if (GSS_ERROR(maj_status)) {
/* Failure <sniff> */
- ssh_gssapi_send_error(gssctxt->oid,maj_status,min_status);
+ if (gssctxt) { /* may be NULL under privsep */
+ ssh_gssapi_send_error(gssctxt->oid,maj_status,min_status);
+ } else {
+ ssh_gssapi_send_error(GSS_C_NO_OID,maj_status,min_status);
+ }
authctxt->postponed = 0;
dispatch_set(SSH_MSG_AUTH_GSSAPI_TOKEN, NULL);
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
} while (maj_status & GSS_S_CONTINUE_NEEDED);
if (GSS_ERROR(maj_status)) {
- ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+ ssh_gssapi_send_error(oid,maj_status,min_status);
packet_disconnect("gssapi key exchange handshake failed");
}
debug("gss_complete");
if (!(ret_flags & GSS_C_MUTUAL_FLAG)) {
- ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+ ssh_gssapi_send_error(oid,maj_status,min_status);
packet_disconnect("gssapi mutual authentication failed");
}
if (!(ret_flags & GSS_C_INTEG_FLAG)) {
- ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+ ssh_gssapi_send_error(oid,maj_status,min_status);
packet_disconnect("gssapi channel integrity not established");
}
gssbuf.length = 20; /* Hashlen appears to always be 20 */
if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok)))) {
- ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+ if (ctxt) { /* may be NULL under privsep */
+ ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+ } else {
+ ssh_gssapi_send_error(GSS_C_NO_OID,maj_status,min_status);
+ }
packet_disconnect("Couldn't get MIC");
}