openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

temporarily downgrade to avoid trouble with old Gogs SSH implementation

master
Dr. Ralf S. Engelschall 4 years ago
parent
7721c6a214
commit
a443f9e583
5 changed files with 89 additions and 89 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 24
      openssh/openssh.patch.alias
  2. 30
      openssh/openssh.patch.chroot
  3. 114
      openssh/openssh.patch.lpk
  4. 4
      openssh/openssh.patch.scpbindir
  5. 6
      openssh/openssh.spec

24
openssh/openssh.patch.alias
Unescape View File

@ -1,6 +1,6 @@
Index: auth2.c Index: auth2.c
--- auth2.c.orig 2021-09-26 16:03:19.000000000 +0200 --- auth2.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ auth2.c 2021-09-30 12:00:44.627802000 +0200 +++ auth2.c 2021-03-03 08:25:17.978876000 +0100
@@ -58,6 +58,9 @@ @@ -58,6 +58,9 @@
#endif #endif
#include "monitor_wrap.h" #include "monitor_wrap.h"
@ -49,9 +49,9 @@ Index: auth2.c
/* setup auth context */ /* setup auth context */
authctxt->pw = PRIVSEP(getpwnamallow(ssh, user)); authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
Index: servconf.c Index: servconf.c
--- servconf.c.orig 2021-09-26 16:03:19.000000000 +0200 --- servconf.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ servconf.c 2021-09-30 12:00:44.629664000 +0200 +++ servconf.c 2021-03-03 08:25:17.979352000 +0100
@@ -195,6 +195,9 @@ @@ -196,6 +196,9 @@
options->fingerprint_hash = -1; options->fingerprint_hash = -1;
options->disable_forwarding = -1; options->disable_forwarding = -1;
options->expose_userauth_info = -1; options->expose_userauth_info = -1;
@ -61,7 +61,7 @@ Index: servconf.c
} }
/* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */
@@ -517,6 +520,9 @@ @@ -520,6 +523,9 @@
sStreamLocalBindMask, sStreamLocalBindUnlink, sStreamLocalBindMask, sStreamLocalBindUnlink,
sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding,
sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider,
@ -71,7 +71,7 @@ Index: servconf.c
sDeprecated, sIgnore, sUnsupported sDeprecated, sIgnore, sUnsupported
} ServerOpCodes; } ServerOpCodes;
@@ -676,6 +682,9 @@ @@ -678,6 +684,9 @@
{ "rdomain", sRDomain, SSHCFG_ALL }, { "rdomain", sRDomain, SSHCFG_ALL },
{ "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL },
{ "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL },
@ -81,7 +81,7 @@ Index: servconf.c
{ NULL, sBadOption, 0 } { NULL, sBadOption, 0 }
}; };
@@ -2435,6 +2444,26 @@ @@ -2395,6 +2404,26 @@
*charptr = xstrdup(arg); *charptr = xstrdup(arg);
break; break;
@ -109,8 +109,8 @@ Index: servconf.c
case sIgnore: case sIgnore:
case sUnsupported: case sUnsupported:
Index: servconf.h Index: servconf.h
--- servconf.h.orig 2021-09-26 16:03:19.000000000 +0200 --- servconf.h.orig 2021-03-02 11:31:47.000000000 +0100
+++ servconf.h 2021-09-30 12:00:44.630463000 +0200 +++ servconf.h 2021-03-03 08:25:17.979556000 +0100
@@ -229,6 +229,14 @@ @@ -229,6 +229,14 @@
int expose_userauth_info; int expose_userauth_info;
u_int64_t timing_secret; u_int64_t timing_secret;
@ -127,8 +127,8 @@ Index: servconf.h
/* Information about the incoming connection as used by Match */ /* Information about the incoming connection as used by Match */
Index: sshd_config.5 Index: sshd_config.5
--- sshd_config.5.orig 2021-09-26 16:03:19.000000000 +0200 --- sshd_config.5.orig 2021-03-02 11:31:47.000000000 +0100
+++ sshd_config.5 2021-09-30 12:00:44.631757000 +0200 +++ sshd_config.5 2021-03-03 08:25:17.979860000 +0100
@@ -106,6 +106,15 @@ @@ -106,6 +106,15 @@
Note that disabling agent forwarding does not improve security Note that disabling agent forwarding does not improve security
unless users are also denied shell access, as they can always install unless users are also denied shell access, as they can always install

30
openssh/openssh.patch.chroot
Unescape View File

@ -1,7 +1,7 @@
Index: scp.c Index: scp.c
--- scp.c.orig 2021-09-26 16:03:19.000000000 +0200 --- scp.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ scp.c 2021-09-30 12:00:21.319372000 +0200 +++ scp.c 2021-03-03 08:26:22.056945000 +0100
@@ -171,6 +171,11 @@ @@ -159,6 +159,11 @@
/* This is the program to execute for the secured connection. ("ssh" or -S) */ /* This is the program to execute for the secured connection. ("ssh" or -S) */
char *ssh_program = _PATH_SSH_PROGRAM; char *ssh_program = _PATH_SSH_PROGRAM;
@ -12,32 +12,32 @@ Index: scp.c
+ +
/* This is used to store the pid of ssh_program */ /* This is used to store the pid of ssh_program */
pid_t do_cmd_pid = -1; pid_t do_cmd_pid = -1;
pid_t do_cmd_pid2 = -1;
@@ -481,7 +486,11 @@ @@ -432,7 +437,11 @@
fflag = Tflag = tflag = 0; fflag = Tflag = tflag = 0;
while ((ch = getopt(argc, argv, while ((ch = getopt(argc, argv,
+#ifdef USE_CHROOT +#ifdef USE_CHROOT
+ "12346ABCTdfOpqRrstvD:F:J:M:P:S:c:i:l:o:X:")) != -1) { + "12346ABCTdfpqrtvF:J:P:S:c:i:l:o:R:")) != -1) {
+#else +#else
"12346ABCTdfOpqRrstvD:F:J:M:P:S:c:i:l:o:")) != -1) { "12346ABCTdfpqrtvF:J:P:S:c:i:l:o:")) != -1) {
+#endif +#endif
switch (ch) { switch (ch) {
/* User-visible flags. */ /* User-visible flags. */
case '1': case '1':
@@ -581,6 +590,11 @@ @@ -516,6 +525,11 @@
case 'T': case 'T':
Tflag = 1; Tflag = 1;
break; break;
+#ifdef USE_CHROOT +#ifdef USE_CHROOT
+ case 'X': + case 'R':
+ chrootdir = xstrdup(optarg); + chrootdir = xstrdup(optarg);
+ break; + break;
+#endif +#endif
default: default:
usage(); usage();
} }
@@ -615,6 +629,19 @@ @@ -545,6 +559,19 @@
remin = STDIN_FILENO; remin = STDIN_FILENO;
remout = STDOUT_FILENO; remout = STDOUT_FILENO;
@ -58,8 +58,8 @@ Index: scp.c
/* Follow "protocol", send data. */ /* Follow "protocol", send data. */
(void) response(); (void) response();
Index: session.c Index: session.c
--- session.c.orig 2021-09-26 16:03:19.000000000 +0200 --- session.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ session.c 2021-09-30 11:59:33.904574000 +0200 +++ session.c 2021-03-03 08:25:31.704168000 +0100
@@ -1402,6 +1402,25 @@ @@ -1402,6 +1402,25 @@
options.chroot_directory = NULL; options.chroot_directory = NULL;
in_chroot = 1; in_chroot = 1;
@ -87,9 +87,9 @@ Index: session.c
#ifdef HAVE_LOGIN_CAP #ifdef HAVE_LOGIN_CAP
if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) { if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) {
Index: sftp-server.c Index: sftp-server.c
--- sftp-server.c.orig 2021-09-26 16:03:19.000000000 +0200 --- sftp-server.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ sftp-server.c 2021-09-30 11:59:33.905055000 +0200 +++ sftp-server.c 2021-03-03 08:25:31.704450000 +0100
@@ -1818,6 +1818,38 @@ @@ -1717,6 +1717,38 @@
logit("session opened for local user %s from [%s]", logit("session opened for local user %s from [%s]",
pw->pw_name, client_addr); pw->pw_name, client_addr);

