RE: GSSAPI

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 




-----Original Message-----
From: Damien Miller [mailto:djm@xxxxxxxxxxx] 


On Mon, 25 Aug 2014, Scott Neugroschl wrote:

> In the patch,  at  line 2687 of 
> http://pkgs.fedoraproject.org/cgit/openssh.git/tree/openssh-6.6p1-gssk
> ex.patch, we have
> 
> @@ -2488,6 +2495,48 @@ do_ssh2_kex(void)
>  	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
>  	    list_hostkey_types());
>  
> +#ifdef GSSAPI
> +	{
> +	char *orig;
> +	char *gss = NULL;
> +	char *newstr = NULL;
> +	orig = myproposal[PROPOSAL_KEX_ALGS];   <<<=== HERE 1
> +
> +	/* 
> +	 * If we don't have a host key, then there's no point advertising
> +	 * the other key exchange algorithms
> +	 */
> +
> +	if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)  <<<=== HERE 2
> +		orig = NULL;
> 
> Note that at the lines marked HERE 1 and HERE 2, orig refers to two 
> separate things. Is this inconsistency in reference intended?

AFAIK yes - it's intended to change the KEX method proposal based on whether any hostkeys are loaded.

-d

---------

Thanks, Damien.   I was trying to debug an issue in this code.  Turns out there was a trailing blank in
my host key file name.  I'll look at ssh-keygen.c and see if I can rectify that.

ScottN


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux