Ana Guerrero 2024-04-16 18:03:15 +00:00 committed by Git OBS Bridge
commit 04d08a5024
3 changed files with 28 additions and 6 deletions

View File

@ -151,7 +151,7 @@ Index: openssh-9.6p1/auth2-gss.c
+ * The 'gssapi_keyex' userauth mechanism.
+ */
+static int
+userauth_gsskeyex(struct ssh *ssh)
+userauth_gsskeyex(struct ssh *ssh, const char *method)
+{
+ Authctxt *authctxt = ssh->authctxt;
+ int r, authenticated = 0;
@ -213,12 +213,13 @@ Index: openssh-9.6p1/auth2-gss.c
else
logit("GSSAPI MIC check failed");
@@ -333,6 +377,12 @@ input_gssapi_mic(int type, u_int32_t ple
@@ -333,6 +377,13 @@ input_gssapi_mic(int type, u_int32_t ple
return 0;
}
+Authmethod method_gsskeyex = {
+ "gssapi-keyex",
+ "NULL",
+ userauth_gsskeyex,
+ &options.gss_authentication
+};

View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Mon Apr 15 13:21:50 UTC 2024 - Marcus Meissner <meissner@suse.com>
- openssh-8.0p1-gssapi-keyex.patch: Added missing struct initializer,
added missing parameter (bsc#1222840)
-------------------------------------------------------------------
Fri Apr 12 10:04:45 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
- Make openssh-server recommend the openssh-server-config-rootlogin
package in SLE in order to keep the same behaviour of previous
SPs where the PermitRootLogin default was set to yes
(bsc#1221005).
- Fix crypto-policies requirement to be set by openssh-server, not
the config-rootlogin subpackage.
- Add back %config(noreplace) tag for more config files that were
already set like this in previous SPs.
-------------------------------------------------------------------
Thu Apr 11 06:35:21 UTC 2024 - Arnav Singh <opensuse@arnavion.dev>

View File

@ -190,7 +190,11 @@ clients.
Summary: SSH (Secure Shell) server
Group: Productivity/Networking/SSH
Requires: %{name}-common = %{version}-%{release}
Requires: crypto-policies >= 20220824
Recommends: audit
%if 0%{?suse_version} == 1500
Recommends: openssh-server-config-rootlogin
%endif
Requires(pre): findutils
Requires(pre): grep
Requires(post): %fillup_prereq
@ -213,7 +217,6 @@ securely connect to your server.
%package server-config-rootlogin
Summary: Config to permit root logins to sshd
Group: Productivity/Networking/SSH
Requires: crypto-policies >= 20220824
Requires: %{name}-server = %{version}-%{release}
%description server-config-rootlogin
@ -485,7 +488,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss
%attr(0755,root,root) %dir %{_distconfdir}/ssh/ssh_config.d
%else
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %{_sysconfdir}/ssh/moduli
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
%attr(0755,root,root) %dir %{_sysconfdir}/ssh/ssh_config.d
%endif
%attr(0444,root,root) %{_mandir}/man1/ssh-keygen.1*
@ -533,7 +536,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss
%if %{defined _distconfdir}
%{_distconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
%else
%{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
%config(noreplace) %{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
%endif
%files clients
@ -542,7 +545,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss
%if %{defined _distconfdir}
%attr(0644,root,root) %{_distconfdir}/ssh/ssh_config
%else
%attr(0644,root,root) %{_sysconfdir}/ssh/ssh_config
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
%endif
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/scp*