openSUSE Commits
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
February 2011
- 1 participants
- 1792 discussions
Hello community,
here is the log from the commit of package vim for openSUSE:Factory
checked in at Tue Feb 1 16:26:40 CET 2011.
--------
--- vim/vim.changes 2011-01-09 18:07:40.000000000 +0100
+++ /mounts/work_src_done/STABLE/vim/vim.changes 2011-01-31 23:56:38.000000000 +0100
@@ -1,0 +2,8 @@
+Mon Jan 31 22:51:16 UTC 2011 - opensuse(a)cboltz.de
+
+- update apparmor.vim to better match the syntax of AppArmor 2.5
+ - support audit and deny for capability, network, link
+ - fixed rlimit syntax
+ - various small fixes
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ vim.spec ++++++
--- /var/tmp/diff_new_pack.Zb7kJr/_old 2011-02-01 15:51:43.000000000 +0100
+++ /var/tmp/diff_new_pack.Zb7kJr/_new 2011-02-01 15:51:43.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package vim (Version 7.3)
+# spec file for package vim
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -20,7 +20,7 @@
Name: vim
Version: 7.3
-Release: 1
+Release: 2
#
License: Other uncritical OpenSource License ; Charityware. http://vimdoc.sourceforge.net/htmldoc/uganda.html#license
Group: Productivity/Editors/Vi
++++++ apparmor.vim ++++++
--- /var/tmp/diff_new_pack.Zb7kJr/_old 2011-02-01 15:51:43.000000000 +0100
+++ /var/tmp/diff_new_pack.Zb7kJr/_new 2011-02-01 15:51:43.000000000 +0100
@@ -1,4 +1,4 @@
-" $Id: apparmor.vim,v 1.10 2011/01/09 17:27:40 cb Exp $
+" $Id: apparmor.vim,v 1.11 2011/01/31 22:48:07 cb Exp $
"
" ----------------------------------------------------------------------
" Copyright (c) 2005 Novell, Inc. All Rights Reserved.
@@ -134,32 +134,37 @@
syn keyword sdCapDanger sys_admin audit_control audit_write set_fcap mac_override mac_admin
" full line. Keywords are from sdCapKey + sdCapDanger
-syn match sdCap /\v^\s*capability\s+(chown|dac_override|dac_read_search|fowner|fsetid|kill|setgid|setuid|setpcap|linux_immutable|net_bind_service|net_broadcast|net_admin|net_raw|ipc_lock|ipc_owner|sys_module|sys_rawio|sys_chroot|sys_ptrace|sys_pacct|sys_boot|sys_nice|sys_resource|sys_time|sys_tty_config|mknod|lease|sys_admin|audit_control|audit_write|set_fcap|mac_override|mac_admin)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdCapKey,sdCapDanger,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
-syn match sdSetCap /\v^\s*set\s+capability\s+(chown|dac_override|dac_read_search|fowner|fsetid|kill|setgid|setuid|setpcap|linux_immutable|net_bind_service|net_broadcast|net_admin|net_raw|ipc_lock|ipc_owner|sys_module|sys_rawio|sys_chroot|sys_ptrace|sys_pacct|sys_boot|sys_nice|sys_resource|sys_time|sys_tty_config|mknod|lease|sys_admin|audit_control|audit_write|set_fcap|mac_override|mac_admin)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdCapKey,sdCapDanger,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdCap /\v^\s*(audit\s+)?(deny\s+)?capability\s+(chown|dac_override|dac_read_search|fowner|fsetid|kill|setgid|setuid|setpcap|linux_immutable|net_bind_service|net_broadcast|net_admin|net_raw|ipc_lock|ipc_owner|sys_module|sys_rawio|sys_chroot|sys_ptrace|sys_pacct|sys_boot|sys_nice|sys_resource|sys_time|sys_tty_config|mknod|lease|sys_admin|audit_control|audit_write|set_fcap|mac_override|mac_admin)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdCapKey,sdCapDanger,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+" set capability was removed - TODO: remove everywhere in apparmor.vim
+" syn match sdSetCap /\v^\s*set\s+capability\s+(chown|dac_override|dac_read_search|fowner|fsetid|kill|setgid|setuid|setpcap|linux_immutable|net_bind_service|net_broadcast|net_admin|net_raw|ipc_lock|ipc_owner|sys_module|sys_rawio|sys_chroot|sys_ptrace|sys_pacct|sys_boot|sys_nice|sys_resource|sys_time|sys_tty_config|mknod|lease|sys_admin|audit_control|audit_write|set_fcap|mac_override|mac_admin)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdCapKey,sdCapDanger,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" Network line
" Syntax: network domain (inet, ...) type (stream, ...) protocol (tcp, ...)
-syn match sdNetwork /\v^\s*network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|sna|irda|pppox|wanpipe|bluetooth))?(\s+(stream|dgram|seqpacket|rdm|packet))?(\s+(tcp|udp|icmp))?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+" TODO: 'owner' isn't supported, but will be (JJ, 2011-01-11)
+syn match sdNetwork /\v^\s*(audit\s+)?(deny\s+)?network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|sna|irda|pppox|wanpipe|bluetooth))?(\s+(stream|dgram|seqpacket|rdm|packet))?(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" network rules containing 'raw'
-syn match sdNetworkDanger /\v^\s*network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|sna|irda|pppox|wanpipe|bluetooth))?(\s+(raw))(\s+(tcp|udp|icmp))?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdNetworkDanger /\v^\s*(audit\s+)?(deny\s+)?network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|sna|irda|pppox|wanpipe|bluetooth))?(\s+(raw))(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" 'all networking' includes raw -> mark as dangerous
-syn match sdNetworkDanger /\v^\s*network\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdNetworkDanger /\v^\s*(audit\s+)?(deny\s+)?network\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" Change Profile
+" TODO: audit and deny support will be added (JJ, 2011-01-11)
syn match sdEntryChangeProfile /\v^\s*change_profile\s+-\>\s+\S+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" rlimit
+" TODO: audit and deny support will be added (JJ, 2011-01-11)
"
"syn match sdRLimit /\v^\s*rlimit\s+()\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
-syn match sdRLimit /\v^\s*rlimit\s+(nofile|locks|sigpending|nproc|rtprio)\s+[0-9]+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
-syn match sdRLimit /\v^\s*rlimit\s+(fsize|data|stack|core|rss|as|memlock|msgqueue)\s+\<\=\s+[0-9]+([KMG])?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
-syn match sdRLimit /\v^\s*rlimit\s+nice\s+(-1?[0-9]|-20|1?[0-9])\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
+syn match sdRLimit /\v^\s*set\s+rlimit\s+(nofile|nproc|rtprio)\s+[0-9]+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
+syn match sdRLimit /\v^\s*set\s+rlimit\s+(locks|sigpending)\s+\<\=\s+[0-9]+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
+syn match sdRLimit /\v^\s*set\s+rlimit\s+(fsize|data|stack|core|rss|as|memlock|msgqueue)\s+\<\=\s+[0-9]+([KMG])?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
+syn match sdRLimit /\v^\s*set\s+rlimit\s+nice\s+\<\=\s+(-1?[0-9]|-20|1?[0-9])\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment
" link rules
-syn match sdEntryW /\v^\s+link\s+(subset\s+)?(\/|\@\{\S*\})\S*\s+-\>\s+(\/|\@\{\S*\})\S*\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob
+syn match sdEntryW /\v^\s+(audit\s+)?(deny\s+)?(owner\s+)?link\s+(subset\s+)?(\/|\@\{\S*\})\S*\s+-\>\s+(\/|\@\{\S*\})\S*\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob
" file permissions
@@ -168,60 +173,62 @@
"
" write + exec/mmap - danger!
" known bug: accepts 'aw' to keep things simple
-syn match sdEntryWriteExec /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(l|r|w|a|m|k|[iuUpPcC]x)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryWriteExec /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(l|r|w|a|m|k|[iuUpPcC]x)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" ux(mr) - unconstrained entry, flag the line red
-syn match sdEntryUX /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(r|m|k|ux)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryUX /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k|ux)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" Ux(mr) - like ux + clean environment
-syn match sdEntryUXe /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(r|m|k|Ux)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryUXe /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k|Ux)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" px/cx/pix/cix(mrk) - standard exec entry, flag the line blue
-syn match sdEntryPX /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(r|m|k|px|cx|pix|cix)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryPX /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k|px|cx|pix|cix)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" Px/Cx/Pix/Cix(mrk) - like px/cx + clean environment
-syn match sdEntryPXe /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(r|m|k|Px|Cx|Pix|Cix)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryPXe /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k|Px|Cx|Pix|Cix)+(\s+-\>\s+\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" ix(mr) - standard exec entry, flag the line green
-syn match sdEntryIX /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(r|m|k|ix)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryIX /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k|ix)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" mr - mmap with PROT_EXEC
-syn match sdEntryM /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(r|m|k)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryM /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" if we've got u or i without x, it's an error
" rule is superfluous because of the '/.*/ is an error' rule ;-)
-"syn match sdError /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(l|r|w|k|u|p|i)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+"syn match sdError /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(l|r|w|k|u|p|i)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" write + append is an error also
-"syn match sdError /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(\S*r\S*a\S*|\S*a\S*w\S*)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
-syn match sdError /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+\S*(w\S*a|a\S*w)\S*\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+"syn match sdError /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(\S*r\S*a\S*|\S*a\S*w\S*)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdError /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+\S*(w\S*a|a\S*w)\S*\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" write entry, flag the line yellow
-syn match sdEntryW /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(l|r|w|k)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryW /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(l|r|w|k)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" append entry, flag the line yellow
-syn match sdEntryW /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+(l|r|a|k)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryW /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(l|r|a|k)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" read entry + locking, currently no highlighting
-syn match sdEntryK /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+[rlk]+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryK /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+[rlk]+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" read entry, no highlighting
-syn match sdEntryR /\v^\s*((owner\s+)|(audit\s+)|(deny\s+))*(\/|\@\{\S*\})\S*\s+[rl]+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match sdEntryR /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+[rl]+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
syn match sdExtHat /\v^\s+(\^|profile\s+)\S+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment " hat without {...}
-syn match sdProfileName /\v^((profile\s+)?\/\S+|profile\s+([a-zA-Z0-9]\S*\s)?\S+)\s+((flags\=)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ contains=sdProfileStart,sdHatName,sdFlags,sdComment,sdGlob
+syn match sdProfileName /\v^((profile\s+)?\/\S+|profile\s+([a-zA-Z0-9]\S*\s)?\S+)\s+((flags\s*\=\s*)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ contains=sdProfileStart,sdHatName,sdFlags,sdComment,sdGlob
syn match sdProfileStart /{/ contained
syn match sdProfileEnd /^}\s*(#.*)?$/ contained " TODO: syn region does not (yet?) allow usage of comment in end=
" TODO: Removing the $ mark from end= will allow non-comments also :-(
-syn match sdHatName /\v^\s+(\^|profile\s+)\S+\s+((flags\=)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ contains=sdProfileStart,sdFlags,sdComment
+syn match sdHatName /\v^\s+(\^|profile\s+)\S+\s+((flags\s*\=\s*)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ contains=sdProfileStart,sdFlags,sdComment
syn match sdHatStart /{/ contained
syn match sdHatEnd /}/ contained " TODO: allow comments + [same as for syn match sdProfileEnd]
-syn match sdFlags /\v((flags\=)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)/ contained contains=sdFlagKey
+syn match sdFlags /\v((flags\s*\=\s*)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)/ contained contains=sdFlagKey
syn match sdComment /\s*#.*$/
-syn match sdInclude /\s*#include\s<\S*>/ contains=sdComment " TODO: doesn't check until $
-syn match sdInclude /\s*include\s<\S*>/ contains=sdComment " TODO: doesn't check until $
+" NOTE: contains=sdComment changes #include highlighting to comment color.
+" NOTE: Comment highlighting still works without contains=sdComment.
+syn match sdInclude /\s*#include\s<\S*>/ " TODO: doesn't check until $
+syn match sdInclude /\s*include\s<\S*>/ " TODO: doesn't check until $
" basic profile block...
" \s+ does not work in end=, therefore using \s\s*
-syn region Normal start=/\v^(profile\s+)?\S+\s+((flags\=)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ matchgroup=sdProfileEnd end=/^}\s*$/ contains=sdProfileName,Hat,@sdEntry,sdComment,sdError,sdInclude
-syn region Hat start=/\v^\s+(\^|profile\s+)\S+\s+((flags\=)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ matchgroup=sdHatEnd end=/^\s\s*}\s*$/ contains=sdHatName,@sdEntry,sdComment,sdError,sdInclude
+syn region Normal start=/\v^(profile\s+)?\S+\s+((flags\s*\=\s*)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ matchgroup=sdProfileEnd end=/^}\s*$/ contains=sdProfileName,Hat,@sdEntry,sdComment,sdError,sdInclude
+syn region Hat start=/\v^\s+(\^|profile\s+)\S+\s+((flags\s*\=\s*)?\(\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative)(\s*,\s*(complain|audit|attach_disconnect|no_attach_disconnected|chroot_attach|chroot_no_attach|chroot_relative|namespace_relative))*\s*\)\s+)=\{/ matchgroup=sdHatEnd end=/^\s\s*}\s*$/ contains=sdHatName,@sdEntry,sdComment,sdError,sdInclude
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package iso-codes for openSUSE:Factory
checked in at Tue Feb 1 15:51:36 CET 2011.
--------
--- GNOME/iso-codes/iso-codes.changes 2011-01-14 19:57:46.000000000 +0100
+++ /mounts/work_src_done/STABLE/iso-codes/iso-codes.changes 2011-01-25 21:08:49.000000000 +0100
@@ -1,0 +2,5 @@
+Tue Jan 25 20:08:06 UTC 2011 - dimstar(a)opensuse.org
+
+- Split out -lang package (bnc#645077).
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ iso-codes.spec ++++++
--- /var/tmp/diff_new_pack.PNwidP/_old 2011-02-01 15:16:13.000000000 +0100
+++ /var/tmp/diff_new_pack.PNwidP/_new 2011-02-01 15:16:13.000000000 +0100
@@ -19,7 +19,7 @@
Name: iso-codes
Version: 3.24
-Release: 2
+Release: 3
License: LGPLv2.1+
Summary: ISO Code Lists and Translations
Url: http://alioth.debian.org/projects/pkg-isocodes/
@@ -30,6 +30,7 @@
BuildRequires: python-lxml
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
+Recommends: %{name}-lang
%description
This package provides the ISO-639 language code list, the ISO-3166
@@ -47,6 +48,7 @@
Territory code list, and ISO-3166-2 sub-territory lists, and all their
translations in gettext .po form.
+%lang_package
%prep
%setup -q
@@ -66,11 +68,13 @@
%clean
rm -rf %{buildroot}
-%files -f %{name}.lang
+%files
%defattr(-,root,root)
%doc ChangeLog README TODO
%{_datadir}/xml/iso-codes
+%files lang -f %{name}.lang
+
%files devel
%defattr(-,root,root,-)
%{_datadir}/pkgconfig/iso-codes.pc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package ca-certificates-mozilla for openSUSE:Factory
checked in at Tue Feb 1 15:51:19 CET 2011.
--------
--- ca-certificates-mozilla/ca-certificates-mozilla.changes 2010-09-27 16:43:59.000000000 +0200
+++ /mounts/work_src_done/STABLE/ca-certificates-mozilla/ca-certificates-mozilla.changes 2011-01-31 14:45:34.000000000 +0100
@@ -1,0 +2,11 @@
+Mon Jan 31 13:43:23 UTC 2011 - lnussel(a)suse.de
+
+- update certificates to revision 1.70
+ * new: AddTrust_Qualified_Certificates_Root.pem
+ * new: Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
+ * new: Chambers_of_Commerce_Root_2008.pem
+ * new: Global_Chambersign_Root_2008.pem
+ * new: Izenpe_com.pem
+ * new: TC_TrustCenter_Universal_CA_III.pem
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ca-certificates-mozilla.spec ++++++
--- /var/tmp/diff_new_pack.9AhZML/_old 2011-02-01 15:21:22.000000000 +0100
+++ /var/tmp/diff_new_pack.9AhZML/_new 2011-02-01 15:21:22.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package ca-certificates-mozilla (Version 1.65)
+# spec file for package ca-certificates-mozilla
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@
License: BSD3c(or similar) ; MPL 1.1/GPL 2.0/LGPL 2.1
Group: Productivity/Networking/Security
AutoReqProv: on
-Version: 1.65
+Version: 1.70
Release: 1
Summary: CA certificates for OpenSSL
Url: http://www.mozilla.org
++++++ certdata.txt ++++++
++++ 1610 lines (skipped)
++++ between ca-certificates-mozilla/certdata.txt
++++ and /mounts/work_src_done/STABLE/ca-certificates-mozilla/certdata.txt
++++++ compareoldnew ++++++
--- /var/tmp/diff_new_pack.9AhZML/_old 2011-02-01 15:21:22.000000000 +0100
+++ /var/tmp/diff_new_pack.9AhZML/_new 2011-02-01 15:21:22.000000000 +0100
@@ -39,6 +39,7 @@
elif ! cmp "old/$common" "new/$common"; then
echo "*** $common differs!"
showcert old/$common
- showcert old/$common
+ showcert new/$common
+ diff -u old/$common new/$common || true
fi
done < <(comm --output-delimiter='#' old.files new.files)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package ghostscript-library for openSUSE:Factory
checked in at Tue Feb 1 15:15:49 CET 2011.
--------
--- ghostscript-library/ghostscript-library.changes 2011-01-13 15:31:28.000000000 +0100
+++ /mounts/work_src_done/STABLE/ghostscript-library/ghostscript-library.changes 2011-01-18 10:55:06.000000000 +0100
@@ -6,0 +7,5 @@
+Sat Jan 8 18:34:10 CET 2011 - dmueller(a)suse.de
+
+- fix upgrade from 11.3
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ghostscript-library.spec ++++++
--- /var/tmp/diff_new_pack.ft772S/_old 2011-02-01 15:15:02.000000000 +0100
+++ /var/tmp/diff_new_pack.ft772S/_new 2011-02-01 15:15:02.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package ghostscript-library (Version 9.00)
+# spec file for package ghostscript-library
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -55,7 +55,7 @@
Suggests: hplip-hpijs
Recommends: ghostscript-fonts-other
Requires: ghostscript-fonts-std
-Suggests: ghostscript-omni
+Obsoletes: ghostscript-omni < 9.00
Conflicts: ghostscript-mini
%else
Provides: ghostscript-library ghostscript-fonts-std
@@ -68,7 +68,7 @@
Summary: Necessary Files for Running Ghostscript
%endif
Version: 9.00
-Release: 2
+Release: 3
License: GPLv3
Source0: ghostscript-9.00.tar.bz2
Source1: ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/GPL/current/ghostscript-fonts-st…
@@ -317,7 +317,7 @@
%package -n libgimpprint
License: GPLv2+
Version: 4.2.7
-Release: 332
+Release: 333
Summary: Gimp-Print libraries
Group: Development/Libraries/C and C++
@@ -333,7 +333,7 @@
%package -n libgimpprint-devel
License: GPLv2+
Version: 4.2.7
-Release: 332
+Release: 333
PreReq: %install_info_prereq
Requires: libgimpprint = %{version}
Requires: glibc-devel
++++++ ghostscript-mini.spec ++++++
--- /var/tmp/diff_new_pack.ft772S/_old 2011-02-01 15:15:02.000000000 +0100
+++ /var/tmp/diff_new_pack.ft772S/_new 2011-02-01 15:15:02.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package ghostscript-mini (Version 9.00)
+# spec file for package ghostscript-mini
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -55,7 +55,7 @@
Suggests: hplip-hpijs
Recommends: ghostscript-fonts-other
Requires: ghostscript-fonts-std
-Suggests: ghostscript-omni
+Obsoletes: ghostscript-omni < 9.00
Conflicts: ghostscript-mini
%else
Provides: ghostscript-library ghostscript-fonts-std
@@ -68,7 +68,7 @@
Summary: Necessary Files for Running Ghostscript
%endif
Version: 9.00
-Release: 2
+Release: 3
License: GPLv3
Source0: ghostscript-9.00.tar.bz2
Source1: ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/GPL/current/ghostscript-fonts-st…
@@ -317,7 +317,7 @@
%package -n libgimpprint
License: GPLv2+
Version: 4.2.7
-Release: 332
+Release: 333
Summary: Gimp-Print libraries
Group: Development/Libraries/C and C++
@@ -333,7 +333,7 @@
%package -n libgimpprint-devel
License: GPLv2+
Version: 4.2.7
-Release: 332
+Release: 333
PreReq: %install_info_prereq
Requires: libgimpprint = %{version}
Requires: glibc-devel
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package gstreamer-0_10 for openSUSE:Factory
checked in at Tue Feb 1 15:15:21 CET 2011.
--------
--- GNOME/gstreamer-0_10/gstreamer-0_10.changes 2011-01-16 15:28:58.000000000 +0100
+++ /mounts/work_src_done/STABLE/gstreamer-0_10/gstreamer-0_10.changes 2011-01-25 18:18:35.000000000 +0100
@@ -1,0 +2,37 @@
+Tue Jan 25 17:01:00 UTC 2011 - wstephenson(a)novell.com
+
+- Update to version 0.10.32
+ + GLib requirement is now >= 2.22
+ + New core elements:
+ - valve (moved from -bad)
+ - input-selector (N.B. without "select-all" property, use fsfunnel
+ instead) (moved from -bad)
+ - output-selector (with different negotiation behaviour by
+ default, set pad-negotiation-mode=active for previous behaviour)
+ (moved from -bad)
+ + Performance improvements for many heavily-used code paths:
+ GstPad, GstPoll, GstClock, GstTask, basesink, basesrc, queue2,
+ multiqueue
+ + gobject-introspection: add annotations for most core API
+ + clock: make sync clock wait lockfree
+ + fdsrc/fdsink: reenable on MSVC
+ + registry: fix GStatBuf definition for win32 when building against
+ older glib (fixes unnecessary rescanning of plugins at start-up)
+ + element: add a more flexible way to get request pads from elements
+ + multiqueue: return upon input when already eos
+ + object: fix creation of default name
+ (when creating more than 100000 elements)
+ + pluginloader: fix hangs on OSX
+ + poll:
+ - fixes for (p)select backend (used e.g. on OSX)
+ - refactor and make more lockfree; fixes for win32 and OSX
+ (pselect backend)
+ + registry: don't replace valid existing plugins by blacklisted ones
+ + tags: don't produce duplicated entries when merging same value twice
+ + basesink:
+ - preroll fixes for async=false case
+ -rework position reporting code
+ + basetransform: handle downstream giving a buffer with new caps
+ but invalid size
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
gstreamer-0.10.31.tar.bz2
New:
----
gstreamer-0.10.32.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gstreamer-0_10-doc.spec ++++++
--- /var/tmp/diff_new_pack.mFSb53/_old 2011-02-01 15:14:24.000000000 +0100
+++ /var/tmp/diff_new_pack.mFSb53/_new 2011-02-01 15:14:24.000000000 +0100
@@ -21,8 +21,8 @@
Name: gstreamer-0_10-doc
%define build_doc 1
%define _name gstreamer
-Version: 0.10.31
-Release: 2
+Version: 0.10.32
+Release: 1
%define gst_branch 0.10
BuildRequires: bison check-devel fdupes flex glib2-devel libxml2-devel translation-update-upstream
%ifarch %ix86 ppc x86_64
++++++ gstreamer-0_10.spec ++++++
--- /var/tmp/diff_new_pack.mFSb53/_old 2011-02-01 15:14:24.000000000 +0100
+++ /var/tmp/diff_new_pack.mFSb53/_new 2011-02-01 15:14:24.000000000 +0100
@@ -21,8 +21,8 @@
Name: gstreamer-0_10
%define build_doc 0
%define _name gstreamer
-Version: 0.10.31
-Release: 2
+Version: 0.10.32
+Release: 1
%define gst_branch 0.10
BuildRequires: bison check-devel fdupes flex glib2-devel libxml2-devel translation-update-upstream
%ifarch %ix86 ppc x86_64
++++++ gstreamer-0.10.31.tar.bz2 -> gstreamer-0.10.32.tar.bz2 ++++++
++++ 43539 lines of diff (skipped)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package bluez for openSUSE:Factory
checked in at Tue Feb 1 15:14:37 CET 2011.
--------
--- bluez/bluez.changes 2011-01-20 15:32:01.000000000 +0100
+++ /mounts/work_src_done/STABLE/bluez/bluez.changes 2011-01-26 13:46:39.000000000 +0100
@@ -1,0 +2,8 @@
+Wed Jan 26 12:43:23 UTC 2011 - seife(a)opensuse.org
+
+- update to bluez-4.87
+ - Fix issue with initialization when adapter is already up.
+ - Fix issue with attribute server MTU and incoming connections.
+ - Fix issue with duplicate characteristics after discovery.
+
+-------------------------------------------------------------------
bluez-gstreamer.changes: same change
calling whatdependson for head-i586
Old:
----
bluez-4.86.tar.bz2
New:
----
bluez-4.87.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ bluez-gstreamer.spec ++++++
--- /var/tmp/diff_new_pack.0hm5FC/_old 2011-02-01 15:11:54.000000000 +0100
+++ /var/tmp/diff_new_pack.0hm5FC/_new 2011-02-01 15:11:54.000000000 +0100
@@ -28,7 +28,7 @@
BuildRequires: alsa-devel libsndfile-devel pkg-config udev
BuildRequires: gstreamer-0_10-devel gstreamer-0_10-plugins-base-devel
Url: http://www.bluez.org
-Version: 4.86
+Version: 4.87
Release: 1
Summary: Bluetooth Sound Support
Group: Productivity/Multimedia/Sound/Utilities
++++++ bluez.spec ++++++
--- /var/tmp/diff_new_pack.0hm5FC/_old 2011-02-01 15:11:54.000000000 +0100
+++ /var/tmp/diff_new_pack.0hm5FC/_new 2011-02-01 15:11:54.000000000 +0100
@@ -27,7 +27,7 @@
BuildRequires: glib2-devel libnl-devel libusb-devel
BuildRequires: alsa-devel libsndfile-devel pkg-config udev
Url: http://www.bluez.org
-Version: 4.86
+Version: 4.87
Release: 1
Summary: Bluetooth Stack for Linux
Group: Hardware/Mobile
++++++ bluez-4.86.tar.bz2 -> bluez-4.87.tar.bz2 ++++++
++++ 1909 lines of diff (skipped)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package openssh for openSUSE:Factory
checked in at Tue Feb 1 15:14:06 CET 2011.
--------
--- openssh/openssh-askpass-gnome.changes 2011-01-12 13:39:34.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh-askpass-gnome.changes 2011-01-25 12:04:54.000000000 +0100
@@ -1,0 +2,5 @@
+Mon Jan 24 11:51:10 UTC 2011 - lchiquitto(a)novell.com
+
+- Update to 5.7p1
+
+-------------------------------------------------------------------
--- openssh/openssh.changes 2011-01-12 13:39:35.000000000 +0100
+++ /mounts/work_src_done/STABLE/openssh/openssh.changes 2011-01-25 11:29:04.000000000 +0100
@@ -1,0 +2,36 @@
+Mon Jan 24 11:24:59 UTC 2011 - lchiquitto(a)novell.com
+
+- Update to 5.7p1
+ * Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
+ and host/user keys (ECDSA) as specified by RFC5656.
+ * sftp(1)/sftp-server(8): add a protocol extension to support a hard
+ link operation.
+ * scp(1): Add a new -3 option to scp: Copies between two remote hosts
+ are transferred through the local host.
+ * ssh(1): automatically order the hostkeys requested by the client
+ based on which hostkeys are already recorded in known_hosts.
+ * ssh(1)/sshd(8): add a new IPQoS option to specify arbitrary
+ TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput.
+ * sftp(1): the sftp client is now significantly faster at performing
+ directory listings, using OpenBSD glob(3) extensions to preserve
+ the results of stat(3) operations performed in the course of its
+ execution rather than performing expensive round trips to fetch
+ them again afterwards.
+ * ssh(1): "atomically" create the listening mux socket by binding it on
+ a temporary name and then linking it into position after listen() has
+ succeeded.
+ * ssh(1)/sshd(8): add a KexAlgorithms knob to the client and server
+ configuration to allow selection of which key exchange methods are
+ used by ssh(1) and sshd(8) and their order of preference.
+ * sftp(1)/scp(1): factor out bandwidth limiting code from scp(1) into
+ a generic bandwidth limiter that can be attached using the atomicio
+ callback mechanism and use it to add a bandwidth limit option to
+ sftp(1).
+ * Support building against openssl-1.0.0a.
+ * Bug fixes.
+- Remove patches that are now upstream:
+ * openssh-5.6p1-tmpdir.diff
+ * openssh-linux-new-oomkill.patch
+- Add upstream patch to fix build with SELinux enabled.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
openssh-5.6p1-askpass-fix.diff
openssh-5.6p1-audit.patch
openssh-5.6p1-blocksigalrm.diff
openssh-5.6p1-default-protocol.diff
openssh-5.6p1.dif
openssh-5.6p1-eal3.diff
openssh-5.6p1-engines.diff
openssh-5.6p1-gssapimitm.patch
openssh-5.6p1-homechroot.patch
openssh-5.6p1-host_ident.diff
openssh-5.6p1-pam-fix2.diff
openssh-5.6p1-pam-fix3.diff
openssh-5.6p1-pts.diff
openssh-5.6p1-saveargv-fix.diff
openssh-5.6p1-send_locale.diff
openssh-5.6p1-sshconfig-knownhostschanges.diff
openssh-5.6p1.tar.bz2
openssh-5.6p1-tmpdir.diff
openssh-5.6p1-xauth.diff
openssh-5.6p1-xauthlocalhostname.diff
openssh-linux-new-oomkill.patch
New:
----
openssh-5.7p1-askpass-fix.diff
openssh-5.7p1-audit.patch
openssh-5.7p1-blocksigalrm.diff
openssh-5.7p1-default-protocol.diff
openssh-5.7p1.dif
openssh-5.7p1-eal3.diff
openssh-5.7p1-engines.diff
openssh-5.7p1-gssapimitm.patch
openssh-5.7p1-homechroot.patch
openssh-5.7p1-host_ident.diff
openssh-5.7p1-pam-fix2.diff
openssh-5.7p1-pam-fix3.diff
openssh-5.7p1-pts.diff
openssh-5.7p1-saveargv-fix.diff
openssh-5.7p1-selinux.diff
openssh-5.7p1-send_locale.diff
openssh-5.7p1-sshconfig-knownhostschanges.diff
openssh-5.7p1.tar.bz2
openssh-5.7p1-xauth.diff
openssh-5.7p1-xauthlocalhostname.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openssh-askpass-gnome.spec ++++++
--- /var/tmp/diff_new_pack.jy15Tc/_old 2011-02-01 15:11:50.000000000 +0100
+++ /var/tmp/diff_new_pack.jy15Tc/_new 2011-02-01 15:11:50.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package openssh-askpass-gnome (Version 5.6p1)
+# spec file for package openssh-askpass-gnome
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -22,8 +22,8 @@
BuildRequires: gtk2-devel krb5-devel openssh openssl-devel pam-devel tcpd-devel update-desktop-files
License: BSD3c(or similar)
Group: Productivity/Networking/SSH
-Version: 5.6p1
-Release: 8
+Version: 5.7p1
+Release: 1
Requires: openssh = %{version} openssh-askpass = %{version}
AutoReqProv: on
Summary: A GNOME-Based Passphrase Dialog for OpenSSH
++++++ openssh.spec ++++++
--- /var/tmp/diff_new_pack.jy15Tc/_old 2011-02-01 15:11:50.000000000 +0100
+++ /var/tmp/diff_new_pack.jy15Tc/_new 2011-02-01 15:11:50.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package openssh (Version 5.6p1)
+# spec file for package openssh
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -29,8 +29,8 @@
PreReq: pwdutils %insserv_prereq %fillup_prereq coreutils
Conflicts: nonfreessh
AutoReqProv: on
-Version: 5.6p1
-Release: 8
+Version: 5.7p1
+Release: 1
%define xversion 1.2.4.1
Summary: Secure Shell Client and Server (Remote Login Program)
Url: http://www.openssh.com/
@@ -55,7 +55,6 @@
Patch8: %{name}-%{version}-blocksigalrm.diff
Patch9: %{name}-%{version}-send_locale.diff
Patch10: %{name}-%{version}-xauthlocalhostname.diff
-Patch11: %{name}-%{version}-tmpdir.diff
Patch12: %{name}-%{version}-xauth.diff
Patch14: %{name}-%{version}-default-protocol.diff
Patch15: %{name}-%{version}-audit.patch
@@ -63,7 +62,7 @@
Patch17: %{name}-%{version}-homechroot.patch
Patch18: %{name}-%{version}-sshconfig-knownhostschanges.diff
Patch19: %{name}-%{version}-host_ident.diff
-Patch20: openssh-linux-new-oomkill.patch
+Patch20: %{name}-%{version}-selinux.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%package askpass
@@ -101,7 +100,6 @@
%patch8
%patch9
%patch10
-%patch11
%patch12
%patch14
%patch15 -p1
@@ -109,7 +107,7 @@
%patch17
%patch18
%patch19 -p1
-%patch20
+%patch20 -p1
cp -v %{SOURCE4} .
cp -v %{SOURCE6} .
cd ../x11-ssh-askpass-%{xversion}
++++++ openssh-5.6p1-askpass-fix.diff -> openssh-5.7p1-askpass-fix.diff ++++++
--- openssh/openssh-5.6p1-askpass-fix.diff 2010-08-24 15:52:51.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-askpass-fix.diff 2011-01-25 11:29:00.000000000 +0100
@@ -1,6 +1,8 @@
---- x11-ssh-askpass.c
+Index: x11-ssh-askpass.c
+===================================================================
+--- x11-ssh-askpass.c.orig
+++ x11-ssh-askpass.c
-@@ -1301,7 +1301,7 @@
+@@ -1301,7 +1301,7 @@ void handleKeyPress(AppInfo *app, XEvent
}
}
@@ -9,7 +11,7 @@
{
/* 'gcc -Wall' complains about 'app' being an unused parameter.
* Tough. We might want to use it later, and then we don't have
-@@ -1343,11 +1343,11 @@
+@@ -1343,11 +1343,11 @@ void handleButtonPress(AppInfo *app, XEv
return;
}
if (ButtonPress == event->type) {
@@ -23,7 +25,7 @@
d->pressedButton = CANCEL_BUTTON;
d->cancelButton.pressed = True;
paintButton(app, d->dialogWindow, d->cancelButton);
-@@ -1356,7 +1356,7 @@
+@@ -1356,7 +1356,7 @@ void handleButtonPress(AppInfo *app, XEv
}
} else if (ButtonRelease == event->type) {
if (OK_BUTTON == d->pressedButton) {
@@ -32,7 +34,7 @@
acceptAction(app);
} else {
if (d->okButton.pressed) {
-@@ -1365,7 +1365,7 @@
+@@ -1365,7 +1365,7 @@ void handleButtonPress(AppInfo *app, XEv
}
}
} else if (CANCEL_BUTTON == d->pressedButton) {
@@ -41,7 +43,7 @@
cancelAction(app);
} else {
if (d->cancelButton.pressed) {
-@@ -1385,7 +1385,7 @@
+@@ -1385,7 +1385,7 @@ void handlePointerMotion(AppInfo *app, X
if (NO_BUTTON == d->pressedButton) {
return;
} else if (OK_BUTTON == d->pressedButton) {
@@ -50,7 +52,7 @@
if (!(d->okButton.pressed)) {
d->okButton.pressed = True;
paintButton(app, d->dialogWindow, d->okButton);
-@@ -1397,7 +1397,7 @@
+@@ -1397,7 +1397,7 @@ void handlePointerMotion(AppInfo *app, X
}
}
} else if (CANCEL_BUTTON == d->pressedButton) {
@@ -59,9 +61,11 @@
if (!(d->cancelButton.pressed)) {
d->cancelButton.pressed = True;
paintButton(app, d->dialogWindow, d->cancelButton);
---- x11-ssh-askpass.h
+Index: x11-ssh-askpass.h
+===================================================================
+--- x11-ssh-askpass.h.orig
+++ x11-ssh-askpass.h
-@@ -258,7 +258,7 @@
+@@ -258,7 +258,7 @@ void erasePassphrase(AppInfo *app);
void addToPassphrase(AppInfo *app, char c);
void handleKeyPress(AppInfo *app, XEvent *event);
++++++ openssh-5.6p1-audit.patch -> openssh-5.7p1-audit.patch ++++++
--- openssh/openssh-5.6p1-audit.patch 2010-08-24 15:52:52.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-audit.patch 2011-01-24 12:48:01.000000000 +0100
@@ -1,9 +1,9 @@
# add support for Linux audit (FATE #120269)
================================================================================
-Index: openssh-5.6p1/Makefile.in
+Index: openssh-5.7p1/Makefile.in
===================================================================
---- openssh-5.6p1.orig/Makefile.in
-+++ openssh-5.6p1/Makefile.in
+--- openssh-5.7p1.orig/Makefile.in
++++ openssh-5.7p1/Makefile.in
@@ -46,6 +46,7 @@ LD=@LD@
CFLAGS=@CFLAGS@
CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
@@ -12,7 +12,7 @@
SSHDLIBS=@SSHDLIBS@
LIBEDIT=@LIBEDIT@
AR=@AR@
-@@ -142,7 +143,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
+@@ -145,7 +146,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
@@ -21,10 +21,10 @@
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-Index: openssh-5.6p1/auth.c
+Index: openssh-5.7p1/auth.c
===================================================================
---- openssh-5.6p1.orig/auth.c
-+++ openssh-5.6p1/auth.c
+--- openssh-5.7p1.orig/auth.c
++++ openssh-5.7p1/auth.c
@@ -293,6 +293,12 @@ auth_log(Authctxt *authctxt, int authent
get_canonical_hostname(options.use_dns), "ssh", &loginmsg);
# endif
@@ -38,7 +38,7 @@
#ifdef SSH_AUDIT_EVENTS
if (authenticated == 0 && !authctxt->postponed)
audit_event(audit_classify_auth(method));
-@@ -586,6 +592,10 @@ getpwnamallow(const char *user)
+@@ -592,6 +598,10 @@ getpwnamallow(const char *user)
record_failed_login(user,
get_canonical_hostname(options.use_dns), "ssh");
#endif
@@ -49,11 +49,11 @@
#ifdef SSH_AUDIT_EVENTS
audit_event(SSH_INVALID_USER);
#endif /* SSH_AUDIT_EVENTS */
-Index: openssh-5.6p1/config.h.in
+Index: openssh-5.7p1/config.h.in
===================================================================
---- openssh-5.6p1.orig/config.h.in
-+++ openssh-5.6p1/config.h.in
-@@ -1424,6 +1424,9 @@
+--- openssh-5.7p1.orig/config.h.in
++++ openssh-5.7p1/config.h.in
+@@ -1460,6 +1460,9 @@
/* Define if you want SELinux support. */
#undef WITH_SELINUX
@@ -63,11 +63,11 @@
/* Define to 1 if your processor stores words with the most significant byte
first (like Motorola and SPARC, unlike Intel and VAX). */
#undef WORDS_BIGENDIAN
-Index: openssh-5.6p1/configure.ac
+Index: openssh-5.7p1/configure.ac
===================================================================
---- openssh-5.6p1.orig/configure.ac
-+++ openssh-5.6p1/configure.ac
-@@ -3393,6 +3393,20 @@ AC_ARG_WITH(selinux,
+--- openssh-5.7p1.orig/configure.ac
++++ openssh-5.7p1/configure.ac
+@@ -3521,6 +3521,20 @@ AC_ARG_WITH(selinux,
fi ]
)
@@ -88,7 +88,7 @@
# Check whether user wants Kerberos 5 support
KRB5_MSG="no"
AC_ARG_WITH(kerberos5,
-@@ -4185,6 +4199,7 @@ echo " PAM support
+@@ -4315,6 +4329,7 @@ echo " PAM support
echo " OSF SIA support: $SIA_MSG"
echo " KerberosV support: $KRB5_MSG"
echo " SELinux support: $SELINUX_MSG"
@@ -96,10 +96,10 @@
echo " Smartcard support: $SCARD_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wrappers support: $TCPW_MSG"
-Index: openssh-5.6p1/loginrec.c
+Index: openssh-5.7p1/loginrec.c
===================================================================
---- openssh-5.6p1.orig/loginrec.c
-+++ openssh-5.6p1/loginrec.c
+--- openssh-5.7p1.orig/loginrec.c
++++ openssh-5.7p1/loginrec.c
@@ -176,6 +176,10 @@
#include "auth.h"
#include "buffer.h"
@@ -121,7 +121,7 @@
int lastlog_write_entry(struct logininfo *li);
int syslogin_write_entry(struct logininfo *li);
-@@ -441,6 +448,10 @@ login_write(struct logininfo *li)
+@@ -442,6 +449,10 @@ login_write(struct logininfo *li)
/* set the timestamp */
login_set_current_time(li);
@@ -132,7 +132,7 @@
#ifdef USE_LOGIN
syslogin_write_entry(li);
#endif
-@@ -1399,6 +1410,87 @@ wtmpx_get_entry(struct logininfo *li)
+@@ -1406,6 +1417,87 @@ wtmpx_get_entry(struct logininfo *li)
}
#endif /* USE_WTMPX */
@@ -220,10 +220,10 @@
/**
** Low-level libutil login() functions
**/
-Index: openssh-5.6p1/loginrec.h
+Index: openssh-5.7p1/loginrec.h
===================================================================
---- openssh-5.6p1.orig/loginrec.h
-+++ openssh-5.6p1/loginrec.h
+--- openssh-5.7p1.orig/loginrec.h
++++ openssh-5.7p1/loginrec.h
@@ -127,5 +127,9 @@ char *line_stripname(char *dst, const ch
char *line_abbrevname(char *dst, const char *src, int dstsize);
++++++ openssh-5.6p1-blocksigalrm.diff -> openssh-5.7p1-blocksigalrm.diff ++++++
--- openssh/openssh-5.6p1-blocksigalrm.diff 2010-08-24 15:52:52.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-blocksigalrm.diff 2011-01-24 12:48:02.000000000 +0100
@@ -1,4 +1,6 @@
---- log.c
+Index: log.c
+===================================================================
+--- log.c.orig
+++ log.c
@@ -51,6 +51,7 @@
@@ -8,7 +10,7 @@
static LogLevel log_level = SYSLOG_LEVEL_INFO;
static int log_on_stderr = 1;
-@@ -336,6 +337,7 @@
+@@ -336,6 +337,7 @@ do_log(LogLevel level, const char *fmt,
char fmtbuf[MSGBUFSIZ];
char *txt = NULL;
int pri = LOG_INFO;
@@ -16,22 +18,22 @@
int saved_errno = errno;
if (level > log_level)
-@@ -387,6 +389,14 @@
+@@ -387,6 +389,14 @@ do_log(LogLevel level, const char *fmt,
snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
write(STDERR_FILENO, msgbuf, strlen(msgbuf));
} else {
+ /* Prevent a race between the grace_alarm
+ * which writes a log message and terminates
-+ * and main sshd code that leads to deadlock
++ * and main sshd code that leads to deadlock
+ * as syslog is not async safe.
-+ */
++ */
+ sigemptyset(&nset);
+ sigaddset(&nset, SIGALRM);
+ sigprocmask(SIG_BLOCK, &nset, &oset);
#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
syslog_r(pri, &sdata, "%.500s", fmtbuf);
-@@ -396,6 +406,7 @@
+@@ -396,6 +406,7 @@ do_log(LogLevel level, const char *fmt,
syslog(pri, "%.500s", fmtbuf);
closelog();
#endif
++++++ openssh-5.6p1-default-protocol.diff -> openssh-5.7p1-default-protocol.diff ++++++
++++++ openssh-5.6p1.dif -> openssh-5.7p1.dif ++++++
--- openssh/openssh-5.6p1.dif 2010-08-24 15:52:58.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1.dif 2011-01-24 12:48:19.000000000 +0100
@@ -17,7 +17,7 @@
+# remote side (the "spoofed" X-server by the remote sshd) can read your
+# keystrokes as you type, just like any other X11 client could do.
+# Set this to "no" here for global effect or in your own ~/.ssh/config
-+# file if you want to have the remote X11 authentification data to
++# file if you want to have the remote X11 authentification data to
+# expire after two minutes after remote login.
+ForwardX11Trusted yes
+
@@ -28,12 +28,12 @@
===================================================================
--- sshd_config.orig
+++ sshd_config
-@@ -86,7 +86,7 @@
+@@ -87,7 +87,7 @@
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
-#X11Forwarding no
-+X11Forwarding yes
++X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
++++++ openssh-5.6p1-eal3.diff -> openssh-5.7p1-eal3.diff ++++++
--- openssh/openssh-5.6p1-eal3.diff 2010-08-24 15:52:53.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-eal3.diff 2011-01-24 12:48:04.000000000 +0100
@@ -1,26 +1,26 @@
-Index: openssh-5.6p1/sshd.8
+Index: openssh-5.7p1/sshd.8
===================================================================
---- openssh-5.6p1.orig/sshd.8
-+++ openssh-5.6p1/sshd.8
-@@ -850,7 +850,7 @@ Contains Diffie-Hellman groups used for
+--- openssh-5.7p1.orig/sshd.8
++++ openssh-5.7p1/sshd.8
+@@ -855,7 +855,7 @@ Contains Diffie-Hellman groups used for
The file format is described in
.Xr moduli 5 .
.Pp
--.It /etc/motd
-+.It /etc/lib/motd
+-.It Pa /etc/motd
++.It Pa /etc/lib/motd
See
.Xr motd 5 .
.Pp
-@@ -863,7 +863,7 @@ are displayed to anyone trying to log in
+@@ -868,7 +868,7 @@ are displayed to anyone trying to log in
refused.
The file should be world-readable.
