1 files changed, 45 insertions, 3 deletions
diff --git a/auth2-gss.c b/auth2-gss.c
index 447f896f2..284f364b0 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,7 +1,7 @@
 /* $OpenBSD: auth2-gss.c,v 1.21 2014/02/26 20:28:44 djm Exp $ */
 /*
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -53,6 +53,40 @@ static void input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
 static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
 static void input_gssapi_errtok(int, u_int32_t, void *);
+/* 
+ * The 'gssapi_keyex' userauth mechanism.
+ */
+static int
+userauth_gsskeyex(Authctxt *authctxt)
+{
+        int authenticated = 0;
+        Buffer b;
+        gss_buffer_desc mic, gssbuf;
+        u_int len;
+        mic.value = packet_get_string(&len);
+        mic.length = len;
+        packet_check_eom();
+        ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
+            "gssapi-keyex");
+        gssbuf.value = buffer_ptr(&b);
+        gssbuf.length = buffer_len(&b);
+        /* gss_kex_context is NULL with privsep, so we can't check it here */
+        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
+            &gssbuf, &mic))))
+                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+                    authctxt->pw));
+        
+        buffer_free(&b);
+        free(mic.value);
+        return (authenticated);
+}
 /*
 * We only support those mechanisms that we know about (ie ones that we know
 * how to check local user kuserok and the like)
@@ -236,7 +270,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
        packet_check_eom();
-        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+            authctxt->pw));
        authctxt->postponed = 0;
        dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -271,7 +306,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        gssbuf.length = buffer_len(&b);
        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
-                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+                authenticated = 
+                    PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
        else
                logit("GSSAPI MIC check failed");
@@ -286,6 +322,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
 }
+Authmethod method_gsskeyex = {
+        "gssapi-keyex",
+        userauth_gsskeyex,
+        &options.gss_authentication
+};
 Authmethod method_gssapi = {
        "gssapi-with-mic",
        userauth_gssapi,

diff --git a/auth2-gss.c b/auth2-gss.c index 447f896f2..284f364b0 100644 --- a/auth2-gss.c +++ b/auth2-gss.c
@@ -1,7 +1,7 @@
1	/* $OpenBSD: auth2-gss.c,v 1.21 2014/02/26 20:28:44 djm Exp $ */	1	/* $OpenBSD: auth2-gss.c,v 1.21 2014/02/26 20:28:44 djm Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.	4	* Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
5	*	5	*
6	* Redistribution and use in source and binary forms, with or without	6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions	7	* modification, are permitted provided that the following conditions
@@ -53,6 +53,40 @@ static void input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
53	static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);	53	static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
54	static void input_gssapi_errtok(int, u_int32_t, void *);	54	static void input_gssapi_errtok(int, u_int32_t, void *);
55		55
		56	/*
		57	* The 'gssapi_keyex' userauth mechanism.
		58	*/
		59	static int
		60	userauth_gsskeyex(Authctxt *authctxt)
		61	{
		62	int authenticated = 0;
		63	Buffer b;
		64	gss_buffer_desc mic, gssbuf;
		65	u_int len;
		66
		67	mic.value = packet_get_string(&len);
		68	mic.length = len;
		69
		70	packet_check_eom();
		71
		72	ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
		73	"gssapi-keyex");
		74
		75	gssbuf.value = buffer_ptr(&b);
		76	gssbuf.length = buffer_len(&b);
		77
		78	/* gss_kex_context is NULL with privsep, so we can't check it here */
		79	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
		80	&gssbuf, &mic))))
		81	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		82	authctxt->pw));
		83
		84	buffer_free(&b);
		85	free(mic.value);
		86
		87	return (authenticated);
		88	}
		89
56	/*	90	/*
57	* We only support those mechanisms that we know about (ie ones that we know	91	* We only support those mechanisms that we know about (ie ones that we know
58	* how to check local user kuserok and the like)	92	* how to check local user kuserok and the like)
@@ -236,7 +270,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
236		270
237	packet_check_eom();	271	packet_check_eom();
238		272
239	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	273	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		274	authctxt->pw));
240		275
241	authctxt->postponed = 0;	276	authctxt->postponed = 0;
242	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);	277	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -271,7 +306,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
271	gssbuf.length = buffer_len(&b);	306	gssbuf.length = buffer_len(&b);
272		307
273	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))	308	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
274	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	309	authenticated =
		310	PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
275	else	311	else
276	logit("GSSAPI MIC check failed");	312	logit("GSSAPI MIC check failed");
277		313
@@ -286,6 +322,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
286	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);	322	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
287	}	323	}
288		324
		325	Authmethod method_gsskeyex = {
		326	"gssapi-keyex",
		327	userauth_gsskeyex,
		328	&options.gss_authentication
		329	};
		330
289	Authmethod method_gssapi = {	331	Authmethod method_gssapi = {
290	"gssapi-with-mic",	332	"gssapi-with-mic",
291	userauth_gssapi,	333	userauth_gssapi,