version 1.19, 2013/04/05 00:14:00 |
version 1.20, 2013/05/17 00:13:13 |
|
|
do { |
do { |
mechs--; |
mechs--; |
|
|
if (doid) |
free(doid); |
xfree(doid); |
|
|
|
present = 0; |
present = 0; |
doid = packet_get_string(&len); |
doid = packet_get_string(&len); |
|
|
gss_release_oid_set(&ms, &supported); |
gss_release_oid_set(&ms, &supported); |
|
|
if (!present) { |
if (!present) { |
xfree(doid); |
free(doid); |
authctxt->server_caused_failure = 1; |
authctxt->server_caused_failure = 1; |
return (0); |
return (0); |
} |
} |
|
|
if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { |
if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { |
if (ctxt != NULL) |
if (ctxt != NULL) |
ssh_gssapi_delete_ctx(&ctxt); |
ssh_gssapi_delete_ctx(&ctxt); |
xfree(doid); |
free(doid); |
authctxt->server_caused_failure = 1; |
authctxt->server_caused_failure = 1; |
return (0); |
return (0); |
} |
} |
|
|
packet_put_string(doid, len); |
packet_put_string(doid, len); |
|
|
packet_send(); |
packet_send(); |
xfree(doid); |
free(doid); |
|
|
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); |
|
|
maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, |
maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, |
&send_tok, &flags)); |
&send_tok, &flags)); |
|
|
xfree(recv_tok.value); |
free(recv_tok.value); |
|
|
if (GSS_ERROR(maj_status)) { |
if (GSS_ERROR(maj_status)) { |
if (send_tok.length != 0) { |
if (send_tok.length != 0) { |
|
|
maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, |
maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, |
&send_tok, NULL)); |
&send_tok, NULL)); |
|
|
xfree(recv_tok.value); |
free(recv_tok.value); |
|
|
/* We can't return anything to the client, even if we wanted to */ |
/* We can't return anything to the client, even if we wanted to */ |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
|
|
logit("GSSAPI MIC check failed"); |
logit("GSSAPI MIC check failed"); |
|
|
buffer_free(&b); |
buffer_free(&b); |
xfree(mic.value); |
free(mic.value); |
|
|
authctxt->postponed = 0; |
authctxt->postponed = 0; |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |