diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2007-03-21 20:40:10 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2007-03-21 20:40:10 +1100 |
| commit | 05f577f5a676cdddef0b80fa9c48357e7c9855de (patch) | |
| tree | f1f463f2957a8a4d054cbf283f70da034b26505d | |
| parent | 05974bf67c341debd351f48cf7e899eef2902d22 (diff) | |
- dtucker@cvs.openbsd.org 2007/03/09 05:20:06
[servconf.c sshd.c]
Move C/R -> kbdint special case to after the defaults have been
loaded, which makes ChallengeResponse default to yes again. This
was broken by the Match changes and not fixed properly subsequently.
Found by okan at demirmen.com, ok djm@ "please do it" deraadt@
| -rw-r--r-- | ChangeLog | 11 | ||||
| -rw-r--r-- | servconf.c | 6 | ||||
| -rw-r--r-- | sshd.c | 6 |
3 files changed, 16 insertions, 7 deletions
@@ -1,3 +1,12 @@ +20070321 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2007/03/09 05:20:06 + [servconf.c sshd.c] + Move C/R -> kbdint special case to after the defaults have been + loaded, which makes ChallengeResponse default to yes again. This + was broken by the Match changes and not fixed properly subsequently. + Found by okan at demirmen.com, ok djm@ "please do it" deraadt@ + 20070313 - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include string.h to prevent warnings, from vapier at gentoo.org. @@ -2823,4 +2832,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4635.2.3 2007/03/13 07:49:31 dtucker Exp $ +$Id: ChangeLog,v 1.4635.2.4 2007/03/21 09:40:10 dtucker Exp $ @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.170 2007/03/01 10:28:02 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.171 2007/03/09 05:20:06 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1387,8 +1387,4 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, if (bad_options > 0) fatal("%s: terminating, %d bad configuration options", filename, bad_options); - - /* challenge-response is implemented via keyboard interactive */ - if (options->challenge_response_authentication == 1) - options->kbd_interactive_authentication = 1; } @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.349 2007/02/21 11:00:05 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.350 2007/03/09 05:20:06 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1421,6 +1421,10 @@ main(int ac, char **av) /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); + /* challenge-response is implemented via keyboard interactive */ + if (options.challenge_response_authentication) + options.kbd_interactive_authentication = 1; + /* set default channel AF */ channel_set_af(options.address_family); |