Commit 61b05cfd authored by Damien Miller's avatar Damien Miller

- (djm) OpenBSD CVS Sync

   - dugsong@cvs.openbsd.org 2001/11/11 18:47:10
     [auth-krb5.c]
     fix krb5 authorization check. found by <jhawk@MIT.EDU>. from
     art@, deraadt@ ok
parent e49d0966
......@@ -5,6 +5,11 @@
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
K.Wolkersdorfer@fz-juelich.de and others
- (djm) OpenBSD CVS Sync
- dugsong@cvs.openbsd.org 2001/11/11 18:47:10
[auth-krb5.c]
fix krb5 authorization check. found by <jhawk@MIT.EDU>. from
art@, deraadt@ ok
20011112
- (djm) Makefile correctness fix from Mark D. Baushke <mdb@juniper.net>
......@@ -6895,4 +6900,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1659 2001/11/13 12:46:18 djm Exp $
$Id: ChangeLog,v 1.1660 2001/11/13 13:02:10 djm Exp $
......@@ -2,7 +2,7 @@
* Kerberos v5 authentication and ticket-passing routines.
*
* $FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar Exp $
* $OpenBSD: auth-krb5.c,v 1.1 2001/06/26 16:15:23 dugsong Exp $
* $OpenBSD: auth-krb5.c,v 1.2 2001/11/12 01:47:09 dugsong Exp $
*/
#include "includes.h"
......@@ -52,8 +52,9 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
krb5_principal server;
krb5_data reply;
krb5_ticket *ticket;
int fd;
int fd, ret;
ret = 0;
server = NULL;
ticket = NULL;
reply.length = 0;
......@@ -107,7 +108,8 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
packet_put_string((char *) reply.data, reply.length);
packet_send();
packet_write_wait();
ret = 1;
err:
if (server)
krb5_free_principal(authctxt->krb5_ctx, server);
......@@ -116,12 +118,11 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
if (reply.length)
xfree(reply.data);
if (problem) {
if (problem)
debug("Kerberos v5 authentication failed: %s",
krb5_get_err_text(authctxt->krb5_ctx, problem));
return (0);
}
return (1);
return (ret);
}
int
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment