From e9cb5aa665403891972f09dc131a7206fe38c5f7 Mon Sep 17 00:00:00 2001 From: djm Date: Thu, 15 May 2003 04:15:23 +0000 Subject: [PATCH] - jakob@cvs.openbsd.org 2003/05/15 04:08:44 [readconf.c servconf.c] disable kerberos when not supported. ok markus@ --- ChangeLog | 3 +++ readconf.c | 14 +++++++++++++- servconf.c | 6 +++++- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index f2acac8c..7f4c5edb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -121,6 +121,9 @@ http://bugzilla.mindrot.org/show_bug.cgi?id=560 Privsep child continues to run after monitor killed. Pass monitor signals through to child; Darren Tucker + - jakob@cvs.openbsd.org 2003/05/15 04:08:44 + [readconf.c servconf.c] + disable kerberos when not supported. ok markus@ - (djm) Make portable build with MIT krb5 (some issues remain) - (djm) Add new UsePAM configuration directive to allow runtime control over usage of PAM. This allows non-root use of sshd when built with diff --git a/readconf.c b/readconf.c index 4c5d4485..3f2ac4e3 100644 --- a/readconf.c +++ b/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.108 2003/05/15 01:48:10 jakob Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.109 2003/05/15 04:08:44 jakob Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -844,11 +844,23 @@ fill_default_options(Options * options) if (options->challenge_response_authentication == -1) options->challenge_response_authentication = 1; if (options->kerberos_authentication == -1) +#if defined(KRB4) || defined(KRB5) options->kerberos_authentication = 1; +#else + options->kerberos_authentication = 0; +#endif if (options->kerberos_tgt_passing == -1) +#if defined(KRB4) || defined(KRB5) options->kerberos_tgt_passing = 1; +#else + options->kerberos_tgt_passing = 0; +#endif if (options->afs_token_passing == -1) +#if defined(AFS) options->afs_token_passing = 1; +#else + options->afs_token_passing = 0; +#endif if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) diff --git a/servconf.c b/servconf.c index 5076c5df..92d3170b 100644 --- a/servconf.c +++ b/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.119 2003/05/15 01:48:10 jakob Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.120 2003/05/15 04:08:44 jakob Exp $"); #if defined(KRB4) #include @@ -203,7 +203,11 @@ fill_default_server_options(ServerOptions *options) if (options->kerberos_or_local_passwd == -1) options->kerberos_or_local_passwd = 1; if (options->kerberos_ticket_cleanup == -1) +#if defined(KRB4) || defined(KRB5) options->kerberos_ticket_cleanup = 1; +#else + options->kerberos_ticket_cleanup = 0; +#endif if (options->kerberos_tgt_passing == -1) options->kerberos_tgt_passing = 0; if (options->afs_token_passing == -1) -- 2.45.1