RE: GSSAPI

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Mon, 25 Aug 2014, Scott Neugroschl wrote:

> In the patch,  at  line 2687 of http://pkgs.fedoraproject.org/cgit/openssh.git/tree/openssh-6.6p1-gsskex.patch, we have
> 
> @@ -2488,6 +2495,48 @@ do_ssh2_kex(void)
>  	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
>  	    list_hostkey_types());
>  
> +#ifdef GSSAPI
> +	{
> +	char *orig;
> +	char *gss = NULL;
> +	char *newstr = NULL;
> +	orig = myproposal[PROPOSAL_KEX_ALGS];   <<<=== HERE 1
> +
> +	/* 
> +	 * If we don't have a host key, then there's no point advertising
> +	 * the other key exchange algorithms
> +	 */
> +
> +	if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)  <<<=== HERE 2
> +		orig = NULL;
> 
> Note that at the lines marked HERE 1 and HERE 2, orig refers to two
> separate things. Is this inconsistency in reference intended?

AFAIK yes - it's intended to change the KEX method proposal based on whether
any hostkeys are loaded.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux