diff options
Diffstat (limited to 'auth2-gss.c')
| -rw-r--r-- | auth2-gss.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/auth2-gss.c b/auth2-gss.c index 0ac405496..9cbc29605 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-gss.c,v 1.8 2004/06/21 17:36:31 avsm Exp $ */ | 1 | /* $OpenBSD: auth2-gss.c,v 1.10 2005/07/17 07:17:54 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
| @@ -94,7 +94,7 @@ userauth_gssapi(Authctxt *authctxt) | |||
| 94 | int present; | 94 | int present; |
| 95 | OM_uint32 ms; | 95 | OM_uint32 ms; |
| 96 | u_int len; | 96 | u_int len; |
| 97 | char *doid = NULL; | 97 | u_char *doid = NULL; |
| 98 | 98 | ||
| 99 | if (!authctxt->valid || authctxt->user == NULL) | 99 | if (!authctxt->valid || authctxt->user == NULL) |
| 100 | return (0); | 100 | return (0); |
| @@ -115,9 +115,8 @@ userauth_gssapi(Authctxt *authctxt) | |||
| 115 | present = 0; | 115 | present = 0; |
| 116 | doid = packet_get_string(&len); | 116 | doid = packet_get_string(&len); |
| 117 | 117 | ||
| 118 | if (len > 2 && | 118 | if (len > 2 && doid[0] == SSH_GSS_OIDTYPE && |
| 119 | doid[0] == SSH_GSS_OIDTYPE && | 119 | doid[1] == len - 2) { |
| 120 | doid[1] == len - 2) { | ||
| 121 | goid.elements = doid + 2; | 120 | goid.elements = doid + 2; |
| 122 | goid.length = len - 2; | 121 | goid.length = len - 2; |
| 123 | gss_test_oid_set_member(&ms, &goid, supported, | 122 | gss_test_oid_set_member(&ms, &goid, supported, |
| @@ -131,11 +130,13 @@ userauth_gssapi(Authctxt *authctxt) | |||
| 131 | 130 | ||
| 132 | if (!present) { | 131 | if (!present) { |
| 133 | xfree(doid); | 132 | xfree(doid); |
| 133 | authctxt->server_caused_failure = 1; | ||
| 134 | return (0); | 134 | return (0); |
| 135 | } | 135 | } |
| 136 | 136 | ||
| 137 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { | 137 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { |
| 138 | xfree(doid); | 138 | xfree(doid); |
| 139 | authctxt->server_caused_failure = 1; | ||
| 139 | return (0); | 140 | return (0); |
| 140 | } | 141 | } |
| 141 | 142 | ||
| @@ -320,7 +321,7 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt) | |||
| 320 | } | 321 | } |
| 321 | 322 | ||
| 322 | Authmethod method_gsskeyex = { | 323 | Authmethod method_gsskeyex = { |
| 323 | "gssapi-keyx", | 324 | "gssapi-keyex", |
| 324 | userauth_gsskeyex, | 325 | userauth_gsskeyex, |
| 325 | &options.gss_authentication | 326 | &options.gss_authentication |
| 326 | }; | 327 | }; |