diff options
author | Colin Watson <cjwatson@debian.org> | 2016-01-04 13:43:57 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-01-04 13:45:10 +0000 |
commit | 3782b4ad3e4eae51a99fd3cc4a6e401d117636a2 (patch) | |
tree | d53f1c0addcfd6df3e63cbdd7a8ca52112b1c9b4 /debian/patches | |
parent | f9c35cbf21fa84501c5786923b4d200523977802 (diff) | |
parent | 1f715c783abc11e805d9fd8af4847c3514fcb296 (diff) |
Allow authenticating as root using gssapi-keyex even with "PermitRootLogin prohibit-password" (closes: #809695).
Diffstat (limited to 'debian/patches')
29 files changed, 50 insertions, 35 deletions
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch index d9c5f4001..bde6dfb45 100644 --- a/debian/patches/auth-log-verbosity.patch +++ b/debian/patches/auth-log-verbosity.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 2e8f32e76f598143900914f3f61f2448bbc98cae Mon Sep 17 00:00:00 2001 | 1 | From b7921aa4a2b83b247ca13651d061ab2eaa527f65 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 |
4 | Subject: Quieten logs when multiple from= restrictions are used | 4 | Subject: Quieten logs when multiple from= restrictions are used |
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch index 3c41df483..8bddf00ce 100644 --- a/debian/patches/authorized-keys-man-symlink.patch +++ b/debian/patches/authorized-keys-man-symlink.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 648f76a35334b75f51f9a1178172a29e108a26bd Mon Sep 17 00:00:00 2001 | 1 | From a003be3d6aca1aa78e23da80ae53b35afb0094f1 Mon Sep 17 00:00:00 2001 |
2 | From: Tomas Pospisek <tpo_deb@sourcepole.ch> | 2 | From: Tomas Pospisek <tpo_deb@sourcepole.ch> |
3 | Date: Sun, 9 Feb 2014 16:10:07 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:07 +0000 |
4 | Subject: Install authorized_keys(5) as a symlink to sshd(8) | 4 | Subject: Install authorized_keys(5) as a symlink to sshd(8) |
diff --git a/debian/patches/backport-fix-first-kex-follows.patch b/debian/patches/backport-fix-first-kex-follows.patch index 08be9de8a..928349824 100644 --- a/debian/patches/backport-fix-first-kex-follows.patch +++ b/debian/patches/backport-fix-first-kex-follows.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From e95f51a2a4b404bcb04bfdf8d092efb37eef446c Mon Sep 17 00:00:00 2001 | 1 | From 1f715c783abc11e805d9fd8af4847c3514fcb296 Mon Sep 17 00:00:00 2001 |
2 | From: Damien Miller <djm@mindrot.org> | 2 | From: Damien Miller <djm@mindrot.org> |
3 | Date: Tue, 15 Dec 2015 15:25:04 +0000 | 3 | Date: Tue, 15 Dec 2015 15:25:04 +0000 |
4 | Subject: upstream commit | 4 | Subject: upstream commit |
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch index 8705f10b0..07dad44b4 100644 --- a/debian/patches/debian-banner.patch +++ b/debian/patches/debian-banner.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From d3faad3474e9ea9c9896aaf5fb3398964043d823 Mon Sep 17 00:00:00 2001 | 1 | From 464ae832806fca916694b51c0bc996af1cac7057 Mon Sep 17 00:00:00 2001 |
2 | From: Kees Cook <kees@debian.org> | 2 | From: Kees Cook <kees@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:06 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:06 +0000 |
4 | Subject: Add DebianBanner server configuration option | 4 | Subject: Add DebianBanner server configuration option |
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch index 09c252607..f5e0b51c5 100644 --- a/debian/patches/debian-config.patch +++ b/debian/patches/debian-config.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 9238867d60dd8f7da598ef3ebdb127cfc5562a91 Mon Sep 17 00:00:00 2001 | 1 | From 382ac29bbd28f2344df323244d9ed6e90306046c Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 |
4 | Subject: Various Debian-specific configuration changes | 4 | Subject: Various Debian-specific configuration changes |
