source:
trunk/server/common/patches/openssh-5.0p1-multihomed.patch
@
1681
Last change on this file since 1681 was 760, checked in by presbrey, 17 years ago | |
---|---|
File size: 2.0 KB |
-
openssh-5.0p1
# OpenSSH multihomed patch # # Anders Kaseorg <andersk@mit.edu> # ported from 4.5 to 5.0 by Joe Presbrey <presbrey@mit.edu> diff -ur openssh-5.0p1.orig/gss-serv.c openssh-5.0p1/gss-serv.c
old new 77 77 ssh_gssapi_acquire_cred(Gssctxt *ctx) 78 78 { 79 79 OM_uint32 status; 80 char lname[MAXHOSTNAMELEN];81 80 gss_OID_set oidset; 82 81 83 82 gss_create_empty_oid_set(&status, &oidset); 84 83 gss_add_oid_set_member(&status, ctx->oid, &oidset); 85 84 86 if (gethostname(lname, MAXHOSTNAMELEN)) {87 gss_release_oid_set(&status, &oidset);88 return (-1);89 }90 91 if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {92 gss_release_oid_set(&status, &oidset);93 return (ctx->major);94 }95 96 85 if ((ctx->major = gss_acquire_cred(&ctx->minor, 97 86 ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL))) 98 87 ssh_gssapi_error(ctx); … … 102 102 { 103 103 OM_uint32 status; 104 104 gss_OID mech; 105 gss_name_t acceptor_name = GSS_C_NO_NAME; 106 gss_buffer_desc acceptor_name_buffer = GSS_C_EMPTY_BUFFER; 105 107 106 108 ctx->major = gss_accept_sec_context(&ctx->minor, 107 109 &ctx->context, ctx->creds, recv_tok, … … 116 118 else 117 119 debug("Got no client credentials"); 118 120 121 ctx->major = gss_inquire_context(&ctx->minor, ctx->context, NULL, &acceptor_name, NULL, NULL, NULL, NULL, NULL); 122 123 if (GSS_ERROR(ctx->major)) { 124 ssh_gssapi_error(ctx); 125 } else { 126 ctx->major = gss_display_name(&ctx->minor, acceptor_name, &acceptor_name_buffer, NULL); 127 128 if (GSS_ERROR(ctx->major)) { 129 ssh_gssapi_error(ctx); 130 } else if (acceptor_name_buffer.length < 5 || strncmp(acceptor_name_buffer.value, "host@", 5) != 0 && strncmp(acceptor_name_buffer.value, "host/", 5) != 0) { 131 debug("Accepting credential '%s' was not for the host service.", acceptor_name_buffer.value); 132 ctx->major = GSS_S_BAD_NAME; 133 } 134 } 135 gss_release_buffer(&status, &acceptor_name_buffer); 136 gss_release_name(&status, &acceptor_name); 119 137 status = ctx->major; 120 138 121 139 /* Now, if we're complete and we have the right flags, then
Note: See TracBrowser
for help on using the repository browser.