diff options
Diffstat (limited to 'debian/patches/auth-log-verbosity.patch')
| -rw-r--r-- | debian/patches/auth-log-verbosity.patch | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch index fb3855f9a..ba7642d83 100644 --- a/debian/patches/auth-log-verbosity.patch +++ b/debian/patches/auth-log-verbosity.patch | |||
| @@ -1,11 +1,11 @@ | |||
| 1 | From e08f96cf1105a3ee9a23de7102d593443e031e0c Mon Sep 17 00:00:00 2001 | 1 | From 50e9edb57b6808cbbf63fe3433febb103baac1e8 Mon Sep 17 00:00:00 2001 |
| 2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
| 3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 |
| 4 | Subject: Quieten logs when multiple from= restrictions are used | 4 | Subject: Quieten logs when multiple from= restrictions are used |
| 5 | 5 | ||
| 6 | Bug-Debian: http://bugs.debian.org/630606 | 6 | Bug-Debian: http://bugs.debian.org/630606 |
| 7 | Forwarded: no | 7 | Forwarded: no |
| 8 | Last-Update: 2013-09-14 | 8 | Last-Update: 2017-10-04 |
| 9 | 9 | ||
| 10 | Patch-Name: auth-log-verbosity.patch | 10 | Patch-Name: auth-log-verbosity.patch |
| 11 | --- | 11 | --- |
| @@ -15,10 +15,10 @@ Patch-Name: auth-log-verbosity.patch | |||
| 15 | 3 files changed, 30 insertions(+), 9 deletions(-) | 15 | 3 files changed, 30 insertions(+), 9 deletions(-) |
| 16 | 16 | ||
| 17 | diff --git a/auth-options.c b/auth-options.c | 17 | diff --git a/auth-options.c b/auth-options.c |
| 18 | index 57b49f7f..7eb87b35 100644 | 18 | index bed00eef..ccdd0b20 100644 |
| 19 | --- a/auth-options.c | 19 | --- a/auth-options.c |
| 20 | +++ b/auth-options.c | 20 | +++ b/auth-options.c |
| 21 | @@ -59,8 +59,19 @@ int forced_tun_device = -1; | 21 | @@ -59,10 +59,21 @@ int forced_tun_device = -1; |
| 22 | /* "principals=" option. */ | 22 | /* "principals=" option. */ |
| 23 | char *authorized_principals = NULL; | 23 | char *authorized_principals = NULL; |
| 24 | 24 | ||
| @@ -28,6 +28,8 @@ index 57b49f7f..7eb87b35 100644 | |||
| 28 | + | 28 | + |
| 29 | extern ServerOptions options; | 29 | extern ServerOptions options; |
| 30 | 30 | ||
| 31 | /* XXX refactor to be stateless */ | ||
| 32 | |||
| 31 | +void | 33 | +void |
| 32 | +auth_start_parse_options(void) | 34 | +auth_start_parse_options(void) |
| 33 | +{ | 35 | +{ |
| @@ -38,7 +40,7 @@ index 57b49f7f..7eb87b35 100644 | |||
| 38 | void | 40 | void |
| 39 | auth_clear_options(void) | 41 | auth_clear_options(void) |
| 40 | { | 42 | { |
| 41 | @@ -316,10 +327,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | 43 | @@ -322,10 +333,13 @@ auth_parse_options(struct passwd *pw, char *opts, const char *file, |
| 42 | /* FALLTHROUGH */ | 44 | /* FALLTHROUGH */ |
| 43 | case 0: | 45 | case 0: |
| 44 | free(patterns); | 46 | free(patterns); |
| @@ -56,7 +58,7 @@ index 57b49f7f..7eb87b35 100644 | |||
| 56 | auth_debug_add("Your host '%.200s' is not " | 58 | auth_debug_add("Your host '%.200s' is not " |
| 57 | "permitted to use this key for login.", | 59 | "permitted to use this key for login.", |
| 58 | remote_host); | 60 | remote_host); |
| 59 | @@ -543,11 +557,14 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, | 61 | @@ -549,11 +563,14 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, |
| 60 | break; | 62 | break; |
| 61 | case 0: | 63 | case 0: |
| 62 | /* no match */ | 64 | /* no match */ |
| @@ -77,7 +79,7 @@ index 57b49f7f..7eb87b35 100644 | |||
