X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/6dc60241a6a563c6e5c214c7dae931aa452bb4b2..9f2c8cb950fea61c599edeb9721aca66f4bd61f6:/openssh/gss-serv.c

diff --git a/openssh/gss-serv.c b/openssh/gss-serv.c
index b6b23b7..6fbc09d 100644
--- a/openssh/gss-serv.c
+++ b/openssh/gss-serv.c
@@ -531,10 +531,11 @@ void
 ssh_gssapi_rekey_creds() {
 	int ok;
 #ifdef USE_PAM
-    int ret;
+	int ret;
 	pam_handle_t *pamh = NULL;
 	struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL};
 	char *envstr;
+	char **p;char **pw;
 #endif
 
 	if (gssapi_client.store.filename == NULL && 
@@ -564,6 +565,18 @@ ssh_gssapi_rekey_creds() {
 	if (ret)
 		return;
 
+	/* Put ssh pam stack env variables in this new pam stack env 
+	 * Using pam-pkinit, KRB5CCNAME is set during do_pam_session
+	 * this addition enables pam-pkinit to access KRB5CCNAME if used 
+	 * in sshd-rekey stack too
+	 */
+	pw = p = fetch_pam_environment();
+	while ( *pw != NULL ) {
+	        pam_putenv(pamh,*pw);
+		pw++;
+	}
+	free_pam_environment(p);
+
 	xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, 
 	    gssapi_client.store.envval);
 
@@ -595,4 +608,10 @@ ssh_gssapi_update_creds(ssh_gssapi_ccache *store) {
 	return ok;
 }
 
+void
+ssh_gssapi_get_client_info(char **userdn, char **mech) {
+	*userdn = gssapi_client.displayname.value;
+	*mech = gssapi_client.mech->name;
+}
+
 #endif