kentpeacock / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone
Source Code
GIT

Blame openssh-8.4p1-debian-compat.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale c9s-sig-hyperscale-meta
  1.   62d88b35f122bc295194e0b2a923d3e1751ce724
  2.   openssh-8.4p1-debian-compat.patch
Blob History Raw
DistroBaker c8a439 
--- compat.h.orig	2020-10-05 10:09:02.953505129 -0700
DistroBaker c8a439 
+++ compat.h	2020-10-05 10:10:17.587733113 -0700
DistroBaker c8a439 
@@ -34,7 +34,7 @@
DistroBaker c8a439
DistroBaker c8a439 
 #define SSH_BUG_UTF8TTYMODE	0x00000001
DistroBaker c8a439 
 #define SSH_BUG_SIGTYPE		0x00000002
DistroBaker c8a439 
-/* #define unused		0x00000004 */
DistroBaker c8a439 
+#define SSH_BUG_SIGTYPE74	0x00000004
DistroBaker c8a439 
 /* #define unused		0x00000008 */
DistroBaker c8a439 
 #define SSH_OLD_SESSIONID	0x00000010
DistroBaker c8a439 
 /* #define unused		0x00000020 */
DistroBaker c8a439 
--- compat.c.orig	2020-10-05 10:25:02.088720562 -0700
DistroBaker c8a439 
+++ compat.c	2020-10-05 10:13:11.637282492 -0700
DistroBaker c8a439 
@@ -65,11 +65,12 @@
DistroBaker c8a439 
 		{ "OpenSSH_6.5*,"
DistroBaker c8a439 
 		  "OpenSSH_6.6*",	SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD|
DistroBaker c8a439 
 					SSH_BUG_SIGTYPE},
DistroBaker c8a439 
+		{ "OpenSSH_7.4*",	SSH_NEW_OPENSSH|SSH_BUG_SIGTYPE|
DistroBaker c8a439 
+		  			SSH_BUG_SIGTYPE74},
DistroBaker c8a439 
 		{ "OpenSSH_7.0*,"
DistroBaker c8a439 
 		  "OpenSSH_7.1*,"
DistroBaker c8a439 
 		  "OpenSSH_7.2*,"
DistroBaker c8a439 
 		  "OpenSSH_7.3*,"
DistroBaker c8a439 
-		  "OpenSSH_7.4*,"
DistroBaker c8a439 
 		  "OpenSSH_7.5*,"
DistroBaker c8a439 
 		  "OpenSSH_7.6*,"
DistroBaker c8a439 
 		  "OpenSSH_7.7*",	SSH_NEW_OPENSSH|SSH_BUG_SIGTYPE},
DistroBaker c8a439 
--- sshconnect2.c.orig	2020-09-26 07:26:37.618010545 -0700
DistroBaker c8a439 
+++ sshconnect2.c	2020-10-05 10:47:22.116315148 -0700
DistroBaker c8a439 
@@ -1305,6 +1305,26 @@
DistroBaker c8a439 
 			break;
DistroBaker c8a439 
 	}
DistroBaker c8a439 
 	free(oallowed);
DistroBaker c8a439 
+	/*
DistroBaker c8a439 
+	 * OpenSSH 7.4 supports SHA2 sig types, but fails to indicate its
DistroBaker c8a439 
+	 * support.  For that release, check the local policy against the
DistroBaker c8a439 
+	 * SHA2 signature types.
DistroBaker c8a439 
+	 */
DistroBaker c8a439 
+	if (alg == NULL &&
DistroBaker d029bb 
+	    (key->type == KEY_RSA && (ssh->compat & SSH_BUG_SIGTYPE74))) {
DistroBaker d029bb 
+		oallowed = allowed = xstrdup(options.pubkey_accepted_algos);
DistroBaker c8a439 
+		while ((cp = strsep(&allowed, ",")) != NULL) {
DistroBaker c8a439 
+			if (sshkey_type_from_name(cp) != key->type)
DistroBaker c8a439 
+				continue;
DistroBaker c8a439 
+			tmp = match_list(sshkey_sigalg_by_name(cp), "rsa-sha2-256,rsa-sha2-512", NULL);
DistroBaker c8a439 
+			if (tmp != NULL)
DistroBaker c8a439 
+				alg = xstrdup(cp);
DistroBaker c8a439 
+			free(tmp);
DistroBaker c8a439 
+			if (alg != NULL)
DistroBaker c8a439 
+				break;
DistroBaker c8a439 
+		}
DistroBaker c8a439 
+		free(oallowed);
DistroBaker c8a439 
+	}
DistroBaker c8a439 
 	return alg;
DistroBaker c8a439 
 }
DistroBaker c8a439
DistroBaker c8a439

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation