/tags/2.0.4-dfsg-6/debian/patches/20_sftp-server_mansection.dpatch |
File deleted |
|
Property changes: |
Deleted: svn:executable |
## -1 +0,0 ## |
-* |
\ No newline at end of property |
Index: 2.0.4-dfsg-6/debian/patches/blacklist.dpatch |
=================================================================== |
--- 2.0.4-dfsg-6/debian/patches/blacklist.dpatch (revision 70) |
+++ 2.0.4-dfsg-6/debian/patches/blacklist.dpatch (nonexistent) |
@@ -1,423 +0,0 @@ |
-#! /bin/sh /usr/share/dpatch/dpatch-run |
-## blacklist.dpatch by Magnus Holmgren <holmgren@debian.org> |
-## blacklist.c code copied from the openssh package and adapted for LSH. |
-## |
-## DP: Check keys against openssh-blacklist before accepting for |
-## DP: pubkey authentication as well as on conversion by lsh-writekey |
-## DP: and lsh-decode-key. |
- |
-@DPATCH@ |
-diff -urNad trunk~/src/Makefile.am trunk/src/Makefile.am |
---- trunk~/src/Makefile.am 2004-11-18 22:52:16.000000000 +0100 |
-+++ trunk/src/Makefile.am 2009-11-0 23:57:07.000000000 +0100 |
-@@ -72,7 +72,8 @@ |
- unix_interact.c unix_process.c unix_random.c unix_user.c \ |
- userauth.c \ |
- werror.c write_buffer.c write_packet.c \ |
-- xalloc.c xauth.c zlib.c |
-+ xalloc.c xauth.c zlib.c \ |
-+ blacklist.c |
- |
- liblsh_a_LIBADD = @LIBOBJS@ |
- |
-diff -urNad trunk~/src/Makefile.in trunk/src/Makefile.in |
---- trunk~/src/Makefile.in 2009-11-07 23:57:06.000000000 +0100 |
-+++ trunk/src/Makefile.in 2009-11-07 23:57:07.000000000 +0100 |
-@@ -91,7 +91,8 @@ |
- tty.$(OBJEXT) unix_interact.$(OBJEXT) unix_process.$(OBJEXT) \ |
- unix_random.$(OBJEXT) unix_user.$(OBJEXT) userauth.$(OBJEXT) \ |
- werror.$(OBJEXT) write_buffer.$(OBJEXT) write_packet.$(OBJEXT) \ |
-- xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT) |
-+ xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT) \ |
-+ blacklist.$(OBJEXT) |
- liblsh_a_OBJECTS = $(am_liblsh_a_OBJECTS) |
- am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" \ |
- "$(DESTDIR)$(bindir)" |
-@@ -510,7 +511,8 @@ |
- unix_interact.c unix_process.c unix_random.c unix_user.c \ |
- userauth.c \ |
- werror.c write_buffer.c write_packet.c \ |
-- xalloc.c xauth.c zlib.c |
-+ xalloc.c xauth.c zlib.c \ |
-+ blacklist.c |
- |
- liblsh_a_LIBADD = @LIBOBJS@ |
- |
-@@ -705,6 +707,7 @@ |
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/algorithms.Po@am__quote@ |
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alist.Po@am__quote@ |
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/atoms.Po@am__quote@ |
-+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blacklist.Po@am__quote@ |
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Po@am__quote@ |
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_commands.Po@am__quote@ |
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_forward.Po@am__quote@ |
-diff -urNad trunk~/src/abstract_crypto.h trunk/src/abstract_crypto.h |
---- trunk~/src/abstract_crypto.h 2003-11-16 19:10:30.000000000 +0100 |
-+++ trunk/src/abstract_crypto.h 2009-11-07 23:57:37.000000000 +0100 |
-@@ -162,7 +162,9 @@ |
- (public_key method (string)) |
- |
- ; Returns (public-key (<pub-sig-alg-id> <s-expr>*)) |
-- (public_spki_key method (string) "int transport"))) |
-+ (public_spki_key method (string) "int transport") |
-+ |
-+ (key_size method uint32_t))) |
- */ |
- |
- #define VERIFY(verifier, algorithm, length, data, slength, sdata) \ |
-@@ -170,7 +172,7 @@ |
- |
- #define PUBLIC_KEY(verifier) ((verifier)->public_key((verifier))) |
- #define PUBLIC_SPKI_KEY(verifier, t) ((verifier)->public_spki_key((verifier), (t))) |
-- |
-+#define KEY_SIZE(verifier) ((verifier)->key_size((verifier))) |
- |
- /* GABA: |
- (class |
-diff -urNad trunk~/src/abstract_crypto.h.x trunk/src/abstract_crypto.h.x |
---- trunk~/src/abstract_crypto.h.x 2007-06-04 22:18:39.000000000 +0200 |
-+++ trunk/src/abstract_crypto.h.x 2009-11-07 23:57:07.000000000 +0100 |
-@@ -161,6 +161,7 @@ |
- int (*(verify))(struct verifier *self,int algorithm,uint32_t length,const uint8_t *data,uint32_t signature_length,const uint8_t *signature_data); |
- struct lsh_string *(*(public_key))(struct verifier *self); |
- struct lsh_string *(*(public_spki_key))(struct verifier *self,int transport); |
-+ uint32_t *(*(key_size))(struct verifier *self); |
- }; |
- extern struct lsh_class verifier_class; |
- #endif /* !GABA_DEFINE */ |
-diff -urNad trunk~/src/blacklist.c trunk/src/blacklist.c |
---- trunk~/src/blacklist.c 1970-01-01 01:00:00.000000000 +0100 |
-+++ trunk/src/blacklist.c 2009-11-07 23:57:07.000000000 +0100 |
-@@ -0,0 +1,150 @@ |
-+#if HAVE_CONFIG_H |
-+#include "config.h" |
-+#endif |
-+ |
-+#include <assert.h> |
-+ |
-+#include "atoms.h" |
-+#include "format.h" |
-+#include "lsh_string.h" |
-+#include "werror.h" |
-+#include "crypto.h" |
-+ |
-+#include <sys/types.h> |
-+#include <sys/stat.h> |
-+#include <unistd.h> |
-+#include <fcntl.h> |
-+#include <string.h> |
-+ |
-+int blacklisted_key(struct verifier *v, int method); |
-+ |
-+/* Scan a blacklist of known-vulnerable keys in blacklist_file. */ |
-+static int |
-+blacklisted_key_in_file(struct lsh_string *lsh_hash, struct lsh_string *blacklist_file) |
-+{ |
-+ int fd = -1; |
-+ const char *hash = 0; |
-+ uint32_t line_len; |
-+ struct stat st; |
-+ char buf[256]; |
-+ off_t start, lower, upper; |
-+ int ret = 0; |
-+ |
-+ debug("Checking blacklist file %S\n", blacklist_file); |
-+ fd = open(lsh_get_cstring(blacklist_file), O_RDONLY); |
-+ if (fd < 0) { |
-+ ret = -1; |
-+ goto out; |
-+ } |
-+ |
-+ hash = lsh_get_cstring(lsh_hash) + 12; |
-+ line_len = strlen(hash); |
-+ if (line_len != 20) |
-+ goto out; |
-+ |
-+ /* Skip leading comments */ |
-+ start = 0; |
-+ for (;;) { |
-+ ssize_t r; |
-+ char *newline; |
-+ |
-+ r = read(fd, buf, sizeof(buf)); |
-+ if (r <= 0) |
-+ goto out; |
-+ if (buf[0] != '#') |
-+ break; |
-+ |
-+ newline = memchr(buf, '\n', sizeof(buf)); |
-+ if (!newline) |
-+ goto out; |
-+ start += newline + 1 - buf; |
-+ if (lseek(fd, start, SEEK_SET) < 0) |
-+ goto out; |
-+ } |
-+ |
-+ /* Initialise binary search record numbers */ |
-+ if (fstat(fd, &st) < 0) |
-+ goto out; |
-+ lower = 0; |
-+ upper = (st.st_size - start) / (line_len + 1); |
-+ |
-+ while (lower != upper) { |
-+ off_t cur; |
-+ int cmp; |
-+ |
-+ cur = lower + (upper - lower) / 2; |
-+ |
-+ /* Read this line and compare to digest; this is |
-+ * overflow-safe since cur < max(off_t) / (line_len + 1) */ |
-+ if (lseek(fd, start + cur * (line_len + 1), SEEK_SET) < 0) |
-+ break; |
-+ if (read(fd, buf, line_len) != line_len) |
-+ break; |
-+ cmp = memcmp(buf, hash, line_len); |
-+ if (cmp < 0) { |
-+ if (cur == lower) |
-+ break; |
-+ lower = cur; |
-+ } else if (cmp > 0) { |
-+ if (cur == upper) |
-+ break; |
-+ upper = cur; |
-+ } else { |
-+ ret = 1; |
-+ break; |
-+ } |
-+ } |
-+ |
-+out: |
-+ if (fd >= 0) |
-+ close(fd); |
-+ return ret; |
-+} |
-+ |
-+/* |
-+ * Scan blacklists of known-vulnerable keys. If a vulnerable key is found, |
-+ * its fingerprint is returned in *fp, unless fp is NULL. |
-+ */ |
-+int |
-+blacklisted_key(struct verifier *v, int method) |
-+{ |
-+ const char *keytype; |
-+ int ret = -1; |
-+ const char *paths[] = { "/usr/share/ssh/blacklist", "/etc/ssh/blacklist", NULL }; |
-+ const char **pp; |
-+ struct lsh_string *lsh_hash = ssh_format("%lfxS", |
-+ hash_string(&crypto_md5_algorithm, |
-+ PUBLIC_KEY(v), 1)); |
-+ uint32_t keysize = KEY_SIZE(v); |
-+ |
-+ switch (method) |
-+ { |
-+ case ATOM_SSH_DSS: |
-+ case ATOM_DSA: |
-+ keytype = "DSA"; |
-+ break; |
-+ case ATOM_SSH_RSA: |
-+ case ATOM_RSA_PKCS1_SHA1: |
-+ case ATOM_RSA_PKCS1_MD5: |
-+ case ATOM_RSA_PKCS1: |
-+ keytype = "RSA"; |
-+ break; |
-+ default: |
-+ werror("Unrecognized key type"); |
-+ return -1; |
-+ } |
-+ |
-+ for (pp = paths; *pp && ret <= 0; pp++) { |
-+ struct lsh_string *blacklist_file = ssh_format("%lz.%lz-%di", |
-+ *pp, keytype, keysize); |
-+ int r = blacklisted_key_in_file(lsh_hash, blacklist_file); |
-+ lsh_string_free(blacklist_file); |
-+ if (r > ret) ret = r; |
-+ } |
-+ |
-+ if (ret > 0) { |
-+ werror("Key is compromised: %z %i %fS\n", keytype, keysize, |
-+ lsh_string_colonize(lsh_hash, 2, 0)); |
-+ } |
-+ return ret; |
-+} |
-diff -urNad trunk~/src/dsa.c trunk/src/dsa.c |
---- trunk~/src/dsa.c 2004-06-08 20:00:45.000000000 +0200 |
-+++ trunk/src/dsa.c 2009-11-07 23:57:07.000000000 +0100 |
-@@ -189,6 +189,14 @@ |
- "y", self->key.y); |
- } |
- |
-+static uint32_t |
-+do_dsa_key_size(struct verifier *v) |
-+{ |
-+ CAST(dsa_verifier, self, v); |
-+ |
-+ return mpz_sizeinbase(self->key.p, 2); |
-+} |
-+ |
- static void |
- init_dsa_verifier(struct dsa_verifier *self) |
- { |
-@@ -199,6 +207,7 @@ |
- self->super.verify = do_dsa_verify; |
- self->super.public_spki_key = do_dsa_public_spki_key; |
- self->super.public_key = do_dsa_public_key; |
-+ self->super.key_size = do_dsa_key_size; |
- } |
- |
- |
-diff -urNad trunk~/src/lsh-decode-key.c trunk/src/lsh-decode-key.c |
---- trunk~/src/lsh-decode-key.c 2005-09-06 14:43:15.000000000 +0200 |
-+++ trunk/src/lsh-decode-key.c 2009-11-07 23:57:07.000000000 +0100 |
-@@ -133,6 +133,10 @@ |
- werror("Invalid dsa key.\n"); |
- return NULL; |
- } |
-+ else if (blacklisted_key(v, type)) |
-+ { |
-+ return NULL; |
