From 503d54d1f8ca495aebbfde3d3796be523c3fd658 Mon Sep 17 00:00:00 2001
From: Jing Zhang <renyu.zj@linux.alibaba.com>
Date: Wed, 19 Apr 2023 11:31:26 +0800
Subject: [PATCH] Remove several irrelevant patches

Signed-off-by: Jing Zhang <renyu.zj@linux.alibaba.com>
---
 openssh-5.9p1-ipv6man.patch        | 24 --------
 openssh-7.2p2-s390-closefrom.patch | 52 ----------------
 openssh-8.7p1-ibmca.patch          | 11 ----
 openssh.spec                       | 98 +++++++++++++++---------------
 4 files changed, 49 insertions(+), 136 deletions(-)
 delete mode 100644 openssh-5.9p1-ipv6man.patch
 delete mode 100644 openssh-7.2p2-s390-closefrom.patch
 delete mode 100644 openssh-8.7p1-ibmca.patch

diff --git a/openssh-5.9p1-ipv6man.patch b/openssh-5.9p1-ipv6man.patch
deleted file mode 100644
index ece1a73..0000000
--- a/openssh-5.9p1-ipv6man.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -up openssh-5.9p0/ssh.1.ipv6man openssh-5.9p0/ssh.1
---- openssh-5.9p0/ssh.1.ipv6man	2011-08-05 22:17:32.000000000 +0200
-+++ openssh-5.9p0/ssh.1	2011-08-31 13:08:34.880024485 +0200
-@@ -1400,6 +1400,8 @@ manual page for more information.
- .Nm
- exits with the exit status of the remote command or with 255
- if an error occurred.
-+.Sh IPV6
-+IPv6 address can be used everywhere where IPv4 address. In all entries must be the IPv6 address enclosed in square brackets. Note: The square brackets are metacharacters for the shell and must be escaped in shell.
- .Sh SEE ALSO
- .Xr scp 1 ,
- .Xr sftp 1 ,
-diff -up openssh-5.9p0/sshd.8.ipv6man openssh-5.9p0/sshd.8
---- openssh-5.9p0/sshd.8.ipv6man	2011-08-05 22:17:32.000000000 +0200
-+++ openssh-5.9p0/sshd.8	2011-08-31 13:10:34.129039094 +0200
-@@ -940,6 +940,8 @@ concurrently for different ports, this c
- started last).
- The content of this file is not sensitive; it can be world-readable.
- .El
-+.Sh IPV6
-+IPv6 address can be used everywhere where IPv4 address. In all entries must be the IPv6 address enclosed in square brackets. Note: The square brackets are metacharacters for the shell and must be escaped in shell.
- .Sh SEE ALSO
- .Xr scp 1 ,
- .Xr sftp 1 ,
diff --git a/openssh-7.2p2-s390-closefrom.patch b/openssh-7.2p2-s390-closefrom.patch
deleted file mode 100644
index 363538c..0000000
--- a/openssh-7.2p2-s390-closefrom.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-Zseries only: Leave the hardware filedescriptors open.
-
-All filedescriptors above 2 are getting closed when a new
-sshd process to handle a new client connection is
-spawned. As the process also chroot into an empty filesystem
-without any device nodes, there is no chance to reopen the
-files. This patch filters out the reqired fds in the
-closefrom function so these are skipped in the close loop.
-
-Author: Harald Freudenberger <freude@de.ibm.com>
-
----
- openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
- 1 file changed, 26 insertions(+)
-
---- a/openbsd-compat/bsd-closefrom.c
-+++ b/openbsd-compat/bsd-closefrom.c
-@@ -82,7 +82,33 @@ closefrom(int lowfd)
- 	    fd = strtol(dent->d_name, &endp, 10);
- 	    if (dent->d_name != endp && *endp == '\0' &&
- 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
-+#ifdef __s390__
-+		{
-+		    /*
-+		     * the filedescriptors used to communicate with
-+		     * the device drivers to provide hardware support
-+		     * should survive. HF <freude@de.ibm.com>
-+		     */
-+		    char fpath[PATH_MAX], lpath[PATH_MAX];
-+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
-+				   fdpath, dent->d_name);
-+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
-+			len = readlink(fpath, lpath, sizeof(lpath));
-+			if (len > 0) {
-+			    lpath[len] = 0;
-+			    if (strstr(lpath, "dev/z90crypt")
-+				|| strstr(lpath, "dev/zcrypt")
-+				|| strstr(lpath, "dev/prandom")
-+				|| strstr(lpath, "dev/shm/icastats"))
-+				fd = -1;
-+			}
-+		    }
-+		    if (fd >= 0)
-+			(void) close((int) fd);
-+		}
-+#else
- 		(void) close((int) fd);
-+#endif
- 	}
- 	(void) closedir(dirp);
- 	return;
-
diff --git a/openssh-8.7p1-ibmca.patch b/openssh-8.7p1-ibmca.patch
deleted file mode 100644
index 88914bf..0000000
--- a/openssh-8.7p1-ibmca.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- openssh-8.7p1/openbsd-compat/bsd-closefrom.c.orig	2022-04-12 15:47:03.815044607 +0200
-+++ openssh-8.7p1/openbsd-compat/bsd-closefrom.c	2022-04-12 15:48:12.464963511 +0200
-@@ -16,7 +16,7 @@
- 
- #include "includes.h"
- 
--#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM)
-+#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) || (defined __s390__)
- 
- #include <sys/types.h>
- #include <unistd.h>
diff --git a/openssh.spec b/openssh.spec
index ff3a540..1768d9d 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -1,4 +1,4 @@
-%define anolis_release 5
+%define anolis_release 6
 %global _hardened_build 1
 %global sysconfig_anaconda /etc/sysconfig/sshd-permitrootlogin
 
