Attachment #128 for bug #324




/*
 * Try krb5 authentication. server_user is passed for logging purposes
 * only, in auth is received ticket, in client is returned principal
 * from the ticket, put things to send back in reply.
 */
int
auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
{
	krb5_error_code problem;
	krb5_principal server;
	krb5_data reply;
	krb5_ticket *ticket;
	int fd, ret;

	ret = 0;
	server = NULL;
	ticket = NULL;
	reply.length = 0;

	problem = krb5_init(authctxt);
	if (problem)


	/* if client wants mutual auth */
	problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
	    reply);
	if (problem)
		goto err;


		krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,
		    client);

	/* sending reply in caller */
	packet_put_string((char *) reply.data, reply.length);
	packet_send();
	packet_write_wait();

	ret = 1;
 err:

		krb5_free_principal(authctxt->krb5_ctx, server);
	if (ticket)
		krb5_free_ticket(authctxt->krb5_ctx, ticket);
	if (reply.length)
		xfree(reply.data);

	if (problem) {
		if (authctxt->krb5_ctx != NULL)

Lines 398-406 Link Here

(-)openssh-3.4p1/sshconnect1.c (-2 / +3 lines)
398	struct stat st;	398	struct stat st;
399		399
400	/* Don't do anything if we don't have any tickets. */	400	/* Don't do anything if we don't have any tickets. */
401	if (stat(tkt_string(), &st) < 0)	401	if (stat(tkt_string(), &st) < 0) {
		402	debug("Kerberos v4: no ticket file %s",tkt_string());
402	return 0;	403	return 0;
403		404	}
404	strlcpy(inst, (char *)krb_get_phost(get_canonical_hostname(1)),	405	strlcpy(inst, (char *)krb_get_phost(get_canonical_hostname(1)),
405	INST_SZ);	406	INST_SZ);
406		407




				if (kdata[0] == 4) { /* KRB_PROT_VERSION */
#ifdef KRB4
					KTEXT_ST tkt;
					KTEXT_ST reply;
					tkt.length = dlen;
					if (tkt.length < MAX_KTXT_LEN)
						memcpy(tkt.dat, kdata, tkt.length);

					if (PRIVSEP(auth_krb4(authctxt, &tkt, &client_user, &reply))) {
						authenticated = 1;

						packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
						packet_put_string((char *) reply.dat, reply.length);
						packet_send();
						packet_write_wait();

						snprintf(info, sizeof(info),
						    " tktuser %.100s",
						    client_user);

#endif /* KRB4 */
				} else {
#ifdef KRB5
				  	krb5_data tkt, reply;
					tkt.length = dlen;
					tkt.data = kdata;
					reply.length = 0;

					if (PRIVSEP(auth_krb5(authctxt, &tkt, &client_user, &reply))) {
						authenticated = 1;

						packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
						packet_put_string((char *) reply.data, reply.length);
						packet_send();
						packet_write_wait();
						snprintf(info, sizeof(info),
						    " tktuser %.100s",
						    client_user);
					}
					if (reply.length)
				        	xfree(reply.data);

#endif /* KRB5 */
				}
				xfree(kdata);




}

int
auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply)
{
	AUTH_DAT adat = {0};
	KTEXT_ST reply;
	Key_schedule schedule;
	struct sockaddr_in local, foreign;
	char instance[INST_SZ];


	/* If we can't successfully encrypt the checksum, we send back an
	   empty message, admitting our failure. */
	if ((r = krb_mk_priv((u_char *) & cksum, reply->dat, sizeof(cksum) + 1,
	    schedule, &adat.session, &local, &foreign)) < 0) {
		debug("Kerberos v4 mk_priv: (%d) %s", r, krb_err_txt[r]);
		reply->dat[0] = 0;
		reply->length = 0;
	} else
		reply->length = r;

	/* Clear session key. */
	memset(&adat.session, 0, sizeof(&adat.session));

	packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
	packet_put_string((char *) reply.dat, reply.length);
	packet_send();
	packet_write_wait();
	return (1);
}
#endif /* KRB4 */

