version 1.183, 2018/07/09 21:53:45 |
version 1.184, 2018/07/10 09:13:30 |
|
|
gss_OID_desc goid; |
gss_OID_desc goid; |
OM_uint32 major; |
OM_uint32 major; |
size_t len; |
size_t len; |
|
u_char *p; |
int r; |
int r; |
|
|
if (!options.gss_authentication) |
if (!options.gss_authentication) |
fatal("%s: GSSAPI authentication not enabled", __func__); |
fatal("%s: GSSAPI authentication not enabled", __func__); |
|
|
if ((r = sshbuf_get_string(m, &goid.elements, &len)) != 0) |
if ((r = sshbuf_get_string(m, &p, &len)) != 0) |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
|
goid.elements = p; |
goid.length = len; |
goid.length = len; |
|
|
major = ssh_gssapi_server_ctx(&gsscontext, &goid); |
major = ssh_gssapi_server_ctx(&gsscontext, &goid); |
|
|
if (!options.gss_authentication) |
if (!options.gss_authentication) |
fatal("%s: GSSAPI authentication not enabled", __func__); |
fatal("%s: GSSAPI authentication not enabled", __func__); |
|
|
if ((r = sshbuf_get_string(m, &in.value, &in.length)) != 0) |
if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); |
major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); |
free(in.value); |
free(in.value); |
|
|
{ |
{ |
gss_buffer_desc gssbuf, mic; |
gss_buffer_desc gssbuf, mic; |
OM_uint32 ret; |
OM_uint32 ret; |
|
int r; |
|
|
if (!options.gss_authentication) |
if (!options.gss_authentication) |
fatal("%s: GSSAPI authentication not enabled", __func__); |
fatal("%s: GSSAPI authentication not enabled", __func__); |
|
|
if ((r = sshbuf_get_string(m, &gssbuf.value, &gssbuf.length)) != 0 || |
if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || |
(r = sshbuf_get_string(m, &mic.value, &mic.length)) != 0) |
(r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
|
|
ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); |
ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); |
|
|
int |
int |
mm_answer_gss_userok(int sock, struct sshbuf *m) |
mm_answer_gss_userok(int sock, struct sshbuf *m) |
{ |
{ |
int authenticated; |
int r, authenticated; |
const char *displayname; |
const char *displayname; |
|
|
if (!options.gss_authentication) |
if (!options.gss_authentication) |