8 files changed, 121 insertions, 22 deletions
diff --git a/ChangeLog b/ChangeLog
index 71a876207..e3626cb91 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@
   - markus@cvs.openbsd.org 2002/09/08 20:24:08
     [hostfile.h]
     no comma at end of enumerator list
+   - itojun@cvs.openbsd.org 2002/09/09 06:48:06
+     [auth1.c auth.h auth-krb5.c monitor.c monitor.h]
+     [monitor_wrap.c monitor_wrap.h]
+     kerberos support for privsep.  confirmed to work by lha@stacken.kth.se
+     patch from markus
 20020911
 - (djm) Sync openbsd-compat with OpenBSD -current
@@ -1623,4 +1628,4 @@
 - (stevesk) entropy.c: typo in debug message
 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2452 2002/09/11 23:43:56 djm Exp $
+$Id: ChangeLog,v 1.2453 2002/09/11 23:47:29 djm Exp $
diff --git a/auth-krb5.c b/auth-krb5.c
index 308a6d5f9..512f70b78 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -28,7 +28,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth-krb5.c,v 1.8 2002/03/19 10:49:35 markus Exp $");
+RCSID("$OpenBSD: auth-krb5.c,v 1.9 2002/09/09 06:48:06 itojun Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -73,18 +73,17 @@ krb5_init(void *context)
 * from the ticket
 */
 int
-auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
+auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
 {
        krb5_error_code problem;
        krb5_principal server;
-        krb5_data reply;
        krb5_ticket *ticket;
        int fd, ret;
        ret = 0;
        server = NULL;
        ticket = NULL;
-        reply.length = 0;
+        reply->length = 0;
        problem = krb5_init(authctxt);
        if (problem)
@@ -131,7 +130,7 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
        /* if client wants mutual auth */
        problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
-            &reply);
+            reply);
        if (problem)
                goto err;
@@ -144,19 +143,16 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
                krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,
                    client);
-        packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
-        packet_put_string((char *) reply.data, reply.length);
-        packet_send();
-        packet_write_wait();
        ret = 1;
 err:
        if (server)
                krb5_free_principal(authctxt->krb5_ctx, server);
        if (ticket)
                krb5_free_ticket(authctxt->krb5_ctx, ticket);
-        if (reply.length)
+        if (!ret && reply->length) {
-                xfree(reply.data);
+                xfree(reply->data);
+                memset(reply, 0, sizeof(*reply));
+        }
        if (problem) {
                if (authctxt->krb5_ctx != NULL)
diff --git a/auth.h b/auth.h
index d98547d02..82d9987ae 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: auth.h,v 1.39 2002/05/31 11:35:15 markus Exp $        */
+/*      $OpenBSD: auth.h,v 1.40 2002/09/09 06:48:06 itojun Exp $        */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -126,7 +126,7 @@ int     auth_afs_token(Authctxt *, const char *);
 #endif /* KRB4 */
 #ifdef KRB5
-int     auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client);
+int     auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *);
 int     auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt);
 int     auth_krb5_password(Authctxt *authctxt, const char *password);
 void    krb5_cleanup_proc(void *authctxt);
diff --git a/auth1.c b/auth1.c
index 17342a658..4d2b92a22 100644
--- a/auth1.c
+++ b/auth1.c
@@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.42 2002/08/22 21:33:58 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.43 2002/09/09 06:48:06 itojun Exp $");
 #include "xmalloc.h"
 #include "rsa.h"
@@ -133,15 +133,27 @@ do_authloop(Authctxt *authctxt)
 #endif /* KRB4 */
                                } else {
 #ifdef KRB5
-                                        krb5_data tkt;
+                                        krb5_data tkt, reply;
                                        tkt.length = dlen;
                                        tkt.data = kdata;
-                                        if (auth_krb5(authctxt, &tkt, &client_user)) {
+                                        if (PRIVSEP(auth_krb5(authctxt, &tkt,
+                                            &client_user, &reply))) {
                                                authenticated = 1;
                                                snprintf(info, sizeof(info),
                                                    " tktuser %.100s",
                                                    client_user);
+ 
+                                                /* Send response to client */
+                                                packet_start(
+                                                    SSH_SMSG_AUTH_KERBEROS_RESPONSE);
+                                                packet_put_string((char *)
+                                                    reply.data, reply.length);
