diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2018-09-21 12:23:18 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2018-09-21 12:23:18 +0000 |
| commit | 704dc8509f85c15d2fbcdf3ce1e326c47f6be1dd (patch) | |
| tree | 683d8725f8bc462da7b757f64b23e39d90c2db09 /usr.bin/ssh/sshd.c | |
| parent | d4a0ff1e6ffedd13b6cc77bdb9b40d1ea9787866 (diff) | |
when compiled with GSSAPI support, cache supported method OIDs by
calling ssh_gssapi_prepare_supported_oids() regardless of whether
GSSAPI authentication is enabled in the main config.
This avoids sandbox violations for configurations that enable GSSAPI
auth later, e.g.
Match user djm
GSSAPIAuthentication yes
bz#2107; ok dtucker@
Diffstat (limited to 'usr.bin/ssh/sshd.c')
| -rw-r--r-- | usr.bin/ssh/sshd.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index f179027b3af..2795a2ea300 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.515 2018/09/13 02:08:33 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.516 2018/09/21 12:23:17 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -492,8 +492,7 @@ privsep_preauth_child(void) #ifdef GSSAPI /* Cache supported mechanism OIDs for later use */ - if (options.gss_authentication) - ssh_gssapi_prepare_supported_oids(); + ssh_gssapi_prepare_supported_oids(); #endif /* Demote the private keys to public keys. */ |