version 1.5.4.1, 2005/09/02 03:45:00 |
version 1.6, 2005/06/17 02:44:32 |
|
|
*/ |
*/ |
if (tok[4] != 0x06 || tok[5] != oidl || |
if (tok[4] != 0x06 || tok[5] != oidl || |
ename->length < oidl+6 || |
ename->length < oidl+6 || |
!ssh_gssapi_check_oid(ctx,tok+6,oidl)) |
!ssh_gssapi_check_oid(ctx,tok+6,oidl)) |
return GSS_S_FAILURE; |
return GSS_S_FAILURE; |
|
|
offset = oidl+6; |
offset = oidl+6; |
|
|
debug("Setting %s to %s", gssapi_client.store.envvar, |
debug("Setting %s to %s", gssapi_client.store.envvar, |
gssapi_client.store.envval); |
gssapi_client.store.envval); |
child_set_env(envp, envsizep, gssapi_client.store.envvar, |
child_set_env(envp, envsizep, gssapi_client.store.envvar, |
gssapi_client.store.envval); |
gssapi_client.store.envval); |
} |
} |
} |
} |
|
|
|
|
int |
int |
ssh_gssapi_userok(char *user) |
ssh_gssapi_userok(char *user) |
{ |
{ |
OM_uint32 lmin; |
|
|
|
if (gssapi_client.exportedname.length == 0 || |
if (gssapi_client.exportedname.length == 0 || |
gssapi_client.exportedname.value == NULL) { |
gssapi_client.exportedname.value == NULL) { |
debug("No suitable client data"); |
debug("No suitable client data"); |
return 0; |
return 0; |
} |
} |
if (gssapi_client.mech && gssapi_client.mech->userok) |
if (gssapi_client.mech && gssapi_client.mech->userok) |
if ((*gssapi_client.mech->userok)(&gssapi_client, user)) |
return ((*gssapi_client.mech->userok)(&gssapi_client, user)); |
return 1; |
|
else { |
|
/* Destroy delegated credentials if userok fails */ |
|
gss_release_buffer(&lmin, &gssapi_client.displayname); |
|
gss_release_buffer(&lmin, &gssapi_client.exportedname); |
|
gss_release_cred(&lmin, &gssapi_client.creds); |
|
memset(&gssapi_client, 0, sizeof(ssh_gssapi_client)); |
|
return 0; |
|
} |
|
else |
else |
debug("ssh_gssapi_userok: Unknown GSSAPI mechanism"); |
debug("ssh_gssapi_userok: Unknown GSSAPI mechanism"); |
return (0); |
return (0); |