#
# To make the transition from SunSSH to OpenSSH as smooth as possible, we
# added SunSSH-only options as deprecated options in OpenSSH. Note that this
# is an interim enhancement to OpenSSH to make the transition smoother. If a
# deprecated SunSSH-only option is migrated to OpenSSH later, then it will be
# changed from deprecated to supported. Since this is for Solaris only, we will
# not contribute back this change to the upstream community.
#
diff -pur old/readconf.c new/readconf.c
--- old/readconf.c
+++ new/readconf.c
@@ -192,10 +192,14 @@ static struct {
{ "afstokenpassing", oUnsupported },
#if defined(GSSAPI)
{ "gssapiauthentication", oGssAuthentication },
+ { "gssauthentication", oGssAuthentication }, /* alias */
{ "gssapidelegatecredentials", oGssDelegateCreds },
+ { "gssdelegatecreds", oGssDelegateCreds }, /* alias */
#else
{ "gssapiauthentication", oUnsupported },
+ { "gssauthentication", oUnsupported },
{ "gssapidelegatecredentials", oUnsupported },
+ { "gssdelegatecreds", oUnsupported },
#endif
{ "fallbacktorsh", oDeprecated },
{ "usersh", oDeprecated },
@@ -279,6 +283,24 @@ static struct {
{ "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes },
{ "ignoreunknown", oIgnoreUnknown },
+#ifdef DEPRECATE_SUNSSH_OPT
+ /*
+ * On Solaris, to make the transition from SunSSH to OpenSSH as smooth
+ * as possible, we will deprecate SunSSH-only options in OpenSSH.
+ * Therefore, on a system that is running OpenSSH with a deprecated
+ * option from the user's config file (~/.ssh/config), the ssh
+ * connection will proceed without the deprecated option. Note that
+ * this is an interim enhancement to OpenSSH to make the transition
+ * smoother. If a deprecated SunSSH-only option is migrated to OpenSSH
+ * later, then it will be changed from deprecated to supported.
+ */
+ { "kmfpolicydatabase", oDeprecated },
+ { "kmfpolicyname", oDeprecated },
+ { "trustedanchorkeystore", oDeprecated },
+ { "usefips140", oDeprecated },
+ { "useopensslengine", oDeprecated },
+#endif
+
{ NULL, oBadOption }
};