Hi.
I just found a patch by Van Dyke, the makers of SecureCRT (for win32) for
openssh that might be interesting for Mandrake?
Patches are applied to this mail.
Chears.
--
Regards // Oden Eriksson - Deserve-IT Networks http://d-srv.com
Check the "Modules For Apache2" status page at:
http://d-srv.com/modules_for_apache2.html
diff -Naur openssh-3.4p1/Makefile.in openssh-3.4p1.oden/Makefile.in
--- openssh-3.4p1/Makefile.in 2002-06-25 23:45:42.000000000 +0000
+++ openssh-3.4p1.oden/Makefile.in 2002-10-09 14:36:44.000000000 +0000
@@ -23,6 +23,7 @@
SSH_PROGRAM=@bindir@/ssh
ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
SFTP_SERVER=$(libexecdir)/sftp-server
+PUBLICKEY_SERVER=$(libexecdir)/publickey-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
RAND_HELPER=$(libexecdir)/ssh-rand-helper
PRIVSEP_PATH=@PRIVSEP_PATH@
@@ -32,6 +33,7 @@
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
+ -D_PATH_PUBLICKEY_SERVER=\"$(PUBLICKEY_SERVER)\" \
-D_PATH_SSH_KEY_SIGN=\"$(SSH_KEYSIGN)\" \
-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
-D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \
@@ -58,7 +60,7 @@
@NO_SFTP@SFTP_PROGS=sftp-server$(EXEEXT) sftp$(EXEEXT)
-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS)
+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS) publickey-server${EXEEXT}
LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o msg.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o scard-opensc.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o monitor_wrap.o monitor_fdpass.o
@@ -140,6 +142,9 @@
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-int.o sftp-common.o sftp-glob.o
$(LD) -o $@ sftp.o sftp-client.o sftp-common.o sftp-int.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+publickey-server$(EXEEXT): $(LIBCOMPAT) libssh.a servconf.o entropy.o auth.o groupaccess.o auth-options.o publickey-server.o
+ $(LD) -o $@ publickey-server.o servconf.o entropy.o auth.o groupaccess.o auth-options.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+
ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o
$(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
@@ -232,6 +237,7 @@
$(INSTALL) -m 4711 -s ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
@NO_SFTP@$(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp
@NO_SFTP@$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER)
+ $(INSTALL) -m 0755 -s publickey-server $(DESTDIR)$(PUBLICKEY_SERVER)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
@@ -330,6 +336,7 @@
-rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
-rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
+ -rm -r $(DESTDIR)$(PUBLICKEY_SERVER)$(EXEEXT)
-rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
-rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT)
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
diff -Naur openssh-3.4p1/publickey-server.c openssh-3.4p1.oden/publickey-server.c
--- openssh-3.4p1/publickey-server.c 1970-01-01 00:00:00.000000000 +0000
+++ openssh-3.4p1.oden/publickey-server.c 2002-10-09 14:36:44.000000000 +0000
@@ -0,0 +1,611 @@
+/*
+ * publickey-server for OpenSSH -- August 02, 2002
+ *
+ * Copyright © 1995-2002 VanDyke Software, Inc.
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include "includes.h"
+RCSID("$OpenBSD: publickey-server.c,v 1.33 2002/06/30 00:00:00 markus Exp $");
+
+#include "buffer.h"
+#include "bufaux.h"
+#include "getput.h"
+#include "log.h"
+#include "xmalloc.h"
+#include "key.h"
+#include "servconf.h"
+#include "pathnames.h"
+#include "auth.h"
+
+/* helper */
+#define get_int64() buffer_get_int64(&iqueue);
+#define get_int() buffer_get_int(&iqueue);
+#define get_string(lenp) buffer_get_string(&iqueue, lenp);
+#define TRACE debug
+
+#ifdef HAVE___PROGNAME
+extern char *__progname;
+#else
+char *__progname;
+#endif
+
+FILE *stream = 0;
+
+/* input and output queue */
+Buffer iqueue;
+Buffer oqueue;
+
+/* Version of client */
+int version;
+
+/* Server configuration file */
+ServerOptions options;
+
+/* Name of the server configuration file. */
+char* config_file_name = _PATH_SERVER_CONFIG_FILE;
+
+/* We don't need this, but servconf.o requires it */
+int IPv4or6 = AF_UNSPEC;
+
+/* Who are we */
+uid_t uid;
+pid_t pid;
+struct passwd* pw;
+
+enum
+{
+ PK_SUCCESS = 0,
+ PK_ACCESS_DENIED = 1,
+ PK_STORAGE_EXCEEDED = 2,
+ PK_REQUEST_NOT_SUPPORTED= 3,
+ PK_KEY_NOT_FOUND = 4,
+ PK_KEY_NOT_SUPPORTED = 5,
+ PK_GENERAL_FAILURE = 6
+};
+
+static void
+LogToFile(FILE* stream, char* szFormat, ...)
