summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2007-11-08 20:00:06 +0000
committerColin Watson <cjwatson@debian.org>2007-11-08 20:00:06 +0000
commit67d535a2fbf5ce66b56e28ca8337c2955abde102 (patch)
tree317d338a5a6dece9bf714966f9301ed41bcfc94c
parentd818766bb7e522cd5cfa5a1671d6eb9169dfc4c7 (diff)
* Fix sshd/inittab advice in README.Debian to account for rc.d movement
(closes: #450632).
Diffstat
-rw-r--r--debian/README.Debian2
-rw-r--r--debian/changelog2
-rw-r--r--gss-genr.c31
3 files changed, 34 insertions, 1 deletions
diff --git a/debian/README.Debian b/debian/README.Debian
index 6b7ce8691..fd65df66e 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -250,7 +250,7 @@ stop'), add the following line to /etc/inittab, and run 'telinit q':
250 ss:2345:respawn:/usr/sbin/sshd -D 250 ss:2345:respawn:/usr/sbin/sshd -D
251 251
252If you do this, note that you will need to stop sshd being started in the 252If you do this, note that you will need to stop sshd being started in the
253normal way ('rm -f /etc/rc[2345].d/S20ssh') and that you will need to 253normal way ('rm -f /etc/rc[2345].d/S16ssh') and that you will need to
254restart this sshd manually on upgrades. 254restart this sshd manually on upgrades.
255 255
256-- 256--
diff --git a/debian/changelog b/debian/changelog
index 2f9239b30..44996ca79 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,8 @@ openssh (1:4.6p1-6) UNRELEASED; urgency=low
7 Pospisek; closes: #441817). 7 Pospisek; closes: #441817).
8 * Discard error output from dpkg-query in preinsts, in case the ssh 8 * Discard error output from dpkg-query in preinsts, in case the ssh
9 metapackage is not installed. 9 metapackage is not installed.
10 * Fix sshd/inittab advice in README.Debian to account for rc.d movement
11 (closes: #450632).
10 * debconf template translations: 12 * debconf template translations:
11 - Add Slovak (thanks, Ivan Masár; closes: #441690). 13 - Add Slovak (thanks, Ivan Masár; closes: #441690).
12 - Update Brazilian Portuguese (thanks, Eder L. Marques; 14 - Update Brazilian Portuguese (thanks, Eder L. Marques;
diff --git a/gss-genr.c b/gss-genr.c
index 42f942b58..6eb8e4754 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -44,6 +44,11 @@
44#include "kex.h" 44#include "kex.h"
45#include <openssl/evp.h> 45#include <openssl/evp.h>
46 46
47#ifdef KRB5
48# include <krb5.h>
49# include <profile.h>
50#endif /* KRB5 */
51
47#include "ssh-gss.h" 52#include "ssh-gss.h"
48 53
49extern u_char *session_id2; 54extern u_char *session_id2;
@@ -290,6 +295,32 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
290void 295void
291ssh_gssapi_build_ctx(Gssctxt **ctx) 296ssh_gssapi_build_ctx(Gssctxt **ctx)
292{ 297{
298#ifdef KRB5
299 static int gss_configured = 0;
300
301 if (!gss_configured) {
302 /* Tell the GSSAPI library not to canonicalise names. */
303 krb5_context krb5_ctx;
304 profile_t profile;
305 krb5_error_code problem;
306
307 problem = krb5_init_context(&krb5_ctx);
308 if (!problem) {
309 problem = krb5_get_profile(krb5_ctx, &profile);
310 if (!problem) {
311 const char *names[3];
312 names[0] = "libdefaults";
313 names[1] = "rdns";
314 names[2] = 0;
315 profile_clear_relation(profile, names);
316 profile_add_relation(profile, names, "n");
317 }
318 }
319
320 gss_configured = 1;
321 }
322#endif /* KRB5 */
323
293 *ctx = xcalloc(1, sizeof (Gssctxt)); 324 *ctx = xcalloc(1, sizeof (Gssctxt));
294 (*ctx)->context = GSS_C_NO_CONTEXT; 325 (*ctx)->context = GSS_C_NO_CONTEXT;
295 (*ctx)->name = GSS_C_NO_NAME; 326 (*ctx)->name = GSS_C_NO_NAME;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 01:46:12 +0000