Adding debian version 1:10.0p1-5.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-21 09:50:02 +02:00 · 2025-06-21 09:50:02 +02:00 · 31f6d7a384
commit 31f6d7a384
parent f4a1000be6
128 changed files with 19142 additions and 0 deletions
--- a/debian/patches/pam-avoid-unknown-host.patch
+++ b/debian/patches/pam-avoid-unknown-host.patch
@ -0,0 +1,34 @@
+From f5c89caec93130da905a95602cf36a4e25f2303e Mon Sep 17 00:00:00 2001
+From: Daan De Meyer <daan.j.demeyer@gmail.com>
+Date: Mon, 20 Mar 2023 20:22:14 +0100
+Subject: Only set PAM_RHOST if the remote host is not "UNKNOWN"
+
+When using sshd's -i option with stdio that is not a AF_INET/AF_INET6
+socket, auth_get_canonical_hostname() returns "UNKNOWN" which is then
+set as the value of PAM_RHOST, causing pam to try to do a reverse DNS
+query of "UNKNOWN", which times out multiple times, causing a
+substantial slowdown when logging in.
+
+To fix this, let's only set PAM_RHOST if the hostname is not "UNKNOWN".
+
+Author: Daan De Meyer <daan.j.demeyer@gmail.com>
+Last-Update: 2024-04-03
+
+Patch-Name: pam-avoid-unknown-host.patch
+---
+ auth-pam.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/auth-pam.c b/auth-pam.c
+index 13c0a792e..b22883b95 100644
+--- a/auth-pam.c
+++ b/auth-pam.c
+@@ -735,7 +735,7 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt)
+ 		sshpam_laddr = get_local_ipaddr(
+ 		    ssh_packet_get_connection_in(ssh));
+ 	}
+-	if (sshpam_rhost != NULL) {
+	if (sshpam_rhost != NULL && strcmp(sshpam_rhost, "UNKNOWN") != 0) {
+ 		debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost);
+ 		sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST,
+ 		    sshpam_rhost);