* Add remaining pieces of Kerberos support (closes: #275472):

  - Add GSSAPI key exchange support from
    http://www.sxw.org.uk/computing/patches/openssh.html (thanks, Stephen
    Frost).

1 files changed, 22 insertions, 10 deletions

diff --git a/gss-serv.c b/gss-serv.c
index 117130459..05ae54e97 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -62,6 +62,28 @@ ssh_gssapi_mech* supported_mechs[]= {
 };
 
 /* Unpriviledged */
+char *
+ssh_gssapi_server_mechanisms() {
+        gss_OID_set     supported;
+
+        ssh_gssapi_supported_oids(&supported);
+        return (ssh_gssapi_kex_mechs(supported, &ssh_gssapi_server_check_mech,
+            NULL));
+}
+
+/* Unpriviledged */
+int
+ssh_gssapi_server_check_mech(gss_OID oid, void *data) {
+        Gssctxt * ctx = NULL;
+        int res;
+
+        res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid)));
+        ssh_gssapi_delete_ctx(&ctx);
+
+        return (res);
+}
+
+/* Unpriviledged */
 void
 ssh_gssapi_supported_oids(gss_OID_set *oidset)
 {
@@ -298,14 +320,4 @@ ssh_gssapi_userok(char *user)
         return (0);
 }
 
-/* Priviledged */
-OM_uint32
-ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
-{
-        ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
-            gssbuf, gssmic, NULL);
-
-        return (ctx->major);
-}
-
 #endif