Lines 33-38 Link Here

(-)openssh-3.4p1/monitor.h (+6 lines)
33	MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,	33	MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,
34	MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,	34	MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,
35	MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,	35	MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,
		36	#ifdef KRB4
		37	MONITOR_REQ_AUTHKRB4, MONITOR_ANS_AUTHKRB4,
		38	#endif
		39	#ifdef KRB5
		40	MONITOR_REQ_AUTHKRB5, MONITOR_ANS_AUTHKRB5,
		41	#endif
36	MONITOR_REQ_AUTH2_READ_BANNER, MONITOR_ANS_AUTH2_READ_BANNER,	42	MONITOR_REQ_AUTH2_READ_BANNER, MONITOR_ANS_AUTH2_READ_BANNER,
37	MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,	43	MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,
38	MONITOR_REQ_BSDAUTHQUERY, MONITOR_ANS_BSDAUTHQUERY,	44	MONITOR_REQ_BSDAUTHQUERY, MONITOR_ANS_BSDAUTHQUERY,




	return (authenticated);
}

/* do Kerberos4 .klogin authentication */
#ifdef KRB4
int
mm_auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply)
{
 	Buffer m;
	int rlen;
	int authenticated = 0;
	char* reply_tmp;

	debug3("%s entering", __func__);

	buffer_init(&m);
	buffer_put_string(&m, auth->dat, auth->length);
	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHKRB4, &m);

	debug3("%s: waiting for MONITOR_ANS_AUTHKRB4", __func__);
	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHKRB4, &m);

	authenticated = buffer_get_int(&m);
	if(authenticated) {
		*client = buffer_get_string(&m, NULL);
		reply_tmp =  buffer_get_string(&m, &rlen);
		/* have to get the string back into the fixed char field */
		if(rlen >= MAX_KTXT_LEN)
		 fatal("%s: received too large KRB4 reply from monitor", __func__);
		memcpy(reply->dat, reply_tmp, rlen);
		reply->length = rlen;
		memset(reply_tmp,0, rlen);
		xfree(reply_tmp);
	}
	buffer_free(&m);

	debug3("%s: user %s %sauthenticated",
	    __func__, *client, authenticated ? "" : "not ");
	return (authenticated); 
}
#endif /* KRB4 */

/* do Kerberos5 .klogin authentication */
#ifdef KRB5
int
mm_auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
{
 	Buffer m;
	int authenticated = 0;

	debug3("%s entering", __func__);

	buffer_init(&m);
	buffer_put_string(&m, auth->data, auth->length);
	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHKRB5, &m);

	debug3("%s: waiting for MONITOR_ANS_AUTHKRB5", __func__);
	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHKRB5, &m);

	authenticated = buffer_get_int(&m);
	if(authenticated) {
		*client = buffer_get_string(&m, NULL);
		reply->data =  buffer_get_string(&m, &(reply->length));
	}
	buffer_free(&m);

	debug3("%s: user %s %sauthenticated",
	    __func__, *client, authenticated ? "" : "not ");
	return (authenticated); 
}
#endif /* KRB5 */

int
mm_user_key_allowed(struct passwd *pw, Key *key)
{





#ifdef KRB4
#include <krb.h>
int     auth_krb4(Authctxt *, KTEXT, char **, KTEXT);
int	auth_krb4_password(Authctxt *, const char *);
void    krb4_cleanup_proc(void *);

#ifdef AFS
#include <kafs.h>
int     auth_krb4_tgt(Authctxt *, const char *);
int     auth_afs_token(Authctxt *, const char *);
#endif /* AFS */

#endif /* KRB4 */

#ifdef KRB5
int	auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply);
int	auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt);
int	auth_krb5_password(Authctxt *authctxt, const char *password);
void	krb5_cleanup_proc(void *authctxt);

Lines 101-106 Link Here

(-)openssh-3.4p1/monitor.c (+93 lines)
101	int mm_answer_auth2_read_banner(int, Buffer *);	101	int mm_answer_auth2_read_banner(int, Buffer *);
102	int mm_answer_authserv(int, Buffer *);	102	int mm_answer_authserv(int, Buffer *);
103	int mm_answer_authpassword(int, Buffer *);	103	int mm_answer_authpassword(int, Buffer *);
		104	#ifdef KRB4
		105	int mm_answer_authkrb4(int, Buffer *);
		106	#endif
		107	#ifdef KRB5
		108	int mm_answer_authkrb5(int, Buffer *);
		109	#endif
104	int mm_answer_bsdauthquery(int, Buffer *);	110	int mm_answer_bsdauthquery(int, Buffer *);
105	int mm_answer_bsdauthrespond(int, Buffer *);	111	int mm_answer_bsdauthrespond(int, Buffer *);
106	int mm_answer_skeyquery(int, Buffer *);	112	int mm_answer_skeyquery(int, Buffer *);
Lines 188-193 Link Here
188	{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},	199	{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
189	{MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge},	200	{MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge},
190	{MONITOR_REQ_RSARESPONSE, MON_ONCE\|MON_AUTHDECIDE, mm_answer_rsa_response},	201	{MONITOR_REQ_RSARESPONSE, MON_ONCE\|MON_AUTHDECIDE, mm_answer_rsa_response},
		202	#ifdef KRB4
		203	{MONITOR_REQ_AUTHKRB4, MON_AUTH, mm_answer_authkrb4},
		204	#endif
		205	#ifdef KRB5
		206	{MONITOR_REQ_AUTHKRB5, MON_AUTH, mm_answer_authkrb5},
		207	#endif
191	#ifdef BSD_AUTH	208	#ifdef BSD_AUTH
192	{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},	209	{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
193	{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond},	210	{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond},
Lines 719-724 Link Here
719	}	746	}
720	#endif	747	#endif
721		748
		749	#ifdef KRB4
		750	int
		751	mm_answer_authkrb4(int socket, Buffer *m)
		752	{
		753	KTEXT_ST auth;
		754	KTEXT_ST reply;
		755	char localuser, auth_tmp;
		756	int authenticated, authlen;
		757
		758	auth_tmp = buffer_get_string(m, &authlen);
		759	if (authlen >= MAX_KTXT_LEN)
		760	fatal("%s: received too large KRB4 auth from privsep", __func__);
		761	memcpy(auth.dat, auth_tmp, authlen);
		762	auth.length = authlen;
		763	memset(auth_tmp,0, authlen);
		764	xfree(auth_tmp);
		765	/* Only authenticate if the context is valid */
		766	authenticated = options.kerberos_authentication &&
		767	authctxt->valid &&
		768	auth_krb4(authctxt, &auth, &localuser, &reply);
		769
		770	memset(auth.dat, 0, authlen);
		771
		772	buffer_clear(m);
		773	buffer_put_int(m, authenticated);
		774	if(authenticated) {
		775	buffer_put_cstring(m, localuser);
		776	buffer_put_string(m, reply.dat, reply.length);
		777	}
		778
		779	memset(reply.dat, 0, reply.length);
		780
		781	debug3("%s: sending result %d", __func__, authenticated);
		782	mm_request_send(socket, MONITOR_ANS_AUTHKRB4, m);
		783
		784	auth_method = "KRB4.klogin";
		785
		786	/* Causes monitor loop to terminate if authenticated */
		787	return (authenticated);
		788	}
		789	#endif /* KRB4 */
		790
		791	#ifdef KRB5
		792	int
		793	mm_answer_authkrb5(int socket, Buffer *m)
		794	{
		795	krb5_data auth;
		796	krb5_data reply;
		797	char *localuser;
		798	int authenticated;
		799
		800	auth.data = buffer_get_string(m, &auth.length);
		801
		802	/* Only authenticate if the context is valid */
		803	authenticated = options.kerberos_authentication &&
		804	authctxt->valid &&
		805	auth_krb5(authctxt, &auth, &localuser, &reply);
		806
		807	memset(auth.data, 0, auth.length);
		808	xfree(auth.data);
		809
		810	buffer_clear(m);
		811	buffer_put_int(m, authenticated);
		812	if(authenticated) {
813	buffer_put_cstring(m, localuser);
814	buffer_put_string(m, reply.data, reply.length);
815	}
816
817	memset(reply.data, 0, reply.length);
818	xfree(reply.data);
819
820	debug3("%s: sending result %d", __func__, authenticated);
821	mm_request_send(socket, MONITOR_ANS_AUTHKRB5, m);
822
823	auth_method = "KRB5.klogin";
824
825	/* Causes monitor loop to terminate if authenticated */
826	return (authenticated);
827	}
828	#endif /* KRB5 */
829
722	#ifdef USE_PAM	830	#ifdef USE_PAM
723	int	831	int
724	mm_answer_pam_start(int socket, Buffer *m)	832	mm_answer_pam_start(int socket, Buffer *m)

Lines 30-35 Link Here

(-)openssh-3.4p1/monitor_wrap.h (+20 lines)
30	#include "key.h"	30	#include "key.h"
31	#include "buffer.h"	31	#include "buffer.h"
32		32
		33	#ifdef KRB4
		34	#include <krb.h>
		35	#endif
		36
		37	#ifdef KRB5
		38	#include <krb5.h>
		39	#endif
		40
33	extern int use_privsep;	41	extern int use_privsep;
34	#define PRIVSEP(x) (use_privsep ? mm_##x : x)	42	#define PRIVSEP(x) (use_privsep ? mm_##x : x)
35		43
Lines 59-64 Link Here
59	void mm_start_pam(char *);	67	void mm_start_pam(char *);
60	#endif	68	#endif
61		69
		70	#ifdef KRB4
		71	int mm_auth_krb4(struct Authctxt , KTEXT , char *, KTEXT );
		72	#endif
		73
		74	#ifdef AFS
		75	int mm_auth_krb4_tgt(struct Authctxt , const char , const int);
		76	#endif
		77
		78	#ifdef KRB5
		79	int mm_auth_krb5(struct Authctxt , krb5_data , char *, krb5_data );
		80	#endif
		81
62	void mm_terminate(void);	82	void mm_terminate(void);
63	int mm_pty_allocate(int , int , char *, int);	83	int mm_pty_allocate(int , int , char *, int);
64	void mm_session_pty_cleanup2(void *);	84	void mm_session_pty_cleanup2(void *);

Return to bug 324

Lines 119-131 Link Here

(-)openssh-3.4p1/auth1.c (-4 / +19 lines)
119	if (kdata[0] == 4) { /* KRB_PROT_VERSION */	119	if (kdata[0] == 4) { /* KRB_PROT_VERSION */
120	#ifdef KRB4	120	#ifdef KRB4
121	KTEXT_ST tkt;	121	KTEXT_ST tkt;
122		122	KTEXT_ST reply;
123	tkt.length = dlen;	123	tkt.length = dlen;
124	if (tkt.length < MAX_KTXT_LEN)	124	if (tkt.length < MAX_KTXT_LEN)
125	memcpy(tkt.dat, kdata, tkt.length);	125	memcpy(tkt.dat, kdata, tkt.length);
126		126
127	if (auth_krb4(authctxt, &tkt, &client_user)) {	127	if (PRIVSEP(auth_krb4(authctxt, &tkt, &client_user, &reply))) {
128	authenticated = 1;	128	authenticated = 1;
		129
		130	packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
		131	packet_put_string((char *) reply.dat, reply.length);
		132	packet_send();
		133	packet_write_wait();
		134
129	snprintf(info, sizeof(info),	135	snprintf(info, sizeof(info),
130	" tktuser %.100s",	136	" tktuser %.100s",
131	client_user);	137	client_user);
Lines 133-148 Link Here
133	#endif /* KRB4 */	139	#endif /* KRB4 */
134	} else {	140	} else {
135	#ifdef KRB5	141	#ifdef KRB5
136	krb5_data tkt;	142	krb5_data tkt, reply;
137	tkt.length = dlen;	143	tkt.length = dlen;
138	tkt.data = kdata;	144	tkt.data = kdata;
		145	reply.length = 0;
139		146
140	if (auth_krb5(authctxt, &tkt, &client_user)) {	147	if (PRIVSEP(auth_krb5(authctxt, &tkt, &client_user, &reply))) {
141	authenticated = 1;	148	authenticated = 1;
		149
		150	packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
		151	packet_put_string((char *) reply.data, reply.length);
		152	packet_send();
		153	packet_write_wait();
142	snprintf(info, sizeof(info),	154	snprintf(info, sizeof(info),
143	" tktuser %.100s",	155	" tktuser %.100s",
144	client_user);	156	client_user);
145	}	157	}
		158	if (reply.length)
		159	xfree(reply.data);
		160
146	#endif /* KRB5 */	161	#endif /* KRB5 */
147	}	162	}
148	xfree(kdata);	163	xfree(kdata);

