- (djm) Make portable build with MIT krb5 (some issues remain)

diff --git a/ChangeLog b/ChangeLog
index be6449e83e1d915ce43b7ac64bea067fd1b1f5c3..34d6b517c4a8b7262fde40906a67676cf6c43a3c 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -67,6 +67,7 @@
      [auth2.c monitor.c sshconnect2.c auth2-krb5.c]
      implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
      server interops with commercial client; ok jakob@ djm@
+ - (djm) Make portable build with MIT krb5 (some issues remain)
 
 20030512
  - (djm) Redhat spec: Don't install profile.d scripts when not 

diff --git a/Makefile.in b/Makefile.in
index dc0eabd3f3a05bd3d1ce0939615bbceaa9c1dc7f..5b3b7be8ebc1281864d854314f7ea401cb9f1e8b 100644 (file)
--- a/Makefile.in
+++ b/Makefile.in
@@ -80,7 +80,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
        auth2-none.o auth2-passwd.o auth2-pubkey.o \
        monitor_mm.o monitor.o monitor_wrap.o monitor_fdpass.o \
        kexdhs.o kexgexs.o \
-       auth-krb5.o auth-krb4.o \
+       auth-krb5.o auth2-krb5.o auth-krb4.o \
        loginrec.o auth-pam.o auth-sia.o md5crypt.o
 
 MANPAGES       = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out

diff --git a/auth-krb5.c b/auth-krb5.c
index 34b9d661a7c2fad276c16bbd0399fa210f2f0411..0a6f826e79db48dff9987a7709ba07caf3ecdcfc 100644 (file)
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -40,6 +40,7 @@ RCSID("$OpenBSD: auth-krb5.c,v 1.10 2002/11/21 23:03:51 deraadt Exp $");
 #include "auth.h"
 
 #ifdef KRB5
+
 #include <krb5.h>
 #ifndef HEIMDAL
 #define krb5_get_err_text(context,code) error_message(code)

diff --git a/auth2-krb5.c b/auth2-krb5.c
index ea4d76da042ca404c4b8e8261011e044b8cbac1f..b4ff16b62dad9d8e3e6b0a039bdb1fa6200ad6bc 100644 (file)
--- a/auth2-krb5.c
+++ b/auth2-krb5.c
@@ -25,6 +25,8 @@
 #include "includes.h"
 RCSID("$OpenBSD: auth2-krb5.c,v 1.1 2003/05/14 02:15:47 markus Exp $");
 
+#ifdef KRB5
+
 #include <krb5.h>
 
 #include "ssh2.h"
@@ -64,3 +66,5 @@ Authmethod method_kerberos = {
        userauth_kerberos,
        &options.kerberos_authentication
 };
+
+#endif /* KRB5 */

diff --git a/sshconnect2.c b/sshconnect2.c
index 0605e4e5f6a19df308bbe374e62d403d7eafb397..f91f5b274140e67225e6e0484ad8bc1d7e37ebcf 100644 (file)
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -27,8 +27,13 @@ RCSID("$OpenBSD: sshconnect2.c,v 1.118 2003/05/14 02:15:47 markus Exp $");
 
 #ifdef KRB5
 #include <krb5.h>
+#ifndef HEIMDAL
+#define krb5_get_err_text(context,code) error_message(code)
+#endif /* !HEIMDAL */
 #endif
 
+#include "openbsd-compat/sys-queue.h"
+
 #include "ssh.h"
 #include "ssh2.h"
 #include "xmalloc.h"
@@ -1206,7 +1211,12 @@ userauth_kerberos(Authctxt *authctxt)
        packet_put_string(ap.data, ap.length);
        packet_send();
 
+#ifdef HEIMDAL
        krb5_data_free(&ap);
+#else
+# warning "XXX - leaks ap data on MIT kerberos"
+#endif
+
        return (1);
 }
 #endif