| 77 | "is not permitted to use this " | 79 | "is not permitted to use this " |
| 78 | "certificate for login.", | 80 | "certificate for login.", |
| 79 | diff --git a/auth-options.h b/auth-options.h | 81 | diff --git a/auth-options.h b/auth-options.h |
| 80 | index 52cbb42a..82355276 100644 | 82 | index 547f0163..4de0f14d 100644 |
| 81 | --- a/auth-options.h | 83 | --- a/auth-options.h |
| 82 | +++ b/auth-options.h | 84 | +++ b/auth-options.h |
| 83 | @@ -33,6 +33,7 @@ extern int forced_tun_device; | 85 | @@ -33,6 +33,7 @@ extern int forced_tun_device; |
| @@ -85,14 +87,14 @@ index 52cbb42a..82355276 100644 | |||
| 85 | extern char *authorized_principals; | 87 | extern char *authorized_principals; |
| 86 | 88 | ||
| 87 | +void auth_start_parse_options(void); | 89 | +void auth_start_parse_options(void); |
| 88 | int auth_parse_options(struct passwd *, char *, char *, u_long); | 90 | int auth_parse_options(struct passwd *, char *, const char *, u_long); |
| 89 | void auth_clear_options(void); | 91 | void auth_clear_options(void); |
| 90 | int auth_cert_options(struct sshkey *, struct passwd *, const char **); | 92 | int auth_cert_options(struct sshkey *, struct passwd *, const char **); |
| 91 | diff --git a/auth2-pubkey.c b/auth2-pubkey.c | 93 | diff --git a/auth2-pubkey.c b/auth2-pubkey.c |
| 92 | index 3e5706f4..6dc5076e 100644 | 94 | index 169839b0..43f880b6 100644 |
| 93 | --- a/auth2-pubkey.c | 95 | --- a/auth2-pubkey.c |
| 94 | +++ b/auth2-pubkey.c | 96 | +++ b/auth2-pubkey.c |
| 95 | @@ -566,6 +566,7 @@ process_principals(FILE *f, char *file, struct passwd *pw, | 97 | @@ -269,6 +269,7 @@ process_principals(FILE *f, const char *file, struct passwd *pw, |
| 96 | u_long linenum = 0; | 98 | u_long linenum = 0; |
| 97 | u_int i, found_principal = 0; | 99 | u_int i, found_principal = 0; |
| 98 | 100 | ||
| @@ -100,16 +102,16 @@ index 3e5706f4..6dc5076e 100644 | |||
| 100 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 102 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
| 101 | /* Always consume entire input */ | 103 | /* Always consume entire input */ |
| 102 | if (found_principal) | 104 | if (found_principal) |
| 103 | @@ -771,6 +772,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | 105 | @@ -471,6 +472,7 @@ check_authkeys_file(FILE *f, char *file, struct sshkey *key, struct passwd *pw) |
| 104 | found_key = 0; | 106 | u_long linenum = 0; |
| 107 | struct sshkey *found = NULL; | ||
| 105 | 108 | ||
| 106 | found = NULL; | ||
| 107 | + auth_start_parse_options(); | 109 | + auth_start_parse_options(); |
| 108 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 110 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
| 109 | char *cp, *key_options = NULL, *fp = NULL; | 111 | char *cp, *key_options = NULL, *fp = NULL; |
| 110 | const char *reason = NULL; | 112 | const char *reason = NULL; |
| 111 | @@ -921,6 +923,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | 113 | @@ -624,6 +626,7 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key) |
| 112 | if (key_cert_check_authority(key, 0, 1, | 114 | if (sshkey_cert_check_authority(key, 0, 1, |
| 113 | use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) | 115 | use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) |
| 114 | goto fail_reason; | 116 | goto fail_reason; |
| 115 | + auth_start_parse_options(); | 117 | + auth_start_parse_options(); |