diff options
Diffstat (limited to 'debian/patches/auth-log-verbosity.patch')
-rw-r--r-- | debian/patches/auth-log-verbosity.patch | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch index fb3855f9a..ba7642d83 100644 --- a/debian/patches/auth-log-verbosity.patch +++ b/debian/patches/auth-log-verbosity.patch | |||
@@ -1,11 +1,11 @@ | |||
1 | From e08f96cf1105a3ee9a23de7102d593443e031e0c Mon Sep 17 00:00:00 2001 | 1 | From 50e9edb57b6808cbbf63fe3433febb103baac1e8 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 |
4 | Subject: Quieten logs when multiple from= restrictions are used | 4 | Subject: Quieten logs when multiple from= restrictions are used |
5 | 5 | ||
6 | Bug-Debian: http://bugs.debian.org/630606 | 6 | Bug-Debian: http://bugs.debian.org/630606 |
7 | Forwarded: no | 7 | Forwarded: no |
8 | Last-Update: 2013-09-14 | 8 | Last-Update: 2017-10-04 |
9 | 9 | ||
10 | Patch-Name: auth-log-verbosity.patch | 10 | Patch-Name: auth-log-verbosity.patch |
11 | --- | 11 | --- |
@@ -15,10 +15,10 @@ Patch-Name: auth-log-verbosity.patch | |||
15 | 3 files changed, 30 insertions(+), 9 deletions(-) | 15 | 3 files changed, 30 insertions(+), 9 deletions(-) |
16 | 16 | ||
17 | diff --git a/auth-options.c b/auth-options.c | 17 | diff --git a/auth-options.c b/auth-options.c |
18 | index 57b49f7f..7eb87b35 100644 | 18 | index bed00eef..ccdd0b20 100644 |
19 | --- a/auth-options.c | 19 | --- a/auth-options.c |
20 | +++ b/auth-options.c | 20 | +++ b/auth-options.c |
21 | @@ -59,8 +59,19 @@ int forced_tun_device = -1; | 21 | @@ -59,10 +59,21 @@ int forced_tun_device = -1; |
22 | /* "principals=" option. */ | 22 | /* "principals=" option. */ |
23 | char *authorized_principals = NULL; | 23 | char *authorized_principals = NULL; |
24 | 24 | ||
@@ -28,6 +28,8 @@ index 57b49f7f..7eb87b35 100644 | |||
28 | + | 28 | + |
29 | extern ServerOptions options; | 29 | extern ServerOptions options; |
30 | 30 | ||
31 | /* XXX refactor to be stateless */ | ||
32 | |||
31 | +void | 33 | +void |
32 | +auth_start_parse_options(void) | 34 | +auth_start_parse_options(void) |
33 | +{ | 35 | +{ |
@@ -38,7 +40,7 @@ index 57b49f7f..7eb87b35 100644 | |||
38 | void | 40 | void |
39 | auth_clear_options(void) | 41 | auth_clear_options(void) |
40 | { | 42 | { |
41 | @@ -316,10 +327,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | 43 | @@ -322,10 +333,13 @@ auth_parse_options(struct passwd *pw, char *opts, const char *file, |
42 | /* FALLTHROUGH */ | 44 | /* FALLTHROUGH */ |
43 | case 0: | 45 | case 0: |
44 | free(patterns); | 46 | free(patterns); |
@@ -56,7 +58,7 @@ index 57b49f7f..7eb87b35 100644 | |||
56 | auth_debug_add("Your host '%.200s' is not " | 58 | auth_debug_add("Your host '%.200s' is not " |
57 | "permitted to use this key for login.", | 59 | "permitted to use this key for login.", |
58 | remote_host); | 60 | remote_host); |
59 | @@ -543,11 +557,14 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, | 61 | @@ -549,11 +563,14 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, |
60 | break; | 62 | break; |
61 | case 0: | 63 | case 0: |
62 | /* no match */ | 64 | /* no match */ |
@@ -77,7 +79,7 @@ index 57b49f7f..7eb87b35 100644 | |||
77 | "is not permitted to use this " | 79 | "is not permitted to use this " |
78 | "certificate for login.", | 80 | "certificate for login.", |
79 | diff --git a/auth-options.h b/auth-options.h | 81 | diff --git a/auth-options.h b/auth-options.h |
80 | index 52cbb42a..82355276 100644 | 82 | index 547f0163..4de0f14d 100644 |
81 | --- a/auth-options.h | 83 | --- a/auth-options.h |
82 | +++ b/auth-options.h | 84 | +++ b/auth-options.h |
83 | @@ -33,6 +33,7 @@ extern int forced_tun_device; | 85 | @@ -33,6 +33,7 @@ extern int forced_tun_device; |
@@ -85,14 +87,14 @@ index 52cbb42a..82355276 100644 | |||
85 | extern char *authorized_principals; | 87 | extern char *authorized_principals; |
86 | 88 | ||
87 | +void auth_start_parse_options(void); | 89 | +void auth_start_parse_options(void); |
88 | int auth_parse_options(struct passwd *, char *, char *, u_long); | 90 | int auth_parse_options(struct passwd *, char *, const char *, u_long); |
89 | void auth_clear_options(void); | 91 | void auth_clear_options(void); |
90 | int auth_cert_options(struct sshkey *, struct passwd *, const char **); | 92 | int auth_cert_options(struct sshkey *, struct passwd *, const char **); |
91 | diff --git a/auth2-pubkey.c b/auth2-pubkey.c | 93 | diff --git a/auth2-pubkey.c b/auth2-pubkey.c |
92 | index 3e5706f4..6dc5076e 100644 | 94 | index 169839b0..43f880b6 100644 |
93 | --- a/auth2-pubkey.c | 95 | --- a/auth2-pubkey.c |
94 | +++ b/auth2-pubkey.c | 96 | +++ b/auth2-pubkey.c |
95 | @@ -566,6 +566,7 @@ process_principals(FILE *f, char *file, struct passwd *pw, | 97 | @@ -269,6 +269,7 @@ process_principals(FILE *f, const char *file, struct passwd *pw, |
96 | u_long linenum = 0; | 98 | u_long linenum = 0; |
97 | u_int i, found_principal = 0; | 99 | u_int i, found_principal = 0; |
98 | 100 | ||
@@ -100,16 +102,16 @@ index 3e5706f4..6dc5076e 100644 | |||
100 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 102 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
101 | /* Always consume entire input */ | 103 | /* Always consume entire input */ |
102 | if (found_principal) | 104 | if (found_principal) |
103 | @@ -771,6 +772,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | 105 | @@ -471,6 +472,7 @@ check_authkeys_file(FILE *f, char *file, struct sshkey *key, struct passwd *pw) |
104 | found_key = 0; | 106 | u_long linenum = 0; |
107 | struct sshkey *found = NULL; | ||
105 | 108 | ||
106 | found = NULL; | ||
107 | + auth_start_parse_options(); | 109 | + auth_start_parse_options(); |
108 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 110 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
109 | char *cp, *key_options = NULL, *fp = NULL; | 111 | char *cp, *key_options = NULL, *fp = NULL; |
110 | const char *reason = NULL; | 112 | const char *reason = NULL; |
111 | @@ -921,6 +923,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | 113 | @@ -624,6 +626,7 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key) |
112 | if (key_cert_check_authority(key, 0, 1, | 114 | if (sshkey_cert_check_authority(key, 0, 1, |
113 | use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) | 115 | use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) |
114 | goto fail_reason; | 116 | goto fail_reason; |
115 | + auth_start_parse_options(); | 117 | + auth_start_parse_options(); |