diff options
Diffstat (limited to 'auth-krb5.c')
-rw-r--r-- | auth-krb5.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/auth-krb5.c b/auth-krb5.c index c7367b49a..5f554a66b 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -159,8 +159,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
159 | 159 | ||
160 | len = strlen(authctxt->krb5_ticket_file) + 6; | 160 | len = strlen(authctxt->krb5_ticket_file) + 6; |
161 | authctxt->krb5_ccname = xmalloc(len); | 161 | authctxt->krb5_ccname = xmalloc(len); |
162 | #ifdef USE_CCAPI | ||
163 | snprintf(authctxt->krb5_ccname, len, "API:%s", | ||
164 | authctxt->krb5_ticket_file); | ||
165 | #else | ||
162 | snprintf(authctxt->krb5_ccname, len, "FILE:%s", | 166 | snprintf(authctxt->krb5_ccname, len, "FILE:%s", |
163 | authctxt->krb5_ticket_file); | 167 | authctxt->krb5_ticket_file); |
168 | #endif | ||
164 | 169 | ||
165 | #ifdef USE_PAM | 170 | #ifdef USE_PAM |
166 | if (options.use_pam) | 171 | if (options.use_pam) |
@@ -212,15 +217,22 @@ krb5_cleanup_proc(Authctxt *authctxt) | |||
212 | #ifndef HEIMDAL | 217 | #ifndef HEIMDAL |
213 | krb5_error_code | 218 | krb5_error_code |
214 | ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { | 219 | ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { |
215 | int tmpfd, ret; | 220 | int ret; |
216 | char ccname[40]; | 221 | char ccname[40]; |
217 | mode_t old_umask; | 222 | mode_t old_umask; |
223 | #ifdef USE_CCAPI | ||
224 | char cctemplate[] = "API:krb5cc_%d"; | ||
225 | #else | ||
226 | char cctemplate[] = "FILE:/tmp/krb5cc_%d_XXXXXXXXXX"; | ||
227 | int tmpfd; | ||
228 | #endif | ||
218 | 229 | ||
219 | ret = snprintf(ccname, sizeof(ccname), | 230 | ret = snprintf(ccname, sizeof(ccname), |
220 | "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); | 231 | cctemplate, geteuid()); |
221 | if (ret == -1 || ret >= sizeof(ccname)) | 232 | if (ret == -1 || ret >= (int) sizeof(ccname)) |
222 | return ENOMEM; | 233 | return ENOMEM; |
223 | 234 | ||
235 | #ifndef USE_CCAPI | ||
224 | old_umask = umask(0177); | 236 | old_umask = umask(0177); |
225 | tmpfd = mkstemp(ccname + strlen("FILE:")); | 237 | tmpfd = mkstemp(ccname + strlen("FILE:")); |
226 | umask(old_umask); | 238 | umask(old_umask); |
@@ -235,6 +247,7 @@ ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { | |||
235 | return errno; | 247 | return errno; |
236 | } | 248 | } |
237 | close(tmpfd); | 249 | close(tmpfd); |
250 | #endif | ||
238 | 251 | ||
239 | return (krb5_cc_resolve(ctx, ccname, ccache)); | 252 | return (krb5_cc_resolve(ctx, ccname, ccache)); |
240 | } | 253 | } |