Ajouté ce que ça prend pour Squeeze
authorNicolas Cadou <ncadou@cadou.ca>
Sun, 25 Nov 2012 22:09:14 +0000 (22:09 +0000)
committerNicolas Cadou <ncadou@cadou.ca>
Sun, 25 Nov 2012 22:09:14 +0000 (22:09 +0000)
Makefile
openssh-5.5p1-hpn13v9.diff.auf-patch [new file with mode: 0644]
openssh-5.5p1-hpn13v9.diff.gz [new file with mode: 0644]

index ada5e4a..a436f01 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -3,6 +3,11 @@ LUCID_DSC := http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_5.3p1-
 LUCID_PACKAGE := openssh-5.3p1
 LUCID_PATCH := $(LUCID_PACKAGE)-hpn13v7.diff
 
+SQUEEZE_DSC := http://ftp.de.debian.org/debian/pool/main/o/openssh/openssh_5.5p1-6+squeeze2.dsc
+# Get the following patch from http://www.psc.edu/index.php/component/remository/HPN-SSH/OpenSSH-5.5-patches/OpenSSH-5.5-Kitchen-Sink-patch/
+SQUEEZE_PACKAGE := openssh-5.5p1
+SQUEEZE_PATCH := $(SQUEEZE_PACKAGE)-hpn13v9.diff
+
 sanity-check:
        grep DGET_VERIFY=no ~/.devscripts \
                || (echo 'SVP ajoutez "DGET_VERIFY=no" à ~/.devscripts'; false)
@@ -13,7 +18,18 @@ lucid: sanity-check
        zcat $(LUCID_PATCH).gz > $(LUCID_PATCH)
        patch $(LUCID_PATCH) < $(LUCID_PATCH).auf-patch
        (cd $(LUCID_PACKAGE); \
-               cat ../$(LUCID_PATCH) | patch -p1; \
-               dch -l '~auf104.' 'Appliqué la patch HPN'; \
+               cat ../$(LUCID_PATCH) | patch -p1 && \
+               dch -l '~auf104.' 'Appliqué la patch HPN' && \
+               debuild -us -uc; \
+       )
+
+squeeze: sanity-check
+       test ! -d $(SQUEEZE_PACKAGE) || rm -r $(SQUEEZE_PACKAGE)
+       dget $(SQUEEZE_DSC)
+       zcat $(SQUEEZE_PATCH).gz > $(SQUEEZE_PATCH)
+       patch $(SQUEEZE_PATCH) < $(SQUEEZE_PATCH).auf-patch
+       (cd $(SQUEEZE_PACKAGE); \
+               cat ../$(SQUEEZE_PATCH) | patch -p1 && \
+               dch -l '~auf60.' 'Appliqué la patch HPN' && \
                debuild -us -uc; \
        )
diff --git a/openssh-5.5p1-hpn13v9.diff.auf-patch b/openssh-5.5p1-hpn13v9.diff.auf-patch
new file mode 100644 (file)
index 0000000..8880d48
--- /dev/null
@@ -0,0 +1,705 @@
+--- openssh-5.5p1-hpn13v9.diff.orig    2012-11-25 21:59:11.262388427 +0000
++++ openssh-5.5p1-hpn13v9.diff.auf     2012-11-25 21:52:24.462402816 +0000
+@@ -1,6 +1,6 @@
+ diff -NupwB canonical-openssh5.5/auth2.c kitchensink-openssh5.5/auth2.c
+---- canonical-openssh5.5/auth2.c      2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/auth2.c    2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/auth2.c      2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/auth2.c    2012-11-25 21:46:19.000000000 +0000
+ @@ -49,6 +49,7 @@
+  #include "dispatch.h"
+  #include "pathnames.h"
+@@ -9,7 +9,7 @@
+  
+  #ifdef GSSAPI
+  #include "ssh-gss.h"
+-@@ -75,6 +76,9 @@ extern Authmethod method_gssapi;
++@@ -76,6 +77,9 @@ extern Authmethod method_gssapi;
+  extern Authmethod method_jpake;
+  #endif
+  
+@@ -19,7 +19,7 @@
+  Authmethod *authmethods[] = {
+       &method_none,
+       &method_pubkey,
+-@@ -225,6 +229,11 @@ input_userauth_request(int type, u_int32
++@@ -227,6 +231,11 @@ input_userauth_request(int type, u_int32
+       service = packet_get_string(NULL);
+       method = packet_get_string(NULL);
+       debug("userauth-request for user %s service %s method %s", user, service, method);
+@@ -30,10 +30,10 @@
+ +     }
+       debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
+  
+-      if ((style = strchr(user, ':')) != NULL)
++      if ((role = strchr(user, '/')) != NULL)
+ diff -NupwB canonical-openssh5.5/buffer.c kitchensink-openssh5.5/buffer.c
+---- canonical-openssh5.5/buffer.c     2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/buffer.c   2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/buffer.c     2010-02-11 22:23:40.000000000 +0000
