upgrading package: openssh 4.7p1 -> 4.9p1

openssh/openssh.patch

@@ -1,6 +1,6 @@
 Index: Makefile.in
---- Makefile.in.orig	2007-06-11 06:01:42 +0200
-+++ Makefile.in	2007-09-05 08:39:34 +0200
+--- Makefile.in.orig	2008-03-13 02:41:31 +0100
++++ Makefile.in	2008-03-31 08:36:38 +0200
 @@ -231,7 +231,7 @@
  	-rm -rf autom4te.cache
  	(cd scard && $(MAKE) -f Makefile.in distprep)
@@ -12,7 +12,7 @@ Index: Makefile.in
  
 Index: auth-pam.h
 --- auth-pam.h.orig	2004-09-11 14:17:26 +0200
-+++ auth-pam.h	2007-09-05 08:39:34 +0200
++++ auth-pam.h	2008-03-31 08:36:38 +0200
 @@ -28,7 +28,7 @@
  #ifdef USE_PAM
  
@@ -23,10 +23,10 @@ Index: auth-pam.h
  
  void start_pam(Authctxt *);
 Index: version.h
---- version.h.orig	2007-08-15 11:14:52 +0200
-+++ version.h	2007-09-05 08:39:34 +0200
+--- version.h.orig	2008-03-27 01:18:13 +0100
++++ version.h	2008-03-31 08:36:38 +0200
 @@ -3,4 +3,4 @@
- #define SSH_VERSION	"OpenSSH_4.7"
+ #define SSH_VERSION	"OpenSSH_4.9"
  
  #define SSH_PORTABLE	"p1"
 -#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE

openssh/openssh.patch.alias

@@ -1,6 +1,6 @@
 Index: auth1.c
---- auth1.c.orig	2006-09-01 07:38:36 +0200
-+++ auth1.c	2007-09-05 08:40:36 +0200
+--- auth1.c.orig	2007-10-26 06:25:13 +0200
++++ auth1.c	2008-03-31 08:34:25 +0200
 @@ -39,6 +39,9 @@
  #endif
  #include "monitor_wrap.h"
@@ -49,8 +49,8 @@ Index: auth1.c
  	authctxt->style = style;
  
 Index: auth2.c
---- auth2.c.orig	2007-05-20 06:58:41 +0200
-+++ auth2.c	2007-09-05 08:40:36 +0200
+--- auth2.c.orig	2007-10-26 06:26:16 +0200
++++ auth2.c	2008-03-31 08:34:25 +0200
 @@ -44,6 +44,9 @@
  #include "dispatch.h"
  #include "pathnames.h"
@@ -61,7 +61,7 @@ Index: auth2.c
  
  #ifdef GSSAPI
  #include "ssh-gss.h"
-@@ -143,6 +146,10 @@
+@@ -142,6 +145,10 @@
  	Authmethod *m = NULL;
  	char *user, *service, *method, *style = NULL;
  	int authenticated = 0;
@@ -72,7 +72,7 @@ Index: auth2.c
  
  	if (authctxt == NULL)
  		fatal("input_userauth_request: no authctxt");
-@@ -156,6 +163,25 @@
+@@ -155,6 +162,25 @@
  	if ((style = strchr(user, ':')) != NULL)
  		*style++ = 0;
  
@@ -99,21 +99,21 @@ Index: auth2.c
  		/* setup auth context */
  		authctxt->pw = PRIVSEP(getpwnamallow(user));
 Index: servconf.c
---- servconf.c.orig	2007-05-20 07:03:16 +0200
-+++ servconf.c	2007-09-05 08:40:36 +0200
-@@ -122,6 +122,9 @@
- 	options->permit_tun = -1;
+--- servconf.c.orig	2008-02-10 12:48:55 +0100
++++ servconf.c	2008-03-31 08:35:14 +0200
+@@ -123,6 +123,9 @@
  	options->num_permitted_opens = -1;
  	options->adm_forced_command = NULL;
+ 	options->chroot_directory = NULL;
 +#ifdef USE_ALIAS
 + 	options->num_alias = 0;
 +#endif
  }
  
  void
-@@ -293,6 +296,9 @@
+@@ -294,6 +297,9 @@
  	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
- 	sMatch, sPermitOpen, sForceCommand,
+ 	sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
  	sUsePrivilegeSeparation,
 +#ifdef USE_ALIAS
 +	sAlias,
@@ -121,17 +121,17 @@ Index: servconf.c
  	sDeprecated, sUnsupported
  } ServerOpCodes;
  
