Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set

2014-05-19 12:39:27 +02:00 · 2014-05-19 12:39:27 +02:00 · 36116fbf1f
parent 5eab591ecf
commit 36116fbf1f
2 changed files with 63 additions and 0 deletions
--- a/openssh-6.2p2-legacy-ssh-copy-id.patch
+++ b/openssh-6.2p2-legacy-ssh-copy-id.patch
@ -0,0 +1,59 @@
+diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id
+index 9f2817b..1530f6f 100644
+--- a/contrib/ssh-copy-id
+++ b/contrib/ssh-copy-id
+@@ -77,7 +77,7 @@ use_id_file() {
+     PUB_ID_FILE="$L_ID_FILE.pub"
+   fi
+ 
+-  PRIV_ID_FILE=$(dirname "$PUB_ID_FILE")/$(basename "$PUB_ID_FILE" .pub)
+  [ "x$SSH_COPY_ID_LEGACY" != "x" ] || PRIV_ID_FILE=$(dirname "$PUB_ID_FILE")/$(basename "$PUB_ID_FILE" .pub)
+ 
+   # check that the files are readable
+   for f in $PUB_ID_FILE $PRIV_ID_FILE ; do
+@@ -243,7 +243,7 @@ populate_new_ids() {
+   printf '%s: INFO: %d key(s) remain to be installed -- if you are prompted now it is to install the new keys\n' "$0" "$(printf '%s\n' "$NEW_IDS" | wc -l)" >&2
+ }
+ 
+-REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' "$@" 2>&1 |
+[ "x$SSH_COPY_ID_LEGACY" != "x" ] || REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' "$@" 2>&1 |
+                  sed -ne 's/.*remote software version //p')
+ 
+ case "$REMOTE_VERSION" in
+@@ -268,7 +268,11 @@ case "$REMOTE_VERSION" in
+     ;;
+   *)
+     # Assuming that the remote host treats ~/.ssh/authorized_keys as one might expect
+-    populate_new_ids 0
+    if [ "x$SSH_COPY_ID_LEGACY" != "x" ]; then
+      NEW_IDS=`eval "$GET_ID"`
+    else
+      populate_new_ids 0
+    fi
+     [ "$DRY_RUN" ] || printf '%s\n' "$NEW_IDS" | ssh "$@" "
+ 		umask 077 ;
+ 		mkdir -p .ssh && cat >> .ssh/authorized_keys || exit 1 ;
+diff --git a/contrib/ssh-copy-id.1 b/contrib/ssh-copy-id.1
+index 67a59e4..edbf56f 100644
+--- a/contrib/ssh-copy-id.1
+++ b/contrib/ssh-copy-id.1
+@@ -180,6 +180,19 @@ should prove enlightening (N.B. the modern approach is to use the
+ .Fl W
+ option, rather than
+ .Xr nc 1 ) .
+.Sh ENVIRONMENT
+.Bl -tag -width Ds
+.Pp
+.It Pa SSH_COPY_ID_LEGACY
+If the 
+.Cm SSH_COPY_ID_LEGACY
+environment variable is set, the
+.Nm
+is run in a legacy mode. In this mode, the 
+.Nm
+doesn't check an existence of a private key and doesn't do remote checks
+of the remote server versions or if public keys are already installed.
+.El
+ .Sh "SEE ALSO"
+ .Xr ssh 1 ,
+ .Xr ssh-agent 1 ,
--- a/openssh.spec
+++ b/openssh.spec
@ -188,6 +188,9 @@ Patch908: openssh-6.2p2-sftp-multibyte.patch
 Patch909: openssh-6.2p2-ssh_gai_strerror.patch
 # increase the size of the Diffie-Hellman groups (#1010607)
 Patch910: openssh-6.2p2-increase-size-of-DF-groups.patch
+# Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set
+# http://bugzilla.mindrot.org/show_bug.cgi?id=2110
+Patch911: openssh-6.2p2-legacy-ssh-copy-id.patch


 License: BSD
@ -411,6 +414,7 @@ popd
 %patch908 -p1 -b .sftp-multibyte
 %patch909 -p1 -b .ssh_gai_strerror
 %patch910 -p1 -b .dh
+%patch911 -p1 -b .legacy-ssh-copy-id

 %if 0
 # Nothing here yet