openssh-heimdal.patch

   1 --- openssh-5.7p1/configure.ac.orig     2011-01-22 00:37:05.000000000 +0200
   2 +++ openssh-5.7p1/configure.ac  2011-01-24 16:21:01.711393457 +0200
   3 @@ -3572,14 +3572,14 @@
   4                                        [ AC_MSG_RESULT(yes)
   5                                          AC_DEFINE(HEIMDAL)
   6                                          K5LIBS="-lkrb5"
   7 -                                        K5LIBS="$K5LIBS -lcom_err -lasn1"
   8 +                                        K5LIBS="$K5LIBS -lasn1"
   9                                          AC_CHECK_LIB(roken, net_write,
  10                                            [K5LIBS="$K5LIBS -lroken"])
  11                                          AC_CHECK_LIB(des, des_cbc_encrypt,
  12                                            [K5LIBS="$K5LIBS -ldes"])
  13                                        ],
  14                                        [ AC_MSG_RESULT(no)
  15 -                                        K5LIBS="-lkrb5 -lk5crypto -lcom_err"
  16 +                                        K5LIBS="-lkrb5 -lk5crypto"
  17                                        ]
  18                         )
  19                         AC_SEARCH_LIBS(dn_expand, resolv)
  20 --- openssh-5.8p1/gss-serv-krb5.c~      2011-04-19 14:09:54.832721425 +0200
  21 +++ openssh-5.8p1/gss-serv-krb5.c       2011-04-19 21:54:01.818248221 +0200
  22 @@ -121,6 +121,9 @@
  23         krb5_principal princ;
  24         OM_uint32 maj_status, min_status;
  25         int len;
  26 +#ifdef HEIMDAL
  27 +       const char *ccache_type, *ccache_name;
  28 +#endif
  29
  30         if (client->creds == NULL) {
  31                 debug("No credentials stored");
  32 @@ -131,8 +132,8 @@
  33                 return;
  34
  35  #ifdef HEIMDAL
  36 -       if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
  37 -               logit("krb5_cc_gen_new(): %.100s",
  38 +       if ((problem = krb5_cc_new_unique(krb_context, NULL, NULL, &ccache))) {
  39 +               logit("krb5_cc_new_unique(): %.100s",
  40                     krb5_get_err_text(krb_context, problem));
  41                 return;
  42         }
  43 @@ -169,11 +170,23 @@
  44                 return;
  45         }
  46
  47 +#ifdef HEIMDAL
  48 +       ccache_type = krb5_cc_get_type(krb_context, ccache);
  49 +       ccache_name = krb5_cc_get_name(krb_context, ccache);
  50 +       if (strncmp(ccache_type, "FILE", 4) == 0) {
  51 +               client->store.filename = xstrdup(ccache_name);
  52 +       }
  53 +       client->store.envvar = "KRB5CCNAME";
  54 +       len = strlen(ccache_type) + strlen(ccache_name) + 1;
  55 +       client->store.envval = xmalloc(len);
  56 +       snprintf(client->store.envval, len, "%s:%s", ccache_type, ccache_name);
  57 +#else
  58         client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
  59         client->store.envvar = "KRB5CCNAME";
  60         len = strlen(client->store.filename) + 6;
  61         client->store.envval = xmalloc(len);
  62         snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
  63 +#endif
  64
  65  #ifdef USE_PAM
  66         if (options.use_pam)
  67 --- openssh-5.8p1/auth-krb5.c.orig      2009-12-21 00:49:22.000000000 +0100
  68 +++ openssh-5.8p1/auth-krb5.c   2011-04-19 22:16:14.622268002 +0200
  69 @@ -74,6 +88,7 @@
  70  #ifndef HEIMDAL
  71         krb5_creds creds;
  72         krb5_principal server;
  73 +       const char *ccache_type, *ccache_name;
  74  #endif
  75         krb5_error_code problem;
  76         krb5_ccache ccache = NULL;
  77 @@ -115,7 +130,7 @@
  78         if (problem)
  79                 goto out;
  80
  81 -       problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
  82 +       problem = krb5_cc_new_unique(authctxt->krb5_ctx, NULL, NULL,
  83             &authctxt->krb5_fwd_ccache);
  84         if (problem)
  85                 goto out;
  86 @@ -166,12 +181,23 @@
  87                 goto out;
  88  #endif
  89
  90 +#ifdef HEIMDAL
  91 +       ccache_type = krb5_cc_get_type(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
  92 +       ccache_name = krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
  93 +       if (strncmp(ccache_type, "FILE", 4) == 0) {
  94 +               authctxt->krb5_ticket_file = (char *)ccache_name;
  95 +       }
  96 +       len = strlen(ccache_type) + strlen(ccache_name) + 1;
  97 +       authctxt->krb5_ccname = xmalloc(len);
  98 +       snprintf(authctxt->krb5_ccname, len, "%s:%s", ccache_type, ccache_name);
  99 +#else
 100         authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
 101
 102         len = strlen(authctxt->krb5_ticket_file) + 6;
 103         authctxt->krb5_ccname = xmalloc(len);
 104         snprintf(authctxt->krb5_ccname, len, "FILE:%s",
 105             authctxt->krb5_ticket_file);
 106 +#endif
 107
 108  #ifdef USE_PAM
 109         if (options.use_pam)