diff options
Diffstat (limited to 'debian/patches/auth-log-verbosity.patch')
-rw-r--r-- | debian/patches/auth-log-verbosity.patch | 38 |
1 files changed, 12 insertions, 26 deletions
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch index 7abed3704..55c5e84ff 100644 --- a/debian/patches/auth-log-verbosity.patch +++ b/debian/patches/auth-log-verbosity.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From b4b79ae5a16f73426b54c6394a29b2b49da4dc16 Mon Sep 17 00:00:00 2001 | 1 | From 69e0307a3bc73d5d360c19aeb61133c126cf63bf Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 |
4 | Subject: Quieten logs when multiple from= restrictions are used | 4 | Subject: Quieten logs when multiple from= restrictions are used |
@@ -11,12 +11,11 @@ Patch-Name: auth-log-verbosity.patch | |||
11 | --- | 11 | --- |
12 | auth-options.c | 35 ++++++++++++++++++++++++++--------- | 12 | auth-options.c | 35 ++++++++++++++++++++++++++--------- |
13 | auth-options.h | 1 + | 13 | auth-options.h | 1 + |
14 | auth-rsa.c | 2 ++ | ||
15 | auth2-pubkey.c | 3 +++ | 14 | auth2-pubkey.c | 3 +++ |
16 | 4 files changed, 32 insertions(+), 9 deletions(-) | 15 | 3 files changed, 30 insertions(+), 9 deletions(-) |
17 | 16 | ||
18 | diff --git a/auth-options.c b/auth-options.c | 17 | diff --git a/auth-options.c b/auth-options.c |
19 | index b399b91..a9d9a81 100644 | 18 | index 57b49f7f..7eb87b35 100644 |
20 | --- a/auth-options.c | 19 | --- a/auth-options.c |
21 | +++ b/auth-options.c | 20 | +++ b/auth-options.c |
22 | @@ -59,9 +59,20 @@ int forced_tun_device = -1; | 21 | @@ -59,9 +59,20 @@ int forced_tun_device = -1; |
@@ -79,7 +78,7 @@ index b399b91..a9d9a81 100644 | |||
79 | "is not permitted to use this " | 78 | "is not permitted to use this " |
80 | "certificate for login.", | 79 | "certificate for login.", |
81 | diff --git a/auth-options.h b/auth-options.h | 80 | diff --git a/auth-options.h b/auth-options.h |
82 | index 34852e5..1653855 100644 | 81 | index 52cbb42a..82355276 100644 |
83 | --- a/auth-options.h | 82 | --- a/auth-options.h |
84 | +++ b/auth-options.h | 83 | +++ b/auth-options.h |
85 | @@ -33,6 +33,7 @@ extern int forced_tun_device; | 84 | @@ -33,6 +33,7 @@ extern int forced_tun_device; |
@@ -89,22 +88,9 @@ index 34852e5..1653855 100644 | |||
89 | +void auth_start_parse_options(void); | 88 | +void auth_start_parse_options(void); |
90 | int auth_parse_options(struct passwd *, char *, char *, u_long); | 89 | int auth_parse_options(struct passwd *, char *, char *, u_long); |
91 | void auth_clear_options(void); | 90 | void auth_clear_options(void); |
92 | int auth_cert_options(struct sshkey *, struct passwd *); | 91 | int auth_cert_options(struct sshkey *, struct passwd *, const char **); |
93 | diff --git a/auth-rsa.c b/auth-rsa.c | ||
94 | index cbd971b..4cf2163 100644 | ||
95 | --- a/auth-rsa.c | ||
96 | +++ b/auth-rsa.c | ||
97 | @@ -181,6 +181,8 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, | ||
98 | if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL) | ||
99 | return 0; | ||
100 | |||
101 | + auth_start_parse_options(); | ||
102 | + | ||
103 | /* | ||
104 | * Go though the accepted keys, looking for the current key. If | ||
105 | * found, perform a challenge-response dialog to verify that the | ||
106 | diff --git a/auth2-pubkey.c b/auth2-pubkey.c | 92 | diff --git a/auth2-pubkey.c b/auth2-pubkey.c |
107 | index 41b34ae..aace7ca 100644 | 93 | index 20f3309e..add77136 100644 |
108 | --- a/auth2-pubkey.c | 94 | --- a/auth2-pubkey.c |
109 | +++ b/auth2-pubkey.c | 95 | +++ b/auth2-pubkey.c |
110 | @@ -566,6 +566,7 @@ process_principals(FILE *f, char *file, struct passwd *pw, | 96 | @@ -566,6 +566,7 @@ process_principals(FILE *f, char *file, struct passwd *pw, |
@@ -115,19 +101,19 @@ index 41b34ae..aace7ca 100644 | |||
115 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 101 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
116 | /* Skip leading whitespace. */ | 102 | /* Skip leading whitespace. */ |
117 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 103 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
118 | @@ -731,6 +732,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | 104 | @@ -764,6 +765,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) |
119 | found_key = 0; | 105 | found_key = 0; |
120 | 106 | ||
121 | found = NULL; | 107 | found = NULL; |
122 | + auth_start_parse_options(); | 108 | + auth_start_parse_options(); |
123 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 109 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
124 | char *cp, *key_options = NULL; | 110 | char *cp, *key_options = NULL, *fp = NULL; |
125 | if (found != NULL) | 111 | const char *reason = NULL; |
126 | @@ -878,6 +880,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | 112 | @@ -911,6 +913,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) |
127 | if (key_cert_check_authority(key, 0, 1, | 113 | if (key_cert_check_authority(key, 0, 1, |
128 | use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) | 114 | use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) |
129 | goto fail_reason; | 115 | goto fail_reason; |
130 | + auth_start_parse_options(); | 116 | + auth_start_parse_options(); |
131 | if (auth_cert_options(key, pw) != 0) | 117 | if (auth_cert_options(key, pw, &reason) != 0) |
132 | goto out; | 118 | goto fail_reason; |
133 | 119 | ||