+                                                packet_send();
+                                                packet_write_wait();
+                                                if (reply.length)
+                                                        xfree(reply.data);
                                        }
 #endif /* KRB5 */
                                }
diff --git a/monitor.c b/monitor.c
index e039f7a28..562efcaf8 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.24 2002/08/29 15:57:25 stevesk Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.25 2002/09/09 06:48:06 itojun Exp $");
 #include <openssl/dh.h>
@@ -120,6 +120,10 @@ int mm_answer_sessid(int, Buffer *);
 int mm_answer_pam_start(int, Buffer *);
 #endif
+#ifdef KRB5
+int mm_answer_krb5(int, Buffer *);
+#endif
 static Authctxt *authctxt;
 static BIGNUM *ssh1_challenge = NULL;   /* used for ssh1 rsa auth */
@@ -199,6 +203,9 @@ struct mon_table mon_dispatch_proto15[] = {
 #ifdef USE_PAM
    {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
 #endif
+#ifdef KRB5
+    {MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5},
+#endif
    {0, 0, NULL}
 };
@@ -1277,6 +1284,42 @@ mm_answer_rsa_response(int socket, Buffer *m)
        return (success);
 }
+#ifdef KRB5
+int
+mm_answer_krb5(int socket, Buffer *m)
+{
+        krb5_data tkt, reply;
+        char *client_user;
+        u_int len;
+        int success;
+        /* use temporary var to avoid size issues on 64bit arch */
+        tkt.data = buffer_get_string(m, &len);
+        tkt.length = len;
+        success = auth_krb5(authctxt, &tkt, &client_user, &reply);
+        if (tkt.length)
+                xfree(tkt.data);
+        buffer_clear(m);
+        buffer_put_int(m, success);
+        if (success) {
+                buffer_put_cstring(m, client_user);
+                buffer_put_string(m, reply.data, reply.length);
+                if (client_user)
+                        xfree(client_user);
+                if (reply.length)
+                        xfree(reply.data);
+        }
+        mm_request_send(socket, MONITOR_ANS_KRB5, m);
+        return success;
+}
+#endif
 int
 mm_answer_term(int socket, Buffer *req)
 {
diff --git a/monitor.h b/monitor.h
index 69114b532..553131997 100644
--- a/monitor.h
+++ b/monitor.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: monitor.h,v 1.6 2002/06/11 05:46:20 mpech Exp $       */
+/*      $OpenBSD: monitor.h,v 1.7 2002/09/09 06:48:06 itojun Exp $      */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -49,6 +49,7 @@ enum monitor_reqtype {
        MONITOR_REQ_RSAKEYALLOWED, MONITOR_ANS_RSAKEYALLOWED,
        MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE,
        MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE,
+        MONITOR_REQ_KRB5, MONITOR_ANS_KRB5,
        MONITOR_REQ_PAM_START,
        MONITOR_REQ_TERM
 };
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 78be2915f..ed1c50ff9 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: monitor_wrap.c,v 1.16 2002/07/04 10:41:47 markus Exp $");
+RCSID("$OpenBSD: monitor_wrap.c,v 1.17 2002/09/09 06:48:06 itojun Exp $");
 #include <openssl/bn.h>
 #include <openssl/dh.h>
@@ -936,3 +936,38 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
        return (success);
 }
+#ifdef KRB5
+int
+mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp)
+{
+        krb5_data *tkt, *reply;
+        Buffer m;
+        int success;
+        debug3("%s entering", __func__);
+        tkt = (krb5_data *) argp;
+        reply = (krb5_data *) resp;
+        buffer_init(&m);
+        buffer_put_string(&m, tkt->data, tkt->length);
+        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m);
+        mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m);
+        success = buffer_get_int(&m);
+        if (success) {
+                u_int len;
+                *userp = buffer_get_string(&m, NULL);
+                reply->data = buffer_get_string(&m, &len);
+                reply->length = len;
+        } else {
+                memset(reply, 0, sizeof(*reply));
+                *userp = NULL;
+        }
+        buffer_free(&m);
+        return (success);
+}
+#endif
diff --git a/monitor_wrap.h b/monitor_wrap.h
index f97862b5b..5e583e15b 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: monitor_wrap.h,v 1.6 2002/06/30 21:59:45 deraadt Exp $        */
+/*      $OpenBSD: monitor_wrap.h,v 1.7 2002/09/09 06:48:06 itojun Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -83,6 +83,13 @@ int mm_bsdauth_respond(void *, u_int, char **);
 int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **);
 int mm_skey_respond(void *, u_int, char **);
+/* auth_krb5 */
+#ifdef KRB5
+/* auth and reply are really krb5_data objects, but we don't want to
+ * include all of the krb5 headers here */
+int mm_auth_krb5(void *authctxt, void *auth, char **client, void *reply);
+#endif
 /* zlib allocation hooks */
 void *mm_zalloc(struct mm_master *, u_int, u_int);