X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=openssh-heimdal.patch;h=2ce97a5c5a6a94f3c11c3a77c3dff81b9776c8e2;hb=108bb9aec06b56fbbade579c933354d12fba1900;hp=81ce7a46bae880e5d06c281eac46d64ec90e7f45;hpb=8f5827a17a1d1ba6e9e4cc9dadf1ef9c91f3ddc8;p=packages%2Fopenssh.git

diff --git a/openssh-heimdal.patch b/openssh-heimdal.patch
index 81ce7a4..2ce97a5 100644
--- a/openssh-heimdal.patch
+++ b/openssh-heimdal.patch
@@ -1,12 +1,121 @@
-diff -urN openssh-3.6.1p2-orig/configure.ac openssh-3.6.1p2/configure.ac
---- openssh-3.6.1p2-orig/configure.ac	2003-07-26 16:45:10.000000000 -0600
-+++ openssh-3.6.1p2/configure.ac	2003-07-26 16:57:32.000000000 -0600
-@@ -1822,7 +1822,7 @@
-                                        [ char *tmp = heimdal_version; ],
-                                        [ AC_MSG_RESULT(yes)
-                                          AC_DEFINE(HEIMDAL)
--                                         K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken"
-+                                         K5LIBS="-lkrb5 -lasn1 -lroken"
-                                        ],
-                                        [ AC_MSG_RESULT(no)
-                                          K5LIBS="-lkrb5 -lk5crypto -lcom_err"
+--- openssh-5.9p1/configure.ac~	2011-08-18 06:48:24.000000000 +0200
++++ openssh-5.9p1/configure.ac	2011-09-06 19:00:46.856319713 +0200
+@@ -3424,13 +3424,13 @@
+ 					[ AC_MSG_RESULT([yes])
+ 					 AC_DEFINE([HEIMDAL])
+ 					 K5LIBS="-lkrb5"
+-					 K5LIBS="$K5LIBS -lcom_err -lasn1"
++					 K5LIBS="$K5LIBS -lasn1"
+ 					 AC_CHECK_LIB([roken], [net_write],
+ 					   [K5LIBS="$K5LIBS -lroken"])
+ 					 AC_CHECK_LIB([des], [des_cbc_encrypt],
+ 					   [K5LIBS="$K5LIBS -ldes"])
+ 				       ], [ AC_MSG_RESULT([no])
+-					 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
++					 K5LIBS="-lkrb5 -lk5crypto"
+ 				       
+ 			])
+ 			AC_SEARCH_LIBS([dn_expand], [resolv])
+diff -ur openssh-5.8p1-orig/auth-krb5.c openssh-5.8p1/auth-krb5.c
+--- openssh-5.8p1-orig/auth-krb5.c	2011-04-20 00:30:23.632652510 +0200
++++ openssh-5.8p1/auth-krb5.c	2011-04-20 00:34:06.218117429 +0200
+@@ -88,6 +88,8 @@
+ #ifndef HEIMDAL
+ 	krb5_creds creds;
+ 	krb5_principal server;
++#else
++	const char *ccache_type, *ccache_name;
+ #endif
+ 	krb5_error_code problem;
+ 	krb5_ccache ccache = NULL;
+@@ -129,7 +131,11 @@
+ 	if (problem)
+ 		goto out;
+ 
+-	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
++	problem = krb5_cc_set_default_name(authctxt->krb5_ctx, NULL);
++	if (problem)
++		goto out;
++	problem = krb5_cc_new_unique(authctxt->krb5_ctx,
++	    krb5_cc_default_name(authctxt->krb5_ctx), NULL,
+ 	    &authctxt->krb5_fwd_ccache);
+ 	if (problem)
+ 		goto out;
+@@ -180,12 +186,23 @@
+ 		goto out;
+ #endif
+ 
++#ifdef HEIMDAL
++	ccache_type = krb5_cc_get_type(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
++	ccache_name = krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
++	if (strncmp(ccache_type, "FILE", 4) == 0) {
++		authctxt->krb5_ticket_file = (char *)ccache_name;
++	}
++	len = strlen(ccache_type) + strlen(ccache_name) + 2;
++	authctxt->krb5_ccname = xmalloc(len);
++	snprintf(authctxt->krb5_ccname, len, "%s:%s", ccache_type, ccache_name);
++#else
+ 	authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
+ 
+ 	len = strlen(authctxt->krb5_ticket_file) + 6;
+ 	authctxt->krb5_ccname = xmalloc(len);
+ 	snprintf(authctxt->krb5_ccname, len, "FILE:%s",
+ 	    authctxt->krb5_ticket_file);
++#endif
+ 
+ #ifdef USE_PAM
+ 	if (options.use_pam)
+diff -ur openssh-5.8p1-orig/gss-serv-krb5.c openssh-5.8p1/gss-serv-krb5.c
+--- openssh-5.8p1-orig/gss-serv-krb5.c	2011-04-20 00:30:23.632652510 +0200
++++ openssh-5.8p1/gss-serv-krb5.c	2011-04-20 00:34:06.218117429 +0200
+@@ -121,6 +121,9 @@
+ 	krb5_principal princ;
+ 	OM_uint32 maj_status, min_status;
+ 	int len;
++#ifdef HEIMDAL
++	const char *ccache_type, *ccache_name;
++#endif
+ 
+ 	if (client->creds == NULL) {
+ 		debug("No credentials stored");
+@@ -131,8 +134,14 @@
+ 		return;
+ 
+ #ifdef HEIMDAL
+-	if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
+-		logit("krb5_cc_gen_new(): %.100s",
++	if ((problem = krb5_cc_set_default_name(krb_context, NULL))) {
++		logit("krb5_cc_set_default_name(): %.100s",
++		    krb5_get_err_text(krb_context, problem));
++		return;
++	}
++	if ((problem = krb5_cc_new_unique(krb_context,
++			krb5_cc_default_name(krb_context), NULL, &ccache))) {
++		logit("krb5_cc_new_unique(): %.100s",
+ 		    krb5_get_err_text(krb_context, problem));
+ 		return;
+ 	}
+@@ -169,11 +178,23 @@
+ 		return;
+ 	}
+ 
++#ifdef HEIMDAL
++	ccache_type = krb5_cc_get_type(krb_context, ccache);
++	ccache_name = krb5_cc_get_name(krb_context, ccache);
++	if (strncmp(ccache_type, "FILE", 4) == 0) {
++		client->store.filename = xstrdup(ccache_name);
++	}
++	client->store.envvar = "KRB5CCNAME";
++	len = strlen(ccache_type) + strlen(ccache_name) + 2;
++	client->store.envval = xmalloc(len);
++	snprintf(client->store.envval, len, "%s:%s", ccache_type, ccache_name);
++#else
+ 	client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
+ 	client->store.envvar = "KRB5CCNAME";
+ 	len = strlen(client->store.filename) + 6;
+ 	client->store.envval = xmalloc(len);
+ 	snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
++#endif
+ 
+ #ifdef USE_PAM
+ 	if (options.use_pam)