diff options
author | Darren Tucker <dtucker@zip.com.au> | 2003-08-26 11:58:16 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2003-08-26 11:58:16 +1000 |
commit | 49aaf4ad522c6b599ec13f75f8a6b7eab6942143 (patch) | |
tree | ccf3984a52b32d59e3900ae8518a796df2860b58 /gss-serv-krb5.c | |
parent | 0efd155c3c184f0eaa2e1eb244eaaf066e6906e0 (diff) |
- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
Diffstat (limited to 'gss-serv-krb5.c')
-rw-r--r-- | gss-serv-krb5.c | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index d8687225..f48e0991 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -38,7 +38,11 @@ extern ServerOptions options; +#ifdef HEIMDAL #include <krb5.h> +#else +#include <gssapi_krb5.h> +#endif static krb5_context krb_context = NULL; @@ -113,11 +117,39 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) if (ssh_gssapi_krb5_init() == 0) return; +#ifdef HEIMDAL if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) { logit("krb5_cc_gen_new(): %.100s", krb5_get_err_text(krb_context, problem)); return; } +#else + { + int tmpfd; + char ccname[40]; + + snprintf(ccname, sizeof(ccname), + "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); + + if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) { + logit("mkstemp(): %.100s", strerror(errno)); + problem = errno; + return; + } + if (fchmod(tmpfd, S_IRUSR | S_IWUSR) == -1) { + logit("fchmod(): %.100s", strerror(errno)); + close(tmpfd); + problem = errno; + return; + } + close(tmpfd); + if ((problem = krb5_cc_resolve(krb_context, ccname, &ccache))) { + logit("krb5_cc_resolve(): %.100s", + krb5_get_err_text(krb_context, problem)); + return; + } + } +#endif /* #ifdef HEIMDAL */ if ((problem = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { @@ -148,6 +180,11 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) client->store.envvar = "KRB5CCNAME"; client->store.envval = xstrdup(client->store.filename); +#ifdef USE_PAM + if (options.use_pam) + do_pam_putenv(client->store.envvar,client->store.envval); +#endif + krb5_cc_close(krb_context, ccache); return; |