+{
+#ifdef DEBUG_LOGTOFILE
+ va_list args;
+ va_start(args, szFormat);
+ vfprintf(stream, szFormat, args);
+ fflush(stream);
+#endif
+}
+
+/* send replies */
+
+static void
+send_msg(Buffer *m)
+{
+ int mlen = buffer_len(m);
+
+ LogToFile(stream, "send_msg()\n");
+ buffer_put_int(&oqueue, mlen);
+ buffer_append(&oqueue, buffer_ptr(m), mlen);
+ buffer_consume(m, mlen);
+}
+
+static void
+send_version(u_int32_t version)
+{
+ Buffer msg;
+ LogToFile(stream, "send_version()\n");
+ buffer_init(&msg);
+ buffer_put_cstring(&msg, "version");
+ buffer_put_int(&msg, version);
+ send_msg(&msg);
+ buffer_free(&msg);
+}
+
+static void
+send_status(u_int32_t error, char* szMessage)
+{
+ Buffer msg;
+ buffer_init(&msg);
+ LogToFile(stream, "send_status()\n");
+ buffer_put_cstring(&msg, "status");
+ buffer_put_int(&msg, error);
+ buffer_put_cstring(&msg, szMessage);
+ buffer_put_cstring(&msg, "");
+ send_msg(&msg);
+ buffer_free(&msg);
+}
+
+static void
+send_publickey(Key* k, const char* szComment)
+{
+ Buffer msg;
+
+ u_char* blob;
+ u_int bloblen;
+
+ LogToFile(stream, "send_publickey() szComment=%s\n", szComment);
+
+ if ( key_to_blob(k, &blob, &bloblen) == 0 )
+ {
+ return;
+ }
+
+ buffer_init(&msg);
+ buffer_put_cstring(&msg, "publickey");
+ buffer_put_cstring(&msg, szComment);
+ buffer_put_cstring(&msg, key_ssh_name(k));
+ buffer_put_string(&msg, blob, bloblen);
+ send_msg(&msg);
+ buffer_free(&msg);
+ xfree(blob);
+
+ LogToFile(stream, "send_publickey() sent\n");
+}
+
+/* parse incoming */
+
+static void
+process_version(void)
+{
+ version = buffer_get_int(&iqueue);
+ LogToFile(stream, "process_version() version=%d\n", version);
+}
+
+static int
+key_from_line(char line[8192], Key** ppKey, char** ppszComment)
+{
+ char* cp;
+ char* options = NULL;
+
+ *ppKey = 0;
+ *ppszComment = 0;
+
+ LogToFile(stream, "key_from_line()\n");
+ /* Skip leading whitespace, empty and comment lines. */
+ for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
+ ;
+
+ if ( ! *cp || *cp == '\n' || *cp == '#' )
+ return 0;
+
+ *ppKey = key_new(KEY_UNSPEC);
+ if (key_read(*ppKey, &cp) != 1) {
+ /* no key? check if there are options for this key */
+ int quoted = 0;
+ LogToFile(stream, "key_from_line() user_key_allowed: check options: '%s'\n", cp);
+ options = cp;
+ for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
+ if (*cp == '\\' && cp[1] == '"')
+ cp++; /* Skip both */
+ else if (*cp == '"')
+ quoted = !quoted;
+ }
+
+ /* Skip remaining whitespace. */
+ for (; *cp == ' ' || *cp == '\t'; cp++)
+ ;
+ if (key_read(*ppKey, &cp) != 1) {
+ key_free(*ppKey);
+ *ppKey = 0;
+
+ /* still no key? advance to next line*/
+ return 0;
+ }
+ }
+
+ *ppszComment = cp;
+ return 1;
+}
+
+static int
+list_file(const char* szFile)
+{
+ char line[8192];
+ FILE* f;
+
+ LogToFile(stream, "list_file() szFile=%s\n", szFile);
+
+ f = fopen(szFile, "r");
+ if ( ! f )
+ return 0;
+
+ while (fgets(line, sizeof(line), f))
+ {
+ Key* pKey = 0;
+ char* szComment = 0;
+
+ LogToFile(stream, "list_file() got line\n");
+ if ( ! key_from_line(line, &pKey, &szComment) )
+ continue;
+
+ send_publickey(pKey, szComment);
+ key_free(pKey);
+ }
+
+ fclose(f);
+ return 1;
+}
+
+static void
+process_list(void)
+{
