diff options
Diffstat (limited to 'auth-krb4.c')
-rw-r--r-- | auth-krb4.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/auth-krb4.c b/auth-krb4.c index 799cf261a..21a9625e3 100644 --- a/auth-krb4.c +++ b/auth-krb4.c | |||
@@ -28,7 +28,7 @@ | |||
28 | #include "ssh.h" | 28 | #include "ssh.h" |
29 | #include "servconf.h" | 29 | #include "servconf.h" |
30 | 30 | ||
31 | RCSID("$OpenBSD: auth-krb4.c,v 1.18 2000/09/07 20:27:49 deraadt Exp $"); | 31 | RCSID("$OpenBSD: auth-krb4.c,v 1.19 2000/10/03 18:03:02 markus Exp $"); |
32 | 32 | ||
33 | #ifdef KRB4 | 33 | #ifdef KRB4 |
34 | char *ticket = NULL; | 34 | char *ticket = NULL; |
@@ -280,6 +280,8 @@ auth_kerberos_tgt(struct passwd *pw, const char *string) | |||
280 | { | 280 | { |
281 | CREDENTIALS creds; | 281 | CREDENTIALS creds; |
282 | 282 | ||
283 | if (pw == NULL) | ||
284 | goto auth_kerberos_tgt_failure; | ||
283 | if (!radix_to_creds(string, &creds)) { | 285 | if (!radix_to_creds(string, &creds)) { |
284 | log("Protocol error decoding Kerberos V4 tgt"); | 286 | log("Protocol error decoding Kerberos V4 tgt"); |
285 | packet_send_debug("Protocol error decoding Kerberos V4 tgt"); | 287 | packet_send_debug("Protocol error decoding Kerberos V4 tgt"); |
@@ -334,8 +336,16 @@ int | |||
334 | auth_afs_token(struct passwd *pw, const char *token_string) | 336 | auth_afs_token(struct passwd *pw, const char *token_string) |
335 | { | 337 | { |
336 | CREDENTIALS creds; | 338 | CREDENTIALS creds; |
337 | uid_t uid = pw->pw_uid; | 339 | uid_t uid; |
338 | 340 | ||
341 | if (pw == NULL) { | ||
342 | /* XXX fake protocol error */ | ||
343 | packet_send_debug("Protocol error decoding AFS token"); | ||
344 | packet_start(SSH_SMSG_FAILURE); | ||
345 | packet_send(); | ||
346 | packet_write_wait(); | ||
347 | return 0; | ||
348 | } | ||
339 | if (!radix_to_creds(token_string, &creds)) { | 349 | if (!radix_to_creds(token_string, &creds)) { |
340 | log("Protocol error decoding AFS token"); | 350 | log("Protocol error decoding AFS token"); |
341 | packet_send_debug("Protocol error decoding AFS token"); | 351 | packet_send_debug("Protocol error decoding AFS token"); |
@@ -349,6 +359,8 @@ auth_afs_token(struct passwd *pw, const char *token_string) | |||
349 | 359 | ||
350 | if (strncmp(creds.pname, "AFS ID ", 7) == 0) | 360 | if (strncmp(creds.pname, "AFS ID ", 7) == 0) |
351 | uid = atoi(creds.pname + 7); | 361 | uid = atoi(creds.pname + 7); |
362 | else | ||
363 | uid = pw->pw_uid; | ||
352 | 364 | ||
353 | if (kafs_settoken(creds.realm, uid, &creds)) { | 365 | if (kafs_settoken(creds.realm, uid, &creds)) { |
354 | log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, | 366 | log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, |