Merge 6.5p1.

* New upstream release (http://www.openssh.com/txt/release-6.5, LP: #1275068): - ssh(1): Add support for client-side hostname canonicalisation using a set of DNS suffixes and rules in ssh_config(5). This allows unqualified names to be canonicalised to fully-qualified domain names to eliminate ambiguity when looking up keys in known_hosts or checking host certificate names (closes: #115286).
author: Colin Watson <cjwatson@debian.org> 2014-02-10 00:27:24 +0000
committer: Colin Watson <cjwatson@debian.org> 2014-02-10 02:40:28 +0000
commit: a2b8818c5d21cfcba443625251f691a2ea3a29c7 (patch)
tree: 8fe1fe448cde57eecf71a7bcd57186661b90313f /debian/patches/debian-banner.patch
parent: d399ecd8eb7d4aed3b7ba0d2727e619607fb901b (diff)
parent: ee8d8b97cc2c6081df3af453a228992b87309ec4 (diff)
1 files changed, 12 insertions, 12 deletions
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index 8edc27f70..4cae13961 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
-From e1e1e23ca98c59a031217da0ea50b70de5427683 Mon Sep 17 00:00:00 2001
+From 68ebfc0e90ceb0f7b24dfb38979df6a80b7ec9e4 Mon Sep 17 00:00:00 2001
 From: Kees Cook <kees@debian.org>
 Date: Sun, 9 Feb 2014 16:10:06 +0000
 Subject: Add DebianBanner server configuration option
@@ -19,10 +19,10 @@ Patch-Name: debian-banner.patch
 4 files changed, 18 insertions(+), 1 deletion(-)
 diff --git a/servconf.c b/servconf.c
-index dcb8caf..802db1d 100644
+index 65f71ad..63ff4ff 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -156,6 +156,7 @@ initialize_server_options(ServerOptions *options)
+@@ -157,6 +157,7 @@ initialize_server_options(ServerOptions *options)
        options->ip_qos_interactive = -1;
        options->ip_qos_bulk = -1;
        options->version_addendum = NULL;
@@ -30,7 +30,7 @@ index dcb8caf..802db1d 100644
 }
 
 void
-@@ -307,6 +308,8 @@ fill_default_server_options(ServerOptions *options)
+@@ -312,6 +313,8 @@ fill_default_server_options(ServerOptions *options)
                options->ip_qos_bulk = IPTOS_THROUGHPUT;
        if (options->version_addendum == NULL)
                options->version_addendum = xstrdup("");
@@ -39,7 +39,7 @@ index dcb8caf..802db1d 100644
        /* Turn privilege separation on by default */
        if (use_privsep == -1)
                use_privsep = PRIVSEP_NOSANDBOX;
-@@ -357,6 +360,7 @@ typedef enum {
+@@ -362,6 +365,7 @@ typedef enum {
        sKexAlgorithms, sIPQoS, sVersionAddendum,
        sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
        sAuthenticationMethods, sHostKeyAgent,
@@ -47,7 +47,7 @@ index dcb8caf..802db1d 100644
        sDeprecated, sUnsupported
 } ServerOpCodes;
 
-@@ -498,6 +502,7 @@ static struct {
+@@ -504,6 +508,7 @@ static struct {
        { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
        { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
        { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
@@ -55,7 +55,7 @@ index dcb8caf..802db1d 100644
        { NULL, sBadOption, 0 }
 };
 
-@@ -1641,6 +1646,10 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -1666,6 +1671,10 @@ process_server_config_line(ServerOptions *options, char *line,
                }
                return 0;
 
@@ -67,10 +67,10 @@ index dcb8caf..802db1d 100644
                logit("%s line %d: Deprecated option %s",
                    filename, linenum, arg);
 diff --git a/servconf.h b/servconf.h
-index ab6e346..1891a95 100644
+index eba76ee..98d68ce 100644
 --- a/servconf.h
 +++ b/servconf.h
-@@ -187,6 +187,8 @@ typedef struct {
+@@ -188,6 +188,8 @@ typedef struct {
 
        u_int   num_auth_methods;
        char   *auth_methods[MAX_AUTH_METHODS];
@@ -80,7 +80,7 @@ index ab6e346..1891a95 100644
 
