pool/openssh
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ea9f2c011c
openssh/openssh-7.2p2-send_locale.patch
Petr Cerny 5093e42eaa Accepting request 398802 from home:pcerny:factory 
- upgrade to 7.2p2

- changing license to 2-clause BSD to match source

- enable trusted X11 forwarding by default
  [-X11_trusted_forwarding]
- set UID for lastlog properly [-lastlog]
- enable use of PAM by default [-enable_PAM_by_default]
- copy command line arguments properly [-saveargv-fix]
- do not use pthreads in PAM code [-dont_use_pthreads_in_PAM]
- fix paths in documentation [-eal3]
- prevent race consitions triggered by SIGALRM [-blocksigalrm]
- do send and accept locale environment variables by default
  [-send_locale]
- handle hostnames changes during X forwarding
  [-hostname_changes_when_forwarding_X]
- try to remove xauth cookies on exit
  [-remove_xauth_cookies_on_exit]
- properly format pts names for ?tmp? log files
  [-pts_names_formatting]
- check locked accounts when using PAM [-pam_check_locks]
- chenge default PermitRootLogin to 'yes' to prevent unwanted
  surprises on updates from older versions.
  See README.SUSE for details
  [-allow_root_password_login]
- Disable DH parameters under 2048 bits by default and allow
  lowering the limit back to the RFC 4419 specified minimum
  through an option (bsc#932483, bsc#948902)
  [-disable_short_DH_parameters]
- Add getuid() and stat() syscalls to the seccomp filter

OBS-URL: https://build.opensuse.org/request/show/398802
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=103
2016-05-30 01:36:18 +00:00

54 lines
1.9 KiB
Diff
Raw Blame History

# HG changeset patch
# Parent fdeedfd2266d642837d86b9b7b3cdc6c00e9535d
send locales in default configuration
bnc#65747
diff --git a/openssh-7.2p2/ssh_config b/openssh-7.2p2/ssh_config
--- a/openssh-7.2p2/ssh_config
+++ b/openssh-7.2p2/ssh_config
@@ -26,16 +26,21 @@ Host *
# security reasons: Someone stealing the authentification data on the
# remote side (the "spoofed" X-server by the remote sshd) can read your
# keystrokes as you type, just like any other X11 client could do.
# Set this to "no" here for global effect or in your own ~/.ssh/config
# file if you want to have the remote X11 authentification data to
# expire after twenty minutes after remote login.
ForwardX11Trusted yes
+# This enables sending locale enviroment variables LC_* LANG, see ssh_config(5).
+ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+ SendEnv LC_IDENTIFICATION LC_ALL
+
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
diff --git a/openssh-7.2p2/sshd_config b/openssh-7.2p2/sshd_config
--- a/openssh-7.2p2/sshd_config
+++ b/openssh-7.2p2/sshd_config
@@ -120,14 +120,19 @@ X11Forwarding yes
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
+# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5).
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL
+
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
Reference in New Issue View Git Blame Copy Permalink