-@@ -403,6 +409,9 @@
-  	{ "match", sMatch, SSHCFG_ALL },
+@@ -405,6 +411,9 @@
  	{ "permitopen", sPermitOpen, SSHCFG_ALL },
  	{ "forcecommand", sForceCommand, SSHCFG_ALL },
+ 	{ "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
 +#ifdef USE_ALIAS
 + 	{ "alias", sAlias },
 +#endif
  	{ NULL, sBadOption, 0 }
  };
  
-@@ -1260,6 +1269,26 @@
+@@ -1276,6 +1285,26 @@
  		    arg = strdelim(&cp);
  		break;
  
@@ -159,12 +159,12 @@ Index: servconf.c
  		logit("%s line %d: Unsupported option %s",
  		    filename, linenum, arg);
 Index: servconf.h
---- servconf.h.orig	2007-02-19 12:25:38 +0100
-+++ servconf.h	2007-09-05 08:40:36 +0200
-@@ -141,6 +141,14 @@
- 	int	permit_tun;
- 
+--- servconf.h.orig	2008-03-07 08:31:24 +0100
++++ servconf.h	2008-03-31 08:34:49 +0200
+@@ -146,6 +146,14 @@
  	int	num_permitted_opens;
+ 
+ 	char   *chroot_directory;
 +#ifdef USE_ALIAS
 +#define MAX_ALIAS 256
 +	u_int num_alias;
@@ -177,8 +177,8 @@ Index: servconf.h
  
  void	 initialize_server_options(ServerOptions *);
 Index: sshd_config.5
---- sshd_config.5.orig	2007-06-11 06:07:13 +0200
-+++ sshd_config.5	2007-09-05 08:40:36 +0200
+--- sshd_config.5.orig	2008-03-27 01:02:02 +0100
++++ sshd_config.5	2008-03-31 08:34:25 +0200
 @@ -95,6 +95,15 @@
  (use IPv6 only).
  The default is

openssh/openssh.patch.chroot

@@ -1,7 +1,7 @@
 Index: scp.c
---- scp.c.orig	2007-08-08 06:29:58 +0200
-+++ scp.c	2007-09-05 08:41:00 +0200
-@@ -131,6 +131,11 @@
+--- scp.c.orig	2008-03-14 01:59:50 +0100
++++ scp.c	2008-03-31 08:37:01 +0200
+@@ -140,6 +140,11 @@
  /* This is the program to execute for the secured connection. ("ssh" or -S) */
  char *ssh_program = _PATH_SSH_PROGRAM;
  
@@ -13,7 +13,7 @@ Index: scp.c
  /* This is used to store the pid of ssh_program */
  pid_t do_cmd_pid = -1;
  
-@@ -313,7 +318,11 @@
+@@ -323,7 +328,11 @@
  	addargs(&args, "-oClearAllForwardings yes");
  
  	fflag = tflag = 0;
@@ -25,7 +25,7 @@ Index: scp.c
  		switch (ch) {
  		/* User-visible flags. */
  		case '1':
-@@ -374,6 +383,11 @@
+@@ -384,6 +393,11 @@
  			setmode(0, O_BINARY);
  #endif
  			break;
@@ -37,7 +37,7 @@ Index: scp.c
  		default:
  			usage();
  		}
-@@ -389,6 +403,19 @@
+@@ -399,6 +413,19 @@
  	remin = STDIN_FILENO;
  	remout = STDOUT_FILENO;
  
@@ -58,12 +58,12 @@ Index: scp.c
  		/* Follow "protocol", send data. */
  		(void) response();
 Index: session.c
---- session.c.orig	2007-08-16 15:28:04 +0200
-+++ session.c	2007-09-05 08:41:00 +0200
-@@ -1337,6 +1337,26 @@
- 			exit(1);
+--- session.c.orig	2008-03-27 01:03:05 +0100
++++ session.c	2008-03-31 08:39:07 +0200
+@@ -1426,6 +1426,25 @@
+ 			free(tmp);
+ 			free(chroot_path);
  		}
- 		endgrent();
 +# ifdef USE_CHROOT
 +		{
 +			char *user_dir;
@@ -75,8 +75,7 @@ Index: session.c
 +			    if (strncmp(new_root, "/./", 3) == 0) {
 +			        *new_root = '\0';
 +			        new_root += 2;
-+			        if (chroot(user_dir) == -1)
-+			            fatal("Couldn't chroot to user directory \"%s\"", user_dir);
++			        safe_chroot(user_dir, pw->pw_uid);
 +			        pw->pw_dir = new_root;
 +			        break;
 +			    }
@@ -84,15 +83,15 @@ Index: session.c
 +			}
 +		}
 +# endif /* USE_CHROOT */
- #ifdef GSSAPI
- 		if (options.gss_authentication) {
- 			temporarily_use_uid(pw);
-Index: sftp-server.c
---- sftp-server.c.orig	2007-05-20 07:09:05 +0200
-+++ sftp-server.c	2007-09-05 08:41:00 +0200
-@@ -1273,6 +1273,38 @@
  
- 	handle_init();
+ #ifdef HAVE_LOGIN_CAP
+ 		if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) {
+Index: sftp-server.c
+--- sftp-server.c.orig	2008-03-07 08:33:53 +0100
++++ sftp-server.c	2008-03-31 08:37:01 +0200
+@@ -1302,6 +1302,38 @@
+ 	logit("session opened for local user %s from [%s]",
+ 	    pw->pw_name, client_addr);
  
 +#ifdef USE_CHROOT
 +{

openssh/openssh.patch.scpbindir

@@ -1,7 +1,7 @@
 Index: session.c
---- session.c.orig	2007-08-16 15:28:04 +0200
-+++ session.c	2007-09-05 08:41:17 +0200
-@@ -92,6 +92,10 @@
+--- session.c.orig	2008-03-27 01:03:05 +0100
++++ session.c	2008-03-31 08:56:59 +0200
+@@ -94,6 +94,10 @@
  #include <kafs.h>
  #endif
  
@@ -12,7 +12,7 @@ Index: session.c
  /* func */
  
  Session *session_new(void);
-@@ -680,6 +684,21 @@
+@@ -673,6 +677,21 @@
  void
  do_exec(Session *s, const char *command)
  {

openssh/openssh.patch.sftplogging

@@ -1,20 +1,20 @@
 Index: servconf.c
---- servconf.c.orig	2007-05-20 07:03:16 +0200
-+++ servconf.c	2007-09-05 08:41:42 +0200
-@@ -122,6 +122,12 @@
- 	options->permit_tun = -1;
+--- servconf.c.orig	2008-02-10 12:48:55 +0100
++++ servconf.c	2008-03-31 08:58:32 +0200
+@@ -123,6 +123,12 @@
  	options->num_permitted_opens = -1;
  	options->adm_forced_command = NULL;
-+	options->log_sftp = LOG_SFTP_NOT_SET;
-+	options->sftp_log_facility = SYSLOG_FACILITY_NOT_SET;
-+	options->sftp_log_level = SYSLOG_LEVEL_NOT_SET;
-+	memset(options->sftp_umask, 0, SFTP_UMASK_LENGTH);
-+	options->sftp_permit_chmod = SFTP_PERMIT_NOT_SET;
-+	options->sftp_permit_chown = SFTP_PERMIT_NOT_SET;
+ 	options->chroot_directory = NULL;
++ 	options->log_sftp = LOG_SFTP_NOT_SET;
++ 	options->sftp_log_facility = SYSLOG_FACILITY_NOT_SET;
++ 	options->sftp_log_level = SYSLOG_LEVEL_NOT_SET;
++ 	memset(options->sftp_umask, 0, SFTP_UMASK_LENGTH);
++ 	options->sftp_permit_chmod = SFTP_PERMIT_NOT_SET;
++ 	options->sftp_permit_chown = SFTP_PERMIT_NOT_SET;
  }
  
  void
-@@ -250,6 +256,24 @@
+@@ -251,6 +257,24 @@
  	if (options->permit_tun == -1)
  		options->permit_tun = SSH_TUNMODE_NO;
  
@@ -39,9 +39,9 @@ Index: servconf.c
  	/* Turn privilege separation on by default */
  	if (use_privsep == -1)
  		use_privsep = 1;
-@@ -293,6 +317,9 @@
+@@ -294,6 +318,9 @@
  	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
- 	sMatch, sPermitOpen, sForceCommand,
+ 	sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
  	sUsePrivilegeSeparation,
 +	sLogSftp, sSftpLogFacility, sSftpLogLevel,
 +	sSftpUmask,
@@ -49,7 +49,7 @@ Index: servconf.c
  	sDeprecated, sUnsupported
  } ServerOpCodes;
  
-@@ -307,6 +334,12 @@
+@@ -308,6 +335,12 @@
  	u_int flags;
  } keywords[] = {
  	/* Portable-specific options */
@@ -62,7 +62,7 @@ Index: servconf.c
  #ifdef USE_PAM
  	{ "usepam", sUsePAM, SSHCFG_GLOBAL },
  #else
-@@ -625,6 +658,8 @@
+@@ -629,6 +662,8 @@
  	u_short port;
  	u_int i, flags = 0;
  	size_t len;
@@ -71,11 +71,10 @@ Index: servconf.c
  
  	cp = line;
  	if ((arg = strdelim(&cp)) == NULL)
-@@ -1145,6 +1180,58 @@
- 	case sBanner:
+@@ -1150,6 +1185,58 @@
  		charptr = &options->banner;
  		goto parse_filename;
-+
+ 
 +        case sLogSftp:
 +                intptr = &options->log_sftp;
 +                goto parse_flag;
@@ -126,13 +125,14 @@ Index: servconf.c
 +        case sSftpPermitChown:
 +                intptr = &options->sftp_permit_chown;
 +                goto parse_flag;
++
 +
  	/*
  	 * These options can contain %X options expanded at
  	 * connect time, so that you can specify paths like:
 Index: servconf.h
---- servconf.h.orig	2007-02-19 12:25:38 +0100
-+++ servconf.h	2007-09-05 08:41:42 +0200
+--- servconf.h.orig	2008-03-07 08:31:24 +0100
++++ servconf.h	2008-03-31 08:58:54 +0200
 @@ -34,6 +34,19 @@
  #define	PERMIT_NO_PASSWD	2
  #define	PERMIT_YES		3
@@ -152,25 +152,24 @@ Index: servconf.h
 +
  #define DEFAULT_AUTH_FAIL_MAX	6	/* Default for MaxAuthTries */
  
- typedef struct {
-@@ -141,6 +154,13 @@
- 	int	permit_tun;
- 
+ /* Magic name for internal sftp-server */
+@@ -146,6 +159,12 @@
  	int	num_permitted_opens;
+ 
+ 	char   *chroot_directory;
 +	int	log_sftp;		/* perform sftp-server logging */
 +	SyslogFacility sftp_log_facility;    /* Facility for sftp subsystem logging. */
 +	LogLevel sftp_log_level;     /* Level for sftp subsystem logging. */
 +	char	sftp_umask[SFTP_UMASK_LENGTH];		/* Sftp Umask */
 +	int	sftp_permit_chmod;
 +	int	sftp_permit_chown;
-+
  }       ServerOptions;
  
  void	 initialize_server_options(ServerOptions *);
 Index: session.c
---- session.c.orig	2007-08-16 15:28:04 +0200
-+++ session.c	2007-09-05 08:41:42 +0200
-@@ -138,6 +138,15 @@
+--- session.c.orig	2008-03-27 01:03:05 +0100
++++ session.c	2008-03-31 08:57:29 +0200
+@@ -144,6 +144,15 @@
  
  static int is_child = 0;
  
@@ -186,7 +185,7 @@ Index: session.c
  /* Name and directory of socket for authentication agent forwarding. */
  static char *auth_sock_name = NULL;
  static char *auth_sock_dir = NULL;
-@@ -1011,6 +1020,7 @@
+@@ -1012,6 +1021,7 @@
  	env = xcalloc(envsize, sizeof(char *));
  	env[0] = NULL;
  
@@ -194,7 +193,7 @@ Index: session.c
  #ifdef HAVE_CYGWIN
  	/*
  	 * The Windows environment contains some setting which are
-@@ -1171,6 +1181,67 @@
+@@ -1172,6 +1182,67 @@
  		child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
  		    auth_sock_name);
  
