- (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c

[openssh.git] / gss-serv.c

diff --git a/gss-serv.c b/gss-serv.c
index 8eb20e9557e83d48866a894fcb98c7d9dcb32e70..11713045919e9b64b82e67321431c5a65ddbad0a 100644 (file)
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: gss-serv.c,v 1.2 2003/08/31 13:30:18 markus Exp $     */
+/*     $OpenBSD: gss-serv.c,v 1.8 2005/08/30 22:08:05 djm Exp $        */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -134,18 +134,18 @@ ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *recv_tok,
 static OM_uint32
 ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
 {
-       char *tok;
+       u_char *tok;
        OM_uint32 offset;
        OM_uint32 oidl;
-       
+
        tok=ename->value;
-       
-       /* 
-        * Check that ename is long enough for all of the fixed length 
+
+       /*
+        * Check that ename is long enough for all of the fixed length
         * header, and that the initial ID bytes are correct
         */
 
-       if (ename->length<6 || memcmp(tok,"\x04\x01", 2)!=0) 
+       if (ename->length<6 || memcmp(tok,"\x04\x01", 2)!=0)
                return GSS_S_FAILURE;
 
        /*
@@ -163,27 +163,27 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
         * string is long enough and that the OID matches that in our context
         */
        if (tok[4] != 0x06 || tok[5] != oidl ||
-           ename->length < oidl+6 ||        
-          !ssh_gssapi_check_oid(ctx,tok+6,oidl))
+           ename->length < oidl+6 ||
+           !ssh_gssapi_check_oid(ctx,tok+6,oidl))
                return GSS_S_FAILURE;
 
        offset = oidl+6;
-       
+
        if (ename->length < offset+4)
                return GSS_S_FAILURE;
-               
+
        name->length = GET_32BIT(tok+offset);
        offset += 4;
-       
+
        if (ename->length < offset+name->length)
-               return GSS_S_FAILURE;
-       
+               return GSS_S_FAILURE;
+
        name->value = xmalloc(name->length+1);
        memcpy(name->value,tok+offset,name->length);
        ((char *)name->value)[name->length] = 0;
 
        return GSS_S_COMPLETE;
-} 
+}
 
 /* Extract the client details from a given context. This can only reliably
  * be called once for a context */
@@ -195,7 +195,7 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
        int i = 0;
 
        gss_buffer_desc ename;
-       
+
        client->mech = NULL;
 
        while (supported_mechs[i]->name != NULL) {
@@ -206,21 +206,21 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
                i++;
        }
 
-       if (client->mech == NULL) 
+       if (client->mech == NULL)
                return GSS_S_FAILURE;
-       
-       if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, 
+
+       if ((ctx->major = gss_display_name(&ctx->minor, ctx->client,
            &client->displayname, NULL))) {
-               ssh_gssapi_error(ctx);
-               return (ctx->major);
+               ssh_gssapi_error(ctx);
+               return (ctx->major);
        }
-       
-       if ((ctx->major = gss_export_name(&ctx->minor, ctx->client, 
+
+       if ((ctx->major = gss_export_name(&ctx->minor, ctx->client,
            &ename))) {
                ssh_gssapi_error(ctx);
                return (ctx->major);
        }
-       
+
        if ((ctx->major = ssh_gssapi_parse_ename(ctx,&ename,
            &client->exportedname))) {
                return (ctx->major);
@@ -232,9 +232,9 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
        return (ctx->major);
 }
 
-/* As user - called through fatal cleanup hook */
+/* As user - called on fatal/exit */
 void
-ssh_gssapi_cleanup_creds(void *ignored)
+ssh_gssapi_cleanup_creds(void)
 {
        if (gssapi_client.store.filename != NULL) {
                /* Unlink probably isn't sufficient */
@@ -249,8 +249,6 @@ ssh_gssapi_storecreds(void)
 {
        if (gssapi_client.mech && gssapi_client.mech->storecreds) {
                (*gssapi_client.mech->storecreds)(&gssapi_client);
-               if (options.gss_cleanup_creds)
-                       fatal_add_cleanup(ssh_gssapi_cleanup_creds, NULL);
        } else
                debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism");
 }
@@ -269,7 +267,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
                debug("Setting %s to %s", gssapi_client.store.envvar,
                gssapi_client.store.envval);
                child_set_env(envp, envsizep, gssapi_client.store.envvar,
-                    gssapi_client.store.envval);
+                   gssapi_client.store.envval);
        }
 }
 
@@ -277,16 +275,37 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
 int
 ssh_gssapi_userok(char *user)
 {
+       OM_uint32 lmin;
+
        if (gssapi_client.exportedname.length == 0 ||
            gssapi_client.exportedname.value == NULL) {
                debug("No suitable client data");
                return 0;
        }
        if (gssapi_client.mech && gssapi_client.mech->userok)
-               return ((*gssapi_client.mech->userok)(&gssapi_client, user));
+               if ((*gssapi_client.mech->userok)(&gssapi_client, user))
+                       return 1;
+               else {
+                       /* Destroy delegated credentials if userok fails */
+                       gss_release_buffer(&lmin, &gssapi_client.displayname);
+                       gss_release_buffer(&lmin, &gssapi_client.exportedname);
+                       gss_release_cred(&lmin, &gssapi_client.creds);
+                       memset(&gssapi_client, 0, sizeof(ssh_gssapi_client));
+                       return 0;
+               }
        else
                debug("ssh_gssapi_userok: Unknown GSSAPI mechanism");
        return (0);
 }
 
+/* Priviledged */
+OM_uint32
+ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
+{
+       ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
+           gssbuf, gssmic, NULL);
+
+       return (ctx->major);
+}
+
 #endif