===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/session.c,v
retrieving revision 1.160
retrieving revision 1.161
diff -u -r1.160 -r1.161
--- src/usr.bin/ssh/session.c	2003/08/13 08:33:02	1.160
+++ src/usr.bin/ssh/session.c	2003/08/22 10:56:09	1.161
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.160 2003/08/13 08:33:02 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.161 2003/08/22 10:56:09 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -58,6 +58,10 @@
 #include "session.h"
 #include "monitor_wrap.h"
 
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
+
 /* func */
 
 Session *session_new(void);
@@ -409,6 +413,12 @@
 
 	session_proctitle(s);
 
+#ifdef GSSAPI
+	temporarily_use_uid(s->pw);
+	ssh_gssapi_storecreds();
+	restore_uid();
+#endif
+
 	/* Fork the child. */
 	if ((pid = fork()) == 0) {
 		fatal_remove_all_cleanups();
@@ -517,6 +527,12 @@
 	ptyfd = s->ptyfd;
 	ttyfd = s->ttyfd;
 
+#ifdef GSSAPI
+	temporarily_use_uid(s->pw);
+	ssh_gssapi_storecreds();
+	restore_uid();
+#endif
+
 	/* Fork the child. */
 	if ((pid = fork()) == 0) {
 		fatal_remove_all_cleanups();
@@ -703,7 +719,7 @@
  * Sets the value of the given variable in the environment.  If the variable
  * already exists, its value is overriden.
  */
-static void
+void
 child_set_env(char ***envp, u_int *envsizep, const char *name,
 	const char *value)
 {
@@ -799,6 +815,13 @@
 	env = xmalloc(envsize * sizeof(char *));
 	env[0] = NULL;
 
+#ifdef GSSAPI
+	/* Allow any GSSAPI methods that we've used to alter 
+	 * the childs environment as they see fit
+	 */
+	ssh_gssapi_do_child(&env, &envsize);
+#endif
+
 	if (!options.use_login) {
 		/* Set basic environment. */
 		child_set_env(&env, &envsize, "USER", pw->pw_name);
@@ -1826,4 +1849,8 @@
 do_authenticated2(Authctxt *authctxt)
 {
 	server_loop2(authctxt);
+#if defined(GSSAPI)
+	if (options.gss_cleanup_creds)
+		ssh_gssapi_cleanup_creds(NULL);
+#endif
 }