-+ } |
- else |
- return PUBLIC_SPKI_KEY(v, 1); |
- } |
-@@ -150,6 +154,10 @@ |
- werror("Invalid rsa key.\n"); |
- return NULL; |
- } |
-+ else if (blacklisted_key(v, type)) |
-+ { |
-+ return NULL; |
-+ } |
- else |
- return PUBLIC_SPKI_KEY(v, 1); |
- } |
-diff -urNad trunk~/src/lsh-writekey.c trunk/src/lsh-writekey.c |
---- trunk~/src/lsh-writekey.c 2004-11-17 11:55:11.000000000 +0100 |
-+++ trunk/src/lsh-writekey.c 2009-11-07 23:57:07.000000000 +0100 |
-@@ -397,14 +397,18 @@ |
- { |
- struct signer *s; |
- struct verifier *v; |
-+ int algorithm_name; |
- |
-- s = spki_make_signer(options->signature_algorithms, key, NULL); |
-+ s = spki_make_signer(options->signature_algorithms, key, &algorithm_name); |
- |
- if (!s) |
- return NULL; |
- |
- v = SIGNER_GET_VERIFIER(s); |
- assert(v); |
-+ if (blacklisted_key(v, algorithm_name)) { |
-+ return NULL; |
-+ } |
- |
- return PUBLIC_SPKI_KEY(v, 1); |
- } |
-@@ -416,7 +420,8 @@ |
- int private_fd; |
- int public_fd; |
- struct lsh_string *input; |
-- struct lsh_string *output; |
-+ struct lsh_string *priv_output; |
-+ struct lsh_string *pub_output; |
- const struct exception *e; |
- |
- argp_parse(&main_argp, argc, argv, 0, NULL, options); |
-@@ -439,16 +444,22 @@ |
- return EXIT_FAILURE; |
- } |
- |
-- output = process_private(input, options); |
-- if (!output) |
-+ pub_output = process_public(input, options); |
-+ if (!pub_output) |
-+ return EXIT_FAILURE; |
-+ |
-+ priv_output = process_private(input, options); |
-+ if (!priv_output) |
- return EXIT_FAILURE; |
- |
-+ lsh_string_free(input); |
-+ |
- private_fd = open_file(options->private_file); |
- if (private_fd < 0) |
- return EXIT_FAILURE; |
- |
-- e = write_raw(private_fd, STRING_LD(output)); |
-- lsh_string_free(output); |
-+ e = write_raw(private_fd, STRING_LD(priv_output)); |
-+ lsh_string_free(priv_output); |
- |
- if (e) |
- { |
-@@ -457,18 +468,12 @@ |
- return EXIT_FAILURE; |
- } |
- |
-- output = process_public(input, options); |
-- lsh_string_free(input); |
-- |
-- if (!output) |
-- return EXIT_FAILURE; |
-- |
- public_fd = open_file(options->public_file); |
- if (public_fd < 0) |
- return EXIT_FAILURE; |
- |
-- e = write_raw(public_fd, STRING_LD(output)); |
-- lsh_string_free(output); |
-+ e = write_raw(public_fd, STRING_LD(pub_output)); |
-+ lsh_string_free(pub_output); |
- |
- if (e) |
- { |
-diff -urNad trunk~/src/publickey_crypto.h trunk/src/publickey_crypto.h |
---- trunk~/src/publickey_crypto.h 2004-06-15 13:32:51.000000000 +0200 |
-+++ trunk/src/publickey_crypto.h 2009-11-07 23:57:07.000000000 +0100 |
-@@ -203,5 +203,7 @@ |
- struct verifier * |
- make_ssh_dss_verifier(const struct lsh_string *public); |
- |
-+int |
-+blacklisted_key(struct verifier *v, int method); |
- |
- #endif /* LSH_PUBLICKEY_CRYPTO_H_INCLUDED */ |
-diff -urNad trunk~/src/rsa.c trunk/src/rsa.c |
---- trunk~/src/rsa.c 2003-11-16 19:49:12.000000000 +0100 |
-+++ trunk/src/rsa.c 2009-11-07 23:57:07.000000000 +0100 |
-@@ -167,6 +167,14 @@ |
- self->key.n, self->key.e); |
- } |
- |
-+static uint32_t |
-+do_rsa_key_size(struct verifier *v) |
-+{ |
-+ CAST(rsa_verifier, self, v); |
-+ |
-+ return mpz_sizeinbase(self->key.n, 2); |
-+} |
-+ |
- |
- /* NOTE: To initialize an rsa verifier, one must |
- * |
-@@ -184,6 +192,7 @@ |
- self->super.verify = do_rsa_verify; |
- self->super.public_key = do_rsa_public_key; |
- self->super.public_spki_key = do_rsa_public_spki_key; |
-+ self->super.key_size = do_rsa_key_size; |
- } |
- |
- /* Alternative constructor using a key of type ssh-rsa, when the atom |
-diff -urNad trunk~/src/server_authorization.c trunk/src/server_authorization.c |
---- trunk~/src/server_authorization.c 2004-06-08 20:01:15.000000000 +0200 |
-+++ trunk/src/server_authorization.c 2009-11-07 23:57:07.000000000 +0100 |
-@@ -93,7 +93,8 @@ |
- PUBLIC_SPKI_KEY(v, 0), |
- 1)); |
- |
-- if (USER_FILE_EXISTS(keyholder, filename, 1)) |
-+ if (USER_FILE_EXISTS(keyholder, filename, 1) |
-+ && blacklisted_key(v, method) < 1) |
- return v; |
- |
- return NULL; |
/2.0.4-dfsg-6/debian/patches/blacklist.dpatch |
Property changes: |
Deleted: svn:executable |
## -1 +0,0 ## |
-* |
\ No newline at end of property |
Index: 2.0.4-dfsg-6/debian/patches/00list |
=================================================================== |
--- 2.0.4-dfsg-6/debian/patches/00list (revision 70) |
+++ 2.0.4-dfsg-6/debian/patches/00list (nonexistent) |
@@ -1,5 +0,0 @@ |
-20_sftp-server_mansection |
-30_nonettle |
-40_better_errmsg_when_dotlsh_missing |
-nettle_2.0 |
-blacklist |
Index: 2.0.4-dfsg-6/debian/patches/30_nonettle.dpatch |
=================================================================== |
--- 2.0.4-dfsg-6/debian/patches/30_nonettle.dpatch (revision 70) |
+++ 2.0.4-dfsg-6/debian/patches/30_nonettle.dpatch (nonexistent) |
@@ -1,27 +0,0 @@ |
-#!/bin/sh |
-## 30_nonettle.dpatch by Magnus Holmgren <holmgren@debian.org> |
-## |
-## DP: Link dynamically with libnettle-dev instead of the bundled version |
- |
-set -e |
-FILES=`find src -name nettle -prune -o -name Makefile.in -print` |
- |
-dpatch_patch() { |
- if [ ! -f debian/patched/30_nonettle_orig.tar.gz ]; then |
- tar -czf debian/patched/30_nonettle_orig.tar.gz $FILES |
- sed -ri -e '/^LDADD/,+1s%(\.\.?/)*nettle/libnettle\.a|-lnettle%-lnettle -lhogweed%' \ |
- -e 's%\s*(-[IL]\s*)?(\.\.?/)*\bnettle(/libnettle\.a)?\b%%g' $FILES |
- mv src/nettle src/nettle-unused |
- fi |
-} |
- |
-dpatch_unpatch() { |
- if [ -f debian/patched/30_nonettle_orig.tar.gz ]; then |
- mv src/nettle-unused src/nettle |
- tar -xzf debian/patched/30_nonettle_orig.tar.gz |
- fi |
-} |
- |
-DPATCH_LIB_NO_DEFAULT=1 |
- |
-. /usr/share/dpatch/dpatch.lib.sh |
Index: 2.0.4-dfsg-6/debian/patches/nettle_2.0.dpatch |
=================================================================== |
--- 2.0.4-dfsg-6/debian/patches/nettle_2.0.dpatch (revision 70) |
+++ 2.0.4-dfsg-6/debian/patches/nettle_2.0.dpatch (nonexistent) |
@@ -1,200 +0,0 @@ |
-#! /bin/sh /usr/share/dpatch/dpatch-run |
-## nettle_2.0.dpatch by Magnus Holmgren <holmgren@debian.org> |
-## |
-## DP: Adapt to Nettle 2.0 |
- |
-@DPATCH@ |
-diff -ur lsh-2.0.4/src/crypto.c /var/cache/users/magnus/svn-buildpackage/lsh-utils/lsh-utils-2.0.4-dfsg/src/crypto.c |
---- lsh-2.0.4/src/crypto.c 2005-11-26 18:13:55.000000000 +0100 |
-+++ lsh-utils-2.0.4-dfsg/src/crypto.c 2009-08-04 23:57:22.000000000 +0200 |
-@@ -71,7 +71,7 @@ |
- assert(!(length % 8)); |
- |
- lsh_string_crypt(dst, di, src, si, length, |
-- (nettle_crypt_func) arcfour_crypt, &self->ctx); |
-+ (nettle_crypt_func*) arcfour_crypt, &self->ctx); |
- } |
- |
- static struct crypto_instance * |
-@@ -114,7 +114,7 @@ |
- |
- lsh_string_cbc_encrypt(dst, di, src, si, length, |
- AES_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) aes_encrypt, |
-+ (nettle_crypt_func*) aes_encrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -128,7 +128,7 @@ |
- |
- lsh_string_cbc_decrypt(dst, di, src, si, length, |
- AES_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) aes_decrypt, |
-+ (nettle_crypt_func*) aes_decrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -185,7 +185,7 @@ |
- |
- lsh_string_ctr_crypt(dst, di, src, si, length, |
- AES_BLOCK_SIZE, self->ctx.ctr, |
-- (nettle_crypt_func) aes_encrypt, |
-+ (nettle_crypt_func*) aes_encrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -227,7 +227,7 @@ |
- |
- lsh_string_cbc_encrypt(dst, di, src, si, length, |
- DES3_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) des3_encrypt, |
-+ (nettle_crypt_func*) des3_encrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -241,7 +241,7 @@ |
- |
- lsh_string_cbc_decrypt(dst, di, src, si, length, |
- DES3_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) des3_decrypt, |
-+ (nettle_crypt_func*) des3_decrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -303,7 +303,7 @@ |
- |
- lsh_string_cbc_encrypt(dst, di, src, si, length, |
- CAST128_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) cast128_encrypt, |
-+ (nettle_crypt_func*) cast128_encrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -317,7 +317,7 @@ |
- |
- lsh_string_cbc_decrypt(dst, di, src, si, length, |
- CAST128_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) cast128_decrypt, |
-+ (nettle_crypt_func*) cast128_decrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -363,7 +363,7 @@ |
- |
- lsh_string_cbc_encrypt(dst, di, src, si, length, |
- TWOFISH_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) twofish_encrypt, |
-+ (nettle_crypt_func*) twofish_encrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -377,7 +377,7 @@ |
- |
- lsh_string_cbc_decrypt(dst, di, src, si, length, |
- TWOFISH_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) twofish_decrypt, |
-+ (nettle_crypt_func*) twofish_decrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -422,7 +422,7 @@ |
- |
- lsh_string_cbc_encrypt(dst, di, src, si, length, |
- BLOWFISH_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) blowfish_encrypt, |
-+ (nettle_crypt_func*) blowfish_encrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -436,7 +436,7 @@ |
- |
- lsh_string_cbc_decrypt(dst, di, src, si, length, |
- BLOWFISH_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) blowfish_decrypt, |
-+ (nettle_crypt_func*) blowfish_decrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -488,7 +488,7 @@ |
- |
- lsh_string_cbc_encrypt(dst, di, src, si, length, |
- SERPENT_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) serpent_encrypt, |
-+ (nettle_crypt_func*) serpent_encrypt, |
- &self->ctx.ctx); |
- } |
- |
-@@ -502,7 +502,7 @@ |
- |
- lsh_string_cbc_decrypt(dst, di, src, si, length, |
- SERPENT_BLOCK_SIZE, self->ctx.iv, |
-- (nettle_crypt_func) serpent_decrypt, |
-+ (nettle_crypt_func*) serpent_decrypt, |
- &self->ctx.ctx); |
- } |
- |
-diff -ur lsh-2.0.4/src/lsh-make-seed.c /var/cache/users/magnus/svn-buildpackage/lsh-utils/lsh-utils-2.0.4-dfsg/src/lsh-make-seed.c |
---- lsh-2.0.4/src/lsh-make-seed.c 2006-01-23 18:51:06.000000000 +0100 |
-+++ lsh-utils-2.0.4-dfsg/src/lsh-make-seed.c 2009-08-05 00:24:58.000000000 +0200 |
-@@ -1219,6 +1219,7 @@ |
- |
- struct yarrow256_ctx yarrow; |
- struct yarrow_source sources[NSOURCES]; |
-+ uint8_t seed[YARROW256_SEED_FILE_SIZE]; |
- |
- argp_parse(&main_argp, argc, argv, 0, NULL, options); |
- |
-@@ -1371,7 +1372,8 @@ |
- } |
- } |
- |
-- e = write_raw(fd, sizeof(yarrow.seed_file), yarrow.seed_file); |
-+ yarrow256_random(&yarrow, sizeof(seed), seed); |
-+ e = write_raw(fd, sizeof(seed), seed); |
- |
- if (e) |
- { |
-diff -ur lsh-2.0.4/src/unix_random.c /var/cache/users/magnus/svn-buildpackage/lsh-utils/lsh-utils-2.0.4-dfsg/src/unix_random.c |
---- lsh-2.0.4/src/unix_random.c 2006-01-23 18:47:10.000000000 +0100 |
-+++ lsh-utils-2.0.4-dfsg/src/unix_random.c 2009-08-05 00:28:31.000000000 +0200 |
-@@ -81,6 +81,7 @@ |
- int fd) |
- { |
- const struct exception *e; |
-+ uint8_t seed[YARROW256_SEED_FILE_SIZE]; |
- |
- if (lseek(fd, 0, SEEK_SET) < 0) |
- { |
-@@ -88,7 +89,8 @@ |
- return 0; |
- } |
- |
-- e = write_raw(fd, YARROW256_SEED_FILE_SIZE, ctx->seed_file); |
-+ yarrow256_random(ctx, sizeof(seed), seed); |
-+ e = write_raw(fd, sizeof(seed), seed); |
- |
- if (e) |
- { |
-@@ -183,17 +183,19 @@ |
- { |
- struct lsh_string *s = read_seed_file(self->seed_file_fd); |
- |
-- write_seed_file(&self->yarrow, self->seed_file_fd); |
-- KILL_RESOURCE(lock); |
-- |
- /* Mix in the old seed file, it might have picked up |
- * some randomness. */ |
- if (s) |
- { |
-+ self->yarrow.sources[RANDOM_SOURCE_NEW_SEED].next = YARROW_FAST; |
- yarrow256_update(&self->yarrow, RANDOM_SOURCE_NEW_SEED, |
- 0, STRING_LD(s)); |
- lsh_string_free(s); |
-+ yarrow256_fast_reseed(&self->yarrow); |
- } |
-+ |
-+ write_seed_file(&self->yarrow, self->seed_file_fd); |
-+ KILL_RESOURCE(lock); |
- } |
- } |
- |
Index: 2.0.4-dfsg-6/debian/patches/40_better_errmsg_when_dotlsh_missing.dpatch |
=================================================================== |
--- 2.0.4-dfsg-6/debian/patches/40_better_errmsg_when_dotlsh_missing.dpatch (revision 70) |
+++ 2.0.4-dfsg-6/debian/patches/40_better_errmsg_when_dotlsh_missing.dpatch (nonexistent) |
@@ -1,36 +0,0 @@ |
-#! /bin/sh /usr/share/dpatch/dpatch-run |
-## 40_mkdir_dotlsh.dpatch by Magnus Holmgren <holmgren@debian.org> |
-## |
-## DP: Show the intended error message, instead of one about a locking |
-## DP: error, when no seed file exists |
- |
-@DPATCH@ |
-diff -urNad trunk~/src/unix_random.c trunk/src/unix_random.c |
---- trunk~/src/unix_random.c 2006-01-23 18:47:10.000000000 +0100 |
-+++ trunk/src/unix_random.c 2008-06-24 22:29:29.000000000 +0200 |
-@@ -353,6 +353,15 @@ |
- |
- yarrow256_init(&self->yarrow, RANDOM_NSOURCES, self->sources); |
- |
-+ if (access(lsh_get_cstring(seed_file_name), F_OK) < 0) |
-+ { |
-+ werror("No seed file. Please create one by running\n"); |
-+ werror("lsh-make-seed -o \"%S\".\n", seed_file_name); |
-+ |
-+ KILL(self); |
-+ return NULL; |
-+ } |
-+ |
- verbose("Reading seed-file `%S'\n", seed_file_name); |
- |
- self->lock |
-@@ -374,8 +383,7 @@ |
- self->seed_file_fd = open(lsh_get_cstring(seed_file_name), O_RDWR); |
- if (self->seed_file_fd < 0) |
- { |
-- werror("No seed file. Please create one by running\n"); |
-- werror("lsh-make-seed -o \"%S\".\n", seed_file_name); |
-+ werror("Could not open seed file \"%S\".\n", seed_file_name); |
- |
- KILL_RESOURCE(lock); |
- KILL(self); |
/2.0.4-dfsg-6/debian/patches/40_better_errmsg_when_dotlsh_missing.dpatch |
Property changes: |
Deleted: svn:executable |
## -1 +0,0 ## |
-* |
\ No newline at end of property |
Index: 2.0.4-dfsg-6/debian/changelog |
=================================================================== |
--- 2.0.4-dfsg-6/debian/changelog (revision 70) |
+++ 2.0.4-dfsg-6/debian/changelog (nonexistent) |
@@ -1,534 +0,0 @@ |
-lsh-utils (2.0.4-dfsg-6) unstable; urgency=low |
- |
- * Change libreadline build dependency to just libreadline-dev |
- (Closes: #553804). |
- * Add new debconf template translations: |
- + Japanese from Hideki Yamane (Closes: #558082) |
- + Spanish from Shukoh (Closes: #557008) |
- Credit to the respective Debian translation teams. |
- * Fix a spelling error in one of the debconf templates, run |
- debconf-updatepo, clean out the old obsolete translation entries, and |
- perform some trivial maintenance on the Nynorsk file. |
- |
- -- Magnus Holmgren <holmgren@debian.org> Sat, 28 Nov 2009 17:57:30 +0100 |
- |
-lsh-utils (2.0.4-dfsg-5) unstable; urgency=low |
- |
- * lsh-server.init.d: Don't suppress start/stop messages when $VERBOSE = |
- "no". /etc/init.d/skeleton is not a good example in this matter. |
- * blacklist.dpatch: Check keys against openssh-blacklist before |
- accepting for pubkey authentication as well as on conversion by |
- lsh-writekey and lsh-decode-key. |
- * lsh-server: Depend on openssh-blacklist, recommend -blacklist-extra. |
- lsh-utils: Recommend openssh-blacklist and -blacklist-extra. |
- * Move seed and key creation back to postinst and import RSA key from |
- openssh-server if it exists (Closes: #211252). |
- * debian/mans/lcp.1: Fix errors. |
- |
- -- Magnus Holmgren <holmgren@debian.org> Sun, 08 Nov 2009 20:18:17 +0100 |
- |
-lsh-utils (2.0.4-dfsg-4) unstable; urgency=high |
- |
- * lsh-server.init.d: Fix critical exit status ($?) handling mistake |
- (Closes: #545090). |
- |
- -- Magnus Holmgren <holmgren@debian.org> Sat, 05 Sep 2009 00:44:45 +0200 |
- |
-lsh-utils (2.0.4-dfsg-3) unstable; urgency=low |
- |
- * lsh-doc: Depend on dpkg (>= 1.15.4) | install-info as recommended for |
- the transition to triggerized install-info. |
- * Add ${misc:Depends} to Depends in case Debhelper needs it in the |
- future. |
- * Increase Debhelper compat level to 5. |
- * Build with Nettle 2.0 (nettle-dev) (Closes: #543131). |
- * nettle_2.0.dpatch created to adapt to API changes. |
- * 30_nonettle.dpatch modified to add -lhogweed to LDADD where |
- appropriate. |
- * Add ANNOUNCE to lsh-doc. |
- * Rewrite lsh-server.init.d a bit: |
- * Use LSB logging functions. |
- * Let lshd daemonize and create/delete its pid file by itself. |
- * Change the Provides: line in the LSB header to "lsh-server" and |
- declare that it should start before the services that depend on an |
- SSH server (Closes: #542689). Thanks to Petter Reinholdtsen. |
- * Support the status action. |
- * Drop the no longer useful lsh-server-config script. |
- * Upgrade to Standards-Version 3.8.3: |
- * Add README.source. |
- * Drop obsolete manpages from debian/mans. |
- |
- -- Magnus Holmgren <holmgren@debian.org> Thu, 03 Sep 2009 00:55:45 +0200 |
- |
-lsh-utils (2.0.4-dfsg-2) unstable; urgency=low |
- |
- * 40_better_errmsg_when_dotlsh_missing.dpatch (new): In unix_random.c, |
- check whether the seed file exists before trying to lock it, and give |
- the hint about running lsh-make-seed if it doesn't (Closes: #485856). |
- * Update doc-base section of lsh-doc to match current structure. |
- * Remove inactive maintainer as requested by the MIA team and put myself |
- in charge (Closes: #487137). |
- * Upgrade lsh-client's Recommends of lsh-utils to a Depends. It's not |
- huge and lsh-client is almost useless without it in most cases |
- (Closes: #481073). |
- * Use --as-needed to avoid unnecessary dependencies. |
- |
- -- Magnus Holmgren <holmgren@debian.org> Wed, 25 Jun 2008 16:40:16 +0200 |
- |
-lsh-utils (2.0.4-dfsg-1) unstable; urgency=low |
- |
- * New upstream release (Closes: #422199) |
- - Repackaged without non-free RFC (src/nettle/testsuite/rfc1750.txt) |
- (Closes: #408490). |
- - Drop 01_fix_manpages.dpatch; incorporated upstream. |
- - Fixes X11 forwarding bug. |
- * New co-maintainer added. |
- * Rename lsh-utils-doc as lsh-doc. We'll rename the source package after |
- Sarge is gone. |
- * Drop the tarball-in-tarball format and ship a "normal" .orig.tar.gz. |
- - Drop 02_fix_perms.dpatch. |
- - Add some extra cleanup in debian/rules. |
- * Increase Standards-Version to 3.7.3. No changes needed. |
- * Put some more docs in the packages: README and ChangeLog is now in all |
- packages, AUTHORS in lsh-utils. Update debian/copyright to refer to |
- /usr/share/doc/lsh-utils/AUTHORS (Closes: #421108). |
- * debian/control: Use ${binary:Version} substitution variable instead of |
- ${source-version}. |
- * Review Build-depends: Drop patchutils, comerr-dev (redundant), |
- po-debconf (redundant), xutils (makes no difference); add |
- autotools-dev, scsh-0.6 (as alternative to guile-1.6). |
