From 857b95ac924a980c60d894148d3c5d41aca8447d Mon Sep 17 00:00:00 2001
From: Andy Ning <andy.ning@windriver.com>
Date: Thu, 22 Mar 2018 11:45:26 -0400
Subject: [PATCH] CGTS-9265: patch to harden server and client config

Replace the hardcoded sshd_config and ssh_config files with patches
to openssh.

Signed-off-by: Andy Ning <andy.ning@windriver.com>
---
 SPECS/openssh.spec | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/SPECS/openssh.spec b/SPECS/openssh.spec
index 442261e..c62e6c8 100644
--- a/SPECS/openssh.spec
+++ b/SPECS/openssh.spec
@@ -251,6 +251,9 @@ Patch959: openssh-7.4p1-authorized_keys_command.patch
 # Fix for CVE-2017-15906 (#1517226)
 Patch960: openssh-7.5p1-sftp-empty-files.patch
 
+# WRS: harden server and client config
+Patch1000: harden-server-and-client-config.patch
+
 License: BSD
 Group: Applications/Internet
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -511,6 +514,9 @@ popd
 
 %patch100 -p1 -b .coverity
 
+# WRS
+%patch1000 -p1 -b .harden
+
 %if 0
 # Nothing here yet
 %endif
-- 
2.7.4