[openssh] Add chunk missed in the new upstream merge.

Tomáš Mráz tmraz at fedoraproject.org
Fri Sep 9 16:06:43 UTC 2011 

commit fc87f2dceddc09e6b5bee8669d98e591ae288837
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date:   Fri Sep 9 18:06:02 2011 +0200

    Add chunk missed in the new upstream merge.

 openssh-5.9p1-akc.patch |   78 +++++++++++++++++++++++++++--------------------
 1 files changed, 45 insertions(+), 33 deletions(-)
---
diff --git a/openssh-5.9p1-akc.patch b/openssh-5.9p1-akc.patch
index 175e1b5..0abc256 100644
--- a/openssh-5.9p1-akc.patch
+++ b/openssh-5.9p1-akc.patch
@@ -1,6 +1,6 @@
-diff -up openssh-5.9p0/auth2-pubkey.c.akc openssh-5.9p0/auth2-pubkey.c
---- openssh-5.9p0/auth2-pubkey.c.akc	2011-09-05 14:26:19.008627855 +0200
-+++ openssh-5.9p0/auth2-pubkey.c	2011-09-05 14:26:21.125500355 +0200
+diff -up openssh-5.9p1/auth2-pubkey.c.akc openssh-5.9p1/auth2-pubkey.c
+--- openssh-5.9p1/auth2-pubkey.c.akc	2011-09-09 17:26:31.000000000 +0200
++++ openssh-5.9p1/auth2-pubkey.c	2011-09-09 17:28:15.000000000 +0200
 @@ -27,6 +27,7 @@
  
  #include <sys/types.h>
@@ -47,7 +47,7 @@ diff -up openssh-5.9p0/auth2-pubkey.c.akc openssh-5.9p0/auth2-pubkey.c
  	key_free(found);
  	if (!found_key)
  		debug2("key not found");
-@@ -452,7 +439,179 @@ user_cert_trusted_ca(struct passwd *pw,
+@@ -452,13 +439,191 @@ user_cert_trusted_ca(struct passwd *pw, 
  	return ret;
  }
  
@@ -228,9 +228,21 @@ diff -up openssh-5.9p0/auth2-pubkey.c.akc openssh-5.9p0/auth2-pubkey.c
  int
  user_key_allowed(struct passwd *pw, Key *key)
  {
-diff -up openssh-5.9p0/configure.ac.akc openssh-5.9p0/configure.ac
---- openssh-5.9p0/configure.ac.akc	2011-08-18 06:48:24.000000000 +0200
-+++ openssh-5.9p0/configure.ac	2011-09-05 14:26:21.227601590 +0200
+ 	u_int success, i;
+ 	char *file;
+ 
++#ifdef WITH_AUTHORIZED_KEYS_COMMAND
++	success = user_key_via_command_allowed2(pw, key);
++	if (success > 0)
++		return success;
++#endif
++
+ 	if (auth_key_is_revoked(key))
+ 		return 0;
+ 	if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
+diff -up openssh-5.9p1/configure.ac.akc openssh-5.9p1/configure.ac
+--- openssh-5.9p1/configure.ac.akc	2011-08-18 06:48:24.000000000 +0200
++++ openssh-5.9p1/configure.ac	2011-09-09 17:26:31.000000000 +0200
 @@ -1421,6 +1421,18 @@ AC_ARG_WITH([audit],
  	esac ]
  )
@@ -258,10 +270,10 @@ diff -up openssh-5.9p0/configure.ac.akc openssh-5.9p0/configure.ac
  echo "              MD5 password support: $MD5_MSG"
  echo "                   libedit support: $LIBEDIT_MSG"
  echo "  Solaris process contract support: $SPC_MSG"
-diff -up openssh-5.9p0/servconf.c.akc openssh-5.9p0/servconf.c
---- openssh-5.9p0/servconf.c.akc	2011-09-05 14:26:08.430440620 +0200
-+++ openssh-5.9p0/servconf.c	2011-09-05 14:26:21.386571209 +0200
-@@ -139,6 +139,8 @@ initialize_server_options(ServerOptions
+diff -up openssh-5.9p1/servconf.c.akc openssh-5.9p1/servconf.c
+--- openssh-5.9p1/servconf.c.akc	2011-09-09 17:26:30.000000000 +0200
++++ openssh-5.9p1/servconf.c	2011-09-09 17:26:31.000000000 +0200
+@@ -139,6 +139,8 @@ initialize_server_options(ServerOptions 
  	options->num_permitted_opens = -1;
  	options->adm_forced_command = NULL;
  	options->chroot_directory = NULL;
@@ -331,9 +343,9 @@ diff -up openssh-5.9p0/servconf.c.akc openssh-5.9p0/servconf.c
  
