upgrading package: openssh 5.0p1 -> 5.1p1

openssh/openssh.patch

@@ -1,7 +1,7 @@
 Index: Makefile.in
---- Makefile.in.orig	2008-03-13 02:41:31 +0100
-+++ Makefile.in	2008-03-31 08:36:38 +0200
-@@ -231,7 +231,7 @@
+--- Makefile.in.orig	2008-07-08 16:21:12 +0200
++++ Makefile.in	2008-07-22 08:30:25 +0200
+@@ -232,7 +232,7 @@
  	-rm -rf autom4te.cache
  	(cd scard && $(MAKE) -f Makefile.in distprep)
  
@@ -12,7 +12,7 @@ Index: Makefile.in
  
 Index: auth-pam.h
 --- auth-pam.h.orig	2004-09-11 14:17:26 +0200
-+++ auth-pam.h	2008-03-31 08:36:38 +0200
++++ auth-pam.h	2008-07-22 08:30:25 +0200
 @@ -28,7 +28,7 @@
  #ifdef USE_PAM
  
@@ -23,10 +23,10 @@ Index: auth-pam.h
  
  void start_pam(Authctxt *);
 Index: version.h
---- version.h.orig	2008-03-27 01:18:13 +0100
-+++ version.h	2008-03-31 08:36:38 +0200
+--- version.h.orig	2008-07-21 10:21:06 +0200
++++ version.h	2008-07-22 08:30:25 +0200
 @@ -3,4 +3,4 @@
- #define SSH_VERSION	"OpenSSH_4.9"
+ #define SSH_VERSION	"OpenSSH_5.1"
  
  #define SSH_PORTABLE	"p1"
 -#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE

openssh/openssh.patch.alias

@@ -1,7 +1,7 @@
 Index: auth1.c
---- auth1.c.orig	2007-10-26 06:25:13 +0200
-+++ auth1.c	2008-03-31 08:34:25 +0200
-@@ -39,6 +39,9 @@
+--- auth1.c.orig	2008-07-09 12:54:05 +0200
++++ auth1.c	2008-07-22 08:31:42 +0200
+@@ -40,6 +40,9 @@
  #endif
  #include "monitor_wrap.h"
  #include "buffer.h"
@@ -11,7 +11,7 @@ Index: auth1.c
  
  /* import */
  extern ServerOptions options;
-@@ -389,6 +392,10 @@
+@@ -392,6 +395,10 @@
  {
  	u_int ulen;
  	char *user, *style = NULL;
@@ -22,7 +22,7 @@ Index: auth1.c
  
  	/* Get the name of the user that we wish to log in as. */
  	packet_read_expect(SSH_CMSG_USER);
-@@ -400,6 +407,25 @@
+@@ -403,6 +410,25 @@
  	if ((style = strchr(user, ':')) != NULL)
  		*style++ = '\0';
  
@@ -49,9 +49,9 @@ Index: auth1.c
  	authctxt->style = style;
  
 Index: auth2.c
---- auth2.c.orig	2007-10-26 06:26:16 +0200
-+++ auth2.c	2008-03-31 08:34:25 +0200
-@@ -44,6 +44,9 @@
+--- auth2.c.orig	2008-07-05 01:44:53 +0200
++++ auth2.c	2008-07-22 08:31:42 +0200
+@@ -49,6 +49,9 @@
  #include "dispatch.h"
  #include "pathnames.h"
  #include "buffer.h"
@@ -61,7 +61,7 @@ Index: auth2.c
  
  #ifdef GSSAPI
  #include "ssh-gss.h"
-@@ -142,6 +145,10 @@
+@@ -211,6 +214,10 @@
  	Authmethod *m = NULL;
  	char *user, *service, *method, *style = NULL;
  	int authenticated = 0;
@@ -72,7 +72,7 @@ Index: auth2.c
  
  	if (authctxt == NULL)
  		fatal("input_userauth_request: no authctxt");
-@@ -155,6 +162,25 @@
+@@ -224,6 +231,25 @@
  	if ((style = strchr(user, ':')) != NULL)
  		*style++ = 0;
  