- * Drop lshc, the deprecated alias for lsh (Closes: #417426). |
- * 30_nonettle.dpatch: Link dynamically with libnettle-dev instead of |
- statically with the bundled nettle (Closes: #412138). |
- * Don't provide sexp-conv; let lsh-client depend on nettle-bin instead. |
- * Move lsftp and lcp to lsh-client. |
- * Put sftp-server in /usr/lib/lsh-server and put the manpage in section |
- 8lsh instead of renaming it (new 20_sftp-server_mansection.dpatch). |
- * Ship lsh.html in lsh-doc. |
- * Add doc-base entry. |
- * debian/control: Add Homepage field. |
- * debian/watch: Update dversionmangle to strip -dfsg suffix. |
- |
- -- Magnus Holmgren <holmgren@debian.org> Thu, 01 May 2008 19:22:18 +0200 |
- |
-lsh-utils (2.0.2-1.1) unstable; urgency=low |
- |
- * Non-maintainer upload to fix longstanding l10n issues |
- * Debconf templates translations: |
- - Swedish added. Closes: #351641 |
- - Portuguese added. Sent during the call for updates of the NMU campaign. |
- * Lintian fixes: |
- - Do not Build-depend on build-essential |
- - Add a very basic LSB header to the init script |
- |
- -- Christian Perrier <bubulle@debian.org> Wed, 13 Dec 2006 22:02:11 +0100 |
- |
-lsh-utils (2.0.2-1) unstable; urgency=low |
- |
- * New upstream release |
- * The fd leak in the server is known as CVE-2006-0353 |
- * Support for aes256-ctr. |
- * Newer nettle library. |
- * Fix for some more fd leaks, but none in the debian default |
- configuration. |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Sat, 28 Jan 2006 05:42:16 +0100 |
- |
-lsh-utils (2.0.1cdbs-4) unstable; urgency=high |
- |
- * Remove silly debconf questions and correct others. (Closes: Bug#337026) |
- * Switch to dpatch. |
- * Make lsh-utils build on a grsecurity system. |
- * Remove /var/spool/lsh upon purge. |
- * Update Vietnamese debconf translation. |
- * Update German debconf translation. |
- * Update Danish debconf translation. |
- * Update Czech debconf translation. |
- * Update Dutch debconf translation. |
- * Update Russian debconf translation. (Closes: Bug#349180) |
- * Update French debconf translation. (Closes: Bug#348822) |
- * Have lsh-server provide ssh-server. (Closes: Bug#348844) |
- * Update the watch file format version to the latest (3). |
- * Have uscan remove the "cdbs" version extension. |
- * Fix fd leak in the lsh-server. |
- This is to be security related, so upload it with a high urgency. |
- (Closes: Bug#349303) |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Sun, 22 Jan 2006 06:30:43 +0100 |
- |
-lsh-utils (2.0.1cdbs-3) unstable; urgency=low |
- |
- * The 2.0 release removed the "pesky" identity file error. |
- (Closes: Bug#214167) |
- * Update Danish debconf translation. |
- * Update Vietnamese debconf translation. |
- * Update French debconf translation. (Closes: Bug#347543) |
- * Update Russian debconf translation. (Closes: Bug#348138) |
- * Do not regenerate debian/rules. (Closes: Bug#347891) |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Sun, 15 Jan 2006 21:02:36 +0100 |
- |
-lsh-utils (2.0.1cdbs-2) unstable; urgency=low |
- |
- * No longer build-depend on xlibs-dev, use libxau-dev instead. |
- (Closes: Bug#347143) |
- * Depend on comerr-dev too, otherwise kerberos support would be broken. |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Thu, 12 Jan 2006 19:34:23 +0100 |
- |
-lsh-utils (2.0.1cdbs-1) unstable; urgency=low |
- |
- * Change the build system to cdbs. |
- (And hopefully don't introduce any new bugs.) |
- * Make lintian happy with the odieresis in the manpages. |
- * Fix debian/control, so it can be autogenerated by cdbs. |
- * Conflict lsh, and rename lshc to lsh. |
- * Include a small shell script to notify users. |
- * Make stop act the same way graceful-stop was doing already. |
- This helps not to accidently kill your own lsh connection. |
- * Update debconf po files. |
- * Update the German debconf translation. |
- * Remove the SSH1 notice from lsh-server's package description. |
- * Make the lsh-server package suggest lsh-client or openssh-client. |
- * Add a small note on how to use the lsh client. (Closes: Bug#109899) |
- * No longer FTBFS because of wrong debian/rules. (Closes: Bug#344747) |
- * Update Czech translation. (Closes: Bug#345141) |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Mon, 9 Jan 2006 00:36:44 +0100 |
- |
-lsh-utils (2.0.1-5) unstable; urgency=low |
- |
- * Make lsh-utils depend on lsh-client. (Closes: Bug#338014) |
- * Fix lshg to look for lshc instead of lsh. (Closes: Bug#320554) |
- * Fix lcp to look for lshc instead of lsh. (Closes: Bug#338015) |
- * Add lcp manpage. (Closes: Bug#338017) |
- * Clarify package description. lsh should be considered stable now. |
- (Closes: Bug#211317) |
- * Update Russian debconf translation. (Closes: Bug#338170) |
- * Update French debconf translation. (Closes: Bug#338104) |
- * Update Danish debconf translation. (Closes: Bug#337017) |
- * Change guile1.4-slib to guile-1.6 since slib.scm is included |
- with guile-1.6-libs, and we need the scheme interpreter. |
- * Add myself to the uploaders list. |
- * Approve NMUs. |
- (Closes: Bug#300496,Bug#318211,Bug#326328,Bug#326329,Bug#332012) |
- (Closes: Bug#271911,Bug#312617,Bug#313975,Bug#304697,Bug#319933) |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Thu, 10 Nov 2005 21:36:44 +0100 |
- |
-lsh-utils (2.0.1-4.2) unstable; urgency=low |
- |
- * NMU. |
- * Make sftp support availible via debconf. (Closes: Bug#304697) |
- * Rebuild against libreadline5 and change build-deps. |
- (Closes: Bug#326328,Bug#326329) |
- * Rebuild with fixed debconf deps. (Closes: Bug#332012) |
- * Update FSF address in debian/copyright. |
- * Add czech po file. (Closes: Bug#319933) |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Mon, 31 Oct 2005 14:21:54 +0100 |
- |
-lsh-utils (2.0.1-4.1) unstable; urgency=low |
- |
- * NMU. |
- * Trigger a rebuild to build against libgmp3c2. (Closes: Bug#318211) |
- * Make lsh-server suggest openssh-client or ssh. |
- * Fix Package description (Closes: Bug#271911) |
- * Add vietnamese debconf localization. (Closes: Bug#312617) |
- * Update german debconf localization. (Closes: Bug#313975) |
- * Rebuild fixes lshc host-acls (Closes: Bug#300496) |
- * Bump standards-version, no changes needed. (make lintian happy) |
- |
- -- Stefan Pfetzing <dreamind@dreamind.de> Sun, 14 Aug 2005 17:04:55 +0200 |
- |
-lsh-utils (2.0.1-4) unstable; urgency=high |
- |
- * Trigger a rebuild, because the i386 package wasn't built properly. |
- (Closes: Bug#309365) |
- |
- -- Simon Law <sfllaw@debian.org> Mon, 16 May 2005 16:54:00 -0400 |
- |
-lsh-utils (2.0.1-3) unstable; urgency=high |
- |
- * Remove the unnecessary nettle-lfib-stream program. (Closes: Bug#308233) |
- |
- -- Simon Law <sfllaw@debian.org> Mon, 9 May 2005 19:25:56 -0400 |
- |
-lsh-utils (2.0.1-2.1) unstable; urgency=high |
- |
- * NMU |
- * Remove --nist-level option to lsh-keygen since it has changed to using RSA |
- keys now and the old --nist-level setting breaks it. Closes: #301968 |
- * High urgency upload since 2.0.1 is needed in testing due to the security |
- fix. |
- |
- -- Joey Hess <joeyh@debian.org> Sat, 9 Apr 2005 15:02:22 -0400 |
- |
-lsh-utils (2.0.1-2) unstable; urgency=high |
- |
- * Fix up path resolution problems. (Closes: Bug#301039) |
- Thanks to Stefan Pfetzing <dreamind@dreamind.de> |
- * Added a build-depends on m4. (Closes: Bug#300874) |
- * Denial of service attack is now known as CAN-2005-0814. |
- |
- -- Simon Law <sfllaw@debian.org> Sat, 26 Mar 2005 13:29:27 -0500 |
- |
-lsh-utils (2.0.1-1) unstable; urgency=high |
- |
- * New upstream release |
- - Fix denial of service attack documented in CAN-2005-0389 |
- |
- -- Simon Law <sfllaw@debian.org> Fri, 18 Mar 2005 17:24:10 -0500 |
- |
-lsh-utils (2.0-1) unstable; urgency=high |
- |
- * New upstream release. |
- * Remove extraneous symlinks. (Closes: Bug#291010) |
- * Acknowledge NMUs. (Closes: Bug#293020, Bug#255643) |
- |
- -- Simon Law <sfllaw@debian.org> Thu, 17 Mar 2005 18:51:12 -0500 |
- |
-lsh-utils (1.4.2-8.2) unstable; urgency=low |
- |
- * Non-maintainer upload with maintainer"s agreement |
- * Fix FTBFS with gcc-4.0 for amd64 builds |
- Thanks to Andreas Jochens for providing the patch |
- Closes: #293020 |
- |
- -- Christian Perrier <bubulle@debian.org> Tue, 1 Feb 2005 07:10:17 +0100 |
- |
-lsh-utils (1.4.2-8.1) unstable; urgency=low |
- |
- * Non-maintainer upload with maintainer's agreement |
- for fixing longstanding l10n issues |
- * Translations: |
- - French added. Closes: #255643 |
- - Danish added. Thanks to Claus Hindsgaul |
- - Russian added. Thanks to Yuri Kozlov |
- - Norwegian Nynorsk added. Thanks to HÃ¥vard Korsvoll |
- - Dutch added. Thanks to Luk Claes. |
- * Typo fixes in templates (translations unfuzzied): |
- - s/woul dlike/would like |
- - s/ifyou/if you |
- |
- -- Christian Perrier <bubulle@debian.org> Thu, 13 Jan 2005 23:29:09 +0100 |
- |
-lsh-utils (1.4.2-8) unstable; urgency=medium |
- |
- * Register sexp-conv with the alternatives system so that it doesn't |
- conflict with the binary of the same name (and function) shipped with |
- nettle-bin (Closes: Bug#274772) |
- - This kludge brought to you by Marek Habersack <grendel@debian.org>. |