Lines 210-219 Link Here

(-)openssh-3.4p1/auth-krb4.c (-11 / +5 lines)
210	}	210	}
211		211
212	int	212	int
213	auth_krb4(Authctxt authctxt, KTEXT auth, char *client)	213	auth_krb4(Authctxt authctxt, KTEXT auth, char *client, KTEXT reply)
214	{	214	{
215	AUTH_DAT adat = {0};	215	AUTH_DAT adat = {0};
216	KTEXT_ST reply;
217	Key_schedule schedule;	216	Key_schedule schedule;
218	struct sockaddr_in local, foreign;	217	struct sockaddr_in local, foreign;
219	char instance[INST_SZ];	218	char instance[INST_SZ];
Lines 263-283 Link Here
263		262
264	/* If we can't successfully encrypt the checksum, we send back an	263	/* If we can't successfully encrypt the checksum, we send back an
265	empty message, admitting our failure. */	264	empty message, admitting our failure. */
266	if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1,	265	if ((r = krb_mk_priv((u_char *) & cksum, reply->dat, sizeof(cksum) + 1,
267	schedule, &adat.session, &local, &foreign)) < 0) {	266	schedule, &adat.session, &local, &foreign)) < 0) {
268	debug("Kerberos v4 mk_priv: (%d) %s", r, krb_err_txt[r]);	267	debug("Kerberos v4 mk_priv: (%d) %s", r, krb_err_txt[r]);
269	reply.dat[0] = 0;	268	reply->dat[0] = 0;
270	reply.length = 0;	269	reply->length = 0;
271	} else	270	} else
272	reply.length = r;	271	reply->length = r;
273		272
274	/* Clear session key. */	273	/* Clear session key. */
275	memset(&adat.session, 0, sizeof(&adat.session));	274	memset(&adat.session, 0, sizeof(&adat.session));
276
277	packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
278	packet_put_string((char *) reply.dat, reply.length);
279	packet_send();
280	packet_write_wait();
281	return (1);	275	return (1);
282	}	276	}
283	#endif /* KRB4 */	277	#endif /* KRB4 */

Lines 268-273 Link Here

(-)openssh-3.4p1/monitor_wrap.c (+69 lines)
268	return (authenticated);	268	return (authenticated);
269	}	269	}
270		270
		271	/* do Kerberos4 .klogin authentication */
		272	#ifdef KRB4
		273	int
		274	mm_auth_krb4(Authctxt authctxt, KTEXT auth, char *client, KTEXT reply)
		275	{
		276	Buffer m;
		277	int rlen;
		278	int authenticated = 0;
		279	char* reply_tmp;
		280
		281	debug3("%s entering", __func__);
		282
		283	buffer_init(&m);
		284	buffer_put_string(&m, auth->dat, auth->length);
		285	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHKRB4, &m);
		286
		287	debug3("%s: waiting for MONITOR_ANS_AUTHKRB4", __func__);
		288	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHKRB4, &m);
		289
		290	authenticated = buffer_get_int(&m);
		291	if(authenticated) {
		292	*client = buffer_get_string(&m, NULL);
		293	reply_tmp = buffer_get_string(&m, &rlen);
		294	/* have to get the string back into the fixed char field */
		295	if(rlen >= MAX_KTXT_LEN)
		296	fatal("%s: received too large KRB4 reply from monitor", __func__);
		297	memcpy(reply->dat, reply_tmp, rlen);
		298	reply->length = rlen;
		299	memset(reply_tmp,0, rlen);
		300	xfree(reply_tmp);
		301	}
		302	buffer_free(&m);
		303
		304	debug3("%s: user %s %sauthenticated",
		305	__func__, *client, authenticated ? "" : "not ");
		306	return (authenticated);
		307	}
		308	#endif /* KRB4 */
		309
		310	/* do Kerberos5 .klogin authentication */
		311	#ifdef KRB5
		312	int
		313	mm_auth_krb5(Authctxt authctxt, krb5_data auth, char *client, krb5_data reply)
		314	{
		315	Buffer m;
		316	int authenticated = 0;
		317
		318	debug3("%s entering", __func__);
		319
		320	buffer_init(&m);
		321	buffer_put_string(&m, auth->data, auth->length);
		322	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHKRB5, &m);
		323
		324	debug3("%s: waiting for MONITOR_ANS_AUTHKRB5", __func__);
		325	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHKRB5, &m);
		326
		327	authenticated = buffer_get_int(&m);
		328	if(authenticated) {
		329	*client = buffer_get_string(&m, NULL);
		330	reply->data = buffer_get_string(&m, &(reply->length));
		331	}
		332	buffer_free(&m);
		333
		334	debug3("%s: user %s %sauthenticated",
335	__func__, *client, authenticated ? "" : "not ");
336	return (authenticated);
337	}
338	#endif /* KRB5 */
339
271	int	340	int
272	mm_user_key_allowed(struct passwd pw, Key key)	341	mm_user_key_allowed(struct passwd pw, Key key)
273	{	342	{

