Index: openssh/auth-pam.c
===================================================================
---- openssh.orig/auth-pam.c 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/auth-pam.c 2013-06-01 14:38:06.000000000 -0400
+--- openssh.orig/auth-pam.c 2013-06-06 18:42:07.983828240 -0400
++++ openssh/auth-pam.c 2013-06-06 18:42:08.131828233 -0400
@@ -30,7 +30,7 @@
*/
/*
Index: openssh/auth-pam.h
===================================================================
---- openssh.orig/auth-pam.h 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/auth-pam.h 2013-06-01 14:38:06.000000000 -0400
+--- openssh.orig/auth-pam.h 2013-06-06 18:42:07.983828240 -0400
++++ openssh/auth-pam.h 2013-06-06 18:42:08.131828233 -0400
@@ -46,5 +46,6 @@
void sshpam_cleanup(void);
int sshpam_auth_passwd(Authctxt *, const char *);
#endif /* USE_PAM */
Index: openssh/auth2-gss.c
===================================================================
---- openssh.orig/auth2-gss.c 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/auth2-gss.c 2013-06-01 14:38:06.000000000 -0400
+--- openssh.orig/auth2-gss.c 2013-06-06 18:42:07.983828240 -0400
++++ openssh/auth2-gss.c 2013-06-06 18:42:08.135828231 -0400
@@ -47,6 +47,7 @@
extern ServerOptions options;
userauth_gsskeyex,
Index: openssh/auth2.c
===================================================================
---- openssh.orig/auth2.c 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/auth2.c 2013-06-01 14:38:06.000000000 -0400
+--- openssh.orig/auth2.c 2013-06-06 18:42:07.983828240 -0400
++++ openssh/auth2.c 2013-06-06 18:42:08.139828230 -0400
@@ -223,10 +223,30 @@
if (authctxt == NULL)
fatal("input_userauth_request: no authctxt");
}
Index: openssh/gss-serv.c
===================================================================
---- openssh.orig/gss-serv.c 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/gss-serv.c 2013-06-01 15:45:48.000000000 -0400
+--- openssh.orig/gss-serv.c 2013-06-06 20:43:31.227637322 -0400
++++ openssh/gss-serv.c 2013-06-07 11:29:27.930100684 -0400
@@ -80,7 +80,7 @@
gss_buffer_desc lbuffer;
OM_uint32 major, minor;
if (GSS_ERROR(major))
return 0;
if (lbuffer.value == NULL)
+@@ -88,7 +88,7 @@
+ *localname = xmalloc(lbuffer.length+1);
+ if (*localname) {
+ memcpy(*localname, lbuffer.value, lbuffer.length);
+- *localname[lbuffer.length] = '\0';
++ (*localname)[lbuffer.length] = '\0';
+ }
+ gss_release_buffer(&minor, &lbuffer);
+ if (*localname)
@@ -521,6 +521,20 @@
return (0);
}
*
Index: openssh/monitor.c
===================================================================
---- openssh.orig/monitor.c 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/monitor.c 2013-06-01 14:38:08.000000000 -0400
+--- openssh.orig/monitor.c 2013-06-06 18:42:07.987828240 -0400
++++ openssh/monitor.c 2013-06-06 18:42:08.215828233 -0400
@@ -182,6 +182,8 @@
int mm_answer_gss_userok(int, Buffer *);
int mm_answer_gss_checkmic(int, Buffer *);
{
Index: openssh/monitor.h
===================================================================
---- openssh.orig/monitor.h 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/monitor.h 2013-06-01 14:38:08.000000000 -0400
+--- openssh.orig/monitor.h 2013-06-06 18:42:07.987828240 -0400
++++ openssh/monitor.h 2013-06-06 18:42:08.215828233 -0400
@@ -52,6 +52,8 @@
MONITOR_REQ_GSSSETUP, MONITOR_ANS_GSSSETUP,
MONITOR_REQ_GSSSTEP, MONITOR_ANS_GSSSTEP,
MONITOR_REQ_GSSUPCREDS, MONITOR_ANS_GSSUPCREDS,
Index: openssh/monitor_wrap.c
===================================================================
---- openssh.orig/monitor_wrap.c 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/monitor_wrap.c 2013-06-01 14:38:08.000000000 -0400
+--- openssh.orig/monitor_wrap.c 2013-06-06 18:42:07.987828240 -0400
++++ openssh/monitor_wrap.c 2013-06-06 18:42:08.219828232 -0400
@@ -1306,6 +1306,54 @@
return (authenticated);
}
{
Index: openssh/monitor_wrap.h
===================================================================
---- openssh.orig/monitor_wrap.h 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/monitor_wrap.h 2013-06-01 14:38:08.000000000 -0400
+--- openssh.orig/monitor_wrap.h 2013-06-06 18:42:07.991828239 -0400
++++ openssh/monitor_wrap.h 2013-06-06 18:42:08.219828232 -0400
@@ -62,6 +62,8 @@
int mm_ssh_gssapi_userok(char *user, struct passwd *);
OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
Index: openssh/misc.c
===================================================================
---- openssh.orig/misc.c 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/misc.c 2013-06-01 14:38:08.000000000 -0400
+--- openssh.orig/misc.c 2013-06-06 20:43:10.031637879 -0400
++++ openssh/misc.c 2013-06-06 18:42:08.215828233 -0400
@@ -224,6 +224,20 @@
return copy;
}
* Port must be >=0 and <=65535.
Index: openssh/misc.h
===================================================================
---- openssh.orig/misc.h 2013-06-01 14:38:04.000000000 -0400
-+++ openssh/misc.h 2013-06-01 14:38:08.000000000 -0400
+--- openssh.orig/misc.h 2013-06-06 20:43:10.031637879 -0400
++++ openssh/misc.h 2013-06-06 18:42:08.215828233 -0400
@@ -38,6 +38,7 @@
void sock_set_v6only(int);
Index: openssh/gss-serv.c
===================================================================
---- openssh.orig/gss-serv.c 2012-10-26 20:34:21.000000000 -0400
-+++ openssh/gss-serv.c 2012-10-26 20:36:26.000000000 -0400
+--- openssh.orig/gss-serv.c 2013-06-07 11:29:27.930100684 -0400
++++ openssh/gss-serv.c 2013-06-07 11:31:08.690104607 -0400
@@ -281,10 +281,13 @@
* we flag the user as also having been authenticated
*/
return (status);
Index: openssh/servconf.c
===================================================================
---- openssh.orig/servconf.c 2012-10-26 20:34:21.000000000 -0400
-+++ openssh/servconf.c 2012-10-26 20:39:34.000000000 -0400
+--- openssh.orig/servconf.c 2013-06-07 11:27:23.126095830 -0400
++++ openssh/servconf.c 2013-06-07 11:31:08.690104607 -0400
@@ -98,6 +98,7 @@
options->kerberos_get_afs_token = -1;
options->gss_authentication=-1;
dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey);
Index: openssh/servconf.h
===================================================================
---- openssh.orig/servconf.h 2012-10-26 20:34:21.000000000 -0400
-+++ openssh/servconf.h 2012-10-26 20:36:26.000000000 -0400
+--- openssh.orig/servconf.h 2013-06-07 11:27:23.126095830 -0400
++++ openssh/servconf.h 2013-06-07 11:31:08.690104607 -0400
@@ -104,6 +104,7 @@
* authenticated with Kerberos. */
int gss_authentication; /* If true, permit GSSAPI authentication */
int gss_store_rekey;
Index: openssh/sshd_config
===================================================================
---- openssh.orig/sshd_config 2012-10-26 20:34:21.000000000 -0400
-+++ openssh/sshd_config 2012-10-26 20:36:26.000000000 -0400
+--- openssh.orig/sshd_config 2013-06-07 11:27:23.126095830 -0400
++++ openssh/sshd_config 2013-06-07 11:31:08.694104606 -0400
@@ -78,6 +78,7 @@
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
# and session processing. If this is enabled, PAM authentication will
Index: openssh/sshd_config.5
===================================================================
---- openssh.orig/sshd_config.5 2012-10-26 20:34:21.000000000 -0400
-+++ openssh/sshd_config.5 2012-10-26 20:40:18.000000000 -0400
+--- openssh.orig/sshd_config.5 2013-06-07 11:27:23.126095830 -0400
++++ openssh/sshd_config.5 2013-06-07 11:31:08.694104606 -0400
@@ -467,6 +467,16 @@
The default is
.Dq yes .