diff options
| author | Colin Watson <cjwatson@debian.org> | 2014-10-07 13:33:15 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2014-10-07 14:27:30 +0100 |
| commit | f0b009aea83e9ff3a50be30f51012099a5143c16 (patch) | |
| tree | 3825e6f7e3b7ea4481d06ed89aba9a7a95150df5 /debian/patches/user-group-modes.patch | |
| parent | 47f0bad4330b16ec3bad870fcf9839c196e42c12 (diff) | |
| parent | 762c062828f5a8f6ed189ed6e44ad38fd92f8b36 (diff) | |
Merge 6.7p1.
* New upstream release (http://www.openssh.com/txt/release-6.7):
- sshd(8): The default set of ciphers and MACs has been altered to
remove unsafe algorithms. In particular, CBC ciphers and arcfour* are
disabled by default. The full set of algorithms remains available if
configured explicitly via the Ciphers and MACs sshd_config options.
- ssh(1), sshd(8): Add support for Unix domain socket forwarding. A
remote TCP port may be forwarded to a local Unix domain socket and
vice versa or both ends may be a Unix domain socket (closes: #236718).
- ssh(1), ssh-keygen(1): Add support for SSHFP DNS records for ED25519
key types.
- sftp(1): Allow resumption of interrupted uploads.
- ssh(1): When rekeying, skip file/DNS lookups of the hostkey if it is
the same as the one sent during initial key exchange.
- sshd(8): Allow explicit ::1 and 127.0.0.1 forwarding bind addresses
when GatewayPorts=no; allows client to choose address family.
- sshd(8): Add a sshd_config PermitUserRC option to control whether
~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys
option.
- ssh(1): Add a %C escape sequence for LocalCommand and ControlPath that
expands to a unique identifer based on a hash of the tuple of (local
host, remote user, hostname, port). Helps avoid exceeding miserly
pathname limits for Unix domain sockets in multiplexing control paths.
- sshd(8): Make the "Too many authentication failures" message include
the user, source address, port and protocol in a format similar to the
authentication success / failure messages.
- Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC when it is
available. It considers time spent suspended, thereby ensuring
timeouts (e.g. for expiring agent keys) fire correctly (closes:
#734553).
- Use prctl() to prevent sftp-server from accessing
/proc/self/{mem,maps}.
* Restore TCP wrappers support, removed upstream in 6.7. It is true that
dropping this reduces preauth attack surface in sshd. On the other
hand, this support seems to be quite widely used, and abruptly dropping
it (from the perspective of users who don't read openssh-unix-dev) could
easily cause more serious problems in practice. It's not entirely clear
what the right long-term answer for Debian is, but it at least probably
doesn't involve dropping this feature shortly before a freeze.
* Replace patch to disable OpenSSL version check with an updated version
of Kurt Roeckx's patch from #732940 to just avoid checking the status
field.
Diffstat (limited to 'debian/patches/user-group-modes.patch')
| -rw-r--r-- | debian/patches/user-group-modes.patch | 42 |
1 files changed, 21 insertions, 21 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index 3cdb9d8a1..e4e4657f3 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | From 77638f6662ecd8500e1b97e537233b1277ca829f Mon Sep 17 00:00:00 2001 | 1 | From 28ea747089f695e58a476a2849133402d4f86b92 Mon Sep 17 00:00:00 2001 |
| 2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
| 3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 |
| 4 | Subject: Allow harmless group-writability | 4 | Subject: Allow harmless group-writability |
| @@ -28,7 +28,7 @@ Patch-Name: user-group-modes.patch | |||
| 28 | 8 files changed, 82 insertions(+), 29 deletions(-) | 28 | 8 files changed, 82 insertions(+), 29 deletions(-) |
| 29 | 29 | ||
| 30 | diff --git a/auth-rhosts.c b/auth-rhosts.c | 30 | diff --git a/auth-rhosts.c b/auth-rhosts.c |
| 31 | index 06ae7f0..f202787 100644 | 31 | index b5bedee..11fcca6 100644 |
| 32 | --- a/auth-rhosts.c | 32 | --- a/auth-rhosts.c |
| 33 | +++ b/auth-rhosts.c | 33 | +++ b/auth-rhosts.c |
| 34 | @@ -256,8 +256,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam | 34 | @@ -256,8 +256,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam |
| @@ -52,10 +52,10 @@ index 06ae7f0..f202787 100644 | |||
| 52 | pw->pw_name, buf); | 52 | pw->pw_name, buf); |
| 53 | auth_debug_add("Bad file modes for %.200s", buf); | 53 | auth_debug_add("Bad file modes for %.200s", buf); |
| 54 | diff --git a/auth.c b/auth.c | 54 | diff --git a/auth.c b/auth.c |
| 55 | index 9a36f1d..0c45f09 100644 | 55 | index 5e60682..18de51a 100644 |
| 56 | --- a/auth.c | 56 | --- a/auth.c |
| 57 | +++ b/auth.c | 57 | +++ b/auth.c |
| 58 | @@ -407,8 +407,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, | 58 | @@ -421,8 +421,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, |
| 59 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); | 59 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); |
| 60 | if (options.strict_modes && | 60 | if (options.strict_modes && |
| 61 | (stat(user_hostfile, &st) == 0) && | 61 | (stat(user_hostfile, &st) == 0) && |
| @@ -65,7 +65,7 @@ index 9a36f1d..0c45f09 100644 | |||
| 65 | logit("Authentication refused for %.100s: " | 65 | logit("Authentication refused for %.100s: " |
| 66 | "bad owner or modes for %.200s", | 66 | "bad owner or modes for %.200s", |
| 67 | pw->pw_name, user_hostfile); | 67 | pw->pw_name, user_hostfile); |
| 68 | @@ -470,8 +469,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, | 68 | @@ -484,8 +483,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, |
| 69 | snprintf(err, errlen, "%s is not a regular file", buf); | 69 | snprintf(err, errlen, "%s is not a regular file", buf); |
| 70 | return -1; | 70 | return -1; |
| 71 | } | 71 | } |
| @@ -75,7 +75,7 @@ index 9a36f1d..0c45f09 100644 | |||
| 75 | snprintf(err, errlen, "bad ownership or modes for file %s", | 75 | snprintf(err, errlen, "bad ownership or modes for file %s", |
| 76 | buf); | 76 | buf); |
| 77 | return -1; | 77 | return -1; |
| 78 | @@ -486,8 +484,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, | 78 | @@ -500,8 +498,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, |
| 79 | strlcpy(buf, cp, sizeof(buf)); | 79 | strlcpy(buf, cp, sizeof(buf)); |
| 80 | 80 | ||
| 81 | if (stat(buf, &st) < 0 || | 81 | if (stat(buf, &st) < 0 || |
| @@ -86,10 +86,10 @@ index 9a36f1d..0c45f09 100644 | |||
| 86 | "bad ownership or modes for directory %s", buf); | 86 | "bad ownership or modes for directory %s", buf); |
| 87 | return -1; | 87 | return -1; |
| 88 | diff --git a/misc.c b/misc.c | 88 | diff --git a/misc.c b/misc.c |
| 89 | index e4c8c32..4e756b0 100644 | 89 | index 94b05b0..c25ccd8 100644 |
| 90 | --- a/misc.c | 90 | --- a/misc.c |
| 91 | +++ b/misc.c | 91 | +++ b/misc.c |
| 92 | @@ -49,8 +49,9 @@ | 92 | @@ -50,8 +50,9 @@ |
| 93 | #include <netdb.h> | 93 | #include <netdb.h> |
| 94 | #ifdef HAVE_PATHS_H | 94 | #ifdef HAVE_PATHS_H |
| 95 | # include <paths.h> | 95 | # include <paths.h> |
| @@ -100,7 +100,7 @@ index e4c8c32..4e756b0 100644 | |||
| 100 | #ifdef SSH_TUN_OPENBSD | 100 | #ifdef SSH_TUN_OPENBSD |
| 101 | #include <net/if.h> | 101 | #include <net/if.h> |
| 102 | #endif | 102 | #endif |
| 103 | @@ -59,6 +60,7 @@ | 103 | @@ -60,6 +61,7 @@ |
| 104 | #include "misc.h" | 104 | #include "misc.h" |
| 105 | #include "log.h" | 105 | #include "log.h" |
| 106 | #include "ssh.h" | 106 | #include "ssh.h" |
| @@ -108,7 +108,7 @@ index e4c8c32..4e756b0 100644 | |||
| 108 | 108 | ||
| 109 | /* remove newline at end of string */ | 109 | /* remove newline at end of string */ |
| 110 | char * | 110 | char * |
| 111 | @@ -643,6 +645,71 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, | 111 | @@ -644,6 +646,71 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, |
| 112 | return -1; | 112 | return -1; |
| 113 | } | 113 | } |
| 114 | 114 | ||
| @@ -181,10 +181,10 @@ index e4c8c32..4e756b0 100644 | |||
| 181 | tun_open(int tun, int mode) | 181 | tun_open(int tun, int mode) |
| 182 | { | 182 | { |
| 183 | diff --git a/misc.h b/misc.h | 183 | diff --git a/misc.h b/misc.h |
| 184 | index d4df619..ceb173b 100644 | 184 | index 374c33c..89e1f75 100644 |
| 185 | --- a/misc.h | 185 | --- a/misc.h |
| 186 | +++ b/misc.h | 186 | +++ b/misc.h |
| 187 | @@ -106,4 +106,6 @@ char *read_passphrase(const char *, int); | 187 | @@ -135,4 +135,6 @@ char *read_passphrase(const char *, int); |
