diff options
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 57 |
1 files changed, 4 insertions, 53 deletions
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.158 2003/06/02 09:17:34 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.159 2003/07/22 13:35:22 markus Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -222,10 +222,6 @@ do_authenticated(Authctxt *authctxt) | |||
222 | /* remove agent socket */ | 222 | /* remove agent socket */ |
223 | if (auth_sock_name != NULL) | 223 | if (auth_sock_name != NULL) |
224 | auth_sock_cleanup_proc(authctxt->pw); | 224 | auth_sock_cleanup_proc(authctxt->pw); |
225 | #ifdef KRB4 | ||
226 | if (options.kerberos_ticket_cleanup) | ||
227 | krb4_cleanup_proc(authctxt); | ||
228 | #endif | ||
229 | #ifdef KRB5 | 225 | #ifdef KRB5 |
230 | if (options.kerberos_ticket_cleanup) | 226 | if (options.kerberos_ticket_cleanup) |
231 | krb5_cleanup_proc(authctxt); | 227 | krb5_cleanup_proc(authctxt); |
@@ -338,7 +334,7 @@ do_authenticated1(Authctxt *authctxt) | |||
338 | success = 1; | 334 | success = 1; |
339 | break; | 335 | break; |
340 | 336 | ||
341 | #if defined(AFS) || defined(KRB5) | 337 | #ifdef KRB5 |
342 | case SSH_CMSG_HAVE_KERBEROS_TGT: | 338 | case SSH_CMSG_HAVE_KERBEROS_TGT: |
343 | if (!options.kerberos_tgt_passing) { | 339 | if (!options.kerberos_tgt_passing) { |
344 | verbose("Kerberos TGT passing disabled."); | 340 | verbose("Kerberos TGT passing disabled."); |
@@ -346,9 +342,8 @@ do_authenticated1(Authctxt *authctxt) | |||
346 | char *kdata = packet_get_string(&dlen); | 342 | char *kdata = packet_get_string(&dlen); |
347 | packet_check_eom(); | 343 | packet_check_eom(); |
348 | 344 | ||
349 | /* XXX - 0x41, see creds_to_radix version */ | 345 | /* XXX - 0x41, used for AFS */ |
350 | if (kdata[0] != 0x41) { | 346 | if (kdata[0] != 0x41) { |
351 | #ifdef KRB5 | ||
352 | krb5_data tgt; | 347 | krb5_data tgt; |
353 | tgt.data = kdata; | 348 | tgt.data = kdata; |
354 | tgt.length = dlen; | 349 | tgt.length = dlen; |
@@ -357,38 +352,11 @@ do_authenticated1(Authctxt *authctxt) | |||
357 | success = 1; | 352 | success = 1; |
358 | else | 353 | else |
359 | verbose("Kerberos v5 TGT refused for %.100s", s->authctxt->user); | 354 | verbose("Kerberos v5 TGT refused for %.100s", s->authctxt->user); |
360 | #endif /* KRB5 */ | ||
361 | } else { | ||
362 | #ifdef AFS | ||
363 | if (auth_krb4_tgt(s->authctxt, kdata)) | ||
364 | success = 1; | ||
365 | else | ||
366 | verbose("Kerberos v4 TGT refused for %.100s", s->authctxt->user); | ||
367 | #endif /* AFS */ | ||
368 | } | 355 | } |
369 | xfree(kdata); | 356 | xfree(kdata); |
370 | } | 357 | } |
371 | break; | 358 | break; |
372 | #endif /* AFS || KRB5 */ | 359 | #endif |
373 | |||
374 | #ifdef AFS | ||
375 | case SSH_CMSG_HAVE_AFS_TOKEN: | ||
376 | if (!options.afs_token_passing || !k_hasafs()) { | ||
377 | verbose("AFS token passing disabled."); | ||
378 | } else { | ||
379 | /* Accept AFS token. */ | ||
380 | char *token = packet_get_string(&dlen); | ||
381 | packet_check_eom(); | ||
382 | |||
383 | if (auth_afs_token(s->authctxt, token)) | ||
384 | success = 1; | ||
385 | else | ||
386 | verbose("AFS token refused for %.100s", | ||
387 | s->authctxt->user); | ||
388 | xfree(token); | ||
389 | } | ||
390 | break; | ||
391 | #endif /* AFS */ | ||
392 | 360 | ||
393 | case SSH_CMSG_EXEC_SHELL: | 361 | case SSH_CMSG_EXEC_SHELL: |
394 | case SSH_CMSG_EXEC_CMD: | 362 | case SSH_CMSG_EXEC_CMD: |
@@ -1066,11 +1034,6 @@ do_setup_env(Session *s, const char *shell) | |||
1066 | read_environment_file(&env, &envsize, "/etc/environment"); | 1034 | read_environment_file(&env, &envsize, "/etc/environment"); |
1067 | } | 1035 | } |
1068 | #endif | 1036 | #endif |
1069 | #ifdef KRB4 | ||
1070 | if (s->authctxt->krb4_ticket_file) | ||
1071 | child_set_env(&env, &envsize, "KRBTKFILE", | ||
1072 | s->authctxt->krb4_ticket_file); | ||
1073 | #endif | ||
1074 | #ifdef KRB5 | 1037 | #ifdef KRB5 |
1075 | if (s->authctxt->krb5_ticket_file) | 1038 | if (s->authctxt->krb5_ticket_file) |
1076 | child_set_env(&env, &envsize, "KRB5CCNAME", | 1039 | child_set_env(&env, &envsize, "KRB5CCNAME", |
@@ -1396,18 +1359,6 @@ do_child(Session *s, const char *command) | |||
1396 | */ | 1359 | */ |
1397 | environ = env; | 1360 | environ = env; |
1398 | 1361 | ||
1399 | #ifdef AFS | ||
1400 | /* Try to get AFS tokens for the local cell. */ | ||
1401 | if (k_hasafs()) { | ||
1402 | char cell[64]; | ||
1403 | |||
1404 | if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) | ||
1405 | krb_afslog(cell, 0); | ||
1406 | |||
1407 | krb_afslog(0, 0); | ||
1408 | } | ||
1409 | #endif /* AFS */ | ||
1410 | |||
1411 | /* Change current directory to the user\'s home directory. */ | 1362 | /* Change current directory to the user\'s home directory. */ |
1412 | if (chdir(pw->pw_dir) < 0) { | 1363 | if (chdir(pw->pw_dir) < 0) { |
1413 | fprintf(stderr, "Could not chdir to home directory %s: %s\n", | 1364 | fprintf(stderr, "Could not chdir to home directory %s: %s\n", |