New upstream release (7.5p1)

author: Colin Watson <cjwatson@debian.org> 2017-04-02 01:26:17 +0100
committer: Colin Watson <cjwatson@debian.org> 2017-04-02 01:54:08 +0100
commit: 20adc7e0fc13ff9c7d270db250aac1fa140e3851 (patch)
tree: 5d9f06b0ff195db88093037d9102f0cdcf3884c6 /debian/patches/selinux-role.patch
parent: af27669f905133925224acc753067dea710881dd (diff)
parent: ec338656a3d6b21bb87f3b6367b232d297f601e5 (diff)
1 files changed, 11 insertions, 11 deletions
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index 98be50fad..ae83d23b0 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -1,4 +1,4 @@
-From a01822fe1c50668ef7918dfd28b1c7e88ff16254 Mon Sep 17 00:00:00 2001
+From e5d3ea2ca423a54b1d53d45252cb7173a15600eb Mon Sep 17 00:00:00 2001
 From: Manoj Srivastava <srivasta@debian.org>
 Date: Sun, 9 Feb 2014 16:09:49 +0000
 Subject: Handle SELinux authorisation roles
@@ -43,11 +43,11 @@ index 338a62da..8c658d16 100644
        char            *info;          /* Extra info for next auth_log */
 #ifdef BSD_AUTH
 diff --git a/auth2.c b/auth2.c
-index ce0d3760..461311bd 100644
+index 946e9235..2f51be23 100644
 --- a/auth2.c
 +++ b/auth2.c
-@@ -216,7 +216,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
+@@ -217,7 +217,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
- {
+        struct ssh *ssh = active_state; /* XXX */
        Authctxt *authctxt = ctxt;
        Authmethod *m = NULL;
 -       char *user, *service, *method, *style = NULL;
@@ -55,7 +55,7 @@ index ce0d3760..461311bd 100644
        int authenticated = 0;
 
        if (authctxt == NULL)
-@@ -228,8 +228,13 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
+@@ -229,8 +229,13 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
        debug("userauth-request for user %s service %s method %s", user, service, method);
        debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
 
@@ -69,7 +69,7 @@ index ce0d3760..461311bd 100644
 
        if (authctxt->attempt++ == 0) {
                /* setup auth context */
-@@ -253,8 +258,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
+@@ -257,8 +262,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
                    use_privsep ? " [net]" : "");
                authctxt->service = xstrdup(service);
                authctxt->style = style ? xstrdup(style) : NULL;
@@ -81,7 +81,7 @@ index ce0d3760..461311bd 100644
                if (auth2_setup_methods_lists(authctxt) != 0)
                        packet_disconnect("no authentication methods enabled");
 diff --git a/monitor.c b/monitor.c
-index 76d9e346..64286a12 100644
+index 506645c7..7452e20e 100644
 --- a/monitor.c
 +++ b/monitor.c
 @@ -127,6 +127,7 @@ int mm_answer_sign(int, Buffer *);
@@ -100,7 +100,7 @@ index 76d9e346..64286a12 100644
     {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
     {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
 #ifdef USE_PAM
-@@ -786,6 +788,7 @@ mm_answer_pwnamallow(int sock, Buffer *m)
+@@ -791,6 +793,7 @@ mm_answer_pwnamallow(int sock, Buffer *m)
 
        /* Allow service/style information on the auth context */
        monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
@@ -108,7 +108,7 @@ index 76d9e346..64286a12 100644
        monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
 
 #ifdef USE_PAM
-@@ -816,14 +819,37 @@ mm_answer_authserv(int sock, Buffer *m)
+@@ -821,14 +824,37 @@ mm_answer_authserv(int sock, Buffer *m)
 
        authctxt->service = buffer_get_string(m, NULL);
        authctxt->style = buffer_get_string(m, NULL);
@@ -148,7 +148,7 @@ index 76d9e346..64286a12 100644
        return (0);
 }
 
-@@ -1458,7 +1484,7 @@ mm_answer_pty(int sock, Buffer *m)
+@@ -1463,7 +1489,7 @@ mm_answer_pty(int sock, Buffer *m)
        res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
        if (res == 0)
                goto error;
@@ -426,7 +426,7 @@ index 98e1dafe..0a31dce4 100644
                       const char *value);
 
 diff --git a/sshd.c b/sshd.c
-index 72d85de1..9aab36c3 100644
+index 38cf9b49..9221632e 100644
 --- a/sshd.c
 +++ b/sshd.c
 @@ -678,7 +678,7 @@ privsep_postauth(Authctxt *authctxt)
author	Colin Watson <cjwatson@debian.org>	2017-04-02 01:26:17 +0100
committer	Colin Watson <cjwatson@debian.org>	2017-04-02 01:54:08 +0100
commit	20adc7e0fc13ff9c7d270db250aac1fa140e3851 (patch)
tree	5d9f06b0ff195db88093037d9102f0cdcf3884c6 /debian/patches/selinux-role.patch
parent	af27669f905133925224acc753067dea710881dd (diff)
parent	ec338656a3d6b21bb87f3b6367b232d297f601e5 (diff)

diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch index 98be50fad..ae83d23b0 100644 --- a/debian/patches/selinux-role.patch +++ b/debian/patches/selinux-role.patch
@@ -1,4 +1,4 @@
1	From a01822fe1c50668ef7918dfd28b1c7e88ff16254 Mon Sep 17 00:00:00 2001	1	From e5d3ea2ca423a54b1d53d45252cb7173a15600eb Mon Sep 17 00:00:00 2001
2	From: Manoj Srivastava <srivasta@debian.org>	2	From: Manoj Srivastava <srivasta@debian.org>
3	Date: Sun, 9 Feb 2014 16:09:49 +0000	3	Date: Sun, 9 Feb 2014 16:09:49 +0000
4	Subject: Handle SELinux authorisation roles	4	Subject: Handle SELinux authorisation roles
@@ -43,11 +43,11 @@ index 338a62da..8c658d16 100644
43	char info; / Extra info for next auth_log */	43	char info; / Extra info for next auth_log */
44	#ifdef BSD_AUTH	44	#ifdef BSD_AUTH
45	diff --git a/auth2.c b/auth2.c	45	diff --git a/auth2.c b/auth2.c
46	index ce0d3760..461311bd 100644	46	index 946e9235..2f51be23 100644
47	--- a/auth2.c	47	--- a/auth2.c
48	+++ b/auth2.c	48	+++ b/auth2.c
49	@@ -216,7 +216,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)	49	@@ -217,7 +217,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
50	{	50	struct ssh ssh = active_state; / XXX */
51	Authctxt *authctxt = ctxt;	51	Authctxt *authctxt = ctxt;
52	Authmethod *m = NULL;	52	Authmethod *m = NULL;
53	- char user, service, method, style = NULL;	53	- char user, service, method, style = NULL;
@@ -55,7 +55,7 @@ index ce0d3760..461311bd 100644
55	int authenticated = 0;	55	int authenticated = 0;
56		56
57	if (authctxt == NULL)	57	if (authctxt == NULL)
58	@@ -228,8 +228,13 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)	58	@@ -229,8 +229,13 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
59	debug("userauth-request for user %s service %s method %s", user, service, method);	59	debug("userauth-request for user %s service %s method %s", user, service, method);
60	debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);	60	debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
61		61
@@ -69,7 +69,7 @@ index ce0d3760..461311bd 100644
69		69
70	if (authctxt->attempt++ == 0) {	70	if (authctxt->attempt++ == 0) {
71	/* setup auth context */	71	/* setup auth context */
72	@@ -253,8 +258,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)	72	@@ -257,8 +262,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
73	use_privsep ? " [net]" : "");	73	use_privsep ? " [net]" : "");
74	authctxt->service = xstrdup(service);	74	authctxt->service = xstrdup(service);
75	authctxt->style = style ? xstrdup(style) : NULL;	75	authctxt->style = style ? xstrdup(style) : NULL;
@@ -81,7 +81,7 @@ index ce0d3760..461311bd 100644
81	if (auth2_setup_methods_lists(authctxt) != 0)	81	if (auth2_setup_methods_lists(authctxt) != 0)
82	packet_disconnect("no authentication methods enabled");	82	packet_disconnect("no authentication methods enabled");
83	diff --git a/monitor.c b/monitor.c	83	diff --git a/monitor.c b/monitor.c
84	index 76d9e346..64286a12 100644	84	index 506645c7..7452e20e 100644
85	--- a/monitor.c	85	--- a/monitor.c
86	+++ b/monitor.c	86	+++ b/monitor.c
87	@@ -127,6 +127,7 @@ int mm_answer_sign(int, Buffer *);	87	@@ -127,6 +127,7 @@ int mm_answer_sign(int, Buffer *);
@@ -100,7 +100,7 @@ index 76d9e346..64286a12 100644
100	{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},	100	{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
101	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},	101	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
102	#ifdef USE_PAM	102	#ifdef USE_PAM
103	@@ -786,6 +788,7 @@ mm_answer_pwnamallow(int sock, Buffer *m)	103	@@ -791,6 +793,7 @@ mm_answer_pwnamallow(int sock, Buffer *m)
104		104
105	/* Allow service/style information on the auth context */	105	/* Allow service/style information on the auth context */
106	monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);	106	monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
@@ -108,7 +108,7 @@ index 76d9e346..64286a12 100644
108	monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);	108	monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
109		109
110	#ifdef USE_PAM	110	#ifdef USE_PAM
111	@@ -816,14 +819,37 @@ mm_answer_authserv(int sock, Buffer *m)	111	@@ -821,14 +824,37 @@ mm_answer_authserv(int sock, Buffer *m)
112		112
113	authctxt->service = buffer_get_string(m, NULL);	113	authctxt->service = buffer_get_string(m, NULL);
114	authctxt->style = buffer_get_string(m, NULL);	114	authctxt->style = buffer_get_string(m, NULL);
@@ -148,7 +148,7 @@ index 76d9e346..64286a12 100644
148	return (0);	148	return (0);
149	}	149	}
150		150
151	@@ -1458,7 +1484,7 @@ mm_answer_pty(int sock, Buffer *m)	151	@@ -1463,7 +1489,7 @@ mm_answer_pty(int sock, Buffer *m)
152	res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));	152	res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
153	if (res == 0)	153	if (res == 0)
154	goto error;	154	goto error;
@@ -426,7 +426,7 @@ index 98e1dafe..0a31dce4 100644
426	const char *value);	426	const char *value);
427		427
428	diff --git a/sshd.c b/sshd.c	428	diff --git a/sshd.c b/sshd.c
429	index 72d85de1..9aab36c3 100644	429	index 38cf9b49..9221632e 100644
430	--- a/sshd.c	430	--- a/sshd.c
431	+++ b/sshd.c	431	+++ b/sshd.c
432	@@ -678,7 +678,7 @@ privsep_postauth(Authctxt *authctxt)	432	@@ -678,7 +678,7 @@ privsep_postauth(Authctxt *authctxt)