rpms/openssh/devel openssh-4.7p1-gssapi-role.patch, NONE, 1.1 openssh.spec, 1.121, 1.122
Tomas Mraz (tmraz)
fedora-extras-commits at redhat.com
Thu Jan 3 17:46:33 UTC 2008
- Previous message (by thread): rpms/lilypond-doc/devel .cvsignore, 1.8, 1.9 lilypond-doc.spec, 1.7, 1.8 sources, 1.8, 1.9
- Next message (by thread): rpms/python-qpid/devel python-qpid.spec,1.2,1.3 sources,1.3,1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/openssh/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32500
Modified Files:
openssh.spec
Added Files:
openssh-4.7p1-gssapi-role.patch
Log Message:
* Thu Jan 3 2008 Tomas Mraz <tmraz at redhat.com> - 4.7p1-7
- fix gssapi auth with explicit selinux role requested (#427303) - patch
by Nalin Dahyabhai
openssh-4.7p1-gssapi-role.patch:
--- NEW FILE openssh-4.7p1-gssapi-role.patch ---
Written-by: Nalin Dahyabhai <nalin at redhat.com>
Reviewed-by: Tomas Mraz <tmraz at redhat.com>
--- auth2-gss.c 2008-01-02 16:34:03.000000000 -0500
+++ auth2-gss.c 2008-01-02 16:33:19.000000000 -0500
@@ -258,6 +258,7 @@
Authctxt *authctxt = ctxt;
Gssctxt *gssctxt;
int authenticated = 0;
+ char *micuser;
Buffer b;
gss_buffer_desc mic, gssbuf;
u_int len;
@@ -270,7 +271,11 @@
mic.value = packet_get_string(&len);
mic.length = len;
- ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
+ if (authctxt->role && (strlen(authctxt->role) > 0))
+ xasprintf(&micuser, "%s/%s", authctxt->user, authctxt->role);
+ else
+ micuser = authctxt->user;
+ ssh_gssapi_buildmic(&b, micuser, authctxt->service,
"gssapi-with-mic");
gssbuf.value = buffer_ptr(&b);
@@ -285,6 +290,8 @@
}
buffer_free(&b);
+ if (micuser != authctxt->user)
+ xfree(micuser);
xfree(mic.value);
authctxt->postponed = 0;
Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.121
retrieving revision 1.122
diff -u -r1.121 -r1.122
--- openssh.spec 4 Dec 2007 19:03:49 -0000 1.121
+++ openssh.spec 3 Jan 2008 17:45:59 -0000 1.122
@@ -63,7 +63,7 @@
Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
Name: openssh
Version: 4.7p1
-Release: 6%{?dist}%{?rescue_rel}
+Release: 7%{?dist}%{?rescue_rel}
URL: http://www.openssh.com/portable.html
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
@@ -96,6 +96,7 @@
Patch51: openssh-4.7p1-nss-keys.patch
Patch52: openssh-4.7p1-sftp-drain-acks.patch
Patch53: openssh-4.7p1-revert-wsize.patch
+Patch54: openssh-4.7p1-gssapi-role.patch
License: BSD
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -230,6 +231,7 @@
%patch51 -p1 -b .nss-keys
%patch52 -p1 -b .drain-acks
%patch53 -p1 -b .revert-wsize
+%patch54 -p0 -b .gssapi-role
autoreconf
@@ -480,6 +482,10 @@
%endif
%changelog
+* Thu Jan 3 2008 Tomas Mraz <tmraz at redhat.com> - 4.7p1-7
+- fix gssapi auth with explicit selinux role requested (#427303) - patch
+ by Nalin Dahyabhai
+
* Tue Dec 4 2007 Tomas Mraz <tmraz at redhat.com> - 4.7p1-6
- explicitly source krb5-devel profile script
- Previous message (by thread): rpms/lilypond-doc/devel .cvsignore, 1.8, 1.9 lilypond-doc.spec, 1.7, 1.8 sources, 1.8, 1.9
- Next message (by thread): rpms/python-qpid/devel python-qpid.spec,1.2,1.3 sources,1.3,1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list