X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/d037a8b0691afd8685d1a1202b3bf88c9542a8a9..c7931c9aedd8e12fdd0df715dcefce0e0c95be6a:/openssh/kexgsss.c

diff --git a/openssh/kexgsss.c b/openssh/kexgsss.c
index ae58cac..3e5205c 100644
--- a/openssh/kexgsss.c
+++ b/openssh/kexgsss.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -42,8 +42,10 @@
 #include "dh.h"
 #include "ssh-gss.h"
 #include "monitor_wrap.h"
+#include "servconf.h"
 
 static void kex_gss_send_error(Gssctxt *ctxt);
+extern ServerOptions options;
 
 void
 kexgss_server(Kex *kex)
@@ -69,6 +71,7 @@ kexgss_server(Kex *kex)
 	BIGNUM *dh_client_pub = NULL;
 	int type = 0;
 	gss_OID oid;
+	char *mechs;
 
 	/* Initialise GSSAPI */
 
@@ -77,7 +80,8 @@ kexgss_server(Kex *kex)
 	 * into life
 	 */
 	if (!ssh_gssapi_oid_table_ok()) 
-		ssh_gssapi_server_mechanisms();
+		if ((mechs = ssh_gssapi_server_mechanisms()))
+			xfree(mechs);
 
 	debug2("%s: Identifying %s", __func__, kex->name);
 	oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
@@ -168,7 +172,7 @@ kexgss_server(Kex *kex)
 		if (maj_status & GSS_S_CONTINUE_NEEDED) {
 			debug("Sending GSSAPI_CONTINUE");
 			packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-			packet_put_string(send_tok.value, send_tok.length);
+			packet_put_string((char *)send_tok.value, send_tok.length);
 			packet_send();
 			gss_release_buffer(&min_status, &send_tok);
 		}
@@ -178,7 +182,7 @@ kexgss_server(Kex *kex)
 		kex_gss_send_error(ctxt);
 		if (send_tok.length > 0) {
 			packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-			packet_put_string(send_tok.value, send_tok.length);
+			packet_put_string((char *)send_tok.value, send_tok.length);
 			packet_send();
 		}
 		packet_disconnect("GSSAPI Key Exchange handshake failed");
@@ -196,9 +200,16 @@ kexgss_server(Kex *kex)
 	klen = DH_size(dh);
 	kbuf = xmalloc(klen); 
 	kout = DH_compute_key(kbuf, dh_client_pub, dh);
+	if (kout < 0)
+		fatal("DH_compute_key: failed");
 
 	shared_secret = BN_new();
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (shared_secret == NULL)
+		fatal("kexgss_server: BN_new failed");
+
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+		fatal("kexgss_server: BN_bin2bn failed");
+
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
 
@@ -233,7 +244,7 @@ kexgss_server(Kex *kex)
 		fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
 	}
 
-	BN_free(dh_client_pub);
+	BN_clear_free(dh_client_pub);
 
 	if (kex->session_id == NULL) {
 		kex->session_id_len = hashlen;
@@ -272,6 +283,11 @@ kexgss_server(Kex *kex)
 	kex_derive_keys(kex, hash, hashlen, shared_secret);
 	BN_clear_free(shared_secret);
 	kex_finish(kex);
+
+	/* If this was a rekey, then save out any delegated credentials we
+	 * just exchanged.  */
+	if (options.gss_store_rekey)
+		ssh_gssapi_rekey_creds();
 }
 
 static void