Hello community,
here is the log from the commit of package openssh
checked in at Thu Mar 15 01:56:26 CET 2007.
--------
--- openssh/openssh.changes 2007-03-05 11:03:55.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh.changes 2007-03-12 10:59:53.000000000 +0100
@@ -1,0 +2,16 @@
+Mon Mar 12 10:56:31 CET 2007 - anicka@suse.cz
+
+- update to 4.6p1
+ * sshd now allows the enabling and disabling of authentication
+ methods on a per user, group, host and network basis via the
+ Match directive in sshd_config.
+ * Allow multiple forwarding options to work when specified in a
+ PermitOpen directive
+ * Clear SIGALRM when restarting due to SIGHUP. Prevents stray
+ signal from taking down sshd if a connection was pending at
+ the time SIGHUP was received
+ * hang on exit" when background processes are running at the
+ time of exit on a ttyful/login session
+ * some more bugfixes
+
+-------------------------------------------------------------------
Old:
----
openssh-4.5p1-addrlist.dif
openssh-4.5p1-askpass-fix.diff
openssh-4.5p1-audit.patch
openssh-4.5p1-blocksigalrm.diff
openssh-4.5p1-default-protocol.diff
openssh-4.5p1.dif
openssh-4.5p1-eal3.diff
openssh-4.5p1-engines.diff
openssh-4.5p1-gcc-fix.patch
openssh-4.5p1-gssapimitm.patch
openssh-4.5p1-pam-fix2.diff
openssh-4.5p1-pam-fix3.diff
openssh-4.5p1-pwname-home.diff
openssh-4.5p1-saveargv-fix.diff
openssh-4.5p1-send_locale.diff
openssh-4.5p1-strict-aliasing-fix.diff
openssh-4.5p1.tar.bz2
openssh-4.5p1-tmpdir.diff
openssh-4.5p1-xauth.diff
openssh-4.5p1-xauthlocalhostname.diff
New:
----
openssh-4.6p1-addrlist.dif
openssh-4.6p1-askpass-fix.diff
openssh-4.6p1-audit.patch
openssh-4.6p1-blocksigalrm.diff
openssh-4.6p1-default-protocol.diff
openssh-4.6p1.dif
openssh-4.6p1-eal3.diff
openssh-4.6p1-engines.diff
openssh-4.6p1-gcc-fix.patch
openssh-4.6p1-gssapimitm.patch
openssh-4.6p1-pam-fix2.diff
openssh-4.6p1-pam-fix3.diff
openssh-4.6p1-pwname-home.diff
openssh-4.6p1-saveargv-fix.diff
openssh-4.6p1-send_locale.diff
openssh-4.6p1-strict-aliasing-fix.diff
openssh-4.6p1.tar.bz2
openssh-4.6p1-tmpdir.diff
openssh-4.6p1-xauth.diff
openssh-4.6p1-xauthlocalhostname.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openssh-askpass-gnome.spec ++++++
--- /var/tmp/diff_new_pack.w23424/_old 2007-03-15 01:54:56.000000000 +0100
+++ /var/tmp/diff_new_pack.w23424/_new 2007-03-15 01:54:56.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package openssh-askpass-gnome (Version 4.5p1)
+# spec file for package openssh-askpass-gnome (Version 4.6p1)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -14,8 +14,8 @@
BuildRequires: gtk2-devel krb5-devel opensc-devel openssh openssl-devel pam-devel tcpd-devel update-desktop-files
License: Other License(s), see package
Group: Productivity/Networking/SSH
-Version: 4.5p1
-Release: 19
+Version: 4.6p1
+Release: 1
Requires: openssh = %{version} openssh-askpass = %{version}
Autoreqprov: on
Summary: A GNOME-Based Passphrase Dialog for OpenSSH
++++++ openssh.spec ++++++
--- /var/tmp/diff_new_pack.w23424/_old 2007-03-15 01:54:56.000000000 +0100
+++ /var/tmp/diff_new_pack.w23424/_new 2007-03-15 01:54:56.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package openssh (Version 4.5p1)
+# spec file for package openssh (Version 4.6p1)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -28,8 +28,8 @@
PreReq: /usr/sbin/groupadd /usr/sbin/useradd %insserv_prereq %fillup_prereq /bin/mkdir /bin/cat permissions
Conflicts: nonfreessh
Autoreqprov: on
-Version: 4.5p1
-Release: 19
+Version: 4.6p1
+Release: 1
%define xversion 1.2.4.1
Summary: Secure Shell Client and Server (Remote Login Program)
URL: http://www.openssh.com/
@@ -283,7 +283,7 @@
%dir /etc/slp.reg.d
/etc/slp.reg.d/ssh.reg
/var/adm/fillup-templates/sysconfig.ssh
-%{_fwdefdir}/sshd
+%config %{_fwdefdir}/sshd
%files askpass
%defattr(-,root,root)
@@ -294,6 +294,19 @@
%config %_appdefdir/SshAskpass
%changelog
+* Mon Mar 12 2007 - anicka@suse.cz
+- update to 4.6p1
+ * sshd now allows the enabling and disabling of authentication
+ methods on a per user, group, host and network basis via the
+ Match directive in sshd_config.
+ * Allow multiple forwarding options to work when specified in a
+ PermitOpen directive
+ * Clear SIGALRM when restarting due to SIGHUP. Prevents stray
+ signal from taking down sshd if a connection was pending at
+ the time SIGHUP was received
+ * hang on exit" when background processes are running at the
+ time of exit on a ttyful/login session
+ * some more bugfixes
* Mon Mar 05 2007 - anicka@suse.cz
- fix path for firewall definition
* Thu Mar 01 2007 - anicka@suse.cz
++++++ openssh-4.5p1-addrlist.dif -> openssh-4.6p1-addrlist.dif ++++++
--- openssh/openssh-4.5p1-addrlist.dif 2006-12-12 13:56:41.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh-4.6p1-addrlist.dif 2007-03-12 10:53:56.000000000 +0100
@@ -63,7 +63,7 @@
/*
* Close all listening sockets
-@@ -941,6 +997,7 @@
+@@ -942,6 +998,7 @@
int ret, listen_sock, on = 1;
struct addrinfo *ai;
char ntop[NI_MAXHOST], strport[NI_MAXSERV];
@@ -71,7 +71,7 @@
for (ai = options.listen_addrs; ai; ai = ai->ai_next) {
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
-@@ -986,6 +1043,13 @@
+@@ -987,6 +1044,13 @@
continue;
}
listen_socks[num_listen_socks] = listen_sock;
++++++ openssh-4.5p1-askpass-fix.diff -> openssh-4.6p1-askpass-fix.diff ++++++
++++++ openssh-4.5p1-audit.patch -> openssh-4.6p1-audit.patch ++++++
--- openssh/openssh-4.5p1-audit.patch 2007-03-01 15:28:31.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh-4.6p1-audit.patch 2007-03-12 10:55:33.000000000 +0100
@@ -1,5 +1,94 @@
---- openssh-4.5p1/loginrec.c.audit 2006-09-07 14:57:54.000000000 +0200
-+++ openssh-4.5p1/loginrec.c 2006-12-21 12:17:35.000000000 +0100
+# add support for Linux audit (FATE #120269)
+--- openssh-4.6p1/Makefile.in
++++ openssh-4.6p1/Makefile.in
+@@ -45,6 +45,7 @@
+ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
+ LIBS=@LIBS@
+ LIBSELINUX=@LIBSELINUX@
++LIBAUDIT=@LIBAUDIT@
+ SSHDLIBS=@SSHDLIBS@
+ LIBEDIT=@LIBEDIT@
+ LIBPAM=@LIBPAM@
+@@ -139,7 +140,7 @@
+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+
+ sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
+- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(SSHDLIBS) $(LIBS)
++ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(LIBAUDIT) $(SSHDLIBS) $(LIBS)
+
+ scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
+ $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+--- openssh-4.6p1/auth.c
++++ openssh-4.6p1/auth.c
+@@ -286,6 +286,12 @@
+ get_canonical_hostname(options.use_dns), "ssh", &loginmsg);
+ # endif
+ #endif
++#if HAVE_LINUX_AUDIT
++ if (authenticated == 0 && !authctxt->postponed) {
++ linux_audit_record_event(-1, authctxt->user, NULL,
++ get_remote_ipaddr(), "sshd", 0);
++ }
++#endif
+ #ifdef SSH_AUDIT_EVENTS
+ if (authenticated == 0 && !authctxt->postponed)
+ audit_event(audit_classify_auth(method));
+@@ -492,6 +498,10 @@
+ record_failed_login(user,
+ get_canonical_hostname(options.use_dns), "ssh");
+ #endif
++#ifdef HAVE_LINUX_AUDIT
++ linux_audit_record_event(-1, user, NULL, get_remote_ipaddr(),
++ "sshd", 0);
++#endif
+ #ifdef SSH_AUDIT_EVENTS
+ audit_event(SSH_INVALID_USER);
+ #endif /* SSH_AUDIT_EVENTS */
+--- openssh-4.6p1/config.h.in
++++ openssh-4.6p1/config.h.in
+@@ -1305,6 +1305,9 @@
+ /* Define if you want SELinux support. */
+ #undef WITH_SELINUX
+
++/* Define if you want Linux audit support. */
++#undef HAVE_LINUX_AUDIT
++
+ /* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+ #undef WORDS_BIGENDIAN
+--- openssh-4.6p1/configure.ac
++++ openssh-4.6p1/configure.ac
+@@ -3170,6 +3170,20 @@
+ )
+ AC_SUBST(LIBSELINUX)
+
++# Check whether user wants Linux audit support
++LINUX_AUDIT_MSG="no"
++LIBAUDIT=""
++AC_ARG_WITH(linux-audit,
++ [ --with-linux-audit Enable Linux audit support],
++ [ if test "x$withval" != "xno" ; then
++ AC_DEFINE(HAVE_LINUX_AUDIT,1,[Define if you want Linux audit support.])