- |
- -- Simon Law <sfllaw@debian.org> Sun, 5 Dec 2004 15:15:59 -0500 |
- |
-lsh-utils (1.4.2-7) unstable; urgency=low |
- |
- * New maintainer. |
- * Fix build problem. (Closes: Bug#242040) |
- * Use gettext-based Debconf templates. Thanks to Martin Quinson. |
- (Closes: Bug#239870) |
- * Upgraded to Policy 3.6.1. |
- * Upgraded to Debhelper 4. |
- |
- -- Simon Law <sfllaw@debian.org> Wed, 2 Jun 2004 17:56:39 -0400 |
- |
-lsh-utils (1.4.2-6) unstable; urgency=HIGH |
- |
- * Applied patch to fix root security hole (closes: #211662) |
- * Build kerberos support against heimdal rather than krb (closes: #199067) |
- |
- -- Timshel Knoll <timshel@debian.org> Sat, 20 Sep 2003 11:42:27 +1000 |
- |
-lsh-utils (1.4.2-5) unstable; urgency=low |
- |
- * debian/control: Removed alternative of scsh in place of guile1.4-slib from |
- Build-Depends, we really need the latter to build lsh. (closes: #192771) |
- |
- -- Timshel Knoll <timshel@debian.org> Sun, 8 Jun 2003 17:44:58 +1000 |
- |
-lsh-utils (1.4.2-4) unstable; urgency=low |
- |
- * Just Build-Depend on liboop-dev, not liboop4-dev | liboop-dev (there is |
- no liboop4-dev, whoops!) (closes: #192172) |
- * lsh-server: Added lintian override for missing-debconf-dependency |
- (lsh-server falls back to asking the user if debconf isn't installed) |
- |
- -- Timshel Knoll <timshel@debian.org> Thu, 8 May 2003 02:24:52 +1000 |
- |
-lsh-utils (1.4.2-3) unstable; urgency=low |
- |
- * debian/control: Priority: extra; lsh-utils-doc changed to Section: doc |
- * Policy 3.5.9 |
- * Re-compile against liboop4 |
- |
- -- Timshel Knoll <timshel@debian.org> Wed, 30 Apr 2003 23:08:41 +1000 |
- |
-lsh-utils (1.4.2-2) unstable; urgency=low |
- |
- * debian/control: Build-Depend on xutils (closes: #160666) |
- * Rename sftp-server to sftp-server.lsh to work around name conflict with |
- ssh's sftp-server. (closes: #160611) Maybe this should eventually be |
- handled with alternatives? |
- |
- -- Timshel Knoll <timshel@debian.org> Fri, 13 Sep 2002 11:14:43 +1000 |
- |
-lsh-utils (1.4.2-1) unstable; urgency=low |
- |
- * New upstream release, a number of new programs come in this release |
- * debian/control: Added lots of new Build-Depends: for 1.4.x series: |
- + liboop-dev required for main lsh servers |
- + xlibs-dev the lshc client now supports X11 forwarding and hence |
- links with libXau: yay! |
- + libkrb5-dev for the lsh-krb-checkpw password helper program. This is |
- still not working however, see README.Debian for details, |
- but I've left the Build-Dep here in stubborn hope :-) |
- + libwrap-dev For lots of the lsh programs to use the TCP wrappers |
- + libpam-dev Required for the lsh-pam-checkpw password helper program |
- + libreadline-dev Required for lsftp's the interactive mode |
- * debian/lsh-server.{config,templates,postrm}: ask whether to remove |
- host keys when lsh-server is purged, all versions of lshd from now on |
- should not disconnect users when the server is restarted - very useful |
- when lsh'd into a box doing an "apt-get install lsh-server" !!! :-) |
- * debian/lsh-server.config: modularised. Now uses a function |
- for each debconf question, and has an array of function references. |
- Check it out :-) |
- * debian/mans/<lots-of-stuff>: |
- Added manpages for new programs, updated some existing manpages |
- * lshd now needs a random seed file, which needs to be generated before lshd |
- can be run. Unfortunately, this operation requires user input, so this |
- can't really be done in the postinst (problems with debconf etc.). This |
- also means that the host key can't be generated in the postinst, since |
- lsh-keygen and lsh-writekey both need the random seed to exist. |
- * debian/lsh-server.init.d: generate the host key here if the random seed |
- exists, fail if it doesn't. |
- |
- -- Timshel Knoll <timshel@debian.org> Wed, 11 Sep 2002 12:42:56 +1000 |
- |
-lsh-utils (1.2.5-3) unstable; urgency=low |
- |
- * debian/control: |
- - Updated description to remove "export from US is illegal" information |
- - Removed France from the list of countries where crypto may be illegal |
- * debian/mans/{srp-gen.1,sexp-conv.1}: manpage neatened / errors fixed |
- * debian/scripts/lsh-server-config, debian/lsh-server.postrm: |
- Also create / remove /etc/ssh/sshd_not_to_be_run at appropriate times to |
- prevent sshd from being run, not just /etc/ssh/NOSERVER |
- * debian/lsh-server.init.d: fixed issues with ssh1 fallback, it didn't work |
- before (typo in variable names) |
- |
- -- Timshel Knoll <timshel@debian.org> Mon, 15 Apr 2002 22:41:58 +1000 |
- |
-lsh-utils (1.2.5-2) unstable; urgency=low |
- |
- * Packages moved into main from non-US, yay! Now Section: net |
- * Fixed &>/dev/null bash-ism redirects in upstream's lsh-authorize |
- replaced with >/dev/null 2>&1 |
- * debian/control: fixed misspelling in -doc package description |
- (closes: #125097) |
- * src/lsh.c: changed "lsh" references to "lshc" (closes: #109898) |
- |
- -- Timshel Knoll <timshel@debian.org> Wed, 27 Mar 2002 01:07:34 +1100 |
- |
-lsh-utils (1.2.5-1) unstable; urgency=low |
- |
- * New upstream release |
- * Added German debconf translation (thanks to Sebastian Feltel) |
- (closes: #114339) |
- * debian/copyright: fixed misspelling, common-licences -> common-licenses |
- |
- -- Timshel Knoll <timshel@debian.org> Tue, 30 Oct 2001 15:44:43 +1100 |
- |
-lsh-utils (1.2.3-1) unstable; urgency=low |
- |
- * New upstream release |
- * debian/control: Don't Build-Depend on libgmp2-dev (closes: #104285) |
- |
- -- Timshel Knoll <timshel@debian.org> Thu, 12 Jul 2001 11:26:47 +1000 |
- |
-lsh-utils (1.2.2-2) unstable; urgency=low |
- |
- * Applied Niel's IPv6 patch, to get lshd working on systems without IPv6 |
- (closes: Bug#97623) |
- |
- -- Timshel Knoll <timshel@debian.org> Wed, 23 May 2001 09:38:03 +1000 |
- |
-lsh-utils (1.2.2-1) unstable; urgency=low |
- |
- * New upstream release |
- |
- -- Timshel Knoll <timshel@debian.org> Sat, 12 May 2001 23:58:20 +1000 |
- |
-lsh-utils (1.2.1-1) unstable; urgency=low |
- |
- * New upstream release |
- |
- -- Timshel Knoll <timshel@debian.org> Sat, 21 Apr 2001 21:52:01 +1000 |
- |
-lsh-utils (1.2-1) unstable; urgency=low |
- |
- * New upstream release |
- * Fixes do debian/installmans.pl's manpage section regex and sanity |
- checking |
- * Added manpage for new binary lshg (in lsh-client package), did |
- some updates for the lshc binary as options have been added. |
- * Heaps of packaging fixes/updates. |
- |
- -- Timshel Knoll <timshel@debian.org> Thu, 12 Apr 2001 13:02:27 +1000 |
- |
-lsh-utils (1.0.2-3) unstable; urgency=low |
- |
- * debian/control: Split into 4 packages, lsh-utils, lsh-client, |
- lsh-server and lsh-utils-doc, Standards-Version: 3.5.2, |
- Build-Depends: zlib1g-dev -> libz-dev, added guile1.4-slib | scsh |
- * Pulled original upstream configure script back in and modified that |
- rather than re-generating with autoconf, which made for a huge .diff.gz. |
- * lsh-server package debconf-ized, lsh-server-config script added |
- to configure lshd. |
- * debian/rules: Added support for DEB_BUILD_OPTIONS=nostrip,debug |
- |
- -- Timshel Knoll <timshel@debian.org> Mon, 9 Apr 2001 23:59:47 -0700 |
- |
-lsh-utils (1.0.2-2) unstable; urgency=low |
- |
- * Changed order of ./configure checks for gmp.h and gmp2/gmp.h to fix |
- compile failure - this now checks for gmp2/gmp.h first and thus fixes |
- the problem. This compile is against libgmp3. |
- * debian/installmans.pl: perl Debian::Debhelper program to install manpages |
- properly - this replaces the dh_installmanpages call in debian/rules |
- which will mean that manpages are installed under their correct names. |
- (ie. lsh.1 will be installed as lshc.1) (closes: Bug#88197). |
- * debian/control: Standards-Version: 3.1.1, Build-Depends: added |
- (including texinfo and libgmp2-dev | libgmp3-dev |
- - (closes: Bug#79645, Bug#84532)). |
- * debian/rules: Removed call to obsolete dh_suidregister. |
- * debian/init.d: changed default port of lshd from 2223 to 2222 (it should |
- have been this from the start, since ssh runs on port 22 _not_ 23). :-) |
- |
- -- Timshel Knoll <timshel@debian.org> Tue, 13 Mar 2001 09:54:33 +1100 |
- |
-lsh-utils (1.0.2-1) unstable; urgency=low |
- |
- * New upstream release (closes: Bug#75042) |
- |
- -- Timshel Knoll <timshel@debian.org> Tue, 12 Dec 2000 11:38:13 +1100 |
- |
-lsh-utils (1.0.1-2) unstable; urgency=low |
- |
- * Fixed typo in debian/postinst (lsh_writekey needs -o before output |
- filename) (closes: Bug#71240) |
- |
- -- Timshel Knoll <timshel@debian.org> Mon, 18 Sep 2000 23:52:02 +1100 |
- |
-lsh-utils (1.0.1-1) unstable; urgency=low |
- |
- * New upstream release |
- |
- -- Timshel Knoll <timshel@debian.org> Tue, 18 Jul 2000 19:10:12 +1000 |
- |
-lsh-utils (0.9.9-1) unstable; urgency=low |
- |
- * Initial Release. |
- |
- -- Timshel Knoll <timshel@debian.org> Thu, 15 Jun 2000 16:30:33 +1000 |
- |
Index: 2.0.4-dfsg-6/debian/lsh-server.templates |
=================================================================== |
--- 2.0.4-dfsg-6/debian/lsh-server.templates (revision 70) |
+++ 2.0.4-dfsg-6/debian/lsh-server.templates (nonexistent) |
@@ -1,31 +0,0 @@ |
-Template: lsh-server/lshd_port |
-Type: string |
-Default: 22 |
-_Description: lsh server port: |
- The default port for lshd is 22. If you would like lshd to run on a |
- different port, please specify the alternative port here. If you specify |
- 22, you will need to manually disable any other ssh servers you have |
- running on port 22, other than OpenSSH (from the `openssh-server' package). |
- OpenSSH will be automatically disabled, if you choose 22 here. |
- |
-Template: lsh-server/sftp |
-Type: boolean |
-Default: false |
-_Description: Enable the sftp subsystem? |
- If you want to use sftp with lsh, you will need this subsystem. |
- Please bear in mind, that it's still experimental. Therefore the default |
- is disabled but can be enabled now or later by manually changing |
- /etc/default/lsh-server. |
- . |
- Please choose whether you want to use the EXPERIMENTAL sftp support now. |
- |
-Template: lsh-server/purge_hostkey |
-Type: boolean |
-Default: false |
-_Description: Remove host key on purge? |
- When this package is installed, a host key is generated to authenticate |
- your host. This host key is not purged with the rest of the package by |
- default. |
- . |
- Please choose whether you want to purge the host key when the package |
- is removed. |
Index: 2.0.4-dfsg-6/debian/lsh-utils.install |
=================================================================== |
--- 2.0.4-dfsg-6/debian/lsh-utils.install (revision 70) |
+++ 2.0.4-dfsg-6/debian/lsh-utils.install (nonexistent) |
@@ -1,11 +0,0 @@ |
-usr/bin/lsh-authorize |
-usr/bin/lsh-decode-key |
-usr/bin/lsh-decrypt-key |
-usr/bin/lsh-export-key |
-usr/bin/lsh-keygen |
-usr/bin/lsh-make-seed |
-usr/bin/lsh-upgrade |
-usr/bin/lsh-upgrade-key |
-usr/bin/lsh-writekey |
-usr/bin/srp-gen |
-usr/bin/ssh-conv |
Index: 2.0.4-dfsg-6/debian/rules |
=================================================================== |
--- 2.0.4-dfsg-6/debian/rules (revision 70) |
+++ 2.0.4-dfsg-6/debian/rules (nonexistent) |
@@ -1,18 +0,0 @@ |
-#!/usr/bin/make -f |
- |
-include /usr/share/cdbs/1/class/autotools.mk |
-include /usr/share/cdbs/1/rules/debhelper.mk |
-include /usr/share/cdbs/1/rules/dpatch.mk |
- |
-# the used configure parameters for ./configure |
-DEB_CONFIGURE_EXTRA_FLAGS := --enable-pam --enable-kerberos --enable-srp \ |
- --with-pty --enable-tcp-forward --enable-x11-forward \ |
- --enable-agent-forward --enable-ipv6 --enable-utmp \ |
- --with-zlib --with-tcpwrappers --with-sshd1=/usr/sbin/sshd \ |
- --with-x XAUTH_PROGRAM=/usr/bin/xauth |
- |
-DEB_INSTALL_CHANGELOGS_ALL := ChangeLog |
-DEB_INSTALL_DOCS_ALL := README |
-DEB_DH_INSTALL_SOURCEDIR := debian/tmp |
- |
-LDFLAGS += -Wl,-z,defs -Wl,--as-needed |
/2.0.4-dfsg-6/debian/rules |
Property changes: |
Deleted: svn:executable |
## -1 +0,0 ## |
-* |
\ No newline at end of property |
Index: 2.0.4-dfsg-6/debian/README.source |
=================================================================== |
--- 2.0.4-dfsg-6/debian/README.source (revision 70) |
+++ 2.0.4-dfsg-6/debian/README.source (nonexistent) |
@@ -1,8 +0,0 @@ |
-This package uses dpatch to manage all modifications to the upstream |
-source. Changes are stored in the source package as diffs in |
-debian/patches and applied during the build. For basic usage |
-information, see |
- |
- /usr/share/doc/dpatch/README.source.gz |
- |
-(after installing dpatch). |
Index: 2.0.4-dfsg-6/debian/lsh-client.manpages |
=================================================================== |
--- 2.0.4-dfsg-6/debian/lsh-client.manpages (revision 70) |
+++ 2.0.4-dfsg-6/debian/lsh-client.manpages (nonexistent) |
@@ -1,4 +0,0 @@ |
-debian/mans/lcp.1 |
-doc/lsh.1 |
-doc/lshg.1 |
-src/sftp/lsftp.1 |
Index: 2.0.4-dfsg-6/debian/lsh-server.config |
=================================================================== |
--- 2.0.4-dfsg-6/debian/lsh-server.config (revision 70) |
+++ 2.0.4-dfsg-6/debian/lsh-server.config (nonexistent) |
@@ -1,109 +0,0 @@ |
-#!/usr/bin/perl -w |
-# |
-# debconf config script for lsh-server |
-# |
-# Copyright (c) 2000, 2001, 2002 Timshel Knoll <timshel@debian.org> |
-# This program is free software; you can redistribute it and/or modify |
-# it under the terms of the GNU General Public License as published by |
-# the Free Software Foundation; either version 2 of the License, or |
-# (at your option) any later version. |
-# |
-# This program is distributed in the hope that it will be useful, |
-# but WITHOUT ANY WARRANTY; without even the implied warranty of |
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
-# GNU General Public License for more details. |
-# |
-# You should have received a copy of the GNU General Public License |
-# along with this program; if not, write to the Free Software |
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
-# |
-# On Debian systems, see /usr/share/common-licenses/GPL for the GNU GPL. |
-# |
-use strict; |
-use Debconf::Client::ConfModule ':all'; |
- |
- |
-sub ask_whether_to_purge_hostkey { |
- &input ("medium", "lsh-server/purge_hostkey"); |
- my @ret = &go (); |
- |
- return ($ret[0] == 30 ? -1 : 1); |
-} |
- |
- |
-sub get_lshd_port { |
- &input ("medium", "lsh-server/lshd_port"); |
- my @ret = &go (); |
- |
- my $port = &get ("lsh-server/lshd_port"); |
- |
- if ($port and $port !~ m/^\d+$/) { |
- $port = (getservbyname ($port, "tcp"))[2]; |
- } |
- |
- unless ($port) { |
- # invalid service entered: wasn't a number, and |
- # getservbyname failed, try again ... |
- # FIXME: try putting some sort of error message here? |
- &reset ("lsh-server/lshd_port"); |
- return 0; |
- } |
- |
- return ($ret[0] == 30 ? -1 : 1); |
-} |
- |
- |
- |
-sub ask_whether_to_enable_sftp { |
- &input ("medium", "lsh-server/sftp"); |
- my @ret = &go (); |
- |
- return ($ret[0] == 30 ? -1 : 1); |
-} |
- |
- |
-sub configure () { |
- my $state = 0; |
- |
- # The list of things to do, in order |
- # Aren't really long, descriptive function names fun ;-) |
- my @states = ( |
- \&ask_whether_to_purge_hostkey, |
- \&get_lshd_port, |
- \&ask_whether_to_enable_sftp |
- ); |
- |
- # This is 1 or -1, depending on whether we're going forward or backward |
- # Required because otherwise when we back up to a question doesn't need |
- # to be asked, the engine will go forward again :-( |
- my $step = 1; |
- |
- until ($state > $#states) { |
- if ($state < 0) { |
- $state = 0; |
- # We may have got here because of "backing up" to a question which |
- # was skipped, so make sure we're going forward from here to avoid |
- # an infinite loop |
- $step = 1; |
- } |
- |
- $step = &{ $states[$state] } ($step); |
- |
- $state += $step; |
- } |
-} |
- |
- |
- |
-die "Syntax error: no argument" if (@ARGV <= 0); |
- |
-version ('2.0'); |
- |
-my $capb = &capb ('backup'); |
- |
-if ($ARGV[0] eq "configure" || $ARGV[0] eq "reconfigure") { |
- &configure (); |
-} |
- |
- |
- |
Index: 2.0.4-dfsg-6/debian/mans/lsh-execuv.8 |
=================================================================== |
--- 2.0.4-dfsg-6/debian/mans/lsh-execuv.8 (revision 70) |
+++ 2.0.4-dfsg-6/debian/mans/lsh-execuv.8 (nonexistent) |
@@ -1,70 +0,0 @@ |
-.\" Hey, EMACS: -*- nroff -*- |
-.\" First parameter, NAME, should be all caps |
-.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection |
-.\" other parameters are allowed: see man(7), man(1) |
-.TH LSH-EXECUV 8 "Jul 05 2002" lsh-execuv "lsh manuals" |
-.\" Please adjust this date whenever revising the manpage. |
-.\" |
-.\" Some roff macros, for reference: |
-.\" .nh disable hyphenation |
-.\" .hy enable hyphenation |
-.\" .ad l left justify |
-.\" .ad b justify to both left and right margins |
-.\" .nf disable filling |
-.\" .fi enable filling |
-.\" .br insert line break |
-.\" .sp <n> insert n+1 empty lines |
-.\" for manpage-specific macros, see man(7) |
-.SH NAME |
-lsh-execuv \- program to securely execute a program as another user |
-.SH SYNOPSIS |
-.B lsh-execuv |
-.RI [ options ] " program " [ -- ] " real-argv" |
-.SH DESCRIPTION |
-This manual page documents briefly the |
-.B lsh-execuv |
-command. |
-This manual page was written for the Debian distribution |
-because the original program does not have a manual page. |
-.PP |
-.\" TeX users may be more comfortable with the \fB<whatever>\fP and |
-.\" \fI<whatever>\fP escape sequences to invode bold face and italics, |
-.\" respectively. |
-\fBlsh-execuv\fP is a utility program for the lsh server that securely executes |
-a program as a different user. |
-another user. |
-.SH OPTIONS |
-A summary of options is included below. |
-.TP |
-.B \-u \fIuid\fP |
-setuid to numeric \fIuid\fP before running \fIprogram\fP. Usernames are |
-not supported, only numeric uids. |
-.TP |
-.B \-g \fIgid\fP |
-setgid to numeric \fIgid\fP before running \fIprogram\fP. Group names are |
-not supported, only numeric gids. |
-.TP |
-.B \-n \fIuser-name\fP |
-User name, needed for initgroups |
-.TP |
-.B \-i |
-Call initgroups, requires that -n \fIuser-name\fP be specified. |
-.TP |
-.B \-c |
-Clear the list of supplimentary groups. |
-.TP |
-.B \-p |
-Use $PATH variable to search for program. |
-.TP |
-.B \-? |
-Show summary of options. |
-.SH SEE ALSO |
-.BR lsh (1), |
-.BR lshd (8). |
-.BR |
-The programs are documented fully by |
-.IR "Lsh" , |
-available via the Info system. |
-.SH AUTHOR |
-This manual page was written by Timshel Knoll <timshel@debian.org>, |
-for the Debian GNU/Linux system (but may be used by others). |
Index: 2.0.4-dfsg-6/debian/mans/lsh-pam-checkpw.8 |
=================================================================== |
--- 2.0.4-dfsg-6/debian/mans/lsh-pam-checkpw.8 (revision 70) |
+++ 2.0.4-dfsg-6/debian/mans/lsh-pam-checkpw.8 (nonexistent) |
@@ -1,53 +0,0 @@ |
-.\" Hey, EMACS: -*- nroff -*- |
-.\" First parameter, NAME, should be all caps |
-.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection |
-.\" other parameters are allowed: see man(7), man(1) |
-.TH LSH-PAM-CHECKPW 8 "Jul 05 2002" lsh-pam-checkpw "lsh manuals" |
-.\" Please adjust this date whenever revising the manpage. |
-.\" |
-.\" Some roff macros, for reference: |
-.\" .nh disable hyphenation |
-.\" .hy enable hyphenation |
-.\" .ad l left justify |
-.\" .ad b justify to both left and right margins |
-.\" .nf disable filling |
-.\" .fi enable filling |
-.\" .br insert line break |
-.\" .sp <n> insert n+1 empty lines |
-.\" for manpage-specific macros, see man(7) |
-.SH NAME |
-lsh-pam-checkpw \- program to check a PAM username/password combination |
-.SH SYNOPSIS |
-.B lsh-pam-checkpw |
-.RI username-to-check |
-.SH DESCRIPTION |
-This manual page documents briefly the |
-.B lsh-pam-checkpw |
-command. |
-This manual page was written for the Debian distribution |
-because the original program does not have a manual page. |
-Instead, it has documentation in the GNU Info format; see below. |
-.PP |
-.\" TeX users may be more comfortable with the \fB<whatever>\fP and |
-.\" \fI<whatever>\fP escape sequences to invode bold face and italics, |
-.\" respectively. |
-\fBlsh-pam-checkpw\fP is a program that checks if a username and password |
-combination is valid for login by doing a PAM lookup. It is designed to be |
-used as a password helper program for \fBlshd (8)\fP, (eg. |
-\fB\-\-password\-helper=/usr/sbin/lsh-pam-checkpw\fP. |
-.PP |
-.B lsh-pam-checkpw |
-takes one required argument, which is the username, and reads the password from |
-stdin, then returns 0 if the password is valid, or 1 otherwise. Note that the |
-password must be supplied exactly, ie. there must be no newline after the |
-password, so if invoking from a shell, just type "<your-password><CTRL-D>". |
-.SH SEE ALSO |
-.BR lsh (1), |
-.BR lshd (8). |
-.BR |
-The programs are documented fully by |
-.IR "Lsh" , |
-available via the Info system. |
-.SH AUTHOR |
-This manual page was written by Timshel Knoll <timshel@debian.org>, |
-for the Debian GNU/Linux system (but may be used by others). |
Index: 2.0.4-dfsg-6/debian/mans/lsh-export-key.1 |
=================================================================== |
--- 2.0.4-dfsg-6/debian/mans/lsh-export-key.1 (revision 70) |
+++ 2.0.4-dfsg-6/debian/mans/lsh-export-key.1 (nonexistent) |
@@ -1,77 +0,0 @@ |
-.\" Hey, EMACS: -*- nroff -*- |
-.\" First parameter, NAME, should be all caps |
-.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection |
-.\" other parameters are allowed: see man(7), man(1) |
-.TH LSH-EXPORT-KEY 1 "Apr 19, 2002" lsh-export-key "lsh manuals" |
-.\" Please adjust this date whenever revising the manpage. |
-.\" |
-.\" Some roff macros, for reference: |
-.\" .nh disable hyphenation |
-.\" .hy enable hyphenation |
-.\" .ad l left justify |
-.\" .ad b justify to both left and right margins |
-.\" .nf disable filling |
-.\" .fi enable filling |
-.\" .br insert line break |
-.\" .sp <n> insert n+1 empty lines |
-.\" for manpage-specific macros, see man(7) |
-.SH NAME |
-lsh-export-key \- Converts an s-expression to the OpenSSH/SSH2 encoding format. |
-.SH SYNOPSIS |
-.B lsh-export-key |
-.RI [ options ] |
-.SH DESCRIPTION |
-\fBlsh-export-key\fP is a utility which reads an s-expression on stdin, |
-and writes the same s-expression to stdout, using the OpenSSH/SSH2 |
-encoding format. |
-.SH OPTIONS |
-These programs follow the usual GNU command line syntax, with long |
-options starting with two dashes (`-'). |
-A summary of options is included below. |
-.TP |
-.B \-c, \-\-comment=\fIcomment\fP |
-Adds \fIcomment\fP to output key as its comment |
-.TP |
-.B \-o, \-\-output\-file=\fIfilename\fP |
-Write output key to \fIfilename\fP, default is stdout |
-.TP |
-.B \-r, \-\-input\-file=\fIfilename\fP |
-Read input key from \fIfilename\fP, default is stdin |
-.TP |
-.B \-s, \-\-subject=\fIsubject\fP |
-Adds \fIsubject\fP to the output key as its subject |
-.TP |
-.B \-\-debug |
-Prints huge amounts of debug information |
-.TP |
-.B \-q, \-\-quiet |
-Suppress all warnings and diagnostic messages |
-.TP |
-.B \-\-trace |
-Detailed program trace |
-.TP |
-.B \-\-verbose |
-verbose diagnostic messages |
-.TP |
-.B \-i, \-\-input\-format=\fIformat\fP |
-Input is in the \fIformat\fP variant of s-expression syntax, \fIformat\fP must |
-be one of "transport", "canonical", "advanced" or "international" |
-.TP |
-.B \-?, \-\-help |
-Show summary of options |
-.TP |
-.B \-\-usage |
-Prints a short usage message |
-.TP |
-.B \-V, \-\-version |
-Prints the program version |
-.SH SEE ALSO |
-.BR lsh (1), |
-.BR lshd (8), |
-.BR sexp-conv (1), |
-.BR ssh-conv (1), |
-.BR lsh-decode-key (1). |
-.br |
-.SH AUTHOR |
-This manual page was written by Timshel Knoll <timshel@debian.org>, |
-for the Debian GNU/Linux system (but may be used by others). |
Index: 2.0.4-dfsg-6/debian/mans/srp-gen.1 |
=================================================================== |
--- 2.0.4-dfsg-6/debian/mans/srp-gen.1 (revision 70) |
+++ 2.0.4-dfsg-6/debian/mans/srp-gen.1 (nonexistent) |
@@ -1,90 +0,0 @@ |
-.\" Hey, EMACS: -*- nroff -*- |
-.\" First parameter, NAME, should be all caps |
-.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection |
-.\" other parameters are allowed: see man(7), man(1) |
-.TH SRP-GEN 1 "Apr 10, 2002" srp-gen "lsh manuals" |
-.\" Please adjust this date whenever revising the manpage. |
-.\" |
-.\" Some roff macros, for reference: |
-.\" .nh disable hyphenation |
-.\" .hy enable hyphenation |
-.\" .ad l left justify |
-.\" .ad b justify to both left and right margins |
-.\" .nf disable filling |
-.\" .fi enable filling |
-.\" .br insert line break |
-.\" .sp <n> insert n+1 empty lines |
-.\" for manpage-specific macros, see man(7) |
-.SH NAME |
-srp-gen \- generate a password verifier for the SRP protocol. |
-.SH SYNOPSIS |
-.B srp-gen |
-.RI [ options ] |
-.SH DESCRIPTION |
-This manual page documents briefly the |
-.B srp-gen |
-command. |
-This manual page was written for the Debian GNU/Linux distribution |
-because the original program does not have a manual page. |
-Instead, it has documentation in the GNU Info format; see below. |
-.PP |
-.\" TeX users may be more comfortable with the \fB<whatever>\fP and |
-.\" \fI<whatever>\fP escape sequences to invode bold face and italics, |
-.\" respectively. |
-\fBsrp-gen\fP is a program that generates a password verifier for the Secure |
-Remote Password protocol. The password verifier should be stored as |
-~/.lsh/srp-verifier on the target (remote) machine on which you want to |
-authenticate using SRP. |
- |
-For more information about SRP, see the "srp" node of the "Getting started" |
-section of the Lsh manual available via the info system. |
-.SH OPTIONS |
-This program follows the usual GNU command line syntax, with long |
-options starting with two dashes (`-'). |
-A summary of options is included below. |
-For a complete description, see the Info files. |
-.TP |
-.B \-l, \-\-user=\fIusername\fP |
-User name. |
-.TP |
-.B \-o, \-\-output\-file=\fIfilename\fP |
-The file to output to. Default is to output to stdout. |
-.TP |
-.B \-p, \-\-password=\fIpassword\fP |
-The password to use. |
-.TP |
-.B \-\-debug |
-Print lots of debug information. |
-.TP |
-.B \-q, \-\-quiet |
-Suppress all warnings and diagnostic messages. |
-.TP |
-.B \-\-trace |
-Detailed trace. |
-.TP |
-.B \-v, \-\-verbose |
-Print verbose diagnostic messages. |
-.TP |
-.B \-f, \-\-output\-format=format |
-The S-expression output format. Valid sexp formats are: transport, canonical, |
-advanced and international. |
-.TP |
-.B \-?, \-\-help |
-Show summary of options. |
-.TP |
-.B \-\-usage |
-Show a short usage message. |
-.TP |
-.B \-V, \-\-version |
-Show version of program. |
-.SH SEE ALSO |
-.BR lsh (1), |
-.BR lshd (1), |
-.BR sexp-conv (1). |
-.br |
-The lsh programs (including this one) are documented fully by |
-.IR "Lsh" , |
-available via the Info system. |
-.SH AUTHOR |
-This manual page was written by Timshel Knoll <timshel@debian.org>, |
-for the Debian GNU/Linux system (but may be used by others). |
Index: 2.0.4-dfsg-6/debian/mans/lsh-krb-checkpw.8 |
=================================================================== |
--- 2.0.4-dfsg-6/debian/mans/lsh-krb-checkpw.8 (revision 70) |
+++ 2.0.4-dfsg-6/debian/mans/lsh-krb-checkpw.8 (nonexistent) |
@@ -1,53 +0,0 @@ |
-.\" Hey, EMACS: -*- nroff -*- |
-.\" First parameter, NAME, should be all caps |
-.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection |
-.\" other parameters are allowed: see man(7), man(1) |
-.TH LSH-KRB-CHECKPW 8 "Nov 15 2005" lsh-krb-checkpw "lsh manuals" |
-.\" Please adjust this date whenever revising the manpage. |
-.\" |
-.\" Some roff macros, for reference: |
-.\" .nh disable hyphenation |
-.\" .hy enable hyphenation |
-.\" .ad l left justify |
-.\" .ad b justify to both left and right margins |
-.\" .nf disable filling |
-.\" .fi enable filling |
-.\" .br insert line break |
-.\" .sp <n> insert n+1 empty lines |
-.\" for manpage-specific macros, see man(7) |
-.SH NAME |
-lsh-krb-checkpw \- program to check a Kerberos username/password combination |
-.SH SYNOPSIS |
-.B lsh-krb-checkpw |
-.RI username-to-check |
-.SH DESCRIPTION |
-This manual page documents briefly the |
-.B lsh-krb-checkpw |
-command. |
-This manual page was written for the Debian distribution |
-because the original program does not have a manual page. |
-Instead, it has documentation in the GNU Info format; see below. |
-.PP |
-.\" TeX users may be more comfortable with the \fB<whatever>\fP and |
-.\" \fI<whatever>\fP escape sequences to invode bold face and italics, |
-.\" respectively. |
-\fBlsh-krb-checkpw\fP is a program that checks if a username and password |
-combination is valid for login by doing a kerberos lookup. It is designed to be |
-used as a password helper program for \fBlshd (8)\fP, (eg. |
-\fB\-\-password\-helper=/usr/sbin/lsh-krb-checkpw\fP. |
-.PP |
-.B lsh-krb-checkpw |
-takes one required argument, which is the username, and reads the password from |
-stdin, then returns 0 if the password is valid, or 1 otherwise. Note that the |
-password must be supplied exactly, ie. there must be no newline after the |
-password, so if invoking from a shell, just type "<your-password><CTRL-D>". |
-.SH SEE ALSO |
-.BR lsh (1), |
-.BR lshd (8). |
-.BR |
-The programs are documented fully by |
-.IR "Lsh" , |
-available via the Info system. |
-.SH AUTHOR |
-This manual page was written by Timshel Knoll <timshel@debian.org>, |
-for the Debian GNU/Linux system (but may be used by others). |
Index: 2.0.4-dfsg-6/debian/mans/lcp.1 |
=================================================================== |
--- 2.0.4-dfsg-6/debian/mans/lcp.1 (revision 70) |
+++ 2.0.4-dfsg-6/debian/mans/lcp.1 (nonexistent) |
@@ -1,73 +0,0 @@ |
-.\" -*- nroff -*- |
-.\" |
-.\" lcp.1 |
-.\" |
-.Dd November 8, 2005 |
-.Dt LCP 1 |
-.Os |
-.Sh NAME |
-.Nm lcp |
-.Nd Secure remote file copy |
-.Sh SYNOPSIS |
-.Nm lcp |
-.Bk -words |
-.Op Fl fvn |
-.Sm off |
-.Oo |
-.Op Ar user No @ |
-.Ar host1 No : |
-.Oc Ns Ar file1 |
-.Sm on |
-.Sm off |
-.Oo |
-.Op Ar user No @ |
-.Ar host2 No : |
-.Oc Ar file2 |
-.Sm on |
-.Ek |
-.\" |
-.Sh DESCRIPTION |
-.Nm |
-is a program that securely copies files between two hosts on a |
-network. This is intended as a secure replacement for |
-.Xr rcp 1 . |
-Note |
-that both the source and the destination can be on remote machines. |
-.\" |
-.Sh OPTIONS |
-Available options: |
-.\" |
-.Bl -tag -width Ds |
-.It Fl \-help |
-Show summary of options. |
-.It Fl f, \-force |
-Overwrite existing files. |
-.It Fl v, \-version |
-Display commands before they are executed. |
-.It Fl n, \-dry\-run |
-Don't execute any commands. Implies -v. |
-.El |
-.\" |
-.\" |
-.Sh ENVIRONMENT |
-.Bl -tag -width ".Ev LSFTP_RSH" |
-.It Ev LSFTP_RSH |
-The program to use for the SSH tunnel. If the variable is not set, lcp |
-defaults to using lsh. |
-.El |
-.\" |
-.Sh "REPORTING BUGS" |
-Report bugs to <bug-lsh@gnu.org>. |
-.\" |
-.Sh AUTHOR |
-The lsh program suite is written mainly by Niels M\[:o]ller <nisse@lysator.liu.se>. |
-.\" |
-This man-page was written for |
-the Debian GNU/Linux system by Charles Fry <debian@frogcircus.org>. |
-.\" |
-.Sh "SEE ALSO" |
-.Xr rcp 1 , |
-.Xr scp 1 , |
-.Xr lsftp 1 , |
-.Xr lsh 1 , |
-.Xr lshd 8 |
Index: 2.0.4-dfsg-6/debian/mans/lsh_proxy.8 |
=================================================================== |
--- 2.0.4-dfsg-6/debian/mans/lsh_proxy.8 (revision 70) |
+++ 2.0.4-dfsg-6/debian/mans/lsh_proxy.8 (nonexistent) |
@@ -1,129 +0,0 @@ |
-.\" Hey, EMACS: -*- nroff -*- |
-.\" First parameter, NAME, should be all caps |
-.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection |
-.\" other parameters are allowed: see man(7), man(1) |
-.TH LSH_PROXY 1 "Apr 19, 2000" lsh_proxy "Lsh manuals" |
-.\" Please adjust this date whenever revising the manpage. |
-.\" |
-.\" Some roff macros, for reference: |
-.\" .nh disable hyphenation |
-.\" .hy enable hyphenation |
-.\" .ad l left justify |
-.\" .ad b justify to both left and right margins |
-.\" .nf disable filling |
-.\" .fi enable filling |
-.\" .br insert line break |
-.\" .sp <n> insert n+1 empty lines |
-.\" for manpage-specific macros, see man(7) |
-.SH NAME |
-lsh_proxy \- Server for the ssh-2 protocol. |
-.SH SYNOPSIS |
-.B lsh_proxy |
-.RI [ options ] |
-.SH DESCRIPTION |
-This manual page documents briefly the |
-.B lsh_proxy |
-command. |
-.SH OPTIONS |
-These programs follow the usual GNU command line syntax, with long |
-options starting with two dashes (`-'). |
-A summary of options is included below. |
-For a complete description, see the Info files. |
-.TP |
-.B \-D, \-\-destination=\fIdestination:port\fP |
-Destination ssh server address (transparent if not given). |
-.TP |
-.B \-h, \-\-host\-key=\fIkey\-file\fP |
-Location of the server's public key. |
-.TP |
-.B \-\-interface=\fIinterface\fP |
-Listen on this network interface. |
-.TP |
-.B \-\-no\-tcp\-forward |
-Disable TCP/IP forwarding. |
-.TP |
-.B \-p, \-\-port=\fIport\fP |
-Listen on this port. |
-.TP |
-.B \-\-tcp\-forward |
-Enable TCP/IP forwarding (default). |
-.TP |
-.B \-c, \-\-crypto=\fIcrypto\-algorithm\fP |
-The crypto algorithm to use. Supported types of \fIcrypto\-algorithm\fP (in |
-order of preference) are "3des-cbc", "twofish-cbc", "cast128-cbc", |
-"serpent-cbc@lysator.liu.se", "rijndael@lysator.liu.se", "blowfish-cbc", |
-"arcfour", "none". The default is to use triple-DES in CBC mode ("3des-cbc"). |
-You may also specify "all" to enable all supported crypto |
-algorithms (except "none"). |
-.TP |
-.B \-\-hostkey\-algorithm=\fIhostkey\-algorithm\fP |
-The hostkey algorithm to use. Supported types of \fIhostkey\-algorithm\fP (in |
-order of preference) are "ssh-dss", "spki", "none". |
-.TP |
-.B \-m, \-\-mac=\fImac\-algorithm\fP |
-The MAC (message authentication) algorithm to use. Supported types of |
-\fImac\-algorithm\fP (in order of preference) are "hmac-sha1", "hmac-md5", |
-"none". |
-.TP |
-.B \-z, \-\-compression[=\fIcompression\-algorithm\fP] |
-The compression algorithm to use. Supported types of |
-\fIcompression\-algorithm\fP are "none", "zlib". The default preference list |
-supports zlib compression, but prefers not to use it. If \-z or \-\-compression |
-is specified with no argument, the compression algorithm list is changed to |
-"zlib", "none", which means that zlib is the preferred method of compression. |
-A somewhat unobvious consequence of -z having an optional argument is that if |
-you provide an argument, it must follow directly after the option letter, no |
-spaces allowed. |
-.TP |
-.B \-\-list\-algorithms |
-List supported crypto, compression, MAC and hostkey algorithms. |
-.TP |
-.B \-i, \-\-input\-format=\fIformat\fP |
-Accept S-expressions of format \fIformat\fP. |
-.TP |
-.B \-\-daemonic |
-Run in the background, redirect stdio to /dev/null, chdir to /. |
-.TP |
-.B \-\-enable\-core |
-Dump core on fatal errors (disabled by default). |
-.TP |
-.B \-\-no\-daemonic |
-Run in the foreground, with messages to stderr (default). |
-.TP |
-.B \-\-no\-pid\-file |
-Don't use any pid file. Default in non-daemonic mode. |
-.TP |
-.B \-\-pid\-file=\fIpid\-file\fP |
-Create pid file \fIpid\-file\fP. When running in daemonic mode, the default is |
-/var/run/lsh_proxy.pid. |
-.TP |
-.B \-\-debug |
-Print huge amounts of debug information. |
-.TP |
-.B \-q, \-\-quiet |
-Suppress all warnings and diagnostic messages. |
-.TP |
-.B \-\-trace |
-Print a detailed program trace. |
-.TP |
-.B \-\-verbose |
-Print verbose diagnostic messages. |
-.TP |
-.B \-?, \-\-help |
-Show summary of options. |
-.TP |
-.B \-\-usage |
-Give a short usage message. |
-.TP |
-.B \-V, \-\-version |
-Show version of program. |
-.SH SEE ALSO |
-.BR lsh (1). |
-.BR lshd (8) |
-.BR |
-The programs are documented fully by |
-.IR "Lsh" , |
-available via the Info system. |
-.SH AUTHOR |
-This manual page was written by Robert Bihlmeyer <robbe@orcus.priv.at>, |
-for the Debian GNU/Linux system (but may be used by others). |
Index: 2.0.4-dfsg-6/debian/lsh-server.install |
=================================================================== |
--- 2.0.4-dfsg-6/debian/lsh-server.install (revision 70) |
+++ 2.0.4-dfsg-6/debian/lsh-server.install (nonexistent) |
@@ -1,5 +0,0 @@ |
-usr/sbin/lshd |
-usr/sbin/lsh-execuv |
-usr/sbin/lsh-krb-checkpw |
-usr/sbin/lsh-pam-checkpw |
-usr/sbin/sftp-server usr/lib/lsh-server |
Index: 2.0.4-dfsg-6/debian |
=================================================================== |
--- 2.0.4-dfsg-6/debian (revision 70) |
+++ 2.0.4-dfsg-6/debian (nonexistent) |
/2.0.4-dfsg-6/debian |
Property changes: |
Deleted: mergeWithUpstream |
## -1 +0,0 ## |
-1 |
\ No newline at end of property |