diff options
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r-- | monitor_wrap.c | 73 |
1 files changed, 71 insertions, 2 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c index 9e7e6b3c3..4073905f6 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: monitor_wrap.c,v 1.28 2003/07/22 13:35:22 markus Exp $"); | 28 | RCSID("$OpenBSD: monitor_wrap.c,v 1.29 2003/08/22 10:56:09 markus Exp $"); |
29 | 29 | ||
30 | #include <openssl/bn.h> | 30 | #include <openssl/bn.h> |
31 | #include <openssl/dh.h> | 31 | #include <openssl/dh.h> |
@@ -53,6 +53,10 @@ RCSID("$OpenBSD: monitor_wrap.c,v 1.28 2003/07/22 13:35:22 markus Exp $"); | |||
53 | #include "channels.h" | 53 | #include "channels.h" |
54 | #include "session.h" | 54 | #include "session.h" |
55 | 55 | ||
56 | #ifdef GSSAPI | ||
57 | #include "ssh-gss.h" | ||
58 | #endif | ||
59 | |||
56 | /* Imports */ | 60 | /* Imports */ |
57 | extern int compat20; | 61 | extern int compat20; |
58 | extern Newkeys *newkeys[]; | 62 | extern Newkeys *newkeys[]; |
@@ -1100,4 +1104,69 @@ mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp) | |||
1100 | buffer_free(&m); | 1104 | buffer_free(&m); |
1101 | return (success); | 1105 | return (success); |
1102 | } | 1106 | } |
1103 | #endif | 1107 | #endif /* KRB5 */ |
1108 | |||
1109 | #ifdef GSSAPI | ||
1110 | OM_uint32 | ||
1111 | mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) | ||
1112 | { | ||
1113 | Buffer m; | ||
1114 | OM_uint32 major; | ||
1115 | |||
1116 | /* Client doesn't get to see the context */ | ||
1117 | *ctx = NULL; | ||
1118 | |||
1119 | buffer_init(&m); | ||
1120 | buffer_put_string(&m, oid->elements, oid->length); | ||
1121 | |||
1122 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m); | ||
1123 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m); | ||
1124 | |||
1125 | major = buffer_get_int(&m); | ||
1126 | |||
1127 | buffer_free(&m); | ||
1128 | return (major); | ||
1129 | } | ||
1130 | |||
1131 | OM_uint32 | ||
1132 | mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in, | ||
1133 | gss_buffer_desc *out, OM_uint32 *flags) | ||
1134 | { | ||
1135 | Buffer m; | ||
1136 | OM_uint32 major; | ||
1137 | |||
1138 | buffer_init(&m); | ||
1139 | buffer_put_string(&m, in->value, in->length); | ||
1140 | |||
1141 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSTEP, &m); | ||
1142 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, &m); | ||
1143 | |||
1144 | major = buffer_get_int(&m); | ||
1145 | out->value = buffer_get_string(&m, &out->length); | ||
1146 | if (flags) | ||
1147 | *flags = buffer_get_int(&m); | ||
1148 | |||
1149 | buffer_free(&m); | ||
1150 | |||
1151 | return (major); | ||
1152 | } | ||
1153 | |||
1154 | int | ||
1155 | mm_ssh_gssapi_userok(char *user) | ||
1156 | { | ||
1157 | Buffer m; | ||
1158 | int authenticated = 0; | ||
1159 | |||
1160 | buffer_init(&m); | ||
1161 | |||
1162 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, &m); | ||
1163 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUSEROK, | ||
1164 | &m); | ||
1165 | |||
1166 | authenticated = buffer_get_int(&m); | ||
1167 | |||
1168 | buffer_free(&m); | ||
1169 | debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); | ||
1170 | return (authenticated); | ||
1171 | } | ||
1172 | #endif /* GSSAPI */ | ||