++ LINUX_AUDIT_MSG="yes"
++ AC_CHECK_HEADERS(libaudit.h)
++ LIBAUDIT="-laudit"
++ fi
++ ])
++AC_SUBST(LIBAUDIT)
++
+ # Check whether user wants Kerberos 5 support
+ KRB5_MSG="no"
+ AC_ARG_WITH(kerberos5,
+@@ -3990,6 +4004,7 @@
+ echo " OSF SIA support: $SIA_MSG"
+ echo " KerberosV support: $KRB5_MSG"
+ echo " SELinux support: $SELINUX_MSG"
++echo " Linux audit support: $LINUX_AUDIT_MSG"
+ echo " Smartcard support: $SCARD_MSG"
+ echo " S/KEY support: $SKEY_MSG"
+ echo " TCP Wrappers support: $TCPW_MSG"
+--- openssh-4.6p1/loginrec.c
++++ openssh-4.6p1/loginrec.c
@@ -175,6 +175,10 @@
#include "auth.h"
#include "buffer.h"
@@ -84,8 +173,8 @@
/**
** Low-level libutil login() functions
**/
---- openssh-4.5p1/loginrec.h.audit 2006-08-05 04:39:40.000000000 +0200
-+++ openssh-4.5p1/loginrec.h 2006-12-21 12:17:35.000000000 +0100
+--- openssh-4.6p1/loginrec.h
++++ openssh-4.6p1/loginrec.h
@@ -127,5 +127,9 @@
char *line_abbrevname(char *dst, const char *src, int dstsize);
@@ -96,91 +185,3 @@
+#endif /* HAVE_LINUX_AUDIT */
#endif /* _HAVE_LOGINREC_H_ */
---- openssh-4.5p1/Makefile.in.audit 2006-10-23 23:44:47.000000000 +0200
-+++ openssh-4.5p1/Makefile.in 2006-12-21 12:19:39.000000000 +0100
-@@ -45,6 +45,7 @@
- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
- LIBS=@LIBS@
- LIBSELINUX=@LIBSELINUX@
-+LIBAUDIT=@LIBAUDIT@
- SSHDLIBS=@SSHDLIBS@
- LIBEDIT=@LIBEDIT@
- LIBPAM=@LIBPAM@
-@@ -139,7 +140,7 @@
- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-
- sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
-- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(SSHDLIBS) $(LIBS)
-+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(LIBAUDIT) $(SSHDLIBS) $(LIBS)
-
- scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
- $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
---- openssh-4.5p1/config.h.in.audit 2006-11-07 14:07:01.000000000 +0100
-+++ openssh-4.5p1/config.h.in 2006-12-21 12:17:35.000000000 +0100
-@@ -1305,6 +1305,9 @@
- /* Define if you want SELinux support. */
- #undef WITH_SELINUX
-
-+/* Define if you want Linux audit support. */
-+#undef HAVE_LINUX_AUDIT
-+
- /* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
- #undef WORDS_BIGENDIAN
---- openssh-4.5p1/configure.ac.audit 2006-12-21 12:17:34.000000000 +0100
-+++ openssh-4.5p1/configure.ac 2006-12-21 12:17:35.000000000 +0100
-@@ -3161,6 +3161,20 @@
- )
- AC_SUBST(LIBSELINUX)
-
-+# Check whether user wants Linux audit support
-+LINUX_AUDIT_MSG="no"
-+LIBAUDIT=""
-+AC_ARG_WITH(linux-audit,
-+ [ --with-linux-audit Enable Linux audit support],
-+ [ if test "x$withval" != "xno" ; then
-+ AC_DEFINE(HAVE_LINUX_AUDIT,1,[Define if you want Linux audit support.])
