OpenSSH Unix Dev, Mac OS X 10.5 recently shipped with OpenSSH 4.5p1. This build includes a number of patches, some general bug fixes and some platform- specific fixes and enhancements. These patches are available from our open source site (http://www.opensource.apple.com/darwinsource/10.5/OpenSSH-87/ ). Following is a brief description of each patch. We'd be more than happy to see any of these patches integrated into the official portable OpenSSH distribution. AJ-5229538+5383306_keychain.patch Allows users to store key passphrases in the Mac OS X Keychain. DVG+AJ-5370108_fix_globbing_in_Leopard_sftp.patch sftp makes certain assumptions about the behavior of glob(3) that no longer hold on Mac OS X. This patch forces the openbsd-compat implementation. DVG-3977221_manpage_tweaks.patch Removes references to login.conf from sshd_config man page. DVG-4122722+5277818_new_EA.patch & DVG-4648874_preserve_EA_mtime.patch Adds a scp -E option, which preserves HFS+ extended attributes. DVG-4157448+4920695_corrected_UsePAM_comment.patch Corrects comments in sshd_config about using PAM with OpenSSH. DVG-4212542_auth_error_logging_fix.patch Keeps sshd from logging to the console. DVG-4694589_16_group_limit_fix.patch Fixes issue with users in more than 16 groups. DVG-4748610+4897588_ssh-agent_via_launchd.patch Adds support for launching ssh-agent from Mac OS X's launchd. DVG-4808140_getpwuid_botch.patch Fixes a bug where ssh makes calls to getpwuid and expects the returned value to remain unchanged after subsequent calls, which is not guaranteed by POSIX. DVG-4853931_enable_GSSAPI.patch & pam.patch Changes some default settings on Mac OS X. DVG-4853931_enable_GSSAPI_AfterInstall.patch & apple-bsm.patch Unused. DVG-4907495_name_resolution_error_message.patch Improves a generic "System error" message when hostname resolution fails. DVG-5142987_launchd_DISPLAY_for_X11.patch Fixes issue with X11 forwarding on Mac OS X. DVG-5258734_pty_permission_fix.patch & sshpty.c.patch Fixes PTY handling on Mac OS X. bsm.patch Part of BSM support. lastlog.patch Fixes lastlog on Mac OS X. openssh-4.4p1-gsskex-20061002.patch Kerberos GSS Key Exchange support. sacl.patch Service ACL support. - Disco Vince Giffin OS Security Engineer Apple Inc.
On Thu, 13 Dec 2007, Disco Vince Giffin wrote:> OpenSSH Unix Dev, > > Mac OS X 10.5 recently shipped with OpenSSH 4.5p1. This build > includes a number of patches, some general bug fixes and some platform- > specific fixes and enhancements. These patches are available from our > open source site (http://www.opensource.apple.com/darwinsource/10.5/OpenSSH-87/ > ). > Following is a brief description of each patch. We'd be more than > happy to see any of these patches integrated into the official > portable OpenSSH distribution.Thanks! Could you confirm that these patches are being offered under the license of the OpenSSH distribution and not the APSL? -d
If you want any of your patches to be integrated, you should probably start by (1) file Bugzilla reports for each of them at https://bugzilla.mindrot.org/ , and (2) consider updating the patches for the most current release of OpenSSH (which is 4.7p1 as of this writing). Circa 2007-12-13 17:04 dixit Disco Vince Giffin: : OpenSSH Unix Dev, : : Mac OS X 10.5 recently shipped with OpenSSH 4.5p1. This build : includes a number of patches, some general bug fixes and some platform- : specific fixes and enhancements. These patches are available from our : open source site (http://www.opensource.apple.com/darwinsource/10.5/OpenSSH-87/ : ). : Following is a brief description of each patch. We'd be more than : happy to see any of these patches integrated into the official : portable OpenSSH distribution. [...] : - Disco Vince Giffin : OS Security Engineer : Apple Inc. -- jim knoble | jmknoble at pobox.com | http://www.pobox.com/~jmknoble/ (GnuPG key ID: 6F39C2CC >>>>>> http://www.pobox.com/~jmknoble/keys/ ) (GnuPG fingerprint: 5024:D578:7CF4:5660:7269::F6F3:B919:9307:6F39:C2CC) +----------------------------------------------------------------------+ |[L]iberty, as we all know, cannot flourish in a country that is perma-| | nently on a war footing, or even a near-war footing. --Aldous Huxley| +----------------------------------------------------------------------+
Hi, On Dec 13 14:04, Disco Vince Giffin wrote:> DVG-4122722+5277818_new_EA.patch & DVG-4648874_preserve_EA_mtime.patch > Adds a scp -E option, which preserves HFS+ extended attributes.wasn't a decision made not to add any more functionality to scp, especially not adding new command line options? Just curious, Corinna -- Corinna Vinschen Cygwin Project Co-Leader Red Hat