+++++ kitchensink-openssh5.5/buffer.c   2012-11-25 21:46:19.000000000 +0000
+ @@ -127,7 +127,7 @@ restart:
+  
+       /* Increase the size of the buffer and retry. */
+@@ -44,8 +44,8 @@
+                   newlen);
+       buffer->buf = xrealloc(buffer->buf, 1, newlen);
+ diff -NupwB canonical-openssh5.5/buffer.h kitchensink-openssh5.5/buffer.h
+---- canonical-openssh5.5/buffer.h     2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/buffer.h   2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/buffer.h     2010-02-11 22:23:40.000000000 +0000
+++++ kitchensink-openssh5.5/buffer.h   2012-11-25 21:46:19.000000000 +0000
+ @@ -16,6 +16,9 @@
+  #ifndef BUFFER_H
+  #define BUFFER_H
+@@ -57,8 +57,8 @@
+       u_char  *buf;           /* Buffer for data. */
+       u_int    alloc;         /* Number of bytes allocated for data. */
+ diff -NupwB canonical-openssh5.5/channels.c kitchensink-openssh5.5/channels.c
+---- canonical-openssh5.5/channels.c   2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/channels.c 2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/channels.c   2010-03-26 00:09:45.000000000 +0000
+++++ kitchensink-openssh5.5/channels.c 2012-11-25 21:46:19.000000000 +0000
+ @@ -170,8 +170,14 @@ static void port_open_helper(Channel *c,
+  static int connect_next(struct channel_connect *);
+  static void channel_connect_ctx_free(struct channel_connect *);
+@@ -240,8 +240,8 @@
+               (*chanids)[n] = nc->self;
+       }
+ diff -NupwB canonical-openssh5.5/channels.h kitchensink-openssh5.5/channels.h
+---- canonical-openssh5.5/channels.h   2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/channels.h 2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/channels.h   2010-01-26 02:26:22.000000000 +0000
+++++ kitchensink-openssh5.5/channels.h 2012-11-25 21:46:19.000000000 +0000
+ @@ -124,8 +124,10 @@ struct Channel {
+       u_int   local_window_max;
+       u_int   local_consumed;
+@@ -267,7 +267,7 @@
+  #define CHAN_X11_PACKET_DEFAULT      (16*1024)
+  #define CHAN_X11_WINDOW_DEFAULT      (4*CHAN_X11_PACKET_DEFAULT)
+  
+-@@ -235,7 +239,7 @@ void       channel_input_status_confirm(int, 
++@@ -235,7 +239,7 @@ void       channel_input_status_confirm(int,
+  
+  void  channel_prepare_select(fd_set **, fd_set **, int *, u_int*, int);
+  void     channel_after_select(fd_set *, fd_set *);
+@@ -285,8 +285,8 @@
+ +
+  #endif
+ diff -NupwB canonical-openssh5.5/cipher.c kitchensink-openssh5.5/cipher.c
+---- canonical-openssh5.5/cipher.c     2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/cipher.c   2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/cipher.c     2009-01-28 05:38:41.000000000 +0000
+++++ kitchensink-openssh5.5/cipher.c   2012-11-25 21:46:19.000000000 +0000
+ @@ -55,6 +55,7 @@ extern const EVP_CIPHER *evp_ssh1_bf(voi
+  extern const EVP_CIPHER *evp_ssh1_3des(void);
+  extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
+@@ -335,8 +335,8 @@
+       case SSH_CIPHER_DES:
+       case SSH_CIPHER_BLOWFISH:
+ diff -NupwB canonical-openssh5.5/cipher-ctr-mt.c kitchensink-openssh5.5/cipher-ctr-mt.c
+---- canonical-openssh5.5/cipher-ctr-mt.c      1969-12-31 19:00:00.000000000 -0500
+-+++ kitchensink-openssh5.5/cipher-ctr-mt.c    2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/cipher-ctr-mt.c      1970-01-01 00:00:00.000000000 +0000
+++++ kitchensink-openssh5.5/cipher-ctr-mt.c    2012-11-25 21:46:19.000000000 +0000
+ @@ -0,0 +1,473 @@
+ +/*
+ + * OpenSSH Multi-threaded AES-CTR Cipher
+@@ -812,9 +812,9 @@
+ +     return (&aes_ctr);
+ +}
+ diff -NupwB canonical-openssh5.5/clientloop.c kitchensink-openssh5.5/clientloop.c
+---- canonical-openssh5.5/clientloop.c 2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/clientloop.c       2010-06-08 17:20:56.000000000 -0400
+-@@ -1701,9 +1701,15 @@ client_request_x11(const char *request_t
++--- canonical-openssh5.5/clientloop.c 2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/clientloop.c       2012-11-25 21:46:19.000000000 +0000
++@@ -1721,9 +1721,15 @@ client_request_x11(const char *request_t
+       sock = x11_connect_display();
+       if (sock < 0)
+               return NULL;
+@@ -830,24 +830,24 @@
+       c->force_drain = 1;
+       return c;
+  }
+-@@ -1723,9 +1729,15 @@ client_request_agent(const char *request
++@@ -1743,9 +1749,15 @@ client_request_agent(const char *request
+       sock = ssh_get_authentication_socket();
+       if (sock < 0)
+               return NULL;
+ +     if (options.hpn_disabled) 
+-      c = channel_new("authentication agent connection",
+-          SSH_CHANNEL_OPEN, sock, sock, -1,
+--         CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
+++     c = channel_new("authentication agent connection",
+++         SSH_CHANNEL_OPEN, sock, sock, -1,
+ +                 CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
+ +                 "authentication agent connection", 1);
+ +       else
+-+     c = channel_new("authentication agent connection",
+-+         SSH_CHANNEL_OPEN, sock, sock, -1,
++      c = channel_new("authentication agent connection",
++          SSH_CHANNEL_OPEN, sock, sock, -1,
++-         CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
+ +                   options.hpn_buffer_size, options.hpn_buffer_size, 0,
+           "authentication agent connection", 1);
+       c->force_drain = 1;
+       return c;
+-@@ -1753,10 +1765,18 @@ client_request_tun_fwd(int tun_mode, int
++@@ -1773,10 +1785,18 @@ client_request_tun_fwd(int tun_mode, int
+               return -1;
+       }
+  
+@@ -868,8 +868,8 @@
+       if (options.tun_open == SSH_TUNMODE_POINTOPOINT)
+               channel_register_filter(c->self, sys_tun_infilter,
+ diff -NupwB canonical-openssh5.5/compat.c kitchensink-openssh5.5/compat.c
+---- canonical-openssh5.5/compat.c     2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/compat.c   2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/compat.c     2008-11-03 08:20:14.000000000 +0000
+++++ kitchensink-openssh5.5/compat.c   2012-11-25 21:46:19.000000000 +0000
+ @@ -170,6 +170,15 @@ compat_datafellows(const char *version)
+                   strlen(check[i].pat), 0) == 1) {
+                       debug("match: %s pat %s", version, check[i].pat);
+@@ -887,8 +887,8 @@
+               }
+       }
+ diff -NupwB canonical-openssh5.5/compat.h kitchensink-openssh5.5/compat.h
+---- canonical-openssh5.5/compat.h     2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/compat.h   2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/compat.h     2008-11-03 08:20:14.000000000 +0000
+++++ kitchensink-openssh5.5/compat.h   2012-11-25 21:46:19.000000000 +0000
+ @@ -58,6 +58,7 @@
+  #define SSH_OLD_FORWARD_ADDR 0x01000000
+  #define SSH_BUG_RFWD_ADDR    0x02000000
+@@ -898,9 +898,10 @@
+  void     enable_compat13(void);
+  void     enable_compat20(void);
+ Common subdirectories: canonical-openssh5.5/contrib and kitchensink-openssh5.5/contrib
++Common subdirectories: canonical-openssh5.5/debian and kitchensink-openssh5.5/debian
+ diff -NupwB canonical-openssh5.5/HPN-README kitchensink-openssh5.5/HPN-README
+---- canonical-openssh5.5/HPN-README   1969-12-31 19:00:00.000000000 -0500
+-+++ kitchensink-openssh5.5/HPN-README 2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/HPN-README   1970-01-01 00:00:00.000000000 +0000
+++++ kitchensink-openssh5.5/HPN-README 2012-11-25 21:46:19.000000000 +0000
+ @@ -0,0 +1,128 @@
+ +Notes:
+ +
+@@ -1031,17 +1032,17 @@
+ +         by Cisco System, Inc., the National Library of Medicine, 
+ +      and the National Science Foundation. 
