rpms/openssh/devel openssh-5.5p1-pka-ldap.patch, 1.6, 1.7 openssh.spec, 1.213, 1.214
Jan F. Chadima
jfch2222 at fedoraproject.org
Thu May 20 07:02:34 UTC 2010
Author: jfch2222
Update of /cvs/pkgs/rpms/openssh/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv671
Modified Files:
openssh-5.5p1-pka-ldap.patch openssh.spec
Log Message:
* Thu May 20 2010 Jan F. Chadima <jchadima at redhat.com> - 5.5p1-11 + 0.9.2-26
- Typo in ssh-ldap.conf(5) and ssh-ladap-helper(8)
openssh-5.5p1-pka-ldap.patch:
Makefile.in | 26 +
README.lpk | 274 +++++++++++++++++
auth2-pubkey.c | 158 +++++++++-
config.h.in | 94 +++++-
configure.ac | 114 +++++++
ldap-helper.c | 154 +++++++++
ldap-helper.h | 32 ++
ldap.conf | 88 +++++
ldapbody.c | 494 +++++++++++++++++++++++++++++++
ldapbody.h | 37 ++
ldapconf.c | 682 ++++++++++++++++++++++++++++++++++++++++++++
ldapconf.h | 71 ++++
ldapincludes.h | 41 ++
ldapmisc.c | 79 +++++
ldapmisc.h | 35 ++
lpk-user-example.txt | 117 +++++++
openssh-lpk-openldap.schema | 21 +
openssh-lpk-sun.schema | 23 +
servconf.c | 28 +
servconf.h | 2
ssh-ldap-helper.8 | 78 +++++
ssh-ldap.conf.5 | 373 ++++++++++++++++++++++++
sshd_config | 2
sshd_config.0 | 14
sshd_config.5 | 12
25 files changed, 3024 insertions(+), 25 deletions(-)
Index: openssh-5.5p1-pka-ldap.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh-5.5p1-pka-ldap.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -p -r1.6 -r1.7
--- openssh-5.5p1-pka-ldap.patch 14 May 2010 08:19:04 -0000 1.6
+++ openssh-5.5p1-pka-ldap.patch 20 May 2010 07:02:32 -0000 1.7
@@ -1,6 +1,6 @@
diff -up openssh-5.5p1/auth2-pubkey.c.pka openssh-5.5p1/auth2-pubkey.c
---- openssh-5.5p1/auth2-pubkey.c.pka 2010-05-14 08:19:01.000000000 +0200
-+++ openssh-5.5p1/auth2-pubkey.c 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/auth2-pubkey.c.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/auth2-pubkey.c 2010-05-20 07:11:47.000000000 +0200
@@ -186,27 +186,15 @@ done:
/* return 1 if user allows given key */
@@ -196,7 +196,7 @@ diff -up openssh-5.5p1/auth2-pubkey.c.pk
if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
diff -up openssh-5.5p1/config.h.in.pka openssh-5.5p1/config.h.in
--- openssh-5.5p1/config.h.in.pka 2010-04-16 02:17:09.000000000 +0200
-+++ openssh-5.5p1/config.h.in 2010-05-14 08:19:02.000000000 +0200
++++ openssh-5.5p1/config.h.in 2010-05-20 07:11:47.000000000 +0200
@@ -1,5 +1,8 @@
/* config.h.in. Generated from configure.ac by autoheader. */
@@ -362,8 +362,8 @@ diff -up openssh-5.5p1/config.h.in.pka o
/* Define if xauth is found in your path */
#undef XAUTH_PATH
diff -up openssh-5.5p1/configure.ac.pka openssh-5.5p1/configure.ac
---- openssh-5.5p1/configure.ac.pka 2010-05-14 08:19:01.000000000 +0200
-+++ openssh-5.5p1/configure.ac 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/configure.ac.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/configure.ac 2010-05-20 07:11:47.000000000 +0200
@@ -1346,6 +1346,118 @@ AC_ARG_WITH(audit,
esac ]
)
@@ -493,8 +493,8 @@ diff -up openssh-5.5p1/configure.ac.pka
echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
diff -up openssh-5.5p1/ldapbody.c.pka openssh-5.5p1/ldapbody.c
---- openssh-5.5p1/ldapbody.c.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldapbody.c 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldapbody.c.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldapbody.c 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,494 @@
+/* $OpenBSD: ldapbody.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -991,8 +991,8 @@ diff -up openssh-5.5p1/ldapbody.c.pka op
+}
+
diff -up openssh-5.5p1/ldapbody.h.pka openssh-5.5p1/ldapbody.h
---- openssh-5.5p1/ldapbody.h.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldapbody.h 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldapbody.h.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldapbody.h 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,37 @@
+/* $OpenBSD: ldapbody.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -1032,8 +1032,8 @@ diff -up openssh-5.5p1/ldapbody.h.pka op
+#endif /* LDAPBODY_H */
+
diff -up openssh-5.5p1/ldapconf.c.pka openssh-5.5p1/ldapconf.c
---- openssh-5.5p1/ldapconf.c.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldapconf.c 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldapconf.c.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldapconf.c 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,682 @@
+/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -1718,8 +1718,8 @@ diff -up openssh-5.5p1/ldapconf.c.pka op
+}
+
diff -up openssh-5.5p1/ldapconf.h.pka openssh-5.5p1/ldapconf.h
---- openssh-5.5p1/ldapconf.h.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldapconf.h 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldapconf.h.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldapconf.h 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,71 @@
+/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -1793,8 +1793,8 @@ diff -up openssh-5.5p1/ldapconf.h.pka op
+
+#endif /* LDAPCONF_H */
diff -up openssh-5.5p1/ldap.conf.pka openssh-5.5p1/ldap.conf
---- openssh-5.5p1/ldap.conf.pka 2010-05-14 08:31:43.000000000 +0200
-+++ openssh-5.5p1/ldap.conf 2010-05-14 08:47:57.000000000 +0200
+--- openssh-5.5p1/ldap.conf.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldap.conf 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,88 @@
+# $Id$
+#
@@ -1885,8 +1885,8 @@ diff -up openssh-5.5p1/ldap.conf.pka ope
+#tls_key
+
diff -up openssh-5.5p1/ldap-helper.c.pka openssh-5.5p1/ldap-helper.c
---- openssh-5.5p1/ldap-helper.c.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldap-helper.c 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldap-helper.c.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldap-helper.c 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,154 @@
+/* $OpenBSD: ssh-pka-ldap.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -2043,8 +2043,8 @@ diff -up openssh-5.5p1/ldap-helper.c.pka
+void buffer_put_string(Buffer *b, const void *f, u_int l) {}
+
diff -up openssh-5.5p1/ldap-helper.h.pka openssh-5.5p1/ldap-helper.h
---- openssh-5.5p1/ldap-helper.h.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldap-helper.h 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldap-helper.h.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldap-helper.h 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,32 @@
+/* $OpenBSD: ldap-helper.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -2079,8 +2079,8 @@ diff -up openssh-5.5p1/ldap-helper.h.pka
+
+#endif /* LDAP_HELPER_H */
diff -up openssh-5.5p1/ldapincludes.h.pka openssh-5.5p1/ldapincludes.h
---- openssh-5.5p1/ldapincludes.h.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldapincludes.h 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldapincludes.h.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldapincludes.h 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,41 @@
+/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -2124,8 +2124,8 @@ diff -up openssh-5.5p1/ldapincludes.h.pk
+
+#endif /* LDAPINCLUDES_H */
diff -up openssh-5.5p1/ldapmisc.c.pka openssh-5.5p1/ldapmisc.c
---- openssh-5.5p1/ldapmisc.c.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldapmisc.c 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldapmisc.c.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldapmisc.c 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,79 @@
+
+#include "ldapincludes.h"
@@ -2207,8 +2207,8 @@ diff -up openssh-5.5p1/ldapmisc.c.pka op
+#endif
+
diff -up openssh-5.5p1/ldapmisc.h.pka openssh-5.5p1/ldapmisc.h
---- openssh-5.5p1/ldapmisc.h.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ldapmisc.h 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/ldapmisc.h.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/ldapmisc.h 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,35 @@
+/* $OpenBSD: ldapbody.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
+/*
@@ -2246,8 +2246,8 @@ diff -up openssh-5.5p1/ldapmisc.h.pka op
+#endif /* LDAPMISC_H */
+
diff -up openssh-5.5p1/lpk-user-example.txt.pka openssh-5.5p1/lpk-user-example.txt
---- openssh-5.5p1/lpk-user-example.txt.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/lpk-user-example.txt 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/lpk-user-example.txt.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/lpk-user-example.txt 2010-05-20 07:11:47.000000000 +0200
@@ -0,0 +1,117 @@
+
+Post to ML -> User Made Quick Install Doc.
