RE: GSSAPI

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



In the patch,  at  line 2687 of http://pkgs.fedoraproject.org/cgit/openssh.git/tree/openssh-6.6p1-gsskex.patch, we have

@@ -2488,6 +2495,48 @@ do_ssh2_kex(void)
 	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
 	    list_hostkey_types());
 
+#ifdef GSSAPI
+	{
+	char *orig;
+	char *gss = NULL;
+	char *newstr = NULL;
+	orig = myproposal[PROPOSAL_KEX_ALGS];   <<<=== HERE 1
+
+	/* 
+	 * If we don't have a host key, then there's no point advertising
+	 * the other key exchange algorithms
+	 */
+
+	if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)  <<<=== HERE 2
+		orig = NULL;

Note that at the lines marked HERE 1 and HERE 2, orig refers to two separate things.
Is this inconsistency in reference intended?



-----Original Message-----
From: Andreas Schneider [mailto:asn@xxxxxxxxxxxxxx] 
Sent: Monday, July 21, 2014 4:16 AM
To: openssh-unix-dev@xxxxxxxxxxx
Cc: Scott Neugroschl
Subject: Re: GSSAPI

On Tuesday 15 July 2014 21:52:33 Scott Neugroschl wrote:
> If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I 
> still need to get Simon Wilkinson's patches?

As the FreeIPA project has support for managing SSH Keys they have a maintained patchset for GSSAPI support. You can take a look here:


http://pkgs.fedoraproject.org/cgit/openssh.git/tree/


	-- andreas


-- 
Andreas Schneider                   GPG-ID: CC014E3D
www.cryptomilk.org                asn@xxxxxxxxxxxxxx

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux