* Fix sshd/inittab advice in README.Debian to account for rc.d movement

(closes: #450632).
author: Colin Watson <cjwatson@debian.org> 2007-11-08 20:00:06 +0000
committer: Colin Watson <cjwatson@debian.org> 2007-11-08 20:00:06 +0000
commit: 67d535a2fbf5ce66b56e28ca8337c2955abde102 (patch)
tree: 317d338a5a6dece9bf714966f9301ed41bcfc94c /gss-genr.c
parent: d818766bb7e522cd5cfa5a1671d6eb9169dfc4c7 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/gss-genr.c b/gss-genr.c
index 42f942b58..6eb8e4754 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -44,6 +44,11 @@
 #include "kex.h"
 #include <openssl/evp.h>
+#ifdef KRB5
+# include <krb5.h>
+# include <profile.h>
+#endif /* KRB5 */
 #include "ssh-gss.h"
 extern u_char *session_id2;
@@ -290,6 +295,32 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
 void
 ssh_gssapi_build_ctx(Gssctxt **ctx)
 {
+#ifdef KRB5
+        static int gss_configured = 0;
+        if (!gss_configured) {
+                /* Tell the GSSAPI library not to canonicalise names. */
+                krb5_context krb5_ctx;
+                profile_t profile;
+                krb5_error_code problem;
+                problem = krb5_init_context(&krb5_ctx);
+                if (!problem) {
+                        problem = krb5_get_profile(krb5_ctx, &profile);
+                        if (!problem) {
+                                const char *names[3];
+                                names[0] = "libdefaults";
+                                names[1] = "rdns";
+                                names[2] = 0;
+                                profile_clear_relation(profile, names);
+                                profile_add_relation(profile, names, "n");
+                        }
+                }
+                gss_configured = 1;
+        }
+#endif /* KRB5 */
        *ctx = xcalloc(1, sizeof (Gssctxt));
        (*ctx)->context = GSS_C_NO_CONTEXT;
        (*ctx)->name = GSS_C_NO_NAME;
author	Colin Watson <cjwatson@debian.org>	2007-11-08 20:00:06 +0000
committer	Colin Watson <cjwatson@debian.org>	2007-11-08 20:00:06 +0000
commit	67d535a2fbf5ce66b56e28ca8337c2955abde102 (patch)
tree	317d338a5a6dece9bf714966f9301ed41bcfc94c /gss-genr.c
parent	d818766bb7e522cd5cfa5a1671d6eb9169dfc4c7 (diff)

diff --git a/gss-genr.c b/gss-genr.c index 42f942b58..6eb8e4754 100644 --- a/gss-genr.c +++ b/gss-genr.c
@@ -44,6 +44,11 @@
44	#include "kex.h"	44	#include "kex.h"
45	#include <openssl/evp.h>	45	#include <openssl/evp.h>
46		46
		47	#ifdef KRB5
		48	# include <krb5.h>
		49	# include <profile.h>
		50	#endif /* KRB5 */
		51
47	#include "ssh-gss.h"	52	#include "ssh-gss.h"
48		53
49	extern u_char *session_id2;	54	extern u_char *session_id2;
@@ -290,6 +295,32 @@ ssh_gssapi_last_error(Gssctxt ctxt, OM_uint32 major_status,
290	void	295	void
291	ssh_gssapi_build_ctx(Gssctxt **ctx)	296	ssh_gssapi_build_ctx(Gssctxt **ctx)
292	{	297	{
		298	#ifdef KRB5
		299	static int gss_configured = 0;
		300
		301	if (!gss_configured) {
		302	/* Tell the GSSAPI library not to canonicalise names. */
		303	krb5_context krb5_ctx;
		304	profile_t profile;
		305	krb5_error_code problem;
		306
		307	problem = krb5_init_context(&krb5_ctx);
		308	if (!problem) {
		309	problem = krb5_get_profile(krb5_ctx, &profile);
		310	if (!problem) {
		311	const char *names[3];
		312	names[0] = "libdefaults";
		313	names[1] = "rdns";
		314	names[2] = 0;
		315	profile_clear_relation(profile, names);
		316	profile_add_relation(profile, names, "n");
		317	}
		318	}
		319
		320	gss_configured = 1;
		321	}
		322	#endif /* KRB5 */
		323
293	*ctx = xcalloc(1, sizeof (Gssctxt));	324	*ctx = xcalloc(1, sizeof (Gssctxt));
294	(*ctx)->context = GSS_C_NO_CONTEXT;	325	(*ctx)->context = GSS_C_NO_CONTEXT;
295	(*ctx)->name = GSS_C_NO_NAME;	326	(*ctx)->name = GSS_C_NO_NAME;