From: Marcin Krol Date: Thu, 6 Feb 2014 07:35:50 +0000 (+0000) Subject: - merged updated kuserok patch from PLD X-Git-Url: https://git.tld-linux.org/?a=commitdiff_plain;h=ef2eeb1d3e5086052ae812f1eea0af73ee18e4f7;p=packages%2Fopenssh.git - merged updated kuserok patch from PLD --- diff --git a/openssh-kuserok.patch b/openssh-kuserok.patch index 665b374..c221dce 100644 --- a/openssh-kuserok.patch +++ b/openssh-kuserok.patch @@ -22,7 +22,7 @@ diff -up openssh-5.8p1/auth-krb5.c.kuserok openssh-5.8p1/auth-krb5.c static int krb5_init(void *context) { -@@ -157,7 +171,7 @@ auth_krb5_password(Authctxt *authctxt, c +@@ -146,7 +160,7 @@ auth_krb5_password(Authctxt *authctxt, c if (problem) goto out; @@ -43,7 +43,7 @@ diff -up openssh-5.8p1/gss-serv-krb5.c.kuserok openssh-5.8p1/gss-serv-krb5.c /* Initialise the krb5 library, for the stuff that GSSAPI won't do */ @@ -97,7 +98,7 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client - krb5_get_err_text(krb_context, retval)); + krb5_free_error_message(krb_context, errmsg); return 0; } - if (krb5_kuserok(krb_context, princ, name)) { @@ -61,10 +61,10 @@ diff -up openssh-5.8p1/servconf.c.kuserok openssh-5.8p1/servconf.c + options->use_kuserok = -1; options->adm_forced_command = NULL; options->chroot_directory = NULL; - options->zero_knowledge_password_authentication = -1; + options->authorized_keys_command = NULL; @@ -291,6 +292,8 @@ fill_default_server_options(ServerOption if (use_privsep == -1) - use_privsep = 1; + use_privsep = PRIVSEP_NOSANDBOX; + if (options->use_kuserok == -1) + options->use_kuserok = 1; @@ -111,8 +111,8 @@ diff -up openssh-5.8p1/servconf.c.kuserok openssh-5.8p1/servconf.c M_CP_INTOPT(rekey_interval); + M_CP_INTOPT(use_kuserok); - M_CP_STROPT(banner); - if (preauth) + /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ + #define M_CP_STROPT(n) do {\ @@ -1764,6 +1774,7 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sUseDNS, o->use_dns); dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); @@ -153,7 +153,7 @@ diff -up openssh-5.8p1/sshd_config.5.kuserok openssh-5.8p1/sshd_config.5 +.Cm KerberosUseKuserok , .Cm MaxAuthTries , .Cm MaxSessions , - .Cm PubkeyAuthentication , + .Cm PasswordAuthentication , diff -up openssh-5.8p1/sshd_config.kuserok openssh-5.8p1/sshd_config --- openssh-5.8p1/sshd_config.kuserok 2011-02-14 09:15:12.000000000 +0100 +++ openssh-5.8p1/sshd_config 2011-02-14 09:15:12.000000000 +0100 diff --git a/openssh.spec b/openssh.spec index 3184d78..1399892 100644 --- a/openssh.spec +++ b/openssh.spec @@ -30,7 +30,7 @@ Summary(ru.UTF-8): OpenSSH - свободная реализация прото Summary(uk.UTF-8): OpenSSH - вільна реалізація протоколу Secure Shell (SSH) Name: openssh Version: 6.5p1 -Release: 1 +Release: 2 Epoch: 2 License: BSD Group: Applications/Networking