summaryrefslogtreecommitdiff
path: root/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch
diff options
context:
space:
mode:
authorChristian Ehrhardt <christian.ehrhardt@canonical.com>2018-06-28 15:43:13 +0200
committerChristian Ehrhardt <christian.ehrhardt@canonical.com>2018-06-28 15:43:14 +0200
commit92d266b9e75233afd4a1ce663f062b7e9a843e65 (patch)
treec23159a23239438f10da5f025ca2297ad44ca9d5 /debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch
parent970f1c25f7c73067f2f07e2e64c88201c90ff490 (diff)
parent60256f28189c3d0650a78e737eb0ca4753478a4b (diff)
[ Christian Ehrhardt ]
Fix unintentional restriction of authorized keys environment options to be alphanumeric (LP: #1771011)
Diffstat (limited to 'debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch')
-rw-r--r--debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch40
1 files changed, 40 insertions, 0 deletions
diff --git a/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch b/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch
new file mode 100644
index 000000000..251b9a3ca
--- /dev/null
+++ b/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch
@@ -0,0 +1,40 @@
1From 60256f28189c3d0650a78e737eb0ca4753478a4b Mon Sep 17 00:00:00 2001
2From: "djm@openbsd.org" <djm@openbsd.org>
3Date: Fri, 6 Apr 2018 04:15:45 +0000
4Subject: upstream: relax checking of authorized_keys environment="..."
5
6options to allow underscores in variable names (regression introduced in
77.7). bz2851, ok deraadt@
8
9OpenBSD-Commit-ID: 69690ffe0c97ff393f2c76d25b4b3d2ed4e4ac9c
10
11Original-Author: Damien Miller <djm@mindrot.org>
12Origin: backport, http://anongit.mindrot.org/openssh.git/commit/?id=40f5f03544a07ebd2003b443d42e85cb51d94d59
13Bug-Ubuntu: https://bugs.launchpad.net/bugs/1771011
14Last-Update: 2018-06-28
15Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
16
17Patch-Name: upstream-relax-checking-of-authorized_keys-environme.patch
18---
19 auth-options.c | 4 ++--
20 1 file changed, 2 insertions(+), 2 deletions(-)
21
22diff --git a/auth-options.c b/auth-options.c
23index b528c197a..ef57ebf43 100644
24--- a/auth-options.c
25+++ b/auth-options.c
26@@ -1,4 +1,4 @@
27-/* $OpenBSD: auth-options.c,v 1.78 2018/03/14 05:35:40 djm Exp $ */
28+/* $OpenBSD: auth-options.c,v 1.79 2018/04/06 04:15:45 djm Exp $ */
29 /*
30 * Copyright (c) 2018 Damien Miller <djm@mindrot.org>
31 *
32@@ -394,7 +394,7 @@ sshauthopt_parse(const char *opts, const char **errstrp)
33 goto fail;
34 }
35 for (cp = opt; cp < tmp; cp++) {
36- if (!isalnum((u_char)*cp)) {
37+ if (!isalnum((u_char)*cp) && *cp != '_') {
38 free(opt);
39 errstr = "invalid environment string";
40 goto fail;