->zero_knowledge_password_authentication == -1)
- 		options->zero_knowledge_password_authentication = 0;
+@@ -281,6 +303,32 @@
+ 		options->ip_qos_interactive = IPTOS_LOWDELAY;
+ 	if (options->ip_qos_bulk == -1)
+ 		options->ip_qos_bulk = IPTOS_THROUGHPUT;
 +#ifdef WITH_LDAP_PUBKEY
 +	if (options->lpk.on == -1)
 +	    options->lpk.on = _DEFAULT_LPK_ON;
@@ -1604,9 +1602,9 @@
  
  	/* Turn privilege separation on by default */
  	if (use_privsep == -1)
-@@ -303,6 +352,12 @@
- 	sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
- 	sUsePrivilegeSeparation, sAllowAgentForwarding,
+@@ -329,6 +377,12 @@
+ 	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
+ 	sKexAlgorithms, sIPQoS,
  	sDeprecated, sUnsupported
 +#ifdef WITH_LDAP_PUBKEY
 +	,sLdapPublickey, sLdapServers, sLdapUserDN
@@ -1617,7 +1615,7 @@
  } ServerOpCodes;
  
  #define SSHCFG_GLOBAL	0x01	/* allowed in main section of sshd_config */
-@@ -459,6 +477,20 @@
+@@ -439,6 +493,20 @@
  	{ "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
  	{ "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
  	{ "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_ALL },
@@ -1638,7 +1636,7 @@
  	{ "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
  	{ "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
  	{ "permittunnel", sPermitTunnel, SSHCFG_ALL },
-@@ -1294,6 +1363,107 @@
+@@ -1411,6 +1479,107 @@
  		while (arg)
  		    arg = strdelim(&cp);
  		break;

================================================================
Index: packages/openssh/openssh.spec
diff -u packages/openssh/openssh.spec:1.345 packages/openssh/openssh.spec:1.346
--- packages/openssh/openssh.spec:1.345	Wed Oct 20 12:57:07 2010
+++ packages/openssh/openssh.spec	Mon Jan 24 16:44:15 2011
@@ -29,13 +29,13 @@
 Summary(ru.UTF-8):	OpenSSH - свободная реализация протокола Secure Shell (SSH)
 Summary(uk.UTF-8):	OpenSSH - вільна реалізація протоколу Secure Shell (SSH)
 Name:		openssh
-Version:	5.6p1
-Release:	4
+Version:	5.7p1
+Release:	1
 Epoch:		2
 License:	BSD
 Group:		Applications/Networking
 Source0:	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
-# Source0-md5:	e6ee52e47c768bf0ec42a232b5d18fb0
+# Source0-md5:	50231fa257219791fa41b84a16c9df04
 Source1:	http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2
 # Source1-md5:	66943d481cc422512b537bcc2c7400d1
 Source2:	%{name}d.init
@@ -52,7 +52,6 @@
 # http://code.google.com/p/openssh-lpk/
 Patch4:		%{name}-lpk.patch
 Patch5:		%{name}-config.patch
-Patch7:		%{name}-selinux.patch
 # High Performance SSH/SCP - HPN-SSH - http://www.psc.edu/networking/projects/hpn-ssh/
 # http://www.psc.edu/networking/projects/hpn-ssh/openssh-5.2p1-hpn13v6.diff.gz
 Patch9:		%{name}-5.2p1-hpn13v6.diff
@@ -514,7 +513,6 @@
 %patch3 -p1
 %{?with_ldap:%patch4 -p1}
 %patch5 -p1
-%patch7 -p1
 %{?with_hpn:%patch9 -p1}
 %patch10 -p1
 %patch11 -p1
@@ -547,7 +545,7 @@
 %if "%{pld_release}" == "ac"
 	--with-xauth=/usr/X11R6/bin/xauth \
 %else
-	--with-xauth=/usr/bin/xauth \
+	--with-xauth=%{_bindir}/xauth \
 %endif
 	--enable-utmpx \
 	--enable-wtmpx
@@ -764,6 +762,11 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.346  2011/01/24 15:44:15  caleb
+- Up to 5.7p1
+- Removed selinux patch, applied upstream
+- Updated heimdal and ldap patches
+
 Revision 1.345  2010/10/20 10:57:07  baggins
 - rel 4
 - sshd must be started after nfsfs (/usr over nfs)
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssh/openssh-heimdal.patch?r1=1.9&r2=1.10&f=u
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssh/openssh-lpk.patch?r1=1.5&r2=1.6&f=u
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssh/openssh.spec?r1=1.345&r2=1.346&f=u

More information about the pld-cvs-commit mailing list