summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--auth2-gss.c6
-rw-r--r--gss-genr.c5
-rw-r--r--gss-serv.c13
-rw-r--r--monitor.c10
5 files changed, 21 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog
index 3c7577fb2..2479962b3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,6 +30,9 @@
30 - stevesk@cvs.openbsd.org 2005/10/13 19:13:41 30 - stevesk@cvs.openbsd.org 2005/10/13 19:13:41
31 [dns.c] 31 [dns.c]
32 unneeded #include, unused declaration, little knf; ok deraadt@ 32 unneeded #include, unused declaration, little knf; ok deraadt@
33 - stevesk@cvs.openbsd.org 2005/10/13 22:24:31
34 [auth2-gss.c gss-genr.c gss-serv.c monitor.c]
35 KNF; ok djm@
33 36
3420051102 3720051102
35 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup(). 38 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
@@ -3163,4 +3166,4 @@
3163 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 3166 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
3164 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 3167 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
3165 3168
3166$Id: ChangeLog,v 1.3933 2005/11/05 04:06:38 djm Exp $ 3169$Id: ChangeLog,v 1.3934 2005/11/05 04:07:05 djm Exp $
diff --git a/auth2-gss.c b/auth2-gss.c
index 533649e7e..95844a05e 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-gss.c,v 1.11 2005/10/13 14:03:01 stevesk Exp $ */ 1/* $OpenBSD: auth2-gss.c,v 1.12 2005/10/13 22:24:31 stevesk Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -48,7 +48,7 @@ static void input_gssapi_errtok(int, u_int32_t, void *);
48 48
49/* 49/*
50 * We only support those mechanisms that we know about (ie ones that we know 50 * We only support those mechanisms that we know about (ie ones that we know
51 * how to check local user kuserok and the like 51 * how to check local user kuserok and the like)
52 */ 52 */
53static int 53static int
54userauth_gssapi(Authctxt *authctxt) 54userauth_gssapi(Authctxt *authctxt)
@@ -104,7 +104,7 @@ userauth_gssapi(Authctxt *authctxt)
104 return (0); 104 return (0);
105 } 105 }
106 106
107 authctxt->methoddata=(void *)ctxt; 107 authctxt->methoddata = (void *)ctxt;
108 108
109 packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); 109 packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE);
110 110
diff --git a/gss-genr.c b/gss-genr.c
index 2450a370c..c2b4f2dd8 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-genr.c,v 1.5 2005/10/13 14:03:01 stevesk Exp $ */ 1/* $OpenBSD: gss-genr.c,v 1.6 2005/10/13 22:24:31 stevesk Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -268,7 +268,8 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
268} 268}
269 269
270OM_uint32 270OM_uint32
271ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) { 271ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
272{
272 if (*ctx) 273 if (*ctx)
273 ssh_gssapi_delete_ctx(ctx); 274 ssh_gssapi_delete_ctx(ctx);
274 ssh_gssapi_build_ctx(ctx); 275 ssh_gssapi_build_ctx(ctx);
diff --git a/gss-serv.c b/gss-serv.c
index 56ff9f612..26eec25bd 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-serv.c,v 1.12 2005/10/13 19:08:08 stevesk Exp $ */ 1/* $OpenBSD: gss-serv.c,v 1.13 2005/10/13 22:24:31 stevesk Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -134,14 +134,14 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
134 OM_uint32 offset; 134 OM_uint32 offset;
135 OM_uint32 oidl; 135 OM_uint32 oidl;
136 136
137 tok=ename->value; 137 tok = ename->value;
138 138
139 /* 139 /*
140 * Check that ename is long enough for all of the fixed length 140 * Check that ename is long enough for all of the fixed length
141 * header, and that the initial ID bytes are correct 141 * header, and that the initial ID bytes are correct
142 */ 142 */
143 143
144 if (ename->length<6 || memcmp(tok,"\x04\x01", 2)!=0) 144 if (ename->length < 6 || memcmp(tok, "\x04\x01", 2) != 0)
145 return GSS_S_FAILURE; 145 return GSS_S_FAILURE;
146 146
147 /* 147 /*
@@ -160,7 +160,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
