forked from rpms/openssh
fix gssapi canohost patch (#863350)
This commit is contained in:
Petr Lautrbach
parent
af2ebf77dc
commit
52c8eca4d9
@ -1,24 +0,0 @@
|
||||
diff -up openssh-5.8p1/sshconnect2.c.canohost openssh-5.8p1/sshconnect2.c
|
||||
--- openssh-5.8p1/sshconnect2.c.canohost 2011-02-14 15:15:15.000000000 +0100
|
||||
+++ openssh-5.8p1/sshconnect2.c 2011-02-14 15:21:45.000000000 +0100
|
||||
@@ -697,14 +697,17 @@ userauth_gssapi(Authctxt *authctxt)
|
||||
static u_int mech = 0;
|
||||
OM_uint32 min;
|
||||
int ok = 0;
|
||||
- const char *gss_host;
|
||||
+ const char *gss_host = NULL;
|
||||
|
||||
if (options.gss_server_identity)
|
||||
gss_host = options.gss_server_identity;
|
||||
else if (options.gss_trust_dns)
|
||||
gss_host = get_canonical_hostname(1);
|
||||
- else
|
||||
- gss_host = authctxt->host;
|
||||
+ else {
|
||||
+ gss_host = get_canonical_hostname(1);
|
||||
+ if ( strcmp( gss_host, "UNKNOWN" ) == 0 )
|
||||
+ gss_host = authctxt->host;
|
||||
+ }
|
||||
|
||||
/* Try one GSSAPI method at a time, rather than sending them all at
|
||||
* once. */
|
||||
21
openssh-6.1p1-gssapi-canohost.patch
Normal file
21
openssh-6.1p1-gssapi-canohost.patch
Normal file
@ -0,0 +1,21 @@
|
||||
diff -up openssh-6.1p1/sshconnect2.c.canohost openssh-6.1p1/sshconnect2.c
|
||||
--- openssh-6.1p1/sshconnect2.c.canohost 2012-10-30 10:52:59.593301692 +0100
|
||||
+++ openssh-6.1p1/sshconnect2.c 2012-10-30 11:01:12.870301632 +0100
|
||||
@@ -699,12 +699,15 @@ userauth_gssapi(Authctxt *authctxt)
|
||||
static u_int mech = 0;
|
||||
OM_uint32 min;
|
||||
int ok = 0;
|
||||
- const char *gss_host;
|
||||
+ const char *gss_host = NULL;
|
||||
|
||||
if (options.gss_server_identity)
|
||||
gss_host = options.gss_server_identity;
|
||||
- else if (options.gss_trust_dns)
|
||||
+ else if (options.gss_trust_dns) {
|
||||
gss_host = get_canonical_hostname(1);
|
||||
+ if ( strcmp( gss_host, "UNKNOWN" ) == 0 )
|
||||
+ gss_host = authctxt->host;
|
||||
+ }
|
||||
else
|
||||
gss_host = authctxt->host;
|
||||
|
||||
@ -204,9 +204,7 @@ Patch713: openssh-5.9p1-ctr-cavstest.patch
|
||||
Patch800: openssh-6.1p1-gsskex.patch
|
||||
#http://www.mail-archive.com/kerberos@mit.edu/msg17591.html
|
||||
Patch801: openssh-5.8p2-force_krb.patch
|
||||
|
||||
#?
|
||||
Patch900: openssh-5.8p1-gssapi-canohost.patch
|
||||
Patch900: openssh-6.1p1-gssapi-canohost.patch
|
||||
#https://bugzilla.mindrot.org/show_bug.cgi?id=1780
|
||||
Patch901: openssh-6.1p1-kuserok.patch
|
||||
#---
|
||||
|
||||
Loading…
Reference in New Issue
Block a user