2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * Code to connect to a remote host, and to perform the client side of the
6 * login (authentication) dialog.
8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose. Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
16 RCSID("$OpenBSD: sshconnect1.c,v 1.48 2002/02/11 16:15:46 markus Exp $");
18 #include <openssl/bn.h>
19 #include <openssl/md5.h>
27 #define krb5_get_err_text(context,code) error_message(code)
47 #include "sshconnect.h"
57 #include <openssl/md5.h>
59 static char gssapi_patch_version[] = GSSAPI_PATCH_VERSION;
61 * MD5 hash of host and session keys for verification. This is filled
62 * in in ssh_login() and then checked in try_gssapi_authentication().
64 unsigned char ssh_key_digest[16];
66 /*end of modification*/
68 /* Session id for the current session. */
69 u_char session_id[16];
70 u_int supported_authentications = 0;
72 extern Options options;
73 extern char *__progname;
76 * Checks if the user has an authentication agent, and if so, tries to
77 * authenticate using the agent.
80 try_agent_authentication(void)
84 AuthenticationConnection *auth;
90 /* Get connection to the agent. */
91 auth = ssh_get_authentication_connection();
95 if ((challenge = BN_new()) == NULL)
96 fatal("try_agent_authentication: BN_new failed");
97 /* Loop through identities served by the agent. */
98 for (key = ssh_get_first_identity(auth, &comment, 1);
100 key = ssh_get_next_identity(auth, &comment, 1)) {
102 /* Try this identity. */
103 debug("Trying RSA authentication via agent with '%.100s'", comment);
106 /* Tell the server that we are willing to authenticate using this key. */
107 packet_start(SSH_CMSG_AUTH_RSA);
108 packet_put_bignum(key->rsa->n);
112 /* Wait for server's response. */
113 type = packet_read();
115 /* The server sends failure if it doesn\'t like our key or
116 does not support RSA authentication. */
117 if (type == SSH_SMSG_FAILURE) {
118 debug("Server refused our key.");
122 /* Otherwise it should have sent a challenge. */
123 if (type != SSH_SMSG_AUTH_RSA_CHALLENGE)
124 packet_disconnect("Protocol error during RSA authentication: %d",
127 packet_get_bignum(challenge);
130 debug("Received RSA challenge from server.");
132 /* Ask the agent to decrypt the challenge. */
133 if (!ssh_decrypt_challenge(auth, key, challenge, session_id, 1, response)) {
135 * The agent failed to authenticate this identifier
136 * although it advertised it supports this. Just
137 * return a wrong value.
139 log("Authentication agent failed to decrypt challenge.");
140 memset(response, 0, sizeof(response));
143 debug("Sending response to RSA challenge.");
145 /* Send the decrypted challenge back to the server. */
146 packet_start(SSH_CMSG_AUTH_RSA_RESPONSE);
147 for (i = 0; i < 16; i++)
148 packet_put_char(response[i]);
152 /* Wait for response from the server. */
153 type = packet_read();
155 /* The server returns success if it accepted the authentication. */
156 if (type == SSH_SMSG_SUCCESS) {
157 ssh_close_authentication_connection(auth);
158 BN_clear_free(challenge);
159 debug("RSA authentication accepted by server.");
162 /* Otherwise it should return failure. */
163 if (type != SSH_SMSG_FAILURE)
164 packet_disconnect("Protocol error waiting RSA auth response: %d",
167 ssh_close_authentication_connection(auth);
168 BN_clear_free(challenge);
169 debug("RSA authentication using agent refused.");
174 * Computes the proper response to a RSA challenge, and sends the response to
178 respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv)
180 u_char buf[32], response[16];
184 /* Decrypt the challenge using the private key. */
185 /* XXX think about Bleichenbacher, too */
186 if (rsa_private_decrypt(challenge, challenge, prv) <= 0)
188 "respond_to_rsa_challenge: rsa_private_decrypt failed");
190 /* Compute the response. */
191 /* The response is MD5 of decrypted challenge plus session id. */
192 len = BN_num_bytes(challenge);
193 if (len <= 0 || len > sizeof(buf))
195 "respond_to_rsa_challenge: bad challenge length %d", len);
197 memset(buf, 0, sizeof(buf));
198 BN_bn2bin(challenge, buf + sizeof(buf) - len);
200 MD5_Update(&md, buf, 32);
201 MD5_Update(&md, session_id, 16);
202 MD5_Final(response, &md);
204 debug("Sending response to host key RSA challenge.");
206 /* Send the response back to the server. */
207 packet_start(SSH_CMSG_AUTH_RSA_RESPONSE);
208 for (i = 0; i < 16; i++)
209 packet_put_char(response[i]);
213 memset(buf, 0, sizeof(buf));
214 memset(response, 0, sizeof(response));
215 memset(&md, 0, sizeof(md));
219 * Checks if the user has authentication file, and if so, tries to authenticate
223 try_rsa_authentication(int idx)
226 Key *public, *private;
227 char buf[300], *passphrase, *comment, *authfile;
230 public = options.identity_keys[idx];
231 authfile = options.identity_files[idx];
232 comment = xstrdup(authfile);
234 debug("Trying RSA authentication with key '%.100s'", comment);
236 /* Tell the server that we are willing to authenticate using this key. */
237 packet_start(SSH_CMSG_AUTH_RSA);
238 packet_put_bignum(public->rsa->n);
242 /* Wait for server's response. */
243 type = packet_read();
246 * The server responds with failure if it doesn\'t like our key or
247 * doesn\'t support RSA authentication.
249 if (type == SSH_SMSG_FAILURE) {
250 debug("Server refused our key.");
254 /* Otherwise, the server should respond with a challenge. */
255 if (type != SSH_SMSG_AUTH_RSA_CHALLENGE)
256 packet_disconnect("Protocol error during RSA authentication: %d", type);
258 /* Get the challenge from the packet. */
259 if ((challenge = BN_new()) == NULL)
260 fatal("try_rsa_authentication: BN_new failed");
261 packet_get_bignum(challenge);
264 debug("Received RSA challenge from server.");
267 * If the key is not stored in external hardware, we have to
268 * load the private key. Try first with empty passphrase; if it
269 * fails, ask for a passphrase.
271 if (public->flags && KEY_FLAG_EXT)
274 private = key_load_private_type(KEY_RSA1, authfile, "", NULL);
275 if (private == NULL && !options.batch_mode) {
276 snprintf(buf, sizeof(buf),
277 "Enter passphrase for RSA key '%.100s': ", comment);
278 for (i = 0; i < options.number_of_password_prompts; i++) {
279 passphrase = read_passphrase(buf, 0);
280 if (strcmp(passphrase, "") != 0) {
281 private = key_load_private_type(KEY_RSA1,
282 authfile, passphrase, NULL);
285 debug2("no passphrase given, try next key");
288 memset(passphrase, 0, strlen(passphrase));
290 if (private != NULL || quit)
292 debug2("bad passphrase given, try again...");
295 /* We no longer need the comment. */
298 if (private == NULL) {
299 if (!options.batch_mode)
300 error("Bad passphrase.");
302 /* Send a dummy response packet to avoid protocol error. */
303 packet_start(SSH_CMSG_AUTH_RSA_RESPONSE);
304 for (i = 0; i < 16; i++)
309 /* Expect the server to reject it... */
310 packet_read_expect(SSH_SMSG_FAILURE);
311 BN_clear_free(challenge);
315 /* Compute and send a response to the challenge. */
316 respond_to_rsa_challenge(challenge, private->rsa);
318 /* Destroy the private key unless it in external hardware. */
319 if (!(private->flags & KEY_FLAG_EXT))
322 /* We no longer need the challenge. */
323 BN_clear_free(challenge);
325 /* Wait for response from the server. */
326 type = packet_read();
327 if (type == SSH_SMSG_SUCCESS) {
328 debug("RSA authentication accepted by server.");
331 if (type != SSH_SMSG_FAILURE)
332 packet_disconnect("Protocol error waiting RSA auth response: %d", type);
333 debug("RSA authentication refused.");
338 * Tries to authenticate the user using combined rhosts or /etc/hosts.equiv
339 * authentication and RSA host authentication.
342 try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
347 debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication.");
349 /* Tell the server that we are willing to authenticate using this key. */
350 packet_start(SSH_CMSG_AUTH_RHOSTS_RSA);
351 packet_put_cstring(local_user);
352 packet_put_int(BN_num_bits(host_key->rsa->n));
353 packet_put_bignum(host_key->rsa->e);
354 packet_put_bignum(host_key->rsa->n);
358 /* Wait for server's response. */
359 type = packet_read();
361 /* The server responds with failure if it doesn't admit our
362 .rhosts authentication or doesn't know our host key. */
363 if (type == SSH_SMSG_FAILURE) {
364 debug("Server refused our rhosts authentication or host key.");
367 /* Otherwise, the server should respond with a challenge. */
368 if (type != SSH_SMSG_AUTH_RSA_CHALLENGE)
369 packet_disconnect("Protocol error during RSA authentication: %d", type);
371 /* Get the challenge from the packet. */
372 if ((challenge = BN_new()) == NULL)
373 fatal("try_rhosts_rsa_authentication: BN_new failed");
374 packet_get_bignum(challenge);
377 debug("Received RSA challenge for host key from server.");
379 /* Compute a response to the challenge. */
380 respond_to_rsa_challenge(challenge, host_key->rsa);
382 /* We no longer need the challenge. */
383 BN_clear_free(challenge);
385 /* Wait for response from the server. */
386 type = packet_read();
387 if (type == SSH_SMSG_SUCCESS) {
388 debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.");
391 if (type != SSH_SMSG_FAILURE)
392 packet_disconnect("Protocol error waiting RSA auth response: %d", type);
393 debug("Rhosts or /etc/hosts.equiv with RSA host authentication refused.");
399 try_krb4_authentication(void)
401 KTEXT_ST auth; /* Kerberos data */
408 Key_schedule schedule;
409 u_long checksum, cksum;
411 struct sockaddr_in local, foreign;
414 /* Don't do anything if we don't have any tickets. */
415 if (stat(tkt_string(), &st) < 0)
418 strlcpy(inst, (char *)krb_get_phost(get_canonical_hostname(1)),
421 realm = (char *)krb_realmofhost(get_canonical_hostname(1));
423 debug("Kerberos v4: no realm for %s", get_canonical_hostname(1));
426 /* This can really be anything. */
427 checksum = (u_long)getpid();
429 r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum);
431 debug("Kerberos v4 krb_mk_req failed: %s", krb_err_txt[r]);
434 /* Get session key to decrypt the server's reply with. */
435 r = krb_get_cred(KRB4_SERVICE_NAME, inst, realm, &cred);
437 debug("get_cred failed: %s", krb_err_txt[r]);
440 des_key_sched((des_cblock *) cred.session, schedule);
442 /* Send authentication info to server. */
443 packet_start(SSH_CMSG_AUTH_KERBEROS);
444 packet_put_string((char *) auth.dat, auth.length);
448 /* Zero the buffer. */
449 (void) memset(auth.dat, 0, MAX_KTXT_LEN);
451 slen = sizeof(local);
452 memset(&local, 0, sizeof(local));
453 if (getsockname(packet_get_connection_in(),
454 (struct sockaddr *)&local, &slen) < 0)
455 debug("getsockname failed: %s", strerror(errno));
457 slen = sizeof(foreign);
458 memset(&foreign, 0, sizeof(foreign));
459 if (getpeername(packet_get_connection_in(),
460 (struct sockaddr *)&foreign, &slen) < 0) {
461 debug("getpeername failed: %s", strerror(errno));
464 /* Get server reply. */
465 type = packet_read();
467 case SSH_SMSG_FAILURE:
468 /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
469 debug("Kerberos v4 authentication failed.");
473 case SSH_SMSG_AUTH_KERBEROS_RESPONSE:
474 /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */
475 debug("Kerberos v4 authentication accepted.");
477 /* Get server's response. */
478 reply = packet_get_string((u_int *) &auth.length);
479 memcpy(auth.dat, reply, auth.length);
485 * If his response isn't properly encrypted with the session
486 * key, and the decrypted checksum fails to match, he's
489 r = krb_rd_priv(auth.dat, auth.length, schedule, &cred.session,
490 &foreign, &local, &msg_data);
492 debug("Kerberos v4 krb_rd_priv failed: %s",
494 packet_disconnect("Kerberos v4 challenge failed!");
496 /* Fetch the (incremented) checksum that we supplied in the request. */
497 memcpy((char *)&cksum, (char *)msg_data.app_data,
499 cksum = ntohl(cksum);
501 /* If it matches, we're golden. */
502 if (cksum == checksum + 1) {
503 debug("Kerberos v4 challenge successful.");
506 packet_disconnect("Kerberos v4 challenge failed!");
510 packet_disconnect("Protocol error on Kerberos v4 response: %d", type);
519 try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
521 krb5_error_code problem;
524 krb5_ccache ccache = NULL;
525 const char *remotehost;
528 krb5_ap_rep_enc_part *reply = NULL;
531 memset(&ap, 0, sizeof(ap));
533 problem = krb5_init_context(context);
535 debug("Kerberos v5: krb5_init_context failed");
540 problem = krb5_auth_con_init(*context, auth_context);
542 debug("Kerberos v5: krb5_auth_con_init failed");
548 problem = krb5_auth_con_setflags(*context, *auth_context,
549 KRB5_AUTH_CONTEXT_RET_TIME);
551 debug("Keberos v5: krb5_auth_con_setflags failed");
557 tkfile = krb5_cc_default_name(*context);
558 if (strncmp(tkfile, "FILE:", 5) == 0)
561 if (stat(tkfile, &buf) == 0 && getuid() != buf.st_uid) {
562 debug("Kerberos v5: could not get default ccache (permission denied).");
567 problem = krb5_cc_default(*context, &ccache);
569 debug("Kerberos v5: krb5_cc_default failed: %s",
570 krb5_get_err_text(*context, problem));
575 remotehost = get_canonical_hostname(1);
577 problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED,
578 "host", remotehost, NULL, ccache, &ap);
580 debug("Kerberos v5: krb5_mk_req failed: %s",
581 krb5_get_err_text(*context, problem));
586 packet_start(SSH_CMSG_AUTH_KERBEROS);
587 packet_put_string((char *) ap.data, ap.length);
594 type = packet_read();
596 case SSH_SMSG_FAILURE:
597 /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
598 debug("Kerberos v5 authentication failed.");
602 case SSH_SMSG_AUTH_KERBEROS_RESPONSE:
603 /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */
604 debug("Kerberos v5 authentication accepted.");
606 /* Get server's response. */
607 ap.data = packet_get_string((unsigned int *) &ap.length);
609 /* XXX je to dobre? */
611 problem = krb5_rd_rep(*context, *auth_context, &ap, &reply);
619 packet_disconnect("Protocol error on Kerberos v5 response: %d",
628 krb5_cc_close(*context, ccache);
630 krb5_free_ap_rep_enc_part(*context, reply);
635 krb5_free_data_contents(*context, &ap);
642 send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
645 krb5_error_code problem;
647 krb5_ccache ccache = NULL;
650 krb5_kdc_flags flags;
654 const char *remotehost;
656 memset(&creds, 0, sizeof(creds));
657 memset(&outbuf, 0, sizeof(outbuf));
659 fd = packet_get_connection_in();
662 problem = krb5_auth_con_setaddrs_from_fd(context, auth_context, &fd);
664 problem = krb5_auth_con_genaddrs(context, auth_context, fd,
665 KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR |
666 KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR);
671 problem = krb5_cc_default(context, &ccache);
675 problem = krb5_cc_get_principal(context, ccache, &creds.client);
679 remotehost = get_canonical_hostname(1);
682 problem = krb5_build_principal(context, &creds.server,
683 strlen(creds.client->realm), creds.client->realm,
684 "krbtgt", creds.client->realm, NULL);
686 problem = krb5_build_principal(context, &creds.server,
687 creds.client->realm.length, creds.client->realm.data,
688 "host", remotehost, NULL);
693 creds.times.endtime = 0;
697 flags.b.forwarded = 1;
698 flags.b.forwardable = krb5_config_get_bool(context, NULL,
699 "libdefaults", "forwardable", NULL);
700 problem = krb5_get_forwarded_creds(context, auth_context,
701 ccache, flags.i, remotehost, &creds, &outbuf);
704 problem = krb5_fwd_tgt_creds(context, auth_context, remotehost,
705 creds.client, creds.server, ccache, forwardable, &outbuf);
711 packet_start(SSH_CMSG_HAVE_KERBEROS_TGT);
712 packet_put_string((char *)outbuf.data, outbuf.length);
716 type = packet_read();
718 if (type == SSH_SMSG_SUCCESS) {
721 krb5_unparse_name(context, creds.client, &pname);
722 debug("Kerberos v5 TGT forwarded (%s).", pname);
725 debug("Kerberos v5 TGT forwarding failed.");
731 debug("Kerberos v5 TGT forwarding failed: %s",
732 krb5_get_err_text(context, problem));
734 krb5_free_principal(context, creds.client);
736 krb5_free_principal(context, creds.server);
738 krb5_cc_close(context, ccache);
750 char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
753 /* Don't do anything if we don't have any tickets. */
754 if (stat(tkt_string(), &st) < 0)
757 creds = xmalloc(sizeof(*creds));
759 problem = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm);
763 problem = krb_get_cred("krbtgt", prealm, prealm, creds);
767 if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) {
771 creds_to_radix(creds, (u_char *)buffer, sizeof(buffer));
773 packet_start(SSH_CMSG_HAVE_KERBEROS_TGT);
774 packet_put_cstring(buffer);
778 type = packet_read();
780 if (type == SSH_SMSG_SUCCESS)
781 debug("Kerberos v4 TGT forwarded (%s%s%s@%s).",
782 creds->pname, creds->pinst[0] ? "." : "",
783 creds->pinst, creds->realm);
785 debug("Kerberos v4 TGT rejected.");
791 debug("Kerberos v4 TGT passing failed: %s", krb_err_txt[problem]);
796 send_afs_tokens(void)
799 struct ViceIoctl parms;
800 struct ClearToken ct;
802 char buf[2048], *p, *server_cell;
805 /* Move over ktc_GetToken, here's something leaner. */
806 for (i = 0; i < 100; i++) { /* just in case */
807 parms.in = (char *) &i;
808 parms.in_size = sizeof(i);
810 parms.out_size = sizeof(buf);
811 if (k_pioctl(0, VIOCGETTOK, &parms, 0) != 0)
815 /* Get secret token. */
816 memcpy(&creds.ticket_st.length, p, sizeof(u_int));
817 if (creds.ticket_st.length > MAX_KTXT_LEN)
820 memcpy(creds.ticket_st.dat, p, creds.ticket_st.length);
821 p += creds.ticket_st.length;
823 /* Get clear token. */
824 memcpy(&len, p, sizeof(len));
825 if (len != sizeof(struct ClearToken))
830 p += sizeof(len); /* primary flag */
833 /* Flesh out our credentials. */
834 strlcpy(creds.service, "afs", sizeof(creds.service));
835 creds.instance[0] = '\0';
836 strlcpy(creds.realm, server_cell, REALM_SZ);
837 memcpy(creds.session, ct.HandShakeKey, DES_KEY_SZ);
838 creds.issue_date = ct.BeginTimestamp;
839 creds.lifetime = krb_time_to_life(creds.issue_date,
841 creds.kvno = ct.AuthHandle;
842 snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId);
843 creds.pinst[0] = '\0';
845 /* Encode token, ship it off. */
846 if (creds_to_radix(&creds, (u_char *)buffer,
847 sizeof(buffer)) <= 0)
849 packet_start(SSH_CMSG_HAVE_AFS_TOKEN);
850 packet_put_cstring(buffer);
854 /* Roger, Roger. Clearance, Clarence. What's your vector,
856 type = packet_read();
858 if (type == SSH_SMSG_FAILURE)
859 debug("AFS token for cell %s rejected.", server_cell);
860 else if (type != SSH_SMSG_SUCCESS)
861 packet_disconnect("Protocol error on AFS token response: %d", type);
868 * Tries to authenticate with any string-based challenge/response system.
869 * Note that the client code is not tied to s/key or TIS.
872 try_challenge_response_authentication(void)
877 char *challenge, *response;
879 debug("Doing challenge response authentication.");
881 for (i = 0; i < options.number_of_password_prompts; i++) {
882 /* request a challenge */
883 packet_start(SSH_CMSG_AUTH_TIS);
887 type = packet_read();
888 if (type != SSH_SMSG_FAILURE &&
889 type != SSH_SMSG_AUTH_TIS_CHALLENGE) {
890 packet_disconnect("Protocol error: got %d in response "
891 "to SSH_CMSG_AUTH_TIS", type);
893 if (type != SSH_SMSG_AUTH_TIS_CHALLENGE) {
894 debug("No challenge.");
897 challenge = packet_get_string(&clen);
899 snprintf(prompt, sizeof prompt, "%s%s", challenge,
900 strchr(challenge, '\n') ? "" : "\nResponse: ");
903 error("Permission denied, please try again.");
904 if (options.cipher == SSH_CIPHER_NONE)
905 log("WARNING: Encryption is disabled! "
906 "Reponse will be transmitted in clear text.");
907 response = read_passphrase(prompt, 0);
908 if (strcmp(response, "") == 0) {
912 packet_start(SSH_CMSG_AUTH_TIS_RESPONSE);
913 ssh_put_password(response);
914 memset(response, 0, strlen(response));
918 type = packet_read();
919 if (type == SSH_SMSG_SUCCESS)
921 if (type != SSH_SMSG_FAILURE)
922 packet_disconnect("Protocol error: got %d in response "
923 "to SSH_CMSG_AUTH_TIS_RESPONSE", type);
930 * Tries to authenticate with plain passwd authentication.
933 try_password_authentication(char *prompt)
938 debug("Doing password authentication.");
939 if (options.cipher == SSH_CIPHER_NONE)
940 log("WARNING: Encryption is disabled! Password will be transmitted in clear text.");
941 for (i = 0; i < options.number_of_password_prompts; i++) {
943 error("Permission denied, please try again.");
944 password = read_passphrase(prompt, 0);
945 packet_start(SSH_CMSG_AUTH_PASSWORD);
946 ssh_put_password(password);
947 memset(password, 0, strlen(password));
952 type = packet_read();
953 if (type == SSH_SMSG_SUCCESS)
955 if (type != SSH_SMSG_FAILURE)
956 packet_disconnect("Protocol error: got %d in response to passwd auth", type);
962 /*modified by binhe*/
965 * This code stolen from the gss-client.c sample program from MIT's
966 * kerberos 5 distribution.
969 gss_cred_id_t gss_cred = GSS_C_NO_CREDENTIAL;
971 static void display_status_1(m, code, type)
976 OM_uint32 maj_stat, min_stat;
982 maj_stat = gss_display_status(&min_stat, code,
983 type, GSS_C_NULL_OID,
985 debug("GSS-API error %s: %s", m, (char *)msg.value);
986 (void) gss_release_buffer(&min_stat, &msg);
993 static void display_gssapi_status(msg, maj_stat, min_stat)
998 display_status_1(msg, maj_stat, GSS_C_GSS_CODE);
999 display_status_1(msg, min_stat, GSS_C_MECH_CODE);
1003 int get_gssapi_cred()
1009 debug("calling gss_acquire_cred");
1010 maj_stat = gss_acquire_cred(&min_stat,
1019 if (maj_stat != GSS_S_COMPLETE) {
1020 display_gssapi_status("Failuring acquiring GSSAPI credentials",
1021 maj_stat, min_stat);
1022 gss_cred = GSS_C_NO_CREDENTIAL; /* should not be needed */
1026 return 1; /* Success */
1029 char * get_gss_our_name()
1033 gss_name_t pname = GSS_C_NO_NAME;
1034 gss_buffer_desc tmpname;
1035 gss_buffer_t tmpnamed = &tmpname;
1038 debug("calling gss_inquire_cred");
1039 maj_stat = gss_inquire_cred(&min_stat,
1045 if (maj_stat != GSS_S_COMPLETE) {
1049 maj_stat = gss_export_name(&min_stat,
1052 if (maj_stat != GSS_S_COMPLETE) {
1055 debug("gss_export_name finsished");
1056 retname = (char *)malloc(tmpname.length + 1);
1060 memcpy(retname, tmpname.value, tmpname.length);
1061 retname[tmpname.length] = '\0';
1063 gss_release_name(&min_stat, &pname);
1064 gss_release_buffer(&min_stat, tmpnamed);
1070 int try_gssapi_authentication(char *host, Options *options)
1072 char *service_name = NULL;
1073 gss_buffer_desc name_tok;
1074 gss_buffer_desc send_tok;
1075 gss_buffer_desc recv_tok;
1076 gss_buffer_desc *token_ptr;
1077 gss_name_t target_name = NULL;
1078 gss_ctx_id_t gss_context;
1079 gss_OID_desc mech_oid;
1081 gss_OID_set my_mechs;
1085 int ret_stat = 0; /* 1 == success */
1086 OM_uint32 req_flags = 0;
1087 OM_uint32 ret_flags;
1089 char *gssapi_auth_type = NULL;
1090 struct hostent *hostinfo;
1094 * host is not guarenteed to be a FQDN, so we need to make sure it is.
1096 hostinfo = gethostbyname(host);
1098 if ((hostinfo == NULL) || (hostinfo->h_name == NULL)) {
1099 debug("GSSAPI authentication: Unable to get FQDN for \"%s\"", host);
1106 req_flags |= GSS_C_REPLAY_FLAG;
1108 /* Do mutual authentication */
1109 req_flags |= GSS_C_MUTUAL_FLAG;
1113 gssapi_auth_type = "GSSAPI/Kerberos 5";
1115 #endif /* GSSAPI_KRB5 */
1119 gssapi_auth_type = "GSSAPI/GLOBUS";
1123 if (gssapi_auth_type == NULL) {
1124 debug("No GSSAPI type defined during compile");
1128 debug("Attempting %s authentication", gssapi_auth_type);
1130 service_name = (char *) malloc(strlen(GSSAPI_SERVICE_NAME) +
1131 strlen(hostinfo->h_name) +
1132 2 /* 1 for '@', 1 for NUL */);
1134 if (service_name == NULL) {
1135 debug("malloc() failed");
1140 sprintf(service_name, "%s@%s", GSSAPI_SERVICE_NAME, hostinfo->h_name);
1142 name_type = GSS_C_NT_HOSTBASED_SERVICE;
1144 debug("Service name is %s", service_name);
1146 /* Forward credentials? */
1149 if (options->kerberos_tgt_passing) {
1150 debug("Forwarding Kerberos credentials");
1151 req_flags |= GSS_C_DELEG_FLAG;
1153 #endif /* GSSAPI_KRB5 */
1156 if(options->gss_deleg_creds) {
1157 debug("Forwarding X509 proxy certificate");
1158 req_flags |= GSS_C_DELEG_FLAG;
1160 #ifdef GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG
1161 /* Forward limited credentials, overrides gss_deleg_creds */
1162 if(options->gss_globus_deleg_limited_proxy) {
1163 debug("Forwarding limited X509 proxy certificate");
1164 req_flags |= (GSS_C_DELEG_FLAG | GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG);
1166 #endif /* GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG */
1170 debug("req_flags = %lu", req_flags);
1172 name_tok.value = service_name;
1173 name_tok.length = strlen(service_name) + 1;
1174 maj_stat = gss_import_name(&min_stat, &name_tok,
1175 name_type, &target_name);
1178 service_name = NULL;
1180 if (maj_stat != GSS_S_COMPLETE) {
1181 display_gssapi_status("importing service name", maj_stat, min_stat);
1185 maj_stat = gss_indicate_mechs(&min_stat, &my_mechs);
1187 if (maj_stat != GSS_S_COMPLETE) {
1188 display_gssapi_status("indicating mechs", maj_stat, min_stat);
1193 * Send over a packet to the daemon, letting it know we're doing
1194 * GSSAPI and our mech_oid(s).
1196 debug("Sending mech oid to server");
1197 packet_start(SSH_CMSG_AUTH_GSSAPI);
1198 packet_put_int(my_mechs->count); /* Number of mechs we're sending */
1199 for (my_mech_num = 0; my_mech_num < my_mechs->count; my_mech_num++)
1200 packet_put_string(my_mechs->elements[my_mech_num].elements,
1201 my_mechs->elements[my_mech_num].length);
1203 packet_write_wait();
1206 * Get reply from the daemon to see if our mech was acceptable
1208 type = packet_read();
1211 case SSH_SMSG_AUTH_GSSAPI_RESPONSE:
1212 debug("Server accepted mechanism");
1213 /* Successful negotiation */
1216 case SSH_MSG_AUTH_GSSAPI_ABORT:
1217 debug("Unable to negotiate GSSAPI mechanism type with server");
1222 packet_disconnect("Protocol error during GSSAPI authentication:"
1223 " packet type %d received",
1225 /* Does not return */
1228 /* Read the mechanism the server returned */
1229 mech_oid.elements = packet_get_string((unsigned int *) &(mech_oid.length));
1233 * Perform the context-establishement loop.
1235 * On each pass through the loop, token_ptr points to the token
1236 * to send to the server (or GSS_C_NO_BUFFER on the first pass).
1237 * Every generated token is stored in send_tok which is then
1238 * transmitted to the server; every received token is stored in
1239 * recv_tok, which token_ptr is then set to, to be processed by
1240 * the next call to gss_init_sec_context.
1242 * GSS-API guarantees that send_tok's length will be non-zero
1243 * if and only if the server is expecting another token from us,
1244 * and that gss_init_sec_context returns GSS_S_CONTINUE_NEEDED if
1245 * and only if the server has another token to send us.
1248 token_ptr = GSS_C_NO_BUFFER;
1249 gss_context = GSS_C_NO_CONTEXT;
1253 gss_init_sec_context(&min_stat,
1260 NULL, /* no channel bindings */
1262 NULL, /* ignore mech type */
1265 NULL); /* ignore time_rec */
1267 if (token_ptr != GSS_C_NO_BUFFER)
1268 (void) gss_release_buffer(&min_stat, &recv_tok);
1270 if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED) {
1271 display_gssapi_status("initializing context", maj_stat, min_stat);
1273 /* Send an abort message */
1274 packet_start(SSH_MSG_AUTH_GSSAPI_ABORT);
1276 packet_write_wait();
1281 if (send_tok.length != 0) {
1282 debug("Sending authenticaton token...");
1283 packet_start(SSH_MSG_AUTH_GSSAPI_TOKEN);
1284 packet_put_string((char *) send_tok.value, send_tok.length);
1286 packet_write_wait();
1288 (void) gss_release_buffer(&min_stat, &send_tok);
1291 if (maj_stat == GSS_S_CONTINUE_NEEDED) {
1293 debug("Continue needed. Reading response...");
1295 type = packet_read();
1299 case SSH_MSG_AUTH_GSSAPI_TOKEN:
1300 /* This is what we expected */
1303 case SSH_MSG_AUTH_GSSAPI_ABORT:
1304 debug("Server aborted GSSAPI authentication.");
1309 packet_disconnect("Protocol error during GSSAPI authentication:"
1310 " packet type %d received",
1312 /* Does not return */
1315 recv_tok.value = packet_get_string((unsigned int *) &recv_tok.length);
1317 token_ptr = &recv_tok;
1319 } while (maj_stat == GSS_S_CONTINUE_NEEDED);
1324 debug("%s authentication successful", gssapi_auth_type);
1327 * Read hash of host and server keys and make sure it
1328 * matches what we got earlier.
1330 debug("Reading hash of server and host keys...");
1331 type = packet_read();
1333 if (type == SSH_MSG_AUTH_GSSAPI_ABORT) {
1334 debug("Server aborted GSSAPI authentication.");
1339 } else if (type == SSH_SMSG_AUTH_GSSAPI_HASH) {
1340 gss_buffer_desc wrapped_buf;
1341 gss_buffer_desc unwrapped_buf;
1343 gss_qop_t qop_state;
1346 wrapped_buf.value = packet_get_string(&(wrapped_buf.length));
1349 maj_stat = gss_unwrap(&min_stat,
1356 if (maj_stat != GSS_S_COMPLETE) {
1357 display_gssapi_status("unwraping SSHD key hash",
1358 maj_stat, min_stat);
1359 packet_disconnect("Verification of SSHD keys through GSSAPI-secured channel failed: "
1360 "Unwrapping of hash failed.");
1363 if (unwrapped_buf.length != sizeof(ssh_key_digest)) {
1364 packet_disconnect("Verification of SSHD keys through GSSAPI-secured channel failed: "
1365 "Size of key hashes do not match (%d != %d)!",
1366 unwrapped_buf.length, sizeof(ssh_key_digest));
1369 if (memcmp(ssh_key_digest, unwrapped_buf.value, sizeof(ssh_key_digest)) != 0) {
1370 packet_disconnect("Verification of SSHD keys through GSSAPI-secured channel failed: "
1371 "Hashes don't match!");
1374 debug("Verified SSHD keys through GSSAPI-secured channel.");
1376 gss_release_buffer(&min_stat, &unwrapped_buf);
1379 packet_disconnect("Protocol error during GSSAPI authentication:"
1380 "packet type %d received", type);
1381 /* Does not return */
1386 if (target_name != NULL)
1387 (void) gss_release_name(&min_stat, &target_name);
1394 /*end of modification*/
1400 ssh_kex(char *host, struct sockaddr *hostaddr)
1404 Key *host_key, *server_key;
1406 int ssh_cipher_default = SSH_CIPHER_3DES;
1407 u_char session_key[SSH_SESSION_KEY_LENGTH];
1409 u_int supported_ciphers;
1410 u_int server_flags, client_flags;
1413 debug("Waiting for server public key.");
1415 /* Wait for a public key packet from the server. */
1416 packet_read_expect(SSH_SMSG_PUBLIC_KEY);
1418 /* Get cookie from the packet. */
1419 for (i = 0; i < 8; i++)
1420 cookie[i] = packet_get_char();
1422 /* Get the public key. */
1423 server_key = key_new(KEY_RSA1);
1424 bits = packet_get_int();
1425 packet_get_bignum(server_key->rsa->e);
1426 packet_get_bignum(server_key->rsa->n);
1428 rbits = BN_num_bits(server_key->rsa->n);
1429 if (bits != rbits) {
1430 log("Warning: Server lies about size of server public key: "
1431 "actual size is %d bits vs. announced %d.", rbits, bits);
1432 log("Warning: This may be due to an old implementation of ssh.");
1434 /* Get the host key. */
1435 host_key = key_new(KEY_RSA1);
1436 bits = packet_get_int();
1437 packet_get_bignum(host_key->rsa->e);
1438 packet_get_bignum(host_key->rsa->n);
1440 rbits = BN_num_bits(host_key->rsa->n);
1441 if (bits != rbits) {
1442 log("Warning: Server lies about size of server host key: "
1443 "actual size is %d bits vs. announced %d.", rbits, bits);
1444 log("Warning: This may be due to an old implementation of ssh.");
1447 /*modified by binhe*/
1452 unsigned char *data;
1453 unsigned int data_len;
1456 * Hash the server and host keys. Later we will check them against
1457 * a hash sent over a secure channel to make sure they are legit.
1459 debug("Calculating MD5 hash of server and host keys...");
1461 /* Write all the keys to a temporary buffer */
1465 buffer_put_bignum(&buf, server_key->rsa->e);
1466 buffer_put_bignum(&buf, server_key->rsa->n);
1469 buffer_put_bignum(&buf, host_key->rsa->e);
1470 buffer_put_bignum(&buf, host_key->rsa->n);
1472 /* Get the resulting data */
1473 data = (unsigned char *) buffer_ptr(&buf);
1474 data_len = buffer_len(&buf);
1477 MD5_Init(&md5context);
1478 MD5_Update(&md5context, data, data_len);
1479 MD5_Final(ssh_key_digest, &md5context);
1486 /*end of modification*/
1488 /* Get protocol flags. */
1489 server_flags = packet_get_int();
1490 packet_set_protocol_flags(server_flags);
1492 supported_ciphers = packet_get_int();
1493 supported_authentications = packet_get_int();
1496 debug("Received server public key (%d bits) and host key (%d bits).",
1497 BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n));
1499 if (verify_host_key(host, hostaddr, host_key) == -1)
1500 fatal("Host key verification failed.");
1502 client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN;
1504 compute_session_id(session_id, cookie, host_key->rsa->n, server_key->rsa->n);
1506 /* Generate a session key. */
1510 * Generate an encryption key for the session. The key is a 256 bit
1511 * random number, interpreted as a 32-byte key, with the least
1512 * significant 8 bits being the first byte of the key.
1514 for (i = 0; i < 32; i++) {
1516 rand = arc4random();
1517 session_key[i] = rand & 0xff;
1522 * According to the protocol spec, the first byte of the session key
1523 * is the highest byte of the integer. The session key is xored with
1524 * the first 16 bytes of the session id.
1526 if ((key = BN_new()) == NULL)
1527 fatal("respond_to_rsa_challenge: BN_new failed");
1528 BN_set_word(key, 0);
1529 for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
1530 BN_lshift(key, key, 8);
1532 BN_add_word(key, session_key[i] ^ session_id[i]);
1534 BN_add_word(key, session_key[i]);
1538 * Encrypt the integer using the public key and host key of the
1539 * server (key with smaller modulus first).
1541 if (BN_cmp(server_key->rsa->n, host_key->rsa->n) < 0) {
1542 /* Public key has smaller modulus. */
1543 if (BN_num_bits(host_key->rsa->n) <
1544 BN_num_bits(server_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
1545 fatal("respond_to_rsa_challenge: host_key %d < server_key %d + "
1546 "SSH_KEY_BITS_RESERVED %d",
1547 BN_num_bits(host_key->rsa->n),
1548 BN_num_bits(server_key->rsa->n),
1549 SSH_KEY_BITS_RESERVED);
1551 rsa_public_encrypt(key, key, server_key->rsa);
1552 rsa_public_encrypt(key, key, host_key->rsa);
1554 /* Host key has smaller modulus (or they are equal). */
1555 if (BN_num_bits(server_key->rsa->n) <
1556 BN_num_bits(host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
1557 fatal("respond_to_rsa_challenge: server_key %d < host_key %d + "
1558 "SSH_KEY_BITS_RESERVED %d",
1559 BN_num_bits(server_key->rsa->n),
1560 BN_num_bits(host_key->rsa->n),
1561 SSH_KEY_BITS_RESERVED);
1563 rsa_public_encrypt(key, key, host_key->rsa);
1564 rsa_public_encrypt(key, key, server_key->rsa);
1567 /* Destroy the public keys since we no longer need them. */
1568 key_free(server_key);
1571 if (options.cipher == SSH_CIPHER_NOT_SET) {
1572 if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
1573 options.cipher = ssh_cipher_default;
1574 } else if (options.cipher == SSH_CIPHER_ILLEGAL ||
1575 !(cipher_mask_ssh1(1) & (1 << options.cipher))) {
1576 log("No valid SSH1 cipher, using %.100s instead.",
1577 cipher_name(ssh_cipher_default));
1578 options.cipher = ssh_cipher_default;
1580 /* Check that the selected cipher is supported. */
1581 if (!(supported_ciphers & (1 << options.cipher)))
1582 fatal("Selected cipher type %.100s not supported by server.",
1583 cipher_name(options.cipher));
1585 debug("Encryption type: %.100s", cipher_name(options.cipher));
1587 /* Send the encrypted session key to the server. */
1588 packet_start(SSH_CMSG_SESSION_KEY);
1589 packet_put_char(options.cipher);
1591 /* Send the cookie back to the server. */
1592 for (i = 0; i < 8; i++)
1593 packet_put_char(cookie[i]);
1595 /* Send and destroy the encrypted encryption key integer. */
1596 packet_put_bignum(key);
1599 /* Send protocol flags. */
1600 packet_put_int(client_flags);
1602 /* Send the packet now. */
1604 packet_write_wait();
1606 debug("Sent encrypted session key.");
1608 /* Set the encryption key. */
1609 packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, options.cipher);
1611 /* We will no longer need the session key here. Destroy any extra copies. */
1612 memset(session_key, 0, sizeof(session_key));
1615 * Expect a success message from the server. Note that this message
1616 * will be received in encrypted form.
1618 packet_read_expect(SSH_SMSG_SUCCESS);
1620 debug("Received encrypted confirmation.");
1627 ssh_userauth1(const char *local_user, const char *server_user, char *host,
1628 Key **keys, int nkeys)
1630 /*modified by binhe*/
1633 const char *save_server_user = NULL;
1636 /*end of modification*/
1639 krb5_context context = NULL;
1640 krb5_auth_context auth_context = NULL;
1644 if (supported_authentications == 0)
1645 fatal("ssh_userauth1: server supports no auth methods");
1647 /*modified by binhe*/
1650 /* if no user given, tack on the subject name after the server_user.
