summaryrefslogtreecommitdiff
path: root/debian/patches
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2016-01-04 13:43:57 +0000
committerColin Watson <cjwatson@debian.org>2016-01-04 13:45:10 +0000
commit3782b4ad3e4eae51a99fd3cc4a6e401d117636a2 (patch)
treed53f1c0addcfd6df3e63cbdd7a8ca52112b1c9b4 /debian/patches
parentf9c35cbf21fa84501c5786923b4d200523977802 (diff)
parent1f715c783abc11e805d9fd8af4847c3514fcb296 (diff)
Allow authenticating as root using gssapi-keyex even with "PermitRootLogin prohibit-password" (closes: #809695).
Diffstat (limited to 'debian/patches')
-rw-r--r--debian/patches/auth-log-verbosity.patch2
-rw-r--r--debian/patches/authorized-keys-man-symlink.patch2
-rw-r--r--debian/patches/backport-fix-first-kex-follows.patch2
-rw-r--r--debian/patches/debian-banner.patch2
-rw-r--r--debian/patches/debian-config.patch2
-rw-r--r--debian/patches/dnssec-sshfp.patch2
-rw-r--r--debian/patches/doc-hash-tab-completion.patch2
-rw-r--r--debian/patches/doc-upstart.patch2
-rw-r--r--debian/patches/gnome-ssh-askpass2-icon.patch2
-rw-r--r--debian/patches/gssapi.patch21
-rw-r--r--debian/patches/helpful-wait-terminate.patch2
-rw-r--r--debian/patches/keepalive-extensions.patch2
-rw-r--r--debian/patches/lintian-symlink-pickiness.patch2
-rw-r--r--debian/patches/mention-ssh-keygen-on-keychange.patch2
-rw-r--r--debian/patches/no-openssl-version-status.patch2
-rw-r--r--debian/patches/openbsd-docs.patch2
-rw-r--r--debian/patches/package-versioning.patch2
-rw-r--r--debian/patches/quieter-signals.patch2
-rw-r--r--debian/patches/restore-tcp-wrappers.patch2
-rw-r--r--debian/patches/scp-quoting.patch2
-rw-r--r--debian/patches/selinux-role.patch2
-rw-r--r--debian/patches/shell-path.patch2
-rw-r--r--debian/patches/sigstop.patch2
-rw-r--r--debian/patches/ssh-agent-setgid.patch2
-rw-r--r--debian/patches/ssh-argv0.patch2
-rw-r--r--debian/patches/ssh-vulnkey-compat.patch2
-rw-r--r--debian/patches/syslog-level-silent.patch2
-rw-r--r--debian/patches/systemd-readiness.patch2
-rw-r--r--debian/patches/user-group-modes.patch10
29 files changed, 50 insertions, 35 deletions
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch
index d9c5f4001..bde6dfb45 100644
--- a/debian/patches/auth-log-verbosity.patch
+++ b/debian/patches/auth-log-verbosity.patch
@@ -1,4 +1,4 @@
1From 2e8f32e76f598143900914f3f61f2448bbc98cae Mon Sep 17 00:00:00 2001 1From b7921aa4a2b83b247ca13651d061ab2eaa527f65 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:02 +0000 3Date: Sun, 9 Feb 2014 16:10:02 +0000
4Subject: Quieten logs when multiple from= restrictions are used 4Subject: Quieten logs when multiple from= restrictions are used
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index 3c41df483..8bddf00ce 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -1,4 +1,4 @@
1From 648f76a35334b75f51f9a1178172a29e108a26bd Mon Sep 17 00:00:00 2001 1From a003be3d6aca1aa78e23da80ae53b35afb0094f1 Mon Sep 17 00:00:00 2001
2From: Tomas Pospisek <tpo_deb@sourcepole.ch> 2From: Tomas Pospisek <tpo_deb@sourcepole.ch>
3Date: Sun, 9 Feb 2014 16:10:07 +0000 3Date: Sun, 9 Feb 2014 16:10:07 +0000
4Subject: Install authorized_keys(5) as a symlink to sshd(8) 4Subject: Install authorized_keys(5) as a symlink to sshd(8)
diff --git a/debian/patches/backport-fix-first-kex-follows.patch b/debian/patches/backport-fix-first-kex-follows.patch
index 08be9de8a..928349824 100644
--- a/debian/patches/backport-fix-first-kex-follows.patch
+++ b/debian/patches/backport-fix-first-kex-follows.patch
@@ -1,4 +1,4 @@
1From e95f51a2a4b404bcb04bfdf8d092efb37eef446c Mon Sep 17 00:00:00 2001 1From 1f715c783abc11e805d9fd8af4847c3514fcb296 Mon Sep 17 00:00:00 2001
2From: Damien Miller <djm@mindrot.org> 2From: Damien Miller <djm@mindrot.org>
3Date: Tue, 15 Dec 2015 15:25:04 +0000 3Date: Tue, 15 Dec 2015 15:25:04 +0000
4Subject: upstream commit 4Subject: upstream commit
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index 8705f10b0..07dad44b4 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
1From d3faad3474e9ea9c9896aaf5fb3398964043d823 Mon Sep 17 00:00:00 2001 1From 464ae832806fca916694b51c0bc996af1cac7057 Mon Sep 17 00:00:00 2001
2From: Kees Cook <kees@debian.org> 2From: Kees Cook <kees@debian.org>
3Date: Sun, 9 Feb 2014 16:10:06 +0000 3Date: Sun, 9 Feb 2014 16:10:06 +0000
4Subject: Add DebianBanner server configuration option 4Subject: Add DebianBanner server configuration option
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 09c252607..f5e0b51c5 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
1From 9238867d60dd8f7da598ef3ebdb127cfc5562a91 Mon Sep 17 00:00:00 2001 1From 382ac29bbd28f2344df323244d9ed6e90306046c Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:18 +0000 3Date: Sun, 9 Feb 2014 16:10:18 +0000
4Subject: Various Debian-specific configuration changes 4Subject: Various Debian-specific configuration changes
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch
index c60ee5e2a..34717b065 100644
--- a/debian/patches/dnssec-sshfp.patch
+++ b/debian/patches/dnssec-sshfp.patch
@@ -1,4 +1,4 @@
1From 721e2eddc34e490480dff698b50cdaf8a8098969 Mon Sep 17 00:00:00 2001 1From 05e44a7f55ca499d7e7f433152e066b256a1bb79 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:01 +0000 3Date: Sun, 9 Feb 2014 16:10:01 +0000
4Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf 4Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index ccfc44925..596c7a5cc 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -1,4 +1,4 @@
1From f0577ce8bbf5f0307805e2533912921081360c2c Mon Sep 17 00:00:00 2001 1From 6563989dd56d8f4fd80142dd2c56344c374cde82 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:11 +0000 3Date: Sun, 9 Feb 2014 16:10:11 +0000
4Subject: Document that HashKnownHosts may break tab-completion 4Subject: Document that HashKnownHosts may break tab-completion
diff --git a/debian/patches/doc-upstart.patch b/debian/patches/doc-upstart.patch
index a03a49e42..645182f38 100644
--- a/debian/patches/doc-upstart.patch
+++ b/debian/patches/doc-upstart.patch
@@ -1,4 +1,4 @@
1From 2dd09da306fcf40948da724f0ff0f613e308b361 Mon Sep 17 00:00:00 2001 1From 1deb3f4df2dd7e4ea2e19c65a285b0e9e075551f Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@ubuntu.com> 2From: Colin Watson <cjwatson@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:12 +0000 3Date: Sun, 9 Feb 2014 16:10:12 +0000
4Subject: Refer to ssh's Upstart job as well as its init script 4Subject: Refer to ssh's Upstart job as well as its init script
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch
index 8ca827371..b7e8075f0 100644
--- a/debian/patches/gnome-ssh-askpass2-icon.patch
+++ b/debian/patches/gnome-ssh-askpass2-icon.patch
@@ -1,4 +1,4 @@
1From 578735f51e7152d29963531d9840b7062141a68e Mon Sep 17 00:00:00 2001 1From 076e887b9a9804b03bc4915bf7044bbbc46553b6 Mon Sep 17 00:00:00 2001
2From: Vincent Untz <vuntz@ubuntu.com> 2From: Vincent Untz <vuntz@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:16 +0000 3Date: Sun, 9 Feb 2014 16:10:16 +0000
4Subject: Give the ssh-askpass-gnome window a default icon 4Subject: Give the ssh-askpass-gnome window a default icon
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index 4ab9ca373..2c8d04268 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -1,4 +1,4 @@
1From 09c4d9b7d41ab3c9973f07e0109e931f57c59c43 Mon Sep 17 00:00:00 2001 1From d6cfd64ea0a567d88152270a94be6bb2a78daeb9 Mon Sep 17 00:00:00 2001
2From: Simon Wilkinson <simon@sxw.org.uk> 2From: Simon Wilkinson <simon@sxw.org.uk>
3Date: Sun, 9 Feb 2014 16:09:48 +0000 3Date: Sun, 9 Feb 2014 16:09:48 +0000
4Subject: GSSAPI key exchange support 4Subject: GSSAPI key exchange support
@@ -17,13 +17,14 @@ have it merged into the main openssh package rather than having separate
17security history. 17security history.
18 18
19Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 19Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
20Last-Updated: 2015-11-29 20Last-Updated: 2016-01-04
21 21
22Patch-Name: gssapi.patch 22Patch-Name: gssapi.patch
23--- 23---
24 ChangeLog.gssapi | 113 +++++++++++++++++++ 24 ChangeLog.gssapi | 113 +++++++++++++++++++
25 Makefile.in | 5 +- 25 Makefile.in | 5 +-
26 auth-krb5.c | 17 ++- 26 auth-krb5.c | 17 ++-
27 auth.c | 3 +-
27 auth2-gss.c | 48 +++++++- 28 auth2-gss.c | 48 +++++++-
28 auth2.c | 2 + 29 auth2.c | 2 +
29 clientloop.c | 13 +++ 30 clientloop.c | 13 +++
@@ -53,7 +54,7 @@ Patch-Name: gssapi.patch
53 sshd_config.5 | 11 ++ 54 sshd_config.5 | 11 ++
54 sshkey.c | 3 +- 55 sshkey.c | 3 +-
55 sshkey.h | 1 + 56 sshkey.h | 1 +
56 32 files changed, 1957 insertions(+), 46 deletions(-) 57 33 files changed, 1959 insertions(+), 47 deletions(-)
57 create mode 100644 ChangeLog.gssapi 58 create mode 100644 ChangeLog.gssapi
58 create mode 100644 kexgssc.c 59 create mode 100644 kexgssc.c
59 create mode 100644 kexgsss.c 60 create mode 100644 kexgsss.c
@@ -251,6 +252,20 @@ index 0089b18..ec47869 100644
251 252
252 return (krb5_cc_resolve(ctx, ccname, ccache)); 253 return (krb5_cc_resolve(ctx, ccname, ccache));
253 } 254 }
255diff --git a/auth.c b/auth.c
256index 214c2c7..bd6a026 100644
257--- a/auth.c
258+++ b/auth.c
259@@ -354,7 +354,8 @@ auth_root_allowed(const char *method)
260 case PERMIT_NO_PASSWD:
261 if (strcmp(method, "publickey") == 0 ||
262 strcmp(method, "hostbased") == 0 ||
263- strcmp(method, "gssapi-with-mic") == 0)
264+ strcmp(method, "gssapi-with-mic") == 0 ||
265+ strcmp(method, "gssapi-keyex") == 0)
266 return 1;
267 break;
268 case PERMIT_FORCED_ONLY:
254diff --git a/auth2-gss.c b/auth2-gss.c 269diff --git a/auth2-gss.c b/auth2-gss.c
255index 1ca8357..3b5036d 100644 270index 1ca8357..3b5036d 100644
256--- a/auth2-gss.c 271--- a/auth2-gss.c
diff --git a/debian/patches/helpful-wait-terminate.patch b/debian/patches/helpful-wait-terminate.patch
index bb7acfc0d..9ef03d36d 100644
--- a/debian/patches/helpful-wait-terminate.patch
+++ b/debian/patches/helpful-wait-terminate.patch
@@ -1,4 +1,4 @@
1From 0fe621a2c5a90e37e9a1afa8b56fd04fb1c53eef Mon Sep 17 00:00:00 2001 1From 0488e67b6971cf1ee55a27b03d85864b744b69de Mon Sep 17 00:00:00 2001
2From: Matthew Vernon <matthew@debian.org> 2From: Matthew Vernon <matthew@debian.org>
3Date: Sun, 9 Feb 2014 16:09:56 +0000 3Date: Sun, 9 Feb 2014 16:09:56 +0000
4Subject: Mention ~& when waiting for forwarded connections to terminate 4Subject: Mention ~& when waiting for forwarded connections to terminate
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 287cfe886..629eaf551 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -1,4 +1,4 @@
1From 43c55250c94601ae868e2caca8f008c1b0da1247 Mon Sep 17 00:00:00 2001 1From dd6040ff883e51af62dcbb9594c65b27b925c40b Mon Sep 17 00:00:00 2001
2From: Richard Kettlewell <rjk@greenend.org.uk> 2From: Richard Kettlewell <rjk@greenend.org.uk>
3Date: Sun, 9 Feb 2014 16:09:52 +0000 3Date: Sun, 9 Feb 2014 16:09:52 +0000
4Subject: Various keepalive extensions 4Subject: Various keepalive extensions
diff --git a/debian/patches/lintian-symlink-pickiness.patch b/debian/patches/lintian-symlink-pickiness.patch
index 7628a777d..a6de6085d 100644
--- a/debian/patches/lintian-symlink-pickiness.patch
+++ b/debian/patches/lintian-symlink-pickiness.patch
@@ -1,4 +1,4 @@
1From fd502e1259e2a5cb42e967eedffff6c14978f0db Mon Sep 17 00:00:00 2001 1From 3ed90e9c89cdbbf79ffcb79255bd445a63ee8e5f Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:08 +0000 3Date: Sun, 9 Feb 2014 16:10:08 +0000
