| /tags/2.1-10/debian/changelog |
|---|
| 1,3 → 1,24 |
| lsh-utils (2.1-10) unstable; urgency=low |
| * Add missing lsb-base dependency. |
| * missing_include.patch: Add a missing include to fix FTBFS with bindnow |
| and PIE enabled (Closes: #837665, LP: #1628178). |
| * Increase Debhelper compat level to 9. |
| * Add Brazilian Portuguese debconf templates translation (Closes: |
| #816948). |
| * Drop the blacklisting of vulnerable SSH keys. OpenSSH did so three |
| years ago; the vulnerability was eight years ago. |
| * Bump Standards-Version to 3.9.8. |
| -- Magnus Holmgren <holmgren@debian.org> Tue, 18 Oct 2016 19:55:20 +0200 |
| lsh-utils (2.1-9) unstable; urgency=medium |
| * nettle3.patch: also cast length arguments to nettle_sexp_vformat() to |
| size_t. |
| -- Magnus Holmgren <holmgren@debian.org> Thu, 25 Feb 2016 00:16:44 +0100 |
| lsh-utils (2.1-8) unstable; urgency=low |
| * Build with MIT Kerberos instead of Heimdal (Closes: #806266, #812813). |
| /tags/2.1-10/debian/compat |
|---|
| 1,0 → 0,0 |
| 7 |
| 9 |
| /tags/2.1-10/debian/control |
|---|
| 3,8 → 3,8 |
| Priority: extra |
| Maintainer: Magnus Holmgren <holmgren@debian.org> |
| Uploaders: Stefan Pfetzing <dreamind@dreamind.de> |
| Standards-Version: 3.9.6 |
| Build-Depends: dpkg-dev (>= 1.15.7), debhelper (>= 7), dh-autoreconf, dh-systemd (>= 1.5), automake, |
| Standards-Version: 3.9.8 |
| Build-Depends: dpkg-dev (>= 1.15.7), debhelper (>= 9), dh-autoreconf, dh-systemd (>= 1.5), automake, |
| libgmp-dev, zlib1g-dev | libz-dev, liboop-dev, libxau-dev, nettle-dev (>= 3.0~), nettle-bin, |
| texinfo (>= 4.2), libkrb5-dev, libwrap0-dev | libwrap-dev, |
| libpam0g-dev | libpam-dev, libreadline-dev, m4 |
| 13,7 → 13,6 |
| Package: lsh-utils |
| Architecture: any |
| Depends: nettle-bin (>= 2.0-2), ${shlibs:Depends}, ${misc:Depends} |
| Recommends: openssh-blacklist, openssh-blacklist-extra |
| Suggests: lsh-server, lsh-client, lsh-doc |
| Description: Secure Shell v2 (SSH2) protocol utilities |
| lsh is a GPLed implementation of the Secure SHell protocol version 2 |
| 32,9 → 31,8 |
| Package: lsh-server |
| Architecture: any |
| Provides: ssh-server |
| Depends: lsh-utils (= ${binary:Version}), openssh-blacklist, |
| ${shlibs:Depends}, ${misc:Depends} |
| Recommends: openssh-blacklist-extra |
| Depends: lsh-utils (= ${binary:Version}), |
| lsb-base (>= 3.0-6), ${shlibs:Depends}, ${misc:Depends} |
| Suggests: lsh-client | openssh-client, lsh-doc |
| Description: Secure Shell v2 (SSH2) protocol server |
| lsh is a GPLed implementation of the Secure SHell protocol version 2 |
| /tags/2.1-10/debian/patches/blacklist.patch |
|---|
| File deleted |
| Property changes: |
| Deleted: svn:executable |
| ## -1 +0,0 ## |
| -* |
| \ No newline at end of property |
| Index: debian/patches/missing_include.patch |
| =================================================================== |
| --- debian/patches/missing_include.patch (.../trunk) (nonexistent) |
| +++ debian/patches/missing_include.patch (.../tags/2.1-10) (revision 147) |
| @@ -0,0 +1,10 @@ |
| +--- a/src/io_commands.c |
| ++++ b/src/io_commands.c |
| +@@ -36,6 +36,7 @@ |
| + #include "command.h" |
| + #include "connection.h" |
| + /* For lsh_get_cstring */ |
| ++#include "lsh_string.h" |
| + #include "format.h" |
| + #include "io.h" |
| + #include "queue.h" |