+ diff -NupwB canonical-openssh5.5/kex.c kitchensink-openssh5.5/kex.c
+---- canonical-openssh5.5/kex.c        2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/kex.c      2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/kex.c        2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/kex.c      2012-11-25 21:46:19.000000000 +0000
+ @@ -49,6 +49,7 @@
+  #include "dispatch.h"
+  #include "monitor.h"
+  #include "roaming.h"
+ +#include "canohost.h"
+  
+- #if OPENSSL_VERSION_NUMBER >= 0x00907000L
+- # if defined(HAVE_EVP_SHA256)
+-@@ -63,7 +64,8 @@ static void kex_kexinit_finish(Kex *);
++ #ifdef GSSAPI
++ #include "ssh-gss.h"
++@@ -67,7 +68,8 @@ static void kex_kexinit_finish(Kex *);
+  static void kex_choose_conf(Kex *);
+  
+  /* put algorithm proposal into buffer */
+@@ -1051,7 +1052,7 @@
+  kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX])
+  {
+       u_int i;
+-@@ -375,6 +377,13 @@ kex_choose_conf(Kex *kex)
++@@ -393,6 +395,13 @@ kex_choose_conf(Kex *kex)
+       int nenc, nmac, ncomp;
+       u_int mode, ctos, need;
+       int first_kex_follows, type;
+@@ -1065,7 +1066,7 @@
+  
+       my   = kex_buf2prop(&kex->my, NULL);
+       peer = kex_buf2prop(&kex->peer, &first_kex_follows);
+-@@ -409,11 +418,34 @@ kex_choose_conf(Kex *kex)
++@@ -427,11 +436,34 @@ kex_choose_conf(Kex *kex)
+               choose_enc (&newkeys->enc,  cprop[nenc],  sprop[nenc]);
+               choose_mac (&newkeys->mac,  cprop[nmac],  sprop[nmac]);
+               choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]);
+@@ -1101,9 +1102,9 @@
+       choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]);
+       choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
+ diff -NupwB canonical-openssh5.5/kex.h kitchensink-openssh5.5/kex.h
+---- canonical-openssh5.5/kex.h        2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/kex.h      2010-06-08 17:20:56.000000000 -0400
+-@@ -132,6 +132,8 @@ struct Kex {
++--- canonical-openssh5.5/kex.h        2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/kex.h      2012-11-25 21:46:19.000000000 +0000
++@@ -141,6 +141,8 @@ struct Kex {
+       void    (*kex[KEX_MAX])(Kex *);
+  };
+  
+@@ -1113,9 +1114,9 @@
+  void  kex_finish(Kex *);
+  
+ diff -NupwB canonical-openssh5.5/Makefile.in kitchensink-openssh5.5/Makefile.in
+---- canonical-openssh5.5/Makefile.in  2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/Makefile.in        2010-06-08 17:20:56.000000000 -0400
+-@@ -45,7 +45,7 @@ CC=@CC@
++--- canonical-openssh5.5/Makefile.in  2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/Makefile.in        2012-11-25 21:46:19.000000000 +0000
++@@ -47,7 +47,7 @@ CC=@CC@
+  LD=@LD@
+  CFLAGS=@CFLAGS@
+  CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
+@@ -1124,7 +1125,7 @@
+  SSHDLIBS=@SSHDLIBS@
+  LIBEDIT=@LIBEDIT@
+  AR=@AR@
+-@@ -66,7 +66,7 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-a
++@@ -68,7 +68,7 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-a
+  
+  LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
+       canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
+@@ -1134,8 +1135,8 @@
+       log.o match.o md-sha256.o moduli.o nchan.o packet.o \
+       readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \
+ diff -NupwB canonical-openssh5.5/myproposal.h kitchensink-openssh5.5/myproposal.h
+---- canonical-openssh5.5/myproposal.h 2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/myproposal.h       2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/myproposal.h 2010-02-26 20:55:05.000000000 +0000
+++++ kitchensink-openssh5.5/myproposal.h       2012-11-25 21:46:19.000000000 +0000
+ @@ -49,6 +49,8 @@
+       "arcfour256,arcfour128," \
+       "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
+@@ -1147,8 +1148,8 @@
+       "hmac-ripemd160@openssh.com," \
+ Common subdirectories: canonical-openssh5.5/openbsd-compat and kitchensink-openssh5.5/openbsd-compat
+ diff -NupwB canonical-openssh5.5/packet.c kitchensink-openssh5.5/packet.c
+---- canonical-openssh5.5/packet.c     2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/packet.c   2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/packet.c     2009-10-02 01:49:04.000000000 +0000
+++++ kitchensink-openssh5.5/packet.c   2012-11-25 21:46:19.000000000 +0000
+ @@ -835,7 +835,7 @@ packet_enable_delayed_compress(void)
+  /*
+   * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue)
+@@ -1286,8 +1287,8 @@
+ +     return(active_state->after_authentication);
+ +}
+ diff -NupwB canonical-openssh5.5/packet.h kitchensink-openssh5.5/packet.h
+---- canonical-openssh5.5/packet.h     2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/packet.h   2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/packet.h     2009-07-05 21:11:13.000000000 +0000
+++++ kitchensink-openssh5.5/packet.h   2012-11-25 21:46:19.000000000 +0000
+ @@ -20,6 +20,9 @@
+  
+  #include <openssl/bn.h>
+@@ -1324,9 +1325,10 @@
+  void     packet_write_wait(void);
+  int      packet_have_data_to_write(void);
+  int      packet_not_very_much_data_to_write(void);
++Common subdirectories: canonical-openssh5.5/.pc and kitchensink-openssh5.5/.pc
+ diff -NupwB canonical-openssh5.5/progressmeter.c kitchensink-openssh5.5/progressmeter.c
