diff options
Diffstat (limited to 'auth-krb5.c')
| -rw-r--r-- | auth-krb5.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/auth-krb5.c b/auth-krb5.c index c7367b49a..5f554a66b 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
| @@ -159,8 +159,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
| 159 | 159 | ||
| 160 | len = strlen(authctxt->krb5_ticket_file) + 6; | 160 | len = strlen(authctxt->krb5_ticket_file) + 6; |
| 161 | authctxt->krb5_ccname = xmalloc(len); | 161 | authctxt->krb5_ccname = xmalloc(len); |
| 162 | #ifdef USE_CCAPI | ||
| 163 | snprintf(authctxt->krb5_ccname, len, "API:%s", | ||
| 164 | authctxt->krb5_ticket_file); | ||
| 165 | #else | ||
| 162 | snprintf(authctxt->krb5_ccname, len, "FILE:%s", | 166 | snprintf(authctxt->krb5_ccname, len, "FILE:%s", |
| 163 | authctxt->krb5_ticket_file); | 167 | authctxt->krb5_ticket_file); |
| 168 | #endif | ||
| 164 | 169 | ||
| 165 | #ifdef USE_PAM | 170 | #ifdef USE_PAM |
| 166 | if (options.use_pam) | 171 | if (options.use_pam) |
| @@ -212,15 +217,22 @@ krb5_cleanup_proc(Authctxt *authctxt) | |||
| 212 | #ifndef HEIMDAL | 217 | #ifndef HEIMDAL |
| 213 | krb5_error_code | 218 | krb5_error_code |
| 214 | ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { | 219 | ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { |
| 215 | int tmpfd, ret; | 220 | int ret; |
| 216 | char ccname[40]; | 221 | char ccname[40]; |
| 217 | mode_t old_umask; | 222 | mode_t old_umask; |
| 223 | #ifdef USE_CCAPI | ||
| 224 | char cctemplate[] = "API:krb5cc_%d"; | ||
| 225 | #else | ||
| 226 | char cctemplate[] = "FILE:/tmp/krb5cc_%d_XXXXXXXXXX"; | ||
| 227 | int tmpfd; | ||
| 228 | #endif | ||
| 218 | 229 | ||
| 219 | ret = snprintf(ccname, sizeof(ccname), | 230 | ret = snprintf(ccname, sizeof(ccname), |
| 220 | "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); | 231 | cctemplate, geteuid()); |
| 221 | if (ret == -1 || ret >= sizeof(ccname)) | 232 | if (ret == -1 || ret >= (int) sizeof(ccname)) |
| 222 | return ENOMEM; | 233 | return ENOMEM; |
| 223 | 234 | ||
| 235 | #ifndef USE_CCAPI | ||
| 224 | old_umask = umask(0177); | 236 | old_umask = umask(0177); |
| 225 | tmpfd = mkstemp(ccname + strlen("FILE:")); | 237 | tmpfd = mkstemp(ccname + strlen("FILE:")); |
| 226 | umask(old_umask); | 238 | umask(old_umask); |
| @@ -235,6 +247,7 @@ ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { | |||
| 235 | return errno; | 247 | return errno; |
| 236 | } | 248 | } |
| 237 | close(tmpfd); | 249 | close(tmpfd); |
| 250 | #endif | ||
| 238 | 251 | ||
| 239 | return (krb5_cc_resolve(ctx, ccname, ccache)); | 252 | return (krb5_cc_resolve(ctx, ccname, ccache)); |
| 240 | } | 253 | } |