Accept obsolete ssh-vulnkey configuration options

These options were used as part of Debian's response to CVE-2008-0166.
Nearly six years later, we no longer need to continue carrying the bulk
of that patch, but we do need to avoid failing when the associated
configuration options are still present.

Last-Update: 2014-02-09

Patch-Name: ssh-vulnkey-compat.patch

2 files changed, 2 insertions, 0 deletions

diff --git a/readconf.c b/readconf.c
index 7902ef26b..c1c3aae0d 100644
--- a/readconf.c
+++ b/readconf.c
@@ -194,6 +194,7 @@ static struct {
         { "passwordauthentication", oPasswordAuthentication },
         { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
         { "kbdinteractivedevices", oKbdInteractiveDevices },
+        { "useblacklistedkeys", oDeprecated },
         { "rsaauthentication", oRSAAuthentication },
         { "pubkeyauthentication", oPubkeyAuthentication },
         { "dsaauthentication", oPubkeyAuthentication },             /* alias */
diff --git a/servconf.c b/servconf.c
index 14c81fa92..49d3bdc8c 100644
--- a/servconf.c
+++ b/servconf.c
@@ -521,6 +521,7 @@ static struct {
         { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
         { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
         { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
+        { "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL },
         { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
         { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
         { "uselogin", sDeprecated, SSHCFG_GLOBAL },