@@ -264,7 +263,7 @@ Index: session.c
  		snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
 Index: sftp-server.8
 --- sftp-server.8.orig	2007-06-05 10:27:13 +0200
-+++ sftp-server.8	2007-09-05 08:41:42 +0200
++++ sftp-server.8	2008-03-31 08:57:29 +0200
 @@ -49,6 +49,20 @@
  .Cm Subsystem
  declaration.
@@ -287,8 +286,8 @@ Index: sftp-server.8
  for more information.
  .Pp
 Index: sftp-server.c
---- sftp-server.c.orig	2007-05-20 07:09:05 +0200
-+++ sftp-server.c	2007-09-05 08:42:11 +0200
+--- sftp-server.c.orig	2008-03-07 08:33:53 +0100
++++ sftp-server.c	2008-03-31 08:57:29 +0200
 @@ -53,6 +53,12 @@
  /* Our verbosity */
  LogLevel log_level = SYSLOG_LEVEL_ERROR;
@@ -302,7 +301,7 @@ Index: sftp-server.c
  /* Our client */
  struct passwd *pw = NULL;
  char *client_addr = NULL;
-@@ -499,6 +505,12 @@
+@@ -509,6 +515,12 @@
  	a = get_attrib();
  	flags = flags_from_portable(pflags);
  	mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
@@ -315,7 +314,7 @@ Index: sftp-server.c
  	logit("open \"%s\" flags %s mode 0%o",
  	    name, string_from_portable(pflags), mode);
  	fd = open(name, flags, mode);
-@@ -513,6 +525,8 @@
+@@ -523,6 +535,8 @@
  			status = SSH2_FX_OK;
  		}
  	}
@@ -324,7 +323,7 @@ Index: sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  	xfree(name);
-@@ -570,6 +584,8 @@
+@@ -580,6 +594,8 @@
  			}
  		}
  	}
@@ -333,7 +332,7 @@ Index: sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  }
-@@ -609,6 +625,8 @@
+@@ -619,6 +635,8 @@
  			}
  		}
  	}
@@ -342,7 +341,7 @@ Index: sftp-server.c
  	send_status(id, status);
  	xfree(data);
  }
-@@ -710,10 +728,19 @@
+@@ -720,10 +738,19 @@
  			status = errno_to_portable(errno);
  	}
  	if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
@@ -362,7 +361,7 @@ Index: sftp-server.c
  	}
  	if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
  		char buf[64];
-@@ -727,11 +754,20 @@
+@@ -737,11 +764,20 @@
  			status = errno_to_portable(errno);
  	}
  	if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
@@ -383,7 +382,7 @@ Index: sftp-server.c
  	}
  	send_status(id, status);
  	xfree(name);
-@@ -745,6 +781,9 @@
+@@ -755,6 +791,9 @@
  	int handle, fd, ret;
  	int status = SSH2_FX_OK;
  
@@ -393,7 +392,7 @@ Index: sftp-server.c
  	id = get_int();
  	handle = get_handle();
  	a = get_attrib();
-@@ -763,6 +802,7 @@
+@@ -773,6 +812,7 @@
  				status = errno_to_portable(errno);
  		}
  		if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
@@ -401,7 +400,7 @@ Index: sftp-server.c
  			logit("set \"%s\" mode %04o", name, a->perm);
  #ifdef HAVE_FCHMOD
  			ret = fchmod(fd, a->perm & 0777);
-@@ -771,6 +811,14 @@
+@@ -781,6 +821,14 @@
  #endif
  			if (ret == -1)
  				status = errno_to_portable(errno);
@@ -416,7 +415,7 @@ Index: sftp-server.c
  		}
  		if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
  			char buf[64];
-@@ -788,6 +836,7 @@
+@@ -798,6 +846,7 @@
  				status = errno_to_portable(errno);
  		}
  		if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
@@ -424,7 +423,7 @@ Index: sftp-server.c
  			logit("set \"%s\" owner %lu group %lu", name,
  			    (u_long)a->uid, (u_long)a->gid);
  #ifdef HAVE_FCHOWN
-@@ -797,6 +846,14 @@
+@@ -807,6 +856,14 @@
  #endif
  			if (ret == -1)
  				status = errno_to_portable(errno);
@@ -439,7 +438,7 @@ Index: sftp-server.c
  		}
  	}
  	send_status(id, status);
-@@ -827,6 +884,8 @@
+@@ -837,6 +894,8 @@
  		}
  
  	}
@@ -448,7 +447,7 @@ Index: sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  	xfree(path);
-@@ -902,6 +961,8 @@
+@@ -912,6 +971,8 @@
  	logit("remove name \"%s\"", name);
  	ret = unlink(name);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
@@ -457,7 +456,7 @@ Index: sftp-server.c
  	send_status(id, status);
  	xfree(name);
  }
-@@ -919,6 +980,12 @@
+@@ -929,6 +990,12 @@
  	a = get_attrib();
  	mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
  	    a->perm & 0777 : 0777;
@@ -470,7 +469,7 @@ Index: sftp-server.c
  	debug3("request %u: mkdir", id);
  	logit("mkdir name \"%s\" mode 0%o", name, mode);
  	ret = mkdir(name, mode);
-@@ -940,6 +1007,8 @@
+@@ -950,6 +1017,8 @@
  	logit("rmdir name \"%s\"", name);
  	ret = rmdir(name);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
@@ -479,7 +478,7 @@ Index: sftp-server.c
  	send_status(id, status);
  	xfree(name);
  }
-@@ -967,6 +1036,8 @@
+@@ -977,6 +1046,8 @@
  		s.name = s.long_name = resolvedname;
  		send_names(id, 1, &s);
  	}
@@ -488,7 +487,7 @@ Index: sftp-server.c
  	xfree(path);
  }
  
