[packages/openssh] - up to 6.1p1

arekm arekm at pld-linux.org
Sun Sep 2 23:19:43 CEST 2012 

commit 3a0759914703b7e78b0d230fdffdb9f65ed93dea
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Sun Sep 2 23:19:40 2012 +0200

    - up to 6.1p1

 authorized-keys-command.patch | 26 +++++++++++++-------------
 openssh.spec                  | 10 +++++++---
 2 files changed, 20 insertions(+), 16 deletions(-)
---
diff --git a/openssh.spec b/openssh.spec
index 44914e9..46709cb 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -1,3 +1,7 @@
+# TODO:
+# - add trigger to enable this:
+#  * sshd(8): This release turns on pre-auth sandboxing sshd by default for
+#   new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
 #
 # Conditional build:
 %bcond_without	audit		# sshd audit support
@@ -30,13 +34,13 @@ Summary(pt_BR.UTF-8):	Implementação livre do SSH
 Summary(ru.UTF-8):	OpenSSH - свободная реализация протокола Secure Shell (SSH)
 Summary(uk.UTF-8):	OpenSSH - вільна реалізація протоколу Secure Shell (SSH)
 Name:		openssh
-Version:	6.0p1
-Release:	3
+Version:	6.1p1
+Release:	1
 Epoch:		2
 License:	BSD
 Group:		Applications/Networking
 Source0:	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
-# Source0-md5:	3c9347aa67862881c5da3f3b1c08da7b
+# Source0-md5:	3345cbf4efe90ffb06a78670ab2d05d5
 Source1:	http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2
 # Source1-md5:	66943d481cc422512b537bcc2c7400d1
 Source2:	%{name}d.init
diff --git a/authorized-keys-command.patch b/authorized-keys-command.patch
index 3c171f4..0d56398 100644
--- a/authorized-keys-command.patch
+++ b/authorized-keys-command.patch
@@ -282,15 +282,15 @@
 @@ -324,6 +326,7 @@ typedef enum {
  	sZeroKnowledgePasswordAuthentication, sHostCertificate,
  	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
- 	sKexAlgorithms, sIPQoS,
+ 	sKexAlgorithms, sIPQoS, sVersionAddendum,
 +	sAuthorizedKeysCommand, sAuthorizedKeysCommandRunAs,
  	sDeprecated, sUnsupported
  } ServerOpCodes;
  
 @@ -448,6 +451,13 @@ static struct {
- 	{ "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
  	{ "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
  	{ "ipqos", sIPQoS, SSHCFG_ALL },
+ 	{ "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
 +#ifdef WITH_AUTHORIZED_KEYS_COMMAND
 +	{ "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL },
 +	{ "authorizedkeyscommandrunas", sAuthorizedKeysCommandRunAs, SSHCFG_ALL },
@@ -332,9 +332,9 @@
  	M_CP_INTOPT(permit_empty_passwd);
  
 @@ -1758,6 +1784,8 @@ dump_config(ServerOptions *o)
- 	dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
  	dump_cfg_string(sAuthorizedPrincipalsFile,
  	    o->authorized_principals_file);
+ 	dump_cfg_string(sVersionAddendum, o->version_addendum);
 +	dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);
 +	dump_cfg_string(sAuthorizedKeysCommandRunAs, o->authorized_keys_command_runas);
  
@@ -343,9 +343,9 @@
 --- openssh-5.9p1/servconf.h	2011-06-23 00:30:03.000000000 +0200
 +++ openssh-5.9p1/servconf.h	2011-09-13 01:17:16.481674272 +0200
 @@ -166,6 +166,8 @@ typedef struct {
- 	char   *revoked_keys_file;
- 	char   *trusted_user_ca_keys;
  	char   *authorized_principals_file;
+ 
+ 	char   *version_addendum;	/* Appended to SSH banner */
 +	char   *authorized_keys_command;
 +	char   *authorized_keys_command_runas;
  }       ServerOptions;
@@ -377,15 +377,15 @@
       AuthorizedKeysFile
               Specifies the file that contains the public keys that can be used
               for user authentication.  The format is described in the
-@@ -401,7 +418,8 @@ DESCRIPTION
- 
+@@ -419,7 +419,8 @@ DESCRIPTION
               Only a subset of keywords may be used on the lines following a
-              Match keyword.  Available keywords are AllowAgentForwarding,
--             AllowTcpForwarding, AuthorizedKeysFile, AuthorizedPrincipalsFile,
-+             AllowTcpForwarding, AuthorizedKeysFile, AuthorizedKeysCommand,
-+             AuthorizedKeysCommandRunAs, AuthorizedPrincipalsFile,
-              Banner, ChrootDirectory, ForceCommand, GatewayPorts,
-              GSSAPIAuthentication, HostbasedAuthentication,
+              Match keyword.  Available keywords are AcceptEnv,
+              AllowAgentForwarding, AllowGroups, AllowTcpForwarding,
+-             AllowUsers, AuthorizedKeysFile, AuthorizedPrincipalsFile, Banner,
++             AllowUsers, AuthorizedKeysFile, AuthorizedKeysCommand,
++             AuthorizedPrincipalsFile, Banner,
+              ChrootDirectory, DenyGroups, DenyUsers, ForceCommand,
+              GatewayPorts, GSSAPIAuthentication, HostbasedAuthentication,
               HostbasedUsesNameFromPacketOnly, KbdInteractiveAuthentication,
 --- openssh-5.9p1/sshd_config.5	2011-08-05 22:17:33.000000000 +0200
 +++ openssh-5.9p1/sshd_config.5	2011-09-13 01:17:16.536674498 +0200
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/openssh.git/commitdiff/3a0759914703b7e78b0d230fdffdb9f65ed93dea

More information about the pld-cvs-commit mailing list