-diff -urN openssh-3.6.1p2-orig/configure.ac openssh-3.6.1p2/configure.ac
---- openssh-3.6.1p2-orig/configure.ac 2003-07-26 16:45:10.000000000 -0600
-+++ openssh-3.6.1p2/configure.ac 2003-07-26 16:57:32.000000000 -0600
-@@ -1822,7 +1822,7 @@
- [ char *tmp = heimdal_version; ],
- [ AC_MSG_RESULT(yes)
- AC_DEFINE(HEIMDAL)
-- K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken"
-+ K5LIBS="-lkrb5 -lasn1 -lroken"
- ],
- [ AC_MSG_RESULT(no)
- K5LIBS="-lkrb5 -lk5crypto -lcom_err"
+--- openssh-5.9p1/configure.ac~ 2011-08-18 06:48:24.000000000 +0200
++++ openssh-5.9p1/configure.ac 2011-09-06 19:00:46.856319713 +0200
+@@ -3424,13 +3424,13 @@
+ [ AC_MSG_RESULT([yes])
+ AC_DEFINE([HEIMDAL])
+ K5LIBS="-lkrb5"
+- K5LIBS="$K5LIBS -lcom_err -lasn1"
++ K5LIBS="$K5LIBS -lasn1"
+ AC_CHECK_LIB([roken], [net_write],
+ [K5LIBS="$K5LIBS -lroken"])
+ AC_CHECK_LIB([des], [des_cbc_encrypt],
+ [K5LIBS="$K5LIBS -ldes"])
+ ], [ AC_MSG_RESULT([no])
+- K5LIBS="-lkrb5 -lk5crypto -lcom_err"
++ K5LIBS="-lkrb5 -lk5crypto"
+
+ ])
+ AC_SEARCH_LIBS([dn_expand], [resolv])
+diff -ur openssh-5.8p1-orig/auth-krb5.c openssh-5.8p1/auth-krb5.c
+--- openssh-5.8p1-orig/auth-krb5.c 2011-04-20 00:30:23.632652510 +0200
++++ openssh-5.8p1/auth-krb5.c 2011-04-20 00:34:06.218117429 +0200
+@@ -88,6 +88,8 @@
+ #ifndef HEIMDAL
+ krb5_creds creds;
+ krb5_principal server;
++#else
++ const char *ccache_type, *ccache_name;
+ #endif
+ krb5_error_code problem;
+ krb5_ccache ccache = NULL;
+@@ -129,7 +131,11 @@
+ if (problem)
+ goto out;
+
+- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
++ problem = krb5_cc_set_default_name(authctxt->krb5_ctx, NULL);
++ if (problem)
++ goto out;
++ problem = krb5_cc_new_unique(authctxt->krb5_ctx,
++ krb5_cc_default_name(authctxt->krb5_ctx), NULL,
+ &authctxt->krb5_fwd_ccache);
+ if (problem)
+ goto out;
+@@ -180,12 +186,23 @@
+ goto out;
+ #endif
+
++#ifdef HEIMDAL
++ ccache_type = krb5_cc_get_type(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
++ ccache_name = krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
++ if (strncmp(ccache_type, "FILE", 4) == 0) {
++ authctxt->krb5_ticket_file = (char *)ccache_name;
++ }
++ len = strlen(ccache_type) + strlen(ccache_name) + 2;
++ authctxt->krb5_ccname = xmalloc(len);
++ snprintf(authctxt->krb5_ccname, len, "%s:%s", ccache_type, ccache_name);
++#else
+ authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
+
+ len = strlen(authctxt->krb5_ticket_file) + 6;
+ authctxt->krb5_ccname = xmalloc(len);
+ snprintf(authctxt->krb5_ccname, len, "FILE:%s",
+ authctxt->krb5_ticket_file);
++#endif
+
+ #ifdef USE_PAM
+ if (options.use_pam)
+diff -ur openssh-5.8p1-orig/gss-serv-krb5.c openssh-5.8p1/gss-serv-krb5.c
+--- openssh-5.8p1-orig/gss-serv-krb5.c 2011-04-20 00:30:23.632652510 +0200
++++ openssh-5.8p1/gss-serv-krb5.c 2011-04-20 00:34:06.218117429 +0200
+@@ -121,6 +121,9 @@
+ krb5_principal princ;
+ OM_uint32 maj_status, min_status;
+ int len;
++#ifdef HEIMDAL
++ const char *ccache_type, *ccache_name;
++#endif
+
+ if (client->creds == NULL) {
+ debug("No credentials stored");
+@@ -131,8 +134,14 @@
+ return;
+
+ #ifdef HEIMDAL
+- if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
+- logit("krb5_cc_gen_new(): %.100s",
++ if ((problem = krb5_cc_set_default_name(krb_context, NULL))) {
++ logit("krb5_cc_set_default_name(): %.100s",
++ krb5_get_err_text(krb_context, problem));
++ return;
++ }
++ if ((problem = krb5_cc_new_unique(krb_context,
++ krb5_cc_default_name(krb_context), NULL, &ccache))) {
++ logit("krb5_cc_new_unique(): %.100s",
+ krb5_get_err_text(krb_context, problem));
+ return;
+ }
+@@ -169,11 +178,23 @@
+ return;
+ }
+
++#ifdef HEIMDAL
++ ccache_type = krb5_cc_get_type(krb_context, ccache);
++ ccache_name = krb5_cc_get_name(krb_context, ccache);
++ if (strncmp(ccache_type, "FILE", 4) == 0) {
++ client->store.filename = xstrdup(ccache_name);
++ }
++ client->store.envvar = "KRB5CCNAME";
++ len = strlen(ccache_type) + strlen(ccache_name) + 2;
++ client->store.envval = xmalloc(len);
++ snprintf(client->store.envval, len, "%s:%s", ccache_type, ccache_name);
++#else
+ client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
+ client->store.envvar = "KRB5CCNAME";
+ len = strlen(client->store.filename) + 6;
+ client->store.envval = xmalloc(len);
+ snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
++#endif
+
+ #ifdef USE_PAM
+ if (options.use_pam)
projects / packages / openssh.git / blobdiff