4Subject: Fix picky lintian errors about slogin symlinks 4Subject: Fix picky lintian errors about slogin symlinks
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index 96496858b..922d3c341 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -1,4 +1,4 @@
1From f4b3ccb275ef86eba749ab1eb61f8d17623a20d9 Mon Sep 17 00:00:00 2001 1From ad56699201698bc53a9690d025e0a074f7cf1f72 Mon Sep 17 00:00:00 2001
2From: Scott Moser <smoser@ubuntu.com> 2From: Scott Moser <smoser@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:03 +0000 3Date: Sun, 9 Feb 2014 16:10:03 +0000
4Subject: Mention ssh-keygen in ssh fingerprint changed warning 4Subject: Mention ssh-keygen in ssh fingerprint changed warning
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch
index 46c5a736d..364b789dc 100644
--- a/debian/patches/no-openssl-version-status.patch
+++ b/debian/patches/no-openssl-version-status.patch
@@ -1,4 +1,4 @@
1From 9265d741180d536c5a55719e835490c6fe2753d7 Mon Sep 17 00:00:00 2001 1From 4469135282e99143eb3dfe5f36eb1441b9bdbc3a Mon Sep 17 00:00:00 2001
2From: Kurt Roeckx <kurt@roeckx.be> 2From: Kurt Roeckx <kurt@roeckx.be>
3Date: Sun, 9 Feb 2014 16:10:14 +0000 3Date: Sun, 9 Feb 2014 16:10:14 +0000
4Subject: Don't check the status field of the OpenSSL version 4Subject: Don't check the status field of the OpenSSL version
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index dd47130ce..0bf68265a 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -1,4 +1,4 @@
1From 3c25f6ac63012b0a75095bb4beeb30ee1d839a8b Mon Sep 17 00:00:00 2001 1From f9e8c3b7f235170b913337631fc7c1decb69433e Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:09 +0000 3Date: Sun, 9 Feb 2014 16:10:09 +0000
4Subject: Adjust various OpenBSD-specific references in manual pages 4Subject: Adjust various OpenBSD-specific references in manual pages
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index c04cd1493..416541846 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -1,4 +1,4 @@
1From 9ec138d98fbf662ccac8458fe96a9783eb43a0d3 Mon Sep 17 00:00:00 2001 1From 83ae676c1f711bcdd7cd243d677c7eb6e91d84ac Mon Sep 17 00:00:00 2001
2From: Matthew Vernon <matthew@debian.org> 2From: Matthew Vernon <matthew@debian.org>
3Date: Sun, 9 Feb 2014 16:10:05 +0000 3Date: Sun, 9 Feb 2014 16:10:05 +0000
4Subject: Include the Debian version in our identification 4Subject: Include the Debian version in our identification
diff --git a/debian/patches/quieter-signals.patch b/debian/patches/quieter-signals.patch
index e0a71076d..2d864b87f 100644
--- a/debian/patches/quieter-signals.patch
+++ b/debian/patches/quieter-signals.patch
@@ -1,4 +1,4 @@
1From 65817bc1072df855200fafb439b443cbf52fa631 Mon Sep 17 00:00:00 2001 1From 92763d936f746e4ba6aad19c5f35231b4a9df1b2 Mon Sep 17 00:00:00 2001
2From: Peter Samuelson <peter@p12n.org> 2From: Peter Samuelson <peter@p12n.org>
3Date: Sun, 9 Feb 2014 16:09:55 +0000 3Date: Sun, 9 Feb 2014 16:09:55 +0000
4Subject: Reduce severity of "Killed by signal %d" 4Subject: Reduce severity of "Killed by signal %d"
diff --git a/debian/patches/restore-tcp-wrappers.patch b/debian/patches/restore-tcp-wrappers.patch
index 5778440b9..283574c0b 100644
--- a/debian/patches/restore-tcp-wrappers.patch
+++ b/debian/patches/restore-tcp-wrappers.patch
@@ -1,4 +1,4 @@
1From 2cd06c4a70dfb22fd1d54779173b5e086c52e08f Mon Sep 17 00:00:00 2001 1From e1a1a7a55002d4e88c055e495203fea4acc387db Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Tue, 7 Oct 2014 13:22:41 +0100 3Date: Tue, 7 Oct 2014 13:22:41 +0100
4Subject: Restore TCP wrappers support 4Subject: Restore TCP wrappers support
