[437] | 1 | diff -ur openssh-4.5p1.orig/gss-genr.c openssh-4.5p1/gss-genr.c |
---|
| 2 | --- openssh-4.5p1.orig/gss-genr.c 2006-08-29 21:08:04.000000000 -0400 |
---|
| 3 | +++ openssh-4.5p1/gss-genr.c 2007-09-10 16:19:50.000000000 -0400 |
---|
| 4 | @@ -235,22 +235,11 @@ |
---|
| 5 | ssh_gssapi_acquire_cred(Gssctxt *ctx) |
---|
| 6 | { |
---|
| 7 | OM_uint32 status; |
---|
| 8 | - char lname[MAXHOSTNAMELEN]; |
---|
| 9 | gss_OID_set oidset; |
---|
| 10 | |
---|
| 11 | gss_create_empty_oid_set(&status, &oidset); |
---|
| 12 | gss_add_oid_set_member(&status, ctx->oid, &oidset); |
---|
| 13 | |
---|
| 14 | - if (gethostname(lname, MAXHOSTNAMELEN)) { |
---|
| 15 | - gss_release_oid_set(&status, &oidset); |
---|
| 16 | - return (-1); |
---|
| 17 | - } |
---|
| 18 | - |
---|
| 19 | - if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) { |
---|
| 20 | - gss_release_oid_set(&status, &oidset); |
---|
| 21 | - return (ctx->major); |
---|
| 22 | - } |
---|
| 23 | - |
---|
| 24 | if ((ctx->major = gss_acquire_cred(&ctx->minor, |
---|
| 25 | ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL))) |
---|
| 26 | ssh_gssapi_error(ctx); |
---|
| 27 | diff -ur openssh-4.5p1.orig/gss-serv.c openssh-4.5p1/gss-serv.c |
---|
| 28 | --- openssh-4.5p1.orig/gss-serv.c 2006-09-01 01:38:36.000000000 -0400 |
---|
| 29 | +++ openssh-4.5p1/gss-serv.c 2007-09-10 16:19:50.000000000 -0400 |
---|
| 30 | @@ -102,6 +102,8 @@ |
---|
| 31 | { |
---|
| 32 | OM_uint32 status; |
---|
| 33 | gss_OID mech; |
---|
| 34 | + gss_name_t acceptor_name = GSS_C_NO_NAME; |
---|
| 35 | + gss_buffer_desc acceptor_name_buffer = GSS_C_EMPTY_BUFFER; |
---|
| 36 | |
---|
| 37 | ctx->major = gss_accept_sec_context(&ctx->minor, |
---|
| 38 | &ctx->context, ctx->creds, recv_tok, |
---|
| 39 | @@ -116,6 +118,22 @@ |
---|
| 40 | else |
---|
| 41 | debug("Got no client credentials"); |
---|
| 42 | |
---|
| 43 | + ctx->major = gss_inquire_context(&ctx->minor, ctx->context, NULL, &acceptor_name, NULL, NULL, NULL, NULL, NULL); |
---|
| 44 | + |
---|
| 45 | + if (GSS_ERROR(ctx->major)) { |
---|
| 46 | + ssh_gssapi_error(ctx); |
---|
| 47 | + } else { |
---|
| 48 | + ctx->major = gss_display_name(&ctx->minor, acceptor_name, &acceptor_name_buffer, NULL); |
---|
| 49 | + |
---|
| 50 | + if (GSS_ERROR(ctx->major)) { |
---|
| 51 | + ssh_gssapi_error(ctx); |
---|
| 52 | + } else if (acceptor_name_buffer.length < 5 || strncmp(acceptor_name_buffer.value, "host@", 5) != 0 && strncmp(acceptor_name_buffer.value, "host/", 5) != 0) { |
---|
| 53 | + debug("Accepting credential '%s' was not for the host service.", acceptor_name_buffer.value); |
---|
| 54 | + ctx->major = GSS_S_BAD_NAME; |
---|
| 55 | + } |
---|
| 56 | + } |
---|
| 57 | + gss_release_buffer(&status, &acceptor_name_buffer); |
---|
| 58 | + gss_release_name(&status, &acceptor_name); |
---|
| 59 | status = ctx->major; |
---|
| 60 | |
---|
| 61 | /* Now, if we're complete and we have the right flags, then |
---|