Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Stop using functions that are marked as deprecated in Heimdal.

Browse Source
This commit is contained in:
elric 2011-04-24 14:01:46 +00:00
parent 8a13bd182a
commit 25a58ef3ee
4 changed files with 104 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
crypto/external/bsd/openssh/dist/auth-krb5.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $ */
/* $NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Kerberos v5 authentication and ticket-passing routines.
@ -30,7 +30,7 @@
*/
#include "includes.h"
__RCSID("$NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $");
__RCSID("$NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <pwd.h>
#include <stdarg.h>
@ -80,6 +80,7 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
krb5_principal server;
krb5_ticket *ticket;
int fd, ret;
const char *errtxt;
ret = 0;
server = NULL;
@ -143,10 +144,14 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
}
if (problem) {
errtxt = NULL;
if (authctxt->krb5_ctx != NULL)
debug("Kerberos v5 authentication failed: %s",
krb5_get_err_text(authctxt->krb5_ctx, problem));
else
errtxt = krb5_get_error_message(authctxt->krb5_ctx,
problem);
if (errtxt != NULL) {
debug("Kerberos v5 authentication failed: %s", errtxt);
krb5_free_error_message(authctxt->krb5_ctx, errtxt);
} else
debug("Kerberos v5 authentication failed: %d",
problem);
}
@ -160,13 +165,14 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt)
krb5_error_code problem;
krb5_ccache ccache = NULL;
char *pname;
const char *errtxt;
if (authctxt->pw == NULL || authctxt->krb5_user == NULL)
return (0);
temporarily_use_uid(authctxt->pw);
problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache);
problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL, &ccache);
if (problem)
goto fail;
@ -201,9 +207,14 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt)
return (1);
fail:
if (problem)
debug("Kerberos v5 TGT passing failed: %s",
krb5_get_err_text(authctxt->krb5_ctx, problem));
if (problem) {
errtxt = krb5_get_error_message(authctxt->krb5_ctx, problem);
if (errtxt != NULL) {
debug("Kerberos v5 TGT passing failed: %s", errtxt);
krb5_free_error_message(authctxt->krb5_ctx, errtxt);
} else
debug("Kerberos v5 TGT passing failed: %d", problem);
}
if (ccache)
krb5_cc_destroy(authctxt->krb5_ctx, ccache);
@ -218,6 +229,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
{
krb5_error_code problem;
krb5_ccache ccache = NULL;
const char *errtxt;
temporarily_use_uid(authctxt->pw);
@ -230,7 +242,8 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
if (problem)
goto out;
problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache);
problem = krb5_cc_new_unique(authctxt->krb5_ctx, "MEMORY", NULL,
&ccache);
if (problem)
goto out;
@ -249,7 +262,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
if (problem)
goto out;
problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL,
&authctxt->krb5_fwd_ccache);
if (problem)
goto out;
@ -271,10 +284,15 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
if (ccache)
krb5_cc_destroy(authctxt->krb5_ctx, ccache);
errtxt = NULL;
if (authctxt->krb5_ctx != NULL)
errtxt = krb5_get_error_message(authctxt->krb5_ctx,
problem);
if (errtxt != NULL) {
debug("Kerberos password authentication failed: %s",
krb5_get_err_text(authctxt->krb5_ctx, problem));
else
errtxt);
krb5_free_error_message(authctxt->krb5_ctx, errtxt);
} else
debug("Kerberos password authentication failed: %d",
problem);

41
crypto/external/bsd/openssh/dist/gss-serv-krb5.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $ */
/* $NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
/*
@ -26,7 +26,7 @@
*/
#include "includes.h"
__RCSID("$NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $");
__RCSID("$NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $");
#ifdef GSSAPI
#ifdef KRB5
@ -91,14 +91,19 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name)
{
krb5_principal princ;
int retval;
const char *errtxt;
if (ssh_gssapi_krb5_init() == 0)
return 0;
if ((retval = krb5_parse_name(krb_context, client->exportedname.value,
&princ))) {
logit("krb5_parse_name(): %.100s",
krb5_get_err_text(krb_context, retval));
errtxt = krb5_get_error_message(krb_context, retval);
if (errtxt) {
logit("krb5_parse_name(): %.100s", errtxt);
krb5_free_error_message(krb_context, errtxt);
} else
logit("krb5_parse_name(): %d", retval);
return 0;
}
if (krb5_kuserok(krb_context, princ, name)) {
@ -124,6 +129,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
krb5_principal princ;
OM_uint32 maj_status, min_status;
int len;
const char *errtxt;
if (client->creds == NULL) {
debug("No credentials stored");
@ -134,9 +140,14 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
return;
#ifdef HEIMDAL
if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
logit("krb5_cc_gen_new(): %.100s",
krb5_get_err_text(krb_context, problem));
problem = krb5_cc_new_unique(krb_context, "FILE", NULL, &ccache);
if (problem != 0) {
errtxt = krb5_get_error_message(krb_context, problem);
if (errtxt != NULL) {
logit("krb5_cc_new_unique(): %.100s", errtxt);
krb5_free_error_message(krb_context, errtxt);
} else
logit("krb5_cc_new_unique(): %d", problem);
return;
}
#else
@ -149,15 +160,23 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
if ((problem = krb5_parse_name(krb_context,
client->exportedname.value, &princ))) {
logit("krb5_parse_name(): %.100s",
krb5_get_err_text(krb_context, problem));
errtxt = krb5_get_error_message(krb_context, problem);
if (errtxt != NULL) {
logit("krb5_parse_name(): %.100s", errtxt);
krb5_free_error_message(krb_context, errtxt);
} else
logit("krb5_parse_name(): %d", problem);
krb5_cc_destroy(krb_context, ccache);
return;
}
if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) {
logit("krb5_cc_initialize(): %.100s",
krb5_get_err_text(krb_context, problem));
errtxt = krb5_get_error_message(krb_context, problem);
if (errtxt != NULL) {
logit("krb5_cc_initialize(): %.100s", errtxt);
krb5_free_error_message(krb_context, errtxt);
} else
logit("krb5_cc_initialize(): %d", problem);
krb5_free_principal(krb_context, princ);
krb5_cc_destroy(krb_context, ccache);
return;

