1 files changed, 42 insertions, 0 deletions

diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch
new file mode 100644
index 0000000..7ec9870
--- /dev/null
+++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -0,0 +1,42 @@
+From 9c36b0b02fe0e6af1553e93bdc7c2e6e97e6514c Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@ubuntu.com>
+Date: Sun, 9 Feb 2014 16:09:50 +0000
+Subject: Accept obsolete ssh-vulnkey configuration options
+
+These options were used as part of Debian's response to CVE-2008-0166.
+Nearly six years later, we no longer need to continue carrying the bulk
+of that patch, but we do need to avoid failing when the associated
+configuration options are still present.
+
+Last-Update: 2014-02-09
+
+Patch-Name: ssh-vulnkey-compat.patch
+---
+ readconf.c | 1 +
+ servconf.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/readconf.c b/readconf.c
+index ef67ab20f..93e431d71 100644
+--- a/readconf.c
++++ b/readconf.c
+@@ -197,6 +197,7 @@ static struct {
+ 	{ "fallbacktorsh", oDeprecated },
+ 	{ "globalknownhostsfile2", oDeprecated },
+ 	{ "rhostsauthentication", oDeprecated },
++	{ "useblacklistedkeys", oDeprecated },
+ 	{ "userknownhostsfile2", oDeprecated },
+ 	{ "useroaming", oDeprecated },
+ 	{ "usersh", oDeprecated },
+diff --git a/servconf.c b/servconf.c
+index 940e1d50a..b61295758 100644
+--- a/servconf.c
++++ b/servconf.c
+@@ -649,6 +649,7 @@ static struct {
+ 	{ "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
+ 	{ "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
+ 	{ "strictmodes", sStrictModes, SSHCFG_GLOBAL },
++	{ "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL },
+ 	{ "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
+ 	{ "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
+ 	{ "uselogin", sDeprecated, SSHCFG_GLOBAL },