upgrading package: openssh 3.8.1p1 -> 3.9p1

openssh/openssh.patch

@@ -28,5 +28,5 @@ Index: version.h
 @@ -1,3 +1,3 @@
  /* $OpenBSD: version.h,v 1.40 2004/02/23 15:16:46 markus Exp $ */
  
--#define SSH_VERSION	"OpenSSH_3.8.1p1"
-+#define SSH_VERSION	"OpenSSH_3.8.1p1 @l_openpkg_release@"
+-#define SSH_VERSION	"OpenSSH_3.9p1"
++#define SSH_VERSION	"OpenSSH_3.9p1 @l_openpkg_release@"

openssh/openssh.patch.alias

@@ -1,85 +1,7 @@
-Index: servconf.c
---- servconf.c.orig	Fri Jan 23 12:03:10 2004
-+++ servconf.c	Fri Mar 12 12:28:21 2004
-@@ -101,6 +101,9 @@
- 	options->client_alive_count_max = -1;
- 	options->authorized_keys_file = NULL;
- 	options->authorized_keys_file2 = NULL;
-+#ifdef USE_ALIAS
-+	options->num_alias = 0;
-+#endif
- 
- 	/* Needs to be accessable in many places */
- 	use_privsep = -1;
-@@ -268,6 +271,9 @@
- 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
- 	sGssAuthentication, sGssCleanupCreds,
- 	sUsePrivilegeSeparation,
-+#ifdef USE_ALIAS
-+	sAlias,
-+#endif
- 	sDeprecated, sUnsupported
- } ServerOpCodes;
- 
-@@ -366,6 +372,9 @@
- 	{ "authorizedkeysfile", sAuthorizedKeysFile },
- 	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
- 	{ "useprivilegeseparation", sUsePrivilegeSeparation},
-+#ifdef USE_ALIAS
-+	{ "alias", sAlias },
-+#endif
- 	{ NULL, sBadOption }
- };
- 
-@@ -898,6 +907,26 @@
- 		while (arg)
- 		    arg = strdelim(&cp);
- 		break;
-+
-+#ifdef USE_ALIAS
-+	case sAlias:
-+		if (options->num_alias >= MAX_ALIAS) {
-+			fatal("%s line %d: too many user alias defined.",
-+			    filename, linenum);
-+		}
-+		arg = strdelim(&cp);
-+		if (arg == NULL || arg[0] == '\0')
-+			fatal("%s line %d: missing user name alias(es).",
-+			    filename, linenum);
-+		options->alias[options->num_alias].alias = xstrdup(arg);
-+		arg = strdelim(&cp);
-+		if (arg == NULL || arg[0] == '\0')
-+			fatal("%s line %d: missing user name to map alias '%s' to.",
-+			    filename, linenum, options->alias[options->num_alias].alias);
-+		options->alias[options->num_alias].user = xstrdup(arg);
-+		options->num_alias++;
-+		break;
-+#endif
- 
- 	case sUnsupported:
- 		logit("%s line %d: Unsupported option %s",
-Index: servconf.h
---- servconf.h.orig	Wed Dec 31 01:37:34 2003
-+++ servconf.h	Fri Mar 12 11:36:15 2004
-@@ -125,6 +125,14 @@
- 	char   *authorized_keys_file;	/* File containing public keys */
- 	char   *authorized_keys_file2;
- 	int	use_pam;		/* Enable auth via PAM */
-+#ifdef USE_ALIAS
-+#define MAX_ALIAS 256
-+	u_int num_alias;
-+	struct {
-+		char *alias;  /* the alias list to match */
-+		char *user;   /* the username to map to */
-+	} alias[MAX_ALIAS];
-+#endif
- }       ServerOptions;
- 
- void	 initialize_server_options(ServerOptions *);
 Index: auth1.c
---- auth1.c.orig	Sat Nov 22 04:15:30 2003
-+++ auth1.c	Fri Mar 12 12:30:48 2004
-@@ -26,6 +26,9 @@
+--- auth1.c.orig	2004-08-12 14:40:25 +0200
++++ auth1.c	2004-08-17 19:49:39 +0200
+@@ -25,6 +25,9 @@
  #include "session.h"
  #include "uidswap.h"
  #include "monitor_wrap.h"
@@ -89,7 +11,7 @@ Index: auth1.c
  
