#include "xmalloc.h"
#include "buffer.h"
#include "log.h"
+#include "canohost.h"
#include "ssh2.h"
#include "cipher.h"
#include "key.h"
void
ssh_gssapi_delete_ctx(Gssctxt **ctx)
{
+#if !defined(MECHGLUE)
OM_uint32 ms;
+#endif
if ((*ctx) == NULL)
return;
+#if !defined(MECHGLUE) /* mechglue has some memory management issues */
if ((*ctx)->context != GSS_C_NO_CONTEXT)
gss_delete_sec_context(&ms, &(*ctx)->context, GSS_C_NO_BUFFER);
if ((*ctx)->name != GSS_C_NO_NAME)
gss_release_name(&ms, &(*ctx)->client);
if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
gss_release_cred(&ms, &(*ctx)->client_creds);
+#endif
xfree(*ctx);
*ctx = NULL;
ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
{
gss_buffer_desc gssbuf;
+ char *xhost;
char *val;
- xasprintf(&val, "host@%s", host);
+ /* Make a copy of the host name, in case it was returned by a
+ * previous call to gethostbyname(). */
+ xhost = xstrdup(host);
+
+ /* Make sure we have the FQDN. Some GSSAPI implementations don't do
+ * this for us themselves */
+ resolve_localhost(&xhost);
+
+ xasprintf(&val, "host@%s", xhost);
gssbuf.value = val;
gssbuf.length = strlen(gssbuf.value);
&gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
ssh_gssapi_error(ctx);
+ xfree(xhost);
xfree(gssbuf.value);
return (ctx->major);
}