===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshconnect2.c,v
retrieving revision 1.146.2.1
retrieving revision 1.147
diff -u -r1.146.2.1 -r1.147
--- src/usr.bin/ssh/sshconnect2.c	2006/09/30 04:06:51	1.146.2.1
+++ src/usr.bin/ssh/sshconnect2.c	2006/03/07 09:07:40	1.147
@@ -1,4 +1,3 @@
-/* $OpenBSD: sshconnect2.c,v 1.146.2.1 2006/09/30 04:06:51 brad Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -23,27 +22,22 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include "includes.h"
+RCSID("$OpenBSD: sshconnect2.c,v 1.147 2006/03/07 09:07:40 djm Exp $");
+
 #include <sys/types.h>
-#include <sys/socket.h>
 #include <sys/wait.h>
 #include <sys/queue.h>
 #include <sys/stat.h>
 
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-#include <pwd.h>
-#include <unistd.h>
-
-#include "xmalloc.h"
 #include "ssh.h"
 #include "ssh2.h"
+#include "xmalloc.h"
 #include "buffer.h"
 #include "packet.h"
 #include "compat.h"
+#include "bufaux.h"
 #include "cipher.h"
-#include "key.h"
 #include "kex.h"
 #include "myproposal.h"
 #include "sshconnect.h"
@@ -58,7 +52,6 @@
 #include "canohost.h"
 #include "msg.h"
 #include "pathnames.h"
-#include "uidswap.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
@@ -374,7 +367,7 @@
 	debug3("input_userauth_banner");
 	msg = packet_get_string(NULL);
 	lang = packet_get_string(NULL);
-	if (options.log_level >= SYSLOG_LEVEL_INFO)
+	if (options.log_level > SYSLOG_LEVEL_QUIET)
 		fprintf(stderr, "%s", msg);
 	xfree(msg);
 	xfree(lang);
@@ -505,10 +498,15 @@
 
 	/* Check to see if the mechanism is usable before we offer it */
 	while (mech < gss_supported->count && !ok) {
+		if (gssctxt)
+			ssh_gssapi_delete_ctx(&gssctxt);
+		ssh_gssapi_build_ctx(&gssctxt);
+		ssh_gssapi_set_oid(gssctxt, &gss_supported->elements[mech]);
+
 		/* My DER encoding requires length<128 */
 		if (gss_supported->elements[mech].length < 128 &&
-		    ssh_gssapi_check_mechanism(&gssctxt, 
-		    &gss_supported->elements[mech], authctxt->host)) {
+		    !GSS_ERROR(ssh_gssapi_import_name(gssctxt,
+		    authctxt->host))) {
 			ok = 1; /* Mechanism works */
 		} else {
 			mech++;
@@ -762,7 +760,7 @@
  * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST
  */
 void
-input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
+input_userauth_passwd_changereq(int type, uint32_t seqnr, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	char *info, *lang, *password = NULL, *retype = NULL;
@@ -969,16 +967,14 @@
 {
 	Key *private;
 	char prompt[300], *passphrase;
-	int perm_ok, quit, i;
+	int quit, i;
 	struct stat st;
 
 	if (stat(filename, &st) < 0) {
 		debug3("no such identity: %s", filename);
 		return NULL;
 	}
-	private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok);
-	if (!perm_ok)
-		return NULL;
+	private = key_load_private_type(KEY_UNSPEC, filename, "", NULL);
 	if (private == NULL) {
 		if (options.batch_mode)
 			return NULL;
@@ -987,8 +983,8 @@
 		for (i = 0; i < options.number_of_password_prompts; i++) {
 			passphrase = read_passphrase(prompt, 0);
 			if (strcmp(passphrase, "") != 0) {
-				private = key_load_private_type(KEY_UNSPEC,
-				    filename, passphrase, NULL, NULL);
+				private = key_load_private_type(KEY_UNSPEC, filename,
+				    passphrase, NULL);
 				quit = 0;
 			} else {
 				debug2("no passphrase given, try next key");
@@ -1031,7 +1027,8 @@
 		if (key && key->type == KEY_RSA1)
 			continue;
 		options.identity_keys[i] = NULL;
-		id = xcalloc(1, sizeof(*id));
+		id = xmalloc(sizeof(*id));
+		memset(id, 0, sizeof(*id));
 		id->key = key;
 		id->filename = xstrdup(options.identity_files[i]);
 		TAILQ_INSERT_TAIL(&files, id, next);
@@ -1055,7 +1052,8 @@
 				}
 			}
 			if (!found && !options.identities_only) {
-				id = xcalloc(1, sizeof(*id));
+				id = xmalloc(sizeof(*id));
+				memset(id, 0, sizeof(*id));
 				id->key = key;
 				id->filename = comment;
 				id->ac = ac;
@@ -1251,7 +1249,8 @@
 		return -1;
 	}
 	if (pid == 0) {
-		permanently_drop_suid(getuid());
+		seteuid(getuid());
+		setuid(getuid());
 		close(from[0]);
 		if (dup2(from[1], STDOUT_FILENO) < 0)
 			fatal("ssh_keysign: dup2: %s", strerror(errno));
@@ -1331,11 +1330,12 @@
 	if (p == NULL) {
 		error("userauth_hostbased: cannot get local ipaddr/name");
 		key_free(private);
-		xfree(blob);
 		return 0;
 	}
 	len = strlen(p) + 2;
-	xasprintf(&chost, "%s.", p);
+	chost = xmalloc(len);
+	strlcpy(chost, p, len);
+	strlcat(chost, ".", len);
 	debug2("userauth_hostbased: chost %s", chost);
 	xfree(p);
 
@@ -1368,7 +1368,6 @@
 		error("key_sign failed");
 		xfree(chost);
 		xfree(pkalg);
-		xfree(blob);
 		return 0;
 	}
 	packet_start(SSH2_MSG_USERAUTH_REQUEST);
@@ -1384,7 +1383,6 @@
 	xfree(signature);
 	xfree(chost);
 	xfree(pkalg);
-	xfree(blob);
 
 	packet_send();
 	return 1;