* New upstream release (http://www.openssh.org/txt/release-5.7):

- Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. - sftp(1)/sftp-server(8): add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command. - scp(1): Add a new -3 option to scp: Copies between two remote hosts are transferred through the local host (closes: #508613). - ssh(1): "atomically" create the listening mux socket by binding it on a temporary name and then linking it into position after listen() has succeeded. This allows the mux clients to determine that the server socket is either ready or stale without races (closes: #454784). Stale server sockets are now automatically removed (closes: #523250). - ssh(1): install a SIGCHLD handler to reap expired child process (closes: #594687). - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent temporary directories (closes: #357469, although only if you arrange for ssh-agent to actually see $TMPDIR since the setgid bit will cause it to be stripped off).
author: Colin Watson <cjwatson@debian.org> 2011-01-24 12:43:25 +0000
committer: Colin Watson <cjwatson@debian.org> 2011-01-24 12:43:25 +0000
commit: 626f1d986ff72aa514da63e34744e1de9cf21b9a (patch)
tree: d215a5280bc2e57251e4a9e08bfd3674ad824a94 /debian/patches/selinux-role.patch
parent: 6ed622cb6fe8f71bbe0d998cdd12280410bfb420 (diff)
parent: 0970072c89b079b022538e3c366fbfa2c53fc821 (diff)
1 files changed, 5 insertions, 6 deletions
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index 8a7e7c687..74cd06201 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -33,7 +33,7 @@ Index: b/auth1.c
        /* Get the name of the user that we wish to log in as. */
        packet_read_expect(SSH_CMSG_USER);
 @@ -392,11 +392,17 @@
-        user = packet_get_string(&ulen);
+        user = packet_get_cstring(&ulen);
        packet_check_eom();
 
 +       if ((role = strchr(user, '/')) != NULL)
@@ -173,7 +173,7 @@ Index: b/monitor_wrap.c
 ===================================================================
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -279,10 +279,10 @@
+@@ -280,10 +280,10 @@
        return (banner);
 }
 
@@ -186,7 +186,7 @@ Index: b/monitor_wrap.c
 {
        Buffer m;
 
-@@ -291,12 +291,30 @@
+@@ -292,11 +292,29 @@
        buffer_init(&m);
        buffer_put_cstring(&m, service);
        buffer_put_cstring(&m, style ? style : "");
@@ -196,7 +196,7 @@ Index: b/monitor_wrap.c
 
        buffer_free(&m);
 }
- 
+
 +/* Inform the privileged process about role */
 +
 +void
@@ -213,10 +213,9 @@ Index: b/monitor_wrap.c
 +
 +       buffer_free(&m);
 +}
-+
+ 
 /* Do the password authentication */
 int
- mm_auth_password(Authctxt *authctxt, char *password)
 Index: b/monitor_wrap.h
 ===================================================================
 --- a/monitor_wrap.h
author	Colin Watson <cjwatson@debian.org>	2011-01-24 12:43:25 +0000
committer	Colin Watson <cjwatson@debian.org>	2011-01-24 12:43:25 +0000
commit	626f1d986ff72aa514da63e34744e1de9cf21b9a (patch)
tree	d215a5280bc2e57251e4a9e08bfd3674ad824a94 /debian/patches/selinux-role.patch
parent	6ed622cb6fe8f71bbe0d998cdd12280410bfb420 (diff)
parent	0970072c89b079b022538e3c366fbfa2c53fc821 (diff)

diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch index 8a7e7c687..74cd06201 100644 --- a/debian/patches/selinux-role.patch +++ b/debian/patches/selinux-role.patch
@@ -33,7 +33,7 @@ Index: b/auth1.c
33	/* Get the name of the user that we wish to log in as. */	33	/* Get the name of the user that we wish to log in as. */
34	packet_read_expect(SSH_CMSG_USER);	34	packet_read_expect(SSH_CMSG_USER);
35	@@ -392,11 +392,17 @@	35	@@ -392,11 +392,17 @@
36	user = packet_get_string(&ulen);	36	user = packet_get_cstring(&ulen);
37	packet_check_eom();	37	packet_check_eom();
38		38
39	+ if ((role = strchr(user, '/')) != NULL)	39	+ if ((role = strchr(user, '/')) != NULL)
@@ -173,7 +173,7 @@ Index: b/monitor_wrap.c
173	===================================================================	173	===================================================================
174	--- a/monitor_wrap.c	174	--- a/monitor_wrap.c
175	+++ b/monitor_wrap.c	175	+++ b/monitor_wrap.c
176	@@ -279,10 +279,10 @@	176	@@ -280,10 +280,10 @@
177	return (banner);	177	return (banner);
178	}	178	}
179		179
@@ -186,7 +186,7 @@ Index: b/monitor_wrap.c
186	{	186	{
187	Buffer m;	187	Buffer m;
188		188
189	@@ -291,12 +291,30 @@	189	@@ -292,11 +292,29 @@
190	buffer_init(&m);	190	buffer_init(&m);
191	buffer_put_cstring(&m, service);	191	buffer_put_cstring(&m, service);
192	buffer_put_cstring(&m, style ? style : "");	192	buffer_put_cstring(&m, style ? style : "");
@@ -196,7 +196,7 @@ Index: b/monitor_wrap.c
196		196
197	buffer_free(&m);	197	buffer_free(&m);
198	}	198	}
199		199	+
200	+/* Inform the privileged process about role */	200	+/* Inform the privileged process about role */
201	+	201	+
202	+void	202	+void
@@ -213,10 +213,9 @@ Index: b/monitor_wrap.c
213	+	213	+
214	+ buffer_free(&m);	214	+ buffer_free(&m);
215	+}	215	+}
216	+	216
217	/* Do the password authentication */	217	/* Do the password authentication */
218	int	218	int
219	mm_auth_password(Authctxt authctxt, char password)
220	Index: b/monitor_wrap.h	219	Index: b/monitor_wrap.h
221	===================================================================	220	===================================================================
222	--- a/monitor_wrap.h	221	--- a/monitor_wrap.h