35
crypto/external/bsd/openssh/dist/sshconnect1.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $ */
/* $NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -15,7 +15,7 @@
*/
#include "includes.h"
__RCSID("$NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $");
__RCSID("$NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
@ -466,6 +466,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
int type;
krb5_ap_rep_enc_part *reply = NULL;
int ret;
const char *errtxt;
memset(&ap, 0, sizeof(ap));
@ -488,8 +489,14 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
problem = krb5_cc_default(*context, &ccache);
if (problem) {
debug("Kerberos v5: krb5_cc_default failed: %s",
krb5_get_err_text(*context, problem));
errtxt = krb5_get_error_message(*context, problem);
if (errtxt != NULL) {
debug("Kerberos v5: krb5_cc_default failed: %s",
errtxt);
krb5_free_error_message(*context, errtxt);
} else
debug("Kerberos v5: krb5_cc_default failed: %d",
problem);
ret = 0;
goto out;
}
@ -499,8 +506,12 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED,
"host", remotehost, NULL, ccache, &ap);
if (problem) {
debug("Kerberos v5: krb5_mk_req failed: %s",
krb5_get_err_text(*context, problem));
errtxt = krb5_get_error_message(*context, problem);
if (errtxt != NULL) {
debug("Kerberos v5: krb5_mk_req failed: %s", errtxt);
krb5_free_error_message(*context, errtxt);
} else
debug("Kerberos v5: krb5_mk_req failed: %d", problem);
ret = 0;
goto out;
}
@ -566,6 +577,7 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
krb5_creds creds;
krb5_kdc_flags flags;
const char *remotehost;
const char *errtxt;
memset(&creds, 0, sizeof(creds));
memset(&outbuf, 0, sizeof(outbuf));
@ -623,9 +635,14 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
return;
out:
if (problem)
debug("Kerberos v5 TGT forwarding failed: %s",
krb5_get_err_text(context, problem));
if (problem) {
errtxt = krb5_get_error_message(context, problem);
if (errtxt != NULL) {
debug("Kerberos v5 TGT forwarding failed: %s", errtxt);
krb5_free_error_message(context, errtxt);
} else
debug("Kerberos v5 TGT forwarding failed: %d", problem);
}
if (creds.client)
krb5_free_principal(context, creds.client);
if (creds.server)

23
crypto/external/bsd/openssh/dist/sshconnect2.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $ */
/* $NetBSD: sshconnect2.c,v 1.7 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.183 2010/04/26 22:28:24 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -26,7 +26,7 @@
*/
#include "includes.h"
__RCSID("$NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $");
__RCSID("$NetBSD: sshconnect2.c,v 1.7 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
@ -1805,6 +1805,7 @@ ssh_krb5_helper(krb5_data *ap)
krb5_ccache ccache = NULL;
const char *remotehost;
int ret;
const char *errtxt;
memset(ap, 0, sizeof(*ap));
@ -1830,8 +1831,14 @@ ssh_krb5_helper(krb5_data *ap)
problem = krb5_cc_default(*context, &ccache);
if (problem) {
debug("Kerberos v5: krb5_cc_default failed: %s",
krb5_get_err_text(*context, problem));
errtxt = krb5_get_error_message(*context, problem);
if (errtxt != NULL) {
debug("Kerberos v5: krb5_cc_default failed: %s",
errtxt);
krb5_free_error_message(*context, errtxt);
} else
debug("Kerberos v5: krb5_cc_default failed: %d",
problem);
ret = 0;
goto out;
}
@ -1841,8 +1848,12 @@ ssh_krb5_helper(krb5_data *ap)
problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED,
"host", remotehost, NULL, ccache, ap);
if (problem) {
debug("Kerberos v5: krb5_mk_req failed: %s",
krb5_get_err_text(*context, problem));
errtxt = krb5_get_error_message(*context, problem);
if (errtxt != NULL) {
debug("Kerberos v5: krb5_mk_req failed: %s", errtxt);
krb5_free_error_message(*context, errtxt);
} else
debug("Kerberos v5: krb5_mk_req failed: %d", problem);
ret = 0;
goto out;
}