summaryrefslogtreecommitdiff
path: root/debian/patches/ssh-vulnkey-compat.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/ssh-vulnkey-compat.patch')
-rw-r--r--debian/patches/ssh-vulnkey-compat.patch42
1 files changed, 42 insertions, 0 deletions
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch
new file mode 100644
index 000000000..a14f7ae06
--- /dev/null
+++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -0,0 +1,42 @@
1From 889e217b88a7848e6c997f7f87d07b9d1a35fb49 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:09:50 +0000
4Subject: Accept obsolete ssh-vulnkey configuration options
5
6These options were used as part of Debian's response to CVE-2008-0166.
7Nearly six years later, we no longer need to continue carrying the bulk
8of that patch, but we do need to avoid failing when the associated
9configuration options are still present.
10
11Last-Update: 2014-02-09
12
13Patch-Name: ssh-vulnkey-compat.patch
14---
15 readconf.c | 1 +
16 servconf.c | 1 +
17 2 files changed, 2 insertions(+)
18
19diff --git a/readconf.c b/readconf.c
20index cb8bcb2..2a1fe8e 100644
21--- a/readconf.c
22+++ b/readconf.c
23@@ -171,6 +171,7 @@ static struct {
24 { "passwordauthentication", oPasswordAuthentication },
25 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
26 { "kbdinteractivedevices", oKbdInteractiveDevices },
27+ { "useblacklistedkeys", oDeprecated },
28 { "rsaauthentication", oRSAAuthentication },
29 { "pubkeyauthentication", oPubkeyAuthentication },
30 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
31diff --git a/servconf.c b/servconf.c
32index 29209e4..65f71ad 100644
33--- a/servconf.c
34+++ b/servconf.c
35@@ -456,6 +456,7 @@ static struct {
36 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
37 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
38 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
39+ { "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL },
40 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
41 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
42 { "uselogin", sUseLogin, SSHCFG_GLOBAL },