114
openssh/openssh.patch.lpk
Unescape View File

@ -1,18 +1,18 @@
Index: Makefile.in Index: Makefile.in
--- Makefile.in.orig 2021-09-26 16:03:19.000000000 +0200 --- Makefile.in.orig 2021-03-02 11:31:47.000000000 +0100
+++ Makefile.in 2021-09-30 12:01:07.588022000 +0200 +++ Makefile.in 2021-03-03 08:26:38.162144000 +0100
@@ -129,7 +129,7 @@ @@ -128,7 +128,7 @@
srclimit.o sftp-server.o sftp-common.o \ srclimit.o sftp-server.o sftp-common.o \
sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
- sandbox-solaris.o uidswap.o $(SKOBJS) - sandbox-solaris.o uidswap.o $(SKOBJS)
+ sandbox-solaris.o uidswap.o ldapauth.o $(SKOBJS) + sandbox-solaris.o uidswap.o ldapauth.o $(SKOBJS)
SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o SCP_OBJS= scp.o progressmeter.o
Index: README.lpk Index: README.lpk
--- README.lpk.orig 2021-09-30 12:01:07.589683000 +0200 --- README.lpk.orig 2021-03-03 08:26:38.162489000 +0100
+++ README.lpk 2021-09-30 12:01:07.589238000 +0200 +++ README.lpk 2021-03-03 08:26:38.162407000 +0100
@@ -0,0 +1,267 @@ @@ -0,0 +1,267 @@
+OpenSSH LDAP PUBLIC KEY PATCH +OpenSSH LDAP PUBLIC KEY PATCH
+Copyright (c) 2003 Eric AUGE (eau@phear.org) +Copyright (c) 2003 Eric AUGE (eau@phear.org)
@ -282,8 +282,8 @@ Index: README.lpk
+ - Eric AUGE <eau@phear.org> + - Eric AUGE <eau@phear.org>
+ - Andrea Barisani <andrea@inversepath.com> + - Andrea Barisani <andrea@inversepath.com>
Index: auth2-pubkey.c Index: auth2-pubkey.c
--- auth2-pubkey.c.orig 2021-09-26 16:03:19.000000000 +0200 --- auth2-pubkey.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ auth2-pubkey.c 2021-09-30 12:01:07.590574000 +0200 +++ auth2-pubkey.c 2021-03-03 08:26:38.162683000 +0100
@@ -71,6 +71,10 @@ @@ -71,6 +71,10 @@
#include "session.h" /* XXX for child_set_env(); refactor? */ #include "session.h" /* XXX for child_set_env(); refactor? */
#include "sk-api.h" #include "sk-api.h"
@ -295,7 +295,7 @@ Index: auth2-pubkey.c
/* import */ /* import */
extern ServerOptions options; extern ServerOptions options;
@@ -720,10 +724,76 @@ @@ -718,10 +722,76 @@
size_t linesize = 0; size_t linesize = 0;
int found_key = 0; int found_key = 0;
u_long linenum = 0; u_long linenum = 0;
@ -373,8 +373,8 @@ Index: auth2-pubkey.c
linenum++; linenum++;
/* Always consume entire file */ /* Always consume entire file */
Index: config.h.in Index: config.h.in
--- config.h.in.orig 2021-09-26 16:07:24.000000000 +0200 --- config.h.in.orig 2021-03-02 13:05:41.000000000 +0100
+++ config.h.in 2021-09-30 12:01:07.592043000 +0200 +++ config.h.in 2021-03-03 08:26:38.162979000 +0100
@@ -903,6 +903,9 @@ @@ -903,6 +903,9 @@
/* Define to 1 if you have the `localtime_r' function. */ /* Define to 1 if you have the `localtime_r' function. */
#undef HAVE_LOCALTIME_R #undef HAVE_LOCALTIME_R
@ -386,9 +386,9 @@ Index: config.h.in
#undef HAVE_LOGIN #undef HAVE_LOGIN
Index: configure.ac Index: configure.ac
--- configure.ac.orig 2021-09-26 16:03:19.000000000 +0200 --- configure.ac.orig 2021-03-02 11:31:47.000000000 +0100
+++ configure.ac 2021-09-30 12:01:07.595150000 +0200 +++ configure.ac 2021-03-03 08:26:38.163566000 +0100
@@ -1793,6 +1793,37 @@ @@ -1782,6 +1782,37 @@
CFLAGS="$SAVED_CFLAGS" CFLAGS="$SAVED_CFLAGS"
AC_SUBST([PICFLAG]) AC_SUBST([PICFLAG])
@ -426,7 +426,7 @@ Index: configure.ac
dnl Checks for library functions. Please keep in alphabetical order dnl Checks for library functions. Please keep in alphabetical order
AC_CHECK_FUNCS([ \ AC_CHECK_FUNCS([ \
Blowfish_initstate \ Blowfish_initstate \
@@ -5558,6 +5589,7 @@ @@ -5500,6 +5531,7 @@
echo " OSF SIA support: $SIA_MSG" echo " OSF SIA support: $SIA_MSG"
echo " KerberosV support: $KRB5_MSG" echo " KerberosV support: $KRB5_MSG"
echo " SELinux support: $SELINUX_MSG" echo " SELinux support: $SELINUX_MSG"
@ -435,9 +435,9 @@ Index: configure.ac
echo " libedit support: $LIBEDIT_MSG" echo " libedit support: $LIBEDIT_MSG"
echo " libldns support: $LDNS_MSG" echo " libldns support: $LDNS_MSG"
Index: configure Index: configure
--- configure.orig 2021-09-26 16:07:20.000000000 +0200 --- configure.orig 2021-03-02 13:05:37.000000000 +0100
+++ configure 2021-09-30 12:01:07.603532000 +0200 +++ configure 2021-03-03 08:26:38.165184000 +0100
@@ -1465,6 +1465,7 @@ @@ -1466,6 +1466,7 @@
--with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH) --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH)
--with-libedit[=PATH] Enable libedit support for sftp --with-libedit[=PATH] Enable libedit support for sftp
--with-audit=module Enable audit support (modules=debug,bsm,linux) --with-audit=module Enable audit support (modules=debug,bsm,linux)
@ -445,7 +445,7 @@ Index: configure
--with-pie Build Position Independent Executables if possible --with-pie Build Position Independent Executables if possible
--with-security-key-builtin include builtin U2F/FIDO support --with-security-key-builtin include builtin U2F/FIDO support
--with-ssl-dir=PATH Specify path to OpenSSL installation --with-ssl-dir=PATH Specify path to OpenSSL installation
@@ -14545,6 +14546,57 @@ @@ -14521,6 +14522,57 @@
fi fi
@ -503,7 +503,7 @@ Index: configure
for ac_func in \ for ac_func in \
arc4random \ arc4random \
arc4random_buf \ arc4random_buf \
@@ -21998,6 +22050,7 @@ @@ -21762,6 +21814,7 @@
echo " OSF SIA support: $SIA_MSG" echo " OSF SIA support: $SIA_MSG"
echo " KerberosV support: $KRB5_MSG" echo " KerberosV support: $KRB5_MSG"
echo " SELinux support: $SELINUX_MSG" echo " SELinux support: $SELINUX_MSG"
@ -512,8 +512,8 @@ Index: configure
echo " libedit support: $LIBEDIT_MSG" echo " libedit support: $LIBEDIT_MSG"
echo " libldns support: $LDNS_MSG" echo " libldns support: $LDNS_MSG"
Index: ldapauth.c Index: ldapauth.c
--- ldapauth.c.orig 2021-09-30 12:01:07.605215000 +0200 --- ldapauth.c.orig 2021-03-03 08:26:38.165500000 +0100
+++ ldapauth.c 2021-09-30 12:01:07.604781000 +0200 +++ ldapauth.c 2021-03-03 08:26:38.165418000 +0100
@@ -0,0 +1,579 @@ @@ -0,0 +1,579 @@
+/* +/*
+ * $Id: openssh-lpk-4.3p1-0.3.7.patch,v 1.3 2006/04/18 15:29:09 eau Exp $ + * $Id: openssh-lpk-4.3p1-0.3.7.patch,v 1.3 2006/04/18 15:29:09 eau Exp $
@ -1095,8 +1095,8 @@ Index: ldapauth.c
+ +
+#endif /* WITH_LDAP_PUBKEY */ +#endif /* WITH_LDAP_PUBKEY */
Index: ldapauth.h Index: ldapauth.h
--- ldapauth.h.orig 2021-09-30 12:01:07.606030000 +0200 --- ldapauth.h.orig 2021-03-03 08:26:38.165661000 +0100
+++ ldapauth.h 2021-09-30 12:01:07.605606000 +0200 +++ ldapauth.h 2021-03-03 08:26:38.165581000 +0100
@@ -0,0 +1,130 @@ @@ -0,0 +1,130 @@
+/* +/*
+ * $Id: openssh-lpk-4.3p1-0.3.7.patch,v 1.3 2006/04/18 15:29:09 eau Exp $ + * $Id: openssh-lpk-4.3p1-0.3.7.patch,v 1.3 2006/04/18 15:29:09 eau Exp $
@ -1229,8 +1229,8 @@ Index: ldapauth.h
+ +
+#endif +#endif
Index: lpk-user-example.txt Index: lpk-user-example.txt
--- lpk-user-example.txt.orig 2021-09-30 12:01:07.606815000 +0200 --- lpk-user-example.txt.orig 2021-03-03 08:26:38.165827000 +0100
+++ lpk-user-example.txt 2021-09-30 12:01:07.606387000 +0200 +++ lpk-user-example.txt 2021-03-03 08:26:38.165745000 +0100
@@ -0,0 +1,117 @@ @@ -0,0 +1,117 @@
+ +
+Post to ML -> User Made Quick Install Doc. +Post to ML -> User Made Quick Install Doc.
@ -1350,8 +1350,8 @@ Index: lpk-user-example.txt
+ +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Index: openssh-lpk_openldap.schema Index: openssh-lpk_openldap.schema