.Pp
--.It /etc/shosts.equiv
-+.It /etc/ssh/shosts.equiv
+-.It Pa /etc/shosts.equiv
++.It Pa /etc/ssh/shosts.equiv
This file is used in exactly the same way as
.Pa hosts.equiv ,
but allows host-based authentication without permitting login with
-@@ -940,8 +940,7 @@ The content of this file is not sensitiv
+@@ -947,8 +947,7 @@ The content of this file is not sensitiv
.Xr ssh-keyscan 1 ,
.Xr chroot 2 ,
.Xr hosts_access 5 ,
@@ -30,11 +30,11 @@
.Xr sshd_config 5 ,
.Xr inetd 8 ,
.Xr sftp-server 8
-Index: openssh-5.6p1/sshd_config.5
+Index: openssh-5.7p1/sshd_config.5
===================================================================
---- openssh-5.6p1.orig/sshd_config.5
-+++ openssh-5.6p1/sshd_config.5
-@@ -496,7 +496,7 @@ or
+--- openssh-5.7p1.orig/sshd_config.5
++++ openssh-5.7p1/sshd_config.5
+@@ -497,7 +497,7 @@ or
.Pp
.Pa /etc/hosts.equiv
and
++++++ openssh-5.6p1-engines.diff -> openssh-5.7p1-engines.diff ++++++
--- openssh/openssh-5.6p1-engines.diff 2010-08-24 15:52:53.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-engines.diff 2011-01-24 12:48:05.000000000 +0100
@@ -1,7 +1,7 @@
-Index: openssh-5.6p1/ssh-add.c
+Index: openssh-5.7p1/ssh-add.c
===================================================================
---- openssh-5.6p1.orig/ssh-add.c
-+++ openssh-5.6p1/ssh-add.c
+--- openssh-5.7p1.orig/ssh-add.c
++++ openssh-5.7p1/ssh-add.c
@@ -43,6 +43,7 @@
#include <openssl/evp.h>
@@ -10,9 +10,9 @@
#include <fcntl.h>
#include <pwd.h>
-@@ -374,6 +375,10 @@ main(int argc, char **argv)
+@@ -377,6 +378,10 @@ main(int argc, char **argv)
- SSLeay_add_all_algorithms();
+ OpenSSL_add_all_algorithms();
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
@@ -21,10 +21,10 @@
/* At first, get a connection to the authentication agent. */
ac = ssh_get_authentication_connection();
if (ac == NULL) {
-Index: openssh-5.6p1/ssh-agent.c
+Index: openssh-5.7p1/ssh-agent.c
===================================================================
---- openssh-5.6p1.orig/ssh-agent.c
-+++ openssh-5.6p1/ssh-agent.c
+--- openssh-5.7p1.orig/ssh-agent.c
++++ openssh-5.7p1/ssh-agent.c
@@ -52,6 +52,7 @@
#include <openssl/evp.h>
#include <openssl/md5.h>
@@ -33,9 +33,9 @@
#include <errno.h>
#include <fcntl.h>
-@@ -1094,6 +1095,10 @@ main(int ac, char **av)
+@@ -1153,6 +1154,10 @@ main(int ac, char **av)
- SSLeay_add_all_algorithms();
+ OpenSSL_add_all_algorithms();
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
@@ -44,10 +44,10 @@
__progname = ssh_get_progname(av[0]);
init_rng();
seed_rng();
-Index: openssh-5.6p1/ssh-keygen.c
+Index: openssh-5.7p1/ssh-keygen.c
===================================================================
---- openssh-5.6p1.orig/ssh-keygen.c
-+++ openssh-5.6p1/ssh-keygen.c
+--- openssh-5.7p1.orig/ssh-keygen.c
++++ openssh-5.7p1/ssh-keygen.c
@@ -22,6 +22,7 @@
#include <openssl/evp.h>
#include <openssl/pem.h>
@@ -56,10 +56,10 @@
#include <errno.h>
#include <fcntl.h>
-@@ -1782,6 +1783,11 @@ main(int argc, char **argv)
+@@ -1815,6 +1816,11 @@ main(int argc, char **argv)
__progname = ssh_get_progname(argv[0]);
- SSLeay_add_all_algorithms();
+ OpenSSL_add_all_algorithms();
+
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
@@ -68,10 +68,10 @@
log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
init_rng();
-Index: openssh-5.6p1/ssh-keysign.c
+Index: openssh-5.7p1/ssh-keysign.c
===================================================================
---- openssh-5.6p1.orig/ssh-keysign.c
-+++ openssh-5.6p1/ssh-keysign.c
+--- openssh-5.7p1.orig/ssh-keysign.c
++++ openssh-5.7p1/ssh-keysign.c
@@ -38,6 +38,7 @@
#include <openssl/evp.h>
#include <openssl/rand.h>
@@ -83,7 +83,7 @@
@@ -195,6 +196,11 @@ main(int argc, char **argv)
fatal("could not open any host key");
- SSLeay_add_all_algorithms();
+ OpenSSL_add_all_algorithms();
+
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
@@ -92,11 +92,11 @@
for (i = 0; i < 256; i++)
rnd[i] = arc4random();
RAND_seed(rnd, sizeof(rnd));
-Index: openssh-5.6p1/ssh.c
+Index: openssh-5.7p1/ssh.c
===================================================================
---- openssh-5.6p1.orig/ssh.c
-+++ openssh-5.6p1/ssh.c
-@@ -74,6 +74,7 @@
+--- openssh-5.7p1.orig/ssh.c
++++ openssh-5.7p1/ssh.c
+@@ -75,6 +75,7 @@
#include <openssl/err.h>
#include "openbsd-compat/openssl-compat.h"
#include "openbsd-compat/sys-queue.h"
@@ -104,8 +104,8 @@
#include "xmalloc.h"
#include "ssh.h"
-@@ -602,6 +603,10 @@ main(int ac, char **av)
- SSLeay_add_all_algorithms();
+@@ -601,6 +602,10 @@ main(int ac, char **av)
+ OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
+ /* Init available hardware crypto engines. */
@@ -115,10 +115,10 @@
/* Initialize the command to execute on remote host. */
buffer_init(&command);
-Index: openssh-5.6p1/sshd.c
+Index: openssh-5.7p1/sshd.c
===================================================================
---- openssh-5.6p1.orig/sshd.c
-+++ openssh-5.6p1/sshd.c
+--- openssh-5.7p1.orig/sshd.c
++++ openssh-5.7p1/sshd.c
@@ -77,6 +77,7 @@
#include <openssl/md5.h>
#include <openssl/rand.h>
@@ -127,9 +127,9 @@
#ifdef HAVE_SECUREWARE
#include <sys/security.h>
-@@ -1471,6 +1472,10 @@ main(int ac, char **av)
+@@ -1474,6 +1475,10 @@ main(int ac, char **av)
- SSLeay_add_all_algorithms();
+ OpenSSL_add_all_algorithms();
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
++++++ openssh-5.6p1-gssapimitm.patch -> openssh-5.7p1-gssapimitm.patch ++++++
--- openssh/openssh-5.6p1-gssapimitm.patch 2010-08-24 15:52:53.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-gssapimitm.patch 2011-01-24 12:48:07.000000000 +0100
@@ -22,9 +22,9 @@
SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE,
&input_gssapi_exchange_complete);
+
-+ /*
-+ * Old style 'gssapi' didn't have the GSSAPI_MIC
-+ * and went straight to sending exchange_complete
++ /*
++ * Old style 'gssapi' didn't have the GSSAPI_MIC
++ * and went straight to sending exchange_complete
+ */
+ if (options.gss_enable_mitm)
+ dispatch_set(
@@ -68,7 +68,7 @@
===================================================================
--- readconf.c.orig
+++ readconf.c
-@@ -126,7 +126,7 @@ typedef enum {
+@@ -128,7 +128,7 @@ typedef enum {
oHostKeyAlgorithms, oBindAddress, oPKCS11Provider,
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
@@ -77,7 +77,7 @@
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
oSendEnv, oControlPath, oControlMaster, oControlPersist,
oHashKnownHosts,
-@@ -167,9 +167,11 @@ static struct {
+@@ -170,9 +170,11 @@ static struct {
#if defined(GSSAPI)
{ "gssapiauthentication", oGssAuthentication },
{ "gssapidelegatecredentials", oGssDelegateCreds },
@@ -89,18 +89,18 @@
#endif
{ "fallbacktorsh", oDeprecated },
{ "usersh", oDeprecated },
-@@ -477,6 +479,10 @@ parse_flag:
- case oGssDelegateCreds:
+@@ -483,6 +485,10 @@ parse_flag:
intptr = &options->gss_deleg_creds;
goto parse_flag;
-+
+
+ case oGssEnableMITM:
+ intptr = &options->gss_enable_mitm;
+ goto parse_flag;
-
++
case oBatchMode:
intptr = &options->batch_mode;
-@@ -1059,6 +1065,7 @@ initialize_options(Options * options)
+ goto parse_flag;
+@@ -1093,6 +1099,7 @@ initialize_options(Options * options)
options->challenge_response_authentication = -1;
options->gss_authentication = -1;
options->gss_deleg_creds = -1;
@@ -108,7 +108,7 @@
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
options->kbd_interactive_devices = NULL;
-@@ -1158,6 +1165,8 @@ fill_default_options(Options * options)
+@@ -1195,6 +1202,8 @@ fill_default_options(Options * options)
options->gss_authentication = 0;
if (options->gss_deleg_creds == -1)
options->gss_deleg_creds = 0;
@@ -133,7 +133,7 @@
===================================================================
--- servconf.c.orig
+++ servconf.c
-@@ -94,6 +94,7 @@ initialize_server_options(ServerOptions
+@@ -98,6 +98,7 @@ initialize_server_options(ServerOptions
options->kerberos_get_afs_token = -1;
options->gss_authentication=-1;
options->gss_cleanup_creds = -1;
@@ -141,7 +141,7 @@
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
options->challenge_response_authentication = -1;
-@@ -217,6 +218,8 @@ fill_default_server_options(ServerOption
+@@ -228,6 +229,8 @@ fill_default_server_options(ServerOption
options->gss_authentication = 0;
if (options->gss_cleanup_creds == -1)
options->gss_cleanup_creds = 1;
@@ -150,7 +150,7 @@
if (options->password_authentication == -1)
options->password_authentication = 1;
if (options->kbd_interactive_authentication == -1)
-@@ -307,7 +310,7 @@ typedef enum {
+@@ -322,7 +325,7 @@ typedef enum {
sBanner, sUseDNS, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
@@ -159,7 +159,7 @@
sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
sUsePrivilegeSeparation, sAllowAgentForwarding,
sZeroKnowledgePasswordAuthentication, sHostCertificate,
-@@ -370,9 +373,11 @@ static struct {
+@@ -386,9 +389,11 @@ static struct {
#ifdef GSSAPI
{ "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
{ "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
@@ -171,22 +171,22 @@
#endif
{ "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
-@@ -929,6 +934,10 @@ process_server_config_line(ServerOptions
- case sGssCleanupCreds:
+@@ -948,6 +953,10 @@ process_server_config_line(ServerOptions
intptr = &options->gss_cleanup_creds;
goto parse_flag;
-+
+
+ case sGssEnableMITM:
+ intptr = &options->gss_enable_mitm;
+ goto parse_flag;
-
++
case sPasswordAuthentication:
intptr = &options->password_authentication;
+ goto parse_flag;
Index: servconf.h
===================================================================
--- servconf.h.orig
+++ servconf.h
-@@ -95,6 +95,7 @@ typedef struct {
+@@ -98,6 +98,7 @@ typedef struct {
* authenticated with Kerberos. */
int gss_authentication; /* If true, permit GSSAPI authentication */
int gss_cleanup_creds; /* If true, destroy cred cache on logout */
@@ -203,11 +203,11 @@
# TunnelDevice any:any
# PermitLocalCommand no
+# GSSAPIAuthentication no
-+# GSSAPIDelegateCredentials no
++# GSSAPIDelegateCredentials no
+
+# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication
+# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included
-+# in this release. The use of 'gssapi' is deprecated due to the presence of
++# in this release. The use of 'gssapi' is deprecated due to the presence of
+# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to.
+# GSSAPIEnableMITMAttack no
+
@@ -218,7 +218,7 @@
===================================================================
--- sshconnect2.c.orig
+++ sshconnect2.c
-@@ -263,6 +263,10 @@ Authmethod authmethods[] = {
+@@ -324,6 +324,10 @@ Authmethod authmethods[] = {
NULL,
&options.gss_authentication,
NULL},
@@ -229,12 +229,12 @@
#endif
{"hostbased",
userauth_hostbased,
-@@ -640,7 +644,9 @@ process_gssapi_token(void *ctxt, gss_buf
+@@ -701,7 +705,9 @@ process_gssapi_token(void *ctxt, gss_buf
if (status == GSS_S_COMPLETE) {
/* send either complete or MIC, depending on mechanism */
- if (!(flags & GSS_C_INTEG_FLAG)) {
-+
++
+ if (strcmp(authctxt->method->name,"gssapi")==0 ||
+ (!(flags & GSS_C_INTEG_FLAG))) {
packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE);
@@ -244,16 +244,15 @@
===================================================================
--- sshd_config.orig
+++ sshd_config
-@@ -72,6 +72,13 @@ PasswordAuthentication no
+@@ -73,6 +73,12 @@ PasswordAuthentication no
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
+# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication
+# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included
-+# in this release. The use of 'gssapi' is deprecated due to the presence of
++# in this release. The use of 'gssapi' is deprecated due to the presence of
+# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to.
+#GSSAPIEnableMITMAttack no
-+
+
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
++++++ openssh-5.6p1-homechroot.patch -> openssh-5.7p1-homechroot.patch ++++++
--- openssh/openssh-5.6p1-homechroot.patch 2010-08-24 15:52:54.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-homechroot.patch 2011-01-24 12:48:08.000000000 +0100
@@ -48,7 +48,7 @@
static void do_authenticated1(Authctxt *);
static void do_authenticated2(Authctxt *);
-@@ -806,6 +808,11 @@ do_exec(Session *s, const char *command)
+@@ -808,6 +810,11 @@ do_exec(Session *s, const char *command)
debug("Forced command (key option) '%.900s'", command);
}
@@ -60,7 +60,7 @@
#ifdef SSH_AUDIT_EVENTS
if (command != NULL)
PRIVSEP(audit_run_command(command));
-@@ -1419,6 +1426,63 @@ do_nologin(struct passwd *pw)
+@@ -1421,6 +1428,63 @@ do_nologin(struct passwd *pw)
}
/*
@@ -117,14 +117,14 @@
+ }
+ }
+ fatal ("chroot into directory without nodev or nosuid");
-+ }
++ }
+}
+
+/*
* Chroot into a directory after checking it for safety: all path components
* must be root-owned directories with strict permissions.
*/
-@@ -1428,6 +1492,7 @@ safely_chroot(const char *path, uid_t ui
+@@ -1430,6 +1494,7 @@ safely_chroot(const char *path, uid_t ui
const char *cp;
char component[MAXPATHLEN];
struct stat st;
@@ -132,7 +132,7 @@
if (*path != '/')
fatal("chroot path does not begin at root");
-@@ -1439,7 +1504,7 @@ safely_chroot(const char *path, uid_t ui
+@@ -1441,7 +1506,7 @@ safely_chroot(const char *path, uid_t ui
* root-owned directory with strict permissions.
*/
for (cp = path; cp != NULL;) {
@@ -141,7 +141,7 @@
strlcpy(component, path, sizeof(component));
else {
cp++;
-@@ -1452,14 +1517,20 @@ safely_chroot(const char *path, uid_t ui
+@@ -1454,14 +1519,20 @@ safely_chroot(const char *path, uid_t ui
if (stat(component, &st) != 0)
fatal("%s: stat(\"%s\"): %s", __func__,
component, strerror(errno));
@@ -163,7 +163,7 @@
}
if (chdir(path) == -1)
-@@ -1470,6 +1541,10 @@ safely_chroot(const char *path, uid_t ui
+@@ -1472,6 +1543,10 @@ safely_chroot(const char *path, uid_t ui
if (chdir("/") == -1)
fatal("%s: chdir(/) after chroot: %s",
__func__, strerror(errno));
@@ -257,7 +257,7 @@
===================================================================
--- sshd_config.5.orig
+++ sshd_config.5
-@@ -269,6 +269,17 @@ inside the chroot directory (see
+@@ -268,6 +268,17 @@ inside the chroot directory (see
.Xr sftp-server 8
for details).
.Pp
@@ -267,7 +267,7 @@
+%h or
+.Cm ChrootDirectory
+/some/path/%u. The file system containing this directory must be
-+mounted with options nodev and either nosuid or noexec. The owner of the
++mounted with options nodev and either nosuid or noexec. The owner of the
+directory should be the user. The ownership of the other components of the path
+must fulfill the usual conditions. No aditional files are required to be present
+in the directory.
++++++ openssh-5.6p1-host_ident.diff -> openssh-5.7p1-host_ident.diff ++++++
--- openssh/openssh-5.6p1-host_ident.diff 2010-08-24 15:52:54.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-host_ident.diff 2011-01-24 12:48:10.000000000 +0100
@@ -1,14 +1,14 @@
-Index: openssh-5.5p1/sshconnect.c
+Index: openssh-5.7p1/sshconnect.c
===================================================================
---- openssh-5.5p1.orig/sshconnect.c
-+++ openssh-5.5p1/sshconnect.c
-@@ -916,6 +916,11 @@ check_host_key(char *hostname, struct so
- error("Add correct host key in %.100s to get rid of this message.",
+--- openssh-5.7p1.orig/sshconnect.c
++++ openssh-5.7p1/sshconnect.c
+@@ -958,6 +958,11 @@ check_host_key(char *hostname, struct so
user_hostfile);
- error("Offending key in %s:%d", host_file, host_line);
+ error("Offending %s key in %s:%lu", key_type(host_found->key),
+ host_found->file, host_found->line);
+ error("You can use following command to remove all keys for this IP:");
-+ if (ip_file)
-+ error("ssh-keygen -R %s -f %s", hostname, ip_file);
++ if (host_found->file)
++ error("ssh-keygen -R %s -f %s", hostname, host_found->file);
+ else
+ error("ssh-keygen -R %s", hostname);
++++++ openssh-5.6p1-pam-fix2.diff -> openssh-5.7p1-pam-fix2.diff ++++++
--- openssh/openssh-5.6p1-pam-fix2.diff 2010-08-24 15:52:54.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-pam-fix2.diff 2011-01-24 12:48:11.000000000 +0100
@@ -2,7 +2,7 @@
===================================================================
--- sshd_config.orig
+++ sshd_config
-@@ -56,7 +56,7 @@
+@@ -57,7 +57,7 @@
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
@@ -11,7 +11,7 @@
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
-@@ -81,7 +81,7 @@
+@@ -82,7 +82,7 @@
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
++++++ openssh-5.6p1-pam-fix2.diff -> openssh-5.7p1-pam-fix3.diff ++++++
--- openssh/openssh-5.6p1-pam-fix2.diff 2010-08-24 15:52:54.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-pam-fix3.diff 2011-01-24 12:48:12.000000000 +0100
@@ -1,22 +1,15 @@
-Index: sshd_config
+Index: auth-pam.c
===================================================================
---- sshd_config.orig
-+++ sshd_config
-@@ -56,7 +56,7 @@
- #IgnoreRhosts yes
-
- # To disable tunneled clear text passwords, change to no here!
--#PasswordAuthentication yes
-+PasswordAuthentication no
- #PermitEmptyPasswords no
-
- # Change to no to disable s/key passwords
-@@ -81,7 +81,7 @@
- # If you just want the PAM account and session checks to run without
- # PAM authentication, then enable this but set PasswordAuthentication
- # and ChallengeResponseAuthentication to 'no'.
--#UsePAM no
-+UsePAM yes
-
- #AllowAgentForwarding yes
- #AllowTcpForwarding yes
+--- auth-pam.c.orig
++++ auth-pam.c
+@@ -786,7 +786,9 @@ sshpam_query(void *ctx, char **name, cha
+ fatal("Internal error: PAM auth "
+ "succeeded when it should have "
+ "failed");
+- import_environments(&buffer);
++#ifndef USE_POSIX_THREADS
++ import_environments(&buffer);
++#endif
+ *num = 0;
+ **echo_on = 0;
+ ctxt->pam_done = 1;
++++++ openssh-5.6p1-pts.diff -> openssh-5.7p1-pts.diff ++++++
--- openssh/openssh-5.6p1-pts.diff 2010-08-24 15:52:55.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-pts.diff 2011-01-24 12:48:13.000000000 +0100
@@ -2,7 +2,7 @@
===================================================================
--- loginrec.c.orig
+++ loginrec.c
-@@ -554,7 +554,7 @@ getlast_entry(struct logininfo *li)
+@@ -555,7 +555,7 @@ getlast_entry(struct logininfo *li)
* 1. The full filename (including '/dev')
* 2. The stripped name (excluding '/dev')
* 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
@@ -11,7 +11,7 @@
*
* Form 3 is used on some systems to identify a .tmp.? entry when
* attempting to remove it. Typically both addition and removal is
-@@ -615,6 +615,10 @@ line_abbrevname(char *dst, const char *s
+@@ -616,6 +616,10 @@ line_abbrevname(char *dst, const char *s
if (strncmp(src, "tty", 3) == 0)
src += 3;
#endif
++++++ openssh-5.6p1-saveargv-fix.diff -> openssh-5.7p1-saveargv-fix.diff ++++++
--- openssh/openssh-5.6p1-saveargv-fix.diff 2010-08-24 15:52:56.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-saveargv-fix.diff 2011-01-24 12:48:14.000000000 +0100
@@ -10,7 +10,7 @@
logit("Received SIGHUP; restarting.");
close_listen_socks();
close_startup_pipes();
-@@ -1316,7 +1317,11 @@ main(int ac, char **av)
+@@ -1319,7 +1320,11 @@ main(int ac, char **av)
#ifndef HAVE_SETPROCTITLE
/* Prepare for later setproctitle emulation */
compat_init_setproctitle(ac, av);
++++++ openssh-5.7p1-selinux.diff ++++++
Index: openssh-5.7p1/ChangeLog
===================================================================
--- openssh-5.7p1.orig/ChangeLog
+++ openssh-5.7p1/ChangeLog
@@ -1,3 +1,10 @@
+20110125
+ - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
+ openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
+ port-linux.c to avoid compilation errors. Add -lselinux to ssh when
+ building with SELinux support to avoid linking failure; report from
+ amk AT spamfence.net; ok dtucker
+
20110122
- (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
RSA_get_default_method() for the benefit of openssl versions that don't
Index: openssh-5.7p1/configure.ac
===================================================================
--- openssh-5.7p1.orig/configure.ac
+++ openssh-5.7p1/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.469 2011/01/21 22:37:05 dtucker Exp $
+# $Id: configure.ac,v 1.470 2011/01/25 01:16:17 djm Exp $
#
# Copyright (c) 1999-2004 Damien Miller
#
@@ -15,7 +15,7 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT(OpenSSH, Portable, openssh-unix-dev(a)mindrot.org)
-AC_REVISION($Revision: 1.469 $)
+AC_REVISION($Revision: 1.470 $)
AC_CONFIG_SRCDIR([ssh.c])
# local macros
@@ -737,7 +737,6 @@ mips-sony-bsd|mips-sony-newsos4)
[ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
[Define if you have Solaris process contracts])
SSHDLIBS="$SSHDLIBS -lcontract"
- AC_SUBST(SSHDLIBS)
SPC_MSG="yes" ], )
],
)
@@ -748,7 +747,6 @@ mips-sony-bsd|mips-sony-newsos4)
[ AC_DEFINE(USE_SOLARIS_PROJECTS, 1,
[Define if you have Solaris projects])
SSHDLIBS="$SSHDLIBS -lproject"
- AC_SUBST(SSHDLIBS)
SP_MSG="yes" ], )
],
)
@@ -3515,11 +3513,14 @@ AC_ARG_WITH(selinux,
LIBS="$LIBS -lselinux"
],
AC_MSG_ERROR(SELinux support requires libselinux library))
+ SSHLIBS="$SSHLIBS $LIBSELINUX"
SSHDLIBS="$SSHDLIBS $LIBSELINUX"
AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
LIBS="$save_LIBS"
fi ]
)
+AC_SUBST(SSHLIBS)
+AC_SUBST(SSHDLIBS)
# Check whether user wants Linux audit support
LINUX_AUDIT_MSG="no"
@@ -4356,6 +4357,9 @@ echo " Libraries: ${LIBS}"
if test ! -z "${SSHDLIBS}"; then
echo " +for sshd: ${SSHDLIBS}"
fi
+if test ! -z "${SSHLIBS}"; then
+echo " +for ssh: ${SSHLIBS}"
+fi
echo ""
Index: openssh-5.7p1/Makefile.in
===================================================================
--- openssh-5.7p1.orig/Makefile.in
+++ openssh-5.7p1/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.320 2011/01/17 10:15:29 dtucker Exp $
+# $Id: Makefile.in,v 1.321 2011/01/25 01:16:16 djm Exp $
# uncomment if you run a non bourne compatable shell. Ie. csh
#SHELL = @SH@
@@ -47,6 +47,7 @@ CFLAGS=@CFLAGS@
CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
LIBS=@LIBS@
LIBAUDIT=@LIBAUDIT@
+SSHLIBS=@SSHLIBS@
SSHDLIBS=@SSHDLIBS@
LIBEDIT=@LIBEDIT@
AR=@AR@
@@ -143,7 +144,7 @@ libssh.a: $(LIBSSH_OBJS)
$(RANLIB) $@
ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(LIBAUDIT)
Index: openssh-5.7p1/openbsd-compat/port-linux.c
===================================================================
--- openssh-5.7p1.orig/openbsd-compat/port-linux.c
+++ openssh-5.7p1/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.11 2011/01/17 07:50:24 dtucker Exp $ */
+/* $Id: port-linux.c,v 1.12 2011/01/25 01:16:18 djm Exp $ */
/*
* Copyright (c) 2005 Daniel Walsh <dwalsh(a)redhat.com>
@@ -205,6 +205,20 @@ ssh_selinux_change_context(const char *n
xfree(oldctx);
xfree(newctx);
}
+
+void
+ssh_selinux_setfscreatecon(const char *path)
+{
+ security_context_t context;
+
+ if (path == NULL) {
+ setfscreatecon(NULL);
+ return;
+ }
+ matchpathcon(path, 0700, &context);
+ setfscreatecon(context);
+}
+
#endif /* WITH_SELINUX */
#ifdef LINUX_OOM_ADJUST
Index: openssh-5.7p1/openbsd-compat/port-linux.h
===================================================================
--- openssh-5.7p1.orig/openbsd-compat/port-linux.h
+++ openssh-5.7p1/openbsd-compat/port-linux.h
@@ -1,4 +1,4 @@
-/* $Id: port-linux.h,v 1.4 2009/12/08 02:39:48 dtucker Exp $ */
+/* $Id: port-linux.h,v 1.5 2011/01/25 01:16:18 djm Exp $ */
/*
* Copyright (c) 2006 Damien Miller <djm(a)openbsd.org>
@@ -24,6 +24,7 @@ int ssh_selinux_enabled(void);
void ssh_selinux_setup_pty(char *, const char *);
void ssh_selinux_setup_exec_context(char *);
void ssh_selinux_change_context(const char *);
+void ssh_selinux_setfscreatecon(const char *);
#endif
#ifdef LINUX_OOM_ADJUST
Index: openssh-5.7p1/ssh.c
===================================================================
--- openssh-5.7p1.orig/ssh.c
+++ openssh-5.7p1/ssh.c
@@ -857,15 +857,12 @@ main(int ac, char **av)
strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
#ifdef WITH_SELINUX
- char *scon;
-
- matchpathcon(buf, 0700, &scon);
- setfscreatecon(scon);
+ ssh_selinux_setfscreatecon(buf);
#endif
if (mkdir(buf, 0700) < 0)
error("Could not create directory '%.200s'.", buf);
#ifdef WITH_SELINUX
- setfscreatecon(NULL);
+ ssh_selinux_setfscreatecon(NULL);
#endif
}
/* load options.identity_files */
++++++ openssh-5.6p1-send_locale.diff -> openssh-5.7p1-send_locale.diff ++++++
--- openssh/openssh-5.6p1-send_locale.diff 2010-08-24 15:52:56.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-send_locale.diff 2011-01-24 12:48:15.000000000 +0100
@@ -8,8 +8,8 @@
->>>>>>>
+# This enables sending locale enviroment variables LC_* LANG, see ssh_config(5).
-+SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
-+SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
++SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
++SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+SendEnv LC_IDENTIFICATION LC_ALL
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
@@ -22,8 +22,8 @@
Subsystem sftp /usr/libexec/sftp-server
+# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5).
-+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
-+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
++AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
++AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL
+
# Example of overriding settings on a per-user basis
++++++ openssh-5.6p1-sshconfig-knownhostschanges.diff -> openssh-5.7p1-sshconfig-knownhostschanges.diff ++++++
--- openssh/openssh-5.6p1-sshconfig-knownhostschanges.diff 2010-08-24 15:52:57.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-sshconfig-knownhostschanges.diff 2011-01-25 11:29:02.000000000 +0100
@@ -2,11 +2,12 @@
===================================================================
--- ssh_config.orig
+++ ssh_config
-@@ -67,5 +67,12 @@ ForwardX11Trusted yes
- SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
- SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+@@ -67,5 +67,13 @@ ForwardX11Trusted yes
+ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL
-# VisualHostKey no
++
+# This will print the fingerprint of the host key in "visual" form
+# this should make it easier to also recognize bad things
+VisualHostKey no
++++++ openssh-5.6p1.tar.bz2 -> openssh-5.7p1.tar.bz2 ++++++
++++ 19167 lines of diff (skipped)
++++++ openssh-5.6p1-xauth.diff -> openssh-5.7p1-xauth.diff ++++++
--- openssh/openssh-5.6p1-xauth.diff 2010-08-24 15:52:57.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-xauth.diff 2011-01-24 12:48:17.000000000 +0100
@@ -2,7 +2,7 @@
===================================================================
--- session.c.orig
+++ session.c
-@@ -2525,8 +2525,41 @@ void
+@@ -2463,8 +2463,41 @@ void
session_close(Session *s)
{
u_int i;
++++++ openssh-5.6p1-xauthlocalhostname.diff -> openssh-5.7p1-xauthlocalhostname.diff ++++++
--- openssh/openssh-5.6p1-xauthlocalhostname.diff 2010-08-24 15:52:58.000000000 +0200
+++ /mounts/work_src_done/STABLE/openssh/openssh-5.7p1-xauthlocalhostname.diff 2011-01-24 12:48:18.000000000 +0100
@@ -2,7 +2,7 @@
===================================================================
--- session.c.orig
+++ session.c
-@@ -1114,7 +1114,7 @@ copy_environment(char **source, char ***
+@@ -1116,7 +1116,7 @@ copy_environment(char **source, char ***
}
static char **
@@ -11,7 +11,7 @@
{
char buf[256];
u_int i, envsize;
-@@ -1301,6 +1301,8 @@ do_setup_env(Session *s, const char *she
+@@ -1303,6 +1303,8 @@ do_setup_env(Session *s, const char *she
for (i = 0; env[i]; i++)
fprintf(stderr, " %.200s\n", env[i]);
}
@@ -20,7 +20,7 @@
return env;
}
-@@ -1309,7 +1311,7 @@ do_setup_env(Session *s, const char *she
+@@ -1311,7 +1313,7 @@ do_setup_env(Session *s, const char *she
* first in this order).
*/
static void
@@ -29,12 +29,12 @@
{
FILE *f = NULL;
char cmd[1024];
-@@ -1363,12 +1365,20 @@ do_rc_files(Session *s, const char *shel
+@@ -1365,12 +1367,20 @@ do_rc_files(Session *s, const char *shel
options.xauth_location);
f = popen(cmd, "w");
if (f) {
+ char hostname[MAXHOSTNAMELEN];
-+
++
fprintf(f, "remove %s\n",
s->auth_display);
fprintf(f, "add %s %s %s\n",
@@ -50,7 +50,7 @@
} else {
fprintf(stderr, "Could not run %s\n",
cmd);
-@@ -1670,6 +1680,7 @@ do_child(Session *s, const char *command
+@@ -1608,6 +1618,7 @@ do_child(Session *s, const char *command
{
extern char **environ;
char **env;
@@ -58,7 +58,7 @@
char *argv[ARGV_MAX];
const char *shell, *shell0, *hostname = NULL;
struct passwd *pw = s->pw;
-@@ -1736,7 +1747,7 @@ do_child(Session *s, const char *command
+@@ -1674,7 +1685,7 @@ do_child(Session *s, const char *command
* Make sure $SHELL points to the shell from the password file,
* even if shell is overridden from login.conf
*/
@@ -67,7 +67,7 @@
#ifdef HAVE_LOGIN_CAP
shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);
-@@ -1805,7 +1816,7 @@ do_child(Session *s, const char *command
+@@ -1743,7 +1754,7 @@ do_child(Session *s, const char *command
closefrom(STDERR_FILENO + 1);
if (!options.use_login)
++++++ openssh-SuSE.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/SuSE/etc/init.d/sshd new/SuSE/etc/init.d/sshd
--- old/SuSE/etc/init.d/sshd 2009-07-12 21:42:53.000000000 +0200
+++ new/SuSE/etc/init.d/sshd 2011-01-25 11:54:41.000000000 +0100
@@ -56,6 +56,10 @@
echo Generating /etc/ssh/ssh_host_rsa_key.
ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
fi
+ if ! test -f /etc/ssh/ssh_host_ecdsa_key ; then
+ echo Generating /etc/ssh/ssh_host_ecdsa_key.
+ ssh-keygen -t ecdsa -b 256 -f /etc/ssh/ssh_host_ecdsa_key -N ''
+ fi
fi
echo -n "Starting SSH daemon"
## Start daemon with startproc(8). If this fails
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package postfix for openSUSE:Factory
checked in at Tue Feb 1 15:11:33 CET 2011.
--------
--- postfix/postfix.changes 2011-01-04 13:36:04.000000000 +0100
+++ /mounts/work_src_done/STABLE/postfix/postfix.changes 2011-01-17 11:01:11.000000000 +0100
@@ -1,0 +2,9 @@
+Mon Jan 17 09:56:32 UTC 2011 - chris(a)computersalat.de
+
+- add some min LDAP support for virtual LDAP-users
+ o sysconfig "WITH_LDAP"
+ o add ldap_aliases.cf
+ o SuSEconfig.postfix
+ virtual_alias_maps = ... ldap:/etc/postfix/ldap_aliases.cf
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
New:
----
postfix-SuSE-ldap.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ postfix.spec ++++++
--- /var/tmp/diff_new_pack.vbBcEs/_old 2011-02-01 15:09:50.000000000 +0100
+++ /var/tmp/diff_new_pack.vbBcEs/_new 2011-02-01 15:09:50.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package postfix (Version 2.7.2)
+# spec file for package postfix
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -22,7 +22,7 @@
Name: postfix
Summary: A fast, secure, and flexible mailer
Version: 2.7.2
-Release: 1
+Release: 2
License: IBM Public License ..
