forked from rpms/openssh
- switch to a modified tarball, as we did for OpenSSL, for removing ACSS
support
This commit is contained in:
parent
c82df74ea6
commit
deb1e497fe
@ -1,2 +1,3 @@
|
|||||||
openssh-3.9p1.tar.gz
|
openssh-3.9p1.tar.gz
|
||||||
x11-ssh-askpass-1.2.4.1.tar.gz
|
x11-ssh-askpass-1.2.4.1.tar.gz
|
||||||
|
openssh-3.9p1-noacss.tar.gz
|
||||||
|
28
openssh-nukeacss.sh
Executable file
28
openssh-nukeacss.sh
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# Remove the ACSS implementation from OpenSSH, and disable its use so that the
|
||||||
|
# rest of the package can still be built.
|
||||||
|
#
|
||||||
|
> acss.c
|
||||||
|
patch -sp1 << EOF
|
||||||
|
--- openssh/cipher.c
|
||||||
|
+++ openssh/cipher.c
|
||||||
|
@@ -53,6 +53,7 @@
|
||||||
|
extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#if 0
|
||||||
|
#if !defined(EVP_CTRL_SET_ACSS_MODE)
|
||||||
|
# if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
|
||||||
|
extern const EVP_CIPHER *evp_acss(void);
|
||||||
|
@@ -62,6 +63,9 @@
|
||||||
|
# define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */
|
||||||
|
# endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */
|
||||||
|
#endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */
|
||||||
|
+#else
|
||||||
|
+#define EVP_acss NULL
|
||||||
|
+#endif /* 0 */
|
||||||
|
|
||||||
|
extern const EVP_CIPHER *evp_ssh1_bf(void);
|
||||||
|
extern const EVP_CIPHER *evp_ssh1_3des(void);
|
||||||
|
EOF
|
@ -86,8 +86,10 @@ Release: %{rel}rescue
|
|||||||
Release: %{rel}
|
Release: %{rel}
|
||||||
%endif
|
%endif
|
||||||
URL: http://www.openssh.com/portable.html
|
URL: http://www.openssh.com/portable.html
|
||||||
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||||
Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
|
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
|
||||||
|
Source0: openssh-%{version}-noacss.tar.gz
|
||||||
|
Source1: openssh-nukeacss.sh
|
||||||
Source2: http://www.pobox.com/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
|
Source2: http://www.pobox.com/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
|
||||||
Patch0: openssh-3.9p1-redhat.patch
|
Patch0: openssh-3.9p1-redhat.patch
|
||||||
Patch1: openssh-3.6.1p2-groups.patch
|
Patch1: openssh-3.6.1p2-groups.patch
|
||||||
@ -491,6 +493,9 @@ fi
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Sep 13 2004 Nalin Dahyabhai <nalin@redhat.com>
|
||||||
|
- disable ACSS support
|
||||||
|
|
||||||
* Thu Sep 2 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-5
|
* Thu Sep 2 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-5
|
||||||
- Change selinux patch to use get_default_context_with_role in libselinux.
|
- Change selinux patch to use get_default_context_with_role in libselinux.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user