Attachment #1174 for bug #1218




/* $OpenBSD: gss-genr.c,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */

/*
 * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions

	ssh_gssapi_build_ctx(ctx);
	ssh_gssapi_set_oid(*ctx, oid);
	return (ssh_gssapi_acquire_cred(*ctx));
}

int
ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, char *host)
{
	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
	OM_uint32 major, minor;
	gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};

	/* RFC 4462 says we MUST NOT do SPNEGO */
	if (oid->length == spnego_oid.length && 
	    (memcmp(oid->elements, spnego_oid.elements, oid->length) == 0))
		return -1;

	ssh_gssapi_build_ctx(ctx);
	ssh_gssapi_set_oid(*ctx, oid);
	major = ssh_gssapi_import_name(*ctx, host);
	if (!GSS_ERROR(major)) {
		major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, 
		    NULL);
		gss_release_buffer(&minor, &token);
		gss_delete_sec_context(&minor, &(*ctx)->context, 
		    GSS_C_NO_BUFFER);
	}

	if (GSS_ERROR(major)) 
		ssh_gssapi_delete_ctx(ctx);

	return (!GSS_ERROR(major));
}

#endif /* GSSAPI */

Lines 118-123 Link Here

(-)ssh-gss.h (+1 lines)
118	OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);	118	OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
119	OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);	119	OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
120	void ssh_gssapi_buildmic(Buffer , const char , const char , const char );	120	void ssh_gssapi_buildmic(Buffer , const char , const char , const char );
		121	int ssh_gssapi_check_mechanism(Gssctxt *, gss_OID, char );
121		122
122	/* In the server */	123	/* In the server */
123	int ssh_gssapi_userok(char *name);	124	int ssh_gssapi_userok(char *name);





	/* Check to see if the mechanism is usable before we offer it */
	while (mech < gss_supported->count && !ok) {
		if (gssctxt)
			ssh_gssapi_delete_ctx(&gssctxt);
		ssh_gssapi_build_ctx(&gssctxt);
		ssh_gssapi_set_oid(gssctxt, &gss_supported->elements[mech]);

		/* My DER encoding requires length<128 */
		if (gss_supported->elements[mech].length < 128 &&
		    ssh_gssapi_check_mechanism(&gssctxt, 
		    &gss_supported->elements[mech], authctxt->host)) {
			ok = 1; /* Mechanism works */
		} else {
			mech++;
		}
	}

	if (!ok)
		ssh_gssapi_delete_ctx(&gssctxt);
		return 0;
	}

	authctxt->methoddata=(void *)gssctxt;


Return to bug 1218

Lines 1-7 Link Here

(-)gss-genr.c (-1 / +30 lines)
1	/* $OpenBSD: gss-genr.c,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */	1	/* $OpenBSD: gss-genr.c,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.	4	* Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
5	*	5	*
6	* Redistribution and use in source and binary forms, with or without	6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions	7	* modification, are permitted provided that the following conditions
Lines 289-294 Link Here
289	ssh_gssapi_build_ctx(ctx);	289	ssh_gssapi_build_ctx(ctx);
290	ssh_gssapi_set_oid(*ctx, oid);	290	ssh_gssapi_set_oid(*ctx, oid);
291	return (ssh_gssapi_acquire_cred(*ctx));	291	return (ssh_gssapi_acquire_cred(*ctx));
		292	}
		293
		294	int
		295	ssh_gssapi_check_mechanism(Gssctxt *ctx, gss_OID oid, char host)
		296	{
		297	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
		298	OM_uint32 major, minor;
		299	gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
		300
		301	/* RFC 4462 says we MUST NOT do SPNEGO */
		302	if (oid->length == spnego_oid.length &&
		303	(memcmp(oid->elements, spnego_oid.elements, oid->length) == 0))
		304	return -1;
		305
		306	ssh_gssapi_build_ctx(ctx);
		307	ssh_gssapi_set_oid(*ctx, oid);
		308	major = ssh_gssapi_import_name(*ctx, host);
		309	if (!GSS_ERROR(major)) {
		310	major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token,
		311	NULL);
		312	gss_release_buffer(&minor, &token);
		313	gss_delete_sec_context(&minor, &(*ctx)->context,
		314	GSS_C_NO_BUFFER);
		315	}
		316
		317	if (GSS_ERROR(major))
		318	ssh_gssapi_delete_ctx(ctx);
		319
		320	return (!GSS_ERROR(major));
292	}	321	}
293		322
294	#endif /* GSSAPI */	323	#endif /* GSSAPI */

Lines 508-532 Link Here

(-)sshconnect2.c (-10 / +3 lines)
508		508
509	/* Check to see if the mechanism is usable before we offer it */	509	/* Check to see if the mechanism is usable before we offer it */
510	while (mech < gss_supported->count && !ok) {	510	while (mech < gss_supported->count && !ok) {
511	if (gssctxt)
512	ssh_gssapi_delete_ctx(&gssctxt);
513	ssh_gssapi_build_ctx(&gssctxt);
514	ssh_gssapi_set_oid(gssctxt, &gss_supported->elements[mech]);
515
516	/* My DER encoding requires length<128 */	511	/* My DER encoding requires length<128 */
517	if (gss_supported->elements[mech].length < 128 &&	512	if (gss_supported->elements[mech].length < 128 &&
518	!GSS_ERROR(ssh_gssapi_import_name(gssctxt,	513	ssh_gssapi_check_mechanism(&gssctxt,
519	authctxt->host))) {	514	&gss_supported->elements[mech], authctxt->host)) {
520	ok = 1; /* Mechanism works */	515	ok = 1; /* Mechanism works */
521	} else {	516	} else {
522	mech++;	517	mech++;
523	}	518	}
524	}	519	}
525		520
526	if (!ok) {	521	if (!ok)
527	ssh_gssapi_delete_ctx(&gssctxt);
528	return 0;	522	return 0;
529	}
530		523
531	authctxt->methoddata=(void *)gssctxt;	524	authctxt->methoddata=(void *)gssctxt;
532		525