+---- canonical-openssh5.5/progressmeter.c      2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/progressmeter.c    2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/progressmeter.c      2006-08-05 02:39:40.000000000 +0000
+++++ kitchensink-openssh5.5/progressmeter.c    2012-11-25 21:46:19.000000000 +0000
+ @@ -68,6 +68,8 @@ static time_t last_update;  /* last progr
+  static char *file;           /* name of the file being transferred */
+  static off_t end_pos;                /* ending position of transfer */
+@@ -1398,18 +1400,18 @@
+  
+  /*ARGSUSED*/
+ diff -NupwB canonical-openssh5.5/readconf.c kitchensink-openssh5.5/readconf.c
+---- canonical-openssh5.5/readconf.c   2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/readconf.c 2010-06-08 17:20:56.000000000 -0400
+-@@ -131,6 +131,8 @@ typedef enum {
+-      oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
++--- canonical-openssh5.5/readconf.c   2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/readconf.c 2012-11-25 21:46:19.000000000 +0000
++@@ -136,6 +136,8 @@ typedef enum {
+       oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
+       oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
++      oProtocolKeepAlives, oSetupTimeOut,
+ +     oNoneEnabled, oTcpRcvBufPoll, oTcpRcvBuf, oNoneSwitch, oHPNDisabled,
+ +     oHPNBufferSize,
+       oDeprecated, oUnsupported
+  } OpCodes;
+  
+-@@ -237,6 +239,12 @@ static struct {
++@@ -251,6 +253,12 @@ static struct {
+  #else
+       { "zeroknowledgepasswordauthentication", oUnsupported },
+  #endif
+@@ -1419,10 +1421,10 @@
+ +     { "noneswitch", oNoneSwitch },
+ +     { "hpndisabled", oHPNDisabled },
+ +     { "hpnbuffersize", oHPNBufferSize },
++      { "protocolkeepalives", oProtocolKeepAlives },
++      { "setuptimeout", oSetupTimeOut },
+  
+-      { NULL, oBadOption }
+- };
+-@@ -468,6 +476,37 @@ parse_flag:
++@@ -504,6 +512,37 @@ parse_flag:
+               intptr = &options->check_host_ip;
+               goto parse_flag;
+  
+@@ -1460,7 +1462,7 @@
+       case oVerifyHostKeyDNS:
+               intptr = &options->verify_host_key_dns;
+               goto parse_yesnoask;
+-@@ -646,6 +685,10 @@ parse_int:
++@@ -682,6 +721,10 @@ parse_int:
+               intptr = &options->connection_attempts;
+               goto parse_int;
+  
+@@ -1471,7 +1473,7 @@
+       case oCipher:
+               intptr = &options->cipher;
+               arg = strdelim(&s);
+-@@ -1073,6 +1116,12 @@ initialize_options(Options * options)
++@@ -1115,6 +1158,12 @@ initialize_options(Options * options)
+       options->use_roaming = -1;
+       options->visual_host_key = -1;
+       options->zero_knowledge_password_authentication = -1;
+@@ -1484,8 +1486,8 @@
+  }
+  
+  /*
+-@@ -1195,6 +1244,29 @@ fill_default_options(Options * options)
+-              options->server_alive_interval = 0;
++@@ -1250,6 +1299,29 @@ fill_default_options(Options * options)
++      }
+       if (options->server_alive_count_max == -1)
+               options->server_alive_count_max = 3;
+ +     if (options->none_switch == -1)
+@@ -1515,9 +1517,9 @@
+               options->control_master = 0;
+       if (options->hash_known_hosts == -1)
+ diff -NupwB canonical-openssh5.5/readconf.h kitchensink-openssh5.5/readconf.h
+---- canonical-openssh5.5/readconf.h   2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/readconf.h 2010-06-08 17:20:56.000000000 -0400
+-@@ -57,6 +57,11 @@ typedef struct {
++--- canonical-openssh5.5/readconf.h   2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/readconf.h 2012-11-25 21:46:19.000000000 +0000
++@@ -62,6 +62,11 @@ typedef struct {
+       int     compression_level;      /* Compression level 1 (fast) to 9
+                                        * (best). */
+       int     tcp_keep_alive; /* Set SO_KEEPALIVE. */
+@@ -1529,7 +1531,7 @@
+       LogLevel log_level;     /* Level for logging. */
+  
+       int     port;           /* Port to connect. */
+-@@ -102,6 +107,8 @@ typedef struct {
++@@ -107,6 +112,8 @@ typedef struct {
+  
+       int     enable_ssh_keysign;
+       int64_t rekey_limit;
+@@ -1541,9 +1543,9 @@
+ Common subdirectories: canonical-openssh5.5/regress and kitchensink-openssh5.5/regress
+ Common subdirectories: canonical-openssh5.5/scard and kitchensink-openssh5.5/scard
+ diff -NupwB canonical-openssh5.5/scp.c kitchensink-openssh5.5/scp.c
+---- canonical-openssh5.5/scp.c        2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/scp.c      2010-06-08 17:20:56.000000000 -0400
+-@@ -639,7 +639,7 @@ source(int argc, char **argv)
++--- canonical-openssh5.5/scp.c        2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/scp.c      2012-11-25 21:46:19.000000000 +0000
++@@ -647,7 +647,7 @@ source(int argc, char **argv)
+       off_t i, statbytes;
+       size_t amt;
+       int fd = -1, haderr, indx;
+@@ -1552,7 +1554,7 @@
+       int len;
+  
+       for (indx = 0; indx < argc; ++indx) {
+-@@ -875,7 +875,7 @@ sink(int argc, char **argv)
++@@ -883,7 +883,7 @@ sink(int argc, char **argv)
+       mode_t mode, omode, mask;
+       off_t size, statbytes;
+       int setimes, targisdir, wrerrno = 0;
+@@ -1562,12 +1564,12 @@
+  
+  #define      atime   tv[0]
+ diff -NupwB canonical-openssh5.5/servconf.c kitchensink-openssh5.5/servconf.c
+---- canonical-openssh5.5/servconf.c   2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/servconf.c 2010-06-08 17:20:56.000000000 -0400
+-@@ -131,11 +131,21 @@ initialize_server_options(ServerOptions 
+-      options->zero_knowledge_password_authentication = -1;
++--- canonical-openssh5.5/servconf.c   2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/servconf.c 2012-11-25 21:46:19.000000000 +0000
++@@ -136,11 +136,21 @@ initialize_server_options(ServerOptions
+       options->revoked_keys_file = NULL;
+       options->trusted_user_ca_keys = NULL;
++      options->debian_banner = -1;
+ +     options->none_enabled = -1;
+ +     options->tcp_rcv_buf_poll = -1;
+ +     options->hpn_disabled = -1;
+@@ -1586,9 +1588,9 @@
+       /* Portable-specific options */
+       if (options->use_pam == -1)
+               options->use_pam = 0;
+-@@ -266,6 +276,42 @@ fill_default_server_options(ServerOption
+-      if (options->zero_knowledge_password_authentication == -1)
+-              options->zero_knowledge_password_authentication = 0;
++@@ -281,6 +291,42 @@ fill_default_server_options(ServerOption
++      if (options->debian_banner == -1)
++              options->debian_banner = 1;
+  
+ +     if (options->hpn_disabled == -1) 
+ +             options->hpn_disabled = 0;
+@@ -1629,18 +1631,18 @@
+       /* Turn privilege separation on by default */
+       if (use_privsep == -1)
+               use_privsep = 1;
+-@@ -311,6 +357,7 @@ typedef enum {
+-      sUsePrivilegeSeparation, sAllowAgentForwarding,
++@@ -329,6 +375,7 @@ typedef enum {
+       sZeroKnowledgePasswordAuthentication, sHostCertificate,
+       sRevokedKeys, sTrustedUserCAKeys,
++      sDebianBanner,
+ +     sNoneEnabled, sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize,
+       sDeprecated, sUnsupported
+  } ServerOpCodes;
+  
+-@@ -432,6 +479,10 @@ static struct {
+-      { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
++@@ -462,6 +509,10 @@ static struct {
+       { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
+       { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
++      { "debianbanner", sDebianBanner, SSHCFG_GLOBAL },
+ +     { "noneenabled", sNoneEnabled },
+ +     { "hpndisabled", sHPNDisabled },
+ +     { "hpnbuffersize", sHPNBufferSize },
+@@ -1648,7 +1650,7 @@
+       { NULL, sBadOption, 0 }
+  };
+  
+-@@ -458,6 +509,7 @@ parse_token(const char *cp, const char *
++@@ -488,6 +539,7 @@ parse_token(const char *cp, const char *
+  
+       for (i = 0; keywords[i].name; i++)
+               if (strcasecmp(cp, keywords[i].name) == 0) {
+@@ -1656,7 +1658,7 @@
+                       *flags = keywords[i].flags;
+                       return keywords[i].opcode;
+               }
+-@@ -880,6 +932,22 @@ process_server_config_line(ServerOptions
++@@ -910,6 +962,22 @@ process_server_config_line(ServerOptions
+                       *intptr = value;
+               break;
+  
+@@ -1680,9 +1682,9 @@
+               intptr = &options->ignore_user_known_hosts;
+               goto parse_flag;
+ diff -NupwB canonical-openssh5.5/servconf.h kitchensink-openssh5.5/servconf.h
+---- canonical-openssh5.5/servconf.h   2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/servconf.h 2010-06-08 17:20:56.000000000 -0400
+-@@ -148,6 +148,10 @@ typedef struct {
++--- canonical-openssh5.5/servconf.h   2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/servconf.h 2012-11-25 21:46:19.000000000 +0000
++@@ -152,6 +152,10 @@ typedef struct {
+       char   *adm_forced_command;
+  
+       int     use_pam;                /* Enable auth via PAM */
+@@ -1694,8 +1696,8 @@
+       int     permit_tun;
+  
+ diff -NupwB canonical-openssh5.5/serverloop.c kitchensink-openssh5.5/serverloop.c
+---- canonical-openssh5.5/serverloop.c 2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/serverloop.c       2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/serverloop.c 2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/serverloop.c       2012-11-25 21:46:19.000000000 +0000
+ @@ -94,10 +94,10 @@ static int fdin;          /* Descriptor for stdi
+  static int fdout;            /* Descriptor for stdout (for reading);
+                                  May be same number as fdin. */
+@@ -1803,8 +1805,8 @@
+               debug("session open failed, free channel %d", c->self);
+               channel_free(c);
+ diff -NupwB canonical-openssh5.5/session.c kitchensink-openssh5.5/session.c
+---- canonical-openssh5.5/session.c    2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/session.c  2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/session.c    2010-03-26 00:04:09.000000000 +0000
+++++ kitchensink-openssh5.5/session.c  2012-11-25 21:46:19.000000000 +0000
+ @@ -231,6 +231,7 @@ auth_input_request_forwarding(struct pas
+       }
+  
+@@ -1831,8 +1833,8 @@
+  
+  /*
+ diff -NupwB canonical-openssh5.5/sftp.1 kitchensink-openssh5.5/sftp.1
+---- canonical-openssh5.5/sftp.1       2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/sftp.1     2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/sftp.1       2010-02-11 22:21:03.000000000 +0000
+++++ kitchensink-openssh5.5/sftp.1     2012-11-25 21:46:19.000000000 +0000
+ @@ -234,7 +234,8 @@ diagnostic messages from
+  Specify how many requests may be outstanding at any one time.
+  Increasing this may slightly improve file transfer speed
+@@ -1844,8 +1846,8 @@
+  Recursively copy entire directories when uploading and downloading.
+  Note that
+ diff -NupwB canonical-openssh5.5/sftp.c kitchensink-openssh5.5/sftp.c
+---- canonical-openssh5.5/sftp.c       2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/sftp.c     2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/sftp.c       2010-01-27 19:27:54.000000000 +0000
+++++ kitchensink-openssh5.5/sftp.c     2012-11-25 21:46:19.000000000 +0000
+ @@ -69,7 +69,7 @@ typedef void EditLine;
+  #include "sftp-client.h"
+  
+@@ -1856,8 +1858,8 @@
+  /* File to read commands from */
+  FILE* infile;
+ diff -NupwB canonical-openssh5.5/ssh.c kitchensink-openssh5.5/ssh.c
+---- canonical-openssh5.5/ssh.c        2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/ssh.c      2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/ssh.c        2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/ssh.c      2012-11-25 21:46:19.000000000 +0000
+ @@ -526,9 +526,6 @@ main(int ac, char **av)
+                       no_shell_flag = 1;
+                       no_tty_flag = 1;
+@@ -1982,8 +1984,8 @@
+  
+       channel_send_open(c->self);
+ diff -NupwB canonical-openssh5.5/sshconnect2.c kitchensink-openssh5.5/sshconnect2.c
+---- canonical-openssh5.5/sshconnect2.c        2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/sshconnect2.c      2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/sshconnect2.c        2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/sshconnect2.c      2012-11-25 21:46:19.000000000 +0000
+ @@ -80,6 +80,12 @@
+  extern char *client_version_string;
+  extern char *server_version_string;
+@@ -1997,7 +1999,7 @@
+  
+  /*
+   * SSH2 key exchange
+-@@ -358,6 +364,28 @@ ssh_userauth2(const char *local_user, co
++@@ -416,6 +422,28 @@ ssh_userauth2(const char *local_user, co
+       pubkey_cleanup(&authctxt);
+       dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
+  
+@@ -2027,8 +2029,8 @@
+  }
+  
+ diff -NupwB canonical-openssh5.5/sshconnect.c kitchensink-openssh5.5/sshconnect.c
+---- canonical-openssh5.5/sshconnect.c 2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/sshconnect.c       2010-06-08 17:20:56.000000000 -0400
++--- canonical-openssh5.5/sshconnect.c 2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/sshconnect.c       2012-11-25 21:46:19.000000000 +0000
+ @@ -168,6 +168,31 @@ ssh_proxy_connect(const char *host, u_sh
+  }
+  
+@@ -2080,19 +2082,10 @@
+       /* Bind the socket to an alternative local IP address */
+       if (options.bind_address == NULL)
+               return sock;
+-@@ -542,7 +572,7 @@ ssh_exchange_identification(int timeout_
+-      snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s",
+-          compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
+-          compat20 ? PROTOCOL_MINOR_2 : minor1,
+--         SSH_VERSION, compat20 ? "\r\n" : "\n");
+-+         SSH_RELEASE, compat20 ? "\r\n" : "\n");
+-      if (roaming_atomicio(vwrite, connection_out, buf, strlen(buf))
+-          != strlen(buf))
+-              fatal("write: %.100s", strerror(errno));
+ diff -NupwB canonical-openssh5.5/sshd.c kitchensink-openssh5.5/sshd.c
+---- canonical-openssh5.5/sshd.c       2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/sshd.c     2010-06-08 17:20:56.000000000 -0400
+-@@ -137,6 +137,9 @@ int deny_severity;
++--- canonical-openssh5.5/sshd.c       2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/sshd.c     2012-11-25 21:46:19.000000000 +0000
++@@ -141,6 +141,9 @@ int deny_severity;
+  #define REEXEC_CONFIG_PASS_FD                (STDERR_FILENO + 3)
+  #define REEXEC_MIN_FREE_FD           (STDERR_FILENO + 4)
+  
+@@ -2102,16 +2095,7 @@
+  extern char *__progname;
+  
+  /* Server configuration options. */
+-@@ -418,7 +421,7 @@ sshd_exchange_identification(int sock_in