  /* import */
  extern ServerOptions options;
-@@ -280,6 +283,10 @@
+@@ -284,6 +287,10 @@
  {
  	u_int ulen;
  	char *user, *style = NULL;
@@ -100,11 +22,10 @@ Index: auth1.c
  
  	/* Get the name of the user that we wish to log in as. */
  	packet_read_expect(SSH_CMSG_USER);
-@@ -290,6 +297,25 @@
- 
+@@ -295,6 +302,25 @@
  	if ((style = strchr(user, ':')) != NULL)
  		*style++ = '\0';
-+
+ 
 +#ifdef USE_ALIAS
 +	for (i = 0; i < options.num_alias; i++) {
 +		if (match_pattern_list(user, options.alias[i].alias, strlen(options.alias[i].alias), 0) == 1) {
@@ -123,12 +44,13 @@ Index: auth1.c
 +		}
 +	}
 +#endif
- 
++
  	authctxt->user = user;
  	authctxt->style = style;
+ 
 Index: auth2.c
---- auth2.c.orig	Mon Nov 17 11:13:41 2003
-+++ auth2.c	Fri Mar 12 12:30:48 2004
+--- auth2.c.orig	2004-08-12 14:40:25 +0200
++++ auth2.c	2004-08-17 19:49:39 +0200
 @@ -35,6 +35,9 @@
  #include "dispatch.h"
  #include "pathnames.h"
@@ -150,11 +72,10 @@ Index: auth2.c
  
