/[pkgs]/devel/openssh/openssh-4.3p2-gssapi-canohost.patch
ViewVC logotype

Contents of /devel/openssh/openssh-4.3p2-gssapi-canohost.patch

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.2 - (show annotations) (download) (as text)
Mon Nov 2 11:29:47 2009 UTC (3 weeks, 1 day ago) by jfch2222
Branch: MAIN
CVS Tags: openssh-5_3p1-8_fc13, openssh-5_3p1-10_fc13, openssh-5_3p1-9_fc13, openssh-5_3p1-7_fc13, HEAD
Changes since 1.1: +11 -13 lines
File MIME type: text/x-patch 
Repair canohost patch to allow gssapi to work when host is acessed via pipe proxy
1 diff -up openssh-5.3p1/sshconnect2.c.canohost openssh-5.3p1/sshconnect2.c
2 --- openssh-5.3p1/sshconnect2.c.canohost 2009-03-05 14:58:22.000000000 +0100
3 +++ openssh-5.3p1/sshconnect2.c 2009-11-02 11:55:00.000000000 +0100
4 @@ -542,6 +542,12 @@ userauth_gssapi(Authctxt *authctxt)
5 static u_int mech = 0;
6 OM_uint32 min;
7 int ok = 0;
8 + char* remotehost = NULL;
9 + const char* canonicalhost = get_canonical_hostname(1);
10 + if ( strcmp( canonicalhost, "UNKNOWN" ) == 0 )
11 + remotehost = authctxt->host;
12 + else
13 + remotehost = canonicalhost;
14
15 /* Try one GSSAPI method at a time, rather than sending them all at
16 * once. */
17 @@ -554,7 +560,7 @@ userauth_gssapi(Authctxt *authctxt)
18 /* My DER encoding requires length<128 */
19 if (gss_supported->elements[mech].length < 128 &&
20 ssh_gssapi_check_mechanism(&gssctxt,
21 - &gss_supported->elements[mech], authctxt->host)) {
22 + &gss_supported->elements[mech], remotehost)) {
23 ok = 1; /* Mechanism works */
24 } else {
25 mech++;
admin@fedoraproject.org
 ViewVC Help
Powered by ViewVC 1.1.2