]> andersk Git - gssapi-openssh.git/blobdiff - openssh/auth-krb5.c
andersk / gssapi-openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
o Remove two gsi_openssh* packages from bundle module.
[gssapi-openssh.git] / openssh / auth-krb5.c
diff --git a/openssh/auth-krb5.c b/openssh/auth-krb5.c
index 76c2419aa1f2f120ee98d8c2723593649abd95be..e3e2d9751f0867018f58a57cc1abc782cec0a716 100644 (file)
--- a/openssh/auth-krb5.c
+++ b/openssh/auth-krb5.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-krb5.c,v 1.8 2002/03/19 10:49:35 markus Exp $");
+RCSID("$OpenBSD: auth-krb5.c,v 1.10 2002/11/21 23:03:51 deraadt Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -73,18 +73,17 @@ krb5_init(void *context)
  * from the ticket
  */
 int
-auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
+auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
 {
        krb5_error_code problem;
        krb5_principal server;
-       krb5_data reply;
        krb5_ticket *ticket;
        int fd, ret;
 
        ret = 0;
        server = NULL;
        ticket = NULL;
-       reply.length = 0;
+       reply->length = 0;
 
        problem = krb5_init(authctxt);
        if (problem)
@@ -108,7 +107,7 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
        if (problem)
                goto err;
 
-       problem = krb5_sname_to_principal(authctxt->krb5_ctx,  NULL, NULL ,
+       problem = krb5_sname_to_principal(authctxt->krb5_ctx, NULL, NULL,
            KRB5_NT_SRV_HST, &server);
        if (problem)
                goto err;
@@ -131,7 +130,7 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
 
        /* if client wants mutual auth */
        problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
-           &reply);
+           reply);
        if (problem)
                goto err;
 
@@ -144,19 +143,16 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
                krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,
                    client);
 
-       packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
-       packet_put_string((char *) reply.data, reply.length);
-       packet_send();
-       packet_write_wait();
-
        ret = 1;
  err:
        if (server)
                krb5_free_principal(authctxt->krb5_ctx, server);
        if (ticket)
                krb5_free_ticket(authctxt->krb5_ctx, ticket);
-       if (reply.length)
-               xfree(reply.data);
+       if (!ret && reply->length) {
+               xfree(reply->data);
+               memset(reply, 0, sizeof(*reply));
+       }
 
        if (problem) {
                if (authctxt->krb5_ctx != NULL)
@@ -323,7 +319,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
        
        if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, 
                          authctxt->pw->pw_name)) {
-               problem = -1;
+               problem = -1;
                goto out;
        } 
 
git-cvsimport mirror of GSI OpenSSH
This page took 0.083561 seconds and 4 git commands to generate.