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch index c60ee5e2a..34717b065 100644 --- a/debian/patches/dnssec-sshfp.patch +++ b/debian/patches/dnssec-sshfp.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 721e2eddc34e490480dff698b50cdaf8a8098969 Mon Sep 17 00:00:00 2001 | 1 | From 05e44a7f55ca499d7e7f433152e066b256a1bb79 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:01 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:01 +0000 |
4 | Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf | 4 | Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf |
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch index ccfc44925..596c7a5cc 100644 --- a/debian/patches/doc-hash-tab-completion.patch +++ b/debian/patches/doc-hash-tab-completion.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From f0577ce8bbf5f0307805e2533912921081360c2c Mon Sep 17 00:00:00 2001 | 1 | From 6563989dd56d8f4fd80142dd2c56344c374cde82 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:11 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:11 +0000 |
4 | Subject: Document that HashKnownHosts may break tab-completion | 4 | Subject: Document that HashKnownHosts may break tab-completion |
diff --git a/debian/patches/doc-upstart.patch b/debian/patches/doc-upstart.patch index a03a49e42..645182f38 100644 --- a/debian/patches/doc-upstart.patch +++ b/debian/patches/doc-upstart.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 2dd09da306fcf40948da724f0ff0f613e308b361 Mon Sep 17 00:00:00 2001 | 1 | From 1deb3f4df2dd7e4ea2e19c65a285b0e9e075551f Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@ubuntu.com> | 2 | From: Colin Watson <cjwatson@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:12 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:12 +0000 |
4 | Subject: Refer to ssh's Upstart job as well as its init script | 4 | Subject: Refer to ssh's Upstart job as well as its init script |
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch index 8ca827371..b7e8075f0 100644 --- a/debian/patches/gnome-ssh-askpass2-icon.patch +++ b/debian/patches/gnome-ssh-askpass2-icon.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 578735f51e7152d29963531d9840b7062141a68e Mon Sep 17 00:00:00 2001 | 1 | From 076e887b9a9804b03bc4915bf7044bbbc46553b6 Mon Sep 17 00:00:00 2001 |
2 | From: Vincent Untz <vuntz@ubuntu.com> | 2 | From: Vincent Untz <vuntz@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:16 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:16 +0000 |
4 | Subject: Give the ssh-askpass-gnome window a default icon | 4 | Subject: Give the ssh-askpass-gnome window a default icon |
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch index 4ab9ca373..2c8d04268 100644 --- a/debian/patches/gssapi.patch +++ b/debian/patches/gssapi.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 09c4d9b7d41ab3c9973f07e0109e931f57c59c43 Mon Sep 17 00:00:00 2001 | 1 | From d6cfd64ea0a567d88152270a94be6bb2a78daeb9 Mon Sep 17 00:00:00 2001 |
2 | From: Simon Wilkinson <simon@sxw.org.uk> | 2 | From: Simon Wilkinson <simon@sxw.org.uk> |
3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 |
4 | Subject: GSSAPI key exchange support | 4 | Subject: GSSAPI key exchange support |
@@ -17,13 +17,14 @@ have it merged into the main openssh package rather than having separate | |||
17 | security history. | 17 | security history. |
18 | 18 | ||
19 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 | 19 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 |
20 | Last-Updated: 2015-11-29 | 20 | Last-Updated: 2016-01-04 |
21 | 21 | ||
22 | Patch-Name: gssapi.patch | 22 | Patch-Name: gssapi.patch |
23 | --- | 23 | --- |
24 | ChangeLog.gssapi | 113 +++++++++++++++++++ | 24 | ChangeLog.gssapi | 113 +++++++++++++++++++ |
25 | Makefile.in | 5 +- | 25 | Makefile.in | 5 +- |
26 | auth-krb5.c | 17 ++- | 26 | auth-krb5.c | 17 ++- |
27 | auth.c | 3 +- | ||
27 | auth2-gss.c | 48 +++++++- | 28 | auth2-gss.c | 48 +++++++- |
28 | auth2.c | 2 + | 29 | auth2.c | 2 + |
29 | clientloop.c | 13 +++ | 30 | clientloop.c | 13 +++ |
@@ -53,7 +54,7 @@ Patch-Name: gssapi.patch | |||
53 | sshd_config.5 | 11 ++ | 54 | sshd_config.5 | 11 ++ |
54 | sshkey.c | 3 +- | 55 | sshkey.c | 3 +- |
55 | sshkey.h | 1 + | 56 | sshkey.h | 1 + |
56 | 32 files changed, 1957 insertions(+), 46 deletions(-) | 57 | 33 files changed, 1959 insertions(+), 47 deletions(-) |
57 | create mode 100644 ChangeLog.gssapi | 58 | create mode 100644 ChangeLog.gssapi |
58 | create mode 100644 kexgssc.c | 59 | create mode 100644 kexgssc.c |
59 | create mode 100644 kexgsss.c | 60 | create mode 100644 kexgsss.c |
@@ -251,6 +252,20 @@ index 0089b18..ec47869 100644 | |||
251 | 252 | ||
252 | return (krb5_cc_resolve(ctx, ccname, ccache)); | 253 | return (krb5_cc_resolve(ctx, ccname, ccache)); |
253 | } | 254 | } |
255 | diff --git a/auth.c b/auth.c | ||
256 | index 214c2c7..bd6a026 100644 | ||
257 | --- a/auth.c | ||
258 | +++ b/auth.c | ||
259 | @@ -354,7 +354,8 @@ auth_root_allowed(const char *method) | ||
260 | case PERMIT_NO_PASSWD: | ||
261 | if (strcmp(method, "publickey") == 0 || | ||
262 | strcmp(method, "hostbased") == 0 || | ||
263 | - strcmp(method, "gssapi-with-mic") == 0) | ||
264 | + strcmp(method, "gssapi-with-mic") == 0 || | ||
265 | + strcmp(method, "gssapi-keyex") == 0) | ||
266 | return 1; | ||
267 | break; | ||
268 | case PERMIT_FORCED_ONLY: | ||
254 | diff --git a/auth2-gss.c b/auth2-gss.c | 269 | diff --git a/auth2-gss.c b/auth2-gss.c |
255 | index 1ca8357..3b5036d 100644 | 270 | index 1ca8357..3b5036d 100644 |
256 | --- a/auth2-gss.c | 271 | --- a/auth2-gss.c |
diff --git a/debian/patches/helpful-wait-terminate.patch b/debian/patches/helpful-wait-terminate.patch index bb7acfc0d..9ef03d36d 100644 --- a/debian/patches/helpful-wait-terminate.patch +++ b/debian/patches/helpful-wait-terminate.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 0fe621a2c5a90e37e9a1afa8b56fd04fb1c53eef Mon Sep 17 00:00:00 2001 | 1 | From 0488e67b6971cf1ee55a27b03d85864b744b69de Mon Sep 17 00:00:00 2001 |
2 | From: Matthew Vernon <matthew@debian.org> | 2 | From: Matthew Vernon <matthew@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:56 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:56 +0000 |
4 | Subject: Mention ~& when waiting for forwarded connections to terminate | 4 | Subject: Mention ~& when waiting for forwarded connections to terminate |
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch index 287cfe886..629eaf551 100644 --- a/debian/patches/keepalive-extensions.patch +++ b/debian/patches/keepalive-extensions.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 43c55250c94601ae868e2caca8f008c1b0da1247 Mon Sep 17 00:00:00 2001 | 1 | From dd6040ff883e51af62dcbb9594c65b27b925c40b Mon Sep 17 00:00:00 2001 |
2 | From: Richard Kettlewell <rjk@greenend.org.uk> | 2 | From: Richard Kettlewell <rjk@greenend.org.uk> |
3 | Date: Sun, 9 Feb 2014 16:09:52 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:52 +0000 |
4 | Subject: Various keepalive extensions | 4 | Subject: Various keepalive extensions |
diff --git a/debian/patches/lintian-symlink-pickiness.patch b/debian/patches/lintian-symlink-pickiness.patch index 7628a777d..a6de6085d 100644 --- a/debian/patches/lintian-symlink-pickiness.patch +++ b/debian/patches/lintian-symlink-pickiness.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From fd502e1259e2a5cb42e967eedffff6c14978f0db Mon Sep 17 00:00:00 2001 | 1 | From 3ed90e9c89cdbbf79ffcb79255bd445a63ee8e5f Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:08 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:08 +0000 |
4 | Subject: Fix picky lintian errors about slogin symlinks | 4 | Subject: Fix picky lintian errors about slogin symlinks |
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch index 96496858b..922d3c341 100644 --- a/debian/patches/mention-ssh-keygen-on-keychange.patch +++ b/debian/patches/mention-ssh-keygen-on-keychange.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From f4b3ccb275ef86eba749ab1eb61f8d17623a20d9 Mon Sep 17 00:00:00 2001 | 1 | From ad56699201698bc53a9690d025e0a074f7cf1f72 Mon Sep 17 00:00:00 2001 |
2 | From: Scott Moser <smoser@ubuntu.com> | 2 | From: Scott Moser <smoser@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:03 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:03 +0000 |
4 | Subject: Mention ssh-keygen in ssh fingerprint changed warning | 4 | Subject: Mention ssh-keygen in ssh fingerprint changed warning |
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch index 46c5a736d..364b789dc 100644 --- a/debian/patches/no-openssl-version-status.patch +++ b/debian/patches/no-openssl-version-status.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 9265d741180d536c5a55719e835490c6fe2753d7 Mon Sep 17 00:00:00 2001 | 1 | From 4469135282e99143eb3dfe5f36eb1441b9bdbc3a Mon Sep 17 00:00:00 2001 |
2 | From: Kurt Roeckx <kurt@roeckx.be> | 2 | From: Kurt Roeckx <kurt@roeckx.be> |
3 | Date: Sun, 9 Feb 2014 16:10:14 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:14 +0000 |
4 | Subject: Don't check the status field of the OpenSSL version | 4 | Subject: Don't check the status field of the OpenSSL version |
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch index dd47130ce..0bf68265a 100644 --- a/debian/patches/openbsd-docs.patch +++ b/debian/patches/openbsd-docs.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 3c25f6ac63012b0a75095bb4beeb30ee1d839a8b Mon Sep 17 00:00:00 2001 | 1 | From f9e8c3b7f235170b913337631fc7c1decb69433e Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:09 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:09 +0000 |
4 | Subject: Adjust various OpenBSD-specific references in manual pages | 4 | Subject: Adjust various OpenBSD-specific references in manual pages |
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch index c04cd1493..416541846 100644 --- a/debian/patches/package-versioning.patch +++ b/debian/patches/package-versioning.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 9ec138d98fbf662ccac8458fe96a9783eb43a0d3 Mon Sep 17 00:00:00 2001 | 1 | From 83ae676c1f711bcdd7cd243d677c7eb6e91d84ac Mon Sep 17 00:00:00 2001 |
2 | From: Matthew Vernon <matthew@debian.org> | 2 | From: Matthew Vernon <matthew@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:05 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:05 +0000 |
4 | Subject: Include the Debian version in our identification | 4 | Subject: Include the Debian version in our identification |
diff --git a/debian/patches/quieter-signals.patch b/debian/patches/quieter-signals.patch index e0a71076d..2d864b87f 100644 --- a/debian/patches/quieter-signals.patch +++ b/debian/patches/quieter-signals.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 65817bc1072df855200fafb439b443cbf52fa631 Mon Sep 17 00:00:00 2001 | 1 | From 92763d936f746e4ba6aad19c5f35231b4a9df1b2 Mon Sep 17 00:00:00 2001 |
2 | From: Peter Samuelson <peter@p12n.org> | 2 | From: Peter Samuelson <peter@p12n.org> |
3 | Date: Sun, 9 Feb 2014 16:09:55 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:55 +0000 |
4 | Subject: Reduce severity of "Killed by signal %d" | 4 | Subject: Reduce severity of "Killed by signal %d" |
diff --git a/debian/patches/restore-tcp-wrappers.patch b/debian/patches/restore-tcp-wrappers.patch index 5778440b9..283574c0b 100644 --- a/debian/patches/restore-tcp-wrappers.patch +++ b/debian/patches/restore-tcp-wrappers.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 2cd06c4a70dfb22fd1d54779173b5e086c52e08f Mon Sep 17 00:00:00 2001 | 1 | From e1a1a7a55002d4e88c055e495203fea4acc387db Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Tue, 7 Oct 2014 13:22:41 +0100 | 3 | Date: Tue, 7 Oct 2014 13:22:41 +0100 |
4 | Subject: Restore TCP wrappers support | 4 | Subject: Restore TCP wrappers support |
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch index cc8fc0ccc..dad148e10 100644 --- a/debian/patches/scp-quoting.patch +++ b/debian/patches/scp-quoting.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From e7a9d63812243cb281057a50cf41dc9a67f6c749 Mon Sep 17 00:00:00 2001 | 1 | From f28d43071d1416aee81eb058799dfc205e033d18 Mon Sep 17 00:00:00 2001 |
2 | From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> | 2 | From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:09:59 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:59 +0000 |
4 | Subject: Adjust scp quoting in verbose mode | 4 | Subject: Adjust scp quoting in verbose mode |
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch index aee443d87..b74351209 100644 --- a/debian/patches/selinux-role.patch +++ b/debian/patches/selinux-role.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From d55bc528ac450324522f02d90a2bdc4832d1eef8 Mon Sep 17 00:00:00 2001 | 1 | From f9e312495dd3e453bfd6b3ff5bffd06e8dd90a7f Mon Sep 17 00:00:00 2001 |
2 | From: Manoj Srivastava <srivasta@debian.org> | 2 | From: Manoj Srivastava <srivasta@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:49 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:49 +0000 |
4 | Subject: Handle SELinux authorisation roles | 4 | Subject: Handle SELinux authorisation roles |
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch index a39a08463..5062b7ce1 100644 --- a/debian/patches/shell-path.patch +++ b/debian/patches/shell-path.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 46395161c625822e4ae3851175ec97a04257789c Mon Sep 17 00:00:00 2001 | 1 | From beb218cfc3afbb5068eb222cf62878a54d3bb06c Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:00 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:00 +0000 |
4 | Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand | 4 | Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand |
diff --git a/debian/patches/sigstop.patch b/debian/patches/sigstop.patch index a7eb5996e..62c521aef 100644 --- a/debian/patches/sigstop.patch +++ b/debian/patches/sigstop.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 92c6b1dc352b03c7bdecc6ce9bfef7a3b2b54bbc Mon Sep 17 00:00:00 2001 | 1 | From 707e1569fb7f883d9a7ad7a70ce4125581969136 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:17 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:17 +0000 |
4 | Subject: Support synchronisation with service supervisor using SIGSTOP | 4 | Subject: Support synchronisation with service supervisor using SIGSTOP |
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch index 4672be919..f9213042d 100644 --- a/debian/patches/ssh-agent-setgid.patch +++ b/debian/patches/ssh-agent-setgid.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From d724593e18fd54f1ff0815dda0c538188acb7a56 Mon Sep 17 00:00:00 2001 | 1 | From 9e9ee52b4c420d334cdd7fc286746feb1df90066 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:13 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:13 +0000 |
4 | Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) | 4 | Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) |
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch index 4961fd458..aa2c11cf7 100644 --- a/debian/patches/ssh-argv0.patch +++ b/debian/patches/ssh-argv0.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 4fe62a4b6a12aba450d84488f11fbf931043913c Mon Sep 17 00:00:00 2001 | 1 | From 76d462b84f57126b84ac4275575deda215d3d5a3 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:10 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:10 +0000 |
4 | Subject: ssh(1): Refer to ssh-argv0(1) | 4 | Subject: ssh(1): Refer to ssh-argv0(1) |
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch index f9736f7d6..68e22c6f6 100644 --- a/debian/patches/ssh-vulnkey-compat.patch +++ b/debian/patches/ssh-vulnkey-compat.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 250d744e08a4f88cd547023cb2f036b2cdfd569b Mon Sep 17 00:00:00 2001 | 1 | From 1fd91310e580ae1723fc250ce77710f97e37ad15 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@ubuntu.com> | 2 | From: Colin Watson <cjwatson@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:09:50 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:50 +0000 |
