gss_release_buffer(&min_status,&recv_tok);
-/*modified by binhe*/
#ifdef GSS_C_GLOBUS_LIMITED_PROXY_FLAG
if (ret_flags & GSS_C_GLOBUS_LIMITED_PROXY_FLAG) {
fatal("Limited proxy is not allowed.");
}
#endif
-/*end of modification*/
if (maj_status & GSS_S_CONTINUE_NEEDED) {
debug("Sending GSSAPI_CONTINUE");
#include "canohost.h"
#include "auth.h"
-/*modified by binhe*/
#ifdef GSSAPI
#include "ssh-gss.h"
#include "bufaux.h"
*/
unsigned char ssh_key_digest[16];
#endif /* GSSAPI */
-/*end of modification*/
/* Session id for the current session. */
u_char session_id[16];
return 0;
}
-/*modified by binhe*/
#ifdef GSSAPI
/*
* This code stolen from the gss-client.c sample program from MIT's
#endif /* GSSAPI */
-/*end of modification*/
/*
* SSH1 key exchange
log("Warning: This may be due to an old implementation of ssh.");
}
-/*modified by binhe*/
#ifdef GSSAPI
{
MD5_CTX md5context;
buffer_free(&buf);
}
#endif /* GSSAPI */
-/*end of modification*/
/* Get protocol flags. */
server_flags = packet_get_int();
ssh_userauth1(const char *local_user, const char *server_user, char *host,
Key **keys, int nkeys)
{
-/*modified by binhe*/
#ifdef GSSAPI
#ifdef GSI
const char *save_server_user = NULL;
#endif /* GSI */
#endif /* GSSAPI */
-/*end of modification*/
#ifdef KRB5
krb5_context context = NULL;
if (supported_authentications == 0)
fatal("ssh_userauth1: server supports no auth methods");
-/*modified by binhe*/
#ifdef GSSAPI
#ifdef GSI
/* if no user given, tack on the subject name after the server_user.
}
#endif /* GSI */
#endif /* GSSAPI */
-/*end of modification*/
/* Send the name of the user to log in as on the server. */
packet_start(SSH_CMSG_USER);
packet_send();
packet_write_wait();
-/*modified by binhe*/
#if defined(GSI)
if(save_server_user)
{
server_user = save_server_user;
}
#endif
-/*end of modification*/
/*
* The server should respond with success if no authentication is
* needed (the user has no password). Otherwise the server responds
if (type != SSH_SMSG_FAILURE)
packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type);
-/*modified by binhe*/
#ifdef GSSAPI
/* Try GSSAPI authentication */
if ((supported_authentications & (1 << SSH_AUTH_GSSAPI)) &&
debug("GSSAPI authentication failed");
}
#endif /* GSSAPI */
-/*end of modification*/
#ifdef KRB5
if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) &&