You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 lines
981 B
24 lines
981 B
diff -up openssh-7.4p1/ssh-agent.1.pkcs11-whitelist openssh-7.4p1/ssh-agent.1 |
|
--- openssh-7.4p1/ssh-agent.1.pkcs11-whitelist 2017-01-03 10:41:01.916331710 +0100 |
|
+++ openssh-7.4p1/ssh-agent.1 2017-01-03 10:40:06.549366029 +0100 |
|
@@ -129,7 +129,7 @@ that may be added using the |
|
option to |
|
.Xr ssh-add 1 . |
|
The default is to allow loading PKCS#11 libraries from |
|
-.Dq /usr/lib/*,/usr/local/lib/* . |
|
+.Dq /usr/lib*/*,/usr/local/lib*/* . |
|
PKCS#11 libraries that do not match the whitelist will be refused. |
|
See PATTERNS in |
|
.Xr ssh_config 5 |
|
diff -up openssh-7.4p1/ssh-agent.c.pkcs11-whitelist openssh-7.4p1/ssh-agent.c |
|
--- openssh-7.4p1/ssh-agent.c.pkcs11-whitelist 2017-01-03 10:41:09.324327118 +0100 |
|
+++ openssh-7.4p1/ssh-agent.c 2017-01-03 10:40:21.212356939 +0100 |
|
@@ -89,7 +89,7 @@ |
|
#endif |
|
|
|
#ifndef DEFAULT_PKCS11_WHITELIST |
|
-# define DEFAULT_PKCS11_WHITELIST "/usr/lib/*,/usr/local/lib/*" |
|
+# define DEFAULT_PKCS11_WHITELIST "/usr/lib*/*,/usr/local/lib*/*" |
|
#endif |
|
|
|
typedef enum {
|
|
|