8 # ForwardX11Trusted (for client) |
8 # ForwardX11Trusted (for client) |
9 # |
9 # |
10 # This is for Solaris only, we will not contribute back these changes to the |
10 # This is for Solaris only, we will not contribute back these changes to the |
11 # upstream. |
11 # upstream. |
12 # |
12 # |
13 --- orig/readconf.c Thu Sep 4 17:27:04 2014 |
13 diff -pur old/readconf.c new/readconf.c |
14 +++ new/readconf.c Tue Sep 9 17:33:50 2014 |
14 --- old/readconf.c |
15 @@ -1575,7 +1575,11 @@ |
15 +++ new/readconf.c |
|
16 @@ -1803,7 +1803,11 @@ fill_default_options(Options * options) |
16 if (options->forward_x11 == -1) |
17 if (options->forward_x11 == -1) |
17 options->forward_x11 = 0; |
18 options->forward_x11 = 0; |
18 if (options->forward_x11_trusted == -1) |
19 if (options->forward_x11_trusted == -1) |
19 +#ifdef OPTION_DEFAULT_VALUE |
20 +#ifdef OPTION_DEFAULT_VALUE |
20 + options->forward_x11_trusted = 1; |
21 + options->forward_x11_trusted = 1; |
22 options->forward_x11_trusted = 0; |
23 options->forward_x11_trusted = 0; |
23 +#endif |
24 +#endif |
24 if (options->forward_x11_timeout == -1) |
25 if (options->forward_x11_timeout == -1) |
25 options->forward_x11_timeout = 1200; |
26 options->forward_x11_timeout = 1200; |
26 if (options->exit_on_forward_failure == -1) |
27 if (options->exit_on_forward_failure == -1) |
27 @@ -1593,7 +1597,11 @@ |
28 @@ -1825,7 +1829,11 @@ fill_default_options(Options * options) |
28 if (options->challenge_response_authentication == -1) |
29 if (options->challenge_response_authentication == -1) |
29 options->challenge_response_authentication = 1; |
30 options->challenge_response_authentication = 1; |
30 if (options->gss_authentication == -1) |
31 if (options->gss_authentication == -1) |
31 +#ifdef OPTION_DEFAULT_VALUE |
32 +#ifdef OPTION_DEFAULT_VALUE |
32 + options->gss_authentication = 1; |
33 + options->gss_authentication = 1; |
34 options->gss_authentication = 0; |
35 options->gss_authentication = 0; |
35 +#endif |
36 +#endif |
36 if (options->gss_deleg_creds == -1) |
37 if (options->gss_deleg_creds == -1) |
37 options->gss_deleg_creds = 0; |
38 options->gss_deleg_creds = 0; |
38 if (options->password_authentication == -1) |
39 if (options->password_authentication == -1) |
39 --- orig/servconf.c Thu Sep 4 17:17:58 2014 |
40 diff -pur old/servconf.c new/servconf.c |
40 +++ new/servconf.c Tue Sep 9 17:36:32 2014 |
41 --- old/servconf.c |
41 @@ -208,7 +208,11 @@ |
42 +++ new/servconf.c |
|
43 @@ -265,7 +265,11 @@ fill_default_server_options(ServerOption |
42 if (options->print_lastlog == -1) |
44 if (options->print_lastlog == -1) |
43 options->print_lastlog = 1; |
45 options->print_lastlog = 1; |
44 if (options->x11_forwarding == -1) |
46 if (options->x11_forwarding == -1) |
45 +#ifdef OPTION_DEFAULT_VALUE |
47 +#ifdef OPTION_DEFAULT_VALUE |
46 + options->x11_forwarding = 1; |
48 + options->x11_forwarding = 1; |
48 options->x11_forwarding = 0; |
50 options->x11_forwarding = 0; |
49 +#endif |
51 +#endif |
50 if (options->x11_display_offset == -1) |
52 if (options->x11_display_offset == -1) |
51 options->x11_display_offset = 10; |
53 options->x11_display_offset = 10; |
52 if (options->x11_use_localhost == -1) |
54 if (options->x11_use_localhost == -1) |
53 @@ -244,7 +248,11 @@ |
55 @@ -303,7 +307,11 @@ fill_default_server_options(ServerOption |
54 if (options->kerberos_get_afs_token == -1) |
56 if (options->kerberos_get_afs_token == -1) |
55 options->kerberos_get_afs_token = 0; |
57 options->kerberos_get_afs_token = 0; |
56 if (options->gss_authentication == -1) |
58 if (options->gss_authentication == -1) |
57 +#ifdef OPTION_DEFAULT_VALUE |
59 +#ifdef OPTION_DEFAULT_VALUE |
58 + options->gss_authentication = 1; |
60 + options->gss_authentication = 1; |
59 +#else |
61 +#else |
60 options->gss_authentication = 0; |
62 options->gss_authentication = 0; |
61 +#endif |
63 +#endif |
62 if (options->gss_cleanup_creds == -1) |
64 if (options->gss_cleanup_creds == -1) |
63 options->gss_cleanup_creds = 1; |
65 options->gss_cleanup_creds = 1; |
64 if (options->password_authentication == -1) |
66 if (options->gss_strict_acceptor == -1) |
65 --- orig/ssh_config.5 Thu Sep 4 17:58:05 2014 |
67 diff -pur old/ssh_config.5 new/ssh_config.5 |
66 +++ new/ssh_config.5 Tue Sep 9 17:48:39 2014 |
68 --- old/ssh_config.5 |
67 @@ -643,8 +643,8 @@ |
69 +++ new/ssh_config.5 |
|
70 @@ -802,8 +802,8 @@ Furthermore, the |
68 token used for the session will be set to expire after 20 minutes. |
71 token used for the session will be set to expire after 20 minutes. |
69 Remote clients will be refused access after this time. |
72 Remote clients will be refused access after this time. |
70 .Pp |
73 .Pp |
71 -The default is |
74 -The default is |
72 -.Dq no . |
75 -.Dq no . |
73 +The default on Solaris is |
76 +The default on Solaris is |
74 +.Dq yes . |
77 +.Dq yes . |
75 .Pp |
78 .Pp |
76 See the X11 SECURITY extension specification for full details on |
79 See the X11 SECURITY extension specification for full details on |
77 the restrictions imposed on untrusted clients. |
80 the restrictions imposed on untrusted clients. |
78 @@ -673,8 +673,8 @@ |
81 @@ -832,8 +832,8 @@ The default is |
79 .Pa /etc/ssh/ssh_known_hosts2 . |
82 .Pa /etc/ssh/ssh_known_hosts2 . |
80 .It Cm GSSAPIAuthentication |
83 .It Cm GSSAPIAuthentication |
81 Specifies whether user authentication based on GSSAPI is allowed. |
84 Specifies whether user authentication based on GSSAPI is allowed. |
82 -The default is |
85 -The default is |
83 -.Dq no . |
86 -.Dq no . |
84 +The default on Solaris is |
87 +The default on Solaris is |
85 +.Dq yes . |
88 +.Dq yes . |
86 Note that this option applies to protocol version 2 only. |
|
87 .It Cm GSSAPIDelegateCredentials |
89 .It Cm GSSAPIDelegateCredentials |
88 Forward (delegate) credentials to the server. |
90 Forward (delegate) credentials to the server. |
89 --- orig/sshd_config.5 Thu Sep 4 17:58:07 2014 |
91 The default is |
90 +++ new/sshd_config.5 Tue Sep 9 17:49:58 2014 |
92 diff -pur old/sshd_config.5 new/sshd_config.5 |
91 @@ -490,8 +490,8 @@ |
93 --- old/sshd_config.5 |
|
94 +++ new/sshd_config.5 |
|
95 @@ -621,8 +621,8 @@ The default is |
92 .Dq no . |
96 .Dq no . |
93 .It Cm GSSAPIAuthentication |
97 .It Cm GSSAPIAuthentication |
94 Specifies whether user authentication based on GSSAPI is allowed. |
98 Specifies whether user authentication based on GSSAPI is allowed. |
95 -The default is |
99 -The default is |
96 -.Dq no . |
100 -.Dq no . |
97 +The default on Solaris is |
101 +The default on Solaris is |
98 +.Dq yes . |
102 +.Dq yes . |
99 Note that this option applies to protocol version 2 only. |
|
100 .It Cm GSSAPICleanupCredentials |
103 .It Cm GSSAPICleanupCredentials |
101 Specifies whether to automatically destroy the user's credentials cache |
104 Specifies whether to automatically destroy the user's credentials cache |
102 @@ -1239,8 +1239,8 @@ |
105 on logout. |
|
106 @@ -1637,8 +1637,8 @@ The argument must be |
103 .Dq yes |
107 .Dq yes |
104 or |
108 or |
105 .Dq no . |
109 .Dq no . |
106 -The default is |
110 -The default is |
107 -.Dq no . |
111 -.Dq no . |