diff --git a/curl-7.18.2-nss-thread-safety.patch b/curl-7.18.2-nss-thread-safety.patch
index a566598..46857f1 100644
--- a/curl-7.18.2-nss-thread-safety.patch
+++ b/curl-7.18.2-nss-thread-safety.patch
@@ -1,6 +1,6 @@
-diff -u --recursive curl-7.18.2.orig/lib/nss.c curl-7.18.2/lib/nss.c
---- curl-7.18.2.orig/lib/nss.c	2008-05-26 11:02:49.000000000 -0400
-+++ curl-7.18.2/lib/nss.c	2008-09-03 13:33:32.000000000 -0400
+diff -u --recursive curl-7.18.2/lib/nss.c curl-7.18.2.new/lib/nss.c
+--- curl-7.18.2/lib/nss.c	2008-09-16 11:13:00.000000000 -0400
++++ curl-7.18.2.new/lib/nss.c	2008-09-16 11:29:13.000000000 -0400
 @@ -73,6 +73,8 @@
  
  PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
@@ -10,13 +10,11 @@ diff -u --recursive curl-7.18.2.orig/lib/nss.c curl-7.18.2/lib/nss.c
  int initialized = 0;
  
  #define HANDSHAKE_TIMEOUT 30
-@@ -718,9 +720,12 @@
-  * @retval 1 SSL initialized successfully
+@@ -719,8 +721,11 @@
   */
  int Curl_nss_init(void)
--{
+ {
 -  if(!initialized)
-+{ 
 +  /* curl_global_init() is not thread-safe so this test is ok */
 +  if (nss_initlock == NULL) {
      PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256);
@@ -44,8 +42,8 @@ diff -u --recursive curl-7.18.2.orig/lib/nss.c curl-7.18.2/lib/nss.c
    initialized = 0;
  }
  
-@@ -805,7 +820,8 @@
-   curlerr = CURLE_SSL_CONNECT_ERROR;
+@@ -808,7 +823,8 @@
+     return CURLE_OK;
  
    /* FIXME. NSS doesn't support multiple databases open at the same time. */
 -  if(!initialized) {
@@ -54,7 +52,7 @@ diff -u --recursive curl-7.18.2.orig/lib/nss.c curl-7.18.2/lib/nss.c
      initialized = 1;
  
      certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
-@@ -829,8 +845,11 @@
+@@ -832,6 +848,8 @@
      if(rv != SECSuccess) {
        infof(conn->data, "Unable to initialize NSS database\n");
        curlerr = CURLE_SSL_CACERT_BADFILE;
@@ -62,7 +60,13 @@ diff -u --recursive curl-7.18.2.orig/lib/nss.c curl-7.18.2/lib/nss.c
 +      initialized = 0;
        goto error;
      }
-+    PR_Unlock(nss_initlock);
  
-     NSS_SetDomesticPolicy();
+@@ -854,6 +872,7 @@
+     }
+ #endif
+   }
++  PR_Unlock(nss_initlock);
  
+   model = PR_NewTCPSocket();
+   if(!model)
+Only in curl-7.18.2.new/lib: nss.c.orig
diff --git a/curl.spec b/curl.spec
index e1a5c9a..c3bc102 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.18.2
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.bz2
@@ -13,7 +13,7 @@ Patch5: curl-7.18.2-nss-thread-safety.patch
 Provides: webclient
 URL: http://curl.haxx.se/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: pkgconfig, libidn-devel, zlib-devel
+BuildRequires: pkgconfig, libidn-devel, zlib-devel, libssh2-devel
 BuildRequires: nss-devel >= 3.11.7-7, openldap-devel, krb5-devel
 
 %description
@@ -64,7 +64,7 @@ export CPPFLAGS="$(pkg-config --cflags nss) -DHAVE_PK11_CREATEGENERICOBJECT"
 %configure --without-ssl --with-nss=%{_prefix} --enable-ipv6 \
 	--with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt \
 	--with-gssapi=%{_prefix}/kerberos --with-libidn \
-	--enable-ldaps --disable-static
+	--enable-ldaps --disable-static --with-libssh2
 sed -i -e 's,-L/usr/lib ,,g;s,-L/usr/lib64 ,,g;s,-L/usr/lib$,,g;s,-L/usr/lib64$,,g' \
 	Makefile libcurl.pc
 # Remove bogus rpath
@@ -80,9 +80,11 @@ rm -rf $RPM_BUILD_ROOT
 make DESTDIR=$RPM_BUILD_ROOT INSTALL="%{__install} -p" install
 
 rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
+
 install -d $RPM_BUILD_ROOT/%{_datadir}/aclocal
 install -m 644 docs/libcurl/libcurl.m4 $RPM_BUILD_ROOT/%{_datadir}/aclocal
 
+
 # don't need curl's copy of the certs; use openssl's
 find ${RPM_BUILD_ROOT} -name ca-bundle.crt -exec rm -f '{}' \;
 
@@ -118,6 +120,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Fri Sep 19 2008 Jindrich Novy <jnovy@redhat.com> 7.18.2-6
+- enable support for libssh2 (#453958)
+- update the thread safety patch, thanks to Rob Crittenden (#462217)
+
 * Wed Sep 03 2008 Warren Togami <wtogami@redhat.com> 7.18.2-5
 - add thread safety to libcurl NSS cleanup() functions (#459297)