Attachment #1641 for bug #1601

Lines 122-131 Link Here

(-)ssh-gss.old.h (+1 lines)
122	OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);	122	OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
123	int ssh_gssapi_userok(char *name);	123	int ssh_gssapi_userok(char *name);
124	OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);	124	OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
125	void ssh_gssapi_do_child(char **, u_int );	125	void ssh_gssapi_do_child(char **, u_int );
126	void ssh_gssapi_cleanup_creds(void);	126	void ssh_gssapi_cleanup_creds(void);
		127	void ssh_gssapi_free_store(void);
127	void ssh_gssapi_storecreds(void);	128	void ssh_gssapi_storecreds(void);
128		129
129	#endif /* GSSAPI */	130	#endif /* GSSAPI */
130		131
131	#endif /* _SSH_GSS_H */	132	#endif /* _SSH_GSS_H */




		monitor_child_postauth(pmonitor);

		/* NEVERREACHED */
		exit(0);
	}
#ifdef GSSAPI
        if (options.gss_authentication) {
                temporarily_use_uid(authctxt->pw);
                ssh_gssapi_storecreds();
                restore_uid();
        }
#endif
	close(pmonitor->m_sendfd);

	/* Demote the private keys to public keys. */
	demote_sensitive_data();



#ifdef SSH_AUDIT_EVENTS
	audit_event(SSH_AUTH_SUCCESS);
#endif

#ifdef GSSAPI
	if (options.gss_authentication) {
		temporarily_use_uid(authctxt->pw);
		ssh_gssapi_storecreds();
		restore_uid();
	}
#endif
#ifdef USE_PAM
	if (options.use_pam) {
		do_pam_setcred(1);
		do_pam_session();
	}

Lines 2741-2750 Link Here

(-)session.old.c (+1 lines)
2741	#endif	2741	#endif
2742		2742
2743	#ifdef GSSAPI	2743	#ifdef GSSAPI
2744	if (compat20 && options.gss_cleanup_creds)	2744	if (compat20 && options.gss_cleanup_creds)
2745	ssh_gssapi_cleanup_creds();	2745	ssh_gssapi_cleanup_creds();
		2746	ssh_gssapi_free_store();
2746	#endif	2747	#endif
2747		2748
2748	/* remove agent socket */	2749	/* remove agent socket */
2749	auth_sock_cleanup_proc(authctxt->pw);	2750	auth_sock_cleanup_proc(authctxt->pw);
2750		2751




		    gssapi_client.store.filename);
		unlink(gssapi_client.store.filename);
	}
}

void
ssh_gssapi_free_store(void)
{
        if (gssapi_client.store.filename != NULL) {
                xfree(gssapi_client.store.filename);
                gssapi_client.store.filename = NULL;
        }

        if (gssapi_client.store.envval != NULL) {
                xfree(gssapi_client.store.envval);
                gssapi_client.store.envval = NULL;
        }
}

/* As user */
void
ssh_gssapi_storecreds(void)
{
	if (gssapi_client.mech && gssapi_client.mech->storecreds) {

Return to bug 1601

Lines 682-692 Link Here

(-)sshd.old.c (-8 / +7 lines)
682	monitor_child_postauth(pmonitor);	682	monitor_child_postauth(pmonitor);
683		683
684	/* NEVERREACHED */	684	/* NEVERREACHED */
685	exit(0);	685	exit(0);
686	}	686	}
687		687	#ifdef GSSAPI
		688	if (options.gss_authentication) {
		689	temporarily_use_uid(authctxt->pw);
		690	ssh_gssapi_storecreds();
		691	restore_uid();
		692	}
		693	#endif
688	close(pmonitor->m_sendfd);	694	close(pmonitor->m_sendfd);
689		695
690	/* Demote the private keys to public keys. */	696	/* Demote the private keys to public keys. */
691	demote_sensitive_data();	697	demote_sensitive_data();
692		698
Lines 1885-1901 Link Here
1885		1891
1886	#ifdef SSH_AUDIT_EVENTS	1892	#ifdef SSH_AUDIT_EVENTS
1887	audit_event(SSH_AUTH_SUCCESS);	1893	audit_event(SSH_AUTH_SUCCESS);
1888	#endif	1894	#endif
1889		1895
1890	#ifdef GSSAPI
1891	if (options.gss_authentication) {
1892	temporarily_use_uid(authctxt->pw);
1893	ssh_gssapi_storecreds();
1894	restore_uid();
1895	}
1896	#endif
1897	#ifdef USE_PAM	1896	#ifdef USE_PAM
1898	if (options.use_pam) {	1897	if (options.use_pam) {
1899	do_pam_setcred(1);	1898	do_pam_setcred(1);
1900	do_pam_session();	1899	do_pam_session();
1901	}	1900	}

Lines 296-305 Link Here

(-)gss-serv.old.c (+14 lines)
296	gssapi_client.store.filename);	296	gssapi_client.store.filename);
297	unlink(gssapi_client.store.filename);	297	unlink(gssapi_client.store.filename);
298	}	298	}
299	}	299	}
300		300
		301	void
		302	ssh_gssapi_free_store(void)
		303	{
		304	if (gssapi_client.store.filename != NULL) {
		305	xfree(gssapi_client.store.filename);
		306	gssapi_client.store.filename = NULL;
		307	}
		308
		309	if (gssapi_client.store.envval != NULL) {
		310	xfree(gssapi_client.store.envval);
		311	gssapi_client.store.envval = NULL;
		312	}
		313	}
		314
301	/* As user */	315	/* As user */
302	void	316	void
303	ssh_gssapi_storecreds(void)	317	ssh_gssapi_storecreds(void)
304	{	318	{
305	if (gssapi_client.mech && gssapi_client.mech->storecreds) {	319	if (gssapi_client.mech && gssapi_client.mech->storecreds) {