diff options
| author | Damien Miller <djm@mindrot.org> | 2013-07-20 13:35:45 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2013-07-20 13:35:45 +1000 |
| commit | 63ddc899d28cf60045b560891894b9fbf6f822e9 (patch) | |
| tree | c6d54f7405a993cc6774d5abe0c0398192ddf008 /gss-serv-krb5.c | |
| parent | 1f0e86f23fcebb026371c0888402a981df2a61c4 (diff) | |
| download | openssh-git-63ddc899d28cf60045b560891894b9fbf6f822e9.tar.gz | |
- djm@cvs.openbsd.org 2013/07/20 01:55:13
[auth-krb5.c gss-serv-krb5.c gss-serv.c]
fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@
Diffstat (limited to 'gss-serv-krb5.c')
| -rw-r--r-- | gss-serv-krb5.c | 44 |
1 files changed, 25 insertions, 19 deletions
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 5a625acb..87f26831 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -48,12 +48,11 @@ extern ServerOptions options; #ifdef HEIMDAL # include <krb5.h> -#else -# ifdef HAVE_GSSAPI_KRB5_H -# include <gssapi_krb5.h> -# elif HAVE_GSSAPI_GSSAPI_KRB5_H -# include <gssapi/gssapi_krb5.h> -# endif +#endif +#ifdef HAVE_GSSAPI_KRB5_H +# include <gssapi_krb5.h> +#elif HAVE_GSSAPI_GSSAPI_KRB5_H +# include <gssapi/gssapi_krb5.h> #endif static krb5_context krb_context = NULL; @@ -87,14 +86,16 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) { krb5_principal princ; int retval; + const char *errmsg; if (ssh_gssapi_krb5_init() == 0) return 0; if ((retval = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { - logit("krb5_parse_name(): %.100s", - krb5_get_err_text(krb_context, retval)); + errmsg = krb5_get_error_message(krb_context, retval); + logit("krb5_parse_name(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return 0; } if (krb5_kuserok(krb_context, princ, name)) { @@ -120,6 +121,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_principal princ; OM_uint32 maj_status, min_status; int len; + const char *errmsg; if (client->creds == NULL) { debug("No credentials stored"); @@ -130,30 +132,34 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; #ifdef HEIMDAL - if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) { - logit("krb5_cc_gen_new(): %.100s", - krb5_get_err_text(krb_context, problem)); + if ((problem = krb5_cc_new_unique(krb_context, krb5_fcc_ops.prefix, + NULL, &ccache)) != 0) { + errmsg = krb5_get_error_message(krb_context, problem); + logit("krb5_cc_new_unique(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return; } #else if ((problem = ssh_krb5_cc_gen(krb_context, &ccache))) { - logit("ssh_krb5_cc_gen(): %.100s", - krb5_get_err_text(krb_context, problem)); + errmsg = krb5_get_error_message(krb_context, problem); + logit("ssh_krb5_cc_gen(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return; } #endif /* #ifdef HEIMDAL */ if ((problem = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { - logit("krb5_parse_name(): %.100s", - krb5_get_err_text(krb_context, problem)); - krb5_cc_destroy(krb_context, ccache); + errmsg = krb5_get_error_message(krb_context, problem); + logit("krb5_parse_name(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return; } if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) { - logit("krb5_cc_initialize(): %.100s", - krb5_get_err_text(krb_context, problem)); + errmsg = krb5_get_error_message(krb_context, problem); + logit("krb5_cc_initialize(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); krb5_free_principal(krb_context, princ); krb5_cc_destroy(krb_context, ccache); return; |