diff options
author | markus@openbsd.org <markus@openbsd.org> | 2017-05-30 14:29:59 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-05-31 10:50:33 +1000 |
commit | eb272ea4099fd6157846f15c129ac5727933aa69 (patch) | |
tree | 7c721828dc6504e4adaa6517ce65840eaaba06ef /auth2-gss.c | |
parent | 5a146bbd4fdf5c571f9fb438e5210d28cead76d9 (diff) |
upstream commit
switch auth2 to ssh_dispatch API; ok djm@
Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
Diffstat (limited to 'auth2-gss.c')
-rw-r--r-- | auth2-gss.c | 43 |
1 files changed, 22 insertions, 21 deletions
diff --git a/auth2-gss.c b/auth2-gss.c index a762747d6..680d5e712 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-gss.c,v 1.24 2017/05/30 14:23:52 markus Exp $ */ | 1 | /* $OpenBSD: auth2-gss.c,v 1.25 2017/05/30 14:29:59 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -58,8 +58,9 @@ static int input_gssapi_errtok(int, u_int32_t, struct ssh *); | |||
58 | * how to check local user kuserok and the like) | 58 | * how to check local user kuserok and the like) |
59 | */ | 59 | */ |
60 | static int | 60 | static int |
61 | userauth_gssapi(Authctxt *authctxt) | 61 | userauth_gssapi(struct ssh *ssh) |
62 | { | 62 | { |
63 | Authctxt *authctxt = ssh->authctxt; | ||
63 | gss_OID_desc goid = {0, NULL}; | 64 | gss_OID_desc goid = {0, NULL}; |
64 | Gssctxt *ctxt = NULL; | 65 | Gssctxt *ctxt = NULL; |
65 | int mechs; | 66 | int mechs; |
@@ -119,8 +120,8 @@ userauth_gssapi(Authctxt *authctxt) | |||
119 | packet_send(); | 120 | packet_send(); |
120 | free(doid); | 121 | free(doid); |
121 | 122 | ||
122 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); | 123 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); |
123 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); | 124 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); |
124 | authctxt->postponed = 1; | 125 | authctxt->postponed = 1; |
125 | 126 | ||
126 | return (0); | 127 | return (0); |
@@ -157,8 +158,8 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) | |||
157 | packet_send(); | 158 | packet_send(); |
158 | } | 159 | } |
159 | authctxt->postponed = 0; | 160 | authctxt->postponed = 0; |
160 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); | 161 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
161 | userauth_finish(authctxt, 0, "gssapi-with-mic", NULL); | 162 | userauth_finish(ssh, 0, "gssapi-with-mic", NULL); |
162 | } else { | 163 | } else { |
163 | if (send_tok.length != 0) { | 164 | if (send_tok.length != 0) { |
164 | packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); | 165 | packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); |
@@ -166,12 +167,12 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) | |||
166 | packet_send(); | 167 | packet_send(); |
167 | } | 168 | } |
168 | if (maj_status == GSS_S_COMPLETE) { | 169 | if (maj_status == GSS_S_COMPLETE) { |
169 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); | 170 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
170 | if (flags & GSS_C_INTEG_FLAG) | 171 | if (flags & GSS_C_INTEG_FLAG) |
171 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, | 172 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_MIC, |
172 | &input_gssapi_mic); | 173 | &input_gssapi_mic); |
173 | else | 174 | else |
174 | dispatch_set( | 175 | ssh_dispatch_set(ssh, |
175 | SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, | 176 | SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, |
176 | &input_gssapi_exchange_complete); | 177 | &input_gssapi_exchange_complete); |
177 | } | 178 | } |
@@ -207,8 +208,8 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) | |||
207 | free(recv_tok.value); | 208 | free(recv_tok.value); |
208 | 209 | ||
209 | /* We can't return anything to the client, even if we wanted to */ | 210 | /* We can't return anything to the client, even if we wanted to */ |
210 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); | 211 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
211 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); | 212 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); |
212 | 213 | ||
213 | /* The client will have already moved on to the next auth */ | 214 | /* The client will have already moved on to the next auth */ |
214 | 215 | ||
@@ -241,11 +242,11 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) | |||
241 | authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); | 242 | authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); |
242 | 243 | ||
243 | authctxt->postponed = 0; | 244 | authctxt->postponed = 0; |
244 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); | 245 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
245 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); | 246 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); |
246 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); | 247 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); |
247 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); | 248 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); |
248 | userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL); | 249 | userauth_finish(ssh, authenticated, "gssapi-with-mic", NULL); |
249 | return 0; | 250 | return 0; |
250 | } | 251 | } |
251 | 252 | ||
@@ -282,11 +283,11 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) | |||
282 | free(mic.value); | 283 | free(mic.value); |
283 | 284 | ||
284 | authctxt->postponed = 0; | 285 | authctxt->postponed = 0; |
285 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); | 286 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
286 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); | 287 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); |
287 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); | 288 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); |
288 | dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); | 289 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); |
289 | userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL); | 290 | userauth_finish(ssh, authenticated, "gssapi-with-mic", NULL); |
290 | return 0; | 291 | return 0; |
291 | } | 292 | } |
292 | 293 | ||