 /* Information about the incoming connection as used by Match */
 diff --git a/sshd.c b/sshd.c
-index 46ec1a7..63b9357 100644
+index 82168a1..c49a877 100644
 --- a/sshd.c
 +++ b/sshd.c
 @@ -440,7 +440,8 @@ sshd_exchange_identification(int sock_in, int sock_out)
@@ -94,10 +94,10 @@ index 46ec1a7..63b9357 100644
            options.version_addendum, newline);
 
 diff --git a/sshd_config.5 b/sshd_config.5
-index e29604a..50eec53 100644
+index 39643de..bdca797 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -404,6 +404,11 @@ or
+@@ -413,6 +413,11 @@ or
 .Dq no .
 The default is
 .Dq delayed .
author	Colin Watson <cjwatson@debian.org>	2014-02-10 00:27:24 +0000
committer	Colin Watson <cjwatson@debian.org>	2014-02-10 02:40:28 +0000
commit	a2b8818c5d21cfcba443625251f691a2ea3a29c7 (patch)
tree	8fe1fe448cde57eecf71a7bcd57186661b90313f /debian/patches/debian-banner.patch
parent	d399ecd8eb7d4aed3b7ba0d2727e619607fb901b (diff)
parent	ee8d8b97cc2c6081df3af453a228992b87309ec4 (diff)

diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch index 8edc27f70..4cae13961 100644 --- a/debian/patches/debian-banner.patch +++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
1	From e1e1e23ca98c59a031217da0ea50b70de5427683 Mon Sep 17 00:00:00 2001	1	From 68ebfc0e90ceb0f7b24dfb38979df6a80b7ec9e4 Mon Sep 17 00:00:00 2001
2	From: Kees Cook <kees@debian.org>	2	From: Kees Cook <kees@debian.org>
3	Date: Sun, 9 Feb 2014 16:10:06 +0000	3	Date: Sun, 9 Feb 2014 16:10:06 +0000
4	Subject: Add DebianBanner server configuration option	4	Subject: Add DebianBanner server configuration option
@@ -19,10 +19,10 @@ Patch-Name: debian-banner.patch
19	4 files changed, 18 insertions(+), 1 deletion(-)	19	4 files changed, 18 insertions(+), 1 deletion(-)
20		20
21	diff --git a/servconf.c b/servconf.c	21	diff --git a/servconf.c b/servconf.c
22	index dcb8caf..802db1d 100644	22	index 65f71ad..63ff4ff 100644
23	--- a/servconf.c	23	--- a/servconf.c
24	+++ b/servconf.c	24	+++ b/servconf.c
25	@@ -156,6 +156,7 @@ initialize_server_options(ServerOptions *options)	25	@@ -157,6 +157,7 @@ initialize_server_options(ServerOptions *options)
26	options->ip_qos_interactive = -1;	26	options->ip_qos_interactive = -1;
27	options->ip_qos_bulk = -1;	27	options->ip_qos_bulk = -1;
28	options->version_addendum = NULL;	28	options->version_addendum = NULL;
@@ -30,7 +30,7 @@ index dcb8caf..802db1d 100644
30	}	30	}
31		31
32	void	32	void
33	@@ -307,6 +308,8 @@ fill_default_server_options(ServerOptions *options)	33	@@ -312,6 +313,8 @@ fill_default_server_options(ServerOptions *options)
34	options->ip_qos_bulk = IPTOS_THROUGHPUT;	34	options->ip_qos_bulk = IPTOS_THROUGHPUT;
35	if (options->version_addendum == NULL)	35	if (options->version_addendum == NULL)
36	options->version_addendum = xstrdup("");	36	options->version_addendum = xstrdup("");
@@ -39,7 +39,7 @@ index dcb8caf..802db1d 100644
39	/* Turn privilege separation on by default */	39	/* Turn privilege separation on by default */
40	if (use_privsep == -1)	40	if (use_privsep == -1)
41	use_privsep = PRIVSEP_NOSANDBOX;	41	use_privsep = PRIVSEP_NOSANDBOX;
42	@@ -357,6 +360,7 @@ typedef enum {	42	@@ -362,6 +365,7 @@ typedef enum {
43	sKexAlgorithms, sIPQoS, sVersionAddendum,	43	sKexAlgorithms, sIPQoS, sVersionAddendum,
44	sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,	44	sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
45	sAuthenticationMethods, sHostKeyAgent,	45	sAuthenticationMethods, sHostKeyAgent,
@@ -47,7 +47,7 @@ index dcb8caf..802db1d 100644
47	sDeprecated, sUnsupported	47	sDeprecated, sUnsupported
48	} ServerOpCodes;	48	} ServerOpCodes;
49		49
50	@@ -498,6 +502,7 @@ static struct {	50	@@ -504,6 +508,7 @@ static struct {
51	{ "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },	51	{ "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
52	{ "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },	52	{ "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
53	{ "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },	53	{ "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
@@ -55,7 +55,7 @@ index dcb8caf..802db1d 100644
55	{ NULL, sBadOption, 0 }	55	{ NULL, sBadOption, 0 }
56	};	56	};
57		57
58	@@ -1641,6 +1646,10 @@ process_server_config_line(ServerOptions options, char line,	58	@@ -1666,6 +1671,10 @@ process_server_config_line(ServerOptions options, char line,
59	}	59	}
60	return 0;	60	return 0;
61		61
@@ -67,10 +67,10 @@ index dcb8caf..802db1d 100644
67	logit("%s line %d: Deprecated option %s",	67	logit("%s line %d: Deprecated option %s",
68	filename, linenum, arg);	68	filename, linenum, arg);
69	diff --git a/servconf.h b/servconf.h	69	diff --git a/servconf.h b/servconf.h
70	index ab6e346..1891a95 100644	70	index eba76ee..98d68ce 100644
71	--- a/servconf.h	71	--- a/servconf.h
72	+++ b/servconf.h	72	+++ b/servconf.h
73	@@ -187,6 +187,8 @@ typedef struct {	73	@@ -188,6 +188,8 @@ typedef struct {
74		74
75	u_int num_auth_methods;	75	u_int num_auth_methods;
76	char *auth_methods[MAX_AUTH_METHODS];	76	char *auth_methods[MAX_AUTH_METHODS];
@@ -80,7 +80,7 @@ index ab6e346..1891a95 100644
80		80
81	/* Information about the incoming connection as used by Match */	81	/* Information about the incoming connection as used by Match */
82	diff --git a/sshd.c b/sshd.c	82	diff --git a/sshd.c b/sshd.c
83	index 46ec1a7..63b9357 100644	83	index 82168a1..c49a877 100644
84	--- a/sshd.c	84	--- a/sshd.c
85	+++ b/sshd.c	85	+++ b/sshd.c
86	@@ -440,7 +440,8 @@ sshd_exchange_identification(int sock_in, int sock_out)	86	@@ -440,7 +440,8 @@ sshd_exchange_identification(int sock_in, int sock_out)
@@ -94,10 +94,10 @@ index 46ec1a7..63b9357 100644
94	options.version_addendum, newline);	94	options.version_addendum, newline);
95		95
96	diff --git a/sshd_config.5 b/sshd_config.5	96	diff --git a/sshd_config.5 b/sshd_config.5
97	index e29604a..50eec53 100644	97	index 39643de..bdca797 100644
98	--- a/sshd_config.5	98	--- a/sshd_config.5
99	+++ b/sshd_config.5	99	+++ b/sshd_config.5
100	@@ -404,6 +404,11 @@ or	100	@@ -413,6 +413,11 @@ or
101	.Dq no .	101	.Dq no .
102	The default is	102	The default is
103	.Dq delayed .	103	.Dq delayed .