| version 1.158, 2003/06/02 09:17:34 |
version 1.159, 2003/07/22 13:35:22 |
|
|
| /* remove agent socket */ |
/* remove agent socket */ |
| if (auth_sock_name != NULL) |
if (auth_sock_name != NULL) |
| auth_sock_cleanup_proc(authctxt->pw); |
auth_sock_cleanup_proc(authctxt->pw); |
| #ifdef KRB4 |
|
| if (options.kerberos_ticket_cleanup) |
|
| krb4_cleanup_proc(authctxt); |
|
| #endif |
|
| #ifdef KRB5 |
#ifdef KRB5 |
| if (options.kerberos_ticket_cleanup) |
if (options.kerberos_ticket_cleanup) |
| krb5_cleanup_proc(authctxt); |
krb5_cleanup_proc(authctxt); |
|
|
| success = 1; |
success = 1; |
| break; |
break; |
| |
|
| #if defined(AFS) || defined(KRB5) |
#ifdef KRB5 |
| case SSH_CMSG_HAVE_KERBEROS_TGT: |
case SSH_CMSG_HAVE_KERBEROS_TGT: |
| if (!options.kerberos_tgt_passing) { |
if (!options.kerberos_tgt_passing) { |
| verbose("Kerberos TGT passing disabled."); |
verbose("Kerberos TGT passing disabled."); |
|
|
| char *kdata = packet_get_string(&dlen); |
char *kdata = packet_get_string(&dlen); |
| packet_check_eom(); |
packet_check_eom(); |
| |
|
| /* XXX - 0x41, see creds_to_radix version */ |
/* XXX - 0x41, used for AFS */ |
| if (kdata[0] != 0x41) { |
if (kdata[0] != 0x41) { |
| #ifdef KRB5 |
|
| krb5_data tgt; |
krb5_data tgt; |
| tgt.data = kdata; |
tgt.data = kdata; |
| tgt.length = dlen; |
tgt.length = dlen; |
|
|
| success = 1; |
success = 1; |
| else |
else |
| verbose("Kerberos v5 TGT refused for %.100s", s->authctxt->user); |
verbose("Kerberos v5 TGT refused for %.100s", s->authctxt->user); |
| #endif /* KRB5 */ |
|
| } else { |
|
| #ifdef AFS |
|
| if (auth_krb4_tgt(s->authctxt, kdata)) |
|
| success = 1; |
|
| else |
|
| verbose("Kerberos v4 TGT refused for %.100s", s->authctxt->user); |
|
| #endif /* AFS */ |
|
| } |
} |
| xfree(kdata); |
xfree(kdata); |
| } |
} |
| break; |
break; |
| #endif /* AFS || KRB5 */ |
#endif |
| |
|
| #ifdef AFS |
|
| case SSH_CMSG_HAVE_AFS_TOKEN: |
|
| if (!options.afs_token_passing || !k_hasafs()) { |
|
| verbose("AFS token passing disabled."); |
|
| } else { |
|
| /* Accept AFS token. */ |
|
| char *token = packet_get_string(&dlen); |
|
| packet_check_eom(); |
|
| |
|
| if (auth_afs_token(s->authctxt, token)) |
|
| success = 1; |
|
| else |
|
| verbose("AFS token refused for %.100s", |
|
| s->authctxt->user); |
|
| xfree(token); |
|
| } |
|
| break; |
|
| #endif /* AFS */ |
|
| |
|
| case SSH_CMSG_EXEC_SHELL: |
case SSH_CMSG_EXEC_SHELL: |
| case SSH_CMSG_EXEC_CMD: |
case SSH_CMSG_EXEC_CMD: |
| if (type == SSH_CMSG_EXEC_CMD) { |
if (type == SSH_CMSG_EXEC_CMD) { |
|
|
| if (original_command) |
if (original_command) |
| child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", |
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", |
| original_command); |
original_command); |
| #ifdef KRB4 |
|
| if (s->authctxt->krb4_ticket_file) |
|
| child_set_env(&env, &envsize, "KRBTKFILE", |
|
| s->authctxt->krb4_ticket_file); |
|
| #endif |
|
| #ifdef KRB5 |
#ifdef KRB5 |
| if (s->authctxt->krb5_ticket_file) |
if (s->authctxt->krb5_ticket_file) |
| child_set_env(&env, &envsize, "KRB5CCNAME", |
child_set_env(&env, &envsize, "KRB5CCNAME", |
|
|
| * /etc/ssh/sshrc and xauth are run in the proper environment. |
* /etc/ssh/sshrc and xauth are run in the proper environment. |
| */ |
*/ |
| environ = env; |
environ = env; |
| |
|
| #ifdef AFS |
|
| /* Try to get AFS tokens for the local cell. */ |
|
| if (k_hasafs()) { |
|
| char cell[64]; |
|
| |
|
| if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) |
|
| krb_afslog(cell, 0); |
|
| |
|
| krb_afslog(0, 0); |
|
| } |
|
| #endif /* AFS */ |
|
| |
|
| /* Change current directory to the user\'s home directory. */ |
/* Change current directory to the user\'s home directory. */ |
| if (chdir(pw->pw_dir) < 0) { |
if (chdir(pw->pw_dir) < 0) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to session.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh