diff options
| author | Damien Miller <djm@mindrot.org> | 2002-09-12 09:47:29 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2002-09-12 09:47:29 +1000 |
| commit | 25162f2518f72035b50b254bfeb5b89d018223a6 (patch) | |
| tree | e5e50812ca90d5ce4cd3692505e9de48205f0b8a /auth1.c | |
| parent | 4d53d39b071ebc2a0c6f1948b7c7630ab0021a73 (diff) | |
- itojun@cvs.openbsd.org 2002/09/09 06:48:06
[auth1.c auth.h auth-krb5.c monitor.c monitor.h]
[monitor_wrap.c monitor_wrap.h]
kerberos support for privsep. confirmed to work by lha@stacken.kth.se
patch from markus
Diffstat (limited to 'auth1.c')
| -rw-r--r-- | auth1.c | 18 |
1 files changed, 15 insertions, 3 deletions
| @@ -10,7 +10,7 @@ | |||
| 10 | */ | 10 | */ |
| 11 | 11 | ||
| 12 | #include "includes.h" | 12 | #include "includes.h" |
| 13 | RCSID("$OpenBSD: auth1.c,v 1.42 2002/08/22 21:33:58 markus Exp $"); | 13 | RCSID("$OpenBSD: auth1.c,v 1.43 2002/09/09 06:48:06 itojun Exp $"); |
| 14 | 14 | ||
| 15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
| 16 | #include "rsa.h" | 16 | #include "rsa.h" |
| @@ -133,15 +133,27 @@ do_authloop(Authctxt *authctxt) | |||
| 133 | #endif /* KRB4 */ | 133 | #endif /* KRB4 */ |
| 134 | } else { | 134 | } else { |
| 135 | #ifdef KRB5 | 135 | #ifdef KRB5 |
| 136 | krb5_data tkt; | 136 | krb5_data tkt, reply; |
| 137 | tkt.length = dlen; | 137 | tkt.length = dlen; |
| 138 | tkt.data = kdata; | 138 | tkt.data = kdata; |
| 139 | 139 | ||
| 140 | if (auth_krb5(authctxt, &tkt, &client_user)) { | 140 | if (PRIVSEP(auth_krb5(authctxt, &tkt, |
| 141 | &client_user, &reply))) { | ||
| 141 | authenticated = 1; | 142 | authenticated = 1; |
| 142 | snprintf(info, sizeof(info), | 143 | snprintf(info, sizeof(info), |
| 143 | " tktuser %.100s", | 144 | " tktuser %.100s", |
| 144 | client_user); | 145 | client_user); |
| 146 | |||
| 147 | /* Send response to client */ | ||
| 148 | packet_start( | ||
| 149 | SSH_SMSG_AUTH_KERBEROS_RESPONSE); | ||
| 150 | packet_put_string((char *) | ||
| 151 | reply.data, reply.length); | ||
| 152 | packet_send(); | ||
| 153 | packet_write_wait(); | ||
| 154 | |||
| 155 | if (reply.length) | ||
| 156 | xfree(reply.data); | ||
| 145 | } | 157 | } |
| 146 | #endif /* KRB5 */ | 158 | #endif /* KRB5 */ |
| 147 | } | 159 | } |