  	/* string arguments requiring a lookup */
  	dump_cfg_string(sLogLevel, log_level_name(o->log_level));
-diff -up openssh-5.9p0/servconf.h.akc openssh-5.9p0/servconf.h
---- openssh-5.9p0/servconf.h.akc	2011-09-05 14:26:08.536478884 +0200
-+++ openssh-5.9p0/servconf.h	2011-09-05 14:26:21.513500639 +0200
+diff -up openssh-5.9p1/servconf.h.akc openssh-5.9p1/servconf.h
+--- openssh-5.9p1/servconf.h.akc	2011-09-09 17:26:30.000000000 +0200
++++ openssh-5.9p1/servconf.h	2011-09-09 17:26:31.000000000 +0200
 @@ -174,6 +174,8 @@ typedef struct {
  	char   *revoked_keys_file;
  	char   *trusted_user_ca_keys;
@@ -343,9 +355,22 @@ diff -up openssh-5.9p0/servconf.h.akc openssh-5.9p0/servconf.h
  }       ServerOptions;
  
  /*
-diff -up openssh-5.9p0/sshd_config.0.akc openssh-5.9p0/sshd_config.0
---- openssh-5.9p0/sshd_config.0.akc	2011-08-29 16:30:02.000000000 +0200
-+++ openssh-5.9p0/sshd_config.0	2011-09-05 14:26:21.880500451 +0200
+diff -up openssh-5.9p1/sshd_config.akc openssh-5.9p1/sshd_config
+--- openssh-5.9p1/sshd_config.akc	2011-09-09 17:26:30.000000000 +0200
++++ openssh-5.9p1/sshd_config	2011-09-09 17:26:31.000000000 +0200
+@@ -49,6 +49,9 @@
+ # but this is overridden so installations will only check .ssh/authorized_keys
+ AuthorizedKeysFile	.ssh/authorized_keys
+ 
++#AuthorizedKeysCommand none
++#AuthorizedKeysCommandRunAs nobody
++
+ # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+ #RhostsRSAAuthentication no
+ # similar for protocol version 2
+diff -up openssh-5.9p1/sshd_config.0.akc openssh-5.9p1/sshd_config.0
+--- openssh-5.9p1/sshd_config.0.akc	2011-09-07 01:16:30.000000000 +0200
++++ openssh-5.9p1/sshd_config.0	2011-09-09 17:26:31.000000000 +0200
 @@ -71,6 +71,23 @@ DESCRIPTION
  
               See PATTERNS in ssh_config(5) for more information on patterns.
@@ -380,9 +405,9 @@ diff -up openssh-5.9p0/sshd_config.0.akc openssh-5.9p0/sshd_config.0
               Banner, ChrootDirectory, ForceCommand, GatewayPorts,
               GSSAPIAuthentication, HostbasedAuthentication,
               HostbasedUsesNameFromPacketOnly, KbdInteractiveAuthentication,
-diff -up openssh-5.9p0/sshd_config.5.akc openssh-5.9p0/sshd_config.5
---- openssh-5.9p0/sshd_config.5.akc	2011-09-05 14:26:08.750503994 +0200
-+++ openssh-5.9p0/sshd_config.5	2011-09-05 14:26:21.987502513 +0200
+diff -up openssh-5.9p1/sshd_config.5.akc openssh-5.9p1/sshd_config.5
+--- openssh-5.9p1/sshd_config.5.akc	2011-09-09 17:26:30.000000000 +0200
++++ openssh-5.9p1/sshd_config.5	2011-09-09 17:26:31.000000000 +0200
 @@ -706,6 +706,8 @@ Available keywords are
  .Cm AllowAgentForwarding ,
  .Cm AllowTcpForwarding ,
@@ -421,16 +446,3 @@ diff -up openssh-5.9p0/sshd_config.5.akc openssh-5.9p0/sshd_config.5
  .It Cm RhostsRSAAuthentication
  Specifies whether rhosts or /etc/hosts.equiv authentication together
  with successful RSA host authentication is allowed.
-diff -up openssh-5.9p0/sshd_config.akc openssh-5.9p0/sshd_config
---- openssh-5.9p0/sshd_config.akc	2011-09-05 14:26:08.000000000 +0200
-+++ openssh-5.9p0/sshd_config	2011-09-05 14:45:21.135479100 +0200
-@@ -49,6 +49,9 @@
- # but this is overridden so installations will only check .ssh/authorized_keys
- AuthorizedKeysFile	.ssh/authorized_keys
- 
-+#AuthorizedKeysCommand none
-+#AuthorizedKeysCommandRunAs nobody
-+
- # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
- #RhostsRSAAuthentication no
- # similar for protocol version 2

More information about the scm-commits mailing list