summaryrefslogtreecommitdiff
path: root/debian/patches/ssh-keygen-hash-corruption.patch
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2017-04-02 01:26:17 +0100
committerColin Watson <cjwatson@debian.org>2017-04-02 01:54:08 +0100
commit20adc7e0fc13ff9c7d270db250aac1fa140e3851 (patch)
tree5d9f06b0ff195db88093037d9102f0cdcf3884c6 /debian/patches/ssh-keygen-hash-corruption.patch
parentaf27669f905133925224acc753067dea710881dd (diff)
parentec338656a3d6b21bb87f3b6367b232d297f601e5 (diff)
New upstream release (7.5p1)
Diffstat (limited to 'debian/patches/ssh-keygen-hash-corruption.patch')
-rw-r--r--debian/patches/ssh-keygen-hash-corruption.patch44
1 files changed, 0 insertions, 44 deletions
diff --git a/debian/patches/ssh-keygen-hash-corruption.patch b/debian/patches/ssh-keygen-hash-corruption.patch
deleted file mode 100644
index 7ef3c637c..000000000
--- a/debian/patches/ssh-keygen-hash-corruption.patch
+++ /dev/null
@@ -1,44 +0,0 @@
1From 78800aa252da1ebbfb55f7e593f43c337e694cc3 Mon Sep 17 00:00:00 2001
2From: "djm@openbsd.org" <djm@openbsd.org>
3Date: Fri, 3 Mar 2017 06:13:11 +0000
4Subject: upstream commit
5
6fix ssh-keygen -H accidentally corrupting known_hosts that
7contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
8hostkeys_foreach() when hostname matching is in use, so we need to look for
9the hash marker explicitly.
10
11Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
12
13Origin: https://anongit.mindrot.org/openssh.git/commit/?id=12d3767ba4c84c32150cbe6ff6494498780f12c9
14Bug-Debian: https://bugs.debian.org/851734
15Bug-Ubuntu: https://bugs.launchpad.net/bugs/1668093
16Last-Update: 2017-03-09
17
18Patch-Name: ssh-keygen-hash-corruption.patch
19---
20 ssh-keygen.c | 4 ++--
21 1 file changed, 2 insertions(+), 2 deletions(-)
22
23diff --git a/ssh-keygen.c b/ssh-keygen.c
24index 2a7939bf..0833ee61 100644
25--- a/ssh-keygen.c
26+++ b/ssh-keygen.c
27@@ -1082,6 +1082,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
28 struct known_hosts_ctx *ctx = (struct known_hosts_ctx *)_ctx;
29 char *hashed, *cp, *hosts, *ohosts;
30 int has_wild = l->hosts && strcspn(l->hosts, "*?!") != strlen(l->hosts);
31+ int was_hashed = l->hosts[0] == HASH_DELIM;
32
33 switch (l->status) {
34 case HKF_STATUS_OK:
35@@ -1090,8 +1091,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
36 * Don't hash hosts already already hashed, with wildcard
37 * characters or a CA/revocation marker.
38 */
39- if ((l->match & HKF_MATCH_HOST_HASHED) != 0 ||
40- has_wild || l->marker != MRK_NONE) {
41+ if (was_hashed || has_wild || l->marker != MRK_NONE) {
42 fprintf(ctx->out, "%s\n", l->line);
43 if (has_wild && !find_host) {
44 logit("%s:%ld: ignoring host name "