summaryrefslogtreecommitdiffstats
path: root/debian/patches/conch-old-privkey-format.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:26:58 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:26:58 +0000
commit4722d4b7980d6fd8145e2e9f08492d951ea261d1 (patch)
tree7ab498b39f5bdce46b1bbc41ef5201322df4e2d4 /debian/patches/conch-old-privkey-format.patch
parentAdding upstream version 1:7.9p1. (diff)
downloadopenssh-4722d4b7980d6fd8145e2e9f08492d951ea261d1.tar.xz
openssh-4722d4b7980d6fd8145e2e9f08492d951ea261d1.zip
Adding debian version 1:7.9p1-10+deb10u2.debian/1%7.9p1-10+deb10u2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/conch-old-privkey-format.patch')
-rw-r--r--debian/patches/conch-old-privkey-format.patch71
1 files changed, 71 insertions, 0 deletions
diff --git a/debian/patches/conch-old-privkey-format.patch b/debian/patches/conch-old-privkey-format.patch
new file mode 100644
index 0000000..90bb3e9
--- /dev/null
+++ b/debian/patches/conch-old-privkey-format.patch
@@ -0,0 +1,71 @@
+From 1d2a55436d4b556269f42ad5f7e16608b5a8ed74 Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@debian.org>
+Date: Thu, 30 Aug 2018 00:58:56 +0100
+Subject: Work around conch interoperability failure
+
+Twisted Conch fails to read private keys in the new format
+(https://twistedmatrix.com/trac/ticket/9515). Work around this until it
+can be fixed in Twisted.
+
+Forwarded: not-needed
+Last-Update: 2018-08-30
+
+Patch-Name: conch-old-privkey-format.patch
+---
+ regress/Makefile | 5 +++--
+ regress/conch-ciphers.sh | 2 +-
+ regress/test-exec.sh | 12 ++++++++++++
+ 3 files changed, 16 insertions(+), 3 deletions(-)
+
+diff --git a/regress/Makefile b/regress/Makefile
+index 647b4a049..6e462a4f6 100644
+--- a/regress/Makefile
++++ b/regress/Makefile
+@@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \
+ modpipe netcat no_identity_config \
+ pidfile putty.rsa2 ready regress.log \
+ remote_pid revoked-* rsa rsa-agent rsa-agent.pub rsa.pub \
+- rsa1 rsa1-agent rsa1-agent.pub rsa1.pub rsa_ssh2_cr.prv \
+- rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
++ rsa1 rsa1-agent rsa1-agent.pub rsa1.pub \
++ rsa_oldfmt rsa_oldfmt.pub \
++ rsa_ssh2_cr.prv rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
+ scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
+ sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
+ ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
+diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh
+index 199d863a0..c7df19fd4 100644
+--- a/regress/conch-ciphers.sh
++++ b/regress/conch-ciphers.sh
+@@ -16,7 +16,7 @@ for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \
+ rm -f ${COPY}
+ # XXX the 2nd "cat" seems to be needed because of buggy FD handling
+ # in conch
+- ${CONCH} --identity $OBJ/rsa --port $PORT --user $USER -e none \
++ ${CONCH} --identity $OBJ/rsa_oldfmt --port $PORT --user $USER -e none \
+ --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \
+ 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY}
+ if [ $? -ne 0 ]; then
+diff --git a/regress/test-exec.sh b/regress/test-exec.sh
+index 40d46e3cd..1bbd47f25 100644
+--- a/regress/test-exec.sh
++++ b/regress/test-exec.sh
+@@ -504,6 +504,18 @@ REGRESS_INTEROP_CONCH=no
+ if test -x "$CONCH" ; then
+ REGRESS_INTEROP_CONCH=yes
+ fi
++case "$SCRIPT" in
++*conch*) ;;
++*) REGRESS_INTEROP_CONCH=no
++esac
++
++if test "$REGRESS_INTEROP_CONCH" = "yes" ; then
++ # Convert rsa key to old format to work around
++ # https://twistedmatrix.com/trac/ticket/9515
++ cp $OBJ/rsa $OBJ/rsa_oldfmt
++ cp $OBJ/rsa.pub $OBJ/rsa_oldfmt.pub
++ ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/rsa_oldfmt >/dev/null
++fi
+
+ # If PuTTY is present and we are running a PuTTY test, prepare keys and
+ # configuration