1 files changed, 14 insertions, 14 deletions
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch
index d60816d46..c13cb3412 100644
--- a/debian/patches/ssh-vulnkey.patch
+++ b/debian/patches/ssh-vulnkey.patch
@@ -130,7 +130,7 @@ Index: b/auth.c
 #include "auth.h"
 #include "auth-options.h"
 #include "canohost.h"
-@@ -606,10 +607,34 @@
+@@ -608,10 +609,34 @@
 
 /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */
 int
@@ -462,7 +462,7 @@ Index: b/servconf.c
 ===================================================================
 --- a/servconf.c
 +++ b/servconf.c
-@@ -104,6 +104,7 @@
+@@ -107,6 +107,7 @@
        options->password_authentication = -1;
        options->kbd_interactive_authentication = -1;
        options->challenge_response_authentication = -1;
@@ -470,7 +470,7 @@ Index: b/servconf.c
        options->permit_empty_passwd = -1;
        options->permit_user_env = -1;
        options->use_login = -1;
-@@ -242,6 +243,8 @@
+@@ -246,6 +247,8 @@
                options->kbd_interactive_authentication = 0;
        if (options->challenge_response_authentication == -1)
                options->challenge_response_authentication = 1;
@@ -479,7 +479,7 @@ Index: b/servconf.c
        if (options->permit_empty_passwd == -1)
                options->permit_empty_passwd = 0;
        if (options->permit_user_env == -1)
-@@ -318,7 +321,7 @@
+@@ -323,7 +326,7 @@
        sListenAddress, sAddressFamily,
        sPrintMotd, sPrintLastLog, sIgnoreRhosts,
        sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
@@ -488,7 +488,7 @@ Index: b/servconf.c
        sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
        sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
        sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
-@@ -428,6 +431,7 @@
+@@ -433,6 +436,7 @@
        { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
        { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
        { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
@@ -496,7 +496,7 @@ Index: b/servconf.c
        { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
        { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
        { "uselogin", sUseLogin, SSHCFG_GLOBAL },
-@@ -1047,6 +1051,10 @@
+@@ -1116,6 +1120,10 @@
                intptr = &options->tcp_keep_alive;
                goto parse_flag;
 
@@ -507,7 +507,7 @@ Index: b/servconf.c
        case sEmptyPasswd:
                intptr = &options->permit_empty_passwd;
                goto parse_flag;
-@@ -1773,6 +1781,7 @@
+@@ -1921,6 +1929,7 @@
        dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
        dump_cfg_fmtint(sStrictModes, o->strict_modes);
        dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
@@ -582,7 +582,7 @@ Index: b/ssh-keygen.1
 ===================================================================
 --- a/ssh-keygen.1
 +++ b/ssh-keygen.1
-@@ -679,6 +679,7 @@
+@@ -691,6 +691,7 @@
 .Xr ssh 1 ,
 .Xr ssh-add 1 ,
 .Xr ssh-agent 1 ,
@@ -1245,7 +1245,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -1492,7 +1492,7 @@
+@@ -1495,7 +1495,7 @@
 static void
 load_public_identity_files(void)
 {
@@ -1254,7 +1254,7 @@ Index: b/ssh.c
        char *pwdir = NULL, *pwname = NULL;
        int i = 0;
        Key *public;
-@@ -1549,6 +1549,22 @@
+@@ -1552,6 +1552,22 @@
                public = key_load_public(filename, NULL);
                debug("identity file %s type %d", filename,
                    public ? public->type : -1);
@@ -1281,7 +1281,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1188,6 +1188,23 @@
+@@ -1187,6 +1187,23 @@
 .Dq any .
 The default is
 .Dq any:any .
@@ -1331,7 +1331,7 @@ Index: b/sshd.8
 ===================================================================
 --- a/sshd.8
 +++ b/sshd.8
-@@ -951,6 +951,7 @@
+@@ -953,6 +953,7 @@
 .Xr ssh-agent 1 ,
 .Xr ssh-keygen 1 ,
 .Xr ssh-keyscan 1 ,
@@ -1343,7 +1343,7 @@ Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -1602,6 +1602,11 @@
+@@ -1593,6 +1593,11 @@
                        sensitive_data.host_keys[i] = NULL;
                        continue;
                }
@@ -1359,7 +1359,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -795,6 +795,20 @@
+@@ -803,6 +803,20 @@
 Specifies whether password authentication is allowed.
 The default is
 .Dq yes .

diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch index d60816d46..c13cb3412 100644 --- a/debian/patches/ssh-vulnkey.patch +++ b/debian/patches/ssh-vulnkey.patch
@@ -130,7 +130,7 @@ Index: b/auth.c
130	#include "auth.h"	130	#include "auth.h"
131	#include "auth-options.h"	131	#include "auth-options.h"
132	#include "canohost.h"	132	#include "canohost.h"
133	@@ -606,10 +607,34 @@	133	@@ -608,10 +609,34 @@
134		134
135	/* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */	135	/* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */
136	int	136	int
@@ -462,7 +462,7 @@ Index: b/servconf.c
462	===================================================================	462	===================================================================
463	--- a/servconf.c	463	--- a/servconf.c
464	+++ b/servconf.c	464	+++ b/servconf.c
465	@@ -104,6 +104,7 @@	465	@@ -107,6 +107,7 @@
466	options->password_authentication = -1;	466	options->password_authentication = -1;
467	options->kbd_interactive_authentication = -1;	467	options->kbd_interactive_authentication = -1;
468	options->challenge_response_authentication = -1;	468	options->challenge_response_authentication = -1;
@@ -470,7 +470,7 @@ Index: b/servconf.c
470	options->permit_empty_passwd = -1;	470	options->permit_empty_passwd = -1;
471	options->permit_user_env = -1;	471	options->permit_user_env = -1;
472	options->use_login = -1;	472	options->use_login = -1;
473	@@ -242,6 +243,8 @@	473	@@ -246,6 +247,8 @@
474	options->kbd_interactive_authentication = 0;	474	options->kbd_interactive_authentication = 0;
475	if (options->challenge_response_authentication == -1)	475	if (options->challenge_response_authentication == -1)
476	options->challenge_response_authentication = 1;	476	options->challenge_response_authentication = 1;
@@ -479,7 +479,7 @@ Index: b/servconf.c
479	if (options->permit_empty_passwd == -1)	479	if (options->permit_empty_passwd == -1)
480	options->permit_empty_passwd = 0;	480	options->permit_empty_passwd = 0;
481	if (options->permit_user_env == -1)	481	if (options->permit_user_env == -1)
482	@@ -318,7 +321,7 @@	482	@@ -323,7 +326,7 @@
483	sListenAddress, sAddressFamily,	483	sListenAddress, sAddressFamily,
484	sPrintMotd, sPrintLastLog, sIgnoreRhosts,	484	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
485	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,	485	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
@@ -488,7 +488,7 @@ Index: b/servconf.c
488	sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,	488	sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
489	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,	489	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
490	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,	490	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
491	@@ -428,6 +431,7 @@	491	@@ -433,6 +436,7 @@
492	{ "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },	492	{ "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
493	{ "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },	493	{ "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
494	{ "strictmodes", sStrictModes, SSHCFG_GLOBAL },	494	{ "strictmodes", sStrictModes, SSHCFG_GLOBAL },
@@ -496,7 +496,7 @@ Index: b/servconf.c
496	{ "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },	496	{ "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
497	{ "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },	497	{ "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
498	{ "uselogin", sUseLogin, SSHCFG_GLOBAL },	498	{ "uselogin", sUseLogin, SSHCFG_GLOBAL },
499	@@ -1047,6 +1051,10 @@	499	@@ -1116,6 +1120,10 @@
500	intptr = &options->tcp_keep_alive;	500	intptr = &options->tcp_keep_alive;
501	goto parse_flag;	501	goto parse_flag;
502		502
@@ -507,7 +507,7 @@ Index: b/servconf.c
