- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h

configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
author: Darren Tucker <dtucker@zip.com.au> 2003-08-26 11:58:16 +1000
committer: Darren Tucker <dtucker@zip.com.au> 2003-08-26 11:58:16 +1000
commit: 49aaf4ad522c6b599ec13f75f8a6b7eab6942143 (patch)
tree: ccf3984a52b32d59e3900ae8518a796df2860b58 /gss-serv-krb5.c
parent: 0efd155c3c184f0eaa2e1eb244eaaf066e6906e0 (diff)
1 files changed, 37 insertions, 0 deletions
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
index d86872258..f48e09911 100644
--- a/gss-serv-krb5.c
+++ b/gss-serv-krb5.c
@@ -38,7 +38,11 @@
 extern ServerOptions options;
+#ifdef HEIMDAL
 #include <krb5.h>
+#else
+#include <gssapi_krb5.h>
+#endif
 static krb5_context krb_context = NULL;
@@ -113,11 +117,39 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
        if (ssh_gssapi_krb5_init() == 0)
                return;
+#ifdef HEIMDAL
        if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
                logit("krb5_cc_gen_new(): %.100s",
                    krb5_get_err_text(krb_context, problem));
                return;
        }
+#else
+        {
+                int tmpfd;
+                char ccname[40];
+    
+                snprintf(ccname, sizeof(ccname), 
+                    "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid());
+    
+                if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) {
+                        logit("mkstemp(): %.100s", strerror(errno));
+                        problem = errno;
+                        return;
+                }
+                if (fchmod(tmpfd, S_IRUSR | S_IWUSR) == -1) {
+                        logit("fchmod(): %.100s", strerror(errno));
+                        close(tmpfd);
+                        problem = errno;
+                        return;
+                }
+                close(tmpfd);
+                if ((problem = krb5_cc_resolve(krb_context, ccname, &ccache))) {
+                        logit("krb5_cc_resolve(): %.100s",
+                            krb5_get_err_text(krb_context, problem));
+                        return;
+                }
+        }
+#endif  /* #ifdef HEIMDAL */
        if ((problem = krb5_parse_name(krb_context, 
            client->exportedname.value, &princ))) {
@@ -148,6 +180,11 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
        client->store.envvar = "KRB5CCNAME";
        client->store.envval = xstrdup(client->store.filename);
+#ifdef USE_PAM
+        if (options.use_pam)
+                do_pam_putenv(client->store.envvar,client->store.envval);
+#endif
        krb5_cc_close(krb_context, ccache);
        return;
author	Darren Tucker <dtucker@zip.com.au>	2003-08-26 11:58:16 +1000
committer	Darren Tucker <dtucker@zip.com.au>	2003-08-26 11:58:16 +1000
commit	49aaf4ad522c6b599ec13f75f8a6b7eab6942143 (patch)
tree	ccf3984a52b32d59e3900ae8518a796df2860b58 /gss-serv-krb5.c
parent	0efd155c3c184f0eaa2e1eb244eaaf066e6906e0 (diff)

diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index d86872258..f48e09911 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c
@@ -38,7 +38,11 @@
38		38
39	extern ServerOptions options;	39	extern ServerOptions options;
40		40
		41	#ifdef HEIMDAL
41	#include <krb5.h>	42	#include <krb5.h>
		43	#else
		44	#include <gssapi_krb5.h>
		45	#endif
42		46
43	static krb5_context krb_context = NULL;	47	static krb5_context krb_context = NULL;
44		48
@@ -113,11 +117,39 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
113	if (ssh_gssapi_krb5_init() == 0)	117	if (ssh_gssapi_krb5_init() == 0)
114	return;	118	return;
115		119
		120	#ifdef HEIMDAL
116	if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {	121	if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
117	logit("krb5_cc_gen_new(): %.100s",	122	logit("krb5_cc_gen_new(): %.100s",
118	krb5_get_err_text(krb_context, problem));	123	krb5_get_err_text(krb_context, problem));
119	return;	124	return;
120	}	125	}
		126	#else
		127	{
		128	int tmpfd;
		129	char ccname[40];
		130
		131	snprintf(ccname, sizeof(ccname),
		132	"FILE:/tmp/krb5cc_%d_XXXXXX", geteuid());
		133
		134	if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) {
		135	logit("mkstemp(): %.100s", strerror(errno));
		136	problem = errno;
		137	return;
		138	}
		139	if (fchmod(tmpfd, S_IRUSR \| S_IWUSR) == -1) {
		140	logit("fchmod(): %.100s", strerror(errno));
		141	close(tmpfd);
		142	problem = errno;
		143	return;
		144	}
		145	close(tmpfd);
		146	if ((problem = krb5_cc_resolve(krb_context, ccname, &ccache))) {
		147	logit("krb5_cc_resolve(): %.100s",
		148	krb5_get_err_text(krb_context, problem));
		149	return;
		150	}
		151	}
		152	#endif /* #ifdef HEIMDAL */
121		153
122	if ((problem = krb5_parse_name(krb_context,	154	if ((problem = krb5_parse_name(krb_context,
123	client->exportedname.value, &princ))) {	155	client->exportedname.value, &princ))) {
@@ -148,6 +180,11 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
148	client->store.envvar = "KRB5CCNAME";	180	client->store.envvar = "KRB5CCNAME";
149	client->store.envval = xstrdup(client->store.filename);	181	client->store.envval = xstrdup(client->store.filename);
150		182
		183	#ifdef USE_PAM
		184	if (options.use_pam)
		185	do_pam_putenv(client->store.envvar,client->store.envval);
		186	#endif
		187
151	krb5_cc_close(krb_context, ccache);	188	krb5_cc_close(krb_context, ccache);
152		189
153	return;	190	return;