Add chunk missed in the new upstream merge.

2011-09-09 18:06:02 +02:00 · 2011-09-09 18:06:02 +02:00 · fc87f2dced
commit fc87f2dced
parent 3b545be5d7
1 changed files with 45 additions and 33 deletions
--- a/openssh-5.9p1-akc.patch
+++ b/openssh-5.9p1-akc.patch
@ -1,6 +1,6 @@
-diff -up openssh-5.9p0/auth2-pubkey.c.akc openssh-5.9p0/auth2-pubkey.c
--- openssh-5.9p0/auth2-pubkey.c.akc	2011-09-05 14:26:19.008627855 +0200
-+++ openssh-5.9p0/auth2-pubkey.c	2011-09-05 14:26:21.125500355 +0200
+diff -up openssh-5.9p1/auth2-pubkey.c.akc openssh-5.9p1/auth2-pubkey.c
+--- openssh-5.9p1/auth2-pubkey.c.akc	2011-09-09 17:26:31.000000000 +0200
+++ openssh-5.9p1/auth2-pubkey.c	2011-09-09 17:28:15.000000000 +0200
@@ -27,6 +27,7 @@
 
 #include <sys/types.h>
@ -47,7 +47,7 @@ diff -up openssh-5.9p0/auth2-pubkey.c.akc openssh-5.9p0/auth2-pubkey.c
 	key_free(found);
 	if (!found_key)
 		debug2("key not found");
-@@ -452,7 +439,179 @@ user_cert_trusted_ca(struct passwd *pw,
+@@ -452,13 +439,191 @@ user_cert_trusted_ca(struct passwd *pw, 
 	return ret;
 }
 
@ -228,9 +228,21 @@ diff -up openssh-5.9p0/auth2-pubkey.c.akc openssh-5.9p0/auth2-pubkey.c
 int
 user_key_allowed(struct passwd *pw, Key *key)
 {
-diff -up openssh-5.9p0/configure.ac.akc openssh-5.9p0/configure.ac
--- openssh-5.9p0/configure.ac.akc	2011-08-18 06:48:24.000000000 +0200
-+++ openssh-5.9p0/configure.ac	2011-09-05 14:26:21.227601590 +0200
+ 	u_int success, i;
+ 	char *file;
+ 
+#ifdef WITH_AUTHORIZED_KEYS_COMMAND
+	success = user_key_via_command_allowed2(pw, key);
+	if (success > 0)
+		return success;
+#endif
+
+ 	if (auth_key_is_revoked(key))
+ 		return 0;
+ 	if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
+diff -up openssh-5.9p1/configure.ac.akc openssh-5.9p1/configure.ac
+--- openssh-5.9p1/configure.ac.akc	2011-08-18 06:48:24.000000000 +0200
+++ openssh-5.9p1/configure.ac	2011-09-09 17:26:31.000000000 +0200
@@ -1421,6 +1421,18 @@ AC_ARG_WITH([audit],
 	esac ]
 )
@ -258,10 +270,10 @@ diff -up openssh-5.9p0/configure.ac.akc openssh-5.9p0/configure.ac
 echo "              MD5 password support: $MD5_MSG"
 echo "                   libedit support: $LIBEDIT_MSG"
 echo "  Solaris process contract support: $SPC_MSG"
-diff -up openssh-5.9p0/servconf.c.akc openssh-5.9p0/servconf.c
--- openssh-5.9p0/servconf.c.akc	2011-09-05 14:26:08.430440620 +0200
-+++ openssh-5.9p0/servconf.c	2011-09-05 14:26:21.386571209 +0200
-@@ -139,6 +139,8 @@ initialize_server_options(ServerOptions
+diff -up openssh-5.9p1/servconf.c.akc openssh-5.9p1/servconf.c
+--- openssh-5.9p1/servconf.c.akc	2011-09-09 17:26:30.000000000 +0200
+++ openssh-5.9p1/servconf.c	2011-09-09 17:26:31.000000000 +0200
+@@ -139,6 +139,8 @@ initialize_server_options(ServerOptions 
 	options->num_permitted_opens = -1;
 	options->adm_forced_command = NULL;
 	options->chroot_directory = NULL;
@ -331,9 +343,9 @@ diff -up openssh-5.9p0/servconf.c.akc openssh-5.9p0/servconf.c
 
 	/* string arguments requiring a lookup */
 	dump_cfg_string(sLogLevel, log_level_name(o->log_level));
-diff -up openssh-5.9p0/servconf.h.akc openssh-5.9p0/servconf.h
--- openssh-5.9p0/servconf.h.akc	2011-09-05 14:26:08.536478884 +0200
-+++ openssh-5.9p0/servconf.h	2011-09-05 14:26:21.513500639 +0200
+diff -up openssh-5.9p1/servconf.h.akc openssh-5.9p1/servconf.h
+--- openssh-5.9p1/servconf.h.akc	2011-09-09 17:26:30.000000000 +0200
+++ openssh-5.9p1/servconf.h	2011-09-09 17:26:31.000000000 +0200
@@ -174,6 +174,8 @@ typedef struct {
 	char   *revoked_keys_file;
 	char   *trusted_user_ca_keys;
@ -343,9 +355,22 @@ diff -up openssh-5.9p0/servconf.h.akc openssh-5.9p0/servconf.h
 }       ServerOptions;
 
 /*
-diff -up openssh-5.9p0/sshd_config.0.akc openssh-5.9p0/sshd_config.0
--- openssh-5.9p0/sshd_config.0.akc	2011-08-29 16:30:02.000000000 +0200
-+++ openssh-5.9p0/sshd_config.0	2011-09-05 14:26:21.880500451 +0200
+diff -up openssh-5.9p1/sshd_config.akc openssh-5.9p1/sshd_config
+--- openssh-5.9p1/sshd_config.akc	2011-09-09 17:26:30.000000000 +0200
+++ openssh-5.9p1/sshd_config	2011-09-09 17:26:31.000000000 +0200
+@@ -49,6 +49,9 @@
+ # but this is overridden so installations will only check .ssh/authorized_keys
+ AuthorizedKeysFile	.ssh/authorized_keys
+ 
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandRunAs nobody
+
+ # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+ #RhostsRSAAuthentication no
+ # similar for protocol version 2
+diff -up openssh-5.9p1/sshd_config.0.akc openssh-5.9p1/sshd_config.0
+--- openssh-5.9p1/sshd_config.0.akc	2011-09-07 01:16:30.000000000 +0200
+++ openssh-5.9p1/sshd_config.0	2011-09-09 17:26:31.000000000 +0200
@@ -71,6 +71,23 @@ DESCRIPTION
 
              See PATTERNS in ssh_config(5) for more information on patterns.
@ -380,9 +405,9 @@ diff -up openssh-5.9p0/sshd_config.0.akc openssh-5.9p0/sshd_config.0
              Banner, ChrootDirectory, ForceCommand, GatewayPorts,
              GSSAPIAuthentication, HostbasedAuthentication,
              HostbasedUsesNameFromPacketOnly, KbdInteractiveAuthentication,
-diff -up openssh-5.9p0/sshd_config.5.akc openssh-5.9p0/sshd_config.5
--- openssh-5.9p0/sshd_config.5.akc	2011-09-05 14:26:08.750503994 +0200
-+++ openssh-5.9p0/sshd_config.5	2011-09-05 14:26:21.987502513 +0200
+diff -up openssh-5.9p1/sshd_config.5.akc openssh-5.9p1/sshd_config.5
+--- openssh-5.9p1/sshd_config.5.akc	2011-09-09 17:26:30.000000000 +0200
+++ openssh-5.9p1/sshd_config.5	2011-09-09 17:26:31.000000000 +0200
@@ -706,6 +706,8 @@ Available keywords are
 .Cm AllowAgentForwarding ,
 .Cm AllowTcpForwarding ,
@ -421,16 +446,3 @@ diff -up openssh-5.9p0/sshd_config.5.akc openssh-5.9p0/sshd_config.5
 .It Cm RhostsRSAAuthentication
 Specifies whether rhosts or /etc/hosts.equiv authentication together
 with successful RSA host authentication is allowed.
-diff -up openssh-5.9p0/sshd_config.akc openssh-5.9p0/sshd_config
--- openssh-5.9p0/sshd_config.akc	2011-09-05 14:26:08.000000000 +0200
-+++ openssh-5.9p0/sshd_config	2011-09-05 14:45:21.135479100 +0200
-@@ -49,6 +49,9 @@
- # but this is overridden so installations will only check .ssh/authorized_keys
- AuthorizedKeysFile	.ssh/authorized_keys
- 
-+#AuthorizedKeysCommand none
-+#AuthorizedKeysCommandRunAs nobody
-+
- # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
- #RhostsRSAAuthentication no
- # similar for protocol version 2