Remove redundant patches
Related: RHEL-42635
This commit is contained in:
Dmitry Belyavskiy
parent
262bb33bcb
commit
01503ba517
@ -1,33 +0,0 @@
|
|||||||
diff -up openssh-9.8p1/sshd-session.c.xxx openssh-9.8p1/sshd-session.c
|
|
||||||
--- openssh-9.8p1/sshd-session.c.xxx 2024-08-26 13:23:33.071882129 +0200
|
|
||||||
+++ openssh-9.8p1/sshd-session.c 2024-08-26 13:26:02.990528767 +0200
|
|
||||||
@@ -1229,8 +1229,9 @@ main(int ac, char **av)
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
- if (!have_key)
|
|
||||||
- fatal("internal error: monitor received no hostkeys");
|
|
||||||
+ /* The GSSAPI key exchange can run without a host key */
|
|
||||||
+ if (!have_key && !options.gss_keyex)
|
|
||||||
+ fatal("internal error: monitor received no hostkeys and GSS KEX is not configured");
|
|
||||||
|
|
||||||
/* Ensure that umask disallows at least group and world write */
|
|
||||||
new_umask = umask(0077) | 0022;
|
|
||||||
@@ -1565,7 +1565,7 @@ do_ssh2_kex(struct ssh *ssh)
|
|
||||||
if (gss && orig)
|
|
||||||
xasprintf(&newstr, "%s,%s", gss, orig);
|
|
||||||
else if (gss)
|
|
||||||
- newstr = gss;
|
|
||||||
+ xasprintf(&newstr, "%s,%s", gss, "kex-strict-s-v00@openssh.com");
|
|
||||||
else if (orig)
|
|
||||||
newstr = orig;
|
|
||||||
|
|
||||||
@@ -1575,7 +1575,7 @@ do_ssh2_kex(struct ssh *ssh)
|
|
||||||
* host key algorithm we support
|
|
||||||
*/
|
|
||||||
if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0)
|
|
||||||
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null";
|
|
||||||
+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = xstrdup("null");
|
|
||||||
|
|
||||||
if (newstr)
|
|
||||||
myproposal[PROPOSAL_KEX_ALGS] = newstr;
|
|
||||||
@ -1,47 +0,0 @@
|
|||||||
diff --color -ruNp a/auth2-gss.c b/auth2-gss.c
|
|
||||||
--- a/auth2-gss.c 2024-08-26 16:41:44.853553353 +0200
|
|
||||||
+++ b/auth2-gss.c 2024-08-26 16:57:07.478155469 +0200
|
|
||||||
@@ -51,6 +51,7 @@
|
|
||||||
#define SSH_GSSAPI_MAX_MECHS 2048
|
|
||||||
|
|
||||||
extern ServerOptions options;
|
|
||||||
+extern struct authmethod_cfg methodcfg_gsskeyex;
|
|
||||||
extern struct authmethod_cfg methodcfg_gssapi;
|
|
||||||
|
|
||||||
static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh);
|
|
||||||
@@ -375,12 +376,6 @@ input_gssapi_mic(int type, u_int32_t ple
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
-struct authmethod_cfg methodcfg_gsskeyex = {
|
|
||||||
- "gssapi-keyex",
|
|
||||||
- NULL,
|
|
||||||
- &options.gss_authentication
|
|
||||||
-};
|
|
||||||
-
|
|
||||||
Authmethod method_gsskeyex = {
|
|
||||||
&methodcfg_gsskeyex,
|
|
||||||
userauth_gsskeyex,
|
|
||||||
diff --color -ruNp a/auth2-methods.c b/auth2-methods.c
|
|
||||||
--- a/auth2-methods.c 2024-08-26 16:41:44.794552226 +0200
|
|
||||||
+++ b/auth2-methods.c 2024-08-26 16:57:17.047338002 +0200
|
|
||||||
@@ -50,6 +50,11 @@ struct authmethod_cfg methodcfg_pubkey =
|
|
||||||
&options.pubkey_authentication
|
|
||||||
};
|
|
||||||
#ifdef GSSAPI
|
|
||||||
+struct authmethod_cfg methodcfg_gsskeyex = {
|
|
||||||
+ "gssapi-keyex",
|
|
||||||
+ NULL,
|
|
||||||
+ &options.gss_authentication
|
|
||||||
+};
|
|
||||||
struct authmethod_cfg methodcfg_gssapi = {
|
|
||||||
"gssapi-with-mic",
|
|
||||||
NULL,
|
|
||||||
@@ -76,6 +81,7 @@ static struct authmethod_cfg *authmethod
|
|
||||||
&methodcfg_none,
|
|
||||||
&methodcfg_pubkey,
|
|
||||||
#ifdef GSSAPI
|
|
||||||
+ &methodcfg_gsskeyex,
|
|
||||||
&methodcfg_gssapi,
|
|
||||||
#endif
|
|
||||||
&methodcfg_passwd,
|
|
||||||
Loading…
Reference in New Issue
Block a user