Gssctxt *gssctxt;
gss_buffer_desc send_tok,recv_tok;
OM_uint32 maj_status, min_status;
- int len;
+ u_int len;
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
fatal("No authentication or GSSAPI context");
gssctxt=authctxt->methoddata;
recv_tok.value=packet_get_string(&len);
- recv_tok.length=len; /* int vs. size_t */
+ recv_tok.length=len; /* u_int vs. size_t */
maj_status=PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
&send_tok, NULL));
Buffer peer;
int done;
int flags;
- char *host;
char *client_version_string;
char *server_version_string;
struct KexOptions options;
#include "log.h"
#include "packet.h"
#include "dh.h"
+#include "canohost.h"
#include "ssh2.h"
#include "ssh-gss.h"
-#include "canohost.h"
void
kexgss_client(Kex *kex)
char *lang;
int type = 0;
int first = 1;
- int slen = 0, strlen;
+ int slen = 0;
+ u_int strlen;
/* Initialise our GSSAPI world */
ssh_gssapi_build_ctx(&ctxt);
if (ssh_gssapi_client_id_kex(ctxt,kex->name)==NULL) {
fatal("Couldn't identify host exchange");
}
+
if (ssh_gssapi_import_name(ctxt,get_canonical_hostname(1))) {
fatal("Couldn't import hostname ");
}
if (GSS_ERROR(maj_status)) {
if (send_tok.length!=0) {
- /* Hmmm - not sure about this */
packet_start(SSH2_MSG_KEXGSS_CONTINUE);
packet_put_string(send_tok.value,
send_tok.length);
if (maj_status == GSS_S_COMPLETE)
fatal("GSSAPI Continue received from server when complete");
recv_tok.value=packet_get_string(&strlen);
- recv_tok.length=strlen; /* int vs. size_t */
+ recv_tok.length=strlen; /* u_int vs. size_t */
break;
case SSH2_MSG_KEXGSS_COMPLETE:
debug("Received GSSAPI_COMPLETE");
packet_get_bignum2(dh_server_pub);
msg_tok.value=packet_get_string(&strlen);
- msg_tok.length=strlen; /* int vs. size_t */
+ msg_tok.length=strlen; /* u_int vs. size_t */
/* Is there a token included? */
if (packet_get_char()) {
recv_tok.value=
packet_get_string(&strlen);
- recv_tok.length=strlen; /*int/size_t*/
+ recv_tok.length=strlen; /*u_int/size_t*/
/* If we're already complete - protocol error */
if (maj_status == GSS_S_COMPLETE)
packet_disconnect("Protocol error: received token when complete");
mm_answer_gss_setup_ctx(int socket, Buffer *m) {
gss_OID_desc oid;
OM_uint32 major;
- int len;
+ u_int len;
oid.elements=buffer_get_string(m,&len);
oid.length=len;
int authenticated = 0;
buffer_init(&m);
+
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, &m);
-
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUSEROK,
&m);
OM_uint32 major,minor;
int count;
gss_OID_desc oid;
+ u_int length;
+
buffer_init(&m);
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSMECHS, &m);
gss_create_empty_oid_set(&minor,mech_set);
while(count-->0) {
- u_int length;
oid.elements=buffer_get_string(&m,&length);
oid.length=length;
gss_add_oid_set_member(&minor,&oid,mech_set);
#include <gssapi_generic.h>
/* MIT Kerberos doesn't seem to define GSS_NT_HOSTBASED_SERVICE */
-
#ifndef GSS_C_NT_HOSTBASED_SERVICE
#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
#endif /* GSS_C_NT_... */
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
kex->verify_host_key=&verify_host_key_callback;
- kex->host=host;
#ifdef GSSAPI
kex->options.gss_deleg_creds=options.gss_deleg_creds;
#endif