  	if (authctxt == NULL)
  		fatal("input_userauth_request: no authctxt");
-@@ -146,6 +153,25 @@
- 
+@@ -147,6 +154,25 @@
  	if ((style = strchr(user, ':')) != NULL)
  		*style++ = 0;
-+
+ 
 +#ifdef USE_ALIAS
 +	for (i = 0; i < options.num_alias; i++) {
 +		if (match_pattern_list(user, options.alias[i].alias, strlen(options.alias[i].alias), 0) == 1) {
@@ -173,16 +94,95 @@ Index: auth2.c
 +		}
 +	}
 +#endif
- 
++
  	if (authctxt->attempt++ == 0) {
  		/* setup auth context */
+ 		authctxt->pw = PRIVSEP(getpwnamallow(user));
+Index: servconf.c
+--- servconf.c.orig	2004-08-13 13:30:24 +0200
++++ servconf.c	2004-08-17 19:50:29 +0200
+@@ -102,6 +102,9 @@
+ 	options->authorized_keys_file = NULL;
+ 	options->authorized_keys_file2 = NULL;
+ 	options->num_accept_env = 0;
++#ifdef USE_ALIAS
++ 	options->num_alias = 0;
++#endif
+ 
+ 	/* Needs to be accessable in many places */
+ 	use_privsep = -1;
+@@ -272,6 +275,9 @@
+ 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ 	sGssAuthentication, sGssCleanupCreds, sAcceptEnv,
+ 	sUsePrivilegeSeparation,
++#ifdef USE_ALIAS
++	sAlias,
++#endif
+ 	sDeprecated, sUnsupported
+ } ServerOpCodes;
+ 
+@@ -372,6 +378,9 @@
+ 	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
+ 	{ "useprivilegeseparation", sUsePrivilegeSeparation},
+ 	{ "acceptenv", sAcceptEnv },
++#ifdef USE_ALIAS
++ 	{ "alias", sAlias },
++#endif
+ 	{ NULL, sBadOption }
+ };
+ 
+@@ -922,6 +931,26 @@
+ 		    arg = strdelim(&cp);
+ 		break;
+ 
++#ifdef USE_ALIAS
++	case sAlias:
++		if (options->num_alias >= MAX_ALIAS) {
++			fatal("%s line %d: too many user alias defined.",
++			    filename, linenum);
++		}
++		arg = strdelim(&cp);
++		if (arg == NULL || arg[0] == '\0')
++			fatal("%s line %d: missing user name alias(es).",
++			    filename, linenum);
++		options->alias[options->num_alias].alias = xstrdup(arg);
++		arg = strdelim(&cp);
++		if (arg == NULL || arg[0] == '\0')
++			fatal("%s line %d: missing user name to map alias '%s' to.",
++			    filename, linenum, options->alias[options->num_alias].alias);
++		options->alias[options->num_alias].user = xstrdup(arg);
++		options->num_alias++;
++		break;
++#endif
++
+ 	case sUnsupported:
+ 		logit("%s line %d: Unsupported option %s",
+ 		    filename, linenum, arg);
+Index: servconf.h
+--- servconf.h.orig	2004-06-25 05:33:20 +0200
++++ servconf.h	2004-08-17 19:49:39 +0200
+@@ -133,6 +133,14 @@
+ 	char   *authorized_keys_file;	/* File containing public keys */
+ 	char   *authorized_keys_file2;
+ 	int	use_pam;		/* Enable auth via PAM */
++#ifdef USE_ALIAS
++#define MAX_ALIAS 256
++	u_int num_alias;
++	struct {
++		char *alias;  /* the alias list to match */
++		char *user;   /* the username to map to */
++	} alias[MAX_ALIAS];
++#endif
+ }       ServerOptions;
+ 
+ void	 initialize_server_options(ServerOptions *);
 Index: sshd_config.5
---- sshd_config.5.orig	Wed Feb 18 04:31:24 2004
-+++ sshd_config.5	Fri Mar 12 11:44:55 2004
-@@ -61,6 +61,16 @@
- keywords and their meanings are as follows (note that
- keywords are case-insensitive and arguments are case-sensitive):
- .Bl -tag -width Ds
+--- sshd_config.5.orig	2004-06-30 14:39:34 +0200
++++ sshd_config.5	2004-08-17 19:52:30 +0200
+@@ -83,6 +83,15 @@
+ user environments.
+ For this reason, care should be taken in the use of this directive.
+ The default is not to accept any environment variables.
 +.It Cm Alias
 +Specifies an optional mapping of a list of user name aliases onto
 +real user names.  The first argument is a comma separated list of
@@ -192,7 +192,6 @@ Index: sshd_config.5
 +which the aliases are mapped. This allows the use of appealing
 +virtual login names (like `anonymous') instead of their physical
 +counterparts (like `anoncvs').
-+.Pp
  .It Cm AllowGroups
  This keyword can be followed by a list of group name patterns, separated
  by spaces.

openssh/openssh.patch.scpbindir

@@ -7,20 +7,20 @@ side) without having to adjust the system and/or user environment (on
 the server side).
 
 Index: session.c
---- session.c.orig	2004-04-16 14:47:55.000000000 +0200
-+++ session.c	2004-05-19 17:02:30.000000000 +0200
+--- session.c.orig	2004-08-12 14:40:25 +0200
++++ session.c	2004-08-17 19:45:21 +0200
 @@ -66,6 +66,10 @@
  #include "ssh-gss.h"
  #endif
  
 +#ifndef SCPBINDIR
-+#define SCPBINDIR "@l_prefix@/bin"
++#define SCPBINDIR "/openpkg-dev/bin"
 +#endif
 +
  /* func */
  
  Session *session_new(void);
-@@ -652,6 +656,21 @@
+@@ -655,6 +659,21 @@
  void
  do_exec(Session *s, const char *command)
  {
@@ -42,12 +42,12 @@ Index: session.c
  	if (forced_command) {
  		original_command = command;
  		command = forced_command;
-@@ -672,6 +691,8 @@
+@@ -675,6 +694,8 @@
  		do_exec_no_pty(s, command);
  
  	original_command = NULL;
 +	if (scp_command != NULL)
-+		xfree(scp_command);
- }
- 
++		(scp_command);
  
