- (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]

[openssh.git] / gss-genr.c

diff --git a/gss-genr.c b/gss-genr.c
index 1e044dbbb3263651b5ca8dd5cb0ec8593fdda583..522fedab3c3796d19300102b59115e5757a53ff7 100644 (file)
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: gss-genr.c,v 1.3 2003/11/21 11:57:03 djm Exp $        */
+/* $OpenBSD: gss-genr.c,v 1.11 2006/07/22 20:48:23 stevesk Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -28,11 +28,12 @@
 
 #ifdef GSSAPI
 
+#include <string.h>
+#include <unistd.h>
+
 #include "xmalloc.h"
 #include "bufaux.h"
-#include "compat.h"
 #include "log.h"
-#include "monitor_wrap.h"
 #include "ssh2.h"
 
 #include "ssh-gss.h"
@@ -74,12 +75,16 @@ ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid)
 void
 ssh_gssapi_error(Gssctxt *ctxt)
 {
-       debug("%s", ssh_gssapi_last_error(ctxt, NULL, NULL));
+       char *s;
+
+       s = ssh_gssapi_last_error(ctxt, NULL, NULL);
+       debug("%s", s);
+       xfree(s);
 }
 
 char *
-ssh_gssapi_last_error(Gssctxt *ctxt,
-                     OM_uint32 *major_status, OM_uint32 *minor_status)
+ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
+    OM_uint32 *minor_status)
 {
        OM_uint32 lmin;
        gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
@@ -133,9 +138,7 @@ ssh_gssapi_last_error(Gssctxt *ctxt,
 void
 ssh_gssapi_build_ctx(Gssctxt **ctx)
 {
-       *ctx = xmalloc(sizeof (Gssctxt));
-       (*ctx)->major = 0;
-       (*ctx)->minor = 0;
+       *ctx = xcalloc(1, sizeof (Gssctxt));
        (*ctx)->context = GSS_C_NO_CONTEXT;
        (*ctx)->name = GSS_C_NO_NAME;
        (*ctx)->oid = GSS_C_NO_OID;
@@ -205,10 +208,11 @@ OM_uint32
 ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
 {
        gss_buffer_desc gssbuf;
+       char *val;
 
-       gssbuf.length = sizeof("host@") + strlen(host);
-       gssbuf.value = xmalloc(gssbuf.length);
-       snprintf(gssbuf.value, gssbuf.length, "host@%s", host);
+       xasprintf(&val, "host@%s", host);
+       gssbuf.value = val;
+       gssbuf.length = strlen(gssbuf.value);
 
        if ((ctx->major = gss_import_name(&ctx->minor,
            &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
@@ -233,11 +237,15 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx)
        gss_create_empty_oid_set(&status, &oidset);
        gss_add_oid_set_member(&status, ctx->oid, &oidset);
 
-       if (gethostname(lname, MAXHOSTNAMELEN))
+       if (gethostname(lname, MAXHOSTNAMELEN)) {
+               gss_release_oid_set(&status, &oidset);
                return (-1);
+       }
 
-       if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname)))
+       if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
+               gss_release_oid_set(&status, &oidset);
                return (ctx->major);
+       }
 
        if ((ctx->major = gss_acquire_cred(&ctx->minor,
            ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
@@ -253,14 +261,14 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
        if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
            GSS_C_QOP_DEFAULT, buffer, hash)))
                ssh_gssapi_error(ctx);
-       
+
        return (ctx->major);
 }
 
 void
 ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
     const char *context)
-{      
+{
        buffer_init(b);
        buffer_put_string(b, session_id2, session_id2_len);
        buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST);
@@ -270,7 +278,8 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
 }
 
 OM_uint32
-ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) {
+ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
+{
        if (*ctx)
                ssh_gssapi_delete_ctx(ctx);
        ssh_gssapi_build_ctx(ctx);