Log message:
Don't always try to create ecdsa key which depends on OpenSSL's version.

Bump PKGREVISION.

Log message:
Maintenance of openssh pacakge:

1. Add support for check and create ECDSA host key for SSH protocol
   version 2.

2. Disable use of strnvis(3) on NetBSD.  NetBSD current after 2011/03/12
   has strnvis(3), but it has different argument from OpenBSD (and other
   system).

Bump PKGREVISION.

Log message:
Update openssh package to 5.8.2 (5.8p2).

20110403
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Prepare for 5.8p2 release.
 - (djm) [version.h] crank version
 - Release 5.8p2

20110329
 - (djm) [entropy.c] closefrom() before running ssh-rand-helper; leftover fds
   noticed by tmraz AT redhat.com

20110221
 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
   Cygwin-specific service installer script ssh-host-config.  The actual
   functionality is the same, the revisited version is just more
   exact when it comes to check for problems which disallow to run
   certain aspects of the script.  So, part of this script and the also
   rearranged service helper script library "csih" is to check if all
   the tools required to run the script are available on the system.
   The new script also is more thorough to inform the user why the
   script failed.  Patch from vinschen at redhat com.

20110206
 - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
   selinux code.  Patch from Leonardo Chiquitto
 - (dtucker) [contrib/cygwin/ssh-{host,user}-config]  Add ECDSA key
   generation and simplify.  Patch from Corinna Vinschen.

Log message:
Update openssh package to 5.8.1 (5.8p1).

For changes from 5.5 to 5.7, please refer http://openssh.com/txt/release-5.7
and http://openssh.com/txt/release-5.6 in detail.

Changes since OpenSSH 5.7
=========================

Security:

 * Fix vulnerability in legacy certificate signing introduced in
   OpenSSH-5.6 and found by Mateusz Kocielski.

   Legacy certificates signed by OpenSSH 5.6 or 5.7 included data from
   the stack in place of a random nonce field. The contents of the stack
   do not appear to contain private data at this point, but this cannot
   be stated with certainty for all platform, library and compiler
   combinations. In particular, there exists a risk that some bytes from
   the privileged CA key may be accidentally included.

   A full advisory for this issue is available at:
   http://www.openssh.com/txt/legacy-cert.adv

Portable OpenSSH Bugfixes:

 * Fix compilation failure when enableing SELinux support.

 * Do not attempt to call SELinux functions when SELinux is disabled.
   bz#1851

Log message:
Fixes build on SUA.
* header file location of libbind is differ than SFU.
* treat all Interxi as same, not only interix3.

Log message:
Add hpn-patch for OpenSSH 5.5p1.

No PKGREVISION bump since this option never worked
with OpenSSH 5.5p1 before.

Log message:
Updated security/openssh to 5.5.1

Lots of changes, including

 * After a transition period of about 10 years, this release disables
   SSH protocol 1 by default. Clients and servers that need to use the
   legacy protocol must explicitly enable it in ssh_config / sshd_config
   or on the command-line.

 * Remove the libsectok/OpenSC-based smartcard code and add support for
   PKCS#11 tokens. This support is automatically enabled on all
   platforms that support dlopen(3) and was inspired by patches written
   by Alon Bar-Lev. Details in the ssh(1) and ssh-add(1) manpages.

 * Add support for certificate authentication of users and hosts using a
   new, minimal OpenSSH certificate format (not X.509). Certificates
   contain a public key, identity information and some validity
   constraints and are signed with a standard SSH public key using
   ssh-keygen(1). CA keys may be marked as trusted in authorized_keys
   or via a TrustedUserCAKeys option in sshd_config(5) (for user
   authentication), or in known_hosts (for host authentication).

   Documentation for certificate support may be found in ssh-keygen(1),
   sshd(8) and ssh(1) and a description of the protocol extensions in
   PROTOCOL.certkeys.

 * Added a 'netcat mode' to ssh(1): "ssh -W host:port ..." This connects
   stdio on the client to a single port forward on the server. This
   allows, for example, using ssh as a ProxyCommand to route connections
   via intermediate servers. bz#1618

Log message:
remove pacnet mirror. service down.

Log message:
Regenerated some of the patches.

Log message:
Add checksum for hpn-patch.