===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/gss-genr.c,v
retrieving revision 1.6.2.1
retrieving revision 1.7
diff -u -r1.6.2.1 -r1.7
--- src/usr.bin/ssh/gss-genr.c	2006/09/30 04:06:50	1.6.2.1
+++ src/usr.bin/ssh/gss-genr.c	2006/03/20 04:07:49	1.7
@@ -1,7 +1,7 @@
-/* $OpenBSD: gss-genr.c,v 1.6.2.1 2006/09/30 04:06:50 brad Exp $ */
+/*	$OpenBSD: gss-genr.c,v 1.7 2006/03/20 04:07:49 djm Exp $	*/
 
 /*
- * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -24,15 +24,12 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include "includes.h"
+
 #ifdef GSSAPI
 
-#include <sys/param.h>
-
-#include <string.h>
-#include <stdarg.h>
-
 #include "xmalloc.h"
-#include "buffer.h"
+#include "bufaux.h"
 #include "log.h"
 #include "ssh2.h"
 
@@ -138,7 +135,9 @@
 void
 ssh_gssapi_build_ctx(Gssctxt **ctx)
 {
-	*ctx = xcalloc(1, sizeof (Gssctxt));
+	*ctx = xmalloc(sizeof (Gssctxt));
+	(*ctx)->major = 0;
+	(*ctx)->minor = 0;
 	(*ctx)->context = GSS_C_NO_CONTEXT;
 	(*ctx)->name = GSS_C_NO_NAME;
 	(*ctx)->oid = GSS_C_NO_OID;
@@ -208,11 +207,10 @@
 ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
 {
 	gss_buffer_desc gssbuf;
-	char *val;
 
-	xasprintf(&val, "host@%s", host);
-	gssbuf.value = val;
-	gssbuf.length = strlen(gssbuf.value);
+	gssbuf.length = sizeof("host@") + strlen(host);
+	gssbuf.value = xmalloc(gssbuf.length);
+	snprintf(gssbuf.value, gssbuf.length, "host@%s", host);
 
 	if ((ctx->major = gss_import_name(&ctx->minor,
 	    &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
@@ -285,36 +283,6 @@
 	ssh_gssapi_build_ctx(ctx);
 	ssh_gssapi_set_oid(*ctx, oid);
 	return (ssh_gssapi_acquire_cred(*ctx));
-}
-
-int
-ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
-{
-	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
-	OM_uint32 major, minor;
-	gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
-
-	/* RFC 4462 says we MUST NOT do SPNEGO */
-	if (oid->length == spnego_oid.length && 
-	    (memcmp(oid->elements, spnego_oid.elements, oid->length) == 0))
-		return 0; /* false */
-
-	ssh_gssapi_build_ctx(ctx);
-	ssh_gssapi_set_oid(*ctx, oid);
-	major = ssh_gssapi_import_name(*ctx, host);
-	if (!GSS_ERROR(major)) {
-		major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, 
-		    NULL);
-		gss_release_buffer(&minor, &token);
-		if ((*ctx)->context != GSS_C_NO_CONTEXT)
-			gss_delete_sec_context(&minor, &(*ctx)->context,
-			    GSS_C_NO_BUFFER);
-	}
-
-	if (GSS_ERROR(major)) 
-		ssh_gssapi_delete_ctx(ctx);
-
-	return (!GSS_ERROR(major));
 }
 
 #endif /* GSSAPI */