507	case sEmptyPasswd:	507	case sEmptyPasswd:
508	intptr = &options->permit_empty_passwd;	508	intptr = &options->permit_empty_passwd;
509	goto parse_flag;	509	goto parse_flag;
510	@@ -1773,6 +1781,7 @@	510	@@ -1921,6 +1929,7 @@
511	dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);	511	dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
512	dump_cfg_fmtint(sStrictModes, o->strict_modes);	512	dump_cfg_fmtint(sStrictModes, o->strict_modes);
513	dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);	513	dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
@@ -582,7 +582,7 @@ Index: b/ssh-keygen.1
582	===================================================================	582	===================================================================
583	--- a/ssh-keygen.1	583	--- a/ssh-keygen.1
584	+++ b/ssh-keygen.1	584	+++ b/ssh-keygen.1
585	@@ -679,6 +679,7 @@	585	@@ -691,6 +691,7 @@
586	.Xr ssh 1 ,	586	.Xr ssh 1 ,
587	.Xr ssh-add 1 ,	587	.Xr ssh-add 1 ,
588	.Xr ssh-agent 1 ,	588	.Xr ssh-agent 1 ,
@@ -1245,7 +1245,7 @@ Index: b/ssh.c
1245	===================================================================	1245	===================================================================
1246	--- a/ssh.c	1246	--- a/ssh.c
1247	+++ b/ssh.c	1247	+++ b/ssh.c
1248	@@ -1492,7 +1492,7 @@	1248	@@ -1495,7 +1495,7 @@
1249	static void	1249	static void
1250	load_public_identity_files(void)	1250	load_public_identity_files(void)
1251	{	1251	{
@@ -1254,7 +1254,7 @@ Index: b/ssh.c
1254	char pwdir = NULL, pwname = NULL;	1254	char pwdir = NULL, pwname = NULL;
1255	int i = 0;	1255	int i = 0;
1256	Key *public;	1256	Key *public;
1257	@@ -1549,6 +1549,22 @@	1257	@@ -1552,6 +1552,22 @@
1258	public = key_load_public(filename, NULL);	1258	public = key_load_public(filename, NULL);
1259	debug("identity file %s type %d", filename,	1259	debug("identity file %s type %d", filename,
1260	public ? public->type : -1);	1260	public ? public->type : -1);
@@ -1281,7 +1281,7 @@ Index: b/ssh_config.5
1281	===================================================================	1281	===================================================================
1282	--- a/ssh_config.5	1282	--- a/ssh_config.5
1283	+++ b/ssh_config.5	1283	+++ b/ssh_config.5
1284	@@ -1188,6 +1188,23 @@	1284	@@ -1187,6 +1187,23 @@
1285	.Dq any .	1285	.Dq any .
1286	The default is	1286	The default is
1287	.Dq any:any .	1287	.Dq any:any .
@@ -1331,7 +1331,7 @@ Index: b/sshd.8
1331	===================================================================	1331	===================================================================
1332	--- a/sshd.8	1332	--- a/sshd.8
1333	+++ b/sshd.8	1333	+++ b/sshd.8
1334	@@ -951,6 +951,7 @@	1334	@@ -953,6 +953,7 @@
1335	.Xr ssh-agent 1 ,	1335	.Xr ssh-agent 1 ,
1336	.Xr ssh-keygen 1 ,	1336	.Xr ssh-keygen 1 ,
1337	.Xr ssh-keyscan 1 ,	1337	.Xr ssh-keyscan 1 ,
@@ -1343,7 +1343,7 @@ Index: b/sshd.c
1343	===================================================================	1343	===================================================================
1344	--- a/sshd.c	1344	--- a/sshd.c
1345	+++ b/sshd.c	1345	+++ b/sshd.c
1346	@@ -1602,6 +1602,11 @@	1346	@@ -1593,6 +1593,11 @@
1347	sensitive_data.host_keys[i] = NULL;	1347	sensitive_data.host_keys[i] = NULL;
1348	continue;	1348	continue;
1349	}	1349	}
@@ -1359,7 +1359,7 @@ Index: b/sshd_config.5
1359	===================================================================	1359	===================================================================
1360	--- a/sshd_config.5	1360	--- a/sshd_config.5
1361	+++ b/sshd_config.5	1361	+++ b/sshd_config.5
1362	@@ -795,6 +795,20 @@	1362	@@ -803,6 +803,20 @@
1363	Specifies whether password authentication is allowed.	1363	Specifies whether password authentication is allowed.
1364	The default is	1364	The default is
1365	.Dq yes .	1365	.Dq yes .