New upstream release (6.8p1).

author: Colin Watson <cjwatson@debian.org> 2015-08-19 14:23:51 +0100
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 16:48:11 +0100
commit: 0f0841b2d28b7463267d4d91577e72e3340a1d3a (patch)
tree: ba55fcd2b6e2cc22b30f5afb561dbb3da4c8b6c7 /debian/patches/auth-log-verbosity.patch
parent: f2a5f5dae656759efb0b76c3d94890b65c197a02 (diff)
parent: 8698446b972003b63dfe5dcbdb86acfe986afb85 (diff)
1 files changed, 13 insertions, 13 deletions
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch
index 84a14cfb8..491656be2 100644
--- a/debian/patches/auth-log-verbosity.patch
+++ b/debian/patches/auth-log-verbosity.patch
@@ -1,4 +1,4 @@
-From 1ecd5db58295874d8b9a7ce98fe1880ab08fbcaf Mon Sep 17 00:00:00 2001
+From c9c2ebb4680ea6872218b1e4519fe31a2043a27a Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:02 +0000
 Subject: Quieten logs when multiple from= restrictions are used
@@ -16,10 +16,10 @@ Patch-Name: auth-log-verbosity.patch
 4 files changed, 32 insertions(+), 9 deletions(-)
 diff --git a/auth-options.c b/auth-options.c
-index f3d9c9d..d4d22d7 100644
+index 4f0da9c..3fa236e 100644
 --- a/auth-options.c
 +++ b/auth-options.c
-@@ -54,9 +54,20 @@ int forced_tun_device = -1;
+@@ -58,9 +58,20 @@ int forced_tun_device = -1;
 /* "principals=" option. */
 char *authorized_principals = NULL;
 
@@ -40,7 +40,7 @@ index f3d9c9d..d4d22d7 100644
 auth_clear_options(void)
 {
        no_agent_forwarding_flag = 0;
-@@ -284,10 +295,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
+@@ -288,10 +299,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                /* FALLTHROUGH */
                        case 0:
                                free(patterns);
@@ -58,7 +58,7 @@ index f3d9c9d..d4d22d7 100644
                                auth_debug_add("Your host '%.200s' is not "
                                    "permitted to use this key for login.",
                                    remote_host);
-@@ -511,11 +525,14 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
+@@ -514,11 +528,14 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw,
                                        break;
                                case 0:
                                        /* no match */
@@ -79,7 +79,7 @@ index f3d9c9d..d4d22d7 100644
                                            "is not permitted to use this "
                                            "certificate for login.",
 diff --git a/auth-options.h b/auth-options.h
-index 7455c94..a3f0a02 100644
+index 34852e5..1653855 100644
 --- a/auth-options.h
 +++ b/auth-options.h
 @@ -33,6 +33,7 @@ extern int forced_tun_device;
@@ -89,12 +89,12 @@ index 7455c94..a3f0a02 100644
 +void   auth_start_parse_options(void);
 int    auth_parse_options(struct passwd *, char *, char *, u_long);
 void   auth_clear_options(void);
- int    auth_cert_options(Key *, struct passwd *);
+ int    auth_cert_options(struct sshkey *, struct passwd *);
 diff --git a/auth-rsa.c b/auth-rsa.c
-index e9f4ede..5d7bdcb 100644
+index cbd971b..4cf2163 100644
 --- a/auth-rsa.c
 +++ b/auth-rsa.c
-@@ -179,6 +179,8 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
+@@ -181,6 +181,8 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
        if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)
                return 0;
 
@@ -104,10 +104,10 @@ index e9f4ede..5d7bdcb 100644
         * Go though the accepted keys, looking for the current key.  If
         * found, perform a challenge-response dialog to verify that the
 diff --git a/auth2-pubkey.c b/auth2-pubkey.c
-index f3ca965..f78b046 100644
+index d943efa..0bda5c9 100644
 --- a/auth2-pubkey.c
 +++ b/auth2-pubkey.c
-@@ -263,6 +263,7 @@ match_principals_file(char *file, struct passwd *pw, struct sshkey_cert *cert)
+@@ -282,6 +282,7 @@ match_principals_file(char *file, struct passwd *pw, struct sshkey_cert *cert)
                restore_uid();
                return 0;
        }
@@ -115,7 +115,7 @@ index f3ca965..f78b046 100644
        while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                /* Skip leading whitespace. */
                for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
-@@ -324,6 +325,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
+@@ -343,6 +344,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
        found_key = 0;
 
