diff options
author | Damien Miller <djm@mindrot.org> | 2001-11-14 00:02:10 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-11-14 00:02:10 +1100 |
commit | 61b05cfdda61737f2d8999e3849dfaea1127f19e (patch) | |
tree | feea73cf988f48d7abfe41979e6cae804f8126f1 /auth-krb5.c | |
parent | e49d0966b5e8e4ff4eb993f1b8511932dfcf7bf8 (diff) |
- (djm) OpenBSD CVS Sync
- dugsong@cvs.openbsd.org 2001/11/11 18:47:10
[auth-krb5.c]
fix krb5 authorization check. found by <jhawk@MIT.EDU>. from
art@, deraadt@ ok
Diffstat (limited to 'auth-krb5.c')
-rw-r--r-- | auth-krb5.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/auth-krb5.c b/auth-krb5.c index 08c917459..b56f43a92 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -2,7 +2,7 @@ | |||
2 | * Kerberos v5 authentication and ticket-passing routines. | 2 | * Kerberos v5 authentication and ticket-passing routines. |
3 | * | 3 | * |
4 | * $FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar Exp $ | 4 | * $FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar Exp $ |
5 | * $OpenBSD: auth-krb5.c,v 1.1 2001/06/26 16:15:23 dugsong Exp $ | 5 | * $OpenBSD: auth-krb5.c,v 1.2 2001/11/12 01:47:09 dugsong Exp $ |
6 | */ | 6 | */ |
7 | 7 | ||
8 | #include "includes.h" | 8 | #include "includes.h" |
@@ -52,8 +52,9 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client) | |||
52 | krb5_principal server; | 52 | krb5_principal server; |
53 | krb5_data reply; | 53 | krb5_data reply; |
54 | krb5_ticket *ticket; | 54 | krb5_ticket *ticket; |
55 | int fd; | 55 | int fd, ret; |
56 | 56 | ||
57 | ret = 0; | ||
57 | server = NULL; | 58 | server = NULL; |
58 | ticket = NULL; | 59 | ticket = NULL; |
59 | reply.length = 0; | 60 | reply.length = 0; |
@@ -107,7 +108,8 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client) | |||
107 | packet_put_string((char *) reply.data, reply.length); | 108 | packet_put_string((char *) reply.data, reply.length); |
108 | packet_send(); | 109 | packet_send(); |
109 | packet_write_wait(); | 110 | packet_write_wait(); |
110 | 111 | ||
112 | ret = 1; | ||
111 | err: | 113 | err: |
112 | if (server) | 114 | if (server) |
113 | krb5_free_principal(authctxt->krb5_ctx, server); | 115 | krb5_free_principal(authctxt->krb5_ctx, server); |
@@ -116,12 +118,11 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client) | |||
116 | if (reply.length) | 118 | if (reply.length) |
117 | xfree(reply.data); | 119 | xfree(reply.data); |
118 | 120 | ||
119 | if (problem) { | 121 | if (problem) |
120 | debug("Kerberos v5 authentication failed: %s", | 122 | debug("Kerberos v5 authentication failed: %s", |
121 | krb5_get_err_text(authctxt->krb5_ctx, problem)); | 123 | krb5_get_err_text(authctxt->krb5_ctx, problem)); |
122 | return (0); | 124 | |
123 | } | 125 | return (ret); |
124 | return (1); | ||
125 | } | 126 | } |
126 | 127 | ||
127 | int | 128 | int |