4 | Subject: Accept obsolete ssh-vulnkey configuration options | 4 | Subject: Accept obsolete ssh-vulnkey configuration options |
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch index 39e250f3d..9edb57064 100644 --- a/debian/patches/syslog-level-silent.patch +++ b/debian/patches/syslog-level-silent.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From c44d8ebdba6f7c128fb9a22f9aa7f207cc1383f4 Mon Sep 17 00:00:00 2001 | 1 | From 3a9dd9fe28f775dd712d89135ef6fb1e28ff2e5f Mon Sep 17 00:00:00 2001 |
2 | From: Jonathan David Amery <jdamery@ysolde.ucam.org> | 2 | From: Jonathan David Amery <jdamery@ysolde.ucam.org> |
3 | Date: Sun, 9 Feb 2014 16:09:54 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:54 +0000 |
4 | Subject: "LogLevel SILENT" compatibility | 4 | Subject: "LogLevel SILENT" compatibility |
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch index 24d186ee5..b23d30034 100644 --- a/debian/patches/systemd-readiness.patch +++ b/debian/patches/systemd-readiness.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 91be8a1c1f0387c154ac839c54f8fdfbe2d3c3c5 Mon Sep 17 00:00:00 2001 | 1 | From 2bb85b3c756967d72efbf895a8908858ee4c2441 Mon Sep 17 00:00:00 2001 |
2 | From: Michael Biebl <biebl@debian.org> | 2 | From: Michael Biebl <biebl@debian.org> |
3 | Date: Mon, 21 Dec 2015 16:08:47 +0000 | 3 | Date: Mon, 21 Dec 2015 16:08:47 +0000 |
4 | Subject: Add systemd readiness notification support | 4 | Subject: Add systemd readiness notification support |
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index 98d37d36c..2e1be8dd3 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From aae427a0c7d5702bf294191533ab1f33437a8a56 Mon Sep 17 00:00:00 2001 | 1 | From 628e08e8a589dff2178a6725d32c5699f11b2405 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 |
4 | Subject: Allow harmless group-writability | 4 | Subject: Allow harmless group-writability |
@@ -52,10 +52,10 @@ index ee9e827..2ff2cff 100644 | |||
52 | pw->pw_name, buf); | 52 | pw->pw_name, buf); |
53 | auth_debug_add("Bad file modes for %.200s", buf); | 53 | auth_debug_add("Bad file modes for %.200s", buf); |
54 | diff --git a/auth.c b/auth.c | 54 | diff --git a/auth.c b/auth.c |
55 | index 214c2c7..25be632 100644 | 55 | index bd6a026..782b7f8 100644 |
56 | --- a/auth.c | 56 | --- a/auth.c |
57 | +++ b/auth.c | 57 | +++ b/auth.c |
58 | @@ -424,8 +424,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, | 58 | @@ -425,8 +425,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, |
59 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); | 59 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); |
60 | if (options.strict_modes && | 60 | if (options.strict_modes && |
61 | (stat(user_hostfile, &st) == 0) && | 61 | (stat(user_hostfile, &st) == 0) && |
@@ -65,7 +65,7 @@ index 214c2c7..25be632 100644 | |||
65 | logit("Authentication refused for %.100s: " | 65 | logit("Authentication refused for %.100s: " |
66 | "bad owner or modes for %.200s", | 66 | "bad owner or modes for %.200s", |
67 | pw->pw_name, user_hostfile); | 67 | pw->pw_name, user_hostfile); |
68 | @@ -487,8 +486,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, | 68 | @@ -488,8 +487,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, |
69 | snprintf(err, errlen, "%s is not a regular file", buf); | 69 | snprintf(err, errlen, "%s is not a regular file", buf); |
70 | return -1; | 70 | return -1; |
71 | } | 71 | } |
@@ -75,7 +75,7 @@ index 214c2c7..25be632 100644 | |||
75 | snprintf(err, errlen, "bad ownership or modes for file %s", | 75 | snprintf(err, errlen, "bad ownership or modes for file %s", |
76 | buf); | 76 | buf); |
77 | return -1; | 77 | return -1; |
78 | @@ -503,8 +501,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, | 78 | @@ -504,8 +502,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, |
79 | strlcpy(buf, cp, sizeof(buf)); | 79 | strlcpy(buf, cp, sizeof(buf)); |
80 | 80 | ||
81 | if (stat(buf, &st) < 0 || | 81 | if (stat(buf, &st) < 0 || |