| 188 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); | 188 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); |
| 189 | int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); | 189 | int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); |
| 190 | 190 | ||
| @@ -192,10 +192,10 @@ index d4df619..ceb173b 100644 | |||
| 192 | + | 192 | + |
| 193 | #endif /* _MISC_H */ | 193 | #endif /* _MISC_H */ |
| 194 | diff --git a/platform.c b/platform.c | 194 | diff --git a/platform.c b/platform.c |
| 195 | index 4aab9a9..f99de7f 100644 | 195 | index f35ec39..9a23e6e 100644 |
| 196 | --- a/platform.c | 196 | --- a/platform.c |
| 197 | +++ b/platform.c | 197 | +++ b/platform.c |
| 198 | @@ -196,19 +196,3 @@ platform_krb5_get_principal_name(const char *pw_name) | 198 | @@ -197,19 +197,3 @@ platform_krb5_get_principal_name(const char *pw_name) |
| 199 | return NULL; | 199 | return NULL; |
| 200 | #endif | 200 | #endif |
| 201 | } | 201 | } |
| @@ -216,10 +216,10 @@ index 4aab9a9..f99de7f 100644 | |||
| 216 | - return 0; | 216 | - return 0; |
| 217 | -} | 217 | -} |
| 218 | diff --git a/readconf.c b/readconf.c | 218 | diff --git a/readconf.c b/readconf.c |
| 219 | index 6409937..32c4b42 100644 | 219 | index 337818c..0648867 100644 |
| 220 | --- a/readconf.c | 220 | --- a/readconf.c |
| 221 | +++ b/readconf.c | 221 | +++ b/readconf.c |
| 222 | @@ -37,6 +37,8 @@ | 222 | @@ -38,6 +38,8 @@ |
| 223 | #include <stdio.h> | 223 | #include <stdio.h> |
| 224 | #include <string.h> | 224 | #include <string.h> |
| 225 | #include <unistd.h> | 225 | #include <unistd.h> |
| @@ -228,7 +228,7 @@ index 6409937..32c4b42 100644 | |||
| 228 | #ifdef HAVE_UTIL_H | 228 | #ifdef HAVE_UTIL_H |
| 229 | #include <util.h> | 229 | #include <util.h> |
| 230 | #endif | 230 | #endif |
| 231 | @@ -1477,8 +1479,7 @@ read_config_file(const char *filename, struct passwd *pw, const char *host, | 231 | @@ -1516,8 +1518,7 @@ read_config_file(const char *filename, struct passwd *pw, const char *host, |
| 232 | 232 | ||
| 233 | if (fstat(fileno(f), &sb) == -1) | 233 | if (fstat(fileno(f), &sb) == -1) |
| 234 | fatal("fstat %s: %s", filename, strerror(errno)); | 234 | fatal("fstat %s: %s", filename, strerror(errno)); |
| @@ -239,10 +239,10 @@ index 6409937..32c4b42 100644 | |||
| 239 | } | 239 | } |
| 240 | 240 | ||
| 241 | diff --git a/ssh.1 b/ssh.1 | 241 | diff --git a/ssh.1 b/ssh.1 |
| 242 | index 27794e2..ff5e6ac 100644 | 242 | index fa5cfb2..7f6ab77 100644 |
| 243 | --- a/ssh.1 | 243 | --- a/ssh.1 |
| 244 | +++ b/ssh.1 | 244 | +++ b/ssh.1 |
| 245 | @@ -1352,6 +1352,8 @@ The file format and configuration options are described in | 245 | @@ -1342,6 +1342,8 @@ The file format and configuration options are described in |
| 246 | .Xr ssh_config 5 . | 246 | .Xr ssh_config 5 . |
| 247 | Because of the potential for abuse, this file must have strict permissions: | 247 | Because of the potential for abuse, this file must have strict permissions: |
| 248 | read/write for the user, and not writable by others. | 248 | read/write for the user, and not writable by others. |
| @@ -252,10 +252,10 @@ index 27794e2..ff5e6ac 100644 | |||
| 252 | .It Pa ~/.ssh/environment | 252 | .It Pa ~/.ssh/environment |
| 253 | Contains additional definitions for environment variables; see | 253 | Contains additional definitions for environment variables; see |
| 254 | diff --git a/ssh_config.5 b/ssh_config.5 | 254 | diff --git a/ssh_config.5 b/ssh_config.5 |
| 255 | index 3172fd4..4bf7cbb 100644 | 255 | index ea92ea8..d68b45a 100644 |
| 256 | --- a/ssh_config.5 | 256 | --- a/ssh_config.5 |
| 257 | +++ b/ssh_config.5 | 257 | +++ b/ssh_config.5 |
| 258 | @@ -1529,6 +1529,8 @@ The format of this file is described above. | 258 | @@ -1587,6 +1587,8 @@ The format of this file is described above. |
| 259 | This file is used by the SSH client. | 259 | This file is used by the SSH client. |
| 260 | Because of the potential for abuse, this file must have strict permissions: | 260 | Because of the potential for abuse, this file must have strict permissions: |
| 261 | read/write for the user, and not accessible by others. | 261 | read/write for the user, and not accessible by others. |