Group: Productivity/Networking/Email/Servers
Url: http://www.postfix.org/
@@ -38,6 +38,7 @@
Patch3: ipv6_disabled.patch
Patch10: %{name}-2.7.1-main.cf.patch
Patch11: %{name}-vda-2.7.1.patch
+Patch12: %{name}-SuSE-ldap.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: %insserv_prereq %fillup_prereq
PreReq: /usr/bin/getent
@@ -170,6 +171,7 @@
%patch3 -p1
%patch10 -p1
%patch11 -p1
+%patch12 -p0
# ---------------------------------------------------------------------------
%build
@@ -263,6 +265,7 @@
chmod 755 $RPM_BUILD_ROOT/sbin/conf.d/SuSEconfig.%{name}
install -m 644 %{name}-SuSE/master.cf $RPM_BUILD_ROOT/etc/%{name}/master.cf
install -m 644 %{name}-SuSE/dynamicmaps.cf $RPM_BUILD_ROOT/etc/%{name}/dynamicmaps.cf
+install -m 644 %{name}-SuSE/ldap_aliases.cf $RPM_BUILD_ROOT/etc/%{name}/ldap_aliases.cf
install -m 644 %{name}-SuSE/helo_access $RPM_BUILD_ROOT/etc/postfix/helo_access
install -m 644 %{name}-SuSE/permissions $RPM_BUILD_ROOT/etc/permissions.d/%{name}
install -m 644 %{name}-SuSE/sender_canonical $RPM_BUILD_ROOT/etc/%{name}/sender_canonical
@@ -503,6 +506,7 @@
%config(noreplace) /etc/%{name}/header_checks
%config(noreplace) /etc/%{name}/bounce.cf.default
%config(noreplace) /etc/%{name}/dynamicmaps.cf
+%config(noreplace) /etc/%{name}/ldap_aliases.cf
%config /etc/sysconfig/SuSEfirewall2.d/services/%{name}
%dir /etc/sasl2/
%config(noreplace) /etc/sasl2/smtpd.conf
++++++ postfix-SuSE-ldap.patch ++++++
diff -ruN postfix-SuSE-orig/ldap_aliases.cf postfix-SuSE/ldap_aliases.cf
--- postfix-SuSE-orig/ldap_aliases.cf 1970-01-01 01:00:00.000000000 +0100
+++ postfix-SuSE/ldap_aliases.cf 2011-01-17 10:43:12.000000000 +0100
@@ -0,0 +1,4 @@
+server_host = 127.0.0.1
+search_base = dc=mail,dc=net
+query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))(objectClass=posixAccount))
+result_attribute = uid
diff -ruN postfix-SuSE-orig/SuSEconfig.postfix postfix-SuSE/SuSEconfig.postfix
--- postfix-SuSE-orig/SuSEconfig.postfix 2010-11-25 16:15:29.000000000 +0100
+++ postfix-SuSE/SuSEconfig.postfix 2011-01-17 11:39:32.000000000 +0100
@@ -231,6 +231,8 @@
TMPDIR=$(mktemp -d /tmp/SuSEconfig.postfix.XXXXXX) || exit 1
PCONF="/usr/sbin/postconf -c $TMPDIR"
+ # needed when for WITH_LDAP
+ export POSTFIX_WITH_LDAP
# needed when for WITH_MYSQL
export POSTFIX_WITH_MYSQL
MCF_DIR=$TMPDIR
@@ -623,6 +625,11 @@
my $mncf = "$ENV{MCF_DIR}/main.cf";
my $line;
+my $with_ldap =
+ defined $ENV{POSTFIX_WITH_LDAP} ? $ENV{POSTFIX_WITH_LDAP} : "no";
+
+$with_ldap = lc($with_ldap);
+
my $with_mysql =
defined $ENV{POSTFIX_WITH_MYSQL} ? $ENV{POSTFIX_WITH_MYSQL} : "no";
@@ -634,10 +641,14 @@
chomp;
if( /\#?(virtual_alias_maps\s=\s).*/ ) {
- if ($with_mysql ne "yes") {
- $line = $1."hash:/etc/postfix/virtual";
- } else {
+ if ($with_mysql ne "yes" && $with_ldap ne "yes") {
+ $line = $1."hash:/etc/postfix/virtual";
+ } elsif ($with_ldap eq "yes" && $with_mysql ne "yes") {
+ $line = $1."hash:/etc/postfix/virtual ldap:/etc/postfix/ldap_aliases.cf";
+ } elsif ($with_mysql eq "yes" && $with_ldap ne "yes") {
$line = $1."hash:/etc/postfix/virtual mysql:/etc/postfix/mysql_virtual_alias_maps.cf";
+ } elsif ($with_mysql eq "yes" && $with_ldap eq "yes") {
+ $line = $1."hash:/etc/postfix/virtual ldap:/etc/postfix/ldap_aliases.cf mysql:/etc/postfix/mysql_virtual_alias_maps.cf";
}
} elsif( /\#?(virtual_uid_maps\s=.*)/ ) {
if ($with_mysql ne "yes") {
diff -ruN postfix-SuSE-orig/sysconfig.postfix postfix-SuSE/sysconfig.postfix
--- postfix-SuSE-orig/sysconfig.postfix 2010-07-06 16:57:01.000000000 +0200
+++ postfix-SuSE/sysconfig.postfix 2011-01-17 10:40:19.000000000 +0100
@@ -125,6 +125,15 @@
## Default: no
## Config: postfix
#
+# Set this to yes, if SuSEconfig should activate ldap stuff in main.cf
+# This extends virtual_alias_maps with "ldap:/etc/postfix/ldap_aliases.cf"
+#
+POSTFIX_WITH_LDAP="no"
+
+## Type: yesno
+## Default: no
+## Config: postfix
+#
# Set this to yes, if SuSEconfig should activate mysql stuff in main.cf
# and having 'mysql.sock' inside chroot jail
# Note: When POSTFIX_CHROOT="yes" then 'mysql.sock' will be available
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package unzip for openSUSE:Factory
checked in at Tue Feb 1 15:10:44 CET 2011.
--------
--- unzip/unzip.changes 2010-08-30 21:46:55.000000000 +0200
+++ /mounts/work_src_done/STABLE/unzip/unzip.changes 2011-01-28 14:51:03.000000000 +0100
@@ -1,0 +2,7 @@
+Fri Jan 28 13:50:13 UTC 2011 - lnussel(a)suse.de
+
+- use dlopen for librcc0. A direct requires causes lots of other
+ packages to get installed such as aspell which bloats a minimal
+ install.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ unzip.spec ++++++
--- /var/tmp/diff_new_pack.50ZZl2/_old 2011-02-01 15:09:00.000000000 +0100
+++ /var/tmp/diff_new_pack.50ZZl2/_new 2011-02-01 15:09:00.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package unzip (Version 6.00)
+# spec file for package unzip
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,11 +20,9 @@
Name: unzip
License: BSD3c
Group: Productivity/Archiving/Compression
-Provides: crunzip
-Obsoletes: crunzip
AutoReqProv: on
Version: 6.00
-Release: 2
+Release: 3
%define fileversion 60
Summary: A program to unpack compressed files
Source: %{name}%{fileversion}.tar.bz2
@@ -39,6 +37,7 @@
Patch11: unzip-no-build-date.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: librcc-devel
+Suggests: librcc0
%description
UnZip is an extraction utility for archives compressed in .zip format
@@ -65,8 +64,8 @@
%patch11
%build
-export RPM_OPT_FLAGS="%optflags -DLARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -fstack-protector -I."
-make %{?jobs:-j%jobs} -f unix/Makefile LF2=-lrcc linux_noasm
+export RPM_OPT_FLAGS="%optflags -DLARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -fstack-protector -I. -DRCC_LAZY -fno-strict-aliasing"
+make %{?jobs:-j%jobs} -f unix/Makefile LF2=-ldl linux_noasm
%install
mkdir -p $RPM_BUILD_ROOT{%{_bindir},%{_mandir}/man1}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package gcc45 for openSUSE:Factory
checked in at Tue Feb 1 15:09:27 CET 2011.
--------
--- gcc45/cross-hppa-gcc-icecream-backend.changes 2011-01-11 17:28:40.000000000 +0100
+++ /mounts/work_src_done/STABLE/gcc45/cross-hppa-gcc-icecream-backend.changes 2011-01-25 16:03:46.000000000 +0100
@@ -1,0 +2,5 @@
+Tue Jan 25 15:03:10 UTC 2011 - rguenther(a)novell.com
+
+- Add patch to accept ppl version 0.11.
+
+-------------------------------------------------------------------
cross-i386-gcc-icecream-backend.changes: same change
cross-ia64-gcc-icecream-backend.changes: same change
cross-ppc64-gcc-icecream-backend.changes: same change
cross-ppc-gcc-icecream-backend.changes: same change
cross-s390-gcc-icecream-backend.changes: same change
cross-s390x-gcc-icecream-backend.changes: same change
cross-x86_64-gcc-icecream-backend.changes: same change
gcc45.changes: same change
gcc45-testresults.changes: same change
libffi45.changes: same change
libgcj45.changes: same change
calling whatdependson for head-i586
New:
----
gcc45-allow-new-ppl.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cross-hppa-gcc-icecream-backend.spec ++++++
--- /var/tmp/diff_new_pack.p4ngC8/_old 2011-02-01 15:06:22.000000000 +0100
+++ /var/tmp/diff_new_pack.p4ngC8/_new 2011-02-01 15:06:22.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package cross-hppa-gcc-icecream-backend (Version 4.5.1_20101208)
+# spec file for package cross-hppa-gcc-icecream-backend
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -47,7 +47,7 @@
Url: http://gcc.gnu.org/
Version: 4.5.1_20101208
-Release: 2
+Release: 3
%define gcc_version %(echo %version | sed 's/_.*//')
%define gcc_dir_version %(echo %gcc_version | cut -d '.' -f 1-2)
%define snapshot_date %(echo %version | sed 's/[34]\.[0-9]\.[0-6]//' | sed 's/_/-/')
@@ -81,6 +81,7 @@
Patch30: gcc43-no-unwind-tables.diff
Patch31: pr43270.diff
Patch32: gcc45-disable-ipa-sra-O2.diff
+Patch33: gcc45-allow-new-ppl.diff
# A set of patches from the RH srpm
Patch51: gcc41-ia64-stack-protector.patch
Patch55: gcc41-java-slow_pthread_self.patch
@@ -178,6 +179,7 @@
%patch30
%patch31
%patch32
+%patch33
%patch51
%patch55
%patch57
cross-i386-gcc-icecream-backend.spec: same change
cross-ia64-gcc-icecream-backend.spec: same change
cross-ppc64-gcc-icecream-backend.spec: same change
cross-ppc-gcc-icecream-backend.spec: same change
cross-s390-gcc-icecream-backend.spec: same change
cross-s390x-gcc-icecream-backend.spec: same change
cross-x86_64-gcc-icecream-backend.spec: same change
gcc45.spec: same change
gcc45-testresults.spec: same change
libffi45.spec: same change
libgcj45.spec: same change
++++++ gcc45-allow-new-ppl.diff ++++++
Index: configure
===================================================================
--- configure (revision 159133)
+++ configure (revision 159134)
@@ -5801,8 +5801,6 @@ fi
# Check for PPL
-ppl_major_version=0
-ppl_minor_version=10
ppllibs=" -lppl_c -lppl -lgmpxx"
pplinc=
@@ -5859,8 +5857,8 @@ fi
if test "x$with_ppl" != "xno" -a "${ENABLE_PPL_CHECK}" = "yes"; then
saved_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS $pplinc $gmpinc"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for version $ppl_major_version.$ppl_minor_version of PPL" >&5
-$as_echo_n "checking for version $ppl_major_version.$ppl_minor_version of PPL... " >&6; }
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for version 0.10 (or later revision) of PPL" >&5
+$as_echo_n "checking for version 0.10 (or later revision) of PPL... " >&6; }
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
#include "ppl_c.h"
@@ -5868,7 +5866,7 @@ int
main ()
{
- #if PPL_VERSION_MAJOR != $ppl_major_version || PPL_VERSION_MINOR != $ppl_minor_version
+ #if PPL_VERSION_MAJOR != 0 || PPL_VERSION_MINOR < 10
choke me
#endif
Index: configure.ac
===================================================================
--- configure.ac (revision 159133)
+++ configure.ac (revision 159134)
@@ -1531,8 +1531,6 @@ AC_ARG_WITH(boot-ldflags,
AC_SUBST(poststage1_ldflags)
# Check for PPL
-ppl_major_version=0
-ppl_minor_version=10
ppllibs=" -lppl_c -lppl -lgmpxx"
pplinc=
@@ -1573,9 +1571,9 @@ ENABLE_PPL_CHECK=yes)
if test "x$with_ppl" != "xno" -a "${ENABLE_PPL_CHECK}" = "yes"; then
saved_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS $pplinc $gmpinc"
- AC_MSG_CHECKING([for version $ppl_major_version.$ppl_minor_version of PPL])
+ AC_MSG_CHECKING([for version 0.10 (or later revision) of PPL])
AC_TRY_COMPILE([#include "ppl_c.h"],[
- #if PPL_VERSION_MAJOR != $ppl_major_version || PPL_VERSION_MINOR != $ppl_minor_version
+ #if PPL_VERSION_MAJOR != 0 || PPL_VERSION_MINOR < 10
choke me
#endif
], [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); ppllibs= ; pplinc= ; with_ppl=no ])
++++++ gcc.spec.in ++++++
--- /var/tmp/diff_new_pack.p4ngC8/_old 2011-02-01 15:06:24.000000000 +0100
+++ /var/tmp/diff_new_pack.p4ngC8/_new 2011-02-01 15:06:24.000000000 +0100
@@ -203,6 +203,7 @@
Patch30: gcc43-no-unwind-tables.diff
Patch31: pr43270.diff
Patch32: gcc45-disable-ipa-sra-O2.diff
+Patch33: gcc45-allow-new-ppl.diff
# A set of patches from the RH srpm
Patch51: gcc41-ia64-stack-protector.patch
Patch55: gcc41-java-slow_pthread_self.patch
@@ -910,6 +911,7 @@
%patch30
%patch31
%patch32
+%patch33
%patch51
%patch55
%patch57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0