+ char* file;
+ int bSuccess;
+
+ LogToFile(stream, "process_list(): authorized_keys_file\n");
+ file = authorized_keys_file(pw);
+ bSuccess = list_file(file);
+ xfree(file);
+
+ LogToFile(stream, "process_listi(): authorized_keys_file2\n");
+ file = authorized_keys_file2(pw);
+ bSuccess = list_file(file) || bSuccess;
+ xfree(file);
+
+ LogToFile(stream, "process_list() success\n");
+ send_status(PK_SUCCESS, "List complete");
+}
+
+static int
+get_key(Key** pKey)
+{
+ char* szType;
+ int pkType;
+
+ u_char* pkblob;
+ u_int blen;
+
+ LogToFile(stream, "get_key()\n");
+ szType = get_string(NULL);
+ pkType = key_type_from_name(szType);
+ xfree(szType);
+ if ( pkType == KEY_UNSPEC )
+ {
+ send_status(PK_KEY_NOT_SUPPORTED, "Key type not supported.");
+ return 0;
+ }
+
+ pkblob = get_string(&blen);
+ *pKey = key_from_blob(pkblob, blen);
+ xfree(pkblob);
+
+ if ( ! *pKey )
+ {
+ send_status(PK_GENERAL_FAILURE, "Could not decode key; key is corrupt.");
+ return 0;
+ }
+
+ return 1;
+}
+
+static void
+process_add(void)
+{
+ char* file;
+ char* szComment;
+ Key* key;
+
+ FILE* f = 0;
+
+ LogToFile(stream, "process_add()\n");
+ szComment = get_string(NULL);
+ if ( ! get_key(&key) )
+ {
+ /* status has been sent */
+ xfree(szComment);
+ return;
+ }
+
+ file = authorized_keys_file(pw);
+
+ /* Backup to the first / */
+ {
+ char* sz;
+
+ sz = strrchr(file, '/');
+ if ( sz )
+ {
+ *sz = '\0';
+ mkdir(file, 0700);
+ *sz = '/';
+ }
+ }
+
+ f = fopen(file, "a+");
+ xfree(file);
+
+ if ( ! f )
+ {
+ if ( errno == EACCES )
+ send_status(PK_ACCESS_DENIED, "Access is denied to the authorized_keys file.");
+ else
+ send_status(PK_GENERAL_FAILURE, "Could not open authorize_keys file.");
+ xfree(szComment);
+ key_free(key);
+ return;
+ }
+
+ key_write(key, f);
+ key_free(key);
+
+ fprintf(f, " %s\n", szComment);
+ xfree(szComment);
+ fclose(f);
+
+ send_status(PK_SUCCESS, "Key added.");
+}
+
+static int
+remove_from_file(Key* pRemoveKey, const char* szFile)
+{
+ char line[8192];
+ char* szTmpFile;
+
+ FILE* fInput = 0;
+ int nTmpFd = 0;
+
+ int bFoundMatch = 0;
+
+ LogToFile(stream, "remove_from_file()\n");
+ fInput = fopen(szFile, "r");
+ if ( ! fInput )
+ return 0;
+
+ szTmpFile = xmalloc(strlen(szFile) + 32);
+ sprintf(szTmpFile, "%s-XXXXXX", szFile);
+
+ nTmpFd = mkstemp(szTmpFile);
+ if ( nTmpFd == -1 )
+ return -1;
+
+ while (fgets(line, sizeof(line), fInput))
+ {
+ int nLineLength = strlen(line);
+
+ Key* pKey = 0;
+ char* szComment = 0;
+ if ( ! key_from_line(line, &pKey, &szComment) )
+ {
+ write(nTmpFd, line, nLineLength);
+ continue;
+ }
+
+ if ( ! key_equal(pKey, pRemoveKey) )
+ write(nTmpFd, line, nLineLength);
+ else
+ bFoundMatch = 1;
+
+ key_free(pKey);
+ }
+
+ if ( ! bFoundMatch )
+ {
+ unlink(szTmpFile);
+ }
+ else
+ {
+ unlink(szFile);
+ link(szTmpFile, szFile);
+ unlink(szTmpFile);
+ }
+
+ close(nTmpFd);
+ fclose(fInput);
+
+ return bFoundMatch;
+}
+
+static void
+process_remove(void)
+{
+ char* szOrigFile;
+ Key* key;
+
+ int bSuccess;
+
+ LogToFile(stream, "process_remove()\n");
+ /* get_key() sends status if it fails */
+ if ( ! get_key(&key) )
+ return;
+
+ szOrigFile = authorized_keys_file(pw);
+ bSuccess = remove_from_file(key, szOrigFile);
+ xfree(szOrigFile);
+
+ if ( bSuccess != -1 )
+ {
+ szOrigFile = authorized_keys_file2(pw);
+ bSuccess = remove_from_file(key, szOrigFile) || bSuccess;
+ xfree(szOrigFile);
+ }
+
+ if ( bSuccess == -1 )
+ send_status(PK_GENERAL_FAILURE, "Couldn't create temp file.");
+ else if ( bSuccess == 1 )
+ send_status(PK_SUCCESS, "All instances of publickey were removed.");
+ else /* bSuccess == 0 */
+ send_status(PK_KEY_NOT_FOUND, "Could not find publickey.");
+
+ key_free(key);
+}
+
+static void
+process_command(void)
+{
+ LogToFile(stream, "process_command()\n");
+}
+
+/* stolen from sftp-server */
+static void
+process_one_packet(void)
+{
+ u_int msg_len;
+ char* szType;
+ u_char *cp;
+
+ LogToFile(stream, "process() length=%d\n", buffer_len(&iqueue));
+
+ cp = buffer_ptr(&iqueue);
+ msg_len = GET_32BIT(cp);
+ if (msg_len > 256 * 1024) {
+ error("bad message ");
+ LogToFile(stream, "process() exit1\n");
+ fclose(stream);
+ exit(11);
+ }
+ if (buffer_len(&iqueue) < msg_len + 4)
+ return;
+ buffer_consume(&iqueue, 4);
+
+ szType = get_string(NULL);
+ LogToFile(stream, "process() szType=%s\n", szType);
+ if (strcmp(szType, "version") == 0)
+ process_version();
+ else if (strcmp(szType, "list") == 0)
+ process_list();
+ else if (strcmp(szType, "add") == 0)
+ process_add();
+ else if (strcmp(szType, "remove") == 0)
+ process_remove();
+ else if (strcmp(szType, "command") == 0)
+ process_command();
+ else
+ send_status(PK_REQUEST_NOT_SUPPORTED, "The requested operation is not supported.");
+}
+
+static void
+process(void)
+{
+ while( buffer_len(&iqueue) > 5 )
+ process_one_packet();
+}
+
+int
+main(int ac, char **av)
+{
+ fd_set *rset, *wset;
+ int in, out, max;
+ ssize_t len, olen, set_size;
+
+ /* XXX should use getopt */
+
+ __progname = get_progname(av[0]);
+
+ uid = getuid();
+ pid = getpid();
+ pw = getpwuid(uid);
+
+#ifdef DEBUG_LOGTOFILE
+ stream = fopen("/tmp/publickey-subsystem.log", "a+");
+#endif
+ LogToFile(stream, "\nmain() begin\n");
+
+#ifdef DEBUG_PUBLICKEY_SERVER
+ log_init("publickey-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
+#endif
+
+ in = dup(STDIN_FILENO);
+ out = dup(STDOUT_FILENO);
+
+#ifdef HAVE_CYGWIN
+ setmode(in, O_BINARY);
+ setmode(out, O_BINARY);
+#endif
+
+ max = 0;
+ if (in > max)
+ max = in;
+ if (out > max)
+ max = out;
+
+ buffer_init(&iqueue);
+ buffer_init(&oqueue);
+
+ set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
+ rset = (fd_set *)xmalloc(set_size);
+ wset = (fd_set *)xmalloc(set_size);
+
+ initialize_server_options(&options);
+ read_server_config(&options, config_file_name);
+
+ /* Fill in default values for those options not explicitly set. */
+ fill_default_server_options(&options);
+
+ send_version(1);
+
+ for (;;) {
+ LogToFile(stream, "main() loop\n");
+ memset(rset, 0, set_size);
+ memset(wset, 0, set_size);
+
+ FD_SET(in, rset);
+ olen = buffer_len(&oqueue);
+ if (olen > 0)
+ FD_SET(out, wset);
+
+ if (select(max+1, rset, wset, NULL, NULL) < 0) {
+ if (errno == EINTR)
+ continue;
+ LogToFile(stream, "main() exit1\n");
+ fclose(stream);
+ exit(2);
+ }
+
+ /* copy stdin to iqueue */
+ if (FD_ISSET(in, rset)) {
+ char buf[4*4096];
+ len = read(in, buf, sizeof buf);
+ if (len == 0) {
