Blame openssh-4.3p2-gssapi-canohost.patch
|
Jan F. Chadima |
d2767e |
diff -up openssh-5.3p1/sshconnect2.c.canohost openssh-5.3p1/sshconnect2.c
|
|
Jan F. Chadima |
d2767e |
--- openssh-5.3p1/sshconnect2.c.canohost 2009-03-05 14:58:22.000000000 +0100
|
|
Jan F. Chadima |
d2767e |
+++ openssh-5.3p1/sshconnect2.c 2009-11-02 11:55:00.000000000 +0100
|
|
Jan F. Chadima |
d2767e |
@@ -542,6 +542,12 @@ userauth_gssapi(Authctxt *authctxt)
|
|
Tomáš Mráz |
914284 |
static u_int mech = 0;
|
|
Tomáš Mráz |
914284 |
OM_uint32 min;
|
|
Tomáš Mráz |
914284 |
int ok = 0;
|
|
Jan F. Chadima |
d2767e |
+ char* remotehost = NULL;
|
|
Jan F. Chadima |
d2767e |
+ const char* canonicalhost = get_canonical_hostname(1);
|
|
Jan F. Chadima |
d2767e |
+ if ( strcmp( canonicalhost, "UNKNOWN" ) == 0 )
|
|
Jan F. Chadima |
d2767e |
+ remotehost = authctxt->host;
|
|
Jan F. Chadima |
d2767e |
+ else
|
|
Jan F. Chadima |
d2767e |
+ remotehost = canonicalhost;
|
|
Tomáš Mráz |
914284 |
|
|
Tomáš Mráz |
914284 |
/* Try one GSSAPI method at a time, rather than sending them all at
|
|
Tomáš Mráz |
914284 |
* once. */
|
|
Jan F. Chadima |
d2767e |
@@ -554,7 +560,7 @@ userauth_gssapi(Authctxt *authctxt)
|
|
Tomáš Mráz |
914284 |
/* My DER encoding requires length<128 */
|
|
Tomáš Mráz |
914284 |
if (gss_supported->elements[mech].length < 128 &&
|
|
Tomáš Mráz |
914284 |
ssh_gssapi_check_mechanism(&gssctxt,
|
|
Tomáš Mráz |
914284 |
- &gss_supported->elements[mech], authctxt->host)) {
|
|
Tomáš Mráz |
914284 |
+ &gss_supported->elements[mech], remotehost)) {
|
|
Tomáš Mráz |
914284 |
ok = 1; /* Mechanism works */
|
|
Tomáš Mráz |
914284 |
} else {
|
|
Tomáš Mráz |
914284 |
mech++;
|