version 1.7, 2006/08/03 03:34:42 |
version 1.8, 2013/07/20 01:55:13 |
|
|
#include "ssh-gss.h" |
#include "ssh-gss.h" |
|
|
#include <krb5.h> |
#include <krb5.h> |
|
#include <gssapi/gssapi_krb5.h> |
|
|
static krb5_context krb_context = NULL; |
static krb5_context krb_context = NULL; |
|
|
|
|
{ |
{ |
krb5_principal princ; |
krb5_principal princ; |
int retval; |
int retval; |
|
const char *errmsg; |
|
|
if (ssh_gssapi_krb5_init() == 0) |
if (ssh_gssapi_krb5_init() == 0) |
return 0; |
return 0; |
|
|
if ((retval = krb5_parse_name(krb_context, client->exportedname.value, |
if ((retval = krb5_parse_name(krb_context, client->exportedname.value, |
&princ))) { |
&princ))) { |
logit("krb5_parse_name(): %.100s", |
errmsg = krb5_get_error_message(krb_context, retval); |
krb5_get_err_text(krb_context, retval)); |
logit("krb5_parse_name(): %.100s", errmsg); |
|
krb5_free_error_message(krb_context, errmsg); |
return 0; |
return 0; |
} |
} |
if (krb5_kuserok(krb_context, princ, name)) { |
if (krb5_kuserok(krb_context, princ, name)) { |
|
|
krb5_error_code problem; |
krb5_error_code problem; |
krb5_principal princ; |
krb5_principal princ; |
OM_uint32 maj_status, min_status; |
OM_uint32 maj_status, min_status; |
|
const char *errmsg; |
|
|
if (client->creds == NULL) { |
if (client->creds == NULL) { |
debug("No credentials stored"); |
debug("No credentials stored"); |
|
|
if (ssh_gssapi_krb5_init() == 0) |
if (ssh_gssapi_krb5_init() == 0) |
return; |
return; |
|
|
if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) { |
if ((problem = krb5_cc_new_unique(krb_context, krb5_fcc_ops.prefix, |
logit("krb5_cc_gen_new(): %.100s", |
NULL, &ccache)) != 0) { |
krb5_get_err_text(krb_context, problem)); |
errmsg = krb5_get_error_message(krb_context, problem); |
|
logit("krb5_cc_new_unique(): %.100s", errmsg); |
|
krb5_free_error_message(krb_context, errmsg); |
return; |
return; |
} |
} |
|
|
if ((problem = krb5_parse_name(krb_context, |
if ((problem = krb5_parse_name(krb_context, |
client->exportedname.value, &princ))) { |
client->exportedname.value, &princ))) { |
logit("krb5_parse_name(): %.100s", |
errmsg = krb5_get_error_message(krb_context, problem); |
krb5_get_err_text(krb_context, problem)); |
logit("krb5_parse_name(): %.100s", errmsg); |
|
krb5_free_error_message(krb_context, errmsg); |
krb5_cc_destroy(krb_context, ccache); |
krb5_cc_destroy(krb_context, ccache); |
return; |
return; |
} |
} |
|
|
if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) { |
if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) { |
logit("krb5_cc_initialize(): %.100s", |
errmsg = krb5_get_error_message(krb_context, problem); |
krb5_get_err_text(krb_context, problem)); |
logit("krb5_cc_initialize(): %.100s", errmsg); |
|
krb5_free_error_message(krb_context, errmsg); |
krb5_free_principal(krb_context, princ); |
krb5_free_principal(krb_context, princ); |
krb5_cc_destroy(krb_context, ccache); |
krb5_cc_destroy(krb_context, ccache); |
return; |
return; |