From 5c5980005fceded1696db8a9dcb48e03409f4d09 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Oct 31 2012 15:48:51 +0000
Subject: fix gssapi canohost patch (#863350)


---

diff --git a/openssh-5.8p1-gssapi-canohost.patch b/openssh-5.8p1-gssapi-canohost.patch
deleted file mode 100644
index a8e02fb..0000000
--- a/openssh-5.8p1-gssapi-canohost.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -up openssh-5.8p1/sshconnect2.c.canohost openssh-5.8p1/sshconnect2.c
---- openssh-5.8p1/sshconnect2.c.canohost	2011-02-14 15:15:15.000000000 +0100
-+++ openssh-5.8p1/sshconnect2.c	2011-02-14 15:21:45.000000000 +0100
-@@ -697,14 +697,17 @@ userauth_gssapi(Authctxt *authctxt)
- 	static u_int mech = 0;
- 	OM_uint32 min;
- 	int ok = 0;
--	const char *gss_host;
-+	const char *gss_host = NULL;
- 
- 	if (options.gss_server_identity)
- 		gss_host = options.gss_server_identity;
- 	else if (options.gss_trust_dns)
- 		gss_host = get_canonical_hostname(1);
--	else
--		gss_host = authctxt->host;
-+	else {
-+		gss_host = get_canonical_hostname(1);
-+		if ( strcmp( gss_host, "UNKNOWN" )  == 0 )
-+			gss_host = authctxt->host;
-+	}
- 
- 	/* Try one GSSAPI method at a time, rather than sending them all at
- 	 * once. */
diff --git a/openssh-5.9p1-gssapi-canohost.patch b/openssh-5.9p1-gssapi-canohost.patch
new file mode 100644
index 0000000..3252582
--- /dev/null
+++ b/openssh-5.9p1-gssapi-canohost.patch
@@ -0,0 +1,21 @@
+diff -up openssh-5.9p1/sshconnect2.c.canohost openssh-5.9p1/sshconnect2.c
+--- openssh-5.9p1/sshconnect2.c.canohost	2012-10-31 16:42:37.598288999 +0100
++++ openssh-5.9p1/sshconnect2.c	2012-10-31 16:47:40.963288964 +0100
+@@ -699,12 +699,15 @@ userauth_gssapi(Authctxt *authctxt)
+ 	static u_int mech = 0;
+ 	OM_uint32 min;
+ 	int ok = 0;
+-	const char *gss_host;
++	const char *gss_host = NULL;
+ 
+ 	if (options.gss_server_identity)
+ 		gss_host = options.gss_server_identity;
+-	else if (options.gss_trust_dns)
++	else if (options.gss_trust_dns) {
+ 		gss_host = get_canonical_hostname(1);
++		if ( strcmp( gss_host, "UNKNOWN" )  == 0 )
++			gss_host = authctxt->host;
++	}
+ 	else
+ 		gss_host = authctxt->host;
+ 
diff --git a/openssh.spec b/openssh.spec
index 640d9fe..f334401 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -209,8 +209,7 @@ Patch800: openssh-5.9p1-gsskex.patch
 #http://www.mail-archive.com/kerberos@mit.edu/msg17591.html
 Patch801: openssh-5.8p2-force_krb.patch
 
-#?
-Patch900: openssh-5.8p1-gssapi-canohost.patch
+Patch900: openssh-5.9p1-gssapi-canohost.patch
 #https://bugzilla.mindrot.org/show_bug.cgi?id=1780
 Patch901: openssh-5.9p1-kuserok.patch
 #---