rpms/openssh/devel openssh-5.3p1-randclean.patch, 1.1, 1.2 openssh.spec, 1.188, 1.189

Thu Jan 21 09:00:43 UTC 2010

Author: jfch2222

Update of /cvs/pkgs/rpms/openssh/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2746

Modified Files:
	openssh-5.3p1-randclean.patch openssh.spec 
Log Message:
optimized RAND_cleanup patch

openssh-5.3p1-randclean.patch:
 entropy.c |    3 +++
 1 file changed, 3 insertions(+)

Index: openssh-5.3p1-randclean.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh-5.3p1-randclean.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2

--- openssh-5.3p1-randclean.patch	20 Jan 2010 18:43:25 -0000	1.1
+++ openssh-5.3p1-randclean.patch	21 Jan 2010 09:00:42 -0000	1.2
@@ -1,110 +1,13 @@
-diff -up openssh-5.3p1/ssh-add.c.randclean openssh-5.3p1/ssh-add.c
---- openssh-5.3p1/ssh-add.c.randclean	2010-01-20 19:13:28.000000000 +0100
-+++ openssh-5.3p1/ssh-add.c	2010-01-20 19:13:29.000000000 +0100
-@@ -41,6 +41,7 @@
- #include <sys/stat.h>
- #include <sys/param.h>
- 
-+#include <openssl/rand.h>
- #include <openssl/evp.h>
- #include <openssl/fips.h>
- #include "openbsd-compat/openssl-compat.h"
-@@ -471,6 +472,9 @@ main(int argc, char **argv)
- 	int use_nss = 0;
- #endif
- 
-+	/* clean the PRNG status when exiting the program */
-+	atexit(RAND_cleanup);
-+
- 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
- 	sanitise_stdfd();
- 
-diff -up openssh-5.3p1/ssh.c.randclean openssh-5.3p1/ssh.c
---- openssh-5.3p1/ssh.c.randclean	2010-01-20 19:13:29.000000000 +0100
-+++ openssh-5.3p1/ssh.c	2010-01-20 19:13:29.000000000 +0100
-@@ -70,6 +70,7 @@
- #include <netinet/in.h>
- #include <arpa/inet.h>
- 
-+#include <openssl/rand.h>
- #include <openssl/evp.h>
- #include <openssl/err.h>
- #include <openssl/fips.h>
-@@ -220,6 +221,9 @@ main(int ac, char **av)
- 	struct servent *sp;
- 	Forward fwd;
- 
-+	/* clean the PRNG status when exiting the program */
-+	atexit(RAND_cleanup);
-+
- 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
- 	sanitise_stdfd();
- 
-diff -up openssh-5.3p1/sshd.c.randclean openssh-5.3p1/sshd.c
---- openssh-5.3p1/sshd.c.randclean	2010-01-20 19:13:29.000000000 +0100
-+++ openssh-5.3p1/sshd.c	2010-01-20 19:13:29.000000000 +0100
-@@ -1263,6 +1263,9 @@ main(int ac, char **av)
- 	Key *key;
- 	Authctxt *authctxt;
- 
-+	/* clean the PRNG status when exiting the program */
-+	atexit(RAND_cleanup);
-+
- #ifdef HAVE_SECUREWARE
- 	(void)set_auth_parameters(ac, av);
- #endif
-diff -up openssh-5.3p1/ssh-keygen.c.randclean openssh-5.3p1/ssh-keygen.c
---- openssh-5.3p1/ssh-keygen.c.randclean	2010-01-20 19:13:29.000000000 +0100
-+++ openssh-5.3p1/ssh-keygen.c	2010-01-20 19:13:29.000000000 +0100
-@@ -19,6 +19,7 @@
- #include <sys/stat.h>
- #include <sys/param.h>
- 
-+#include <openssl/rand.h>
- #include <openssl/evp.h>
- #include <openssl/pem.h>
- #include <openssl/fips.h>
-@@ -1120,6 +1121,9 @@ main(int argc, char **argv)
- 	extern int optind;
- 	extern char *optarg;
- 
-+	/* clean the PRNG status when exiting the program */
-+	atexit(RAND_cleanup);
-+
- 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
- 	sanitise_stdfd();
- 
-diff -up openssh-5.3p1/ssh-keyscan.c.randclean openssh-5.3p1/ssh-keyscan.c
---- openssh-5.3p1/ssh-keyscan.c.randclean	2009-01-28 06:31:23.000000000 +0100
-+++ openssh-5.3p1/ssh-keyscan.c	2010-01-20 19:21:16.000000000 +0100
-@@ -18,6 +18,7 @@
- #include <netinet/in.h>
- #include <arpa/inet.h>
- 
-+#include <openssl/rand.h>
- #include <openssl/bn.h>
- 
- #include <netdb.h>
-@@ -730,6 +731,9 @@ main(int argc, char **argv)
- 	extern int optind;
- 	extern char *optarg;
- 
-+	/* clean the PRNG status when exiting the program */
-+	atexit(RAND_cleanup);
-+
- 	__progname = ssh_get_progname(argv[0]);
- 	init_rng();
- 	seed_rng();
-diff -up openssh-5.3p1/ssh-keysign.c.randclean openssh-5.3p1/ssh-keysign.c
---- openssh-5.3p1/ssh-keysign.c.randclean	2006-09-01 07:38:37.000000000 +0200
-+++ openssh-5.3p1/ssh-keysign.c	2010-01-20 19:13:29.000000000 +0100
-@@ -158,6 +158,9 @@ main(int argc, char **argv)
- 	u_int slen, dlen;
- 	u_int32_t rnd[256];
+diff -up openssh-5.3p1/entropy.c.randclean openssh-5.3p1/entropy.c
+--- openssh-5.3p1/entropy.c.randclean	2010-01-21 09:26:30.000000000 +0100
++++ openssh-5.3p1/entropy.c	2010-01-21 09:26:37.000000000 +0100
+@@ -159,6 +159,9 @@ init_rng(void)
+ 		fatal("OpenSSL version mismatch. Built against %lx, you "
+ 		    "have %lx", OPENSSL_VERSION_NUMBER, SSLeay());
  
 +	/* clean the PRNG status when exiting the program */
 +	atexit(RAND_cleanup);
 +
- 	/* Ensure that stdin and stdout are connected */
- 	if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2)
- 		exit(1);
+ #ifndef OPENSSL_PRNG_ONLY
+ 	original_uid = getuid();
+ 	original_euid = geteuid();


Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.188
retrieving revision 1.189
diff -u -p -r1.188 -r1.189
--- openssh.spec	20 Jan 2010 18:43:25 -0000	1.188
+++ openssh.spec	21 Jan 2010 09:00:42 -0000	1.189
@@ -69,7 +69,7 @@
 Summary: An open source implementation of SSH protocol versions 1 and 2
 Name: openssh
 Version: 5.3p1
-Release: 17%{?dist}%{?rescue_rel}
+Release: 18%{?dist}%{?rescue_rel}
 URL: http://www.openssh.com/portable.html
 #URL1: http://pamsshauth.sourceforge.net
 #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
@@ -527,6 +527,9 @@ fi
 %endif
 
 %changelog
+* Thu Jan 21 2010 Jan F. Chadima <jchadima at redhat.com> - 5.3p1-18
+- optimized RAND_cleanup patch (#557166)
+
 * Wed Jan 20 2010 Jan F. Chadima <jchadima at redhat.com> - 5.3p1-17
 - add RAND_cleanup at the exit of each program using RAND (#557166)
 

