summaryrefslogtreecommitdiff
path: root/debian/patches/ssh-vulnkey-compat.patch
blob: d8f4ec973e7b56f21a0ffae47547782b031aff62 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
From fb7c3c37876359b7a110e1386a6b7887cd2c8ca2 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@ubuntu.com>
Date: Sun, 9 Feb 2014 16:09:50 +0000
Subject: Accept obsolete ssh-vulnkey configuration options

These options were used as part of Debian's response to CVE-2008-0166.
Nearly six years later, we no longer need to continue carrying the bulk
of that patch, but we do need to avoid failing when the associated
configuration options are still present.

Last-Update: 2014-02-09

Patch-Name: ssh-vulnkey-compat.patch
---
 readconf.c | 1 +
 servconf.c | 1 +
 2 files changed, 2 insertions(+)

diff --git a/readconf.c b/readconf.c
index 00d9cc30..32a72957 100644
--- a/readconf.c
+++ b/readconf.c
@@ -186,6 +186,7 @@ static struct {
 	{ "fallbacktorsh", oDeprecated },
 	{ "globalknownhostsfile2", oDeprecated },
 	{ "rhostsauthentication", oDeprecated },
+	{ "useblacklistedkeys", oDeprecated },
 	{ "userknownhostsfile2", oDeprecated },
 	{ "useroaming", oDeprecated },
 	{ "usersh", oDeprecated },
diff --git a/servconf.c b/servconf.c
index d796b7c8..ca73f7c5 100644
--- a/servconf.c
+++ b/servconf.c
@@ -521,6 +521,7 @@ static struct {
 	{ "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
 	{ "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
 	{ "strictmodes", sStrictModes, SSHCFG_GLOBAL },
+	{ "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL },
 	{ "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
 	{ "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
 	{ "uselogin", sDeprecated, SSHCFG_GLOBAL },