-+ LINUX_AUDIT_MSG="yes"
-+ AC_CHECK_HEADERS(libaudit.h)
-+ LIBAUDIT="-laudit"
-+ fi
-+ ])
-+AC_SUBST(LIBAUDIT)
-+
- # Check whether user wants Kerberos 5 support
- KRB5_MSG="no"
- AC_ARG_WITH(kerberos5,
-@@ -3982,6 +3996,7 @@
- echo " OSF SIA support: $SIA_MSG"
- echo " KerberosV support: $KRB5_MSG"
- echo " SELinux support: $SELINUX_MSG"
-+echo " Linux audit support: $LINUX_AUDIT_MSG"
- echo " Smartcard support: $SCARD_MSG"
- echo " S/KEY support: $SKEY_MSG"
- echo " TCP Wrappers support: $TCPW_MSG"
---- openssh-4.5p1/auth.c.audit 2006-10-27 17:10:16.000000000 +0200
-+++ openssh-4.5p1/auth.c 2006-12-21 12:17:35.000000000 +0100
-@@ -286,6 +286,12 @@
- get_canonical_hostname(options.use_dns), "ssh", &loginmsg);
- # endif
- #endif
-+#if HAVE_LINUX_AUDIT
-+ if (authenticated == 0 && !authctxt->postponed) {
-+ linux_audit_record_event(-1, authctxt->user, NULL,
-+ get_remote_ipaddr(), "sshd", 0);
-+ }
-+#endif
- #ifdef SSH_AUDIT_EVENTS
- if (authenticated == 0 && !authctxt->postponed)
- audit_event(audit_classify_auth(method));
-@@ -492,6 +498,10 @@
- record_failed_login(user,
- get_canonical_hostname(options.use_dns), "ssh");
- #endif
-+#ifdef HAVE_LINUX_AUDIT
-+ linux_audit_record_event(-1, user, NULL, get_remote_ipaddr(),
-+ "sshd", 0);
-+#endif
- #ifdef SSH_AUDIT_EVENTS
- audit_event(SSH_INVALID_USER);
- #endif /* SSH_AUDIT_EVENTS */
++++++ openssh-4.5p1-blocksigalrm.diff -> openssh-4.6p1-blocksigalrm.diff ++++++
++++++ openssh-4.5p1-default-protocol.diff -> openssh-4.6p1-default-protocol.diff ++++++
++++++ openssh-4.5p1-addrlist.dif -> openssh-4.6p1.dif ++++++
--- openssh/openssh-4.5p1-addrlist.dif 2006-12-12 13:56:41.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh-4.6p1.dif 2007-03-12 10:53:56.000000000 +0100
@@ -1,87 +1,45 @@
---- sshd.c
-+++ sshd.c
-@@ -253,6 +253,62 @@
+--- ssh_config
++++ ssh_config
+@@ -17,9 +17,20 @@
+ # list of available options, their meanings and defaults, please see the
+ # ssh_config(5) man page.
- static void do_ssh1_kex(void);
- static void do_ssh2_kex(void);
-+char * isaddr(struct addrinfo *addr, char *name);
-+void remove_duplicities(struct addrinfo *addr, char *port);
-+
-+/*
-+ * returns port if addr equals name
-+ */
-+
-+char*
-+isaddr(struct addrinfo *addr, char *name)
-+{
-+ char ntop[NI_MAXHOST];
-+ char *strport;
-+
-+ strport = (char*) malloc(NI_MAXSERV+1);
-+ if (getnameinfo(addr->ai_addr, addr->ai_addrlen,
-+ ntop, sizeof(ntop), strport, sizeof(strport),
-+ NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
-+ error("getnameinfo failed");
-+ free(strport);
-+ return NULL;
-+ }
-+ if (!strcmp(ntop,name))
-+ return strport;
-+ else{
-+ free(strport);
-+ return NULL;
-+ }
-+
-+}
-+
-+/*
-+ * it removes all "0.0.0.0" elements with given port
-+ * from the list
-+ */
-+
-+void
-+remove_duplicities(struct addrinfo *ai_start, char *port)
-+{
-+ struct addrinfo *ai, *ai1, *aiprev, *ainext;
-+ char *port1;
-+
-+ aiprev=ai_start;
-+ for (ai = ai_start->ai_next; ai; ai = ainext) {
-+ ainext = ai->ai_next;
-+ port1 = isaddr(ai, "0.0.0.0");
-+ if (port1 && !strcmp(port,port1)){
-+ aiprev->ai_next = ainext;
-+ free(ai);
-+ free(port1);
-+ } else {
-+ if (port1)
-+ free(port1);
-+ aiprev = ai;
-+ }
-+ }
-+}
-
- /*
- * Close all listening sockets
-@@ -941,6 +997,7 @@
- int ret, listen_sock, on = 1;
- struct addrinfo *ai;
- char ntop[NI_MAXHOST], strport[NI_MAXSERV];
-+ char *port;
+-# Host *
++Host *
+ # ForwardAgent no
+ # ForwardX11 no
++
++# If you do not trust your remote host (or its administrator), you
++# should not forward X11 connections to your local X11-display for
++# security reasons: Someone stealing the authentification data on the
++# remote side (the "spoofed" X-server by the remote sshd) can read your
++# keystrokes as you type, just like any other X11 client could do.
++# Set this to "no" here for global effect or in your own ~/.ssh/config
++# file if you want to have the remote X11 authentification data to
++# expire after two minutes after remote login.
++ForwardX11Trusted yes
++
+ # RhostsRSAAuthentication no
+ # RSAAuthentication yes
+ # PasswordAuthentication yes
+--- sshd_config
++++ sshd_config
+@@ -82,7 +82,7 @@
- for (ai = options.listen_addrs; ai; ai = ai->ai_next) {
- if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
-@@ -986,6 +1043,13 @@
- continue;
- }
- listen_socks[num_listen_socks] = listen_sock;
-+
-+ port = isaddr(ai,"::");
-+ if (port) {
-+ remove_duplicities(ai, port);
-+ free(port);
-+ }
-+
- num_listen_socks++;
+ #AllowTcpForwarding yes
+ #GatewayPorts no
+-#X11Forwarding no
++X11Forwarding yes
+ #X11DisplayOffset 10
+ #X11UseLocalhost yes
+ #PrintMotd yes
+--- sshlogin.c
++++ sshlogin.c
+@@ -126,6 +126,7 @@
- /* Start listening on the port. */
+ li = login_alloc_entry(pid, user, host, tty);
+ login_set_addr(li, addr, addrlen);
++ li->uid=uid;
+ login_login(li);
+ login_free_entry(li);
+ }
++++++ openssh-4.5p1-eal3.diff -> openssh-4.6p1-eal3.diff ++++++
--- openssh/openssh-4.5p1-eal3.diff 2006-12-12 13:56:43.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh-4.6p1-eal3.diff 2007-03-12 10:53:59.000000000 +0100
@@ -1,5 +1,5 @@
---- openssh-4.5p1/sshd.8
-+++ openssh-4.5p1/sshd.8
+--- openssh-4.6p1/sshd.8
++++ openssh-4.6p1/sshd.8
@@ -739,7 +739,7 @@
The file format is described in
.Xr moduli 5 .
@@ -28,9 +28,9 @@
.Xr sshd_config 5 ,
.Xr inetd 8 ,
.Xr sftp-server 8
---- openssh-4.5p1/sshd_config.5
-+++ openssh-4.5p1/sshd_config.5
-@@ -169,9 +169,6 @@
+--- openssh-4.6p1/sshd_config.5
++++ openssh-4.6p1/sshd_config.5
+@@ -167,9 +167,6 @@
By default, no banner is displayed.
.It Cm ChallengeResponseAuthentication
Specifies whether challenge-response authentication is allowed.
@@ -40,7 +40,7 @@
The default is
.Dq yes .
.It Cm Ciphers
-@@ -384,7 +381,7 @@
+@@ -382,7 +379,7 @@
.Pp
.Pa /etc/hosts.equiv
and
++++++ openssh-4.5p1-engines.diff -> openssh-4.6p1-engines.diff ++++++
--- openssh/openssh-4.5p1-engines.diff 2006-12-12 13:56:43.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh-4.6p1-engines.diff 2007-03-12 10:53:59.000000000 +0100
@@ -1,9 +1,5 @@
-# Load drivers for available hardware crypto accelerators.
-# -- mludvig@suse.cz
-Index: openssh-3.8p1/ssh-add.c
-================================================================================
---- openssh-4.5p1/ssh-add.c
-+++ openssh-4.5p1/ssh-add.c
+--- openssh-4.6p1/ssh-add.c
++++ openssh-4.6p1/ssh-add.c
@@ -42,6 +42,7 @@
#include