@@ -99,9 +99,9 @@ Index: auth2.c
  		/* setup auth context */
  		authctxt->pw = PRIVSEP(getpwnamallow(user));
 Index: servconf.c
---- servconf.c.orig	2008-02-10 12:48:55 +0100
-+++ servconf.c	2008-03-31 08:35:14 +0200
-@@ -123,6 +123,9 @@
+--- servconf.c.orig	2008-07-04 05:51:12 +0200
++++ servconf.c	2008-07-22 08:32:07 +0200
+@@ -127,6 +127,9 @@
  	options->num_permitted_opens = -1;
  	options->adm_forced_command = NULL;
  	options->chroot_directory = NULL;
@@ -111,17 +111,17 @@ Index: servconf.c
  }
  
  void
-@@ -294,6 +297,9 @@
+@@ -302,6 +305,9 @@
  	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
  	sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
- 	sUsePrivilegeSeparation,
+ 	sUsePrivilegeSeparation, sAllowAgentForwarding,
 +#ifdef USE_ALIAS
 +	sAlias,
 +#endif
  	sDeprecated, sUnsupported
  } ServerOpCodes;
  
-@@ -405,6 +411,9 @@
+@@ -415,6 +421,9 @@
  	{ "permitopen", sPermitOpen, SSHCFG_ALL },
  	{ "forcecommand", sForceCommand, SSHCFG_ALL },
  	{ "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
@@ -131,7 +131,7 @@ Index: servconf.c
  	{ NULL, sBadOption, 0 }
  };
  
-@@ -1276,6 +1285,26 @@
+@@ -1288,6 +1297,26 @@
  		    arg = strdelim(&cp);
  		break;
  
@@ -159,9 +159,9 @@ Index: servconf.c
  		logit("%s line %d: Unsupported option %s",
  		    filename, linenum, arg);
 Index: servconf.h
---- servconf.h.orig	2008-03-07 08:31:24 +0100
-+++ servconf.h	2008-03-31 08:34:49 +0200
-@@ -146,6 +146,14 @@
+--- servconf.h.orig	2008-06-10 15:01:51 +0200
++++ servconf.h	2008-07-22 08:31:42 +0200
+@@ -149,6 +149,14 @@
  	int	num_permitted_opens;
  
  	char   *chroot_directory;
@@ -177,12 +177,12 @@ Index: servconf.h
  
  void	 initialize_server_options(ServerOptions *);
 Index: sshd_config.5
---- sshd_config.5.orig	2008-03-27 01:02:02 +0100
-+++ sshd_config.5	2008-03-31 08:34:25 +0200
-@@ -95,6 +95,15 @@
- (use IPv6 only).
- The default is
- .Dq any .
+--- sshd_config.5.orig	2008-07-02 14:35:43 +0200
++++ sshd_config.5	2008-07-22 08:32:30 +0200
+@@ -104,6 +104,15 @@
+ Note that disabling agent forwarding does not improve security
+ unless users are also denied shell access, as they can always install
+ their own forwarders.
 +.It Cm Alias
 +Specifies an optional mapping of a list of user name aliases onto
 +real user names.  The first argument is a comma separated list of

openssh/openssh.patch.chroot

@@ -1,6 +1,6 @@
 Index: scp.c
---- scp.c.orig	2008-03-14 01:59:50 +0100
-+++ scp.c	2008-03-31 08:37:01 +0200
+--- scp.c.orig	2008-07-04 15:10:49 +0200
++++ scp.c	2008-07-22 08:33:00 +0200
 @@ -140,6 +140,11 @@
  /* This is the program to execute for the secured connection. ("ssh" or -S) */
  char *ssh_program = _PATH_SSH_PROGRAM;
@@ -58,9 +58,9 @@ Index: scp.c
  		/* Follow "protocol", send data. */
  		(void) response();
 Index: session.c
---- session.c.orig	2008-03-27 01:03:05 +0100
-+++ session.c	2008-03-31 08:39:07 +0200
-@@ -1426,6 +1426,25 @@
+--- session.c.orig	2008-06-16 15:29:18 +0200
++++ session.c	2008-07-22 08:33:00 +0200
+@@ -1533,6 +1533,25 @@
  			free(tmp);
  			free(chroot_path);
  		}
@@ -87,9 +87,9 @@ Index: session.c
  #ifdef HAVE_LOGIN_CAP
  		if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) {
 Index: sftp-server.c
---- sftp-server.c.orig	2008-03-07 08:33:53 +0100
-+++ sftp-server.c	2008-03-31 08:37:01 +0200
-@@ -1302,6 +1302,38 @@
+--- sftp-server.c.orig	2008-07-04 06:10:19 +0200
++++ sftp-server.c	2008-07-22 08:33:00 +0200
+@@ -1387,6 +1387,38 @@
  	logit("session opened for local user %s from [%s]",
  	    pw->pw_name, client_addr);
  

