diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth2-gss.c | 6 | ||||
-rw-r--r-- | gss-genr.c | 5 | ||||
-rw-r--r-- | gss-serv.c | 13 | ||||
-rw-r--r-- | monitor.c | 10 |
5 files changed, 21 insertions, 18 deletions
@@ -30,6 +30,9 @@ | |||
30 | - stevesk@cvs.openbsd.org 2005/10/13 19:13:41 | 30 | - stevesk@cvs.openbsd.org 2005/10/13 19:13:41 |
31 | [dns.c] | 31 | [dns.c] |
32 | unneeded #include, unused declaration, little knf; ok deraadt@ | 32 | unneeded #include, unused declaration, little knf; ok deraadt@ |
33 | - stevesk@cvs.openbsd.org 2005/10/13 22:24:31 | ||
34 | [auth2-gss.c gss-genr.c gss-serv.c monitor.c] | ||
35 | KNF; ok djm@ | ||
33 | 36 | ||
34 | 20051102 | 37 | 20051102 |
35 | - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup(). | 38 | - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup(). |
@@ -3163,4 +3166,4 @@ | |||
3163 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 3166 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
3164 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 3167 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
3165 | 3168 | ||
3166 | $Id: ChangeLog,v 1.3933 2005/11/05 04:06:38 djm Exp $ | 3169 | $Id: ChangeLog,v 1.3934 2005/11/05 04:07:05 djm Exp $ |
diff --git a/auth2-gss.c b/auth2-gss.c index 533649e7e..95844a05e 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-gss.c,v 1.11 2005/10/13 14:03:01 stevesk Exp $ */ | 1 | /* $OpenBSD: auth2-gss.c,v 1.12 2005/10/13 22:24:31 stevesk Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -48,7 +48,7 @@ static void input_gssapi_errtok(int, u_int32_t, void *); | |||
48 | 48 | ||
49 | /* | 49 | /* |
50 | * We only support those mechanisms that we know about (ie ones that we know | 50 | * We only support those mechanisms that we know about (ie ones that we know |
51 | * how to check local user kuserok and the like | 51 | * how to check local user kuserok and the like) |
52 | */ | 52 | */ |
53 | static int | 53 | static int |
54 | userauth_gssapi(Authctxt *authctxt) | 54 | userauth_gssapi(Authctxt *authctxt) |
@@ -104,7 +104,7 @@ userauth_gssapi(Authctxt *authctxt) | |||
104 | return (0); | 104 | return (0); |
105 | } | 105 | } |
106 | 106 | ||
107 | authctxt->methoddata=(void *)ctxt; | 107 | authctxt->methoddata = (void *)ctxt; |
108 | 108 | ||
109 | packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); | 109 | packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); |
110 | 110 | ||
diff --git a/gss-genr.c b/gss-genr.c index 2450a370c..c2b4f2dd8 100644 --- a/gss-genr.c +++ b/gss-genr.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: gss-genr.c,v 1.5 2005/10/13 14:03:01 stevesk Exp $ */ | 1 | /* $OpenBSD: gss-genr.c,v 1.6 2005/10/13 22:24:31 stevesk Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -268,7 +268,8 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, | |||
268 | } | 268 | } |
269 | 269 | ||
270 | OM_uint32 | 270 | OM_uint32 |
271 | ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) { | 271 | ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) |
272 | { | ||
272 | if (*ctx) | 273 | if (*ctx) |
273 | ssh_gssapi_delete_ctx(ctx); | 274 | ssh_gssapi_delete_ctx(ctx); |
274 | ssh_gssapi_build_ctx(ctx); | 275 | ssh_gssapi_build_ctx(ctx); |
diff --git a/gss-serv.c b/gss-serv.c index 56ff9f612..26eec25bd 100644 --- a/gss-serv.c +++ b/gss-serv.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: gss-serv.c,v 1.12 2005/10/13 19:08:08 stevesk Exp $ */ | 1 | /* $OpenBSD: gss-serv.c,v 1.13 2005/10/13 22:24:31 stevesk Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -134,14 +134,14 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) | |||
134 | OM_uint32 offset; | 134 | OM_uint32 offset; |
135 | OM_uint32 oidl; | 135 | OM_uint32 oidl; |
136 | 136 | ||
137 | tok=ename->value; | 137 | tok = ename->value; |
138 | 138 | ||
139 | /* | 139 | /* |
140 | * Check that ename is long enough for all of the fixed length | 140 | * Check that ename is long enough for all of the fixed length |
141 | * header, and that the initial ID bytes are correct | 141 | * header, and that the initial ID bytes are correct |
142 | */ | 142 | */ |
143 | 143 | ||
144 | if (ename->length<6 || memcmp(tok,"\x04\x01", 2)!=0) | 144 | if (ename->length < 6 || memcmp(tok, "\x04\x01", 2) != 0) |
145 | return GSS_S_FAILURE; | 145 | return GSS_S_FAILURE; |
146 | 146 | ||
147 | /* | 147 | /* |
