diff options
author | Colin Watson <cjwatson@debian.org> | 2005-09-14 12:45:47 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2005-09-14 12:45:47 +0000 |
commit | 9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch) | |
tree | d4ea8fdb30c7949c6433f5277c39548ea579d4dc /auth-krb5.c | |
parent | ed07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff) | |
parent | 16704d57999d987fb8d9ba53379841a79f016d67 (diff) |
Merge 4.2p1 to the trunk.
Diffstat (limited to 'auth-krb5.c')
-rw-r--r-- | auth-krb5.c | 57 |
1 files changed, 31 insertions, 26 deletions
diff --git a/auth-krb5.c b/auth-krb5.c index 2f742534a..c7367b49a 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -54,9 +54,6 @@ krb5_init(void *context) | |||
54 | problem = krb5_init_context(&authctxt->krb5_ctx); | 54 | problem = krb5_init_context(&authctxt->krb5_ctx); |
55 | if (problem) | 55 | if (problem) |
56 | return (problem); | 56 | return (problem); |
57 | #ifdef KRB5_INIT_ETS | ||
58 | krb5_init_ets(authctxt->krb5_ctx); | ||
59 | #endif | ||
60 | } | 57 | } |
61 | return (0); | 58 | return (0); |
62 | } | 59 | } |
@@ -67,9 +64,6 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
67 | #ifndef HEIMDAL | 64 | #ifndef HEIMDAL |
68 | krb5_creds creds; | 65 | krb5_creds creds; |
69 | krb5_principal server; | 66 | krb5_principal server; |
70 | char ccname[40]; | ||
71 | int tmpfd; | ||
72 | mode_t old_umask; | ||
73 | #endif | 67 | #endif |
74 | krb5_error_code problem; | 68 | krb5_error_code problem; |
75 | krb5_ccache ccache = NULL; | 69 | krb5_ccache ccache = NULL; |
@@ -146,26 +140,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
146 | goto out; | 140 | goto out; |
147 | } | 141 | } |
148 | 142 | ||
149 | snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); | 143 | problem = ssh_krb5_cc_gen(authctxt->krb5_ctx, &authctxt->krb5_fwd_ccache); |
150 | |||
151 | old_umask = umask(0177); | ||
152 | tmpfd = mkstemp(ccname + strlen("FILE:")); | ||
153 | umask(old_umask); | ||
154 | if (tmpfd == -1) { | ||
155 | logit("mkstemp(): %.100s", strerror(errno)); | ||
156 | problem = errno; | ||
157 | goto out; | ||
158 | } | ||
159 | |||
160 | if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { | ||
161 | logit("fchmod(): %.100s", strerror(errno)); | ||
162 | close(tmpfd); | ||
163 | problem = errno; | ||
164 | goto out; | ||
165 | } | ||
166 | close(tmpfd); | ||
167 | |||
168 | problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &authctxt->krb5_fwd_ccache); | ||
169 | if (problem) | 144 | if (problem) |
170 | goto out; | 145 | goto out; |
171 | 146 | ||
@@ -234,4 +209,34 @@ krb5_cleanup_proc(Authctxt *authctxt) | |||
234 | } | 209 | } |
235 | } | 210 | } |
236 | 211 | ||
212 | #ifndef HEIMDAL | ||
213 | krb5_error_code | ||
214 | ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { | ||
215 | int tmpfd, ret; | ||
216 | char ccname[40]; | ||
217 | mode_t old_umask; | ||
218 | |||
219 | ret = snprintf(ccname, sizeof(ccname), | ||
220 | "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); | ||
221 | if (ret == -1 || ret >= sizeof(ccname)) | ||
222 | return ENOMEM; | ||
223 | |||
224 | old_umask = umask(0177); | ||
225 | tmpfd = mkstemp(ccname + strlen("FILE:")); | ||
226 | umask(old_umask); | ||
227 | if (tmpfd == -1) { | ||
228 | logit("mkstemp(): %.100s", strerror(errno)); | ||
229 | return errno; | ||
230 | } | ||
231 | |||
232 | if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { | ||
233 | logit("fchmod(): %.100s", strerror(errno)); | ||
234 | close(tmpfd); | ||
235 | return errno; | ||
236 | } | ||
237 | close(tmpfd); | ||
238 | |||
239 | return (krb5_cc_resolve(ctx, ccname, ccache)); | ||
240 | } | ||
241 | #endif /* !HEIMDAL */ | ||
237 | #endif /* KRB5 */ | 242 | #endif /* KRB5 */ |