From 0d30b092ce0dee75cc4f5848720cbb2752694f8e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 4 Feb 2011 12:43:36 +1100 Subject: - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] [contrib/suse/openssh.spec] update versions in docs and spec files. - Release OpenSSH 5.8p1 --- contrib/suse/openssh.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'contrib/suse/openssh.spec') diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 4573c52fd..6afdcc4b4 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 5.7p1 +Version: 5.8p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz -- cgit v1.2.3 From c412c1567b6d9eac77bbb43f450b95ef47389ad1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 3 Jun 2011 10:35:23 +1000 Subject: - (dtucker) [README version.h contrib/caldera/openssh.spec contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version bumps from the 5.8p2 branch into HEAD. ok djm. --- ChangeLog | 5 +++++ README | 4 ++-- contrib/caldera/openssh.spec | 4 ++-- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- version.h | 2 +- 6 files changed, 12 insertions(+), 7 deletions(-) (limited to 'contrib/suse/openssh.spec') diff --git a/ChangeLog b/ChangeLog index 82aedc3a9..7cab4c9cb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20110603 + - (dtucker) [README version.h contrib/caldera/openssh.spec + contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version + bumps from the 5.8p2 branch into HEAD. ok djm. + 20110529 - (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2011/05/23 03:30:07 diff --git a/README b/README index 481d40f29..0a772d2bc 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-5.8 for the release notes. +See http://www.openssh.com/txt/release-5.8p2 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.76 2011/02/04 01:43:39 djm Exp $ +$Id: README,v 1.77 2011/06/03 00:35:26 dtucker Exp $ diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index 9fc553ed3..e6f5a9333 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec @@ -16,7 +16,7 @@ #old cvs stuff. please update before use. may be deprecated. %define use_stable 1 -%define version 5.8p1 +%define version 5.8p2 %if %{use_stable} %define cvs %{nil} %define release 1 @@ -363,4 +363,4 @@ fi * Mon Jan 01 1998 ... Template Version: 1.31 -$Id: openssh.spec,v 1.74 2011/02/04 01:43:44 djm Exp $ +$Id: openssh.spec,v 1.75 2011/06/03 00:35:26 dtucker Exp $ diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index e99e33d0f..23657eacd 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 5.8p1 +%define ver 5.8p2 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 6afdcc4b4..db0c127bd 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 5.8p1 +Version: 5.8p2 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/version.h b/version.h index bf1c7124a..24d000110 100644 --- a/version.h +++ b/version.h @@ -2,5 +2,5 @@ #define SSH_VERSION "OpenSSH_5.8" -#define SSH_PORTABLE "p1" +#define SSH_PORTABLE "p2" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -- cgit v1.2.3 From 2db9977c061ff027bafa488c8e9afad505be773e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 12 Aug 2011 11:02:35 +1000 Subject: - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init] [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES init scrips from imorgan AT nas.nasa.gov --- ChangeLog | 3 ++ contrib/redhat/openssh.spec | 22 +++++++------- contrib/redhat/sshd.init | 71 +++++---------------------------------------- contrib/suse/openssh.spec | 16 ++++------ contrib/suse/rc.sshd | 16 ++-------- 5 files changed, 28 insertions(+), 100 deletions(-) (limited to 'contrib/suse/openssh.spec') diff --git a/ChangeLog b/ChangeLog index 8b1269324..7d323f69e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,9 @@ - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context change error by reporting old and new context names Patch from jchadima at redhat. + - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init] + [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES + init scrips from imorgan AT nas.nasa.gov 20110807 - (dtucker) OpenBSD CVS Sync diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 