7 files changed, 29 insertions, 47 deletions

diff --git a/debian/.git-dpm b/debian/.git-dpm
index 10768e918..7713e7a1b 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-44f0937b56758f662ff388d474213107e3290863
-44f0937b56758f662ff388d474213107e3290863
+581424965d2d722a991c3247d4c0bb5950cb4fc5
+581424965d2d722a991c3247d4c0bb5950cb4fc5
 487bdb3a5ef6075887b830ccb8a0b14f6da78e93
 487bdb3a5ef6075887b830ccb8a0b14f6da78e93
 openssh_6.7p1.orig.tar.gz
diff --git a/debian/changelog b/debian/changelog
index 19d32e429..ccb93072a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+openssh (1:6.7p1-5) UNRELEASED; urgency=medium
+
+  * Revert change from previous upload, which causes far more trouble than
+    it is worth (closes: #780797):
+    - Send/accept only specific known LC_* variables, rather than using a
+      wildcard.
+
+ -- Colin Watson <cjwatson@debian.org>  Sun, 22 Mar 2015 23:09:32 +0000
+
 openssh (1:6.7p1-4) unstable; urgency=medium
 
   * Send/accept only specific known LC_* variables, rather than using a
diff --git a/debian/openssh-server.postinst b/debian/openssh-server.postinst
index 12ccb4f76..5131b2647 100644
--- a/debian/openssh-server.postinst
+++ b/debian/openssh-server.postinst
@@ -147,13 +147,6 @@ update_server_key_bits() {
 }
 
 
-update_accept_env() {
-        if [ "$(get_config_option AcceptEnv)" = 'LANG LC_*' ]; then
-                set_config_option AcceptEnv 'LANG LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL'
-        fi
-}
-
-
 create_sshdconfig() {
         if [ -e /etc/ssh/sshd_config ] ; then
             # Upgrade an existing sshd configuration.
@@ -175,10 +168,6 @@ create_sshdconfig() {
                 update_server_key_bits
             fi
 
-            if dpkg --compare-versions "$oldversion" lt 1:6.7p1-4; then
-                update_accept_env
-            fi
-
             return 0
         fi
 
@@ -257,7 +246,7 @@ TCPKeepAlive yes
 #Banner /etc/issue.net
 
 # Allow client to pass locale environment variables
-AcceptEnv LANG LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL
+AcceptEnv LANG LC_*
 
 Subsystem sftp /usr/lib/openssh/sftp-server
 
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index f81d731f1..f995717fa 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
-From 44f0937b56758f662ff388d474213107e3290863 Mon Sep 17 00:00:00 2001
+From 581424965d2d722a991c3247d4c0bb5950cb4fc5 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:18 +0000
 Subject: Various Debian-specific configuration changes
@@ -22,16 +22,16 @@ debian/openssh-server.postinst.
 
 Author: Russ Allbery <rra@debian.org>
 Forwarded: not-needed
-Last-Update: 2014-11-06
+Last-Update: 2015-03-22
 
 Patch-Name: debian-config.patch
 ---
  readconf.c    |  2 +-
  ssh_config    |  7 ++++++-
- ssh_config.5  | 23 ++++++++++++++++++++++-
+ ssh_config.5  | 19 ++++++++++++++++++-
  sshd_config   |  1 +
- sshd_config.5 | 29 +++++++++++++++++++++++++++++
- 5 files changed, 59 insertions(+), 3 deletions(-)
+ sshd_config.5 | 25 +++++++++++++++++++++++++
+ 5 files changed, 51 insertions(+), 3 deletions(-)
 
 diff --git a/readconf.c b/readconf.c
 index 0648867..29338b6 100644
@@ -47,7 +47,7 @@ index 0648867..29338b6 100644
                 options->forward_x11_timeout = 1200;
         if (options->exit_on_forward_failure == -1)
 diff --git a/ssh_config b/ssh_config
-index 228e5ab..91be1e7 100644
+index 228e5ab..c9386aa 100644
 --- a/ssh_config
 +++ b/ssh_config
 @@ -17,9 +17,10 @@
@@ -66,15 +66,15 @@ index 228e5ab..91be1e7 100644
  #   VisualHostKey no
  #   ProxyCommand ssh -q -W %h:%p gateway.example.com
  #   RekeyLimit 1G 1h
-+    SendEnv LANG LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL
++    SendEnv LANG LC_*
 +    HashKnownHosts yes
 +    GSSAPIAuthentication yes
 +    GSSAPIDelegateCredentials no
 diff --git a/ssh_config.5 b/ssh_config.5
-index a1005ba..5985769 100644
+index a1005ba..da3c177 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -71,6 +71,26 @@ Since the first obtained value for each parameter is used, more
+@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
  host-specific declarations should be given near the beginning of the
  file, and general defaults at the end.
  .Pp
@@ -87,11 +87,7 @@ index a1005ba..5985769 100644
 +.Pp
 +.Bl -bullet -offset indent -compact
 +.It
-+.Cm SendEnv No LANG Xo
-+.No LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT
-+.No LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME
-+.No LC_ALL
-+.Xc
++.Cm SendEnv No LANG LC_*
 +.It
 +.Cm HashKnownHosts No yes
 +.It
@@ -101,7 +97,7 @@ index a1005ba..5985769 100644
  The configuration file has the following format:
  .Pp
  Empty lines and lines starting with
-@@ -673,7 +693,8 @@ token used for the session will be set to expire after 20 minutes.
+@@ -673,7 +689,8 @@ token used for the session will be set to expire after 20 minutes.
  Remote clients will be refused access after this time.
  .Pp
  The default is
@@ -124,10 +120,10 @@ index d9b8594..4db32f5 100644
  #StrictModes yes
  #MaxAuthTries 6
 diff --git a/sshd_config.5 b/sshd_config.5
-index 7396b23..09bb5fe 100644
+index 7396b23..7aa7b47 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -57,6 +57,35 @@ Arguments may optionally be enclosed in double quotes
+@@ -57,6 +57,31 @@ Arguments may optionally be enclosed in double quotes
  .Pq \&"
  in order to represent arguments containing spaces.
  .Pp
@@ -149,11 +145,7 @@ index 7396b23..09bb5fe 100644
 +.It
 +.Cm PrintMotd No no
 +.It
-+.Cm AcceptEnv No LANG Xo
-+.No LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT
-+.No LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME
-+.No LC_ALL
-+.Xc
++.Cm AcceptEnv No LANG LC_*
 +.It
 +.Cm Subsystem No sftp /usr/lib/openssh/sftp-server
 +.It
diff --git a/ssh_config b/ssh_config
index 91be1e760..c9386aadd 100644
--- a/ssh_config
+++ b/ssh_config
@@ -49,7 +49,7 @@ Host *
 #   VisualHostKey no
 #   ProxyCommand ssh -q -W %h:%p gateway.example.com
 #   RekeyLimit 1G 1h
-    SendEnv LANG LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL
+    SendEnv LANG LC_*
     HashKnownHosts yes
     GSSAPIAuthentication yes
     GSSAPIDelegateCredentials no
diff --git a/ssh_config.5 b/ssh_config.5
index 598576997..da3c1771a 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -80,11 +80,7 @@ which are not the default in
 .Pp
 .Bl -bullet -offset indent -compact
 .It
-.Cm SendEnv No LANG Xo
-.No LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT
-.No LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME
-.No LC_ALL
-.Xc
+.Cm SendEnv No LANG LC_*
 .It
 .Cm HashKnownHosts No yes
 .It
diff --git a/sshd_config.5 b/sshd_config.5
index 09bb5fe33..7aa7b4733 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -75,11 +75,7 @@ following:
 .It
 .Cm PrintMotd No no
 .It
-.Cm AcceptEnv No LANG Xo
-.No LC_ADDRESS LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT
-.No LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME
-.No LC_ALL
-.Xc
+.Cm AcceptEnv No LANG LC_*
 .It
 .Cm Subsystem No sftp /usr/lib/openssh/sftp-server
 .It