| Index: debian/patches/nettle3.patch |
| =================================================================== |
| --- debian/patches/nettle3.patch (.../trunk) (revision 136) |
| +++ debian/patches/nettle3.patch (.../tags/2.1-10) (revision 147) |
| @@ -268,3 +268,74 @@ |
| const uint8_t *subexpr = sexp_iterator_subexpr(i, &length); |
| return subexpr ? ssh_format("%ls", length, subexpr) : NULL; |
| +--- a/src/lsh.c |
| ++++ b/src/lsh.c |
| +@@ -524,8 +524,8 @@ do_lsh_lookup(struct lookup_verifier *c, |
| + } |
| + |
| + acl = lsh_string_format_sexp(0, "(acl(entry(subject%l)%l))", |
| +- subject->key_length, subject->key, |
| +- STRING_LD(self->access)); |
| ++ (size_t)subject->key_length, subject->key, |
| ++ (size_t)STRING_LD(self->access)); |
| + |
| + /* FIXME: Seems awkward to pick the acl apart again. */ |
| + if (!spki_iterator_first(&i, STRING_LD(acl))) |
| +@@ -540,7 +540,7 @@ do_lsh_lookup(struct lookup_verifier *c, |
| + A_WRITE(self->file, |
| + ssh_format("\n; ACL for host %lz\n" |
| + "%lfS\n", |
| +- self->host, lsh_string_format_sexp(1, "%l", STRING_LD(acl)))); |
| ++ self->host, lsh_string_format_sexp(1, "%l", (size_t)STRING_LD(acl)))); |
| + |
| + lsh_string_free(acl); |
| + } |
| +--- a/src/spki.c |
| ++++ b/src/spki.c |
| +@@ -98,7 +98,7 @@ make_ssh_hostkey_tag(const char *host) |
| + } |
| + |
| + tag = lsh_string_format_sexp(0, "(tag(ssh-hostkey%s))", |
| +- STRING_LD(reversed)); |
| ++ (size_t)STRING_LD(reversed)); |
| + lsh_string_free(reversed); |
| + |
| + return tag; |
| +@@ -207,7 +207,7 @@ spki_hash_data(const struct hash_algorit |
| + |
| + out = lsh_string_format_sexp(0, "(hash%0s%s)", |
| + "hash", get_atom_name(algorithm_name), |
| +- STRING_LD(digest)); |
| ++ (size_t)STRING_LD(digest)); |
| + KILL(hash); |
| + lsh_string_free(digest); |
| + |
| +@@ -376,13 +376,13 @@ spki_pkcs5_encrypt(struct randomness *r, |
| + value = lsh_string_format_sexp(0, "(password-encrypted%s(Xpkcs5v2%0s" |
| + "(iterations%i)(salt%s))" |
| + "(%0s(iv%s)(data%s)))", |
| +- STRING_LD(label), |
| ++ (size_t)STRING_LD(label), |
| + get_atom_name(prf_name), |
| + iterations, |
| +- STRING_LD(salt), |
| ++ (size_t)STRING_LD(salt), |
| + get_atom_name(crypto_name), |
| +- STRING_LD(iv), |
| +- STRING_LD(encrypted)); |
| ++ (size_t)STRING_LD(iv), |
| ++ (size_t)STRING_LD(encrypted)); |
| + |
| + lsh_string_free(key); |
| + lsh_string_free(salt); |
| +--- a/src/srp_exchange.c |
| ++++ b/src/srp_exchange.c |
| +@@ -112,7 +112,7 @@ srp_make_verifier(const struct zn_group |
| + zn_exp(G, x, G->generator, x); |
| + |
| + expr = lsh_string_format_sexp(0, "(srp-verifier ssh-ring1%s%b)", |
| +- STRING_LD(salt), |
| ++ (size_t)STRING_LD(salt), |
| + x); |
| + |
| + mpz_clear(x); |
| /tags/2.1-10/debian/patches/series |
|---|
| 1,8 → 1,8 |
| sftp-server-mansection.patch |
| blacklist.patch |
| new-readline-completion-function-typedef.patch |
| rl_completion-segfault.patch |
| bsd_connreset_test_fail.patch |
| skip-argp.patch |
| nettle3.patch |
| missing_include.patch |
| mit-kerberos.patch |
| /tags/2.1-10/debian/po/pt_BR.po |
|---|
| 0,0 → 1,96 |
| # Debconf translations for lsh-utils. |
| # Copyright (C) 2016 Adriano Rafael Gomes <adrianorg@arg.eti.br>, 2016. |
| # This file is distributed under the same license as the lsh-utils package. |
| msgid "" |
| msgstr "" |
| "Project-Id-Version: lsh-utils\n" |
| "Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n" |
| "POT-Creation-Date: 2012-09-29 12:42-0400\n" |
| "PO-Revision-Date: 2016-01-06 12:58-0200\n" |
| "Last-Translator: Adriano Rafael Gomes <adrianorg@arg.eti.br>\n" |
| "Language-Team: Brazilian Portuguese <debian-l10n-portuguese@lists.debian." |
| "org>\n" |
| "Language: pt_BR\n" |
| "MIME-Version: 1.0\n" |
| "Content-Type: text/plain; charset=UTF-8\n" |
| "Content-Transfer-Encoding: 8bit\n" |
| #. Type: string |
| #. Description |
| #: ../lsh-server.templates:2001 |
| msgid "lsh server port:" |
| msgstr "Porta do servidor lsh:" |
| #. Type: string |
| #. Description |
| #: ../lsh-server.templates:2001 |
| msgid "" |
| "The default port for lshd is 22. If lshd should run on a different port, " |
| "please specify the alternative port here. If you specify 22, you will need " |
| "to manually disable any other SSH servers running on port 22, other than " |
| "OpenSSH (from the package openssh-server), which will be disabled " |
| "automatically if you choose 22 here." |
| msgstr "" |
| "A porta padrão para o lshd é a 22. Se o lshd deverá executar em uma porta " |
| "diferente, por favor, especifique a porta alternativa aqui. Se você " |
| "especificar 22, você precisará desabilitar manualmente quaisquer outros " |
| "servidores SSH que estejam executando na porta 22, diferentes do OpenSSH (do " |
| "pacote openssh-server), o qual será desabilitado automaticamente se você " |
| "escolher 22 aqui." |
| #. Type: boolean |
| #. Description |
| #: ../lsh-server.templates:3001 |
| msgid "Enable the SFTP subsystem?" |
| msgstr "Habilitar o subsistema SFTP?" |
| #. Type: boolean |
| #. Description |
| #: ../lsh-server.templates:3001 |
| msgid "" |
| "Please choose whether you want to use the EXPERIMENTAL lsh SFTP support." |
| msgstr "" |
| "Por favor, escolha se você quer usar o suporte EXPERIMENTAL a SFTP do lsh." |
| #. Type: boolean |
| #. Description |
| #: ../lsh-server.templates:3001 |
| msgid "" |
| "Since it is experimental, the default is for it to be disabled, but it can " |
| "be enabled now or later by manually changing /etc/default/lsh-server." |
| msgstr "" |
| "Uma vez que é experimental, o padrão é que seja desabilitado, mas isso pode " |
| "ser habilitado agora ou mais tarde alterando /etc/default/lsh-server " |
| "manualmente." |
| #. Type: boolean |
| #. Description |
| #: ../lsh-server.templates:4001 |
| msgid "Remove host key on purge?" |
| msgstr "Remover chave da máquina ao expurgar?" |
| #. Type: boolean |
| #. Description |
| #: ../lsh-server.templates:4001 |
| msgid "" |
| "When this package is installed, a host key is generated to authenticate your " |
| "host." |
| msgstr "" |
| "Quando esse pacote é instalado, uma chave da máquina é gerada para " |
| "autenticar a sua máquina." |
| #. Type: boolean |
| #. Description |
| #: ../lsh-server.templates:4001 |
| msgid "" |
| "Please choose whether you want to purge the host key when the package is " |
| "removed." |
| msgstr "" |
| "Por favor, escolha se você quer expurgar a chave da máquina quando o pacote " |
| "for removido." |
| #. Type: string |
| #. Description |
| #: ../lsh-server.templates:5001 |
| msgid "Additional arguments to pass to lshd:" |
| msgstr "Argumentos adicionais para passar ao lshd:" |