Annotation of /trunk/openssh/patches/openssh-4.6p1-ChallengeResponseAuthentication.patch
Parent Directory | Revision Log
Revision 153 -
(hide annotations)
(download)
Tue May 8 20:52:56 2007 UTC (17 years, 4 months ago) by niro
File size: 1681 byte(s)
Tue May 8 20:52:56 2007 UTC (17 years, 4 months ago) by niro
File size: 1681 byte(s)
-import
1 | niro | 153 | Fix from upstream to fix logging in with USE=pam via passwords by default. |
2 | |||
3 | http://bugs.gentoo.org/170670 | ||
4 | |||
5 | ChangeLog: | ||
6 | Move C/R -> kbdint special case to after the defaults have been | ||
7 | loaded, which makes ChallengeResponse default to yes again. This | ||
8 | was broken by the Match changes and not fixed properly subsequently. | ||
9 | Found by okan at demirmen.com, ok djm@ "please do it" deraadt@ | ||
10 | |||
11 | =================================================================== | ||
12 | RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/servconf.c,v | ||
13 | retrieving revision 1.170 | ||
14 | retrieving revision 1.171 | ||
15 | diff -u -r1.170 -r1.171 | ||
16 | --- src/usr.bin/ssh/servconf.c 2007/03/01 10:28:02 1.170 | ||
17 | +++ src/usr.bin/ssh/servconf.c 2007/03/09 05:20:06 1.171 | ||
18 | @@ -1344,8 +1344,4 @@ | ||
19 | if (bad_options > 0) | ||
20 | fatal("%s: terminating, %d bad configuration options", | ||
21 | filename, bad_options); | ||
22 | - | ||
23 | - /* challenge-response is implemented via keyboard interactive */ | ||
24 | - if (options->challenge_response_authentication == 1) | ||
25 | - options->kbd_interactive_authentication = 1; | ||
26 | } | ||
27 | =================================================================== | ||
28 | RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/sshd.c,v | ||
29 | retrieving revision 1.349 | ||
30 | retrieving revision 1.350 | ||
31 | diff -u -r1.349 -r1.350 | ||
32 | --- src/usr.bin/ssh/sshd.c 2007/02/21 11:00:05 1.349 | ||
33 | +++ src/usr.bin/ssh/sshd.c 2007/03/09 05:20:06 1.350 | ||
34 | @@ -1359,6 +1359,10 @@ | ||
35 | /* Fill in default values for those options not explicitly set. */ | ||
36 | fill_default_server_options(&options); | ||
37 | |||
38 | + /* challenge-response is implemented via keyboard interactive */ | ||
39 | + if (options.challenge_response_authentication) | ||
40 | + options.kbd_interactive_authentication = 1; | ||
41 | + | ||
42 | /* set default channel AF */ | ||
43 | channel_set_af(options.address_family); | ||
44 |