adjust gss kex mechanism to the upstream changes (#1024004)

2013-10-31 11:30:12 +01:00 · 2013-10-31 11:30:12 +01:00 · 3834483295
commit 3834483295
parent 7feb965804
1 changed files with 18 additions and 3 deletions
--- a/openssh-6.3p1-gsskex.patch
+++ b/openssh-6.3p1-gsskex.patch
@ -1100,8 +1100,8 @@ diff -up openssh-6.3p1/gss-serv.c.gsskex openssh-6.3p1/gss-serv.c
 
 #endif
 diff -up openssh-6.3p1/kex.c.gsskex openssh-6.3p1/kex.c
--- openssh-6.3p1/kex.c.gsskex	2013-10-11 15:15:17.197216581 +0200
-+++ openssh-6.3p1/kex.c	2013-10-11 15:47:41.629242975 +0200
+--- openssh-6.3p1/kex.c.gsskex	2013-10-30 15:26:39.339608716 +0100
+++ openssh-6.3p1/kex.c	2013-10-31 10:50:41.254535382 +0100
@@ -51,6 +51,10 @@
 #include "roaming.h"
 #include "audit.h"
@ -1113,16 +1113,31 @@ diff -up openssh-6.3p1/kex.c.gsskex openssh-6.3p1/kex.c
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L
 # if defined(HAVE_EVP_SHA256)
 # define evp_ssh_sha256 EVP_sha256
-@@ -81,6 +85,9 @@ static const struct kexalg kexalgs[] = {
+@@ -81,6 +85,11 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 },
 	{ KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 },
 #endif
+#ifdef GSSAPI
 +	{ KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, EVP_sha1 },
 +	{ KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, EVP_sha1 },
 +	{ KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, EVP_sha1 },
+#endif
 	{ NULL, -1, -1, NULL},
 };
 
+@@ -110,6 +119,12 @@ kex_alg_by_name(const char *name)
+ 	for (k = kexalgs; k->name != NULL; k++) {
+ 		if (strcmp(k->name, name) == 0)
+ 			return k;
+#ifdef GSSAPI
+		if (strncmp(name, "gss-", 4) == 0) {
+			if (strncmp(k->name, name, strlen(k->name)) == 0)
+				return k;
+		}
+#endif
+ 	}
+ 	return NULL;
+ }
 diff -up openssh-6.3p1/kex.h.gsskex openssh-6.3p1/kex.h
 --- openssh-6.3p1/kex.h.gsskex	2013-10-11 15:15:17.197216581 +0200
 +++ openssh-6.3p1/kex.h	2013-10-11 15:43:21.757429309 +0200