1 files changed, 45 insertions, 3 deletions
diff --git a/auth2-gss.c b/auth2-gss.c
index 1ca835773..3b5036dfd 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,7 +1,7 @@
 /* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */
 /*
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -53,6 +53,40 @@ static int input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
 static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
 static int input_gssapi_errtok(int, u_int32_t, void *);
+/* 
+ * The 'gssapi_keyex' userauth mechanism.
+ */
+static int
+userauth_gsskeyex(Authctxt *authctxt)
+{
+        int authenticated = 0;
+        Buffer b;
+        gss_buffer_desc mic, gssbuf;
+        u_int len;
+        mic.value = packet_get_string(&len);
+        mic.length = len;
+        packet_check_eom();
+        ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
+            "gssapi-keyex");
+        gssbuf.value = buffer_ptr(&b);
+        gssbuf.length = buffer_len(&b);
+        /* gss_kex_context is NULL with privsep, so we can't check it here */
+        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
+            &gssbuf, &mic))))
+                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+                    authctxt->pw));
+        
+        buffer_free(&b);
+        free(mic.value);
+        return (authenticated);
+}
 /*
 * We only support those mechanisms that we know about (ie ones that we know
 * how to check local user kuserok and the like)
@@ -238,7 +272,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
        packet_check_eom();
-        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+            authctxt->pw));
        authctxt->postponed = 0;
        dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -274,7 +309,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        gssbuf.length = buffer_len(&b);
        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
-                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+                authenticated = 
+                    PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
        else
                logit("GSSAPI MIC check failed");
@@ -290,6 +326,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        return 0;
 }
+Authmethod method_gsskeyex = {
+        "gssapi-keyex",
+        userauth_gsskeyex,
+        &options.gss_authentication
+};
 Authmethod method_gssapi = {
        "gssapi-with-mic",
        userauth_gssapi,

diff --git a/auth2-gss.c b/auth2-gss.c index 1ca835773..3b5036dfd 100644 --- a/auth2-gss.c +++ b/auth2-gss.c
@@ -1,7 +1,7 @@
1	/* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */	1	/* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.	4	* Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
5	*	5	*
6	* Redistribution and use in source and binary forms, with or without	6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions	7	* modification, are permitted provided that the following conditions
@@ -53,6 +53,40 @@ static int input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
53	static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);	53	static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
54	static int input_gssapi_errtok(int, u_int32_t, void *);	54	static int input_gssapi_errtok(int, u_int32_t, void *);
55		55
		56	/*
		57	* The 'gssapi_keyex' userauth mechanism.
		58	*/
		59	static int
		60	userauth_gsskeyex(Authctxt *authctxt)
		61	{
		62	int authenticated = 0;
		63	Buffer b;
		64	gss_buffer_desc mic, gssbuf;
		65	u_int len;
		66
		67	mic.value = packet_get_string(&len);
		68	mic.length = len;
		69
		70	packet_check_eom();
		71
		72	ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
		73	"gssapi-keyex");
		74
		75	gssbuf.value = buffer_ptr(&b);
		76	gssbuf.length = buffer_len(&b);
		77
		78	/* gss_kex_context is NULL with privsep, so we can't check it here */
		79	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
		80	&gssbuf, &mic))))
		81	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		82	authctxt->pw));
		83
		84	buffer_free(&b);
		85	free(mic.value);
		86
		87	return (authenticated);
		88	}
		89
56	/*	90	/*
57	* We only support those mechanisms that we know about (ie ones that we know	91	* We only support those mechanisms that we know about (ie ones that we know
58	* how to check local user kuserok and the like)	92	* how to check local user kuserok and the like)
@@ -238,7 +272,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
238		272
239	packet_check_eom();	273	packet_check_eom();
240		274
241	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	275	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		276	authctxt->pw));
242		277
243	authctxt->postponed = 0;	278	authctxt->postponed = 0;
244	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);	279	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -274,7 +309,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
274	gssbuf.length = buffer_len(&b);	309	gssbuf.length = buffer_len(&b);
275		310
276	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))	311	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
277	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	312	authenticated =
		313	PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
278	else	314	else
279	logit("GSSAPI MIC check failed");	315	logit("GSSAPI MIC check failed");
280		316
@@ -290,6 +326,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
290	return 0;	326	return 0;
291	}	327	}
292		328
		329	Authmethod method_gsskeyex = {
		330	"gssapi-keyex",
		331	userauth_gsskeyex,
		332	&options.gss_authentication
		333	};
		334
293	Authmethod method_gssapi = {	335	Authmethod method_gssapi = {
294	"gssapi-with-mic",	336	"gssapi-with-mic",
295	userauth_gssapi,	337	userauth_gssapi,