diff options
author | Christian Ehrhardt <christian.ehrhardt@canonical.com> | 2018-06-28 15:43:13 +0200 |
---|---|---|
committer | Christian Ehrhardt <christian.ehrhardt@canonical.com> | 2018-06-28 15:43:14 +0200 |
commit | 92d266b9e75233afd4a1ce663f062b7e9a843e65 (patch) | |
tree | c23159a23239438f10da5f025ca2297ad44ca9d5 /debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch | |
parent | 970f1c25f7c73067f2f07e2e64c88201c90ff490 (diff) | |
parent | 60256f28189c3d0650a78e737eb0ca4753478a4b (diff) |
[ Christian Ehrhardt ]
Fix unintentional restriction of authorized keys environment options
to be alphanumeric (LP: #1771011)
Diffstat (limited to 'debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch')
-rw-r--r-- | debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch b/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch new file mode 100644 index 000000000..251b9a3ca --- /dev/null +++ b/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch | |||
@@ -0,0 +1,40 @@ | |||
1 | From 60256f28189c3d0650a78e737eb0ca4753478a4b Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Fri, 6 Apr 2018 04:15:45 +0000 | ||
4 | Subject: upstream: relax checking of authorized_keys environment="..." | ||
5 | |||
6 | options to allow underscores in variable names (regression introduced in | ||
7 | 7.7). bz2851, ok deraadt@ | ||
8 | |||
9 | OpenBSD-Commit-ID: 69690ffe0c97ff393f2c76d25b4b3d2ed4e4ac9c | ||
10 | |||
11 | Original-Author: Damien Miller <djm@mindrot.org> | ||
12 | Origin: backport, http://anongit.mindrot.org/openssh.git/commit/?id=40f5f03544a07ebd2003b443d42e85cb51d94d59 | ||
13 | Bug-Ubuntu: https://bugs.launchpad.net/bugs/1771011 | ||
14 | Last-Update: 2018-06-28 | ||
15 | Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> | ||
16 | |||
17 | Patch-Name: upstream-relax-checking-of-authorized_keys-environme.patch | ||
18 | --- | ||
19 | auth-options.c | 4 ++-- | ||
20 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
21 | |||
22 | diff --git a/auth-options.c b/auth-options.c | ||
23 | index b528c197a..ef57ebf43 100644 | ||
24 | --- a/auth-options.c | ||
25 | +++ b/auth-options.c | ||
26 | @@ -1,4 +1,4 @@ | ||
27 | -/* $OpenBSD: auth-options.c,v 1.78 2018/03/14 05:35:40 djm Exp $ */ | ||
28 | +/* $OpenBSD: auth-options.c,v 1.79 2018/04/06 04:15:45 djm Exp $ */ | ||
29 | /* | ||
30 | * Copyright (c) 2018 Damien Miller <djm@mindrot.org> | ||
31 | * | ||
32 | @@ -394,7 +394,7 @@ sshauthopt_parse(const char *opts, const char **errstrp) | ||
33 | goto fail; | ||
34 | } | ||
35 | for (cp = opt; cp < tmp; cp++) { | ||
36 | - if (!isalnum((u_char)*cp)) { | ||
37 | + if (!isalnum((u_char)*cp) && *cp != '_') { | ||
38 | free(opt); | ||
39 | errstr = "invalid environment string"; | ||
40 | goto fail; | ||