- itojun@cvs.openbsd.org 2002/09/09 06:48:06

[auth1.c auth.h auth-krb5.c monitor.c monitor.h] [monitor_wrap.c monitor_wrap.h] kerberos support for privsep. confirmed to work by lha@stacken.kth.se patch from markus
author: Damien Miller <djm@mindrot.org> 2002-09-12 09:47:29 +1000
committer: Damien Miller <djm@mindrot.org> 2002-09-12 09:47:29 +1000
commit: 25162f2518f72035b50b254bfeb5b89d018223a6 (patch)
tree: e5e50812ca90d5ce4cd3692505e9de48205f0b8a /monitor_wrap.c
parent: 4d53d39b071ebc2a0c6f1948b7c7630ab0021a73 (diff)
1 files changed, 36 insertions, 1 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 78be2915f..ed1c50ff9 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: monitor_wrap.c,v 1.16 2002/07/04 10:41:47 markus Exp $");
+RCSID("$OpenBSD: monitor_wrap.c,v 1.17 2002/09/09 06:48:06 itojun Exp $");
 #include <openssl/bn.h>
 #include <openssl/dh.h>
@@ -936,3 +936,38 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
        return (success);
 }
+#ifdef KRB5
+int
+mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp)
+{
+        krb5_data *tkt, *reply;
+        Buffer m;
+        int success;
+        debug3("%s entering", __func__);
+        tkt = (krb5_data *) argp;
+        reply = (krb5_data *) resp;
+        buffer_init(&m);
+        buffer_put_string(&m, tkt->data, tkt->length);
+        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m);
+        mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m);
+        success = buffer_get_int(&m);
+        if (success) {
+                u_int len;
+                *userp = buffer_get_string(&m, NULL);
+                reply->data = buffer_get_string(&m, &len);
+                reply->length = len;
+        } else {
+                memset(reply, 0, sizeof(*reply));
+                *userp = NULL;
+        }
+        buffer_free(&m);
+        return (success);
+}
+#endif
author	Damien Miller <djm@mindrot.org>	2002-09-12 09:47:29 +1000
committer	Damien Miller <djm@mindrot.org>	2002-09-12 09:47:29 +1000
commit	25162f2518f72035b50b254bfeb5b89d018223a6 (patch)
tree	e5e50812ca90d5ce4cd3692505e9de48205f0b8a /monitor_wrap.c
parent	4d53d39b071ebc2a0c6f1948b7c7630ab0021a73 (diff)

diff --git a/monitor_wrap.c b/monitor_wrap.c index 78be2915f..ed1c50ff9 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
25	*/	25	*/
26		26
27	#include "includes.h"	27	#include "includes.h"
28	RCSID("$OpenBSD: monitor_wrap.c,v 1.16 2002/07/04 10:41:47 markus Exp $");	28	RCSID("$OpenBSD: monitor_wrap.c,v 1.17 2002/09/09 06:48:06 itojun Exp $");
29		29
30	#include <openssl/bn.h>	30	#include <openssl/bn.h>
31	#include <openssl/dh.h>	31	#include <openssl/dh.h>
@@ -936,3 +936,38 @@ mm_auth_rsa_verify_response(Key key, BIGNUM p, u_char response[16])
936		936
937	return (success);	937	return (success);
938	}	938	}
		939
		940	#ifdef KRB5
		941	int
		942	mm_auth_krb5(void ctx, void argp, char *userp, void resp)
		943	{
		944	krb5_data tkt, reply;
		945	Buffer m;
		946	int success;
		947
		948	debug3("%s entering", __func__);
		949	tkt = (krb5_data *) argp;
		950	reply = (krb5_data *) resp;
		951
		952	buffer_init(&m);
		953	buffer_put_string(&m, tkt->data, tkt->length);
		954
		955	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m);
		956	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m);
		957
		958	success = buffer_get_int(&m);
		959	if (success) {
		960	u_int len;
		961
		962	*userp = buffer_get_string(&m, NULL);
		963	reply->data = buffer_get_string(&m, &len);
		964	reply->length = len;
		965	} else {
		966	memset(reply, 0, sizeof(*reply));
		967	*userp = NULL;
		968	}
		969
		970	buffer_free(&m);
		971	return (success);
		972	}
		973	#endif