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch
index cc8fc0ccc..dad148e10 100644
--- a/debian/patches/scp-quoting.patch
+++ b/debian/patches/scp-quoting.patch
@@ -1,4 +1,4 @@
1From e7a9d63812243cb281057a50cf41dc9a67f6c749 Mon Sep 17 00:00:00 2001 1From f28d43071d1416aee81eb058799dfc205e033d18 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> 2From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:09:59 +0000 3Date: Sun, 9 Feb 2014 16:09:59 +0000
4Subject: Adjust scp quoting in verbose mode 4Subject: Adjust scp quoting in verbose mode
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index aee443d87..b74351209 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -1,4 +1,4 @@
1From d55bc528ac450324522f02d90a2bdc4832d1eef8 Mon Sep 17 00:00:00 2001 1From f9e312495dd3e453bfd6b3ff5bffd06e8dd90a7f Mon Sep 17 00:00:00 2001
2From: Manoj Srivastava <srivasta@debian.org> 2From: Manoj Srivastava <srivasta@debian.org>
3Date: Sun, 9 Feb 2014 16:09:49 +0000 3Date: Sun, 9 Feb 2014 16:09:49 +0000
4Subject: Handle SELinux authorisation roles 4Subject: Handle SELinux authorisation roles
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index a39a08463..5062b7ce1 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -1,4 +1,4 @@
1From 46395161c625822e4ae3851175ec97a04257789c Mon Sep 17 00:00:00 2001 1From beb218cfc3afbb5068eb222cf62878a54d3bb06c Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:00 +0000 3Date: Sun, 9 Feb 2014 16:10:00 +0000
4Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand 4Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand
diff --git a/debian/patches/sigstop.patch b/debian/patches/sigstop.patch
index a7eb5996e..62c521aef 100644
--- a/debian/patches/sigstop.patch
+++ b/debian/patches/sigstop.patch
@@ -1,4 +1,4 @@
1From 92c6b1dc352b03c7bdecc6ce9bfef7a3b2b54bbc Mon Sep 17 00:00:00 2001 1From 707e1569fb7f883d9a7ad7a70ce4125581969136 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:17 +0000 3Date: Sun, 9 Feb 2014 16:10:17 +0000
4Subject: Support synchronisation with service supervisor using SIGSTOP 4Subject: Support synchronisation with service supervisor using SIGSTOP
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch
index 4672be919..f9213042d 100644
--- a/debian/patches/ssh-agent-setgid.patch
+++ b/debian/patches/ssh-agent-setgid.patch
@@ -1,4 +1,4 @@
1From d724593e18fd54f1ff0815dda0c538188acb7a56 Mon Sep 17 00:00:00 2001 1From 9e9ee52b4c420d334cdd7fc286746feb1df90066 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:13 +0000 3Date: Sun, 9 Feb 2014 16:10:13 +0000
4Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) 4Subject: Document consequences of ssh-agent being setgid in ssh-agent(1)
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index 4961fd458..aa2c11cf7 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -1,4 +1,4 @@
1From 4fe62a4b6a12aba450d84488f11fbf931043913c Mon Sep 17 00:00:00 2001 1From 76d462b84f57126b84ac4275575deda215d3d5a3 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:10 +0000 3Date: Sun, 9 Feb 2014 16:10:10 +0000
4Subject: ssh(1): Refer to ssh-argv0(1) 4Subject: ssh(1): Refer to ssh-argv0(1)
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch
index f9736f7d6..68e22c6f6 100644
--- a/debian/patches/ssh-vulnkey-compat.patch
+++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -1,4 +1,4 @@
1From 250d744e08a4f88cd547023cb2f036b2cdfd569b Mon Sep 17 00:00:00 2001 1From 1fd91310e580ae1723fc250ce77710f97e37ad15 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@ubuntu.com> 2From: Colin Watson <cjwatson@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:09:50 +0000 3Date: Sun, 9 Feb 2014 16:09:50 +0000