@@ -2368,7 +2368,7 @@ diff -up openssh-5.5p1/lpk-user-example.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff -up openssh-5.5p1/Makefile.in.pka openssh-5.5p1/Makefile.in
--- openssh-5.5p1/Makefile.in.pka 2010-03-13 22:41:34.000000000 +0100
-+++ openssh-5.5p1/Makefile.in 2010-05-14 08:51:17.000000000 +0200
++++ openssh-5.5p1/Makefile.in 2010-05-20 07:11:48.000000000 +0200
@@ -26,6 +26,7 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpas
SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
@@ -2453,8 +2453,8 @@ diff -up openssh-5.5p1/Makefile.in.pka o
tests interop-tests: $(TARGETS)
diff -up openssh-5.5p1/openssh-lpk-openldap.schema.pka openssh-5.5p1/openssh-lpk-openldap.schema
---- openssh-5.5p1/openssh-lpk-openldap.schema.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/openssh-lpk-openldap.schema 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/openssh-lpk-openldap.schema.pka 2010-05-20 07:11:48.000000000 +0200
++++ openssh-5.5p1/openssh-lpk-openldap.schema 2010-05-20 07:11:48.000000000 +0200
@@ -0,0 +1,21 @@
+#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey
@@ -2478,8 +2478,8 @@ diff -up openssh-5.5p1/openssh-lpk-openl
+ MUST ( sshPublicKey $ uid )
+ )
diff -up openssh-5.5p1/openssh-lpk-sun.schema.pka openssh-5.5p1/openssh-lpk-sun.schema
---- openssh-5.5p1/openssh-lpk-sun.schema.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/openssh-lpk-sun.schema 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/openssh-lpk-sun.schema.pka 2010-05-20 07:11:48.000000000 +0200
++++ openssh-5.5p1/openssh-lpk-sun.schema 2010-05-20 07:11:48.000000000 +0200
@@ -0,0 +1,23 @@
+#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey
@@ -2505,8 +2505,8 @@ diff -up openssh-5.5p1/openssh-lpk-sun.s
+ MUST ( sshPublicKey $ uid )
+ )
diff -up openssh-5.5p1/README.lpk.pka openssh-5.5p1/README.lpk
---- openssh-5.5p1/README.lpk.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/README.lpk 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/README.lpk.pka 2010-05-20 07:11:48.000000000 +0200
++++ openssh-5.5p1/README.lpk 2010-05-20 07:11:48.000000000 +0200
@@ -0,0 +1,274 @@
+OpenSSH LDAP PUBLIC KEY PATCH
+Copyright (c) 2003 Eric AUGE (eau at phear.org)
@@ -2783,8 +2783,8 @@ diff -up openssh-5.5p1/README.lpk.pka op
+ Jan F. Chadima <jchadima at redhat.com>
+
diff -up openssh-5.5p1/servconf.c.pka openssh-5.5p1/servconf.c
---- openssh-5.5p1/servconf.c.pka 2010-05-14 08:18:59.000000000 +0200
-+++ openssh-5.5p1/servconf.c 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/servconf.c.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/servconf.c 2010-05-20 07:11:48.000000000 +0200
@@ -129,6 +129,8 @@ initialize_server_options(ServerOptions
options->num_permitted_opens = -1;
options->adm_forced_command = NULL;
@@ -2856,8 +2856,8 @@ diff -up openssh-5.5p1/servconf.c.pka op
/* string arguments requiring a lookup */
dump_cfg_string(sLogLevel, log_level_name(o->log_level));
diff -up openssh-5.5p1/servconf.h.pka openssh-5.5p1/servconf.h
---- openssh-5.5p1/servconf.h.pka 2010-05-14 08:18:59.000000000 +0200
-+++ openssh-5.5p1/servconf.h 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/servconf.h.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/servconf.h 2010-05-20 07:11:48.000000000 +0200
@@ -157,6 +157,8 @@ typedef struct {
char *chroot_directory;
char *revoked_keys_file;
@@ -2868,8 +2868,8 @@ diff -up openssh-5.5p1/servconf.h.pka op
void initialize_server_options(ServerOptions *);
diff -up openssh-5.5p1/sshd_config.0.pka openssh-5.5p1/sshd_config.0
---- openssh-5.5p1/sshd_config.0.pka 2010-05-14 08:18:59.000000000 +0200
-+++ openssh-5.5p1/sshd_config.0 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/sshd_config.0.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/sshd_config.0 2010-05-20 07:11:48.000000000 +0200
@@ -352,7 +352,8 @@ DESCRIPTION
KbdInteractiveAuthentication, KerberosAuthentication,
MaxAuthTries, MaxSessions, PasswordAuthentication,
@@ -2899,8 +2899,8 @@ diff -up openssh-5.5p1/sshd_config.0.pka
Specifies whether rhosts or /etc/hosts.equiv authentication to-
gether with successful RSA host authentication is allowed. The
diff -up openssh-5.5p1/sshd_config.5.pka openssh-5.5p1/sshd_config.5
---- openssh-5.5p1/sshd_config.5.pka 2010-05-14 08:18:59.000000000 +0200
-+++ openssh-5.5p1/sshd_config.5 2010-05-14 08:31:23.000000000 +0200
+--- openssh-5.5p1/sshd_config.5.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/sshd_config.5 2010-05-20 07:11:48.000000000 +0200
@@ -623,6 +623,8 @@ Available keywords are
.Cm PermitOpen ,
.Cm PermitRootLogin ,
@@ -2928,8 +2928,8 @@ diff -up openssh-5.5p1/sshd_config.5.pka
Specifies whether rhosts or /etc/hosts.equiv authentication together
with successful RSA host authentication is allowed.
diff -up openssh-5.5p1/sshd_config.pka openssh-5.5p1/sshd_config
---- openssh-5.5p1/sshd_config.pka 2010-05-14 08:18:59.000000000 +0200
-+++ openssh-5.5p1/sshd_config 2010-05-14 08:19:02.000000000 +0200
+--- openssh-5.5p1/sshd_config.pka 2010-05-20 07:11:47.000000000 +0200
++++ openssh-5.5p1/sshd_config 2010-05-20 07:11:48.000000000 +0200
@@ -45,6 +45,8 @@ SyslogFacility AUTHPRIV
#RSAAuthentication yes
#PubkeyAuthentication yes
@@ -2940,9 +2940,9 @@ diff -up openssh-5.5p1/sshd_config.pka o
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
diff -up openssh-5.5p1/ssh-ldap.conf.5.pka openssh-5.5p1/ssh-ldap.conf.5
---- openssh-5.5p1/ssh-ldap.conf.5.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ssh-ldap.conf.5 2010-05-14 08:19:02.000000000 +0200
-@@ -0,0 +1,371 @@
+--- openssh-5.5p1/ssh-ldap.conf.5.pka 2010-05-20 07:11:48.000000000 +0200
++++ openssh-5.5p1/ssh-ldap.conf.5 2010-05-20 08:22:10.000000000 +0200
+@@ -0,0 +1,373 @@
+.\" $OpenBSD: ssh-ldap.conf.5,v 1.1 2010/02/10 23:20:38 markus Exp $
+.\"
+.\" Copyright (c) 2010 Jan F. Chadima. All rights reserved.
@@ -2985,11 +2985,11 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+Quoting values that contain blanks
+may be incorrect, as the quotes would become part of the value.
+The possible keywords and their meanings are as follows (note that
-+keywords are case-insensitive and arguments, on a case by case basis, may be case-sensitive).
++keywords are case-insensitive, and arguments, on a case by case basis, may be case-sensitive).
+.It Cm URI
+The argument(s) are in the form
+.Pa ldap[si]://[name[:port]]
-+they specifies the URI(s) of an LDAP server(s) to which the
++and specify the URI(s) of an LDAP server(s) to which the
+.Xr ssh-ldap-helper 8
+should connect. The URI scheme may be any of
+.Dq ldap ,
@@ -3009,11 +3009,11 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+A space separated list of URIs may be provided.
+There is no default.
+.It Cm Base
-+Specifies the default base DN to use when performing ldap operations.
-+The base must be specified as a Distinguished Name in LDAP format.
++Specifies the default base Distinguished Name (DN) to use when performing ldap operations.
++The base must be specified as a DN in LDAP format.
+There is no default.
+.It Cm BindDN
-+Specifies the default bind DN to use when connecting to the ldap server.
++Specifies the default BIND DN to use when connecting to the ldap server.
+The bind DN must be specified as a Distinguished Name in LDAP format.
+There is no default.
+.It Cm BindPW
@@ -3027,7 +3027,7 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+.Xr ssh-ldap-helper 8
+should connect. Each server's name can be specified as a
+domain-style name or an IP address and optionally followed by a ':' and
-+the port number the ldap server is listening on. A space separated
++the port number the ldap server is listening on. A space-separated
+list of hosts may be provided.
+There is no default.
+.Cm Host
@@ -3041,7 +3041,7 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+is deprecated in favor of
+.Cm URI .
+.It Cm Scope
-+Specifies the starting point of an LDAP search and the depth from the base DN to which the search should occur.
++Specifies the starting point of an LDAP search and the depth from the base DN to which the search should descend.
+There are three options (values) that can be assigned to the
+.Cm Scope parameter:
+.Dq base ,
@@ -3055,7 +3055,7 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+is used to indicate searching only the entry at the base DN, resulting in only that entry being returned (keeping in mind that it also has to meet the search filter criteria!).
+The value
+.Dq one
-+is used to indicate searching all entries one level under the base DN - but not including the base DN and not including any entries under that one level under the base DN.
++is used to indicate searching all entries one level under the base DN, but not including the base DN and not including any entries under that one level under the base DN.
+The value
+.Dq subtree
+is used to indicate searching of all entries at all levels under and including the specified base DN.
@@ -3082,16 +3082,16 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+.Dq finding
+means that the aliases are only dereferenced when locating the base object of the search.
+The value
-+.Dq always .
++.Dq always
+means that the aliases are dereferenced both in searching and in locating the base object
+of the search.
+The default is
+.Dq never .
+.It Cm TimeLimit
+Specifies a time limit (in seconds) to use when performing searches.
-+The number should be a non-negative integer.
++The number should be a non-negative integer. A
+.Cm TimeLimit
-+of zero (0) specifies unlimited search time to be used. Please note that the server
++of zero (0) specifies that the search time is unlimited. Please note that the server
+may still apply any server-side limit on the duration of a search operation.
+The default value is 10.
+.It Cm TimeOut
@@ -3111,24 +3111,24 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+Is an alias to
+.Cm Ldap_Version .
+.It Cm Bind_Policy
-+Specifies the policy to use for reconnecting to an unavailable LDAP server. There are 2 awailable values:
++Specifies the policy to use for reconnecting to an unavailable LDAP server. There are 2 available values:
+.Dq hard
+and
+.Dq soft.
-+.Dq hard have 2 aliases
++.Dq hard has 2 aliases
+.Dq hard_open
+and
+.Dq hard_init .
+The value
+.Dq hard
-+means reconects that the
-+Xr ssh-ldap-helper 8
++means that reconects that the
++.Xr ssh-ldap-helper 8
+tries to reconnect to the LDAP server 5 times before failure. There is exponential backoff before retrying.
+The value
+.Dq soft
+means that
-+Xr ssh-ldap-helper 8
-+fails immediatelly when cannot connect to the LDAP seerver.
++.Xr ssh-ldap-helper 8
++fails immediately when it cannot connect to the LDAP seerver.
+The deault is
+.Dq hard .
+.It Cm SSLPath
@@ -3136,11 +3136,12 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+There is no default.
+.It Cm SSL
+Specifies whether to use SSL/TLS or not.
-+There are three alloved values:
++There are three allowed values:
+.Dq yes ,
+.Dq no
+and
+.Dq start_tls
++Both
+.Dq true
+and
+.Dq on
@@ -3151,12 +3152,13 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+.Dq off
+are the aliases for
+.Dq no .
-+If start_tls is specified then StartTLS is used rather than raw LDAP over SSL.
-+The default is
-+.Dq start_tls
-+for the ldap://
++If
++.Dqstart_tls
++is specified then StartTLS is used rather than raw LDAP over SSL.
++The default for ldap:// is
++.Dq start_tls ,
++for ldaps://
+.Dq yes
-+for the ldaps://
+and
+.Dq no
+for the ldapi:// .
@@ -3211,7 +3213,7 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+.Dq on
+and
+.Dq yes
-+are the aliases for
++are aliases for
+.Dq hard .
+.Dq false ,
+.Dq off
@@ -3234,14 +3236,14 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+the session is immediately terminated.
+The value
+.Dq demand
-+Means that the server certificate is requested. If no
++means that the server certificate is requested. If no
+certificate is provided, or a bad certificate is provided, the session
+is immediately terminated.
+The value
+.Dq hard
+is the same as
+.Dq demand .
-+It requires the SSL connection. In the case of the plain conection the
++It requires an SSL connection. In the case of the plain conection the
+session is immediately terminated.
+The default is
+.Dq hard .
@@ -3315,9 +3317,9 @@ diff -up openssh-5.5p1/ssh-ldap.conf.5.p
+.Sh AUTHORS
+.An Jan F. Chadima Aq jchadima at redhat.com
diff -up openssh-5.5p1/ssh-ldap-helper.8.pka openssh-5.5p1/ssh-ldap-helper.8
---- openssh-5.5p1/ssh-ldap-helper.8.pka 2010-05-14 08:19:02.000000000 +0200
-+++ openssh-5.5p1/ssh-ldap-helper.8 2010-05-14 08:20:39.000000000 +0200
-@@ -0,0 +1,79 @@
+--- openssh-5.5p1/ssh-ldap-helper.8.pka 2010-05-20 07:11:48.000000000 +0200
++++ openssh-5.5p1/ssh-ldap-helper.8 2010-05-20 07:21:14.000000000 +0200
+@@ -0,0 +1,78 @@
+.\" $OpenBSD: ssh-ldap-helper.8,v 1.1 2010/02/10 23:20:38 markus Exp $
+.\"
+.\" Copyright (c) 2010 Jan F. Chadima. All rights reserved.
@@ -3349,7 +3351,7 @@ diff -up openssh-5.5p1/ssh-ldap-helper.8
+.Nm
+is used by
+.Xr sshd 1
-+to access keys provided by a LDAP.
++to access keys provided by an LDAP.
+.Nm
+is disabled by default and can only be enabled in the
+sshd configuration file
@@ -3366,26 +3368,25 @@ diff -up openssh-5.5p1/ssh-ldap-helper.8
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl d
-+Set the debug mode,
++Set the debug mode;
+.Nm
+prints all logs to stderr instead of syslog.
+.It Fl e
-+Implies \-w
++Implies \-w;
+.Nm
-+halt when an unknown item is found in the ldap.conf file.
++halts if it encounters an unknown item in the ldap.conf file.
+.It Fl f
-+Default /etc/ssh/ldap.conf.
+.Nm
-+uses this file as a ldap configuration file.
++uses this file as the ldap configuration file instead of /etc/ssh/ldap.conf (default).
+.It Fl s
+.Nm
-+print out the keys of the user on stdout and exits.
++prints out the user's keys to stdout and exits.
+.It Fl v
-+Implies \-d
++Implies \-d;
+increases verbosity.
+.It Fl w
+.Nm
-+writes warnings about unknown items in the ldap.conf file.
++writes warnings about unknown items in the ldap.conf configuration file.
+
+.Sh SEE ALSO
+.Xr sshd 8 ,
Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.213
retrieving revision 1.214
diff -u -p -r1.213 -r1.214
--- openssh.spec 14 May 2010 07:44:52 -0000 1.213
+++ openssh.spec 20 May 2010 07:02:32 -0000 1.214
@@ -70,7 +70,7 @@
%endif
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
-%define openssh_rel 10
+%define openssh_rel 11
%define openssh_ver 5.5p1
%define pam_ssh_agent_rel 26
%define pam_ssh_agent_ver 0.9.2
@@ -579,6 +579,9 @@ fi
%endif
%changelog
+* Thu May 20 2010 Jan F. Chadima <jchadima at redhat.com> - 5.5p1-11 + 0.9.2-26
+- Typo in ssh-ldap.conf(5) and ssh-ladap-helper(8)
+
* Fri May 14 2010 Jan F. Chadima <jchadima at redhat.com> - 5.5p1-10 + 0.9.2-26
- Repair the reference in man ssh-ldap-helper(8)
- Repair the PubkeyAgent section in sshd_config(5)
More information about the scm-commits
mailing list