        found = NULL;
@@ -123,7 +123,7 @@ index f3ca965..f78b046 100644
        while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                char *cp, *key_options = NULL;
                if (found != NULL)
-@@ -459,6 +461,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
+@@ -482,6 +484,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
        if (key_cert_check_authority(key, 0, 1,
            principals_file == NULL ? pw->pw_name : NULL, &reason) != 0)
                goto fail_reason;
author	Colin Watson <cjwatson@debian.org>	2015-08-19 14:23:51 +0100
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 16:48:11 +0100
commit	0f0841b2d28b7463267d4d91577e72e3340a1d3a (patch)
tree	ba55fcd2b6e2cc22b30f5afb561dbb3da4c8b6c7 /debian/patches/auth-log-verbosity.patch
parent	f2a5f5dae656759efb0b76c3d94890b65c197a02 (diff)
parent	8698446b972003b63dfe5dcbdb86acfe986afb85 (diff)

diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch index 84a14cfb8..491656be2 100644 --- a/debian/patches/auth-log-verbosity.patch +++ b/debian/patches/auth-log-verbosity.patch
@@ -1,4 +1,4 @@
1	From 1ecd5db58295874d8b9a7ce98fe1880ab08fbcaf Mon Sep 17 00:00:00 2001	1	From c9c2ebb4680ea6872218b1e4519fe31a2043a27a Mon Sep 17 00:00:00 2001
2	From: Colin Watson <cjwatson@debian.org>	2	From: Colin Watson <cjwatson@debian.org>
3	Date: Sun, 9 Feb 2014 16:10:02 +0000	3	Date: Sun, 9 Feb 2014 16:10:02 +0000
4	Subject: Quieten logs when multiple from= restrictions are used	4	Subject: Quieten logs when multiple from= restrictions are used
@@ -16,10 +16,10 @@ Patch-Name: auth-log-verbosity.patch
16	4 files changed, 32 insertions(+), 9 deletions(-)	16	4 files changed, 32 insertions(+), 9 deletions(-)
17		17
18	diff --git a/auth-options.c b/auth-options.c	18	diff --git a/auth-options.c b/auth-options.c
19	index f3d9c9d..d4d22d7 100644	19	index 4f0da9c..3fa236e 100644
20	--- a/auth-options.c	20	--- a/auth-options.c
21	+++ b/auth-options.c	21	+++ b/auth-options.c
22	@@ -54,9 +54,20 @@ int forced_tun_device = -1;	22	@@ -58,9 +58,20 @@ int forced_tun_device = -1;
23	/* "principals=" option. */	23	/* "principals=" option. */
24	char *authorized_principals = NULL;	24	char *authorized_principals = NULL;
25		25
@@ -40,7 +40,7 @@ index f3d9c9d..d4d22d7 100644
40	auth_clear_options(void)	40	auth_clear_options(void)
41	{	41	{
42	no_agent_forwarding_flag = 0;	42	no_agent_forwarding_flag = 0;
43	@@ -284,10 +295,13 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)	43	@@ -288,10 +299,13 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
44	/* FALLTHROUGH */	44	/* FALLTHROUGH */
45	case 0:	45	case 0:
46	free(patterns);	46	free(patterns);
@@ -58,7 +58,7 @@ index f3d9c9d..d4d22d7 100644
58	auth_debug_add("Your host '%.200s' is not "	58	auth_debug_add("Your host '%.200s' is not "
59	"permitted to use this key for login.",	59	"permitted to use this key for login.",
60	remote_host);	60	remote_host);
61	@@ -511,11 +525,14 @@ parse_option_list(u_char optblob, size_t optblob_len, struct passwd pw,	61	@@ -514,11 +528,14 @@ parse_option_list(struct sshbuf oblob, struct passwd pw,
62	break;	62	break;
63	case 0:	63	case 0:
64	/* no match */	64	/* no match */
@@ -79,7 +79,7 @@ index f3d9c9d..d4d22d7 100644
79	"is not permitted to use this "	79	"is not permitted to use this "
80	"certificate for login.",	80	"certificate for login.",
81	diff --git a/auth-options.h b/auth-options.h	81	diff --git a/auth-options.h b/auth-options.h
