1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
Move things around so hpn applies cleanly when using X509.
Forward-Ported-from: files/openssh-4.9_p1-x509-hpn-glue.patch
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
diff -Nuar --exclude '*.orig' --exclude '*.rej' openssh-5.1p1+x509/Makefile.in openssh-5.1p1+x509-hpn-glue/Makefile.in
--- openssh-5.1p1+x509/Makefile.in 2008-08-23 14:12:53.000000000 -0700
+++ openssh-5.1p1+x509-hpn-glue/Makefile.in 2008-08-23 14:13:51.000000000 -0700
@@ -44,11 +44,12 @@
CC=@CC@
LD=@LD@
CFLAGS=@CFLAGS@
-CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@
+CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
LIBS=@LIBS@
SSHDLIBS=@SSHDLIBS@
LIBEDIT=@LIBEDIT@
LIBLDAP=@LDAP_LDFLAGS@ @LDAP_LIBS@
+CPPFLAGS += @LDAP_CPPFLAGS@
AR=@AR@
AWK=@AWK@
RANLIB=@RANLIB@
diff -Nuar --exclude '*.orig' --exclude '*.rej' openssh-5.1p1+x509/servconf.c openssh-5.1p1+x509-hpn-glue/servconf.c
--- openssh-5.1p1+x509/servconf.c 2008-08-23 14:12:53.000000000 -0700
+++ openssh-5.1p1+x509-hpn-glue/servconf.c 2008-08-23 14:23:56.000000000 -0700
@@ -108,6 +108,17 @@
options->log_level = SYSLOG_LEVEL_NOT_SET;
options->rhosts_rsa_authentication = -1;
options->hostbased_authentication = -1;
+ options->hostbased_algorithms = NULL;
+ options->pubkey_algorithms = NULL;
+ ssh_x509flags_initialize(&options->x509flags, 1);
+#ifndef SSH_X509STORE_DISABLED
+ ssh_x509store_initialize(&options->ca);
+#endif /*ndef SSH_X509STORE_DISABLED*/
+#ifdef SSH_OCSP_ENABLED
+ options->va.type = -1;
+ options->va.certificate_file = NULL;
+ options->va.responder_url = NULL;
+#endif /*def SSH_OCSP_ENABLED*/
options->hostbased_uses_name_from_packet_only = -1;
options->rsa_authentication = -1;
options->pubkey_authentication = -1;
@@ -151,18 +162,6 @@
options->num_permitted_opens = -1;
options->adm_forced_command = NULL;
options->chroot_directory = NULL;
-
- options->hostbased_algorithms = NULL;
- options->pubkey_algorithms = NULL;
- ssh_x509flags_initialize(&options->x509flags, 1);
-#ifndef SSH_X509STORE_DISABLED
- ssh_x509store_initialize(&options->ca);
-#endif /*ndef SSH_X509STORE_DISABLED*/
-#ifdef SSH_OCSP_ENABLED
- options->va.type = -1;
- options->va.certificate_file = NULL;
- options->va.responder_url = NULL;
-#endif /*def SSH_OCSP_ENABLED*/
}
void
@@ -338,6 +337,16 @@
/* Portable-specific options */
sUsePAM,
/* Standard Options */
+ sHostbasedAlgorithms,
+ sPubkeyAlgorithms,
+ sX509KeyAlgorithm,
+ sAllowedClientCertPurpose,
+ sKeyAllowSelfIssued, sMandatoryCRL,
+ sCACertificateFile, sCACertificatePath,
+ sCARevocationFile, sCARevocationPath,
+ sCAldapVersion, sCAldapURL,
+ sVAType, sVACertificateFile,
+ sVAOCSPResponderURL,
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
sRhostsRSAAuthentication, sRSAAuthentication,
@@ -360,16 +369,6 @@
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
sUsePrivilegeSeparation, sAllowAgentForwarding,
- sHostbasedAlgorithms,
- sPubkeyAlgorithms,
- sX509KeyAlgorithm,
- sAllowedClientCertPurpose,
- sKeyAllowSelfIssued, sMandatoryCRL,
- sCACertificateFile, sCACertificatePath,
- sCARevocationFile, sCARevocationPath,
- sCAldapVersion, sCAldapURL,
- sVAType, sVACertificateFile,
- sVAOCSPResponderURL,
sDeprecated, sUnsupported
} ServerOpCodes;
|
GitWeb