version 1.6, 2003/11/17 11:06:07 |
version 1.7, 2003/11/21 11:57:03 |
|
|
present = 0; |
present = 0; |
doid = packet_get_string(&len); |
doid = packet_get_string(&len); |
|
|
if (len > 2 && |
if (len > 2 && |
doid[0] == SSH_GSS_OIDTYPE && |
doid[0] == SSH_GSS_OIDTYPE && |
doid[1] == len - 2) { |
doid[1] == len - 2) { |
oid.elements = doid + 2; |
oid.elements = doid + 2; |
oid.length = len - 2; |
oid.length = len - 2; |
gss_test_oid_set_member(&ms, &oid, supported, |
gss_test_oid_set_member(&ms, &oid, supported, |
&present); |
&present); |
} else { |
} else { |
|
|
Buffer b; |
Buffer b; |
gss_buffer_desc mic, gssbuf; |
gss_buffer_desc mic, gssbuf; |
u_int len; |
u_int len; |
|
|
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) |
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) |
fatal("No authentication or GSSAPI context"); |
fatal("No authentication or GSSAPI context"); |
|
|
gssctxt = authctxt->methoddata; |
gssctxt = authctxt->methoddata; |
|
|
mic.value = packet_get_string(&len); |
mic.value = packet_get_string(&len); |
mic.length = len; |
mic.length = len; |
|
|
ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service, |
ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service, |
"gssapi-with-mic"); |
"gssapi-with-mic"); |
|
|
gssbuf.value = buffer_ptr(&b); |
gssbuf.value = buffer_ptr(&b); |
gssbuf.length = buffer_len(&b); |
gssbuf.length = buffer_len(&b); |
|
|
if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) |
if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) |
authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); |
authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); |
else |
else |
|
|
|
|
buffer_free(&b); |
buffer_free(&b); |
xfree(mic.value); |
xfree(mic.value); |
|
|
authctxt->postponed = 0; |
authctxt->postponed = 0; |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); |
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); |