+ debug("read eof");
+ LogToFile(stream, "main() exit2\n");
+ fclose(stream);
+ exit(0);
+ } else if (len < 0) {
+ error("read error");
+ LogToFile(stream, "main() exit3\n");
+ fclose(stream);
+ exit(1);
+ } else {
+ buffer_append(&iqueue, buf, len);
+ }
+ }
+ /* send oqueue to stdout */
+ if (FD_ISSET(out, wset)) {
+ len = write(out, buffer_ptr(&oqueue), olen);
+ if (len < 0) {
+ error("write error");
+ LogToFile(stream, "main() exit4\n");
+ fclose(stream);
+ exit(1);
+ } else {
+ buffer_consume(&oqueue, len);
+ }
+ }
+ /* process requests from client */
+ process();
+ }
+ LogToFile(stream, "main() end");
+#ifdef DEBUG_LOGTOFILE
+ fclose(stream);
+#endif
+}
diff -Naur openssh-3.4p1/README.publickey-server openssh-3.4p1.oden/README.publickey-server
--- openssh-3.4p1/README.publickey-server 1970-01-01 00:00:00.000000000 +0000
+++ openssh-3.4p1.oden/README.publickey-server 2002-10-09 14:36:44.000000000 +0000
@@ -0,0 +1,18 @@
+* publickey-server for OpenSSH -- August 02, 2002
+*
+* Copyright © 1995-2002 VanDyke Software, Inc.
+* All rights reserved.
+*
+
+The following files are designed to work with OpenSSH3.4p1.
+1) Place in the build directory for OpenSSH (replacing any
+ existing files)
+2) run "./configure"
+3) run "make install"
+
+Makefile.in - replacement for the configure makefile
+
+publickey-server.c - code for the public-key subsystem
+
+sshd_config - sshd configuration file that includes the
+ public-key subsystem
\ No newline at end of file
diff -Naur openssh-3.4p1/sshd_config openssh-3.4p1.oden/sshd_config
--- openssh-3.4p1/sshd_config 2002-06-21 01:11:36.000000000 +0000
+++ openssh-3.4p1.oden/sshd_config 2002-10-09 14:36:44.000000000 +0000
@@ -90,3 +90,4 @@
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
+Subsystem [EMAIL PROTECTED] /usr/libexec/publickey-server
--- openssh.spec 2002-09-11 19:59:25.000000000 +0000
+++ openssh.spec.oden 2002-10-09 14:42:21.000000000 +0000
@@ -11,7 +11,7 @@
%define name openssh
%define version 3.4p1
-%define release 4mdk
+%define release 5mdk
Summary: OpenSSH free Secure Shell (SSH) implementation
Name: %{name}
@@ -32,6 +32,8 @@
Patch3: openssh-3.1p1-check-only-ssl-version.patch.bz2
# no longer needed?
Patch4: x11-ssh-askpass-1.2.4.1-fix-Imakefile.patch.bz2
+# http://www.vandyke.com/download/os/pks_ossh.html
+Patch5: openssh-3.4p1-publickey-server.patch.bz2
License: BSD
Group: Networking/Remote access
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
@@ -168,6 +170,9 @@
# patch to x11-ssh-askpass (no longer needed?)
#%patch4 -p1 -b .imake
+# http://www.vandyke.com/download/os/pks_ossh.html
+%patch5 -p1
+
%build
%serverbuild
@@ -322,6 +327,7 @@
%defattr(-,root,root)
%{_sbindir}/sshd
%{_libdir}/ssh/sftp-server
+%{_libdir}/ssh/publickey-server
%{_mandir}/man5/sshd_config.5*
%{_mandir}/man8/sshd.8*
%{_mandir}/man8/sftp-server.8*
@@ -346,6 +352,9 @@
%attr(0755,root,root) %config(noreplace) %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
%changelog
+* Wed Oct 09 2002 Oden Erikkson <[EMAIL PROTECTED]> 3.4p1-5mdk
+- added rediffed P5 by Van Dyke
+
* Wed Sep 11 2002 Vincent Danen <[EMAIL PROTECTED]> 3.4p1-4mdk
- openssh-server: PreReq: rpm-helper
- fix builds for old distribs (remove support for 7.1)