1651 * This will allow us to run gridmap early to get real user
1652 * This name will start with /C=
1654 if ((supported_authentications & (1 << SSH_AUTH_GSSAPI)) &&
1655 options.gss_authentication) {
1656 if (get_gssapi_cred()) {
1661 save_server_user = server_user;
1663 retname = get_gss_our_name();
1666 debug("passing gssapi name '%s'", retname);
1668 newname = (char *) malloc(strlen(retname) + strlen(server_user) + 4);
1670 strcpy(newname, server_user);
1671 if(options.user == NULL)
1673 strcat(newname,":i:");
1677 strcat(newname,":x:");
1679 strcat(newname, retname);
1680 server_user = newname;
1687 * If we couldn't successfully get our GSSAPI credentials then
1688 * turn off gssapi authentication
1690 options.gss_authentication = 0;
1692 debug("server_user %s", server_user);
1696 /*end of modification*/
1698 /* Send the name of the user to log in as on the server. */
1699 packet_start(SSH_CMSG_USER);
1700 packet_put_cstring(server_user);
1702 packet_write_wait();
1704 /*modified by binhe*/
1706 if(save_server_user)
1708 server_user = save_server_user;
1711 /*end of modification*/
1713 * The server should respond with success if no authentication is
1714 * needed (the user has no password). Otherwise the server responds
1717 type = packet_read();
1719 /* check whether the connection was accepted without authentication. */
1720 if (type == SSH_SMSG_SUCCESS)
1722 if (type != SSH_SMSG_FAILURE)
1723 packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type);
1725 /*modified by binhe*/
1727 /* Try GSSAPI authentication */
1728 if ((supported_authentications & (1 << SSH_AUTH_GSSAPI)) &&
1729 options.gss_authentication)
1731 debug("Trying GSSAPI authentication (%s)...", gssapi_patch_version);
1732 try_gssapi_authentication(host, &options);
1735 * XXX Hmmm. Kerberos authentication only reads a packet if it thinks
1736 * the authentication went OK, but the server seems to always send
1737 * a packet back. So I'm not sure if I'm missing something or
1738 * the Kerberos code is broken. - vwelch 1/27/99
1741 type = packet_read();
1742 if (type == SSH_SMSG_SUCCESS)
1743 return; /* Successful connection. */
1744 if (type != SSH_SMSG_FAILURE)
1745 packet_disconnect("Protocol error: got %d in response to Kerberos auth", type);
1747 debug("GSSAPI authentication failed");
1750 /*end of modification*/
1753 if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) &&
1754 options.kerberos_authentication) {
1755 debug("Trying Kerberos v5 authentication.");
1757 if (try_krb5_authentication(&context, &auth_context)) {
1758 type = packet_read();
1759 if (type == SSH_SMSG_SUCCESS)
1761 if (type != SSH_SMSG_FAILURE)
1762 packet_disconnect("Protocol error: got %d in response to Kerberos v5 auth", type);
1768 if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) &&
1769 options.kerberos_authentication) {
1770 debug("Trying Kerberos v4 authentication.");
1772 if (try_krb4_authentication()) {
1773 type = packet_read();
1774 if (type == SSH_SMSG_SUCCESS)
1776 if (type != SSH_SMSG_FAILURE)
1777 packet_disconnect("Protocol error: got %d in response to Kerberos v4 auth", type);
1783 * Use rhosts authentication if running in privileged socket and we
1784 * do not wish to remain anonymous.
1786 if ((supported_authentications & (1 << SSH_AUTH_RHOSTS)) &&
1787 options.rhosts_authentication) {
1788 debug("Trying rhosts authentication.");
1789 packet_start(SSH_CMSG_AUTH_RHOSTS);
1790 packet_put_cstring(local_user);
1792 packet_write_wait();
1794 /* The server should respond with success or failure. */
1795 type = packet_read();
1796 if (type == SSH_SMSG_SUCCESS)
1798 if (type != SSH_SMSG_FAILURE)
1799 packet_disconnect("Protocol error: got %d in response to rhosts auth",
1803 * Try .rhosts or /etc/hosts.equiv authentication with RSA host
1806 if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) &&
1807 options.rhosts_rsa_authentication) {
1808 for (i = 0; i < nkeys; i++) {
1809 if (keys[i] != NULL && keys[i]->type == KEY_RSA1 &&
1810 try_rhosts_rsa_authentication(local_user, keys[i]))
1814 /* Try RSA authentication if the server supports it. */
1815 if ((supported_authentications & (1 << SSH_AUTH_RSA)) &&
1816 options.rsa_authentication) {
1818 * Try RSA authentication using the authentication agent. The
1819 * agent is tried first because no passphrase is needed for
1820 * it, whereas identity files may require passphrases.
1822 if (try_agent_authentication())
1825 /* Try RSA authentication for each identity. */
1826 for (i = 0; i < options.num_identity_files; i++)
1827 if (options.identity_keys[i] != NULL &&
1828 options.identity_keys[i]->type == KEY_RSA1 &&
1829 try_rsa_authentication(i))
1832 /* Try challenge response authentication if the server supports it. */
1833 if ((supported_authentications & (1 << SSH_AUTH_TIS)) &&
1834 options.challenge_response_authentication && !options.batch_mode) {
1835 if (try_challenge_response_authentication())
1838 /* Try password authentication if the server supports it. */
1839 if ((supported_authentications & (1 << SSH_AUTH_PASSWORD)) &&
1840 options.password_authentication && !options.batch_mode) {
1843 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
1845 if (try_password_authentication(prompt))
1848 /* All authentication methods have failed. Exit with an error message. */
1849 fatal("Permission denied.");
1854 /* Try Kerberos v5 TGT passing. */
1855 if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) &&
1856 options.kerberos_tgt_passing && context && auth_context) {
1857 if (options.cipher == SSH_CIPHER_NONE)
1858 log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!");
1859 send_krb5_tgt(context, auth_context);
1862 krb5_auth_con_free(context, auth_context);
1864 krb5_free_context(context);
1868 /* Try Kerberos v4 TGT passing if the server supports it. */
1869 if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) &&
1870 options.kerberos_tgt_passing) {
1871 if (options.cipher == SSH_CIPHER_NONE)
1872 log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!");
1875 /* Try AFS token passing if the server supports it. */
1876 if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) &&
1877 options.afs_token_passing && k_hasafs()) {
1878 if (options.cipher == SSH_CIPHER_NONE)
1879 log("WARNING: Encryption is disabled! Token will be transmitted in the clear!");
1884 return; /* need statement after label */