From a8dc50b17f5341c013d41a8b0b540046103cf679 Mon Sep 17 00:00:00 2001
From: Jan F <jfch@cauvin.jagda.eu>
Date: Thu, 21 Apr 2011 23:27:01 +0200
Subject: [PATCH] the private keys may be 640 root:ssh_keys ssh_keysign is sgid

---
 openssh-5.8p1-keyperm.patch | 2 +-
 openssh.spec                | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/openssh-5.8p1-keyperm.patch b/openssh-5.8p1-keyperm.patch
index 6167c14..af773f7 100644
--- a/openssh-5.8p1-keyperm.patch
+++ b/openssh-5.8p1-keyperm.patch
@@ -17,7 +17,7 @@ diff -up openssh-5.8p1/authfile.c.keyperm openssh-5.8p1/authfile.c
 +		struct group *gr;
 +
 +		if ((gr = getgrnam("ssh_keys")) && (st.st_gid == gr->gr_gid))
-+			st.st_mode &= ~040;
++			st.st-mode &= ~040;
 +	}
 +
  	if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) {
diff --git a/openssh.spec b/openssh.spec
index 7d67582..906e166 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -147,8 +147,9 @@ Patch34: openssh-5.8p1-kuserok.patch
 Patch35: openssh-5.8p1-glob.patch
 #https://bugzilla.mindrot.org/show_bug.cgi?id=1891
 Patch36: openssh-5.8p1-pwchange.patch
-#?
+#https://bugzilla.mindrot.org/show_bug.cgi?id=1893
 Patch37: openssh-5.8p1-keyperm.patch
+
 #?
 Patch50: openssh-5.8p1-fips.patch
 #https://bugzilla.mindrot.org/show_bug.cgi?id=1789