From a916d143a16c59a6bc82df5e1d6b046e17d31848 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 7 Jul 2005 11:50:20 +1000 Subject: - [auth-krb5.c auth.h gss-serv-krb5.c] Move KRB5CCNAME generation for the MIT Kerberos code path into a common function and expand mkstemp template to be consistent with the rest of OpenSSH. From sxw at inf.ed.ac.uk, ok djm@ --- gss-serv-krb5.c | 32 ++++---------------------------- 1 file changed, 4 insertions(+), 28 deletions(-) (limited to 'gss-serv-krb5.c') diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 91d87f798..c642a83fe 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -131,34 +131,10 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; } #else - { - int tmpfd; - char ccname[40]; - mode_t old_umask; - - snprintf(ccname, sizeof(ccname), - "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); - - old_umask = umask(0177); - tmpfd = mkstemp(ccname + strlen("FILE:")); - umask(old_umask); - if (tmpfd == -1) { - logit("mkstemp(): %.100s", strerror(errno)); - problem = errno; - return; - } - if (fchmod(tmpfd, S_IRUSR | S_IWUSR) == -1) { - logit("fchmod(): %.100s", strerror(errno)); - close(tmpfd); - problem = errno; - return; - } - close(tmpfd); - if ((problem = krb5_cc_resolve(krb_context, ccname, &ccache))) { - logit("krb5_cc_resolve(): %.100s", - krb5_get_err_text(krb_context, problem)); - return; - } + if ((problem = ssh_krb5_cc_gen(krb_context, &ccache))) { + logit("ssh_krb5_cc_gen(): %.100s", + krb5_get_err_text(krb_context, problem)); + return; } #endif /* #ifdef HEIMDAL */ -- cgit v1.2.3 From 893c602ef05e2a11d76a945ac19c75bcc029c515 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 7 Jul 2005 20:33:36 +1000 Subject: - (dtucker) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Remove calls to krb5_init_ets, which has not been required since krb-1.1.x and most Kerberos versions no longer export in their public API. From sxw at inf.ed.ac.uk, ok djm@ --- ChangeLog | 6 +++++- acconfig.h | 5 +---- auth-krb5.c | 3 --- configure.ac | 3 +-- gss-serv-krb5.c | 3 --- 5 files changed, 7 insertions(+), 13 deletions(-) (limited to 'gss-serv-krb5.c') diff --git a/ChangeLog b/ChangeLog index 5e4d01470..f76094f78 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,10 @@ - (dtucker) [auth-krb5.c] There's no guarantee that snprintf will set errno in the case where the buffer is insufficient, so always return ENOMEM. Also pointed out by sxw at inf.ed.ac.uk. + - (dtucker) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Remove + calls to krb5_init_ets, which has not been required since krb-1.1.x and + most Kerberos versions no longer export in their public API. From sxw + at inf.ed.ac.uk, ok djm@ 20050706 - (djm) OpenBSD CVS Sync @@ -2791,4 +2795,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3837 2005/07/07 10:09:35 dtucker Exp $ +$Id: ChangeLog,v 1.3838 2005/07/07 10:33:36 dtucker Exp $ diff --git a/acconfig.h b/acconfig.h index bb2e62d23..79b5e8191 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.182 2005/05/27 11:13:41 dtucker Exp $ */ +/* $Id: acconfig.h,v 1.183 2005/07/07 10:33:36 dtucker Exp $ */ /* * Copyright (c) 1999-2003 Damien Miller. All rights reserved. @@ -202,9 +202,6 @@ /* Define if you don't want to use lastlog in session.c */ #undef NO_SSH_LASTLOG -/* Define if have krb5_init_ets */ -#undef KRB5_INIT_ETS - /* Define if you don't want to use utmp */ #undef DISABLE_UTMP diff --git a/auth-krb5.c b/auth-krb5.c index 6ae4f5fc4..c7367b49a 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -54,9 +54,6 @@ krb5_init(void *context) problem = krb5_init_context(&authctxt->krb5_ctx); if (problem) return (problem); -#ifdef KRB5_INIT_ETS - krb5_init_ets(authctxt->krb5_ctx); -#endif } return (0); } diff --git a/configure.ac b/configure.ac index 027b2a4e1..e7475a9e5 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.276 2005/06/19 00:19:43 djm Exp $ +# $Id: configure.ac,v 1.277 2005/07/07 10:33:36 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -2717,7 +2717,6 @@ AC_ARG_WITH(kerberos5, LIBS="$LIBS $K5LIBS" AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS)) - AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS)) ] ) diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index c642a83fe..4f02621dd 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -65,9 +65,6 @@ ssh_gssapi_krb5_init(void) logit("Cannot initialize krb5 context"); return 0; } -#ifdef KRB5_INIT_ETS - krb5_init_ets(krb_context); -#endif return 1; } -- cgit v1.2.3