3 files changed, 14 insertions, 141 deletions
diff --git a/sysutils/tmate/files/patch-options-table.c b/sysutils/tmate/files/patch-options-table.c
index 4400b5c98455..ce8ac2caa94d 100644
--- a/sysutils/tmate/files/patch-options-table.c
+++ b/sysutils/tmate/files/patch-options-table.c
@@ -1,40 +1,25 @@
---- options-table.c.orig	2016-03-29 03:30:07 UTC
+--- options-table.c.orig	2020-07-17 03:22:27 UTC
 +++ options-table.c
-@@ -925,15 +925,34 @@ const struct options_table_entry options_table[] = {
+@@ -925,19 +925,19 @@ const struct options_table_entry options_table[] = {
  	{ .name = "tmate-server-rsa-fingerprint",
  	  .type = OPTIONS_TABLE_STRING,
  	  .scope = OPTIONS_TABLE_SERVER,
--	  .default_str = "af:2d:81:c1:fe:49:70:2d:7f:09:a9:d7:4b:32:e3:be"
-+	  .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"
+-	  .default_str = "SHA256:Hthk2T/M/Ivqfk1YYUn5ijC2Att3+UPzD7Rn72P5VWs"
++	  .default_str = "SHA256:0000000000000000000000000000000000000000000"
  	},
  
  	{ .name = "tmate-server-ecdsa-fingerprint",
  	  .type = OPTIONS_TABLE_STRING,
  	  .scope = OPTIONS_TABLE_SERVER,
--	  .default_str = "c7:a1:51:36:d2:bb:35:4b:0a:1a:c0:43:97:74:ea:42"
-+	  .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"
+-	  .default_str = "SHA256:8GmKHYHEJ6n0TEdciHeEGkKOigQfCFuBULdt6vZIhDc"
++	  .default_str = "SHA256:0000000000000000000000000000000000000000000"
  	},
--
-+	{ .name = "tmate-server-dss-fingerprint",
-+	  .type = OPTIONS_TABLE_STRING,
-+	  .scope = OPTIONS_TABLE_SERVER,
-+	  .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"
-+	},
-+	{ .name = "tmate-server-ed25519-fingerprint",
-+	  .type = OPTIONS_TABLE_STRING,
-+	  .scope = OPTIONS_TABLE_SERVER,
-+	  .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"
-+	},
-+	{ .name = "tmate-server-dss-cert01-fingerprint",
-+	  .type = OPTIONS_TABLE_STRING,
-+	  .scope = OPTIONS_TABLE_SERVER,
-+	  .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"
-+	},
-+	{ .name = "tmate-server-rsa-cert01-fingerprint",
-+	  .type = OPTIONS_TABLE_STRING,
-+	  .scope = OPTIONS_TABLE_SERVER,
-+	  .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"
-+	},
+ 
+ 	{ .name = "tmate-server-ed25519-fingerprint",
+ 	  .type = OPTIONS_TABLE_STRING,
+ 	  .scope = OPTIONS_TABLE_SERVER,
+-	  .default_str = "SHA256:jfttvoypkHiQYUqUCwKeqd9d1fJj/ZiQlFOHVl6E9sI"
++	  .default_str = "SHA256:0000000000000000000000000000000000000000000"
+ 	},
+ 
  	{ .name = "tmate-display-time",
- 	  .type = OPTIONS_TABLE_NUMBER,
- 	  .scope = OPTIONS_TABLE_SESSION,
diff --git a/sysutils/tmate/files/patch-tmate-session.c b/sysutils/tmate/files/patch-tmate-session.c
deleted file mode 100644
index dbf7cfef2808..000000000000
--- a/sysutils/tmate/files/patch-tmate-session.c
+++ /dev/null
@@ -1,10 +0,0 @@
---- tmate-session.c.orig	2016-03-29 03:30:07 UTC
-+++ tmate-session.c
-@@ -8,6 +8,7 @@
- #include <stdlib.h>
- #include <string.h>
- #include <assert.h>
-+#include <netinet/in.h>
- 
- #include "tmate.h"
- 
diff --git a/sysutils/tmate/files/patch-tmate-ssh-client.c b/sysutils/tmate/files/patch-tmate-ssh-client.c
deleted file mode 100644
index 0e6b0d88a27b..000000000000
--- a/sysutils/tmate/files/patch-tmate-ssh-client.c
+++ /dev/null
@@ -1,102 +0,0 @@
---- tmate-ssh-client.c.orig	2016-03-29 03:30:07 UTC
-+++ tmate-ssh-client.c
-@@ -3,6 +3,7 @@
- #include <stdio.h>
- #include <event.h>
- #include <assert.h>
-+#include <netinet/in.h>
- 
- #include "tmate.h"
- #include "window-copy.h"
-@@ -195,6 +196,7 @@ static void on_ssh_client_event(struct tmate_ssh_clien
- 	ssize_t hash_len;
- 	char *hash_str;
- 	const char *server_hash_str;
-+	const char *key_type_name;
- 	int match;
- 
- 	int verbosity = SSH_LOG_NOLOG + log_get_level();
-@@ -257,43 +259,80 @@ static void on_ssh_client_event(struct tmate_ssh_clien
- 		}
- 
- 	case SSH_AUTH_SERVER:
-+		tmate_debug("Starting SSH_AUTH_SERVER");
- 		if (ssh_get_publickey(session, &pubkey) < 0)
- 			tmate_fatal("ssh_get_publickey");
- 
--		if (ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_MD5, &hash, &hash_len) < 0) {
-+		if (ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_SHA1, &hash, &hash_len) < 0) {
-+			tmate_debug("failed to get public key hash");
- 			kill_ssh_client(client, "Cannot authenticate server");
- 			return;
- 		}
-+		tmate_debug("got public key hash");
- 
- 		hash_str = ssh_get_hexa(hash, hash_len);
- 		if (!hash_str)
- 			tmate_fatal("malloc failed");
- 
- 		key_type = ssh_key_type(pubkey);
-+		key_type_name = ssh_key_type_to_char(key_type);
-+		if (key_type_name == NULL) {
-+			tmate_debug("failed to get public key type name");
-+			return;
-+		}
- 
- 		switch (key_type) {
- 		case SSH_KEYTYPE_RSA:
- 			server_hash_str = options_get_string(global_options,
- 						"tmate-server-rsa-fingerprint");
-+			tmate_debug("found rsa fingerprint");
- 			break;
- 		case SSH_KEYTYPE_ECDSA:
- 			server_hash_str = options_get_string(global_options,
- 						"tmate-server-ecdsa-fingerprint");
-+			tmate_debug("found ecdsa fingerprint");
- 			break;
-+		case SSH_KEYTYPE_DSS:
-+			server_hash_str = options_get_string(global_options,
-+						"tmate-server-dss-fingerprint");
-+			tmate_debug("found dss fingerprint");
-+			break;
-+		case SSH_KEYTYPE_ED25519:
-+			server_hash_str = options_get_string(global_options,
-+						"tmate-server-ed25519-fingerprint");
-+			tmate_debug("found ed25519 fingerprint");
-+			break;
-+		case SSH_KEYTYPE_DSS_CERT01:
-+			server_hash_str = options_get_string(global_options,
-+						"tmate-server-dss-cert01-fingerprint");
-+			tmate_debug("found dss_cert01 fingerprint");
-+			break;
-+		case SSH_KEYTYPE_RSA_CERT01:
-+			server_hash_str = options_get_string(global_options,
-+						"tmate-server-rsa-cert01-fingerprint");
-+			tmate_debug("found rsa_cert01 fingerprint");
-+			break;
-+		case SSH_KEYTYPE_UNKNOWN:
-+			tmate_debug("found unknown fingerprint?");
-+			break;
- 		default:
- 			server_hash_str = "";
-+			tmate_debug("found no fingerprint?");
- 		}
- 
- 		match = !strcmp(hash_str, server_hash_str);
- 
- 		ssh_key_free(pubkey);
- 		ssh_clean_pubkey_hash(&hash);
--		free(hash_str);
- 
- 		if (!match) {
--			kill_ssh_client(client, "Cannot authenticate server");
-+			tmate_debug("Key mismatch: type: %s expected: %s found: %s", key_type_name, server_hash_str, hash_str);
-+			kill_ssh_client(client, "Cannot authenticate server: Key mismatch: type: %s expected: %s found: %s", key_type_name, server_hash_str, hash_str);
-+			free(hash_str);
- 			return;
- 		}
-+
-+		free(hash_str);
- 
- 		/*
- 		 * At this point, we abort other connection attempts to the