@@ -160,7 +160,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) | |||
160 | */ | 160 | */ |
161 | if (tok[4] != 0x06 || tok[5] != oidl || | 161 | if (tok[4] != 0x06 || tok[5] != oidl || |
162 | ename->length < oidl+6 || | 162 | ename->length < oidl+6 || |
163 | !ssh_gssapi_check_oid(ctx,tok+6,oidl)) | 163 | !ssh_gssapi_check_oid(ctx, tok+6, oidl)) |
164 | return GSS_S_FAILURE; | 164 | return GSS_S_FAILURE; |
165 | 165 | ||
166 | offset = oidl+6; | 166 | offset = oidl+6; |
@@ -175,7 +175,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) | |||
175 | return GSS_S_FAILURE; | 175 | return GSS_S_FAILURE; |
176 | 176 | ||
177 | name->value = xmalloc(name->length+1); | 177 | name->value = xmalloc(name->length+1); |
178 | memcpy(name->value,tok+offset,name->length); | 178 | memcpy(name->value, tok+offset,name->length); |
179 | ((char *)name->value)[name->length] = 0; | 179 | ((char *)name->value)[name->length] = 0; |
180 | 180 | ||
181 | return GSS_S_COMPLETE; | 181 | return GSS_S_COMPLETE; |
@@ -259,9 +259,8 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) | |||
259 | 259 | ||
260 | if (gssapi_client.store.envvar != NULL && | 260 | if (gssapi_client.store.envvar != NULL && |
261 | gssapi_client.store.envval != NULL) { | 261 | gssapi_client.store.envval != NULL) { |
262 | |||
263 | debug("Setting %s to %s", gssapi_client.store.envvar, | 262 | debug("Setting %s to %s", gssapi_client.store.envvar, |
264 | gssapi_client.store.envval); | 263 | gssapi_client.store.envval); |
265 | child_set_env(envp, envsizep, gssapi_client.store.envvar, | 264 | child_set_env(envp, envsizep, gssapi_client.store.envvar, |
266 | gssapi_client.store.envval); | 265 | gssapi_client.store.envval); |
267 | } | 266 | } |
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: monitor.c,v 1.63 2005/03/10 22:01:05 deraadt Exp $"); | 28 | RCSID("$OpenBSD: monitor.c,v 1.64 2005/10/13 22:24:31 stevesk Exp $"); |
29 | 29 | ||
30 | #include <openssl/dh.h> | 30 | #include <openssl/dh.h> |
31 | 31 | ||
@@ -1829,7 +1829,7 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m) | |||
1829 | buffer_clear(m); | 1829 | buffer_clear(m); |
1830 | buffer_put_int(m, major); | 1830 | buffer_put_int(m, major); |
1831 | 1831 | ||
1832 | mm_request_send(sock,MONITOR_ANS_GSSSETUP, m); | 1832 | mm_request_send(sock, MONITOR_ANS_GSSSETUP, m); |
1833 | 1833 | ||
1834 | /* Now we have a context, enable the step */ | 1834 | /* Now we have a context, enable the step */ |
1835 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1); | 1835 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1); |
@@ -1842,7 +1842,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) | |||
1842 | { | 1842 | { |
1843 | gss_buffer_desc in; | 1843 | gss_buffer_desc in; |
1844 | gss_buffer_desc out = GSS_C_EMPTY_BUFFER; | 1844 | gss_buffer_desc out = GSS_C_EMPTY_BUFFER; |
1845 | OM_uint32 major,minor; | 1845 | OM_uint32 major, minor; |
1846 | OM_uint32 flags = 0; /* GSI needs this */ | 1846 | OM_uint32 flags = 0; /* GSI needs this */ |
1847 | u_int len; | 1847 | u_int len; |
1848 | 1848 | ||
@@ -1859,7 +1859,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) | |||
1859 | 1859 | ||
1860 | gss_release_buffer(&minor, &out); | 1860 | gss_release_buffer(&minor, &out); |
1861 | 1861 | ||
1862 | if (major==GSS_S_COMPLETE) { | 1862 | if (major == GSS_S_COMPLETE) { |
1863 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); | 1863 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); |
1864 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); | 1864 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); |
1865 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); | 1865 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); |
@@ -1908,7 +1908,7 @@ mm_answer_gss_userok(int sock, Buffer *m) | |||
1908 | debug3("%s: sending result %d", __func__, authenticated); | 1908 | debug3("%s: sending result %d", __func__, authenticated); |
1909 | mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); | 1909 | mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); |
1910 | 1910 | ||
1911 | auth_method="gssapi-with-mic"; | 1911 | auth_method = "gssapi-with-mic"; |
1912 | 1912 | ||
1913 | /* Monitor loop will terminate if authenticated */ | 1913 | /* Monitor loop will terminate if authenticated */ |
1914 | return (authenticated); | 1914 | return (authenticated); |