Apply upstream patch to fix PermitOpen argument handling.

author: Colin Watson <cjwatson@debian.org> 2017-10-07 13:43:16 +0100
committer: Colin Watson <cjwatson@debian.org> 2017-10-07 13:43:45 +0100
commit: 1f58a7cbdd7f85a9a04a540ff3886881091bfe8a (patch)
tree: 5a719c1736d94fc6d483b58adf5d1691e089105d /debian
parent: 1e0d55f9163793742d20eaadd4784db16fd3459d (diff)
parent: e293f21da513a7db59fe1997c9e90e2e9cdbceda (diff)
4 files changed, 60 insertions, 2 deletions
diff --git a/debian/.git-dpm b/debian/.git-dpm
index f621e7ad8..f73621e9d 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-801a62eedaaf47b20dbf4b426dc3e084bf0c8d49
+e293f21da513a7db59fe1997c9e90e2e9cdbceda
-801a62eedaaf47b20dbf4b426dc3e084bf0c8d49
+e293f21da513a7db59fe1997c9e90e2e9cdbceda
 62f54f20bf351468e0124f63cc2902ee40d9b0e9
 62f54f20bf351468e0124f63cc2902ee40d9b0e9
 openssh_7.6p1.orig.tar.gz
diff --git a/debian/changelog b/debian/changelog
index cbf84cbca..f63728e66 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+openssh (1:7.6p1-2) UNRELEASED; urgency=medium
+  * Apply upstream patch to fix PermitOpen argument handling.
+ -- Colin Watson <cjwatson@debian.org>  Sat, 07 Oct 2017 13:43:21 +0100
 openssh (1:7.6p1-1) unstable; urgency=medium
  * New upstream release (https://www.openssh.com/txt/release-7.6):
diff --git a/debian/patches/permitopen-argument-handling.patch b/debian/patches/permitopen-argument-handling.patch
new file mode 100644
index 000000000..6369c395c
--- /dev/null
+++ b/debian/patches/permitopen-argument-handling.patch
@@ -0,0 +1,51 @@
+From e293f21da513a7db59fe1997c9e90e2e9cdbceda Mon Sep 17 00:00:00 2001
+From: "djm@openbsd.org" <djm@openbsd.org>
+Date: Wed, 4 Oct 2017 18:49:30 +0000
+Subject: Fix PermitOpen argument handling
+fix (another) problem in PermitOpen introduced during the
+channels.c refactor: the third and subsequent arguments to PermitOpen were
+being silently ignored; ok markus@
+Upstream-ID: 067c89f1f53cbc381628012ba776d6861e6782fd
+Origin: https://anongit.mindrot.org/openssh.git/commit/?id=7c9613fac3371cf65fb07739212cdd1ebf6575da
+Last-Update: 2017-10-07
+Patch-Name: permitopen-argument-handling.patch
+---
+ servconf.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+diff --git a/servconf.c b/servconf.c
+index 5e996cf8..9daa182c 100644
+--- a/servconf.c
+++ b/servconf.c
+@@ -1,5 +1,5 @@
+ 
+-/* $OpenBSD: servconf.c,v 1.312 2017/10/02 19:33:20 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.313 2017/10/04 18:49:30 djm Exp $ */
+ /*
+  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+  *                    All rights reserved
+@@ -1690,9 +1690,9 @@ process_server_config_line(ServerOptions *options, char *line,
+                if (!arg || *arg == '\0')
+                        fatal("%s line %d: missing PermitOpen specification",
+                            filename, linenum);
+-               i = options->num_permitted_opens;       /* modified later */
+               value = options->num_permitted_opens;   /* modified later */
+                if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
+-                       if (*activep && i == 0) {
+                       if (*activep && value == 0) {
+                                options->num_permitted_opens = 1;
+                                options->permitted_opens = xcalloc(1,
+                                    sizeof(*options->permitted_opens));
+@@ -1710,7 +1710,7 @@ process_server_config_line(ServerOptions *options, char *line,
+                        if (arg == NULL || ((port = permitopen_port(arg)) < 0))
+                                fatal("%s line %d: bad port number in "
+                                    "PermitOpen", filename, linenum);
+-                       if (*activep && i == 0) {
+                       if (*activep && value == 0) {
+                                options->permitted_opens = xrecallocarray(
+                                    options->permitted_opens,
+                                    options->num_permitted_opens,
diff --git a/debian/patches/series b/debian/patches/series
index d1bb1ff5c..7b9d0e39b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -26,3 +26,4 @@ restore-authorized_keys2.patch
 seccomp-s390-flock-ipc.patch
 seccomp-getuid-geteuid.patch
 seccomp-s390-ioctl-ep11-crypto.patch
+permitopen-argument-handling.patch
author	Colin Watson <cjwatson@debian.org>	2017-10-07 13:43:16 +0100
committer	Colin Watson <cjwatson@debian.org>	2017-10-07 13:43:45 +0100
commit	1f58a7cbdd7f85a9a04a540ff3886881091bfe8a (patch)
tree	5a719c1736d94fc6d483b58adf5d1691e089105d /debian
parent	1e0d55f9163793742d20eaadd4784db16fd3459d (diff)
parent	e293f21da513a7db59fe1997c9e90e2e9cdbceda (diff)

diff --git a/debian/.git-dpm b/debian/.git-dpm index f621e7ad8..f73621e9d 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
1	# see git-dpm(1) from git-dpm package	1	# see git-dpm(1) from git-dpm package
2	801a62eedaaf47b20dbf4b426dc3e084bf0c8d49	2	e293f21da513a7db59fe1997c9e90e2e9cdbceda
3	801a62eedaaf47b20dbf4b426dc3e084bf0c8d49	3	e293f21da513a7db59fe1997c9e90e2e9cdbceda
4	62f54f20bf351468e0124f63cc2902ee40d9b0e9	4	62f54f20bf351468e0124f63cc2902ee40d9b0e9
5	62f54f20bf351468e0124f63cc2902ee40d9b0e9	5	62f54f20bf351468e0124f63cc2902ee40d9b0e9
6	openssh_7.6p1.orig.tar.gz	6	openssh_7.6p1.orig.tar.gz


diff --git a/debian/changelog b/debian/changelog index cbf84cbca..f63728e66 100644 --- a/debian/changelog +++ b/debian/changelog
@@ -1,3 +1,9 @@
		1	openssh (1:7.6p1-2) UNRELEASED; urgency=medium
		2
		3	* Apply upstream patch to fix PermitOpen argument handling.
		4
		5	-- Colin Watson <cjwatson@debian.org> Sat, 07 Oct 2017 13:43:21 +0100
		6
1	openssh (1:7.6p1-1) unstable; urgency=medium	7	openssh (1:7.6p1-1) unstable; urgency=medium
2		8
3	* New upstream release (https://www.openssh.com/txt/release-7.6):	9	* New upstream release (https://www.openssh.com/txt/release-7.6):


diff --git a/debian/patches/permitopen-argument-handling.patch b/debian/patches/permitopen-argument-handling.patch new file mode 100644 index 000000000..6369c395c --- /dev/null +++ b/debian/patches/permitopen-argument-handling.patch
@@ -0,0 +1,51 @@
		1	From e293f21da513a7db59fe1997c9e90e2e9cdbceda Mon Sep 17 00:00:00 2001
		2	From: "djm@openbsd.org" <djm@openbsd.org>
		3	Date: Wed, 4 Oct 2017 18:49:30 +0000
		4	Subject: Fix PermitOpen argument handling
		5
		6	fix (another) problem in PermitOpen introduced during the
		7	channels.c refactor: the third and subsequent arguments to PermitOpen were
		8	being silently ignored; ok markus@
		9
		10	Upstream-ID: 067c89f1f53cbc381628012ba776d6861e6782fd
		11
		12	Origin: https://anongit.mindrot.org/openssh.git/commit/?id=7c9613fac3371cf65fb07739212cdd1ebf6575da
		13	Last-Update: 2017-10-07
		14
		15	Patch-Name: permitopen-argument-handling.patch
		16	---
		17	servconf.c \| 8 ++++----
		18	1 file changed, 4 insertions(+), 4 deletions(-)
		19
		20	diff --git a/servconf.c b/servconf.c
		21	index 5e996cf8..9daa182c 100644
		22	--- a/servconf.c
		23	+++ b/servconf.c
		24	@@ -1,5 +1,5 @@
		25
		26	-/* $OpenBSD: servconf.c,v 1.312 2017/10/02 19:33:20 djm Exp $ */
		27	+/* $OpenBSD: servconf.c,v 1.313 2017/10/04 18:49:30 djm Exp $ */
		28	/*
		29	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
		30	* All rights reserved
		31	@@ -1690,9 +1690,9 @@ process_server_config_line(ServerOptions options, char line,
		32	if (!arg \|\| *arg == '\0')
		33	fatal("%s line %d: missing PermitOpen specification",
		34	filename, linenum);
		35	- i = options->num_permitted_opens; /* modified later */
		36	+ value = options->num_permitted_opens; /* modified later */
		37	if (strcmp(arg, "any") == 0 \|\| strcmp(arg, "none") == 0) {
		38	- if (*activep && i == 0) {
		39	+ if (*activep && value == 0) {
		40	options->num_permitted_opens = 1;
		41	options->permitted_opens = xcalloc(1,
		42	sizeof(*options->permitted_opens));
		43	@@ -1710,7 +1710,7 @@ process_server_config_line(ServerOptions options, char line,
		44	if (arg == NULL \|\| ((port = permitopen_port(arg)) < 0))
		45	fatal("%s line %d: bad port number in "
		46	"PermitOpen", filename, linenum);
		47	- if (*activep && i == 0) {
		48	+ if (*activep && value == 0) {
		49	options->permitted_opens = xrecallocarray(
		50	options->permitted_opens,
		51	options->num_permitted_opens,


diff --git a/debian/patches/series b/debian/patches/series index d1bb1ff5c..7b9d0e39b 100644 --- a/debian/patches/series +++ b/debian/patches/series
@@ -26,3 +26,4 @@ restore-authorized_keys2.patch
26	seccomp-s390-flock-ipc.patch	26	seccomp-s390-flock-ipc.patch
27	seccomp-getuid-geteuid.patch	27	seccomp-getuid-geteuid.patch
28	seccomp-s390-ioctl-ep11-crypto.patch	28	seccomp-s390-ioctl-ep11-crypto.patch
		29	permitopen-argument-handling.patch