diff options
| author | Colin Watson <cjwatson@debian.org> | 2005-10-07 11:13:12 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2005-10-07 11:13:12 +0000 |
| commit | e315f6fb201d79e9ea9c363d9d18c9bf9b6f65ab (patch) | |
| tree | 2ae40acccd12143dad8cb61077f255db05a9ae4c /sshconnect2.c | |
| parent | 990e1d9376032a2e27fdc8a3beaf70b7abebce89 (diff) | |
* Only send GSSAPI proposal if GSSAPIAuthentication is enabled.
Diffstat (limited to 'sshconnect2.c')
| -rw-r--r-- | sshconnect2.c | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 601a49429..579e60c1c 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
| @@ -85,7 +85,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
| 85 | Kex *kex; | 85 | Kex *kex; |
| 86 | 86 | ||
| 87 | #ifdef GSSAPI | 87 | #ifdef GSSAPI |
| 88 | char *orig, *gss; | 88 | char *orig, *gss = NULL; |
| 89 | int len; | 89 | int len; |
| 90 | #endif | 90 | #endif |
| 91 | 91 | ||
| @@ -93,14 +93,16 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
| 93 | xxx_hostaddr = hostaddr; | 93 | xxx_hostaddr = hostaddr; |
| 94 | 94 | ||
| 95 | #ifdef GSSAPI | 95 | #ifdef GSSAPI |
| 96 | orig = myproposal[PROPOSAL_KEX_ALGS]; | 96 | if (options.gss_authentication) { |
| 97 | gss = ssh_gssapi_client_mechanisms(get_canonical_hostname(1)); | 97 | orig = myproposal[PROPOSAL_KEX_ALGS]; |
| 98 | debug("Offering GSSAPI proposal: %s",gss); | 98 | gss = ssh_gssapi_client_mechanisms(get_canonical_hostname(1)); |
| 99 | if (gss) { | 99 | debug("Offering GSSAPI proposal: %s",gss); |
| 100 | len = strlen(orig) + strlen(gss) + 2; | 100 | if (gss) { |
| 101 | myproposal[PROPOSAL_KEX_ALGS] = xmalloc(len); | 101 | len = strlen(orig) + strlen(gss) + 2; |
| 102 | snprintf(myproposal[PROPOSAL_KEX_ALGS], len, "%s,%s", gss, | 102 | myproposal[PROPOSAL_KEX_ALGS] = xmalloc(len); |
| 103 | orig); | 103 | snprintf(myproposal[PROPOSAL_KEX_ALGS], len, "%s,%s", |
| 104 | gss, orig); | ||
| 105 | } | ||
| 104 | } | 106 | } |
| 105 | #endif | 107 | #endif |
| 106 | 108 | ||
| @@ -150,7 +152,8 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
| 150 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 152 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
| 151 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 153 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
| 152 | #ifdef GSSAPI | 154 | #ifdef GSSAPI |
| 153 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; | 155 | if (options.gss_authentication) |
| 156 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; | ||
| 154 | #endif | 157 | #endif |
| 155 | kex->client_version_string=client_version_string; | 158 | kex->client_version_string=client_version_string; |
| 156 | kex->server_version_string=server_version_string; | 159 | kex->server_version_string=server_version_string; |