X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/540d72c3b0c580a78191cf0b5123c07e9e95d3b4..944e4e582be802144f889cadee3077f1a2b8b950:/openssh/gss-serv-krb5.c diff --git a/openssh/gss-serv-krb5.c b/openssh/gss-serv-krb5.c index dbe2b0b..17e7ab6 100644 --- a/openssh/gss-serv-krb5.c +++ b/openssh/gss-serv-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv-krb5.c,v 1.2 2003/11/21 11:57:03 djm Exp $ */ +/* $OpenBSD: gss-serv-krb5.c,v 1.4 2005/10/13 19:08:08 stevesk Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -40,20 +40,34 @@ extern ServerOptions options; #ifdef HEIMDAL # include -#else -# ifdef HAVE_GSSAPI_KRB5 +#elif !defined(MECHGLUE) +# ifdef HAVE_GSSAPI_KRB5_H # include -# elif HAVE_GSSAPI_GSSAPI_KRB5 +# elif HAVE_GSSAPI_GSSAPI_KRB5_H # include # endif #endif static krb5_context krb_context = NULL; +static int ssh_gssapi_krb5_init(); +static int ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name); +static int ssh_gssapi_krb5_localname(ssh_gssapi_client *client, char **user); +static void ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client); + +ssh_gssapi_mech gssapi_kerberos_mech = { + "toWM5Slw5Ew8Mqkay+al2g==", + "Kerberos", + {9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}, + NULL, + &ssh_gssapi_krb5_userok, + &ssh_gssapi_krb5_localname, + &ssh_gssapi_krb5_storecreds +}; /* Initialise the krb5 library, for the stuff that GSSAPI won't do */ static int -ssh_gssapi_krb5_init() +ssh_gssapi_krb5_init(void) { krb5_error_code problem; @@ -65,7 +79,6 @@ ssh_gssapi_krb5_init() logit("Cannot initialize krb5 context"); return 0; } - krb5_init_ets(krb_context); return 1; } @@ -159,30 +172,10 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; } #else - { - int tmpfd; - char ccname[40]; - - snprintf(ccname, sizeof(ccname), - "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); - - if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) { - logit("mkstemp(): %.100s", strerror(errno)); - problem = errno; - return; - } - if (fchmod(tmpfd, S_IRUSR | S_IWUSR) == -1) { - logit("fchmod(): %.100s", strerror(errno)); - close(tmpfd); - problem = errno; - return; - } - close(tmpfd); - if ((problem = krb5_cc_resolve(krb_context, ccname, &ccache))) { - logit("krb5_cc_resolve(): %.100s", - krb5_get_err_text(krb_context, problem)); - return; - } + if ((problem = ssh_krb5_cc_gen(krb_context, &ccache))) { + logit("ssh_krb5_cc_gen(): %.100s", + krb5_get_err_text(krb_context, problem)); + return; } #endif /* #ifdef HEIMDAL */ @@ -235,26 +228,6 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; } -ssh_gssapi_mech gssapi_kerberos_mech = { - "toWM5Slw5Ew8Mqkay+al2g==", - "Kerberos", - {9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}, - NULL, - &ssh_gssapi_krb5_userok, - &ssh_gssapi_krb5_localname, - &ssh_gssapi_krb5_storecreds -}; - -ssh_gssapi_mech gssapi_kerberos_mech_old = { - "Se3H81ismmOC3OE+FwYCiQ==", - "Kerberos", - {9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}, - &ssh_gssapi_krb5_init, - &ssh_gssapi_krb5_userok, - &ssh_gssapi_krb5_localname, - &ssh_gssapi_krb5_storecreds -}; - #endif /* KRB5 */ #endif /* GSSAPI */