1 files changed, 11 insertions, 11 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 69700e592..fe2d99be0 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -15,7 +15,7 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -28,6 +28,8 @@
+@@ -30,6 +30,8 @@
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
@@ -24,7 +24,7 @@ Index: b/readconf.c
 
 #include "xmalloc.h"
 #include "ssh.h"
-@@ -1045,8 +1047,7 @@
+@@ -1085,8 +1087,7 @@
 
                if (fstat(fileno(f), &sb) == -1)
                        fatal("fstat %s: %s", filename, strerror(errno));
@@ -38,20 +38,20 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1290,6 +1290,8 @@
+@@ -1293,6 +1293,8 @@
 .Xr ssh_config 5 .
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
 +It may be group-writable provided that the group in question contains only
 +the user.
 .Pp
- .It ~/.ssh/environment
+ .It Pa ~/.ssh/environment
 Contains additional definitions for environment variables; see
 Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1235,6 +1235,8 @@
+@@ -1299,6 +1299,8 @@
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
@@ -64,7 +64,7 @@ Index: b/auth.c
 ===================================================================
 --- a/auth.c
 +++ b/auth.c
-@@ -393,8 +393,7 @@
+@@ -392,8 +392,7 @@
                user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
                if (options.strict_modes &&
                    (stat(user_hostfile, &st) == 0) &&
@@ -74,7 +74,7 @@ Index: b/auth.c
                        logit("Authentication refused for %.100s: "
                            "bad owner or modes for %.200s",
                            pw->pw_name, user_hostfile);
-@@ -448,8 +447,7 @@
+@@ -454,8 +453,7 @@
 
        /* check the open file to avoid races */
        if (fstat(fileno(f), &st) < 0 ||
@@ -84,7 +84,7 @@ Index: b/auth.c
                snprintf(err, errlen, "bad ownership or modes for file %s",
                    buf);
                return -1;
-@@ -465,8 +463,7 @@
+@@ -471,8 +469,7 @@
 
                debug3("secure_filename: checking '%s'", buf);
                if (stat(buf, &st) < 0 ||
@@ -98,7 +98,7 @@ Index: b/misc.c
 ===================================================================
 --- a/misc.c
 +++ b/misc.c
-@@ -45,8 +45,9 @@
+@@ -48,8 +48,9 @@
 #include <netdb.h>
 #ifdef HAVE_PATHS_H
 # include <paths.h>
@@ -109,7 +109,7 @@ Index: b/misc.c
 #ifdef SSH_TUN_OPENBSD
 #include <net/if.h>
 #endif
-@@ -639,6 +640,55 @@
+@@ -642,6 +643,55 @@
 }
 
 int
@@ -169,7 +169,7 @@ Index: b/misc.h
 ===================================================================
 --- a/misc.h
 +++ b/misc.h
-@@ -92,4 +92,6 @@
+@@ -102,4 +102,6 @@
 int     ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
 int     read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);

diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index 69700e592..fe2d99be0 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch
@@ -15,7 +15,7 @@ Index: b/readconf.c
15	===================================================================	15	===================================================================
16	--- a/readconf.c	16	--- a/readconf.c
17	+++ b/readconf.c	17	+++ b/readconf.c
18	@@ -28,6 +28,8 @@	18	@@ -30,6 +30,8 @@
19	#include <stdio.h>	19	#include <stdio.h>
20	#include <string.h>	20	#include <string.h>
21	#include <unistd.h>	21	#include <unistd.h>
@@ -24,7 +24,7 @@ Index: b/readconf.c
24		24
25	#include "xmalloc.h"	25	#include "xmalloc.h"
26	#include "ssh.h"	26	#include "ssh.h"
27	@@ -1045,8 +1047,7 @@	27	@@ -1085,8 +1087,7 @@
28		28
29	if (fstat(fileno(f), &sb) == -1)	29	if (fstat(fileno(f), &sb) == -1)
30	fatal("fstat %s: %s", filename, strerror(errno));	30	fatal("fstat %s: %s", filename, strerror(errno));
@@ -38,20 +38,20 @@ Index: b/ssh.1
38	===================================================================	38	===================================================================
39	--- a/ssh.1	39	--- a/ssh.1
40	+++ b/ssh.1	40	+++ b/ssh.1
41	@@ -1290,6 +1290,8 @@	41	@@ -1293,6 +1293,8 @@
42	.Xr ssh_config 5 .	42	.Xr ssh_config 5 .
43	Because of the potential for abuse, this file must have strict permissions:	43	Because of the potential for abuse, this file must have strict permissions:
44	read/write for the user, and not accessible by others.	44	read/write for the user, and not accessible by others.
45	+It may be group-writable provided that the group in question contains only	45	+It may be group-writable provided that the group in question contains only
46	+the user.	46	+the user.
47	.Pp	47	.Pp
48	.It ~/.ssh/environment	48	.It Pa ~/.ssh/environment
49	Contains additional definitions for environment variables; see	49	Contains additional definitions for environment variables; see
50	Index: b/ssh_config.5	50	Index: b/ssh_config.5
51	===================================================================	51	===================================================================
52	--- a/ssh_config.5	52	--- a/ssh_config.5
53	+++ b/ssh_config.5	53	+++ b/ssh_config.5
54	@@ -1235,6 +1235,8 @@	54	@@ -1299,6 +1299,8 @@
55	This file is used by the SSH client.	55	This file is used by the SSH client.
56	Because of the potential for abuse, this file must have strict permissions:	56	Because of the potential for abuse, this file must have strict permissions:
57	read/write for the user, and not accessible by others.	57	read/write for the user, and not accessible by others.
@@ -64,7 +64,7 @@ Index: b/auth.c
64	===================================================================	64	===================================================================
65	--- a/auth.c	65	--- a/auth.c
66	+++ b/auth.c	66	+++ b/auth.c
67	@@ -393,8 +393,7 @@	67	@@ -392,8 +392,7 @@
68	user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);	68	user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
69	if (options.strict_modes &&	69	if (options.strict_modes &&
70	(stat(user_hostfile, &st) == 0) &&	70	(stat(user_hostfile, &st) == 0) &&
@@ -74,7 +74,7 @@ Index: b/auth.c
74	logit("Authentication refused for %.100s: "	74	logit("Authentication refused for %.100s: "
75	"bad owner or modes for %.200s",	75	"bad owner or modes for %.200s",
76	pw->pw_name, user_hostfile);	76	pw->pw_name, user_hostfile);
77	@@ -448,8 +447,7 @@	77	@@ -454,8 +453,7 @@
78		78
79	/* check the open file to avoid races */	79	/* check the open file to avoid races */
80	if (fstat(fileno(f), &st) < 0 \|\|	80	if (fstat(fileno(f), &st) < 0 \|\|
@@ -84,7 +84,7 @@ Index: b/auth.c
84	snprintf(err, errlen, "bad ownership or modes for file %s",	84	snprintf(err, errlen, "bad ownership or modes for file %s",
85	buf);	85	buf);
86	return -1;	86	return -1;
87	@@ -465,8 +463,7 @@	87	@@ -471,8 +469,7 @@
88		88
89	debug3("secure_filename: checking '%s'", buf);	89	debug3("secure_filename: checking '%s'", buf);
90	if (stat(buf, &st) < 0 \|\|	90	if (stat(buf, &st) < 0 \|\|
@@ -98,7 +98,7 @@ Index: b/misc.c
98	===================================================================	98	===================================================================
99	--- a/misc.c	99	--- a/misc.c
100	+++ b/misc.c	100	+++ b/misc.c
101	@@ -45,8 +45,9 @@	101	@@ -48,8 +48,9 @@
102	#include <netdb.h>	102	#include <netdb.h>
103	#ifdef HAVE_PATHS_H	103	#ifdef HAVE_PATHS_H
104	# include <paths.h>	104	# include <paths.h>
@@ -109,7 +109,7 @@ Index: b/misc.c
109	#ifdef SSH_TUN_OPENBSD	109	#ifdef SSH_TUN_OPENBSD
110	#include <net/if.h>	110	#include <net/if.h>
111	#endif	111	#endif
112	@@ -639,6 +640,55 @@	112	@@ -642,6 +643,55 @@
113	}	113	}
114		114
115	int	115	int
@@ -169,7 +169,7 @@ Index: b/misc.h
169	===================================================================	169	===================================================================
170	--- a/misc.h	170	--- a/misc.h
171	+++ b/misc.h	171	+++ b/misc.h
172	@@ -92,4 +92,6 @@	172	@@ -102,4 +102,6 @@
173	int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));	173	int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
174	int read_keyfile_line(FILE , const char , char , size_t, u_long );	174	int read_keyfile_line(FILE , const char , char , size_t, u_long );
175		175