-/* $OpenBSD: gss-genr.c,v 1.3 2003/11/21 11:57:03 djm Exp $ */
+/* $OpenBSD: gss-genr.c,v 1.11 2006/07/22 20:48:23 stevesk Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
#ifdef GSSAPI
+#include <string.h>
+#include <unistd.h>
+
#include "xmalloc.h"
#include "bufaux.h"
-#include "compat.h"
#include "log.h"
-#include "monitor_wrap.h"
#include "ssh2.h"
#include "ssh-gss.h"
void
ssh_gssapi_error(Gssctxt *ctxt)
{
- debug("%s", ssh_gssapi_last_error(ctxt, NULL, NULL));
+ char *s;
+
+ s = ssh_gssapi_last_error(ctxt, NULL, NULL);
+ debug("%s", s);
+ xfree(s);
}
char *
-ssh_gssapi_last_error(Gssctxt *ctxt,
- OM_uint32 *major_status, OM_uint32 *minor_status)
+ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
+ OM_uint32 *minor_status)
{
OM_uint32 lmin;
gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
void
ssh_gssapi_build_ctx(Gssctxt **ctx)
{
- *ctx = xmalloc(sizeof (Gssctxt));
- (*ctx)->major = 0;
- (*ctx)->minor = 0;
+ *ctx = xcalloc(1, sizeof (Gssctxt));
(*ctx)->context = GSS_C_NO_CONTEXT;
(*ctx)->name = GSS_C_NO_NAME;
(*ctx)->oid = GSS_C_NO_OID;
ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
{
gss_buffer_desc gssbuf;
+ char *val;
- gssbuf.length = sizeof("host@") + strlen(host);
- gssbuf.value = xmalloc(gssbuf.length);
- snprintf(gssbuf.value, gssbuf.length, "host@%s", host);
+ xasprintf(&val, "host@%s", host);
+ gssbuf.value = val;
+ gssbuf.length = strlen(gssbuf.value);
if ((ctx->major = gss_import_name(&ctx->minor,
&gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
gss_create_empty_oid_set(&status, &oidset);
gss_add_oid_set_member(&status, ctx->oid, &oidset);
- if (gethostname(lname, MAXHOSTNAMELEN))
+ if (gethostname(lname, MAXHOSTNAMELEN)) {
+ gss_release_oid_set(&status, &oidset);
return (-1);
+ }
- if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname)))
+ if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
+ gss_release_oid_set(&status, &oidset);
return (ctx->major);
+ }
if ((ctx->major = gss_acquire_cred(&ctx->minor,
ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
GSS_C_QOP_DEFAULT, buffer, hash)))
ssh_gssapi_error(ctx);
-
+
return (ctx->major);
}
void
ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
const char *context)
-{
+{
buffer_init(b);
buffer_put_string(b, session_id2, session_id2_len);
buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST);
}
OM_uint32
-ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) {
+ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
+{
if (*ctx)
ssh_gssapi_delete_ctx(ctx);
ssh_gssapi_build_ctx(ctx);