summaryrefslogtreecommitdiffstats
path: root/debian/patches/ssh-vulnkey-compat.patch
blob: f517596c5ea0317c89acdebcf94324f0a30ce2f3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
From 2d6d05de518be9a3b3724a951e9dcb57e4c6124e Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@ubuntu.com>
Date: Sun, 9 Feb 2014 16:09:50 +0000
Subject: Accept obsolete ssh-vulnkey configuration options

These options were used as part of Debian's response to CVE-2008-0166.
Nearly six years later, we no longer need to continue carrying the bulk
of that patch, but we do need to avoid failing when the associated
configuration options are still present.

Last-Update: 2014-02-09

Patch-Name: ssh-vulnkey-compat.patch
---
 readconf.c | 1 +
 servconf.c | 1 +
 2 files changed, 2 insertions(+)

diff --git a/readconf.c b/readconf.c
index 91d3c0aa0..0f0fb67a5 100644
--- a/readconf.c
+++ b/readconf.c
@@ -197,6 +197,7 @@ static struct {
 	{ "fallbacktorsh", oDeprecated },
 	{ "globalknownhostsfile2", oDeprecated },
 	{ "rhostsauthentication", oDeprecated },
+	{ "useblacklistedkeys", oDeprecated },
 	{ "userknownhostsfile2", oDeprecated },
 	{ "useroaming", oDeprecated },
 	{ "usersh", oDeprecated },
diff --git a/servconf.c b/servconf.c
index 961cf9e45..193d73cca 100644
--- a/servconf.c
+++ b/servconf.c
@@ -649,6 +649,7 @@ static struct {
 	{ "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
 	{ "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
 	{ "strictmodes", sStrictModes, SSHCFG_GLOBAL },
+	{ "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL },
 	{ "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
 	{ "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
 	{ "uselogin", sDeprecated, SSHCFG_GLOBAL },