1 files changed, 45 insertions, 3 deletions
diff --git a/auth2-gss.c b/auth2-gss.c
index 638d8f88e..b8db8204f 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,7 +1,7 @@
 /* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */
 /*
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -52,6 +52,40 @@ static void input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
 static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
 static void input_gssapi_errtok(int, u_int32_t, void *);
+/* 
+ * The 'gssapi_keyex' userauth mechanism.
+ */
+static int
+userauth_gsskeyex(Authctxt *authctxt)
+{
+        int authenticated = 0;
+        Buffer b;
+        gss_buffer_desc mic, gssbuf;
+        u_int len;
+        mic.value = packet_get_string(&len);
+        mic.length = len;
+        packet_check_eom();
+        ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
+            "gssapi-keyex");
+        gssbuf.value = buffer_ptr(&b);
+        gssbuf.length = buffer_len(&b);
+        /* gss_kex_context is NULL with privsep, so we can't check it here */
+        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
+            &gssbuf, &mic))))
+                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+                    authctxt->pw));
+        
+        buffer_free(&b);
+        free(mic.value);
+        return (authenticated);
+}
 /*
 * We only support those mechanisms that we know about (ie ones that we know
 * how to check local user kuserok and the like)
@@ -240,7 +274,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
        packet_check_eom();
-        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+            authctxt->pw));
        authctxt->postponed = 0;
        dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -275,7 +310,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        gssbuf.length = buffer_len(&b);
        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
-                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+                authenticated = 
+                    PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
        else
                logit("GSSAPI MIC check failed");
@@ -290,6 +326,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
 }
+Authmethod method_gsskeyex = {
+        "gssapi-keyex",
+        userauth_gsskeyex,
+        &options.gss_authentication
+};
 Authmethod method_gssapi = {
        "gssapi-with-mic",
        userauth_gssapi,

diff --git a/auth2-gss.c b/auth2-gss.c index 638d8f88e..b8db8204f 100644 --- a/auth2-gss.c +++ b/auth2-gss.c
@@ -1,7 +1,7 @@
1	/* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */	1	/* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.	4	* Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
5	*	5	*
6	* Redistribution and use in source and binary forms, with or without	6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions	7	* modification, are permitted provided that the following conditions
@@ -52,6 +52,40 @@ static void input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
52	static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);	52	static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
53	static void input_gssapi_errtok(int, u_int32_t, void *);	53	static void input_gssapi_errtok(int, u_int32_t, void *);
54		54
		55	/*
		56	* The 'gssapi_keyex' userauth mechanism.
		57	*/
		58	static int
		59	userauth_gsskeyex(Authctxt *authctxt)
		60	{
		61	int authenticated = 0;
		62	Buffer b;
		63	gss_buffer_desc mic, gssbuf;
		64	u_int len;
		65
		66	mic.value = packet_get_string(&len);
		67	mic.length = len;
		68
		69	packet_check_eom();
		70
		71	ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
		72	"gssapi-keyex");
		73
		74	gssbuf.value = buffer_ptr(&b);
		75	gssbuf.length = buffer_len(&b);
		76
		77	/* gss_kex_context is NULL with privsep, so we can't check it here */
		78	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
		79	&gssbuf, &mic))))
		80	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		81	authctxt->pw));
		82
		83	buffer_free(&b);
		84	free(mic.value);
		85
		86	return (authenticated);
		87	}
		88
55	/*	89	/*
56	* We only support those mechanisms that we know about (ie ones that we know	90	* We only support those mechanisms that we know about (ie ones that we know
57	* how to check local user kuserok and the like)	91	* how to check local user kuserok and the like)
@@ -240,7 +274,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
240		274
241	packet_check_eom();	275	packet_check_eom();
242		276
243	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	277	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		278	authctxt->pw));
244		279
245	authctxt->postponed = 0;	280	authctxt->postponed = 0;
246	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);	281	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -275,7 +310,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
275	gssbuf.length = buffer_len(&b);	310	gssbuf.length = buffer_len(&b);
276		311
277	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))	312	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
278	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	313	authenticated =
		314	PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
279	else	315	else
280	logit("GSSAPI MIC check failed");	316	logit("GSSAPI MIC check failed");
281		317
@@ -290,6 +326,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
290	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);	326	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
291	}	327	}
292		328
		329	Authmethod method_gsskeyex = {
		330	"gssapi-keyex",
		331	userauth_gsskeyex,
		332	&options.gss_authentication
		333	};
		334
293	Authmethod method_gssapi = {	335	Authmethod method_gssapi = {
294	"gssapi-with-mic",	336	"gssapi-with-mic",
295	userauth_gssapi,	337	userauth_gssapi,