82	index 7455c94..a3f0a02 100644	82	index 34852e5..1653855 100644
83	--- a/auth-options.h	83	--- a/auth-options.h
84	+++ b/auth-options.h	84	+++ b/auth-options.h
85	@@ -33,6 +33,7 @@ extern int forced_tun_device;	85	@@ -33,6 +33,7 @@ extern int forced_tun_device;
@@ -89,12 +89,12 @@ index 7455c94..a3f0a02 100644
89	+void auth_start_parse_options(void);	89	+void auth_start_parse_options(void);
90	int auth_parse_options(struct passwd , char , char *, u_long);	90	int auth_parse_options(struct passwd , char , char *, u_long);
91	void auth_clear_options(void);	91	void auth_clear_options(void);
92	int auth_cert_options(Key , struct passwd );	92	int auth_cert_options(struct sshkey , struct passwd );
93	diff --git a/auth-rsa.c b/auth-rsa.c	93	diff --git a/auth-rsa.c b/auth-rsa.c
94	index e9f4ede..5d7bdcb 100644	94	index cbd971b..4cf2163 100644
95	--- a/auth-rsa.c	95	--- a/auth-rsa.c
96	+++ b/auth-rsa.c	96	+++ b/auth-rsa.c
97	@@ -179,6 +179,8 @@ rsa_key_allowed_in_file(struct passwd pw, char file,	97	@@ -181,6 +181,8 @@ rsa_key_allowed_in_file(struct passwd pw, char file,
98	if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)	98	if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)
99	return 0;	99	return 0;
100		100
@@ -104,10 +104,10 @@ index e9f4ede..5d7bdcb 100644
104	* Go though the accepted keys, looking for the current key. If	104	* Go though the accepted keys, looking for the current key. If
105	* found, perform a challenge-response dialog to verify that the	105	* found, perform a challenge-response dialog to verify that the
106	diff --git a/auth2-pubkey.c b/auth2-pubkey.c	106	diff --git a/auth2-pubkey.c b/auth2-pubkey.c
107	index f3ca965..f78b046 100644	107	index d943efa..0bda5c9 100644
108	--- a/auth2-pubkey.c	108	--- a/auth2-pubkey.c
109	+++ b/auth2-pubkey.c	109	+++ b/auth2-pubkey.c
110	@@ -263,6 +263,7 @@ match_principals_file(char file, struct passwd pw, struct sshkey_cert *cert)	110	@@ -282,6 +282,7 @@ match_principals_file(char file, struct passwd pw, struct sshkey_cert *cert)
111	restore_uid();	111	restore_uid();
112	return 0;	112	return 0;
113	}	113	}
@@ -115,7 +115,7 @@ index f3ca965..f78b046 100644
115	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {	115	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
116	/* Skip leading whitespace. */	116	/* Skip leading whitespace. */
117	for (cp = line; cp == ' ' \|\| cp == '\t'; cp++)	117	for (cp = line; cp == ' ' \|\| cp == '\t'; cp++)
118	@@ -324,6 +325,7 @@ check_authkeys_file(FILE f, char file, Key* key, struct passwd *pw)	118	@@ -343,6 +344,7 @@ check_authkeys_file(FILE f, char file, Key* key, struct passwd *pw)
119	found_key = 0;	119	found_key = 0;
120		120
121	found = NULL;	121	found = NULL;
@@ -123,7 +123,7 @@ index f3ca965..f78b046 100644
123	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {	123	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
124	char cp, key_options = NULL;	124	char cp, key_options = NULL;
125	if (found != NULL)	125	if (found != NULL)
126	@@ -459,6 +461,7 @@ user_cert_trusted_ca(struct passwd pw, Key key)	126	@@ -482,6 +484,7 @@ user_cert_trusted_ca(struct passwd pw, Key key)
127	if (key_cert_check_authority(key, 0, 1,	127	if (key_cert_check_authority(key, 0, 1,
128	principals_file == NULL ? pw->pw_name : NULL, &reason) != 0)	128	principals_file == NULL ? pw->pw_name : NULL, &reason) != 0)
129	goto fail_reason;	129	goto fail_reason;