1 files changed, 42 insertions, 0 deletions
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch
new file mode 100644
index 000000000..427ee6be1
--- /dev/null
+++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -0,0 +1,42 @@
+From e6836d7c98c75d3252de56c2f3ea07e12c817e00 Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@ubuntu.com>
+Date: Sun, 9 Feb 2014 16:09:50 +0000
+Subject: Accept obsolete ssh-vulnkey configuration options
+These options were used as part of Debian's response to CVE-2008-0166.
+Nearly six years later, we no longer need to continue carrying the bulk
+of that patch, but we do need to avoid failing when the associated
+configuration options are still present.
+Last-Update: 2014-02-09
+Patch-Name: ssh-vulnkey-compat.patch
+---
+ readconf.c | 1 +
+ servconf.c | 1 +
+ 2 files changed, 2 insertions(+)
+diff --git a/readconf.c b/readconf.c
+index 9127e93..bc879eb 100644
+--- a/readconf.c
+++ b/readconf.c
+@@ -174,6 +174,7 @@ static struct {
+        { "passwordauthentication", oPasswordAuthentication },
+        { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
+        { "kbdinteractivedevices", oKbdInteractiveDevices },
+       { "useblacklistedkeys", oDeprecated },
+        { "rsaauthentication", oRSAAuthentication },
+        { "pubkeyauthentication", oPubkeyAuthentication },
+        { "dsaauthentication", oPubkeyAuthentication },             /* alias */
+diff --git a/servconf.c b/servconf.c
+index cb3c831..a252487 100644
+--- a/servconf.c
+++ b/servconf.c
+@@ -462,6 +462,7 @@ static struct {
+        { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
+        { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
+        { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
+       { "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL },
+        { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
+        { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
+        { "uselogin", sUseLogin, SSHCFG_GLOBAL },

diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch new file mode 100644 index 000000000..427ee6be1 --- /dev/null +++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -0,0 +1,42 @@
	1	From e6836d7c98c75d3252de56c2f3ea07e12c817e00 Mon Sep 17 00:00:00 2001
	2	From: Colin Watson <cjwatson@ubuntu.com>
	3	Date: Sun, 9 Feb 2014 16:09:50 +0000
	4	Subject: Accept obsolete ssh-vulnkey configuration options
	5
	6	These options were used as part of Debian's response to CVE-2008-0166.
	7	Nearly six years later, we no longer need to continue carrying the bulk
	8	of that patch, but we do need to avoid failing when the associated
	9	configuration options are still present.
	10
	11	Last-Update: 2014-02-09
	12
	13	Patch-Name: ssh-vulnkey-compat.patch
	14	---
	15	readconf.c \| 1 +
	16	servconf.c \| 1 +
	17	2 files changed, 2 insertions(+)
	18
	19	diff --git a/readconf.c b/readconf.c
	20	index 9127e93..bc879eb 100644
	21	--- a/readconf.c
	22	+++ b/readconf.c
	23	@@ -174,6 +174,7 @@ static struct {
	24	{ "passwordauthentication", oPasswordAuthentication },
	25	{ "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
	26	{ "kbdinteractivedevices", oKbdInteractiveDevices },
	27	+ { "useblacklistedkeys", oDeprecated },
	28	{ "rsaauthentication", oRSAAuthentication },
	29	{ "pubkeyauthentication", oPubkeyAuthentication },
	30	{ "dsaauthentication", oPubkeyAuthentication }, /* alias */
	31	diff --git a/servconf.c b/servconf.c
	32	index cb3c831..a252487 100644
	33	--- a/servconf.c
	34	+++ b/servconf.c
	35	@@ -462,6 +462,7 @@ static struct {
	36	{ "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
	37	{ "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
	38	{ "strictmodes", sStrictModes, SSHCFG_GLOBAL },
	39	+ { "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL },
	40	{ "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
	41	{ "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
	42	{ "uselogin", sUseLogin, SSHCFG_GLOBAL },