-@@ -1023,6 +1094,8 @@
+@@ -1033,6 +1104,8 @@
  			status = SSH2_FX_OK;
  	}
  	send_status(id, status);
@@ -497,7 +496,7 @@ Index: sftp-server.c
  	xfree(oldpath);
  	xfree(newpath);
  }
-@@ -1049,6 +1122,8 @@
+@@ -1059,6 +1132,8 @@
  		s.name = s.long_name = buf;
  		send_names(id, 1, &s);
  	}
@@ -506,7 +505,7 @@ Index: sftp-server.c
  	xfree(path);
  }
  
-@@ -1068,6 +1143,8 @@
+@@ -1078,6 +1153,8 @@
  	ret = symlink(oldpath, newpath);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
  	send_status(id, status);
@@ -515,7 +514,7 @@ Index: sftp-server.c
  	xfree(oldpath);
  	xfree(newpath);
  }
-@@ -1215,6 +1292,8 @@
+@@ -1249,6 +1326,8 @@
  	ssize_t len, olen, set_size;
  	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
  	char *cp, buf[4*4096];
@@ -524,7 +523,7 @@ Index: sftp-server.c
  
  	extern char *optarg;
  	extern char *__progname;
-@@ -1253,6 +1332,12 @@
+@@ -1284,6 +1363,12 @@
  		}
  	}
  
@@ -537,7 +536,7 @@ Index: sftp-server.c
  	log_init(__progname, log_level, log_facility, log_stderr);
  
  	if ((cp = getenv("SSH_CONNECTION")) != NULL) {
-@@ -1276,6 +1361,39 @@
+@@ -1305,6 +1390,39 @@
  	in = dup(STDIN_FILENO);
  	out = dup(STDOUT_FILENO);
  
@@ -578,9 +577,9 @@ Index: sftp-server.c
  	setmode(in, O_BINARY);
  	setmode(out, O_BINARY);
 Index: sshd_config.5
---- sshd_config.5.orig	2007-06-11 06:07:13 +0200
-+++ sshd_config.5	2007-09-05 08:41:42 +0200
-@@ -483,6 +483,10 @@
+--- sshd_config.5.orig	2008-03-27 01:02:02 +0100
++++ sshd_config.5	2008-03-31 08:57:29 +0200
+@@ -530,6 +530,10 @@
  DEBUG and DEBUG1 are equivalent.
  DEBUG2 and DEBUG3 each specify higher levels of debugging output.
  Logging with a DEBUG level violates the privacy of users and is not recommended.
@@ -591,7 +590,7 @@ Index: sshd_config.5
  .It Cm MACs
  Specifies the available MAC (message authentication code) algorithms.
  The MAC algorithm is used in protocol version 2
-@@ -725,6 +729,37 @@
+@@ -773,6 +777,37 @@
  .It Cm ServerKeyBits
  Defines the number of bits in the ephemeral protocol version 1 server key.
  The minimum value is 512, and the default is 768.
@@ -630,9 +629,9 @@ Index: sshd_config.5
  Specifies whether
  .Xr sshd 8
 Index: sshd_config
---- sshd_config.orig	2007-03-21 10:42:25 +0100
-+++ sshd_config	2007-09-05 08:41:42 +0200
-@@ -109,6 +109,17 @@
+--- sshd_config.orig	2008-02-10 12:40:12 +0100
++++ sshd_config	2008-03-31 08:57:29 +0200
+@@ -110,6 +110,17 @@
  # override default of no subsystems
  Subsystem	sftp	/usr/libexec/sftp-server
  

openssh/openssh.spec

@@ -22,7 +22,7 @@
 ##
 
 #   package versions
-%define       V_base        4.7
+%define       V_base        4.9
 %define       V_portable    p1
 %define       V_watchdog    4.4p1
 %define       V_ldap_base   4.6p1
@@ -41,7 +41,7 @@ Class:        CORE
 Group:        SSH
 License:      BSD
 Version:      %{V_base}%{V_portable}
-Release:      20080208
+Release:      20080331
 
 #   package options
 %option       with_fsl          yes