Attachment #951 for bug #1073

Lines 275-287 Link Here

(-)gss-serv.c (-1 / +13 lines)
275	int	275	int
276	ssh_gssapi_userok(char *user)	276	ssh_gssapi_userok(char *user)
277	{	277	{
		278	OM_uint32 lmin;
		279
278	if (gssapi_client.exportedname.length == 0 \|\|	280	if (gssapi_client.exportedname.length == 0 \|\|
279	gssapi_client.exportedname.value == NULL) {	281	gssapi_client.exportedname.value == NULL) {
280	debug("No suitable client data");	282	debug("No suitable client data");
281	return 0;	283	return 0;
282	}	284	}
283	if (gssapi_client.mech && gssapi_client.mech->userok)	285	if (gssapi_client.mech && gssapi_client.mech->userok)
284	return ((*gssapi_client.mech->userok)(&gssapi_client, user));	286	if ((*gssapi_client.mech->userok)(&gssapi_client, user))
		287	return 1;
		288	else {
		289	/* Destroy delegated credentials if userok fails */
		290	gss_release_buffer(&lmin, &gssapi_client.displayname);
		291	gss_release_buffer(&lmin, &gssapi_client.exportedname);
		292	gss_release_cred(&lmin, gssapi_client.creds);
		293	memset((void *)&gssapi_client, 0,
		294	sizeof(ssh_gssapi_client));
		295	return 0;
		296	}
285	else	297	else
286	debug("ssh_gssapi_userok: Unknown GSSAPI mechanism");	298	debug("ssh_gssapi_userok: Unknown GSSAPI mechanism");
287	return (0);	299	return (0);

Lines 545-551 Link Here

(-)sshconnect2.c (-1 / +2 lines)
545	Authctxt *authctxt = ctxt;	545	Authctxt *authctxt = ctxt;
546	Gssctxt *gssctxt = authctxt->methoddata;	546	Gssctxt *gssctxt = authctxt->methoddata;
547	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;	547	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
548	gss_buffer_desc gssbuf, mic;	548	gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
		549	gss_buffer_desc gssbuf;
549	OM_uint32 status, ms, flags;	550	OM_uint32 status, ms, flags;
550	Buffer b;	551	Buffer b;
551		552

Return to bug 1073