*/
#include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.47 2003/08/24 17:36:52 deraadt Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.49 2003/08/28 12:54:34 markus Exp $");
#include <openssl/dh.h>
int mm_answer_pam_free_ctx(int, Buffer *);
#endif
-#ifdef KRB5
-int mm_answer_krb5(int, Buffer *);
-#endif
#ifdef GSSAPI
int mm_answer_gss_setup_ctx(int, Buffer *);
int mm_answer_gss_accept_ctx(int, Buffer *);
#endif
{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
{MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},
-#ifdef KRB5
- {MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5},
-#endif
#ifdef GSSAPI
{MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx},
{MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
{MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query},
{MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},
{MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
-#endif
-#ifdef KRB5
- {MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5},
#endif
{0, 0, NULL}
};
return (success);
}
-#ifdef KRB5
-int
-mm_answer_krb5(int socket, Buffer *m)
-{
- krb5_data tkt, reply;
- char *client_user;
- u_int len;
- int success;
-
- /* use temporary var to avoid size issues on 64bit arch */
- tkt.data = buffer_get_string(m, &len);
- tkt.length = len;
-
- success = options.kerberos_authentication &&
- authctxt->valid &&
- auth_krb5(authctxt, &tkt, &client_user, &reply);
-
- if (tkt.length)
- xfree(tkt.data);
-
- buffer_clear(m);
- buffer_put_int(m, success);
-
- if (success) {
- buffer_put_cstring(m, client_user);
- buffer_put_string(m, reply.data, reply.length);
- if (client_user)
- xfree(client_user);
- if (reply.length)
- xfree(reply.data);
- }
- mm_request_send(socket, MONITOR_ANS_KRB5, m);
-
- auth_method = "kerberos";
-
- return success;
-}
-#endif
-
int
mm_answer_term(int socket, Buffer *req)
{