- markus@cvs.openbsd.org 2003/08/28 12:54:34

[auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5] [sshconnect1.c sshd.c sshd_config sshd_config.5] remove kerberos support from ssh1, since it has been replaced with GSSAPI; but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
author: Damien Miller <djm@mindrot.org> 2003-09-02 22:51:17 +1000
committer: Damien Miller <djm@mindrot.org> 2003-09-02 22:51:17 +1000
commit: 1a0c0b96219b037865d624079a81ab7d88bbccc1 (patch)
tree: ad24303a17d1f49c98b66d5bfe014103019411af /monitor.c
parent: 55c47edc81accd3118fc0fda2c37765631c0aef0 (diff)
1 files changed, 1 insertions, 49 deletions
diff --git a/monitor.c b/monitor.c
index e08181f74..9ea7b93b9 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.47 2003/08/24 17:36:52 deraadt Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.49 2003/08/28 12:54:34 markus Exp $");
 #include <openssl/dh.h>
@@ -130,9 +130,6 @@ int mm_answer_pam_respond(int, Buffer *);
 int mm_answer_pam_free_ctx(int, Buffer *);
 #endif
-#ifdef KRB5
-int mm_answer_krb5(int, Buffer *);
-#endif
 #ifdef GSSAPI
 int mm_answer_gss_setup_ctx(int, Buffer *);
 int mm_answer_gss_accept_ctx(int, Buffer *);
@@ -192,9 +189,6 @@ struct mon_table mon_dispatch_proto20[] = {
 #endif
    {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
    {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},
-#ifdef KRB5
-    {MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5},
-#endif
 #ifdef GSSAPI
    {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx},
    {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
@@ -237,9 +231,6 @@ struct mon_table mon_dispatch_proto15[] = {
    {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},
    {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
 #endif
-#ifdef KRB5
-    {MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5},
-#endif
    {0, 0, NULL}
 };
@@ -1470,45 +1461,6 @@ mm_answer_rsa_response(int socket, Buffer *m)
        return (success);
 }
-#ifdef KRB5
-int
-mm_answer_krb5(int socket, Buffer *m)
-{
-        krb5_data tkt, reply;
-        char *client_user;
-        u_int len;
-        int success;
-        /* use temporary var to avoid size issues on 64bit arch */
-        tkt.data = buffer_get_string(m, &len);
-        tkt.length = len;
-        success = options.kerberos_authentication &&
-            authctxt->valid &&
-            auth_krb5(authctxt, &tkt, &client_user, &reply);
-        if (tkt.length)
-                xfree(tkt.data);
-        buffer_clear(m);
-        buffer_put_int(m, success);
-        if (success) {
-                buffer_put_cstring(m, client_user);
-                buffer_put_string(m, reply.data, reply.length);
-                if (client_user)
-                        xfree(client_user);
-                if (reply.length)
-                        xfree(reply.data);
-        }
-        mm_request_send(socket, MONITOR_ANS_KRB5, m);
-        auth_method = "kerberos";
-        return success;
-}
-#endif
 int
 mm_answer_term(int socket, Buffer *req)
 {
author	Damien Miller <djm@mindrot.org>	2003-09-02 22:51:17 +1000
committer	Damien Miller <djm@mindrot.org>	2003-09-02 22:51:17 +1000
commit	1a0c0b96219b037865d624079a81ab7d88bbccc1 (patch)
tree	ad24303a17d1f49c98b66d5bfe014103019411af /monitor.c
parent	55c47edc81accd3118fc0fda2c37765631c0aef0 (diff)

diff --git a/monitor.c b/monitor.c index e08181f74..9ea7b93b9 100644 --- a/monitor.c +++ b/monitor.c
@@ -25,7 +25,7 @@
25	*/	25	*/
26		26
27	#include "includes.h"	27	#include "includes.h"
28	RCSID("$OpenBSD: monitor.c,v 1.47 2003/08/24 17:36:52 deraadt Exp $");	28	RCSID("$OpenBSD: monitor.c,v 1.49 2003/08/28 12:54:34 markus Exp $");
29		29
30	#include <openssl/dh.h>	30	#include <openssl/dh.h>
31		31
@@ -130,9 +130,6 @@ int mm_answer_pam_respond(int, Buffer *);
130	int mm_answer_pam_free_ctx(int, Buffer *);	130	int mm_answer_pam_free_ctx(int, Buffer *);
131	#endif	131	#endif
132		132
133	#ifdef KRB5
134	int mm_answer_krb5(int, Buffer *);
135	#endif
136	#ifdef GSSAPI	133	#ifdef GSSAPI
137	int mm_answer_gss_setup_ctx(int, Buffer *);	134	int mm_answer_gss_setup_ctx(int, Buffer *);
138	int mm_answer_gss_accept_ctx(int, Buffer *);	135	int mm_answer_gss_accept_ctx(int, Buffer *);
@@ -192,9 +189,6 @@ struct mon_table mon_dispatch_proto20[] = {
192	#endif	189	#endif
193	{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},	190	{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
194	{MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},	191	{MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},
195	#ifdef KRB5
196	{MONITOR_REQ_KRB5, MON_ONCE\|MON_AUTH, mm_answer_krb5},
197	#endif
198	#ifdef GSSAPI	192	#ifdef GSSAPI
199	{MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx},	193	{MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx},
200	{MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},	194	{MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
@@ -237,9 +231,6 @@ struct mon_table mon_dispatch_proto15[] = {
237	{MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},	231	{MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},
238	{MONITOR_REQ_PAM_FREE_CTX, MON_ONCE\|MON_AUTHDECIDE, mm_answer_pam_free_ctx},	232	{MONITOR_REQ_PAM_FREE_CTX, MON_ONCE\|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
239	#endif	233	#endif
240	#ifdef KRB5
241	{MONITOR_REQ_KRB5, MON_ONCE\|MON_AUTH, mm_answer_krb5},
242	#endif
243	{0, 0, NULL}	234	{0, 0, NULL}
244	};	235	};
245		236
@@ -1470,45 +1461,6 @@ mm_answer_rsa_response(int socket, Buffer *m)
1470	return (success);	1461	return (success);
1471	}	1462	}
1472		1463
1473	#ifdef KRB5
1474	int
1475	mm_answer_krb5(int socket, Buffer *m)
1476	{
1477	krb5_data tkt, reply;
1478	char *client_user;
1479	u_int len;
1480	int success;
1481
1482	/* use temporary var to avoid size issues on 64bit arch */
1483	tkt.data = buffer_get_string(m, &len);
1484	tkt.length = len;
1485
1486	success = options.kerberos_authentication &&
1487	authctxt->valid &&
1488	auth_krb5(authctxt, &tkt, &client_user, &reply);
1489
1490	if (tkt.length)
1491	xfree(tkt.data);
1492
1493	buffer_clear(m);
1494	buffer_put_int(m, success);
1495
1496	if (success) {
1497	buffer_put_cstring(m, client_user);
1498	buffer_put_string(m, reply.data, reply.length);
1499	if (client_user)
1500	xfree(client_user);
1501	if (reply.length)
1502	xfree(reply.data);
1503	}
1504	mm_request_send(socket, MONITOR_ANS_KRB5, m);
1505
1506	auth_method = "kerberos";
1507
1508	return success;
1509	}
1510	#endif
1511
1512	int	1464	int
1513	mm_answer_term(int socket, Buffer *req)	1465	mm_answer_term(int socket, Buffer *req)
1514	{	1466	{