Bugzilla – Attachment 603 Details for
Bug 445
User DCE Credentials do not get forwarded to child session
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Copy KRB5CCNAME for Tru64/SIA too
openssh-krb5ccname-nativeauth.patch (text/plain), 3.05 KB, created by
Darren Tucker
on 2004-04-14 16:59:28 AEST
(
hide
)
Description:
Copy KRB5CCNAME for Tru64/SIA too
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2004-04-14 16:59:28 AEST
Size:
3.05 KB
patch
obsolete
>Index: acconfig.h >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/acconfig.h,v >retrieving revision 1.176 >diff -u -p -r1.176 acconfig.h >--- acconfig.h 14 Apr 2004 05:26:39 -0000 1.176 >+++ acconfig.h 14 Apr 2004 06:29:58 -0000 >@@ -268,6 +268,12 @@ > /* Define this if you want to use libkafs' AFS support */ > #undef USE_AFS > >+/* >+ * Define this if your platform's native authentication can set KRB5CCNAME >+ * if it uses Kerberos (eg authenticate() on AIX, SIA on Tru64) >+ */ >+#undef NATIVE_AUTH_CAN_SET_KRB5CCNAME >+ > /* Define if you want S/Key support */ > #undef SKEY > >Index: configure.ac >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/configure.ac,v >retrieving revision 1.212 >diff -u -p -r1.212 configure.ac >--- configure.ac 14 Apr 2004 05:26:39 -0000 1.212 >+++ configure.ac 14 Apr 2004 06:28:02 -0000 >@@ -134,6 +134,7 @@ case "$host" in > AC_DEFINE(DISABLE_LASTLOG) > AC_DEFINE(LOGIN_NEEDS_UTMPX) > AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) >+ AC_DEFINE(NATIVE_AUTH_CAN_SET_KRB5CCNAME) > ;; > *-*-cygwin*) > check_for_libcrypt_later=1 >@@ -432,6 +433,7 @@ mips-sony-bsd|mips-sony-newsos4) > AC_DEFINE(HAVE_OSF_SIA) > AC_DEFINE(DISABLE_LOGIN) > AC_DEFINE(DISABLE_FD_PASSING) >+ AC_DEFINE(NATIVE_AUTH_CAN_SET_KRB5CCNAME) > LIBS="$LIBS -lsecurity -ldb -lm -laud" > else > AC_MSG_RESULT(no) >Index: session.c >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v >retrieving revision 1.277 >diff -u -p -r1.277 session.c >--- session.c 6 Apr 2004 22:04:10 -0000 1.277 >+++ session.c 14 Apr 2004 06:31:51 -0000 >@@ -1081,14 +1081,20 @@ do_setup_env(Session *s, const char *she > child_set_env(&env, &envsize, "TMPDIR", cray_tmpdir); > #endif /* _UNICOS */ > >+#ifdef NATIVE_AUTH_CAN_SET_KRB5CCNAME >+ { >+ char *cp; >+ >+ if ((cp = getenv("KRB5CCNAME")) != NULL) >+ child_set_env(&env, &envsize, "KRB5CCNAME", cp); >+ } >+#endif > #ifdef _AIX > { > char *cp; > > if ((cp = getenv("AUTHSTATE")) != NULL) > child_set_env(&env, &envsize, "AUTHSTATE", cp); >- if ((cp = getenv("KRB5CCNAME")) != NULL) >- child_set_env(&env, &envsize, "KRB5CCNAME", cp); > read_environment_file(&env, &envsize, "/etc/environment"); > } > #endif >Index: sshd.c >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/sshd.c,v >retrieving revision 1.279 >diff -u -p -r1.279 sshd.c >--- sshd.c 21 Mar 2004 22:36:01 -0000 1.279 >+++ sshd.c 14 Apr 2004 06:30:25 -0000 >@@ -928,13 +928,13 @@ main(int ac, char **av) > SYSLOG_FACILITY_AUTH : options.log_facility, > log_stderr || !inetd_flag); > >-#ifdef _AIX >+#ifdef NATIVE_AUTH_CAN_SET_KRB5CCNAME > /* > * Unset KRB5CCNAME, otherwise the user's session may inherit it from > * root's environment > */ > unsetenv("KRB5CCNAME"); >-#endif /* _AIX */ >+#endif /* NATIVE_AUTH_CAN_SET_KRB5CCNAME */ > #ifdef _UNICOS > /* Cray can define user privs drop all prives now! > * Not needed on PRIV_SU systems!
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=603">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
djm
:
ok+
Actions:
View
|
Diff
Attachments on
bug 445
:
197
|
603
|
626
|
628