23657eacd..2b927f177 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -84,24 +84,24 @@ Obsoletes: ssh %if %{build6x} PreReq: initscripts >= 5.00 %else -PreReq: initscripts >= 5.20 +Requires: initscripts >= 5.20 %endif -BuildPreReq: perl, openssl-devel, tcp_wrappers -BuildPreReq: /bin/login +BuildRequires: perl, openssl-devel, tcp_wrappers +BuildRequires: /bin/login %if ! %{build6x} BuildPreReq: glibc-devel, pam %else -BuildPreReq: /usr/include/security/pam_appl.h +BuildRequires: /usr/include/security/pam_appl.h %endif %if ! %{no_x11_askpass} -BuildPreReq: /usr/include/X11/Xlib.h +BuildRequires: /usr/include/X11/Xlib.h %endif %if ! %{no_gnome_askpass} -BuildPreReq: pkgconfig +BuildRequires: pkgconfig %endif %if %{kerberos5} -BuildPreReq: krb5-devel -BuildPreReq: krb5-libs +BuildRequires: krb5-devel +BuildRequires: krb5-libs %endif %package clients @@ -114,7 +114,7 @@ Obsoletes: ssh-clients Summary: The OpenSSH server daemon. Group: System Environment/Daemons Obsoletes: ssh-server -PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9 +Requires: openssh = %{version}-%{release}, chkconfig >= 0.9 %if ! %{build6x} Requires: /etc/pam.d/system-auth %endif @@ -712,7 +712,7 @@ fi it generates. * Thu Oct 5 2000 Nalin Dahyabhai -- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always +- Add BuildRequires on /usr/include/security/pam_appl.h to be sure we always build PAM authentication in. - Try setting SSH_ASKPASS if gnome-ssh-askpass is installed. - Clean out no-longer-used patches. @@ -721,7 +721,7 @@ fi * Mon Oct 2 2000 Nalin Dahyabhai - Update x11-askpass to 1.0.2. (#17835) -- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will +- Add BuildRequiress for /bin/login and /usr/bin/rsh so that configure will always find them in the right place. (#17909) - Set the default path to be the same as the one supplied by /bin/login, but add /usr/X11R6/bin. (#17909) diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init index 854aff665..2334d8142 100755 --- a/contrib/redhat/sshd.init +++ b/contrib/redhat/sshd.init @@ -22,70 +22,9 @@ RETVAL=0 prog="sshd" # Some functions to make the below more readable -KEYGEN=/usr/bin/ssh-keygen SSHD=/usr/sbin/sshd -RSA1_KEY=/etc/ssh/ssh_host_key -RSA_KEY=/etc/ssh/ssh_host_rsa_key -DSA_KEY=/etc/ssh/ssh_host_dsa_key PID_FILE=/var/run/sshd.pid -do_rsa1_keygen() { - if [ ! -s $RSA1_KEY ]; then - echo -n $"Generating SSH1 RSA host key: " - if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then - chmod 600 $RSA1_KEY - chmod 644 $RSA1_KEY.pub - if [ -x /sbin/restorecon ]; then - /sbin/restorecon $RSA1_KEY.pub - fi - success $"RSA1 key generation" - echo - else - failure $"RSA1 key generation" - echo - exit 1 - fi - fi -} - -do_rsa_keygen() { - if [ ! -s $RSA_KEY ]; then - echo -n $"Generating SSH2 RSA host key: " - if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then - chmod 600 $RSA_KEY - chmod 644 $RSA_KEY.pub - if [ -x /sbin/restorecon ]; then - /sbin/restorecon $RSA_KEY.pub - fi - success $"RSA key generation" - echo - else - failure $"RSA key generation" - echo - exit 1 - fi - fi -} - -do_dsa_keygen() { - if [ ! -s $DSA_KEY ]; then - echo -n $"Generating SSH2 DSA host key: " - if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then - chmod 600 $DSA_KEY - chmod 644 $DSA_KEY.pub - if [ -x /sbin/restorecon ]; then - /sbin/restorecon $DSA_KEY.pub - fi - success $"DSA key generation" - echo - else - failure $"DSA key generation" - echo - exit 1 - fi - fi -} - do_restart_sanity_check() { $SSHD -t @@ -99,9 +38,13 @@ do_restart_sanity_check() start() { # Create keys if necessary - do_rsa1_keygen - do_rsa_keygen - do_dsa_keygen + /usr/bin/ssh-keygen -A + if [ -x /sbin/restorecon ]; then + /sbin/restorcon /etc/ssh/ssh_host_key.pub + /sbin/restorcon /etc/ssh/ssh_host_rsa_key.pub + /sbin/restorcon /etc/ssh/ssh_host_dsa_key.pub + /sbin/restorcon /etc/ssh/ssh_host_ecdsa_key.pub + fi echo -n $"Starting $prog:" $SSHD $OPTIONS && success || failure diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index db0c127bd..4621f548c 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -28,11 +28,12 @@ Provides: ssh # (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) # building prerequisites -- stuff for # OpenSSL (openssl-devel), -# TCP Wrappers (nkitb), +# TCP Wrappers (tcpd-devel), # and Gnome (glibdev, gtkdev, and gnlibsd) # BuildPrereq: openssl -BuildPrereq: nkitb +BuildPrereq: tcpd-devel +BuildPrereq: zlib-devel #BuildPrereq: glibdev #BuildPrereq: gtkdev #BuildPrereq: gnlibsd @@ -177,15 +178,8 @@ rm -rf $RPM_BUILD_ROOT /usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : %post -if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then - echo "Generating SSH RSA host key..." - /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2 -fi -if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then - echo "Generating SSH DSA host key..." - /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2 -fi -%{fillup_and_insserv -n -s -y ssh sshd START_SSHD} +/usr/bin/ssh-keygen -A +%{fillup_and_insserv -n -y ssh sshd} %run_permissions %verifyscript diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd index 4d4880d7e..4a3bc41db 100644 --- a/contrib/suse/rc.sshd +++ b/contrib/suse/rc.sshd @@ -43,20 +43,8 @@ rc_reset case "$1" in start) - if ! test -f /etc/ssh/ssh_host_key ; then - echo Generating /etc/ssh/ssh_host_key. - ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' - fi - if ! test -f /etc/ssh/ssh_host_dsa_key ; then - echo Generating /etc/ssh/ssh_host_dsa_key. - - ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' - fi - if ! test -f /etc/ssh/ssh_host_rsa_key ; then - echo Generating /etc/ssh/ssh_host_rsa_key. - - ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' - fi + # Generate any missing host keys + ssh-keygen -A echo -n "Starting SSH daemon" ## Start daemon with startproc(8). If this fails ## the echo return value is set appropriate. -- cgit v1.2.3 From 0b90fd6fd3f63c7df8a3e8a20f885027b0b4826a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 5 Sep 2011 10:27:57 +1000 Subject: - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] [contrib/suse/openssh.spec] Update version numbers. --- ChangeLog | 7 ++++++- README | 4 ++-- contrib/caldera/openssh.spec | 4 ++-- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- 5 files changed, 12 insertions(+), 7 deletions(-) (limited to 'contrib/suse/openssh.spec') diff --git a/ChangeLog b/ChangeLog index e09a6835b..29578ef0e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,8 +1,13 @@ +20110905 + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update version numbers. + 20110904 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal regress errors for the sandbox to warnings. ok tim dtucker - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations - ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen support. + ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen + support. 20110829 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting diff --git a/README b/README index 0a772d2bc..093a3849a 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-5.8p2 for the release notes. +See http://www.openssh.com/txt/release-5.9p1 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.77 2011/06/03 00:35:26 dtucker Exp $ +$Id: README,v 1.77.2.1 2011/09/05 00:27:58 djm Exp $ diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index e6f5a9333..73d441d0c 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec @@ -16,7 +16,7 @@ #old cvs stuff. please update before use. may be deprecated. %define use_stable 1 -%define version 5.8p2 +%define version 5.9p1 %if %{use_stable} %define cvs %{nil} %define release 1 @@ -363,4 +363,4 @@ fi * Mon Jan 01 1998 ... Template Version: 1.31 -$Id: openssh.spec,v 1.75 2011/06/03 00:35:26 dtucker Exp $ +$Id: openssh.spec,v 1.75.2.1 2011/09/05 00:28:11 djm Exp $ diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 2b927f177..be6de088c 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 5.8p2 +%define ver 5.9p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 4621f548c..3a4dfea37 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 5.8p2 +Version: 5.9p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz -- cgit v1.2.3