From 88fdf9a2a32480da9edfcf384610061e95b01dd7 Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Mon, 15 Sep 2025 12:28:33 +0000
Subject: [PATCH] import CS openssh-8.7p1-46.el9

---
 SOURCES/openssh-8.7p1-redhat-help.patch | 39 ++++++++++---------------
 SPECS/openssh.spec                      |  6 +++-
 2 files changed, 21 insertions(+), 24 deletions(-)

diff --git a/SOURCES/openssh-8.7p1-redhat-help.patch b/SOURCES/openssh-8.7p1-redhat-help.patch
index e71c824..0d1753b 100644
--- a/SOURCES/openssh-8.7p1-redhat-help.patch
+++ b/SOURCES/openssh-8.7p1-redhat-help.patch
@@ -1,38 +1,31 @@
-diff -up openssh-8.7p1/ssh.c.xxx openssh-8.7p1/ssh.c
---- openssh-8.7p1/ssh.c.xxx	2024-09-11 14:24:06.711088878 +0200
-+++ openssh-8.7p1/ssh.c	2024-09-11 14:35:12.883765718 +0200
-@@ -175,6 +175,16 @@ extern int muxserver_sock;
+diff --color -ruNp a/ssh.c b/ssh.c
+--- a/ssh.c	2025-07-21 16:24:30.348843762 +0200
++++ b/ssh.c	2025-07-21 16:27:20.477953307 +0200
+@@ -174,6 +174,17 @@ static int forward_confirms_pending = -1
+ extern int muxserver_sock;
  extern u_int muxclient_command;
  
- /* Prints a help message to the user.  This function never returns. */
 +static void
-+redhat_usage(void)
++redhat_help_message(void)
 +{
-+    if(isatty(fileno(stderr))) {
-+	fprintf(stderr,
-+"\nYou can find some explanations for typical errors at this link:\n"
-+"	    https://red.ht/support_rhel_ssh\n"
-+	);
-+    }
++	if (log_level_get() >= SYSLOG_LEVEL_DEBUG1 &&
++	    isatty(fileno(stderr))) {
++		fprintf(stderr,
++"\nThe link below provides guidance on resolving common SSH errors:\n"
++"          https://red.ht/support_rhel_ssh\n");
++	}
 +}
++
+ /* Prints a help message to the user.  This function never returns. */
  
  static void
- usage(void)
-@@ -188,6 +196,7 @@ usage(void)
- "           [-Q query_option] [-R address] [-S ctl_path] [-W host:port]\n"
- "           [-w local_tun[:remote_tun]] destination [command]\n"
- 	);
-+	redhat_usage();
- 	exit(255);
- }
- 
-@@ -1609,8 +1618,10 @@ main(int ac, char **av)
+@@ -1609,8 +1620,10 @@ main(int ac, char **av)
  	/* Open a connection to the remote host. */
  	if (ssh_connect(ssh, host, host_arg, addrs, &hostaddr, options.port,
  	    options.connection_attempts,
 -	    &timeout_ms, options.tcp_keep_alive) != 0)
 +	    &timeout_ms, options.tcp_keep_alive) != 0) {
-+		redhat_usage();
++		redhat_help_message();
  		exit(255);
 +	}
  
diff --git a/SPECS/openssh.spec b/SPECS/openssh.spec
index 7fa9a25..4cb5799 100644
--- a/SPECS/openssh.spec
+++ b/SPECS/openssh.spec
@@ -47,7 +47,7 @@
 
 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
 %global openssh_ver 8.7p1
-%global openssh_rel 45
+%global openssh_rel 46
 %global pam_ssh_agent_ver 0.10.4
 %global pam_ssh_agent_rel 5
 
@@ -817,6 +817,10 @@ test -f %{sysconfig_anaconda} && \
 %endif
 
 %changelog
+* Mon Jul 21 2025 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-46
+- Move the redhat help message to debug1 log level
+  Resolves: RHEL-104580
+
 * Tue Feb 18 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-45
 - Fix missing error codes set and invalid error code checks in OpenSSH. It
   prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS