Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/017-option_default_value.patch
changeset 2206 e71c20dca64b
parent 2072 a9add2444420
child 5819 c5f05bd2a9bc
equal deleted inserted replaced
2205:af632779536e 2206:e71c20dca64b 
     1 #
 
     1 #
 
     2 # The default value of the GSSAPIAuthentication option is yes in SunSSH, but
 
     2 # Some options in OpenSSH have different default values from those in SunSSH.
 
     3 # no in OpenSSH. To make the transition smoother from SunSSH to OpenSSH, we 
     3 # To make the transition smoother from SunSSH to OpenSSH, we change default
 
     4 # change the default value of this option to be yes in OpenSSH also. This is
 
     4 # values for the following options to be as same as those in SunSSH.
 
     5 # for Solaris only, we will not contribute back this changes to the upstream.
 
     5 # 
       
     6 #   GSSAPIAuthentication (for both server and client)
 
       
     7 #   X11Forwarding        (for server)
 
       
     8 #   ForwardX11Trusted    (for client)
 
       
     9 #
 
       
    10 # This is for Solaris only, we will not contribute back these changes to the
 
       
    11 # upstream.
 
     6 #
 
    12 #
 
     7 --- orig/readconf.c	Thu Sep  4 17:27:04 2014
 
    13 --- orig/readconf.c	Thu Sep  4 17:27:04 2014
 
     8 +++ new/readconf.c	Thu Sep  4 17:51:24 2014
 
    14 +++ new/readconf.c	Tue Sep  9 17:33:50 2014
 
     9 @@ -1593,7 +1593,11 @@
 
    15 @@ -1575,7 +1575,11 @@
 
       
    16  	if (options->forward_x11 == -1)
 
       
    17  		options->forward_x11 = 0;
 
       
    18  	if (options->forward_x11_trusted == -1)
 
       
    19 +#ifdef OPTION_DEFAULT_VALUE
 
       
    20 +		options->forward_x11_trusted = 1;
 
       
    21 +#else
 
       
    22  		options->forward_x11_trusted = 0;
 
       
    23 +#endif
 
       
    24  	if (options->forward_x11_timeout == -1)
 
       
    25  		options->forward_x11_timeout = 1200;
 
       
    26  	if (options->exit_on_forward_failure == -1)
 
       
    27 @@ -1593,7 +1597,11 @@
 
    10  	if (options->challenge_response_authentication == -1)
 
    28  	if (options->challenge_response_authentication == -1)
 
    11  		options->challenge_response_authentication = 1;
 
    29  		options->challenge_response_authentication = 1;
 
    12  	if (options->gss_authentication == -1)
 
    30  	if (options->gss_authentication == -1)
 
    13 +#ifdef OPTION_DEFAULT_VALUE
 
    31 +#ifdef OPTION_DEFAULT_VALUE
 
    14 +		options->gss_authentication = 1;
 
    32 +		options->gss_authentication = 1;
 
    17 +#endif
 
    35 +#endif
 
    18  	if (options->gss_deleg_creds == -1)
 
    36  	if (options->gss_deleg_creds == -1)
 
    19  		options->gss_deleg_creds = 0;
 
    37  		options->gss_deleg_creds = 0;
 
    20  	if (options->password_authentication == -1)
 
    38  	if (options->password_authentication == -1)
 
    21 --- orig/servconf.c	Thu Sep  4 17:17:58 2014
 
    39 --- orig/servconf.c	Thu Sep  4 17:17:58 2014
 
    22 +++ new/servconf.c	Thu Sep  4 17:50:50 2014
 
    40 +++ new/servconf.c	Tue Sep  9 17:36:32 2014
 
    23 @@ -244,7 +244,11 @@
 
    41 @@ -208,7 +208,11 @@
 
       
    42  	if (options->print_lastlog == -1)
 
       
    43  		options->print_lastlog = 1;
 
       
    44  	if (options->x11_forwarding == -1)
 
       
    45 +#ifdef OPTION_DEFAULT_VALUE
 
       
    46 +		options->x11_forwarding = 1;
 
       
    47 +#else
 
       
    48  		options->x11_forwarding = 0;
 
       
    49 +#endif
 
       
    50  	if (options->x11_display_offset == -1)
 
       
    51  		options->x11_display_offset = 10;
 
       
    52  	if (options->x11_use_localhost == -1)
 
       
    53 @@ -244,7 +248,11 @@
 
    24  	if (options->kerberos_get_afs_token == -1)
 
    54  	if (options->kerberos_get_afs_token == -1)
 
    25  		options->kerberos_get_afs_token = 0;
 
    55  		options->kerberos_get_afs_token = 0;
 
    26  	if (options->gss_authentication == -1)
 
    56  	if (options->gss_authentication == -1)
 
    27 +#ifdef OPTION_DEFAULT_VALUE
 
    57 +#ifdef OPTION_DEFAULT_VALUE
 
    28 +		options->gss_authentication = 1;
 
    58 +		options->gss_authentication = 1;
 
    31 +#endif
 
    61 +#endif
 
    32  	if (options->gss_cleanup_creds == -1)
 
    62  	if (options->gss_cleanup_creds == -1)
 
    33  		options->gss_cleanup_creds = 1;
 
    63  		options->gss_cleanup_creds = 1;
 
    34  	if (options->password_authentication == -1)
 
    64  	if (options->password_authentication == -1)
 
    35 --- orig/ssh_config.5	Thu Sep  4 17:58:05 2014
 
    65 --- orig/ssh_config.5	Thu Sep  4 17:58:05 2014
 
    36 +++ new/ssh_config.5	Thu Sep  4 17:59:06 2014
 
    66 +++ new/ssh_config.5	Tue Sep  9 17:48:39 2014
 
       
    67 @@ -643,8 +643,8 @@
 
       
    68  token used for the session will be set to expire after 20 minutes.
 
       
    69  Remote clients will be refused access after this time.
 
       
    70  .Pp
 
       
    71 -The default is
 
       
    72 -.Dq no .
 
       
    73 +The default on Solaris is
 
       
    74 +.Dq yes .
 
       
    75  .Pp
 
       
    76  See the X11 SECURITY extension specification for full details on
 
       
    77  the restrictions imposed on untrusted clients.
 
    37 @@ -673,8 +673,8 @@
 
    78 @@ -673,8 +673,8 @@
 
    38  .Pa /etc/ssh/ssh_known_hosts2 .
 
    79  .Pa /etc/ssh/ssh_known_hosts2 .
 
    39  .It Cm GSSAPIAuthentication
 
    80  .It Cm GSSAPIAuthentication
 
    40  Specifies whether user authentication based on GSSAPI is allowed.
 
    81  Specifies whether user authentication based on GSSAPI is allowed.
 
    41 -The default is
 
    82 -The default is
 
    44 +.Dq yes .
 
    85 +.Dq yes .
 
    45  Note that this option applies to protocol version 2 only.
 
    86  Note that this option applies to protocol version 2 only.
 
    46  .It Cm GSSAPIDelegateCredentials
 
    87  .It Cm GSSAPIDelegateCredentials
 
    47  Forward (delegate) credentials to the server.
 
    88  Forward (delegate) credentials to the server.
 
    48 --- orig/sshd_config.5	Thu Sep  4 17:58:07 2014
 
    89 --- orig/sshd_config.5	Thu Sep  4 17:58:07 2014
 
    49 +++ new/sshd_config.5	Thu Sep  4 17:59:40 2014
 
    90 +++ new/sshd_config.5	Tue Sep  9 17:49:58 2014
 
    50 @@ -490,8 +490,8 @@
 
    91 @@ -490,8 +490,8 @@
 
    51  .Dq no .
 
    92  .Dq no .
 
    52  .It Cm GSSAPIAuthentication
 
    93  .It Cm GSSAPIAuthentication
 
    53  Specifies whether user authentication based on GSSAPI is allowed.
 
    94  Specifies whether user authentication based on GSSAPI is allowed.
 
    54 -The default is
 
    95 -The default is
 
    56 +The default on Solaris is
 
    97 +The default on Solaris is
 
    57 +.Dq yes .
 
    98 +.Dq yes .
 
    58  Note that this option applies to protocol version 2 only.
 
    99  Note that this option applies to protocol version 2 only.
 
    59  .It Cm GSSAPICleanupCredentials
 
   100  .It Cm GSSAPICleanupCredentials
 
    60  Specifies whether to automatically destroy the user's credentials cache
 
   101  Specifies whether to automatically destroy the user's credentials cache
 
       
   102 @@ -1239,8 +1239,8 @@
 
       
   103  .Dq yes
 
       
   104  or
 
       
   105  .Dq no .
 
       
   106 -The default is
 
       
   107 -.Dq no .
 
       
   108 +The default on Solaris is
 
       
   109 +.Dq yes .
 
       
   110  .Pp
 
       
   111  When X11 forwarding is enabled, there may be additional exposure to
 
       
   112  the server and to client displays if the
upstream/oracle/userland-gate