4Subject: Accept obsolete ssh-vulnkey configuration options 4Subject: Accept obsolete ssh-vulnkey configuration options
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 39e250f3d..9edb57064 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -1,4 +1,4 @@
1From c44d8ebdba6f7c128fb9a22f9aa7f207cc1383f4 Mon Sep 17 00:00:00 2001 1From 3a9dd9fe28f775dd712d89135ef6fb1e28ff2e5f Mon Sep 17 00:00:00 2001
2From: Jonathan David Amery <jdamery@ysolde.ucam.org> 2From: Jonathan David Amery <jdamery@ysolde.ucam.org>
3Date: Sun, 9 Feb 2014 16:09:54 +0000 3Date: Sun, 9 Feb 2014 16:09:54 +0000
4Subject: "LogLevel SILENT" compatibility 4Subject: "LogLevel SILENT" compatibility
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch
index 24d186ee5..b23d30034 100644
--- a/debian/patches/systemd-readiness.patch
+++ b/debian/patches/systemd-readiness.patch
@@ -1,4 +1,4 @@
1From 91be8a1c1f0387c154ac839c54f8fdfbe2d3c3c5 Mon Sep 17 00:00:00 2001 1From 2bb85b3c756967d72efbf895a8908858ee4c2441 Mon Sep 17 00:00:00 2001
2From: Michael Biebl <biebl@debian.org> 2From: Michael Biebl <biebl@debian.org>
3Date: Mon, 21 Dec 2015 16:08:47 +0000 3Date: Mon, 21 Dec 2015 16:08:47 +0000
4Subject: Add systemd readiness notification support 4Subject: Add systemd readiness notification support
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 98d37d36c..2e1be8dd3 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
1From aae427a0c7d5702bf294191533ab1f33437a8a56 Mon Sep 17 00:00:00 2001 1From 628e08e8a589dff2178a6725d32c5699f11b2405 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:09:58 +0000 3Date: Sun, 9 Feb 2014 16:09:58 +0000
4Subject: Allow harmless group-writability 4Subject: Allow harmless group-writability
@@ -52,10 +52,10 @@ index ee9e827..2ff2cff 100644
52 pw->pw_name, buf); 52 pw->pw_name, buf);
53 auth_debug_add("Bad file modes for %.200s", buf); 53 auth_debug_add("Bad file modes for %.200s", buf);
54diff --git a/auth.c b/auth.c 54diff --git a/auth.c b/auth.c
55index 214c2c7..25be632 100644 55index bd6a026..782b7f8 100644
56--- a/auth.c 56--- a/auth.c
57+++ b/auth.c 57+++ b/auth.c
58@@ -424,8 +424,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, 58@@ -425,8 +425,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
59 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); 59 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
60 if (options.strict_modes && 60 if (options.strict_modes &&
61 (stat(user_hostfile, &st) == 0) && 61 (stat(user_hostfile, &st) == 0) &&
@@ -65,7 +65,7 @@ index 214c2c7..25be632 100644
65 logit("Authentication refused for %.100s: " 65 logit("Authentication refused for %.100s: "
66 "bad owner or modes for %.200s", 66 "bad owner or modes for %.200s",
67 pw->pw_name, user_hostfile); 67 pw->pw_name, user_hostfile);
68@@ -487,8 +486,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, 68@@ -488,8 +487,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
69 snprintf(err, errlen, "%s is not a regular file", buf); 69 snprintf(err, errlen, "%s is not a regular file", buf);
70 return -1; 70 return -1;
71 } 71 }
@@ -75,7 +75,7 @@ index 214c2c7..25be632 100644
75 snprintf(err, errlen, "bad ownership or modes for file %s", 75 snprintf(err, errlen, "bad ownership or modes for file %s",
76 buf); 76 buf);
77 return -1; 77 return -1;
78@@ -503,8 +501,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, 78@@ -504,8 +502,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
79 strlcpy(buf, cp, sizeof(buf)); 79 strlcpy(buf, cp, sizeof(buf));
80 80
81 if (stat(buf, &st) < 0 || 81 if (stat(buf, &st) < 0 ||