- switch to a modified tarball, as we did for OpenSSL, for removing ACSS
support
This commit is contained in:
parent
c82df74ea6
commit
deb1e497fe
@ -1,2 +1,3 @@
|
||||
openssh-3.9p1.tar.gz
|
||||
x11-ssh-askpass-1.2.4.1.tar.gz
|
||||
openssh-3.9p1-noacss.tar.gz
|
||||
|
28
openssh-nukeacss.sh
Executable file
28
openssh-nukeacss.sh
Executable file
@ -0,0 +1,28 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Remove the ACSS implementation from OpenSSH, and disable its use so that the
|
||||
# rest of the package can still be built.
|
||||
#
|
||||
> acss.c
|
||||
patch -sp1 << EOF
|
||||
--- openssh/cipher.c
|
||||
+++ openssh/cipher.c
|
||||
@@ -53,6 +53,7 @@
|
||||
extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
|
||||
#endif
|
||||
|
||||
+#if 0
|
||||
#if !defined(EVP_CTRL_SET_ACSS_MODE)
|
||||
# if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
|
||||
extern const EVP_CIPHER *evp_acss(void);
|
||||
@@ -62,6 +63,9 @@
|
||||
# define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */
|
||||
# endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */
|
||||
#endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */
|
||||
+#else
|
||||
+#define EVP_acss NULL
|
||||
+#endif /* 0 */
|
||||
|
||||
extern const EVP_CIPHER *evp_ssh1_bf(void);
|
||||
extern const EVP_CIPHER *evp_ssh1_3des(void);
|
||||
EOF
|
@ -86,8 +86,10 @@ Release: %{rel}rescue
|
||||
Release: %{rel}
|
||||
%endif
|
||||
URL: http://www.openssh.com/portable.html
|
||||
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||
Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
|
||||
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
|
||||
Source0: openssh-%{version}-noacss.tar.gz
|
||||
Source1: openssh-nukeacss.sh
|
||||
Source2: http://www.pobox.com/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
|
||||
Patch0: openssh-3.9p1-redhat.patch
|
||||
Patch1: openssh-3.6.1p2-groups.patch
|
||||
@ -491,6 +493,9 @@ fi
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Sep 13 2004 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- disable ACSS support
|
||||
|
||||
* Thu Sep 2 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-5
|
||||
- Change selinux patch to use get_default_context_with_role in libselinux.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user