openssh/openssh.patch.scpbindir

@@ -1,7 +1,7 @@
 Index: session.c
---- session.c.orig	2008-03-27 01:03:05 +0100
-+++ session.c	2008-03-31 08:56:59 +0200
-@@ -94,6 +94,10 @@
+--- session.c.orig	2008-06-16 15:29:18 +0200
++++ session.c	2008-07-22 08:31:23 +0200
+@@ -95,6 +95,10 @@
  #include <kafs.h>
  #endif
  
@@ -12,10 +12,10 @@ Index: session.c
  /* func */
  
  Session *session_new(void);
-@@ -673,6 +677,21 @@
- void
+@@ -777,6 +781,20 @@
  do_exec(Session *s, const char *command)
  {
+ 	int ret;
 +	char *scp_command = NULL;
 +
 +	if (   command != NULL
@@ -30,12 +30,11 @@ Index: session.c
 +		command = (const char *)scp_command;
 +		debug("Forced SCP command '%.900s'", command);
 +	}
-+
+ 
  	if (options.adm_forced_command) {
  		original_command = command;
- 		command = options.adm_forced_command;
-@@ -708,6 +727,8 @@
- 		do_exec_no_pty(s, command);
+@@ -813,6 +831,8 @@
+ 		ret = do_exec_no_pty(s, command);
  
  	original_command = NULL;
 +	if (scp_command != NULL)

openssh/openssh.patch.sftplogging

@@ -1,7 +1,7 @@
 Index: servconf.c
---- servconf.c.orig	2008-02-10 12:48:55 +0100
-+++ servconf.c	2008-03-31 08:58:32 +0200
-@@ -123,6 +123,12 @@
+--- servconf.c.orig	2008-07-04 05:51:12 +0200
++++ servconf.c	2008-07-22 08:33:33 +0200
+@@ -127,6 +127,12 @@
  	options->num_permitted_opens = -1;
  	options->adm_forced_command = NULL;
  	options->chroot_directory = NULL;
@@ -14,7 +14,7 @@ Index: servconf.c
  }
  
  void
-@@ -251,6 +257,24 @@
+@@ -259,6 +265,24 @@
  	if (options->permit_tun == -1)
  		options->permit_tun = SSH_TUNMODE_NO;
  
@@ -39,17 +39,17 @@ Index: servconf.c
  	/* Turn privilege separation on by default */
  	if (use_privsep == -1)
  		use_privsep = 1;
-@@ -294,6 +318,9 @@
+@@ -302,6 +326,9 @@
  	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
  	sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
- 	sUsePrivilegeSeparation,
+ 	sUsePrivilegeSeparation, sAllowAgentForwarding,
 +	sLogSftp, sSftpLogFacility, sSftpLogLevel,
 +	sSftpUmask,
 +	sSftpPermitChown, sSftpPermitChmod,
  	sDeprecated, sUnsupported
  } ServerOpCodes;
  
-@@ -308,6 +335,12 @@
+@@ -316,6 +343,12 @@
  	u_int flags;
  } keywords[] = {
  	/* Portable-specific options */
@@ -62,7 +62,7 @@ Index: servconf.c
  #ifdef USE_PAM
  	{ "usepam", sUsePAM, SSHCFG_GLOBAL },
  #else
-@@ -629,6 +662,8 @@
+@@ -636,6 +669,8 @@
  	u_short port;
  	u_int i, flags = 0;
  	size_t len;
@@ -71,7 +71,7 @@ Index: servconf.c
  
  	cp = line;
  	if ((arg = strdelim(&cp)) == NULL)
-@@ -1150,6 +1185,58 @@
+@@ -1165,6 +1200,58 @@
  		charptr = &options->banner;
  		goto parse_filename;
  
@@ -131,8 +131,8 @@ Index: servconf.c
  	 * These options can contain %X options expanded at
  	 * connect time, so that you can specify paths like:
 Index: servconf.h
---- servconf.h.orig	2008-03-07 08:31:24 +0100
-+++ servconf.h	2008-03-31 08:58:54 +0200
+--- servconf.h.orig	2008-06-10 15:01:51 +0200
++++ servconf.h	2008-07-22 08:33:13 +0200
 @@ -34,6 +34,19 @@
  #define	PERMIT_NO_PASSWD	2
  #define	PERMIT_YES		3
@@ -151,9 +151,9 @@ Index: servconf.h
 +#define SFTP_PERMIT_YES		1
 +
  #define DEFAULT_AUTH_FAIL_MAX	6	/* Default for MaxAuthTries */
+ #define DEFAULT_SESSIONS_MAX	10	/* Default for MaxSessions */
  
- /* Magic name for internal sftp-server */
-@@ -146,6 +159,12 @@
+@@ -149,6 +162,12 @@
  	int	num_permitted_opens;
  
  	char   *chroot_directory;
@@ -167,9 +167,9 @@ Index: servconf.h
  
  void	 initialize_server_options(ServerOptions *);
 Index: session.c
---- session.c.orig	2008-03-27 01:03:05 +0100
-+++ session.c	2008-03-31 08:57:29 +0200
-@@ -144,6 +144,15 @@
+--- session.c.orig	2008-06-16 15:29:18 +0200
++++ session.c	2008-07-22 08:33:13 +0200
+@@ -146,6 +146,15 @@
  
  static int is_child = 0;
  
@@ -185,7 +185,7 @@ Index: session.c
  /* Name and directory of socket for authentication agent forwarding. */
  static char *auth_sock_name = NULL;
  static char *auth_sock_dir = NULL;
-@@ -1012,6 +1021,7 @@
+@@ -1119,6 +1128,7 @@
  	env = xcalloc(envsize, sizeof(char *));
  	env[0] = NULL;
  
@@ -193,7 +193,7 @@ Index: session.c
  #ifdef HAVE_CYGWIN
  	/*
  	 * The Windows environment contains some setting which are
-@@ -1172,6 +1182,67 @@
+@@ -1279,6 +1289,67 @@
  		child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
  		    auth_sock_name);
  
@@ -262,8 +262,8 @@ Index: session.c
  	if (options.permit_user_env && !options.use_login) {
  		snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
 Index: sftp-server.8
---- sftp-server.8.orig	2007-06-05 10:27:13 +0200
-+++ sftp-server.8	2008-03-31 08:57:29 +0200
+--- sftp-server.8.orig	2008-07-21 10:20:40 +0200
++++ sftp-server.8	2008-07-22 08:33:14 +0200
 @@ -49,6 +49,20 @@
  .Cm Subsystem
  declaration.
@@ -286,9 +286,9 @@ Index: sftp-server.8
  for more information.
  .Pp
 Index: sftp-server.c
---- sftp-server.c.orig	2008-03-07 08:33:53 +0100
-+++ sftp-server.c	2008-03-31 08:57:29 +0200
-@@ -53,6 +53,12 @@
+--- sftp-server.c.orig	2008-07-04 06:10:19 +0200
++++ sftp-server.c	2008-07-22 08:35:27 +0200
+@@ -59,6 +59,12 @@
  /* Our verbosity */
  LogLevel log_level = SYSLOG_LEVEL_ERROR;
  
@@ -301,7 +301,7 @@ Index: sftp-server.c
  /* Our client */
  struct passwd *pw = NULL;
  char *client_addr = NULL;
-@@ -509,6 +515,12 @@
+@@ -551,6 +557,12 @@
  	a = get_attrib();
  	flags = flags_from_portable(pflags);
  	mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
@@ -314,7 +314,7 @@ Index: sftp-server.c
  	logit("open \"%s\" flags %s mode 0%o",
  	    name, string_from_portable(pflags), mode);
  	fd = open(name, flags, mode);
-@@ -523,6 +535,8 @@
+@@ -565,6 +577,8 @@
  			status = SSH2_FX_OK;
  		}
  	}
@@ -323,7 +323,7 @@ Index: sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  	xfree(name);
-@@ -580,6 +594,8 @@
+@@ -622,6 +636,8 @@
  			}
  		}
  	}
@@ -332,7 +332,7 @@ Index: sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  }
-@@ -619,6 +635,8 @@
+@@ -661,6 +677,8 @@
  			}
  		}
  	}
@@ -341,13 +341,13 @@ Index: sftp-server.c
  	send_status(id, status);
  	xfree(data);
  }
-@@ -720,10 +738,19 @@
+@@ -762,10 +780,20 @@
  			status = errno_to_portable(errno);
  	}
  	if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
 +		if (permit_chmod == 1) {
  		logit("set \"%s\" mode %04o", name, a->perm);
- 		ret = chmod(name, a->perm & 0777);
+ 		ret = chmod(name, a->perm & 07777);
  		if (ret == -1)
  			status = errno_to_portable(errno);
 +		else
@@ -358,10 +358,11 @@ Index: sftp-server.c
 +			if (permit_logging == 1)
 +				logit("chmod %s: operation prohibited by sftp-server configuration.", name);
 +		}
++  	}
  	}
  	if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
  		char buf[64];
-@@ -737,11 +764,20 @@
+@@ -779,11 +807,20 @@
  			status = errno_to_portable(errno);
  	}
  	if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
@@ -382,7 +383,7 @@ Index: sftp-server.c
  	}
  	send_status(id, status);
  	xfree(name);
-@@ -755,6 +791,9 @@
+@@ -797,6 +834,9 @@
  	int handle, fd, ret;
  	int status = SSH2_FX_OK;
  
@@ -392,15 +393,15 @@ Index: sftp-server.c
  	id = get_int();
  	handle = get_handle();
  	a = get_attrib();
-@@ -773,6 +812,7 @@
+@@ -815,6 +855,7 @@
  				status = errno_to_portable(errno);
  		}
  		if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
 +			if (permit_chmod == 1) {
  			logit("set \"%s\" mode %04o", name, a->perm);
  #ifdef HAVE_FCHMOD
- 			ret = fchmod(fd, a->perm & 0777);
-@@ -781,6 +821,14 @@
+ 			ret = fchmod(fd, a->perm & 07777);
+@@ -823,6 +864,14 @@
  #endif
  			if (ret == -1)
  				status = errno_to_portable(errno);
@@ -415,7 +416,7 @@ Index: sftp-server.c
  		}
  		if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
  			char buf[64];
-@@ -798,6 +846,7 @@
+@@ -840,6 +889,7 @@
  				status = errno_to_portable(errno);
  		}
  		if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
@@ -423,7 +424,7 @@ Index: sftp-server.c
  			logit("set \"%s\" owner %lu group %lu", name,
  			    (u_long)a->uid, (u_long)a->gid);
  #ifdef HAVE_FCHOWN
-@@ -807,6 +856,14 @@
+@@ -849,6 +899,14 @@
  #endif
  			if (ret == -1)
  				status = errno_to_portable(errno);
@@ -438,7 +439,7 @@ Index: sftp-server.c
  		}
  	}
  	send_status(id, status);
-@@ -837,6 +894,8 @@
+@@ -879,6 +937,8 @@
  		}
  
  	}
@@ -447,7 +448,7 @@ Index: sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  	xfree(path);
-@@ -912,6 +971,8 @@
+@@ -954,6 +1014,8 @@
  	logit("remove name \"%s\"", name);
  	ret = unlink(name);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
@@ -456,10 +457,10 @@ Index: sftp-server.c
  	send_status(id, status);
  	xfree(name);
  }
-@@ -929,6 +990,12 @@
+@@ -971,6 +1033,12 @@
  	a = get_attrib();
  	mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
- 	    a->perm & 0777 : 0777;
+ 	    a->perm & 07777 : 0777;
 +        if (setumask != 0) {
 +		if (permit_logging == 1)
 +                	logit("setting directory creation mode to 0777 and umask to %o.", setumask);
@@ -469,7 +470,7 @@ Index: sftp-server.c
  	debug3("request %u: mkdir", id);
  	logit("mkdir name \"%s\" mode 0%o", name, mode);
  	ret = mkdir(name, mode);
-@@ -950,6 +1017,8 @@
+@@ -992,6 +1060,8 @@
  	logit("rmdir name \"%s\"", name);
  	ret = rmdir(name);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
@@ -478,7 +479,7 @@ Index: sftp-server.c
  	send_status(id, status);
  	xfree(name);
  }
-@@ -977,6 +1046,8 @@
+@@ -1019,6 +1089,8 @@
  		s.name = s.long_name = resolvedname;
  		send_names(id, 1, &s);
  	}
@@ -487,7 +488,7 @@ Index: sftp-server.c
  	xfree(path);
  }
  
-@@ -1033,6 +1104,8 @@
+@@ -1078,6 +1150,8 @@
  			status = SSH2_FX_OK;
  	}
  	send_status(id, status);
@@ -496,7 +497,7 @@ Index: sftp-server.c
  	xfree(oldpath);
  	xfree(newpath);
  }
-@@ -1059,6 +1132,8 @@
+@@ -1104,6 +1178,8 @@
  		s.name = s.long_name = buf;
  		send_names(id, 1, &s);
  	}
@@ -505,7 +506,7 @@ Index: sftp-server.c
  	xfree(path);
  }
  
-@@ -1078,6 +1153,8 @@
+@@ -1123,6 +1199,8 @@
  	ret = symlink(oldpath, newpath);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
  	send_status(id, status);
@@ -514,7 +515,7 @@ Index: sftp-server.c
  	xfree(oldpath);
  	xfree(newpath);
  }
-@@ -1249,6 +1326,8 @@
+@@ -1334,6 +1412,8 @@
  	ssize_t len, olen, set_size;
  	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
  	char *cp, buf[4*4096];
@@ -523,7 +524,7 @@ Index: sftp-server.c
  
  	extern char *optarg;
  	extern char *__progname;
-@@ -1284,6 +1363,12 @@
+@@ -1369,6 +1449,12 @@
  		}
  	}
  
@@ -536,7 +537,7 @@ Index: sftp-server.c
  	log_init(__progname, log_level, log_facility, log_stderr);
  
  	if ((cp = getenv("SSH_CONNECTION")) != NULL) {
-@@ -1305,6 +1390,39 @@
+@@ -1390,6 +1476,39 @@
  	in = dup(STDIN_FILENO);
  	out = dup(STDOUT_FILENO);
  
@@ -577,9 +578,9 @@ Index: sftp-server.c
  	setmode(in, O_BINARY);
  	setmode(out, O_BINARY);
 Index: sshd_config.5
---- sshd_config.5.orig	2008-03-27 01:02:02 +0100
-+++ sshd_config.5	2008-03-31 08:57:29 +0200
-@@ -530,6 +530,10 @@
+--- sshd_config.5.orig	2008-07-02 14:35:43 +0200
++++ sshd_config.5	2008-07-22 08:35:50 +0200
+@@ -539,6 +539,10 @@
  DEBUG and DEBUG1 are equivalent.
  DEBUG2 and DEBUG3 each specify higher levels of debugging output.
  Logging with a DEBUG level violates the privacy of users and is not recommended.
@@ -590,10 +591,10 @@ Index: sshd_config.5
  .It Cm MACs
  Specifies the available MAC (message authentication code) algorithms.
  The MAC algorithm is used in protocol version 2
-@@ -773,6 +777,37 @@
+@@ -812,6 +816,37 @@
  .It Cm ServerKeyBits
  Defines the number of bits in the ephemeral protocol version 1 server key.
- The minimum value is 512, and the default is 768.
+ The minimum value is 512, and the default is 1024.
 +.It Cm SftpLogFacility
 +Gives the facility code that is used when logging
 +.Nm sftp-server .
@@ -629,9 +630,9 @@ Index: sshd_config.5
  Specifies whether
  .Xr sshd 8
 Index: sshd_config
---- sshd_config.orig	2008-02-10 12:40:12 +0100
-+++ sshd_config	2008-03-31 08:57:29 +0200
-@@ -110,6 +110,17 @@
+--- sshd_config.orig	2008-07-02 14:35:43 +0200
++++ sshd_config	2008-07-22 08:33:14 +0200
+@@ -112,6 +112,17 @@
  # override default of no subsystems
  Subsystem	sftp	/usr/libexec/sftp-server
  

openssh/openssh.spec

@@ -22,7 +22,7 @@
 ##
 
 #   package versions
-%define       V_base        5.0
+%define       V_base        5.1
 %define       V_portable    p1
 %define       V_watchdog    4.4p1
 %define       V_ldap_base   4.6p1
@@ -41,7 +41,7 @@ Class:        CORE
 Group:        SSH
 License:      BSD
 Version:      %{V_base}%{V_portable}
-Release:      20080609
+Release:      20080722
 
 #   package options
 %option       with_fsl          yes