@@ -41,54 +41,51 @@ Patch300: openssh-7.8p1-role-mls.patch
 Patch301: openssh-6.6p1-privsep-selinux.patch
 Patch302: openssh-6.6p1-keycat.patch
 Patch303: openssh-6.6p1-allow-ip-opts.patch
-Patch304: openssh-5.9p1-ipv6man.patch
-Patch305: openssh-5.8p2-sigpipe.patch
-Patch306: openssh-7.2p2-x11.patch
-Patch307: openssh-5.1p1-askpass-progress.patch
-Patch308: openssh-4.3p2-askpass-grab-info.patch
-Patch309: openssh-7.7p1-anolis.patch
-Patch310: openssh-7.8p1-UsePAM-warning.patch
-Patch311: openssh-6.3p1-ctr-evp-fast.patch
-Patch312: openssh-8.0p1-gssapi-keyex.patch
-Patch313: openssh-6.6p1-force_krb.patch
-Patch314: openssh-7.7p1-gssapi-new-unique.patch
-Patch315: openssh-7.2p2-k5login_directory.patch
-Patch316: openssh-6.6p1-kuserok.patch
-Patch317: openssh-6.4p1-fromto-remote.patch
-Patch318: openssh-6.6.1p1-selinux-contexts.patch
-Patch319: openssh-6.6.1p1-log-in-chroot.patch
-Patch320: openssh-6.6.1p1-scp-non-existing-directory.patch
-Patch321: openssh-6.6p1-GSSAPIEnablek5users.patch
-Patch322: openssh-6.8p1-sshdT-output.patch
-Patch323: openssh-6.7p1-sftp-force-permission.patch
-Patch324: openssh-7.2p2-s390-closefrom.patch
-Patch325: openssh-7.3p1-x11-max-displays.patch
-Patch326: openssh-7.4p1-systemd.patch
-Patch327: openssh-7.6p1-cleanup-selinux.patch
-Patch328: openssh-7.5p1-sandbox.patch
-Patch329: openssh-8.0p1-pkcs11-uri.patch
-Patch330: openssh-7.8p1-scp-ipv6.patch
-Patch331: openssh-8.0p1-crypto-policies.patch
-Patch332: openssh-8.0p1-openssl-evp.patch
-Patch333: openssh-8.0p1-openssl-kdf.patch
-Patch334: openssh-8.2p1-visibility.patch
-Patch335: openssh-8.2p1-x11-without-ipv6.patch
-Patch336: openssh-8.0p1-keygen-strip-doseol.patch
-Patch337: openssh-8.0p1-preserve-pam-errors.patch
-Patch338: openssh-8.7p1-scp-kill-switch.patch
-Patch339: openssh-8.7p1-recursive-scp.patch
-Patch340: openssh-8.7p1-minrsabits.patch
-Patch341: openssh-8.7p1-evpgenkey.patch
-Patch342: openssh-8.7p1-ibmca.patch
-Patch343: openssh-7.6p1-audit.patch
-Patch344: openssh-7.1p2-audit-race-condition.patch
-Patch345: openssh-7.7p1-fips.patch
-Patch346: openssh-8.7p1-scp-clears-file.patch
-Patch347: openssh-8.7p1-ssh-manpage.patch
-Patch348: openssh-8.7p1-mem-leak.patch
-Patch349: openssh-8.7p1-gssapi-auth.patch
-Patch350: openssh-8.7p1-negotiate-supported-algs.patch
-Patch351: openssh-6.7p1-coverity.patch
+Patch304: openssh-5.8p2-sigpipe.patch
+Patch305: openssh-7.2p2-x11.patch
+Patch306: openssh-5.1p1-askpass-progress.patch
+Patch307: openssh-4.3p2-askpass-grab-info.patch
+Patch308: openssh-7.7p1-anolis.patch
+Patch309: openssh-7.8p1-UsePAM-warning.patch
+Patch310: openssh-6.3p1-ctr-evp-fast.patch
+Patch311: openssh-8.0p1-gssapi-keyex.patch
+Patch312: openssh-6.6p1-force_krb.patch
+Patch313: openssh-7.7p1-gssapi-new-unique.patch
+Patch314: openssh-7.2p2-k5login_directory.patch
+Patch315: openssh-6.6p1-kuserok.patch
+Patch316: openssh-6.4p1-fromto-remote.patch
+Patch317: openssh-6.6.1p1-selinux-contexts.patch
+Patch318: openssh-6.6.1p1-log-in-chroot.patch
+Patch319: openssh-6.6.1p1-scp-non-existing-directory.patch
+Patch320: openssh-6.6p1-GSSAPIEnablek5users.patch
+Patch321: openssh-6.8p1-sshdT-output.patch
+Patch322: openssh-6.7p1-sftp-force-permission.patch
+Patch323: openssh-7.3p1-x11-max-displays.patch
+Patch324: openssh-7.4p1-systemd.patch
+Patch325: openssh-7.6p1-cleanup-selinux.patch
+Patch326: openssh-7.5p1-sandbox.patch
+Patch327: openssh-8.0p1-pkcs11-uri.patch
+Patch328: openssh-7.8p1-scp-ipv6.patch
+Patch329: openssh-8.0p1-crypto-policies.patch
+Patch330: openssh-8.0p1-openssl-evp.patch
+Patch331: openssh-8.0p1-openssl-kdf.patch
+Patch332: openssh-8.2p1-visibility.patch
+Patch333: openssh-8.2p1-x11-without-ipv6.patch
+Patch334: openssh-8.0p1-keygen-strip-doseol.patch
+Patch335: openssh-8.0p1-preserve-pam-errors.patch
+Patch336: openssh-8.7p1-scp-kill-switch.patch
+Patch337: openssh-8.7p1-recursive-scp.patch
+Patch338: openssh-8.7p1-minrsabits.patch
+Patch339: openssh-8.7p1-evpgenkey.patch
+Patch340: openssh-7.6p1-audit.patch
+Patch341: openssh-7.1p2-audit-race-condition.patch
+Patch342: openssh-7.7p1-fips.patch
+Patch343: openssh-8.7p1-scp-clears-file.patch
+Patch344: openssh-8.7p1-ssh-manpage.patch
+Patch345: openssh-8.7p1-mem-leak.patch
+Patch346: openssh-8.7p1-gssapi-auth.patch
+Patch347: openssh-8.7p1-negotiate-supported-algs.patch
+Patch348: openssh-6.7p1-coverity.patch
 
 BuildRequires: autoconf automake make gcc
 BuildRequires: perl-interpreter perl-generators perl-podlators
@@ -445,6 +442,9 @@ test -f %{sysconfig_anaconda} && \
 %doc CREDITS ChangeLog OVERVIEW PROTOCOL*  TODO
 
 %changelog
+* Wed Apr 19 2023 Jing Zhang <renyu.zj@linux.alibaba.com> - 9.0p1-6
+- Remove several irrelevant patches
+
 * Wed Apr 12 2023 Yuanhong Peng <yummypeng@linux.alibaba.com> - 9.0p1-5
 - Refactor the specfile
 
-- 
Gitee