/* All this effort to report an error ... */
static void
-ssh_gssapi_error_ex(OM_uint32 major_status,OM_uint32 minor_status,
+ssh_gssapi_error_ex(gss_OID mech, OM_uint32 major_status,
+ OM_uint32 minor_status,
int send_packet) {
OM_uint32 lmaj, lmin;
gss_buffer_desc msg = {0,NULL};
do {
lmaj = gss_display_status(&lmin, major_status,
GSS_C_GSS_CODE,
- GSS_C_NULL_OID,
+ mech,
&ctx, &msg);
if (lmaj == GSS_S_COMPLETE) {
debug((char *)msg.value);
do {
lmaj = gss_display_status(&lmin, minor_status,
GSS_C_MECH_CODE,
- GSS_C_NULL_OID,
+ mech,
&ctx, &msg);
if (lmaj == GSS_S_COMPLETE) {
debug((char *)msg.value);
}
void
-ssh_gssapi_error(OM_uint32 major_status,OM_uint32 minor_status) {
- ssh_gssapi_error_ex(major_status, minor_status, 0);
+ssh_gssapi_error(gss_OID mech,OM_uint32 major_status,OM_uint32 minor_status) {
+ ssh_gssapi_error_ex(mech, major_status, minor_status, 0);
}
void
-ssh_gssapi_send_error(OM_uint32 major_status,OM_uint32 minor_status) {
- ssh_gssapi_error_ex(major_status, minor_status, 1);
+ssh_gssapi_send_error(gss_OID mech,
+ OM_uint32 major_status,OM_uint32 minor_status) {
+ ssh_gssapi_error_ex(mech, major_status, minor_status, 1);
}
NULL);
ctx->status=maj_status;
if (GSS_ERROR(maj_status)) {
- ssh_gssapi_error(maj_status,min_status);
+ ssh_gssapi_error(ctx->oid,maj_status,min_status);
}
return(maj_status);
}
gss_buffer_desc *send_tok, OM_uint32 *flags)
{
OM_uint32 maj_status, min_status;
- gss_OID mech;
maj_status=gss_accept_sec_context(&min_status,
&ctx->context,
recv_tok,
GSS_C_NO_CHANNEL_BINDINGS,
&ctx->client,
- &mech,
+ &ctx->oid,
send_tok,
flags,
NULL,
&ctx->client_creds);
if (GSS_ERROR(maj_status)) {
- ssh_gssapi_send_error(maj_status,min_status);
+ ssh_gssapi_send_error(ctx->oid,maj_status,min_status);
}
if (ctx->client_creds) {
&gssbuf,
GSS_C_NT_HOSTBASED_SERVICE,
&ctx->name))) {
- ssh_gssapi_error(maj_status,min_status);
+ ssh_gssapi_error(ctx->oid, maj_status,min_status);
}
xfree(xhost);
&ctx->creds,
NULL,
NULL))) {
- ssh_gssapi_error(maj_status,min_status);
+ ssh_gssapi_error(GSS_C_NO_OID,maj_status,min_status);
}
gss_release_oid_set(&min_status, &oidset);
*type=ssh_gssapi_get_ctype(ctx);
if ((maj_status=gss_display_name(&min_status,ctx->client,name,NULL))) {
- ssh_gssapi_error(maj_status,min_status);
+ ssh_gssapi_error(GSS_C_NO_OID,maj_status,min_status);
}
/* This is icky. There appears to be no way to copy this structure,
buffer,
NULL,
hash)))
- ssh_gssapi_error(maj_status,min_status);
+ ssh_gssapi_error(ctx->oid,maj_status,min_status);
}
else
if ((maj_status=gss_get_mic(&min_status,ctx->context,
GSS_C_QOP_DEFAULT, buffer, hash))) {
- ssh_gssapi_error(maj_status,min_status);
+ ssh_gssapi_error(ctx->oid,maj_status,min_status);
}
return(maj_status);
krb5_cred_handle,
ccache))) {
log("gss_krb5_copy_ccache() failed");
- ssh_gssapi_error(maj_status,min_status);
+ ssh_gssapi_error(&supported_mechs[GSS_KERBEROS].oid,
+ maj_status,min_status);
krb5_cc_destroy(krb_context,ccache);
return GSS_S_FAILURE;
}
maj_stat = gss_export_cred(&min_stat, gssapi_client_creds,
GSS_C_NO_OID, 1, &export_cred);
if (GSS_ERROR(maj_stat) && maj_stat != GSS_S_UNAVAILABLE) {
- ssh_gssapi_error(maj_stat, min_stat);
+ ssh_gssapi_error(GSS_C_NO_OID, maj_stat, min_stat);
return;
}
#endif
ssh_gssapi_export_cred(&min_stat, gssapi_client_creds,
GSS_C_NO_OID, 1, &export_cred);
if (GSS_ERROR(maj_stat)) {
- ssh_gssapi_error(maj_stat, min_stat);
+ ssh_gssapi_error(GSS_C_NO_OID, maj_stat, min_stat);
}
}
OM_uint32 status; /* both */
gss_ctx_id_t context; /* both */
gss_name_t name; /* both */
- gss_OID oid; /* client */
+ gss_OID oid; /* both */
gss_cred_id_t creds; /* server */
gss_name_t client; /* server */
gss_cred_id_t client_creds; /* server */
enum ssh_gss_id *type,
gss_buffer_desc *name,
gss_cred_id_t *creds);
-void ssh_gssapi_error(OM_uint32 major_status,OM_uint32 minor_status);
-void ssh_gssapi_send_error(OM_uint32 major_status,OM_uint32 minor_status);
+void ssh_gssapi_error(gss_OID mech,
+ OM_uint32 major_status, OM_uint32 minor_status);
+void ssh_gssapi_send_error(gss_OID mech,
+ OM_uint32 major_status,OM_uint32 minor_status);
void ssh_gssapi_build_ctx(Gssctxt **ctx);
void ssh_gssapi_delete_ctx(Gssctxt **ctx);
OM_uint32 ssh_gssapi_client_ctx(Gssctxt **ctx,gss_OID oid,char *host);
andersk / gssapi-openssh.git / commitdiff
