--- a/components/openssh/patches/017-option_default_value.patch Wed Apr 20 13:13:57 2016 -0700
+++ b/components/openssh/patches/017-option_default_value.patch Wed Apr 20 13:13:57 2016 -0700
@@ -10,9 +10,10 @@
# This is for Solaris only, we will not contribute back these changes to the
# upstream.
#
---- orig/readconf.c Thu Sep 4 17:27:04 2014
-+++ new/readconf.c Tue Sep 9 17:33:50 2014
-@@ -1575,7 +1575,11 @@
+diff -pur old/readconf.c new/readconf.c
+--- old/readconf.c
++++ new/readconf.c
+@@ -1803,7 +1803,11 @@ fill_default_options(Options * options)
if (options->forward_x11 == -1)
options->forward_x11 = 0;
if (options->forward_x11_trusted == -1)
@@ -24,7 +25,7 @@
if (options->forward_x11_timeout == -1)
options->forward_x11_timeout = 1200;
if (options->exit_on_forward_failure == -1)
-@@ -1593,7 +1597,11 @@
+@@ -1825,7 +1829,11 @@ fill_default_options(Options * options)
if (options->challenge_response_authentication == -1)
options->challenge_response_authentication = 1;
if (options->gss_authentication == -1)
@@ -36,9 +37,10 @@
if (options->gss_deleg_creds == -1)
options->gss_deleg_creds = 0;
if (options->password_authentication == -1)
---- orig/servconf.c Thu Sep 4 17:17:58 2014
-+++ new/servconf.c Tue Sep 9 17:36:32 2014
-@@ -208,7 +208,11 @@
+diff -pur old/servconf.c new/servconf.c
+--- old/servconf.c
++++ new/servconf.c
+@@ -265,7 +265,11 @@ fill_default_server_options(ServerOption
if (options->print_lastlog == -1)
options->print_lastlog = 1;
if (options->x11_forwarding == -1)
@@ -50,7 +52,7 @@
if (options->x11_display_offset == -1)
options->x11_display_offset = 10;
if (options->x11_use_localhost == -1)
-@@ -244,7 +248,11 @@
+@@ -303,7 +307,11 @@ fill_default_server_options(ServerOption
if (options->kerberos_get_afs_token == -1)
options->kerberos_get_afs_token = 0;
if (options->gss_authentication == -1)
@@ -61,10 +63,11 @@
+#endif
if (options->gss_cleanup_creds == -1)
options->gss_cleanup_creds = 1;
- if (options->password_authentication == -1)
---- orig/ssh_config.5 Thu Sep 4 17:58:05 2014
-+++ new/ssh_config.5 Tue Sep 9 17:48:39 2014
-@@ -643,8 +643,8 @@
+ if (options->gss_strict_acceptor == -1)
+diff -pur old/ssh_config.5 new/ssh_config.5
+--- old/ssh_config.5
++++ new/ssh_config.5
+@@ -802,8 +802,8 @@ Furthermore, the
token used for the session will be set to expire after 20 minutes.
Remote clients will be refused access after this time.
.Pp
@@ -75,7 +78,7 @@
.Pp
See the X11 SECURITY extension specification for full details on
the restrictions imposed on untrusted clients.
-@@ -673,8 +673,8 @@
+@@ -832,8 +832,8 @@ The default is
.Pa /etc/ssh/ssh_known_hosts2 .
.It Cm GSSAPIAuthentication
Specifies whether user authentication based on GSSAPI is allowed.
@@ -83,12 +86,13 @@
-.Dq no .
+The default on Solaris is
+.Dq yes .
- Note that this option applies to protocol version 2 only.
.It Cm GSSAPIDelegateCredentials
Forward (delegate) credentials to the server.
---- orig/sshd_config.5 Thu Sep 4 17:58:07 2014
-+++ new/sshd_config.5 Tue Sep 9 17:49:58 2014
-@@ -490,8 +490,8 @@
+ The default is
+diff -pur old/sshd_config.5 new/sshd_config.5
+--- old/sshd_config.5
++++ new/sshd_config.5
+@@ -621,8 +621,8 @@ The default is
.Dq no .
.It Cm GSSAPIAuthentication
Specifies whether user authentication based on GSSAPI is allowed.
@@ -96,10 +100,10 @@
-.Dq no .
+The default on Solaris is
+.Dq yes .
- Note that this option applies to protocol version 2 only.
.It Cm GSSAPICleanupCredentials
Specifies whether to automatically destroy the user's credentials cache
-@@ -1239,8 +1239,8 @@
+ on logout.
+@@ -1637,8 +1637,8 @@ The argument must be
.Dq yes
or
.Dq no .