5ef0f821ec
- Disable temporary HPN patch until HPN release new version.
- Fix rc.d script path in sshd.8
- Add FreeBSD-${PKGNAME} in SSH_VERSION and SSH_RELEASE like src does.
- Sync patches with src.
Security: CVE-2006-4924, CVE-2006-5051
41 lines
1.3 KiB
C
41 lines
1.3 KiB
C
--- servconf.c.orig Fri Aug 18 11:23:15 2006
|
|
+++ servconf.c Sat Sep 30 21:54:26 2006
|
|
@@ -129,7 +129,7 @@
|
|
{
|
|
/* Portable-specific options */
|
|
if (options->use_pam == -1)
|
|
- options->use_pam = 0;
|
|
+ options->use_pam = 1;
|
|
|
|
/* Standard Options */
|
|
if (options->protocol == SSH_PROTO_UNKNOWN)
|
|
@@ -159,7 +159,7 @@
|
|
if (options->key_regeneration_time == -1)
|
|
options->key_regeneration_time = 3600;
|
|
if (options->permit_root_login == PERMIT_NOT_SET)
|
|
- options->permit_root_login = PERMIT_YES;
|
|
+ options->permit_root_login = PERMIT_NO;
|
|
if (options->ignore_rhosts == -1)
|
|
options->ignore_rhosts = 1;
|
|
if (options->ignore_user_known_hosts == -1)
|
|
@@ -169,7 +169,7 @@
|
|
if (options->print_lastlog == -1)
|
|
options->print_lastlog = 1;
|
|
if (options->x11_forwarding == -1)
|
|
- options->x11_forwarding = 0;
|
|
+ options->x11_forwarding = 1;
|
|
if (options->x11_display_offset == -1)
|
|
options->x11_display_offset = 10;
|
|
if (options->x11_use_localhost == -1)
|
|
@@ -207,7 +207,11 @@
|
|
if (options->gss_cleanup_creds == -1)
|
|
options->gss_cleanup_creds = 1;
|
|
if (options->password_authentication == -1)
|
|
+#ifdef USE_PAM
|
|
+ options->password_authentication = 0;
|
|
+#else
|
|
options->password_authentication = 1;
|
|
+#endif
|
|
if (options->kbd_interactive_authentication == -1)
|
|
options->kbd_interactive_authentication = 0;
|
|
if (options->challenge_response_authentication == -1)
|