diff options
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 45 |
1 files changed, 44 insertions, 1 deletions
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: monitor.c,v 1.24 2002/08/29 15:57:25 stevesk Exp $"); | 28 | RCSID("$OpenBSD: monitor.c,v 1.25 2002/09/09 06:48:06 itojun Exp $"); |
29 | 29 | ||
30 | #include <openssl/dh.h> | 30 | #include <openssl/dh.h> |
31 | 31 | ||
@@ -120,6 +120,10 @@ int mm_answer_sessid(int, Buffer *); | |||
120 | int mm_answer_pam_start(int, Buffer *); | 120 | int mm_answer_pam_start(int, Buffer *); |
121 | #endif | 121 | #endif |
122 | 122 | ||
123 | #ifdef KRB5 | ||
124 | int mm_answer_krb5(int, Buffer *); | ||
125 | #endif | ||
126 | |||
123 | static Authctxt *authctxt; | 127 | static Authctxt *authctxt; |
124 | static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ | 128 | static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ |
125 | 129 | ||
@@ -199,6 +203,9 @@ struct mon_table mon_dispatch_proto15[] = { | |||
199 | #ifdef USE_PAM | 203 | #ifdef USE_PAM |
200 | {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, | 204 | {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, |
201 | #endif | 205 | #endif |
206 | #ifdef KRB5 | ||
207 | {MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5}, | ||
208 | #endif | ||
202 | {0, 0, NULL} | 209 | {0, 0, NULL} |
203 | }; | 210 | }; |
204 | 211 | ||
@@ -1277,6 +1284,42 @@ mm_answer_rsa_response(int socket, Buffer *m) | |||
1277 | return (success); | 1284 | return (success); |
1278 | } | 1285 | } |
1279 | 1286 | ||
1287 | |||
1288 | #ifdef KRB5 | ||
1289 | int | ||
1290 | mm_answer_krb5(int socket, Buffer *m) | ||
1291 | { | ||
1292 | krb5_data tkt, reply; | ||
1293 | char *client_user; | ||
1294 | u_int len; | ||
1295 | int success; | ||
1296 | |||
1297 | /* use temporary var to avoid size issues on 64bit arch */ | ||
1298 | tkt.data = buffer_get_string(m, &len); | ||
1299 | tkt.length = len; | ||
1300 | |||
1301 | success = auth_krb5(authctxt, &tkt, &client_user, &reply); | ||
1302 | |||
1303 | if (tkt.length) | ||
1304 | xfree(tkt.data); | ||
1305 | |||
1306 | buffer_clear(m); | ||
1307 | buffer_put_int(m, success); | ||
1308 | |||
1309 | if (success) { | ||
1310 | buffer_put_cstring(m, client_user); | ||
1311 | buffer_put_string(m, reply.data, reply.length); | ||
1312 | if (client_user) | ||
1313 | xfree(client_user); | ||
1314 | if (reply.length) | ||
1315 | xfree(reply.data); | ||
1316 | } | ||
1317 | mm_request_send(socket, MONITOR_ANS_KRB5, m); | ||
1318 | |||
1319 | return success; | ||
1320 | } | ||
1321 | #endif | ||
1322 | |||
1280 | int | 1323 | int |
1281 | mm_answer_term(int socket, Buffer *req) | 1324 | mm_answer_term(int socket, Buffer *req) |
1282 | { | 1325 | { |