160 */ 160 */
161 if (tok[4] != 0x06 || tok[5] != oidl || 161 if (tok[4] != 0x06 || tok[5] != oidl ||
162 ename->length < oidl+6 || 162 ename->length < oidl+6 ||
163 !ssh_gssapi_check_oid(ctx,tok+6,oidl)) 163 !ssh_gssapi_check_oid(ctx, tok+6, oidl))
164 return GSS_S_FAILURE; 164 return GSS_S_FAILURE;
165 165
166 offset = oidl+6; 166 offset = oidl+6;
@@ -175,7 +175,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
175 return GSS_S_FAILURE; 175 return GSS_S_FAILURE;
176 176
177 name->value = xmalloc(name->length+1); 177 name->value = xmalloc(name->length+1);
178 memcpy(name->value,tok+offset,name->length); 178 memcpy(name->value, tok+offset,name->length);
179 ((char *)name->value)[name->length] = 0; 179 ((char *)name->value)[name->length] = 0;
180 180
181 return GSS_S_COMPLETE; 181 return GSS_S_COMPLETE;
@@ -259,9 +259,8 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
259 259
260 if (gssapi_client.store.envvar != NULL && 260 if (gssapi_client.store.envvar != NULL &&
261 gssapi_client.store.envval != NULL) { 261 gssapi_client.store.envval != NULL) {
262
263 debug("Setting %s to %s", gssapi_client.store.envvar, 262 debug("Setting %s to %s", gssapi_client.store.envvar,
264 gssapi_client.store.envval); 263 gssapi_client.store.envval);
265 child_set_env(envp, envsizep, gssapi_client.store.envvar, 264 child_set_env(envp, envsizep, gssapi_client.store.envvar,
266 gssapi_client.store.envval); 265 gssapi_client.store.envval);
267 } 266 }
diff --git a/monitor.c b/monitor.c
index 24ad0b794..e6f648b0b 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
25 */ 25 */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: monitor.c,v 1.63 2005/03/10 22:01:05 deraadt Exp $"); 28RCSID("$OpenBSD: monitor.c,v 1.64 2005/10/13 22:24:31 stevesk Exp $");
29 29
30#include <openssl/dh.h> 30#include <openssl/dh.h>
31 31
@@ -1829,7 +1829,7 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
1829 buffer_clear(m); 1829 buffer_clear(m);
1830 buffer_put_int(m, major); 1830 buffer_put_int(m, major);
1831 1831
1832 mm_request_send(sock,MONITOR_ANS_GSSSETUP, m); 1832 mm_request_send(sock, MONITOR_ANS_GSSSETUP, m);
1833 1833
1834 /* Now we have a context, enable the step */ 1834 /* Now we have a context, enable the step */
1835 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1); 1835 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1);
@@ -1842,7 +1842,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
1842{ 1842{
1843 gss_buffer_desc in; 1843 gss_buffer_desc in;
1844 gss_buffer_desc out = GSS_C_EMPTY_BUFFER; 1844 gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
1845 OM_uint32 major,minor; 1845 OM_uint32 major, minor;
1846 OM_uint32 flags = 0; /* GSI needs this */ 1846 OM_uint32 flags = 0; /* GSI needs this */
1847 u_int len; 1847 u_int len;
1848 1848
@@ -1859,7 +1859,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
1859 1859
1860 gss_release_buffer(&minor, &out); 1860 gss_release_buffer(&minor, &out);
1861 1861
1862 if (major==GSS_S_COMPLETE) { 1862 if (major == GSS_S_COMPLETE) {
1863 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); 1863 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
1864 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); 1864 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
1865 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); 1865 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@@ -1908,7 +1908,7 @@ mm_answer_gss_userok(int sock, Buffer *m)
1908 debug3("%s: sending result %d", __func__, authenticated); 1908 debug3("%s: sending result %d", __func__, authenticated);
1909 mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); 1909 mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
1910 1910
1911 auth_method="gssapi-with-mic"; 1911 auth_method = "gssapi-with-mic";
1912 1912
1913 /* Monitor loop will terminate if authenticated */ 1913 /* Monitor loop will terminate if authenticated */
1914 return (authenticated); 1914 return (authenticated);