+-              minor = PROTOCOL_MINOR_1;
+-      }
+-      snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,
+--         SSH_VERSION, newline);
+-+         SSH_RELEASE, newline);
+-      server_version_string = xstrdup(buf);
+- 
+-      /* Send our protocol version identification. */
+-@@ -469,6 +472,9 @@ sshd_exchange_identification(int sock_in
++@@ -474,6 +477,9 @@ sshd_exchange_identification(int sock_in
+       }
+       debug("Client protocol version %d.%d; client software version %.100s",
+           remote_major, remote_minor, remote_version);
+@@ -2121,7 +2105,7 @@
+  
+       compat_datafellows(remote_version);
+  
+-@@ -988,6 +994,8 @@ server_listen(void)
++@@ -993,6 +999,8 @@ server_listen(void)
+       int ret, listen_sock, on = 1;
+       struct addrinfo *ai;
+       char ntop[NI_MAXHOST], strport[NI_MAXSERV];
+@@ -2130,7 +2114,7 @@
+  
+       for (ai = options.listen_addrs; ai; ai = ai->ai_next) {
+               if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
+-@@ -1028,6 +1036,11 @@ server_listen(void)
++@@ -1033,6 +1041,11 @@ server_listen(void)
+  
+               debug("Bind to port %s on %s.", strport, ntop);
+  
+@@ -2142,17 +2126,17 @@
+               /* Bind the socket to the desired port. */
+               if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0) {
+                       error("Bind to port %s on %s failed: %.200s.",
+-@@ -1909,6 +1922,9 @@ main(int ac, char **av)
++@@ -1922,6 +1935,9 @@ main(int ac, char **av)
+       /* Log the connection. */
+       verbose("Connection from %.500s port %d", remote_ip, remote_port);
+  
+ +     /* set the HPN options for the child */
+ +     channel_set_hpn(options.hpn_disabled, options.hpn_buffer_size);
+ +
++ #ifdef USE_SECURITY_SESSION_API
+       /*
+-       * We don't want to listen forever unless the other side
+-       * successfully authenticates itself.  So we set up an alarm which is
+-@@ -2264,9 +2280,15 @@ do_ssh2_kex(void)
++       * Create a new security session for use by the new user login if
++@@ -2331,9 +2347,15 @@ do_ssh2_kex(void)
+  {
+       Kex *kex;
+  
+@@ -2169,9 +2153,9 @@
+       myproposal[PROPOSAL_ENC_ALGS_CTOS] =
+           compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
+ diff -NupwB canonical-openssh5.5/sshd_config kitchensink-openssh5.5/sshd_config
+---- canonical-openssh5.5/sshd_config  2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/sshd_config        2010-06-08 17:20:56.000000000 -0400
+-@@ -110,6 +110,20 @@
++--- canonical-openssh5.5/sshd_config  2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/sshd_config        2012-11-25 21:46:19.000000000 +0000
++@@ -113,6 +113,20 @@
+  # override default of no subsystems
+  Subsystem    sftp    /usr/libexec/sftp-server
+  
+@@ -2193,12 +2177,15 @@
+  #Match User anoncvs
+  #    X11Forwarding no
+ diff -NupwB canonical-openssh5.5/version.h kitchensink-openssh5.5/version.h
+---- canonical-openssh5.5/version.h    2010-06-08 17:17:08.000000000 -0400
+-+++ kitchensink-openssh5.5/version.h  2010-06-08 17:21:14.000000000 -0400
+-@@ -3,4 +3,5 @@
++--- canonical-openssh5.5/version.h    2012-11-25 21:46:51.000000000 +0000
+++++ kitchensink-openssh5.5/version.h  2012-11-25 21:46:19.000000000 +0000
++@@ -3,7 +3,8 @@
+  #define SSH_VERSION  "OpenSSH_5.5"
+  
+  #define SSH_PORTABLE "p1"
+--#define SSH_RELEASE  SSH_VERSION SSH_PORTABLE
++-#define SSH_RELEASE_MINIMUM  SSH_VERSION SSH_PORTABLE
+ +#define SSH_HPN         "-hpn13v9"
+-+#define SSH_RELEASE  SSH_VERSION SSH_PORTABLE SSH_HPN
+++#define SSH_RELEASE_MINIMUM  SSH_VERSION SSH_PORTABLE SSH_HPN
++ #ifdef SSH_EXTRAVERSION
++ #define SSH_RELEASE  SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION
++ #else
diff --git a/openssh-5.5p1-hpn13v9.diff.gz b/openssh-5.5p1-hpn13v9.diff.gz
new file mode 100644 (file)
index 0000000..c884212
Binary files /dev/null and b/openssh-5.5p1-hpn13v9.diff.gz differ