+ 	/*
+ 	 * Clear loginmsg: it's the child's responsibility to display

openssh/openssh.patch.sftplogging

@@ -1,9 +1,9 @@
-diff -wur openssh-3.8p1.orig/servconf.c openssh-3.8p1/servconf.c
---- openssh-3.8p1.orig/servconf.c	2004-01-23 12:03:10.000000000 +0100
-+++ openssh-3.8p1/servconf.c	2004-03-29 10:44:26.000000000 +0200
-@@ -102,6 +102,15 @@
- 	options->authorized_keys_file = NULL;
+Index: servconf.c
+--- servconf.c.orig	2004-08-13 13:30:24 +0200
++++ servconf.c	2004-08-17 19:57:16 +0200
+@@ -103,6 +103,15 @@
  	options->authorized_keys_file2 = NULL;
+ 	options->num_accept_env = 0;
  
 +	options->log_sftp = LOG_SFTP_NOT_SET;
 +        options->sftp_log_facility = SYSLOG_FACILITY_NOT_SET;
@@ -17,7 +17,7 @@ diff -wur openssh-3.8p1.orig/servconf.c openssh-3.8p1/servconf.c
  	/* Needs to be accessable in many places */
  	use_privsep = -1;
  }
-@@ -228,6 +237,24 @@
+@@ -231,6 +240,24 @@
  	if (options->authorized_keys_file == NULL)
  		options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
  
@@ -42,9 +42,9 @@ diff -wur openssh-3.8p1.orig/servconf.c openssh-3.8p1/servconf.c
  	/* Turn privilege separation on by default */
  	if (use_privsep == -1)
  		use_privsep = 1;
-@@ -268,6 +295,9 @@
+@@ -272,6 +299,9 @@
  	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
- 	sGssAuthentication, sGssCleanupCreds,
+ 	sGssAuthentication, sGssCleanupCreds, sAcceptEnv,
  	sUsePrivilegeSeparation,
 +	sLogSftp, sSftpLogFacility, sSftpLogLevel,
 +	sSftpUmask,
@@ -52,20 +52,20 @@ diff -wur openssh-3.8p1.orig/servconf.c openssh-3.8p1/servconf.c
  	sDeprecated, sUnsupported
  } ServerOpCodes;
  
-@@ -366,6 +396,12 @@
- 	{ "authorizedkeysfile", sAuthorizedKeysFile },
- 	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
- 	{ "useprivilegeseparation", sUsePrivilegeSeparation},
-+	{ "logsftp", sLogSftp},
-+	{ "sftplogfacility", sSftpLogFacility},
-+	{ "sftploglevel", sSftpLogLevel},
-+	{ "sftpumask", sSftpUmask},
-+	{ "sftppermitchmod", sSftpPermitChmod},
-+	{ "sftppermitchown", sSftpPermitChown},
- 	{ NULL, sBadOption }
- };
- 
-@@ -431,6 +467,8 @@
+@@ -281,6 +311,12 @@
+ 	ServerOpCodes opcode;
+ } keywords[] = {
+ 	/* Portable-specific options */
++ 	{ "logsftp", sLogSftp},
++ 	{ "sftplogfacility", sSftpLogFacility},
++ 	{ "sftploglevel", sSftpLogLevel},
++ 	{ "sftpumask", sSftpUmask},
++ 	{ "sftppermitchmod", sSftpPermitChmod},
++ 	{ "sftppermitchown", sSftpPermitChown},
+ #ifdef USE_PAM
+ 	{ "usepam", sUsePAM },
+ #else
+@@ -437,6 +473,8 @@
  	char *cp, **charptr, *arg, *p;
  	int *intptr, value, i, n;
  	ServerOpCodes opcode;
@@ -74,7 +74,7 @@ diff -wur openssh-3.8p1.orig/servconf.c openssh-3.8p1/servconf.c
  
  	cp = line;
  	arg = strdelim(&cp);
-@@ -871,6 +909,58 @@
+@@ -881,6 +919,58 @@
  	case sBanner:
  		charptr = &options->banner;
  		goto parse_filename;
@@ -133,18 +133,10 @@ diff -wur openssh-3.8p1.orig/servconf.c openssh-3.8p1/servconf.c
  	/*
  	 * These options can contain %X options expanded at
  	 * connect time, so that you can specify paths like:
-@@ -913,6 +1003,7 @@
- 	if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
- 		fatal("%s line %d: garbage at end of line; \"%.200s\".",
- 		    filename, linenum, arg);
-+
- 	return 0;
- }
- 
-diff -wur openssh-3.8p1.orig/servconf.h openssh-3.8p1/servconf.h
---- openssh-3.8p1.orig/servconf.h	2003-12-31 01:37:34.000000000 +0100
-+++ openssh-3.8p1/servconf.h	2004-03-29 10:44:26.000000000 +0200
-@@ -32,6 +32,18 @@
+Index: servconf.h
+--- servconf.h.orig	2004-06-25 05:33:20 +0200
++++ servconf.h	2004-08-17 19:55:16 +0200
+@@ -35,6 +35,19 @@
  #define	PERMIT_NO_PASSWD	2
  #define	PERMIT_YES		3
  
@@ -160,10 +152,11 @@ diff -wur openssh-3.8p1.orig/servconf.h openssh-3.8p1/servconf.h
 +#define SFTP_PERMIT_NOT_SET	-1
 +#define SFTP_PERMIT_NO		0
 +#define SFTP_PERMIT_YES		1
++
+ #define DEFAULT_AUTH_FAIL_MAX	6	/* Default for MaxAuthTries */
  
  typedef struct {
- 	u_int num_ports;
-@@ -125,6 +137,13 @@
+@@ -133,6 +146,13 @@
  	char   *authorized_keys_file;	/* File containing public keys */
  	char   *authorized_keys_file2;
  	int	use_pam;		/* Enable auth via PAM */
@@ -177,9 +170,9 @@ diff -wur openssh-3.8p1.orig/servconf.h openssh-3.8p1/servconf.h
  }       ServerOptions;
  
  void	 initialize_server_options(ServerOptions *);
-diff -wur openssh-3.8p1.orig/session.c openssh-3.8p1/session.c
---- openssh-3.8p1.orig/session.c	2004-02-23 14:01:27.000000000 +0100
-+++ openssh-3.8p1/session.c	2004-03-29 10:44:26.000000000 +0200
+Index: session.c
+--- session.c.orig	2004-08-12 14:40:25 +0200
++++ session.c	2004-08-17 19:54:21 +0200
 @@ -112,6 +112,15 @@
  
  static int is_child = 0;
@@ -196,7 +189,7 @@ diff -wur openssh-3.8p1.orig/session.c openssh-3.8p1/session.c
  /* Name and directory of socket for authentication agent forwarding. */
  static char *auth_sock_name = NULL;
  static char *auth_sock_dir = NULL;
-@@ -971,6 +980,7 @@
+@@ -974,6 +983,7 @@
  	env = xmalloc(envsize * sizeof(char *));
  	env[0] = NULL;
  
@@ -204,7 +197,7 @@ diff -wur openssh-3.8p1.orig/session.c openssh-3.8p1/session.c
  #ifdef HAVE_CYGWIN
  	/*
  	 * The Windows environment contains some setting which are
-@@ -1111,6 +1121,67 @@
+@@ -1118,6 +1128,67 @@
  		child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
  		    auth_sock_name);
  
@@ -272,9 +265,9 @@ diff -wur openssh-3.8p1.orig/session.c openssh-3.8p1/session.c
  	/* read $HOME/.ssh/environment. */
  	if (options.permit_user_env && !options.use_login) {
  		snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
-diff -wur openssh-3.8p1.orig/sftp-server.8 openssh-3.8p1/sftp-server.8
---- openssh-3.8p1.orig/sftp-server.8	2003-10-15 07:50:43.000000000 +0200
-+++ openssh-3.8p1/sftp-server.8	2004-03-29 10:44:26.000000000 +0200
+Index: sftp-server.8
+--- sftp-server.8.orig	2003-10-15 07:50:43 +0200
++++ sftp-server.8	2004-08-17 19:54:21 +0200
 @@ -41,6 +41,20 @@
  .Cm Subsystem
  option.
@@ -296,9 +289,9 @@ diff -wur openssh-3.8p1.orig/sftp-server.8 openssh-3.8p1/sftp-server.8
  .Xr sshd_config 5
  for more information.
  .Sh SEE ALSO
-diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
---- openssh-3.8p1.orig/sftp-server.c	2004-02-23 23:19:15.000000000 +0100
-+++ openssh-3.8p1/sftp-server.c	2004-03-29 10:45:39.000000000 +0200
+Index: sftp-server.c
+--- sftp-server.c.orig	2004-07-17 06:07:42 +0200
++++ sftp-server.c	2004-08-17 19:56:22 +0200
 @@ -31,6 +31,13 @@
  #define get_string(lenp)		buffer_get_string(&iqueue, lenp);
  #define TRACE				debug
@@ -310,10 +303,10 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
 +static int permit_chown = 1;
 +static int permit_logging = 0;
 +
- #ifdef HAVE___PROGNAME
  extern char *__progname;
- #else
-@@ -385,6 +392,14 @@
+ 
+ /* input and output queue */
+@@ -381,6 +388,14 @@
  	a = get_attrib();
  	flags = flags_from_portable(pflags);
  	mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
@@ -328,7 +321,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	TRACE("open id %u name %s flags %d mode 0%o", id, name, pflags, mode);
  	fd = open(name, flags, mode);
  	if (fd < 0) {
-@@ -398,6 +413,8 @@
+@@ -394,6 +409,8 @@
  			status = SSH2_FX_OK;
  		}
  	}
@@ -337,7 +330,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  	xfree(name);
-@@ -434,6 +451,7 @@
+@@ -430,6 +447,7 @@
  	    (u_int64_t)off, len);
  	if (len > sizeof buf) {
  		len = sizeof buf;
@@ -345,7 +338,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  		logit("read change len %d", len);
  	}
  	fd = handle_to_fd(handle);
-@@ -453,6 +471,8 @@
+@@ -449,6 +467,8 @@
  			}
  		}
  	}
@@ -354,7 +347,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  }
-@@ -487,10 +507,13 @@
+@@ -483,10 +503,13 @@
  			} else if (ret == len) {
  				status = SSH2_FX_OK;
  			} else {
@@ -368,7 +361,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	send_status(id, status);
  	xfree(data);
  }
-@@ -583,24 +606,46 @@
+@@ -579,24 +602,46 @@
  	a = get_attrib();
  	TRACE("setstat id %u name %s", id, name);
  	if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
@@ -415,7 +408,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	}
  	send_status(id, status);
  	xfree(name);
-@@ -615,6 +660,9 @@
+@@ -611,6 +656,9 @@
  	int status = SSH2_FX_OK;
  	char *name;
  
@@ -425,7 +418,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	id = get_int();
  	handle = get_handle();
  	a = get_attrib();
-@@ -625,11 +673,14 @@
+@@ -621,11 +669,14 @@
  		status = SSH2_FX_FAILURE;
  	} else {
  		if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
@@ -440,7 +433,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  #ifdef HAVE_FCHMOD
  			ret = fchmod(fd, a->perm & 0777);
  #else
-@@ -637,8 +688,18 @@
+@@ -633,8 +684,18 @@
  #endif
  			if (ret == -1)
  				status = errno_to_portable(errno);
@@ -459,7 +452,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  #ifdef HAVE_FUTIMES
  			ret = futimes(fd, attrib_to_tv(a));
  #else
-@@ -648,6 +709,7 @@
+@@ -644,6 +705,7 @@
  				status = errno_to_portable(errno);
  		}
  		if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
@@ -467,7 +460,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  #ifdef HAVE_FCHOWN
  			ret = fchown(fd, a->uid, a->gid);
  #else
-@@ -655,6 +717,14 @@
+@@ -651,6 +713,14 @@
  #endif
  			if (ret == -1)
  				status = errno_to_portable(errno);
@@ -482,7 +475,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  		}
  	}
  	send_status(id, status);
-@@ -684,6 +754,8 @@
+@@ -680,6 +750,8 @@
  		}
  
  	}
@@ -491,7 +484,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	if (status != SSH2_FX_OK)
  		send_status(id, status);
  	xfree(path);
-@@ -757,6 +829,8 @@
+@@ -753,6 +825,8 @@
  	TRACE("remove id %u name %s", id, name);
  	ret = unlink(name);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
@@ -500,7 +493,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	send_status(id, status);
  	xfree(name);
  }
-@@ -774,9 +848,19 @@
+@@ -770,9 +844,19 @@
  	a = get_attrib();
  	mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
  	    a->perm & 0777 : 0777;
@@ -520,7 +513,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	send_status(id, status);
  	xfree(name);
  }
-@@ -793,6 +877,8 @@
+@@ -789,6 +873,8 @@
  	TRACE("rmdir id %u name %s", id, name);
  	ret = rmdir(name);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
@@ -529,7 +522,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	send_status(id, status);
  	xfree(name);
  }
-@@ -819,6 +905,8 @@
+@@ -815,6 +901,8 @@
  		s.name = s.long_name = resolvedname;
  		send_names(id, 1, &s);
  	}
@@ -538,7 +531,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	xfree(path);
  }
  
-@@ -854,6 +942,8 @@
+@@ -870,6 +958,8 @@
  			status = SSH2_FX_OK;
  	}
  	send_status(id, status);
@@ -547,8 +540,8 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	xfree(oldpath);
  	xfree(newpath);
  }
-@@ -879,6 +969,8 @@
- 		s.name = s.long_name = link;
+@@ -895,6 +985,8 @@
+ 		s.name = s.long_name = buf;
  		send_names(id, 1, &s);
  	}
 +	if ( permit_logging == 1 )
@@ -556,7 +549,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	xfree(path);
  }
  
-@@ -897,6 +989,8 @@
+@@ -913,6 +1005,8 @@
  	ret = symlink(oldpath, newpath);
  	status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
  	send_status(id, status);
@@ -565,7 +558,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	xfree(oldpath);
  	xfree(newpath);
  }
-@@ -1018,6 +1112,8 @@
+@@ -1034,6 +1128,8 @@
  {
  	fd_set *rset, *wset;
  	int in, out, max;
@@ -574,7 +567,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  	ssize_t len, olen, set_size;
  
  	/* XXX should use getopt */
-@@ -1025,6 +1121,16 @@
+@@ -1041,6 +1137,16 @@
  	__progname = ssh_get_progname(av[0]);
  	handle_init();
  
@@ -591,7 +584,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  #ifdef DEBUG_SFTP_SERVER
  	log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
  #endif
-@@ -1032,6 +1138,39 @@
+@@ -1048,6 +1154,39 @@
  	in = dup(STDIN_FILENO);
  	out = dup(STDOUT_FILENO);
  
@@ -631,7 +624,7 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  #ifdef HAVE_CYGWIN
  	setmode(in, O_BINARY);
  	setmode(out, O_BINARY);
-@@ -1071,6 +1210,8 @@
+@@ -1087,6 +1226,8 @@
  			len = read(in, buf, sizeof buf);
  			if (len == 0) {
  				debug("read eof");
@@ -640,28 +633,10 @@ diff -wur openssh-3.8p1.orig/sftp-server.c openssh-3.8p1/sftp-server.c
  				exit(0);
  			} else if (len < 0) {
  				error("read error");
-diff -wur openssh-3.8p1.orig/sshd_config openssh-3.8p1/sshd_config
---- openssh-3.8p1.orig/sshd_config	2003-12-31 01:38:32.000000000 +0100
-+++ openssh-3.8p1/sshd_config	2004-03-29 10:44:26.000000000 +0200
-@@ -95,3 +95,14 @@
- 
- # override default of no subsystems
- Subsystem	sftp	/usr/libexec/sftp-server
-+
-+# sftp-server logging
-+#LogSftp no
-+#SftpLogFacility AUTH
-+#SftpLogLevel INFO
-+
-+# sftp-server umask control
-+#SftpUmask
-+
-+#SftpPermitChmod yes
-+#SftpPermitChown yes
-diff -wur openssh-3.8p1.orig/sshd_config.5 openssh-3.8p1/sshd_config.5
---- openssh-3.8p1.orig/sshd_config.5	2004-02-18 04:31:24.000000000 +0100
-+++ openssh-3.8p1/sshd_config.5	2004-03-29 10:44:26.000000000 +0200
-@@ -374,6 +374,10 @@
+Index: sshd_config.5
+--- sshd_config.5.orig	2004-06-30 14:39:34 +0200
++++ sshd_config.5	2004-08-17 19:54:21 +0200
+@@ -407,6 +407,10 @@
  DEBUG and DEBUG1 are equivalent.
  DEBUG2 and DEBUG3 each specify higher levels of debugging output.
  Logging with a DEBUG level violates the privacy of users and is not recommended.
@@ -672,7 +647,7 @@ diff -wur openssh-3.8p1.orig/sshd_config.5 openssh-3.8p1/sshd_config.5
  .It Cm MACs
  Specifies the available MAC (message authentication code) algorithms.
  The MAC algorithm is used in protocol version 2
-@@ -526,6 +530,37 @@
+@@ -567,6 +571,37 @@
  .It Cm ServerKeyBits
  Defines the number of bits in the ephemeral protocol version 1 server key.
  The minimum value is 512, and the default is 768.
@@ -710,3 +685,21 @@ diff -wur openssh-3.8p1.orig/sshd_config.5 openssh-3.8p1/sshd_config.5
  .It Cm StrictModes
  Specifies whether
  .Nm sshd
+Index: sshd_config
+--- sshd_config.orig	2004-05-24 02:36:24 +0200
++++ sshd_config	2004-08-17 19:54:21 +0200
+@@ -101,3 +101,14 @@
+ 
+ # override default of no subsystems
+ Subsystem	sftp	/usr/libexec/sftp-server
++
++# sftp-server logging
++#LogSftp no
++#SftpLogFacility AUTH
++#SftpLogLevel INFO
++
++# sftp-server umask control
++#SftpUmask
++
++#SftpPermitChmod yes
++#SftpPermitChown yes

openssh/openssh.spec

@@ -24,7 +24,7 @@
 ##
 
 #   package versions
-%define       V_base        3.8.1
+%define       V_base        3.9
 %define       V_portable    p1
 %define       V_watchdog    3.8p1
 %define       V_ldap_base   3.7.1p2
@@ -42,7 +42,7 @@ Class:        CORE
 Group:        Security
 License:      BSD
 Version:      %{V_base}%{V_portable}
-Release:      20040706
+Release:      20040817
 
 #   package options
 %option       with_fsl          yes
@@ -152,7 +152,7 @@ AutoReqProv:  no
     %{l_gzip} -d -c %{SOURCE ldappubkey-ossh%{V_ldap_base}-%{V_ldap_vers2}.patch} | %{l_patch} -p0 -b
 %endif
 %if "%{with_sftplogging}" == "yes"
-    %patch -p1 -P 5
+    %patch -p0 -P 5
 %endif
     sed -e 's;@l_prefix@;%{l_prefix};g' %{SOURCE openssh.patch.scpbindir} | %{l_patch} -p0 -b