diff options
Diffstat (limited to 'debian/patches/conch-old-privkey-format.patch')
| -rw-r--r-- | debian/patches/conch-old-privkey-format.patch | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/debian/patches/conch-old-privkey-format.patch b/debian/patches/conch-old-privkey-format.patch new file mode 100644 index 0000000..90bb3e9 --- /dev/null +++ b/debian/patches/conch-old-privkey-format.patch @@ -0,0 +1,71 @@ +From 1d2a55436d4b556269f42ad5f7e16608b5a8ed74 Mon Sep 17 00:00:00 2001 +From: Colin Watson <cjwatson@debian.org> +Date: Thu, 30 Aug 2018 00:58:56 +0100 +Subject: Work around conch interoperability failure + +Twisted Conch fails to read private keys in the new format +(https://twistedmatrix.com/trac/ticket/9515). Work around this until it +can be fixed in Twisted. + +Forwarded: not-needed +Last-Update: 2018-08-30 + +Patch-Name: conch-old-privkey-format.patch +--- + regress/Makefile | 5 +++-- + regress/conch-ciphers.sh | 2 +- + regress/test-exec.sh | 12 ++++++++++++ + 3 files changed, 16 insertions(+), 3 deletions(-) + +diff --git a/regress/Makefile b/regress/Makefile +index 647b4a049..6e462a4f6 100644 +--- a/regress/Makefile ++++ b/regress/Makefile +@@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ + modpipe netcat no_identity_config \ + pidfile putty.rsa2 ready regress.log \ + remote_pid revoked-* rsa rsa-agent rsa-agent.pub rsa.pub \ +- rsa1 rsa1-agent rsa1-agent.pub rsa1.pub rsa_ssh2_cr.prv \ +- rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ ++ rsa1 rsa1-agent rsa1-agent.pub rsa1.pub \ ++ rsa_oldfmt rsa_oldfmt.pub \ ++ rsa_ssh2_cr.prv rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ + scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ + sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ + ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ +diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh +index 199d863a0..c7df19fd4 100644 +--- a/regress/conch-ciphers.sh ++++ b/regress/conch-ciphers.sh +@@ -16,7 +16,7 @@ for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \ + rm -f ${COPY} + # XXX the 2nd "cat" seems to be needed because of buggy FD handling + # in conch +- ${CONCH} --identity $OBJ/rsa --port $PORT --user $USER -e none \ ++ ${CONCH} --identity $OBJ/rsa_oldfmt --port $PORT --user $USER -e none \ + --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \ + 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} + if [ $? -ne 0 ]; then +diff --git a/regress/test-exec.sh b/regress/test-exec.sh +index 40d46e3cd..1bbd47f25 100644 +--- a/regress/test-exec.sh ++++ b/regress/test-exec.sh +@@ -504,6 +504,18 @@ REGRESS_INTEROP_CONCH=no + if test -x "$CONCH" ; then + REGRESS_INTEROP_CONCH=yes + fi ++case "$SCRIPT" in ++*conch*) ;; ++*) REGRESS_INTEROP_CONCH=no ++esac ++ ++if test "$REGRESS_INTEROP_CONCH" = "yes" ; then ++ # Convert rsa key to old format to work around ++ # https://twistedmatrix.com/trac/ticket/9515 ++ cp $OBJ/rsa $OBJ/rsa_oldfmt ++ cp $OBJ/rsa.pub $OBJ/rsa_oldfmt.pub ++ ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/rsa_oldfmt >/dev/null ++fi + + # If PuTTY is present and we are running a PuTTY test, prepare keys and + # configuration |