--- openssh-lpk_openldap.schema.orig 2021-09-30 12:01:07.607555000 +0200 --- openssh-lpk_openldap.schema.orig 2021-03-03 08:26:38.165970000 +0100
+++ openssh-lpk_openldap.schema 2021-09-30 12:01:07.607134000 +0200 +++ openssh-lpk_openldap.schema 2021-03-03 08:26:38.165890000 +0100
@@ -0,0 +1,19 @@ @@ -0,0 +1,19 @@
+# +#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey +# LDAP Public Key Patch schema for use with openssh-ldappubkey
@ -1373,8 +1373,8 @@ Index: openssh-lpk_openldap.schema
+ MUST ( sshPublicKey $ uid ) + MUST ( sshPublicKey $ uid )
+ ) + )
Index: openssh-lpk_sun.schema Index: openssh-lpk_sun.schema
--- openssh-lpk_sun.schema.orig 2021-09-30 12:01:07.608281000 +0200 --- openssh-lpk_sun.schema.orig 2021-03-03 08:26:38.166114000 +0100
+++ openssh-lpk_sun.schema 2021-09-30 12:01:07.607858000 +0200 +++ openssh-lpk_sun.schema 2021-03-03 08:26:38.166034000 +0100
@@ -0,0 +1,21 @@ @@ -0,0 +1,21 @@
+# +#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey +# LDAP Public Key Patch schema for use with openssh-ldappubkey
@ -1398,8 +1398,8 @@ Index: openssh-lpk_sun.schema
+ MUST ( sshPublicKey $ uid ) + MUST ( sshPublicKey $ uid )
+ ) + )
Index: servconf.c Index: servconf.c
--- servconf.c.orig 2021-09-26 16:03:19.000000000 +0200 --- servconf.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ servconf.c 2021-09-30 12:01:07.610189000 +0200 +++ servconf.c 2021-03-03 08:26:38.166425000 +0100
@@ -71,6 +71,10 @@ @@ -71,6 +71,10 @@
#include "myproposal.h" #include "myproposal.h"
#include "digest.h" #include "digest.h"
@ -1411,7 +1411,7 @@ Index: servconf.c
static void add_listen_addr(ServerOptions *, const char *, static void add_listen_addr(ServerOptions *, const char *,
const char *, int); const char *, int);
static void add_one_listen_addr(ServerOptions *, const char *, static void add_one_listen_addr(ServerOptions *, const char *,
@@ -154,6 +158,26 @@ @@ -155,6 +159,26 @@
options->num_allow_groups = 0; options->num_allow_groups = 0;
options->num_deny_groups = 0; options->num_deny_groups = 0;
options->ciphers = NULL; options->ciphers = NULL;
@ -1438,7 +1438,7 @@ Index: servconf.c
options->macs = NULL; options->macs = NULL;
options->kex_algorithms = NULL; options->kex_algorithms = NULL;
options->ca_sign_algorithms = NULL; options->ca_sign_algorithms = NULL;
@@ -441,6 +465,36 @@ @@ -442,6 +466,36 @@
options->expose_userauth_info = 0; options->expose_userauth_info = 0;
if (options->sk_provider == NULL) if (options->sk_provider == NULL)
options->sk_provider = xstrdup("internal"); options->sk_provider = xstrdup("internal");
@ -1475,7 +1475,7 @@ Index: servconf.c
assemble_algorithms(options); assemble_algorithms(options);
@@ -518,6 +572,12 @@ @@ -521,6 +575,12 @@
sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding,
sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider,
sDeprecated, sIgnore, sUnsupported sDeprecated, sIgnore, sUnsupported
@ -1488,7 +1488,7 @@ Index: servconf.c
} ServerOpCodes; } ServerOpCodes;
#define SSHCFG_GLOBAL 0x01 /* allowed in main section of config */ #define SSHCFG_GLOBAL 0x01 /* allowed in main section of config */
@@ -643,6 +703,22 @@ @@ -645,6 +705,22 @@
{ "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL }, { "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL },
{ "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL }, { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
{ "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL },
@ -1511,7 +1511,7 @@ Index: servconf.c
{ "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL}, { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL},
{ "acceptenv", sAcceptEnv, SSHCFG_ALL }, { "acceptenv", sAcceptEnv, SSHCFG_ALL },
{ "setenv", sSetEnv, SSHCFG_ALL }, { "setenv", sSetEnv, SSHCFG_ALL },
@@ -1265,6 +1341,7 @@ @@ -1256,6 +1332,7 @@
int cmdline = 0, *intptr, value, value2, n, port, oactive, r, found; int cmdline = 0, *intptr, value, value2, n, port, oactive, r, found;
SyslogFacility *log_facility_ptr; SyslogFacility *log_facility_ptr;
LogLevel *log_level_ptr; LogLevel *log_level_ptr;
@ -1519,17 +1519,17 @@ Index: servconf.c
ServerOpCodes opcode; ServerOpCodes opcode;
u_int i, *uintptr, uvalue, flags = 0; u_int i, *uintptr, uvalue, flags = 0;
size_t len; size_t len;
@@ -1300,6 +1377,7 @@ @@ -1283,6 +1360,7 @@
return -1; if (!arg || !*arg || *arg == '#')
} return 0;
intptr = NULL; intptr = NULL;
+ longptr = NULL; + longptr = NULL;
charptr = NULL; charptr = NULL;
opcode = parse_token(keyword, filename, linenum, &flags); opcode = parse_token(arg, filename, linenum, &flags);
@@ -2412,6 +2490,133 @@ @@ -2405,6 +2483,133 @@
if (*activep) while (arg)
options->fingerprint_hash = value; arg = strdelim(&cp);
break; break;
+#ifdef WITH_LDAP_PUBKEY +#ifdef WITH_LDAP_PUBKEY
+ case sLdapPublickey: + case sLdapPublickey:
@ -1659,11 +1659,11 @@ Index: servconf.c
+ +
+#endif +#endif
case sExposeAuthInfo: default:
intptr = &options->expose_userauth_info; fatal("%s line %d: Missing handler for opcode %s (%d)",
Index: servconf.h Index: servconf.h
--- servconf.h.orig 2021-09-26 16:03:19.000000000 +0200 --- servconf.h.orig 2021-03-02 11:31:47.000000000 +0100
+++ servconf.h 2021-09-30 12:01:07.611175000 +0200 +++ servconf.h 2021-03-03 08:26:38.166616000 +0100
@@ -18,6 +18,10 @@ @@ -18,6 +18,10 @@
#include <openbsd-compat/sys-queue.h> #include <openbsd-compat/sys-queue.h>
@ -1686,9 +1686,9 @@ Index: servconf.h
char **permitted_opens; /* May also be one of PERMITOPEN_* */ char **permitted_opens; /* May also be one of PERMITOPEN_* */
u_int num_permitted_opens; u_int num_permitted_opens;
Index: sshd.c Index: sshd.c
--- sshd.c.orig 2021-09-26 16:03:19.000000000 +0200 --- sshd.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ sshd.c 2021-09-30 12:01:07.612871000 +0200 +++ sshd.c 2021-03-03 22:55:00.213357000 +0100
@@ -132,6 +132,10 @@ @@ -131,6 +131,10 @@
#define REEXEC_CONFIG_PASS_FD (STDERR_FILENO + 3) #define REEXEC_CONFIG_PASS_FD (STDERR_FILENO + 3)
#define REEXEC_MIN_FREE_FD (STDERR_FILENO + 4) #define REEXEC_MIN_FREE_FD (STDERR_FILENO + 4)
@ -1699,7 +1699,7 @@ Index: sshd.c
extern char *__progname; extern char *__progname;
/* Server configuration options. */ /* Server configuration options. */
@@ -1788,6 +1792,17 @@ @@ -1766,6 +1770,17 @@
exit(1); exit(1);
} }
@ -1718,9 +1718,9 @@ Index: sshd.c
/* Store privilege separation user for later use if required. */ /* Store privilege separation user for later use if required. */
Index: sshd_config.5 Index: sshd_config.5
--- sshd_config.5.orig 2021-09-26 16:03:19.000000000 +0200 --- sshd_config.5.orig 2021-03-02 11:31:47.000000000 +0100
+++ sshd_config.5 2021-09-30 12:01:07.614437000 +0200 +++ sshd_config.5 2021-03-03 08:26:38.167335000 +0100
@@ -1850,6 +1850,62 @@ @@ -1832,6 +1832,62 @@
to not use one. to not use one.
The default is The default is
.Pa /usr/X11R6/bin/xauth . .Pa /usr/X11R6/bin/xauth .
@ -1784,8 +1784,8 @@ Index: sshd_config.5
.Sh TIME FORMATS .Sh TIME FORMATS
.Xr sshd 8 .Xr sshd 8
Index: sshd_config Index: sshd_config
--- sshd_config.orig 2021-09-26 16:03:19.000000000 +0200 --- sshd_config.orig 2021-03-02 11:31:47.000000000 +0100
+++ sshd_config 2021-09-30 12:01:07.615339000 +0200 +++ sshd_config 2021-03-03 08:26:38.167506000 +0100
@@ -105,6 +105,22 @@ @@ -105,6 +105,22 @@
# no default banner path # no default banner path
#Banner none #Banner none

4
openssh/openssh.patch.scpbindir
Unescape View File

@ -1,6 +1,6 @@
Index: session.c Index: session.c
--- session.c.orig 2021-09-26 16:03:19.000000000 +0200 --- session.c.orig 2021-03-02 11:31:47.000000000 +0100
+++ session.c 2021-09-30 12:00:56.519149000 +0200 +++ session.c 2021-03-03 22:55:16.091026000 +0100
@@ -111,6 +111,10 @@ @@ -111,6 +111,10 @@
c[sizeof(INTERNAL_SFTP_NAME) - 1] == ' ' || \ c[sizeof(INTERNAL_SFTP_NAME) - 1] == ' ' || \
c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\t')) c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\t'))

6
openssh/openssh.spec
Unescape View File

@ -22,10 +22,10 @@
## ##
# package versions # package versions
%define V_base 8.8 %define V_base 8.7
%define V_portable p1 %define V_portable p1
%define V_connect 100 %define V_connect 100
%define V_hpn 8_4_P1-hpn-15.1 %define V_hpn 7_8_P1-hpn-14.16
# package information # package information
Name: openssh Name: openssh
@ -38,7 +38,7 @@ Class: CORE
Group: SSH Group: SSH
License: BSD License: BSD
Version: %{V_base}%{V_portable} Version: %{V_base}%{V_portable}
Release: 20210930 Release: 20211001
# package options # package options
%option with_fsl yes %option with_fsl yes

Write Preview
Loading…
Cancel
Save