From ec95ed9b4ca014643a0272f6fa5b24ac9c70d263 Mon Sep 17 00:00:00 2001
From: Ben Lindstrom <mouring@eviladmin.org>
Date: Wed, 4 Jul 2001 04:21:14 +0000
Subject:    - dugsong@cvs.openbsd.org 2001/06/26 16:15:25      [auth1.c auth.h
 auth-krb4.c auth-passwd.c readconf.c readconf.h       servconf.c servconf.h
 session.c sshconnect1.c sshd.c]      Kerberos v5 support for SSH1, mostly
 from Assar Westerlund      <assar@freebsd.org> and Bjorn Gronvall
 <bg@sics.se>. markus@ ok

---
 sshd.c | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

(limited to 'sshd.c')

diff --git a/sshd.c b/sshd.c
index 936e861a9..dd5d7ab2c 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.201 2001/06/23 19:12:43 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.202 2001/06/26 16:15:25 dugsong Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1160,13 +1160,13 @@ main(int ac, char **av)
 		    "originating port not trusted.");
 		options.rhosts_authentication = 0;
 	}
-#ifdef KRB4
+#if defined(KRB4) && !defined(KRB5)
 	if (!packet_connection_is_ipv4() &&
 	    options.kerberos_authentication) {
 		debug("Kerberos Authentication disabled, only available for IPv4.");
 		options.kerberos_authentication = 0;
 	}
-#endif /* KRB4 */
+#endif /* KRB4 && !KRB5 */
 #ifdef AFS
 	/* If machine has AFS, set process authentication group. */
 	if (k_hasafs()) {
@@ -1186,13 +1186,6 @@ main(int ac, char **av)
 		do_ssh1_kex();
 		do_authentication();
 	}
-
-#ifdef KRB4
-	/* Cleanup user's ticket cache file. */
-	if (options.kerberos_ticket_cleanup)
-		(void) dest_tkt();
-#endif /* KRB4 */
-
 	/* The connection has been terminated. */
 	verbose("Closing connection to %.100s", remote_ip);
 
@@ -1268,13 +1261,15 @@ do_ssh1_kex(void)
 		auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA;
 	if (options.rsa_authentication)
 		auth_mask |= 1 << SSH_AUTH_RSA;
-#ifdef KRB4
+#if defined(KRB4) || defined(KRB5)
 	if (options.kerberos_authentication)
 		auth_mask |= 1 << SSH_AUTH_KERBEROS;
 #endif
-#ifdef AFS
+#if defined(AFS) || defined(KRB5)
 	if (options.kerberos_tgt_passing)
 		auth_mask |= 1 << SSH_PASS_KERBEROS_TGT;
+#endif
+#ifdef AFS
 	if (options.afs_token_passing)
 		auth_mask |= 1 << SSH_PASS_AFS_TOKEN;
 #endif
-- 
cgit v1.2.3