diff options
author | Colin Watson <cjwatson@debian.org> | 2018-08-24 12:49:36 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2018-08-30 00:57:27 +0100 |
commit | 816386e17654ca36834bebbf351419e460fad8f6 (patch) | |
tree | 3dc79d831cb73bc25b92f5a4d18f8e328c0c570a /debian/patches/user-group-modes.patch | |
parent | 3e6f76c7039d3df22b1d0a3a5f30150efb09b69d (diff) | |
parent | 16a47fc4b04977a14f44dd433c8da1499fa80671 (diff) |
New upstream release (7.8p1)
Closes: #907534
Diffstat (limited to 'debian/patches/user-group-modes.patch')
-rw-r--r-- | debian/patches/user-group-modes.patch | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index 712620843..cc9cbacad 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 9e45701c5d6105444cc2f4f5d6c44b0f69969479 Mon Sep 17 00:00:00 2001 | 1 | From 840f43066f9cdf5f6bb07992aca1c5f43be8eb80 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 |
4 | Subject: Allow harmless group-writability | 4 | Subject: Allow harmless group-writability |
@@ -27,7 +27,7 @@ Patch-Name: user-group-modes.patch | |||
27 | 7 files changed, 63 insertions(+), 13 deletions(-) | 27 | 7 files changed, 63 insertions(+), 13 deletions(-) |
28 | 28 | ||
29 | diff --git a/auth-rhosts.c b/auth-rhosts.c | 29 | diff --git a/auth-rhosts.c b/auth-rhosts.c |
30 | index ecf956f06..4dccd5e6a 100644 | 30 | index 57296e1f6..546aa0495 100644 |
31 | --- a/auth-rhosts.c | 31 | --- a/auth-rhosts.c |
32 | +++ b/auth-rhosts.c | 32 | +++ b/auth-rhosts.c |
33 | @@ -261,8 +261,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | 33 | @@ -261,8 +261,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, |
@@ -51,10 +51,10 @@ index ecf956f06..4dccd5e6a 100644 | |||
51 | pw->pw_name, buf); | 51 | pw->pw_name, buf); |
52 | auth_debug_add("Bad file modes for %.200s", buf); | 52 | auth_debug_add("Bad file modes for %.200s", buf); |
53 | diff --git a/auth.c b/auth.c | 53 | diff --git a/auth.c b/auth.c |
54 | index 76d586e31..68b9fe795 100644 | 54 | index 80eb78c48..ad25631a5 100644 |
55 | --- a/auth.c | 55 | --- a/auth.c |
56 | +++ b/auth.c | 56 | +++ b/auth.c |
57 | @@ -468,8 +468,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, | 57 | @@ -469,8 +469,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, |
58 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); | 58 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); |
59 | if (options.strict_modes && | 59 | if (options.strict_modes && |
60 | (stat(user_hostfile, &st) == 0) && | 60 | (stat(user_hostfile, &st) == 0) && |
@@ -65,7 +65,7 @@ index 76d586e31..68b9fe795 100644 | |||
65 | "bad owner or modes for %.200s", | 65 | "bad owner or modes for %.200s", |
66 | pw->pw_name, user_hostfile); | 66 | pw->pw_name, user_hostfile); |
67 | diff --git a/misc.c b/misc.c | 67 | diff --git a/misc.c b/misc.c |
68 | index 874dcc8a2..75c4113f0 100644 | 68 | index ae4d29b84..2f3dbda0c 100644 |
69 | --- a/misc.c | 69 | --- a/misc.c |
70 | +++ b/misc.c | 70 | +++ b/misc.c |
71 | @@ -57,8 +57,9 @@ | 71 | @@ -57,8 +57,9 @@ |
@@ -79,8 +79,8 @@ index 874dcc8a2..75c4113f0 100644 | |||
79 | #ifdef SSH_TUN_OPENBSD | 79 | #ifdef SSH_TUN_OPENBSD |
80 | #include <net/if.h> | 80 | #include <net/if.h> |
81 | #endif | 81 | #endif |
82 | @@ -1030,6 +1031,55 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, | 82 | @@ -1024,6 +1025,55 @@ percent_expand(const char *string, ...) |
83 | return -1; | 83 | #undef EXPAND_MAX_KEYS |
84 | } | 84 | } |
85 | 85 | ||
86 | +int | 86 | +int |
@@ -135,7 +135,7 @@ index 874dcc8a2..75c4113f0 100644 | |||
135 | int | 135 | int |
136 | tun_open(int tun, int mode, char **ifname) | 136 | tun_open(int tun, int mode, char **ifname) |
137 | { | 137 | { |
138 | @@ -1797,8 +1847,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, | 138 | @@ -1782,8 +1832,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, |
139 | snprintf(err, errlen, "%s is not a regular file", buf); | 139 | snprintf(err, errlen, "%s is not a regular file", buf); |
140 | return -1; | 140 | return -1; |
141 | } | 141 | } |
@@ -145,7 +145,7 @@ index 874dcc8a2..75c4113f0 100644 | |||
145 | snprintf(err, errlen, "bad ownership or modes for file %s", | 145 | snprintf(err, errlen, "bad ownership or modes for file %s", |
146 | buf); | 146 | buf); |
147 | return -1; | 147 | return -1; |
148 | @@ -1813,8 +1862,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, | 148 | @@ -1798,8 +1847,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, |
149 | strlcpy(buf, cp, sizeof(buf)); | 149 | strlcpy(buf, cp, sizeof(buf)); |
150 | 150 | ||
151 | if (stat(buf, &st) < 0 || | 151 | if (stat(buf, &st) < 0 || |
@@ -156,12 +156,12 @@ index 874dcc8a2..75c4113f0 100644 | |||
156 | "bad ownership or modes for directory %s", buf); | 156 | "bad ownership or modes for directory %s", buf); |
157 | return -1; | 157 | return -1; |
158 | diff --git a/misc.h b/misc.h | 158 | diff --git a/misc.h b/misc.h |
159 | index cdafea735..51943db90 100644 | 159 | index 6be289fd2..213c3abb7 100644 |
160 | --- a/misc.h | 160 | --- a/misc.h |
161 | +++ b/misc.h | 161 | +++ b/misc.h |
162 | @@ -168,6 +168,8 @@ char *read_passphrase(const char *, int); | 162 | @@ -167,6 +167,8 @@ int safe_path_fd(int, const char *, struct passwd *, |
163 | char *read_passphrase(const char *, int); | ||
163 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); | 164 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); |
164 | int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); | ||
165 | 165 | ||
166 | +int secure_permissions(struct stat *st, uid_t uid); | 166 | +int secure_permissions(struct stat *st, uid_t uid); |
167 | + | 167 | + |
@@ -169,10 +169,10 @@ index cdafea735..51943db90 100644 | |||
169 | #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) | 169 | #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) |
170 | #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) | 170 | #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) |
171 | diff --git a/readconf.c b/readconf.c | 171 | diff --git a/readconf.c b/readconf.c |
172 | index 7f2b5c172..50349e238 100644 | 172 | index 3fd0fe7b7..3ed6dfb54 100644 |
173 | --- a/readconf.c | 173 | --- a/readconf.c |
174 | +++ b/readconf.c | 174 | +++ b/readconf.c |
175 | @@ -1741,8 +1741,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, | 175 | @@ -1795,8 +1795,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, |
176 | 176 | ||
177 | if (fstat(fileno(f), &sb) == -1) | 177 | if (fstat(fileno(f), &sb) == -1) |
178 | fatal("fstat %s: %s", filename, strerror(errno)); | 178 | fatal("fstat %s: %s", filename, strerror(errno)); |
@@ -183,10 +183,10 @@ index 7f2b5c172..50349e238 100644 | |||
183 | } | 183 | } |
184 | 184 | ||
185 | diff --git a/ssh.1 b/ssh.1 | 185 | diff --git a/ssh.1 b/ssh.1 |
186 | index b4078525b..0ef7c1709 100644 | 186 | index b20908a5e..cb0fdd50e 100644 |
187 | --- a/ssh.1 | 187 | --- a/ssh.1 |
188 | +++ b/ssh.1 | 188 | +++ b/ssh.1 |
189 | @@ -1471,6 +1471,8 @@ The file format and configuration options are described in | 189 | @@ -1475,6 +1475,8 @@ The file format and configuration options are described in |
190 | .Xr ssh_config 5 . | 190 | .Xr ssh_config 5 . |
191 | Because of the potential for abuse, this file must have strict permissions: | 191 | Because of the potential for abuse, this file must have strict permissions: |
192 | read/write for the user, and not writable by others. | 192 | read/write for the user, and not writable by others. |
@@ -196,10 +196,10 @@ index b4078525b..0ef7c1709 100644 | |||
196 | .It Pa ~/.ssh/environment | 196 | .It Pa ~/.ssh/environment |
197 | Contains additional definitions for environment variables; see | 197 | Contains additional definitions for environment variables; see |
198 | diff --git a/ssh_config.5 b/ssh_config.5 | 198 | diff --git a/ssh_config.5 b/ssh_config.5 |
199 | index 32c3632c7..84dcd52cc 100644 | 199 | index 86ada128e..03341a229 100644 |
200 | --- a/ssh_config.5 | 200 | --- a/ssh_config.5 |
201 | +++ b/ssh_config.5 | 201 | +++ b/ssh_config.5 |
202 | @@ -1818,6 +1818,8 @@ The format of this file is described above. | 202 | @@ -1813,6 +1813,8 @@ The format of this file is described above. |
203 | This file is used by the SSH client. | 203 | This file is used by the SSH client. |
204 | Because of the potential for abuse, this file must have strict permissions: | 204 | Because of the potential for abuse, this file must have strict permissions: |
205 | read/write for the user, and not accessible by others. | 205 | read/write for the user, and not accessible by others. |