diff options
Diffstat (limited to 'debian')
3 files changed, 107 insertions, 121 deletions
diff --git a/debian/patches/progress-linux/0005-mptcp-support.patch b/debian/patches/progress-linux/0005-mptcp-support.patch index c8fbe8e..0d9fb15 100644 --- a/debian/patches/progress-linux/0005-mptcp-support.patch +++ b/debian/patches/progress-linux/0005-mptcp-support.patch @@ -2,30 +2,29 @@ Author: mpostaire <maxime_postaire@hotmail.fr> Description: Add MPTCP support. https://github.com/openssh/openssh-portable/pull/335 -diff --git a/readconf.c b/readconf.c -index 7f26c680..589c73ac 100644 ---- a/readconf.c -+++ b/readconf.c -@@ -175,7 +175,7 @@ typedef enum { - oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms, - oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, - oSecurityKeyProvider, oKnownHostsCommand, +diff -Naurp openssh.orig/readconf.c openssh/readconf.c +--- openssh.orig/readconf.c ++++ openssh/readconf.c +@@ -179,7 +179,7 @@ typedef enum { + oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize, + oEnableEscapeCommandline, + oProtocolKeepAlives, oSetupTimeOut, - oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported + oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported, oUseMPTCP } OpCodes; /* Textual representations of the tokens. */ -@@ -320,6 +320,7 @@ static struct { - { "proxyjump", oProxyJump }, - { "securitykeyprovider", oSecurityKeyProvider }, - { "knownhostscommand", oKnownHostsCommand }, +@@ -341,6 +341,7 @@ static struct { + { "enableescapecommandline", oEnableEscapeCommandline }, + { "protocolkeepalives", oProtocolKeepAlives }, + { "setuptimeout", oSetupTimeOut }, + { "usemptcp", oUseMPTCP}, { NULL, oBadOption } }; -@@ -2176,6 +2177,10 @@ parse_pubkey_algos: - *charptr = xstrdup(arg); - break; +@@ -2245,6 +2246,10 @@ parse_pubkey_algos: + intptr = &options->required_rsa_size; + goto parse_int; + case oUseMPTCP: + intptr = &options->use_mptcp; @@ -34,15 +33,15 @@ index 7f26c680..589c73ac 100644 case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); -@@ -2423,6 +2428,7 @@ initialize_options(Options * options) - options->hostbased_accepted_algos = NULL; - options->pubkey_accepted_algos = NULL; +@@ -2500,6 +2505,7 @@ initialize_options(Options * options) options->known_hosts_command = NULL; + options->required_rsa_size = -1; + options->enable_escape_commandline = -1; + options->use_mptcp = -1; } /* -@@ -2612,6 +2618,8 @@ fill_default_options(Options * options) +@@ -2704,6 +2710,8 @@ fill_default_options(Options * options) options->canonicalize_hostname = SSH_CANONICALISE_NO; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -51,67 +50,65 @@ index 7f26c680..589c73ac 100644 #ifdef ENABLE_SK_INTERNAL if (options->sk_provider == NULL) options->sk_provider = xstrdup("internal"); -@@ -3300,6 +3308,7 @@ dump_client_config(Options *o, const char *host) - dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns); +@@ -3405,6 +3413,7 @@ dump_client_config(Options *o, const cha dump_cfg_fmtint(oVisualHostKey, o->visual_host_key); dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys); + dump_cfg_fmtint(oEnableEscapeCommandline, o->enable_escape_commandline); + dump_cfg_fmtint(oUseMPTCP, o->use_mptcp); /* Integer options */ dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); -diff --git a/readconf.h b/readconf.h -index f647bd42..dfb5b1b4 100644 ---- a/readconf.h -+++ b/readconf.h -@@ -177,6 +177,7 @@ typedef struct { - char *known_hosts_command; +diff -Naurp openssh.orig/readconf.h openssh/readconf.h +--- openssh.orig/readconf.h ++++ openssh/readconf.h +@@ -187,6 +187,7 @@ typedef struct { + int enable_escape_commandline; /* ~C commandline */ char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ -+ int use_mptcp; /* decides whether to use multipath TCP */ ++ int use_mptcp; /* decides whether to use multipath TCP */ } Options; #define SSH_PUBKEY_AUTH_NO 0x00 -diff --git a/servconf.c b/servconf.c -index 29df0463..07550d0f 100644 ---- a/servconf.c -+++ b/servconf.c -@@ -195,6 +195,7 @@ initialize_server_options(ServerOptions *options) - options->fingerprint_hash = -1; - options->disable_forwarding = -1; - options->expose_userauth_info = -1; +diff -Naurp openssh.orig/servconf.c openssh/servconf.c +--- openssh.orig/servconf.c ++++ openssh/servconf.c +@@ -203,6 +203,7 @@ initialize_server_options(ServerOptions + options->num_channel_timeouts = 0; + options->unused_connection_timeout = -1; + options->debian_banner = -1; + options->use_mptcp = -1; } /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ -@@ -441,6 +442,8 @@ fill_default_server_options(ServerOptions *options) - options->expose_userauth_info = 0; - if (options->sk_provider == NULL) - options->sk_provider = xstrdup("internal"); +@@ -463,6 +464,8 @@ fill_default_server_options(ServerOption + options->unused_connection_timeout = 0; + if (options->debian_banner == -1) + options->debian_banner = 1; + if (options->use_mptcp == -1) + options->use_mptcp = 0; assemble_algorithms(options); -@@ -517,7 +520,7 @@ typedef enum { - sStreamLocalBindMask, sStreamLocalBindUnlink, - sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, +@@ -549,7 +552,7 @@ typedef enum { sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, + sRequiredRSASize, sChannelTimeout, sUnusedConnectionTimeout, + sDebianBanner, - sDeprecated, sIgnore, sUnsupported + sDeprecated, sIgnore, sUnsupported, sUseMPTCP } ServerOpCodes; #define SSHCFG_GLOBAL 0x01 /* allowed in main section of config */ -@@ -676,6 +679,7 @@ static struct { - { "rdomain", sRDomain, SSHCFG_ALL }, - { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, - { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, +@@ -723,6 +726,7 @@ static struct { + { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, + { "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL }, + { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, + { "usemptcp", sUseMPTCP, SSHCFG_GLOBAL}, { NULL, sBadOption, 0 } }; -@@ -2438,6 +2442,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, - *charptr = xstrdup(arg); - break; +@@ -2604,6 +2608,10 @@ process_server_config_line_depth(ServerO + intptr = &options->debian_banner; + goto parse_flag; + case sUseMPTCP: + intptr = &options->use_mptcp; @@ -120,7 +117,7 @@ index 29df0463..07550d0f 100644 case sDeprecated: case sIgnore: case sUnsupported: -@@ -2920,6 +2928,7 @@ dump_config(ServerOptions *o) +@@ -3107,6 +3115,7 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); @@ -128,32 +125,31 @@ index 29df0463..07550d0f 100644 /* string arguments */ dump_cfg_string(sPidFile, o->pid_file); -diff --git a/servconf.h b/servconf.h -index 8a04463e..9ab3f89c 100644 ---- a/servconf.h -+++ b/servconf.h -@@ -229,6 +229,7 @@ typedef struct { - int expose_userauth_info; - u_int64_t timing_secret; - char *sk_provider; -+ int use_mptcp; +diff -Naurp openssh.orig/servconf.h openssh/servconf.h +--- openssh.orig/servconf.h ++++ openssh/servconf.h +@@ -240,6 +240,7 @@ typedef struct { + int unused_connection_timeout; + + int debian_banner; ++ int use_mptcp; } ServerOptions; /* Information about the incoming connection as used by Match */ -diff --git a/ssh_config b/ssh_config -index 842ea866..a6202f1c 100644 ---- a/ssh_config -+++ b/ssh_config -@@ -44,3 +44,4 @@ - # ProxyCommand ssh -q -W %h:%p gateway.example.com +diff -Naurp openssh.orig/ssh_config openssh/ssh_config +--- openssh.orig/ssh_config ++++ openssh/ssh_config +@@ -49,5 +49,6 @@ Host * + # ProxyJump gateway.example.com # RekeyLimit 1G 1h # UserKnownHostsFile ~/.ssh/known_hosts.d/%k +# UseMPTCP no -diff --git a/sshconnect.c b/sshconnect.c -index dcd1036d..308bd755 100644 ---- a/sshconnect.c -+++ b/sshconnect.c -@@ -359,7 +359,10 @@ ssh_create_socket(struct addrinfo *ai) + SendEnv LANG LC_* + HashKnownHosts yes +diff -Naurp openssh.orig/sshconnect.c openssh/sshconnect.c +--- openssh.orig/sshconnect.c ++++ openssh/sshconnect.c +@@ -358,7 +358,10 @@ ssh_create_socket(struct addrinfo *ai) #endif char ntop[NI_MAXHOST]; @@ -165,11 +161,10 @@ index dcd1036d..308bd755 100644 if (sock == -1) { error("socket: %s", strerror(errno)); return -1; -diff --git a/sshd.c b/sshd.c -index f494cdbb..3f12299b 100644 ---- a/sshd.c -+++ b/sshd.c -@@ -1046,8 +1046,13 @@ listen_on_addrs(struct listenaddr *la) +diff -Naurp openssh.orig/sshd.c openssh/sshd.c +--- openssh.orig/sshd.c ++++ openssh/sshd.c +@@ -1092,8 +1092,13 @@ listen_on_addrs(struct listenaddr *la) continue; } /* Create socket for listening. */ @@ -185,11 +180,10 @@ index f494cdbb..3f12299b 100644 if (listen_sock == -1) { /* kernel may not support ipv6 */ verbose("socket: %.100s", strerror(errno)); -diff --git a/sshd_config b/sshd_config -index c423eba1..5515e2fe 100644 ---- a/sshd_config -+++ b/sshd_config -@@ -101,6 +101,7 @@ AuthorizedKeysFile .ssh/authorized_keys +diff -Naurp openssh.orig/sshd_config openssh/sshd_config +--- openssh.orig/sshd_config ++++ openssh/sshd_config +@@ -105,6 +105,7 @@ PrintMotd no #PermitTunnel no #ChrootDirectory none #VersionAddendum none diff --git a/debian/patches/progress-linux/0006-mptcp-manpages.patch b/debian/patches/progress-linux/0006-mptcp-manpages.patch index 7c3bc69..1d0203e 100644 --- a/debian/patches/progress-linux/0006-mptcp-manpages.patch +++ b/debian/patches/progress-linux/0006-mptcp-manpages.patch @@ -2,11 +2,10 @@ Author: mpostaire <maxime_postaire@hotmail.fr> Description: Add the UseMPTCP config option to the manpages. https://github.com/openssh/openssh-portable/pull/335 -diff --git a/scp.1 b/scp.1 -index 2e96e201..4e941a37 100644 ---- a/scp.1 -+++ b/scp.1 -@@ -219,6 +219,7 @@ For full details of the options listed below, and their possible values, see +diff -Naurp openssh.orig/scp.1 openssh/scp.1 +--- openssh.orig/scp.1 ++++ openssh/scp.1 +@@ -220,6 +220,7 @@ For full details of the options listed b .It StrictHostKeyChecking .It TCPKeepAlive .It UpdateHostKeys @@ -14,11 +13,10 @@ index 2e96e201..4e941a37 100644 .It User .It UserKnownHostsFile .It VerifyHostKeyDNS -diff --git a/sftp.1 b/sftp.1 -index 39e7d6ed..291dbf60 100644 ---- a/sftp.1 -+++ b/sftp.1 -@@ -278,6 +278,7 @@ For full details of the options listed below, and their possible values, see +diff -Naurp openssh.orig/sftp.1 openssh/sftp.1 +--- openssh.orig/sftp.1 ++++ openssh/sftp.1 +@@ -282,6 +282,7 @@ For full details of the options listed b .It StrictHostKeyChecking .It TCPKeepAlive .It UpdateHostKeys @@ -26,11 +24,10 @@ index 39e7d6ed..291dbf60 100644 .It User .It UserKnownHostsFile .It VerifyHostKeyDNS -diff --git a/ssh.1 b/ssh.1 -index b4956aec..a81c3008 100644 ---- a/ssh.1 -+++ b/ssh.1 -@@ -584,6 +584,7 @@ For full details of the options listed below, and their possible values, see +diff -Naurp openssh.orig/ssh.1 openssh/ssh.1 +--- openssh.orig/ssh.1 ++++ openssh/ssh.1 +@@ -593,6 +593,7 @@ For full details of the options listed b .It Tunnel .It TunnelDevice .It UpdateHostKeys @@ -38,11 +35,10 @@ index b4956aec..a81c3008 100644 .It User .It UserKnownHostsFile .It VerifyHostKeyDNS -diff --git a/ssh_config.5 b/ssh_config.5 -index 24a46460..56094449 100644 ---- a/ssh_config.5 -+++ b/ssh_config.5 -@@ -1930,6 +1930,12 @@ Presently, only +diff -Naurp openssh.orig/ssh_config.5 openssh/ssh_config.5 +--- openssh.orig/ssh_config.5 ++++ openssh/ssh_config.5 +@@ -2084,6 +2084,12 @@ Presently, only from OpenSSH 6.8 and greater support the .Qq hostkeys@openssh.com protocol extension used to inform the client of all the server's hostkeys. @@ -55,11 +51,10 @@ index 24a46460..56094449 100644 .It Cm User Specifies the user to log in as. This can be useful when a different user name is used on different machines. -diff --git a/sshd_config.5 b/sshd_config.5 -index 867a747d..6c2dd1f7 100644 ---- a/sshd_config.5 -+++ b/sshd_config.5 -@@ -1752,6 +1752,12 @@ and +diff -Naurp openssh.orig/sshd_config.5 openssh/sshd_config.5 +--- openssh.orig/sshd_config.5 ++++ openssh/sshd_config.5 +@@ -1906,6 +1906,12 @@ and .Cm Match .Cm Host directives. diff --git a/debian/patches/progress-linux/0007-mptcp-headers.patch b/debian/patches/progress-linux/0007-mptcp-headers.patch index 2d2512b..e114aff 100644 --- a/debian/patches/progress-linux/0007-mptcp-headers.patch +++ b/debian/patches/progress-linux/0007-mptcp-headers.patch @@ -2,11 +2,10 @@ Author: mpostaire <maxime_postaire@hotmail.fr> Description: Code cleanup + IPPROTO_MPTCP in defines header. https://github.com/openssh/openssh-portable/pull/335 -diff --git a/defines.h b/defines.h -index 279e509a..d73550a9 100644 ---- a/defines.h -+++ b/defines.h -@@ -892,6 +892,10 @@ struct winsize { +diff -Naurp openssh.orig/defines.h openssh/defines.h +--- openssh.orig/defines.h ++++ openssh/defines.h +@@ -898,6 +898,10 @@ struct winsize { # define SSH_IOBUFSZ 8192 #endif @@ -17,11 +16,10 @@ index 279e509a..d73550a9 100644 /* * We want functions in openbsd-compat, if enabled, to override system ones. * We no-op out the weak symbol definition rather than remove it to reduce -diff --git a/sshconnect.c b/sshconnect.c -index 308bd755..63035a9d 100644 ---- a/sshconnect.c -+++ b/sshconnect.c -@@ -359,10 +359,8 @@ ssh_create_socket(struct addrinfo *ai) +diff -Naurp openssh.orig/sshconnect.c openssh/sshconnect.c +--- openssh.orig/sshconnect.c ++++ openssh/sshconnect.c +@@ -358,10 +358,8 @@ ssh_create_socket(struct addrinfo *ai) #endif char ntop[NI_MAXHOST]; @@ -34,11 +32,10 @@ index 308bd755..63035a9d 100644 if (sock == -1) { error("socket: %s", strerror(errno)); return -1; -diff --git a/sshd.c b/sshd.c -index 3f12299b..102079ac 100644 ---- a/sshd.c -+++ b/sshd.c -@@ -1046,13 +1046,8 @@ listen_on_addrs(struct listenaddr *la) +diff -Naurp openssh.orig/sshd.c openssh/sshd.c +--- openssh.orig/sshd.c ++++ openssh/sshd.c +@@ -1092,13 +1092,8 @@ listen_on_addrs(struct listenaddr *la) continue; } /* Create socket for listening. */ |