Ubuntu
openssh package

  1. Bug #2053146
  2. Comment #0

Comment 0 for bug 2053146

Revision history for this message
ake sandgren (ake-sandgren) wrote : openssh 8.9p1 for Jammy auth2-gss patch for gssapi-keyex mathod is slightly wrong

The Authmethod struct now have 4 entries but the initialization of the method_gsskeyex in the debian/patches/gssapi.patch only have 3 entries.

The struct was changed in upstream commit dbb339f015c33d63484261d140c84ad875a9e548 as
===
@@ -104,7 +104,8 @@ struct Authctxt {

 struct Authmethod {
        char *name;
- int (*userauth)(struct ssh *);
+ char *synonym;
+ int (*userauth)(struct ssh *, const char *);
        int *enabled;
 };

===

The incorrect code does
===
+Authmethod method_gsskeyex = {
+ "gssapi-keyex",
+ userauth_gsskeyex,
+ &options.gss_authentication
+};
===
but should have a NULL between the "gssapi-keyex" string and userauth_gsskeyex

This is now (change from Focal) causing gssapi-keyex to be disabled.

===
lsb_release -rd
Description: Ubuntu 22.04.3 LTS
Release: 22.04

===
apt-cache policy openssh-server
openssh-server:
  Installed: 1:8.9p1-3ubuntu0.6
  Candidate: 1:8.9p1-3ubuntu0.6
  Version table:
 *** 1:8.9p1-3ubuntu0.6 500
        500 http://faiserver.hpc2n.umu.se/mirrors/ubuntu/ubuntu jammy-updates/main amd64 Packages
        500 http://faiserver.hpc2n.umu.se/mirrors/ubuntu/ubuntu jammy-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1:8.9p1-3 500
        500 http://faiserver.hpc2n.umu.se/mirrors/ubuntu/ubuntu jammy/main amd64 Packages

===