Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch')
-rw-r--r--net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch44
1 files changed, 44 insertions, 0 deletions
diff --git a/net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch b/net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch
new file mode 100644
index 000000000000..7cfd7a64839e
--- /dev/null
+++ b/net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch
@@ -0,0 +1,44 @@
+Fix from upstream to fix logging in with USE=pam via passwords by default.
+
+http://bugs.gentoo.org/170670
+
+ChangeLog:
+Move C/R -> kbdint special case to after the defaults have been
+loaded, which makes ChallengeResponse default to yes again. This
+was broken by the Match changes and not fixed properly subsequently.
+Found by okan at demirmen.com, ok djm@ "please do it" deraadt@
+
+===================================================================
+RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/servconf.c,v
+retrieving revision 1.170
+retrieving revision 1.171
+diff -u -r1.170 -r1.171
+--- src/usr.bin/ssh/servconf.c 2007/03/01 10:28:02 1.170
++++ src/usr.bin/ssh/servconf.c 2007/03/09 05:20:06 1.171
+@@ -1344,8 +1344,4 @@
+ if (bad_options > 0)
+ fatal("%s: terminating, %d bad configuration options",
+ filename, bad_options);
+-
+- /* challenge-response is implemented via keyboard interactive */
+- if (options->challenge_response_authentication == 1)
+- options->kbd_interactive_authentication = 1;
+ }
+===================================================================
+RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/sshd.c,v
+retrieving revision 1.349
+retrieving revision 1.350
+diff -u -r1.349 -r1.350
+--- src/usr.bin/ssh/sshd.c 2007/02/21 11:00:05 1.349
++++ src/usr.bin/ssh/sshd.c 2007/03/09 05:20:06 1.350
+@@ -1359,6 +1359,10 @@
+ /* Fill in default values for those options not explicitly set. */
+ fill_default_server_options(&options);
+
++ /* challenge-response is implemented via keyboard interactive */
++ if (options.challenge_response_authentication)
++ options.kbd_interactive_authentication = 1;
++
+ /* set default channel AF */
+ channel_set_af(options.address_family);
+