updated gssapi diff
Jakob Schlyter
jakob at openbsd.org
Wed Aug 13 04:05:11 EST 2003
On Sun, 10 Aug 2003, Frank Cusack wrote:
> session.c needs to test options.gss_cleanup_creds before unconditionally
> cleaning up, here:
>
> --- session.c 10 Aug 2003 14:06:53 -0000 1.1.1.2
> +++ session.c 10 Aug 2003 14:25:01 -0000 1.4
> @@ -1832,4 +1855,7 @@
> do_authenticated2(Authctxt *authctxt)
> {
> server_loop2(authctxt);
> +#if defined(GSSAPI)
> + ssh_gssapi_cleanup_creds(NULL);
> +#endif
> }
>
> should be:
>
> if (options.gss_cleanup_creds)
> ssh_gssapi_cleanup_creds(NULL);
fixed.
> It needs docs as well:
>
> 8<---
> --- openssh.orig/sshd_config.5 2003-06-08 17:20:47.000000000 -0700
> +++ openssh/sshd_config.5 2003-06-08 17:19:39.000000000 -0700
> @@ -273,7 +273,11 @@
> The default is
> .Dq yes .
> Note that this option applies to protocol version 2 only.
> -
> +.It Cm GSSAPICleanUpCreds
> +Specifies whether ssh with gssapi will delete the ccache when the session exits, fatal or otherwise.
> +The default is
> +.Dq yes .
> +Note that this option applies to protocol version 2 only.
> .It Cm IgnoreRhosts
> Specifies that
> .Pa .rhosts
this was already in the manpage.
> sshconnect2.c:input_gssapi_error() is too noisy.
>
> 8<---
> --- openssh.orig/sshconnect2.c 2003-07-09 20:57:32.000000000 -0700
> +++ openssh/sshconnect2.c 2003-07-09 21:02:50.000000000 -0700
> @@ -723,7 +723,7 @@ input_gssapi_error(int type, u_int32_t p
>
> packet_check_eom();
>
> - fprintf(stderr, "Server GSSAPI Error:\n%s\n", msg);
> + debug("Server GSSAPI Error:\n%s\n", msg);
> xfree(msg);
> xfree(lang);
> }
> 8<---
fixed.
jakob
More information about the openssh-unix-dev
mailing list