New upstream release (7.4p1).

1 files changed, 21 insertions, 19 deletions

diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 3bd2fd91f..e08b6c7b7 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
-From 563974a78e937c4844e1198b5f6d79b8b2b5c600 Mon Sep 17 00:00:00 2001
+From df060c830ad66289a93be24268f3f70e7021be29 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:09:58 +0000
 Subject: Allow harmless group-writability
@@ -28,10 +28,10 @@ Patch-Name: user-group-modes.patch
  8 files changed, 80 insertions(+), 29 deletions(-)
 
 diff --git a/auth-rhosts.c b/auth-rhosts.c
-index 0ef3447..c17c13c 100644
+index ecf956f0..4dccd5e6 100644
 --- a/auth-rhosts.c
 +++ b/auth-rhosts.c
-@@ -273,8 +273,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
+@@ -261,8 +261,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
                 return 0;
         }
         if (options.strict_modes &&
@@ -41,7 +41,7 @@ index 0ef3447..c17c13c 100644
                 logit("Rhosts authentication refused for %.100s: "
                     "bad ownership or modes for home directory.", pw->pw_name);
                 auth_debug_add("Rhosts authentication refused for %.100s: "
-@@ -300,8 +299,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
+@@ -288,8 +287,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
                  * allowing access to their account by anyone.
                  */
                 if (options.strict_modes &&
@@ -52,10 +52,10 @@ index 0ef3447..c17c13c 100644
                             pw->pw_name, buf);
                         auth_debug_add("Bad file modes for %.200s", buf);
 diff --git a/auth.c b/auth.c
-index f56dcc6..3f8b348 100644
+index c6390687..90390724 100644
 --- a/auth.c
 +++ b/auth.c
-@@ -435,8 +435,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
+@@ -444,8 +444,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
                 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
                 if (options.strict_modes &&
                     (stat(user_hostfile, &st) == 0) &&
@@ -65,7 +65,7 @@ index f56dcc6..3f8b348 100644
                         logit("Authentication refused for %.100s: "
                             "bad owner or modes for %.200s",
                             pw->pw_name, user_hostfile);
-@@ -498,8 +497,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+@@ -507,8 +506,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
                 snprintf(err, errlen, "%s is not a regular file", buf);
                 return -1;
         }
@@ -75,7 +75,7 @@ index f56dcc6..3f8b348 100644
                 snprintf(err, errlen, "bad ownership or modes for file %s",
                     buf);
                 return -1;
-@@ -514,8 +512,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+@@ -523,8 +521,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
                 strlcpy(buf, cp, sizeof(buf));
  
                 if (stat(buf, &st) < 0 ||
@@ -86,7 +86,7 @@ index f56dcc6..3f8b348 100644
                             "bad ownership or modes for directory %s", buf);
                         return -1;
 diff --git a/misc.c b/misc.c
-index 9421b4d..68efb2b 100644
+index 65c9222a..bf9153a6 100644
 --- a/misc.c
 +++ b/misc.c
 @@ -51,8 +51,9 @@
@@ -181,21 +181,23 @@ index 9421b4d..68efb2b 100644
  tun_open(int tun, int mode)
  {
 diff --git a/misc.h b/misc.h
-index 7c76a6a..42cd95e 100644
+index c242f901..8b223b55 100644
 --- a/misc.h
 +++ b/misc.h
-@@ -139,4 +139,6 @@ char        *read_passphrase(const char *, int);
+@@ -143,6 +143,8 @@ char        *read_passphrase(const char *, int);
  int     ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
  int     read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
  
 +int     secure_permissions(struct stat *st, uid_t uid);
 +
- #endif /* _MISC_H */
+ #define MINIMUM(a, b)  (((a) < (b)) ? (a) : (b))
+ #define MAXIMUM(a, b)  (((a) > (b)) ? (a) : (b))
+ #define ROUNDUP(x, y)   ((((x)+((y)-1))/(y))*(y))
 diff --git a/platform.c b/platform.c
-index 4831706..2ce4dbf 100644
+index cd7bf566..380ee3a4 100644
 --- a/platform.c
 +++ b/platform.c
-@@ -199,19 +199,3 @@ platform_krb5_get_principal_name(const char *pw_name)
+@@ -197,19 +197,3 @@ platform_krb5_get_principal_name(const char *pw_name)
         return NULL;
  #endif
  }
@@ -216,10 +218,10 @@ index 4831706..2ce4dbf 100644
 -       return 0;
 -}
 diff --git a/readconf.c b/readconf.c
-index 3a6c67b..f6b4c8f 100644
+index 3efba242..c02cdf63 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -1753,8 +1753,7 @@ read_config_file_depth(const char *filename, struct passwd *pw,
+@@ -1752,8 +1752,7 @@ read_config_file_depth(const char *filename, struct passwd *pw,
  
                 if (fstat(fileno(f), &sb) == -1)
                         fatal("fstat %s: %s", filename, strerror(errno));
@@ -230,7 +232,7 @@ index 3a6c67b..f6b4c8f 100644
         }
  
 diff --git a/ssh.1 b/ssh.1
-index 4011c65..feef81a 100644
+index 4011c65a..feef81a5 100644
 --- a/ssh.1
 +++ b/ssh.1
 @@ -1484,6 +1484,8 @@ The file format and configuration options are described in
@@ -243,10 +245,10 @@ index 4011c65..feef81a 100644
  .It Pa ~/.ssh/environment
  Contains additional definitions for environment variables; see
 diff --git a/ssh_config.5 b/ssh_config.5
-index efc265a..5dd26bc 100644
+index 32fd100d..f62ea6b8 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1903,6 +1903,8 @@ The format of this file is described above.
+@@ -1803,6 +1803,8 @@ The format of this file is described above.
  This file is used by the SSH client.
  Because of the potential for abuse, this file must have strict permissions:
  read/write for the user, and not accessible by others.