summaryrefslogtreecommitdiff
path: root/debian/patches
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches')
-rw-r--r--debian/patches/conch-old-privkey-format.patch71
-rw-r--r--debian/patches/series1
2 files changed, 72 insertions, 0 deletions
diff --git a/debian/patches/conch-old-privkey-format.patch b/debian/patches/conch-old-privkey-format.patch
new file mode 100644
index 000000000..ff5be43d8
--- /dev/null
+++ b/debian/patches/conch-old-privkey-format.patch
@@ -0,0 +1,71 @@
1From 38966b4afedee3bb57d3b1b0a7df4ff438fb9fd0 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org>
3Date: Thu, 30 Aug 2018 00:58:56 +0100
4Subject: Work around conch interoperability failure
5
6Twisted Conch fails to read private keys in the new format
7(https://twistedmatrix.com/trac/ticket/9515). Work around this until it
8can be fixed in Twisted.
9
10Forwarded: not-needed
11Last-Update: 2018-08-30
12
13Patch-Name: conch-old-privkey-format.patch
14---
15 regress/Makefile | 5 +++--
16 regress/conch-ciphers.sh | 2 +-
17 regress/test-exec.sh | 12 ++++++++++++
18 3 files changed, 16 insertions(+), 3 deletions(-)
19
20diff --git a/regress/Makefile b/regress/Makefile
21index 647b4a049..6e462a4f6 100644
22--- a/regress/Makefile
23+++ b/regress/Makefile
24@@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \
25 modpipe netcat no_identity_config \
26 pidfile putty.rsa2 ready regress.log \
27 remote_pid revoked-* rsa rsa-agent rsa-agent.pub rsa.pub \
28- rsa1 rsa1-agent rsa1-agent.pub rsa1.pub rsa_ssh2_cr.prv \
29- rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
30+ rsa1 rsa1-agent rsa1-agent.pub rsa1.pub \
31+ rsa_oldfmt rsa_oldfmt.pub \
32+ rsa_ssh2_cr.prv rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
33 scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
34 sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
35 ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
36diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh
37index 199d863a0..c7df19fd4 100644
38--- a/regress/conch-ciphers.sh
39+++ b/regress/conch-ciphers.sh
40@@ -16,7 +16,7 @@ for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \
41 rm -f ${COPY}
42 # XXX the 2nd "cat" seems to be needed because of buggy FD handling
43 # in conch
44- ${CONCH} --identity $OBJ/rsa --port $PORT --user $USER -e none \
45+ ${CONCH} --identity $OBJ/rsa_oldfmt --port $PORT --user $USER -e none \
46 --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \
47 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY}
48 if [ $? -ne 0 ]; then
49diff --git a/regress/test-exec.sh b/regress/test-exec.sh
50index 40d46e3cd..1bbd47f25 100644
51--- a/regress/test-exec.sh
52+++ b/regress/test-exec.sh
53@@ -504,6 +504,18 @@ REGRESS_INTEROP_CONCH=no
54 if test -x "$CONCH" ; then
55 REGRESS_INTEROP_CONCH=yes
56 fi
57+case "$SCRIPT" in
58+*conch*) ;;
59+*) REGRESS_INTEROP_CONCH=no
60+esac
61+
62+if test "$REGRESS_INTEROP_CONCH" = "yes" ; then
63+ # Convert rsa key to old format to work around
64+ # https://twistedmatrix.com/trac/ticket/9515
65+ cp $OBJ/rsa $OBJ/rsa_oldfmt
66+ cp $OBJ/rsa.pub $OBJ/rsa_oldfmt.pub
67+ ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/rsa_oldfmt >/dev/null
68+fi
69
70 # If PuTTY is present and we are running a PuTTY test, prepare keys and
71 # configuration
diff --git a/debian/patches/series b/debian/patches/series
index 1f82bea11..a248f086a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -23,3 +23,4 @@ debian-config.patch
23restore-authorized_keys2.patch 23restore-authorized_keys2.patch
24seccomp-s390-flock-ipc.patch 24seccomp-s390-flock-ipc.patch
25seccomp-s390-ioctl-ep11-crypto.patch 25seccomp-s390-ioctl-ep11-crypto.patch
26conch-old-privkey-format.patch