Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Bugs

[Bug 1663] sshd_config: AuthorizedKeysCommand

  

 
OpenSSH bugs RSS feed   Index | Next | Previous | View Threaded


bugzilla-daemon at bugzilla

Jan 30, 2012, 4:16 AM

Post #1 of 7 (252 views)
Permalink
[Bug 1663] sshd_config: AuthorizedKeysCommand
https://bugzilla.mindrot.org/show_bug.cgi?id=1663

Fr33z3m4n <Fr33z3m4n [at] gmx> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |Fr33z3m4n [at] gmx

--- Comment #22 from Fr33z3m4n <Fr33z3m4n [at] gmx> 2012-01-30 23:16:46 EST ---
> Created attachment 1850 [details]
> Full patch containing LDAP part

Thx for that Patch, but it won´t build.

gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare
-Wno-pointer-sign -Wformat-security -fno-strict-aliasing
-fno-builtin-memset -fstack-protector-all -I. -I. -DWITH_LDAP_PUBKEY
-DSSHDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"
-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"
-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"
-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"
-D_PATH_SSH_PIDDIR=\"/var/run\"
-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\"
-DSSH_RAND_HELPER=\"/usr/local/libexec/ssh-rand-helper\"
-DHAVE_CONFIG_H -c ldapconf.c
ldapconf.c: In function âprocess_config_lineâ:
ldapconf.c:204: error: âLDAP_SCOPE_SUBTREEâ undeclared (first use in
this function)
ldapconf.c:204: error: (Each undeclared identifier is reported only
once
ldapconf.c:204: error: for each function it appears in.)
ldapconf.c:206: error: âLDAP_SCOPE_ONELEVELâ undeclared (first use in
this function)
ldapconf.c:208: error: âLDAP_SCOPE_BASEâ undeclared (first use in this
function)
ldapconf.c:222: error: âLDAP_DEREF_NEVERâ undeclared (first use in this
function)
ldapconf.c:224: error: âLDAP_DEREF_SEARCHINGâ undeclared (first use in
this function)
ldapconf.c:226: error: âLDAP_DEREF_FINDINGâ undeclared (first use in
this function)
ldapconf.c:228: error: âLDAP_DEREF_ALWAYSâ undeclared (first use in
this function)
ldapconf.c:339: error: âLDAP_OPT_X_TLS_NEVERâ undeclared (first use in
this function)
ldapconf.c:341: error: âLDAP_OPT_X_TLS_HARDâ undeclared (first use in
this function)
ldapconf.c:343: error: âLDAP_OPT_X_TLS_DEMANDâ undeclared (first use in
this function)
ldapconf.c:345: error: âLDAP_OPT_X_TLS_ALLOWâ undeclared (first use in
this function)
ldapconf.c:347: error: âLDAP_OPT_X_TLS_TRYâ undeclared (first use in
this function)
ldapconf.c: In function âfill_default_optionsâ:
ldapconf.c:503: error: âLDAPURLDescâ undeclared (first use in this
function)
ldapconf.c:503: error: âludpâ undeclared (first use in this function)
ldapconf.c:505: warning: implicit declaration of function
âldap_url_parseâ
ldapconf.c:505: error: âLDAP_SUCCESSâ undeclared (first use in this
function)
ldapconf.c:507: warning: left-hand operand of comma expression has no
effect
ldapconf.c:507: warning: value computed is not used
ldapconf.c:507: warning: left-hand operand of comma expression has no
effect
ldapconf.c:509: warning: left-hand operand of comma expression has no
effect
ldapconf.c:509: warning: value computed is not used
ldapconf.c:509: warning: left-hand operand of comma expression has no
effect
ldapconf.c:511: warning: left-hand operand of comma expression has no
effect
ldapconf.c:511: warning: value computed is not used
ldapconf.c:511: warning: left-hand operand of comma expression has no
effect
ldapconf.c:519: warning: implicit declaration of function
âldap_free_urldescâ
ldapconf.c:541: error: âLDAP_SCOPE_SUBTREEâ undeclared (first use in
this function)
ldapconf.c:543: error: âLDAP_DEREF_NEVERâ undeclared (first use in this
function)
ldapconf.c:557: error: âLDAP_OPT_X_TLS_HARDâ undeclared (first use in
this function)
ldapconf.c: At top level:
ldapconf.c:622: error: âLDAP_SCOPE_BASEâ undeclared here (not in a
function)
ldapconf.c:623: error: âLDAP_SCOPE_ONELEVELâ undeclared here (not in a
function)
ldapconf.c:624: error: âLDAP_SCOPE_SUBTREEâ undeclared here (not in a
function)
ldapconf.c:628: error: âLDAP_DEREF_NEVERâ undeclared here (not in a
function)
ldapconf.c:628: error: initializer element is not constant
ldapconf.c:628: error: (near initialization for â_deref[0].valueâ)
ldapconf.c:629: error: âLDAP_DEREF_SEARCHINGâ undeclared here (not in a
function)
ldapconf.c:629: error: initializer element is not constant
ldapconf.c:629: error: (near initialization for â_deref[1].valueâ)
ldapconf.c:630: error: âLDAP_DEREF_FINDINGâ undeclared here (not in a
function)
ldapconf.c:630: error: initializer element is not constant
ldapconf.c:630: error: (near initialization for â_deref[2].valueâ)
ldapconf.c:631: error: âLDAP_DEREF_ALWAYSâ undeclared here (not in a
function)
ldapconf.c:631: error: initializer element is not constant
ldapconf.c:631: error: (near initialization for â_deref[3].valueâ)
ldapconf.c:645: error: âLDAP_OPT_X_TLS_NEVERâ undeclared here (not in a
function)
ldapconf.c:645: error: initializer element is not constant
ldapconf.c:645: error: (near initialization for â_checkpeer[0].valueâ)
ldapconf.c:646: error: âLDAP_OPT_X_TLS_HARDâ undeclared here (not in a
function)
ldapconf.c:646: error: initializer element is not constant
ldapconf.c:646: error: (near initialization for â_checkpeer[1].valueâ)
ldapconf.c:647: error: âLDAP_OPT_X_TLS_DEMANDâ undeclared here (not in
a function)
ldapconf.c:647: error: initializer element is not constant
ldapconf.c:647: error: (near initialization for â_checkpeer[2].valueâ)
ldapconf.c:648: error: âLDAP_OPT_X_TLS_ALLOWâ undeclared here (not in a
function)
ldapconf.c:648: error: initializer element is not constant
ldapconf.c:648: error: (near initialization for â_checkpeer[3].valueâ)
ldapconf.c:649: error: âLDAP_OPT_X_TLS_TRYâ undeclared here (not in a
function)
ldapconf.c:649: error: initializer element is not constant
ldapconf.c:649: error: (near initialization for â_checkpeer[4].valueâ)
make: *** [ldapconf.o] Error 1

What can i do ?

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at bugzilla

Jan 30, 2012, 7:58 AM

Post #2 of 7 (248 views)
Permalink
[Bug 1663] sshd_config: AuthorizedKeysCommand [In reply to]
https://bugzilla.mindrot.org/show_bug.cgi?id=1663

--- Comment #23 from Daniel Kahn Gillmor <dkg [at] fifthhorseman> 2012-01-31 02:58:00 EST ---
(In reply to comment #22)
> > Created attachment 1850 [details]
> > Full patch containing LDAP part
>
> Thx for that Patch, but it won´t build.

You don't mention which version of OpenSSH you tried to compile the
LDAP patch against.

> What can i do ?

You could try using the AuthorizedKeysCommand variant, which is simpler
and more up-to-date with the current version of OpenSSH.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at bugzilla

Jan 30, 2012, 8:40 AM

Post #3 of 7 (240 views)
Permalink
[Bug 1663] sshd_config: AuthorizedKeysCommand [In reply to]
https://bugzilla.mindrot.org/show_bug.cgi?id=1663

--- Comment #24 from Fr33z3m4n <Fr33z3m4n [at] gmx> 2012-01-31 03:40:57 EST ---
(In reply to comment #23)
> You don't mention which version of OpenSSH you tried to compile the
> LDAP patch against.
Hi,

sorry, i used openssh5.5p1 for this patch.

> You could try using the AuthorizedKeysCommand variant, which is simpler
> and more up-to-date with the current version of OpenSSH.

Can you me explain, how it works with ldap, and which settings to use ?

BR

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at bugzilla

Jan 30, 2012, 8:46 AM

Post #4 of 7 (241 views)
Permalink
[Bug 1663] sshd_config: AuthorizedKeysCommand [In reply to]
https://bugzilla.mindrot.org/show_bug.cgi?id=1663

--- Comment #25 from Daniel Kahn Gillmor <dkg [at] fifthhorseman> 2012-01-31 03:46:50 EST ---
(In reply to comment #24)
> Can you me explain, how it works with ldap, and which settings to use ?

perhaps jchadima [at] redhat can suggest something? I don't do much
work with LDAP here.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at bugzilla

Jan 30, 2012, 9:36 AM

Post #5 of 7 (243 views)
Permalink
[Bug 1663] sshd_config: AuthorizedKeysCommand [In reply to]
https://bugzilla.mindrot.org/show_bug.cgi?id=1663

--- Comment #26 from Fr33z3m4n <Fr33z3m4n [at] gmx> 2012-01-31 04:36:02 EST ---
(In reply to comment #25)
> perhaps jchadima [at] redhat can suggest something? I don't do much
> work with LDAP here.

<jchadima [at] redhat>: host xxxx[xxxx] said: 550 5.2.1
<jchadima [at] redhat>... Mailbox disabled for this recipient (in
reply to
RCPT TO command)

;(

I hope he will read here.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at bugzilla

Jan 30, 2012, 10:26 AM

Post #6 of 7 (244 views)
Permalink
[Bug 1663] sshd_config: AuthorizedKeysCommand [In reply to]
https://bugzilla.mindrot.org/show_bug.cgi?id=1663

--- Comment #27 from Tomas Mraz <t8m [at] centrum> 2012-01-31 05:26:02 EST ---
In the Fedora openssh rpm package you should find some documentation on
the AuthorizedKeysCommand helper for the keys in LDAP.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at bugzilla

Jan 31, 2012, 11:09 AM

Post #7 of 7 (236 views)
Permalink
[Bug 1663] sshd_config: AuthorizedKeysCommand [In reply to]
https://bugzilla.mindrot.org/show_bug.cgi?id=1663

--- Comment #28 from Jan F. Chadima <jfch [at] jagda> 2012-02-01 06:09:21 EST ---
The LDAP backend is now done as the patch to openssh build in Fedora.
This is not the best way how this should be done. If you are brave
enough, you could change it in a standalone project. Everything is
ready in the patch, only the Makefile and configure or cmake should be
prepared. If you are able to do it, do it please.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

OpenSSH bugs RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.