summaryrefslogtreecommitdiff
path: root/debian/patches/conch-old-privkey-format.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/conch-old-privkey-format.patch')
-rw-r--r--debian/patches/conch-old-privkey-format.patch68
1 files changed, 68 insertions, 0 deletions
diff --git a/debian/patches/conch-old-privkey-format.patch b/debian/patches/conch-old-privkey-format.patch
new file mode 100644
index 000000000..25c16526b
--- /dev/null
+++ b/debian/patches/conch-old-privkey-format.patch
@@ -0,0 +1,68 @@
1From 46352085d71fe406537828a1cee3c2ce896eccb9 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org>
3Date: Thu, 30 Aug 2018 00:58:56 +0100
4Subject: Work around conch interoperability failure
5
6Twisted Conch fails to read private keys in the new format
7(https://twistedmatrix.com/trac/ticket/9515). Work around this until it
8can be fixed in Twisted.
9
10Forwarded: not-needed
11Last-Update: 2019-10-09
12
13Patch-Name: conch-old-privkey-format.patch
14---
15 regress/Makefile | 2 +-
16 regress/conch-ciphers.sh | 2 +-
17 regress/test-exec.sh | 12 ++++++++++++
18 3 files changed, 14 insertions(+), 2 deletions(-)
19
20diff --git a/regress/Makefile b/regress/Makefile
21index 34c47e8cb..17e0a06e8 100644
22--- a/regress/Makefile
23+++ b/regress/Makefile
24@@ -119,7 +119,7 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \
25 rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
26 scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
27 sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
28- ssh-rsa_oldfmt \
29+ ssh-rsa_oldfmt ssh-rsa_oldfmt.pub \
30 ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
31 ssh_proxy_envpass sshd.log sshd_config sshd_config_minimal \
32 sshd_config.orig sshd_proxy sshd_proxy.* sshd_proxy_bak \
33diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh
34index 6678813a2..6ff5da20b 100644
35--- a/regress/conch-ciphers.sh
36+++ b/regress/conch-ciphers.sh
37@@ -16,7 +16,7 @@ for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \
38 rm -f ${COPY}
39 # XXX the 2nd "cat" seems to be needed because of buggy FD handling
40 # in conch
41- ${CONCH} --identity $OBJ/ssh-rsa --port $PORT --user $USER -e none \
42+ ${CONCH} --identity $OBJ/ssh-rsa_oldfmt --port $PORT --user $USER -e none \
43 --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \
44 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY}
45 if [ $? -ne 0 ]; then
46diff --git a/regress/test-exec.sh b/regress/test-exec.sh
47index 508b93284..5e48bfbe3 100644
48--- a/regress/test-exec.sh
49+++ b/regress/test-exec.sh
50@@ -510,6 +510,18 @@ REGRESS_INTEROP_CONCH=no
51 if test -x "$CONCH" ; then
52 REGRESS_INTEROP_CONCH=yes
53 fi
54+case "$SCRIPT" in
55+*conch*) ;;
56+*) REGRESS_INTEROP_CONCH=no
57+esac
58+
59+if test "$REGRESS_INTEROP_CONCH" = "yes" ; then
60+ # Convert rsa key to old format to work around
61+ # https://twistedmatrix.com/trac/ticket/9515
62+ cp $OBJ/ssh-rsa $OBJ/ssh-rsa_oldfmt
63+ cp $OBJ/ssh-rsa.pub $OBJ/ssh-rsa_oldfmt.pub
64+ ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/ssh-rsa_oldfmt >/dev/null
65+fi
66
67 # If PuTTY is present and we are running a PuTTY test, prepare keys and
68 # configuration