X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/83059c7bd1797951ff08b6183c91687897d6b1a4..97f0f2cce4eeef89047da2228a6bea6274065f1e:/openssh/gss-serv-krb5.c

diff --git a/openssh/gss-serv-krb5.c b/openssh/gss-serv-krb5.c
index 769e88b..fe9c995 100644
--- a/openssh/gss-serv-krb5.c
+++ b/openssh/gss-serv-krb5.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gss-serv-krb5.c,v 1.2 2003/11/21 11:57:03 djm Exp $	*/
+/*	$OpenBSD: gss-serv-krb5.c,v 1.3 2004/07/21 10:36:23 djm Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -64,20 +64,10 @@ ssh_gssapi_mech gssapi_kerberos_mech = {
 	&ssh_gssapi_krb5_storecreds
 };
 
-ssh_gssapi_mech gssapi_kerberos_mech_old = {
-	"Se3H81ismmOC3OE+FwYCiQ==",
-	"Kerberos",
-	{9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"},
-	&ssh_gssapi_krb5_init,
-	&ssh_gssapi_krb5_userok,
-	&ssh_gssapi_krb5_localname,
-	&ssh_gssapi_krb5_storecreds
-};
-
 /* Initialise the krb5 library, for the stuff that GSSAPI won't do */
 
 static int
-ssh_gssapi_krb5_init()
+ssh_gssapi_krb5_init(void)
 {
 	krb5_error_code problem;
 
@@ -89,7 +79,9 @@ ssh_gssapi_krb5_init()
 		logit("Cannot initialize krb5 context");
 		return 0;
 	}
+#ifdef KRB5_INIT_ETS
 	krb5_init_ets(krb_context);
+#endif
 
 	return 1;
 }
@@ -186,11 +178,15 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
 	{
 		int tmpfd;
 		char ccname[40];
+		mode_t old_umask;
 
 		snprintf(ccname, sizeof(ccname),
 		    "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid());
 
-		if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) {
+		old_umask = umask(0177);
+		tmpfd = mkstemp(ccname + strlen("FILE:"));
+		umask(old_umask);
+		if (tmpfd == -1) {
 			logit("mkstemp(): %.100s", strerror(errno));
 			problem = errno;
 			return;