Lines 113-132 Link Here

(-)openssh-3.4p1/auth.h (-2 / +2 lines)
113		113
114	#ifdef KRB4	114	#ifdef KRB4
115	#include <krb.h>	115	#include <krb.h>
116	int auth_krb4(Authctxt , KTEXT, char *);	116	int auth_krb4(Authctxt , KTEXT, char *, KTEXT);
117	int auth_krb4_password(Authctxt , const char );	117	int auth_krb4_password(Authctxt , const char );
118	void krb4_cleanup_proc(void *);	118	void krb4_cleanup_proc(void *);
119		119
120	#ifdef AFS	120	#ifdef AFS
121	#include <kafs.h>	121	#include <kafs.h>
122	int auth_krb4_tgt(Authctxt , const char );	122	int auth_krb4_tgt(Authctxt , const char );
123	int auth_afs_token(Authctxt , const char );	123	int auth_afs_token(Authctxt , const char );
124	#endif /* AFS */	124	#endif /* AFS */
125		125
126	#endif /* KRB4 */	126	#endif /* KRB4 */
127		127
128	#ifdef KRB5	128	#ifdef KRB5
129	int auth_krb5(Authctxt authctxt, krb5_data auth, char **client);	129	int auth_krb5(Authctxt authctxt, krb5_data auth, char *client, krb5_data reply);
130	int auth_krb5_tgt(Authctxt authctxt, krb5_data tgt);	130	int auth_krb5_tgt(Authctxt authctxt, krb5_data tgt);
131	int auth_krb5_password(Authctxt authctxt, const char password);	131	int auth_krb5_password(Authctxt authctxt, const char password);
132	void krb5_cleanup_proc(void *authctxt);	132	void krb5_cleanup_proc(void *authctxt);

Lines 70-90 Link Here

(-)openssh-3.4p1/auth-krb5.c (-11 / +4 lines)
70	/*	70	/*
71	* Try krb5 authentication. server_user is passed for logging purposes	71	* Try krb5 authentication. server_user is passed for logging purposes
72	* only, in auth is received ticket, in client is returned principal	72	* only, in auth is received ticket, in client is returned principal
73	* from the ticket	73	* from the ticket, put things to send back in reply.
74	*/	74	*/
75	int	75	int
76	auth_krb5(Authctxt authctxt, krb5_data auth, char **client)	76	auth_krb5(Authctxt authctxt, krb5_data auth, char *client, krb5_data reply)
77	{	77	{
78	krb5_error_code problem;	78	krb5_error_code problem;
79	krb5_principal server;	79	krb5_principal server;
80	krb5_data reply;
81	krb5_ticket *ticket;	80	krb5_ticket *ticket;
82	int fd, ret;	81	int fd, ret;
83		82
84	ret = 0;	83	ret = 0;
85	server = NULL;	84	server = NULL;
86	ticket = NULL;	85	ticket = NULL;
87	reply.length = 0;
88		86
89	problem = krb5_init(authctxt);	87	problem = krb5_init(authctxt);
90	if (problem)	88	if (problem)
Lines 131-137 Link Here
131		129
132	/* if client wants mutual auth */	130	/* if client wants mutual auth */
133	problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,	131	problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
134	&reply);	132	reply);
135	if (problem)	133	if (problem)
136	goto err;	134	goto err;
137		135
Lines 144-153 Link Here
144	krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,	142	krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,
145	client);	143	client);
146		144
147	packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);	145	/* sending reply in caller */
148	packet_put_string((char *) reply.data, reply.length);
149	packet_send();
150	packet_write_wait();
151		146
152	ret = 1;	147	ret = 1;
153	err:	148	err:
Lines 155-162 Link Here
155	krb5_free_principal(authctxt->krb5_ctx, server);	150	krb5_free_principal(authctxt->krb5_ctx, server);
156	if (ticket)	151	if (ticket)
157	krb5_free_ticket(authctxt->krb5_ctx, ticket);	152	krb5_free_ticket(authctxt->krb5_ctx, ticket);
158	if (reply.length)
159	xfree(reply.data);
160		153
161	if (problem) {	154	if (problem) {
162	if (authctxt->krb5_ctx != NULL)	155	if (authctxt->krb5_ctx != NULL)