openssh-heimdal.patch

   1 --- openssh-5.7p1/configure.ac.orig     2011-01-22 00:37:05.000000000 +0200
   2 +++ openssh-5.7p1/configure.ac  2011-01-24 16:21:01.711393457 +0200
   3 @@ -3572,14 +3572,14 @@
   4                                        [ AC_MSG_RESULT(yes)
   5                                          AC_DEFINE(HEIMDAL)
   6                                          K5LIBS="-lkrb5"
   7 -                                        K5LIBS="$K5LIBS -lcom_err -lasn1"
   8 +                                        K5LIBS="$K5LIBS -lasn1"
   9                                          AC_CHECK_LIB(roken, net_write,
  10                                            [K5LIBS="$K5LIBS -lroken"])
  11                                          AC_CHECK_LIB(des, des_cbc_encrypt,
  12                                            [K5LIBS="$K5LIBS -ldes"])
  13                                        ],
  14                                        [ AC_MSG_RESULT(no)
  15 -                                        K5LIBS="-lkrb5 -lk5crypto -lcom_err"
  16 +                                        K5LIBS="-lkrb5 -lk5crypto"
  17                                        ]
  18                         )
  19                         AC_SEARCH_LIBS(dn_expand, resolv)
  20 diff -ur openssh-5.8p1-orig/auth-krb5.c openssh-5.8p1/auth-krb5.c
  21 --- openssh-5.8p1-orig/auth-krb5.c      2011-04-20 00:30:23.632652510 +0200
  22 +++ openssh-5.8p1/auth-krb5.c   2011-04-20 00:34:06.218117429 +0200
  23 @@ -88,6 +88,8 @@
  24  #ifndef HEIMDAL
  25         krb5_creds creds;
  26         krb5_principal server;
  27 +#else
  28 +       const char *ccache_type, *ccache_name;
  29  #endif
  30         krb5_error_code problem;
  31         krb5_ccache ccache = NULL;
  32 @@ -129,7 +131,11 @@
  33         if (problem)
  34                 goto out;
  35
  36 -       problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
  37 +       problem = krb5_cc_set_default_name(authctxt->krb5_ctx, NULL);
  38 +       if (problem)
  39 +               goto out;
  40 +       problem = krb5_cc_new_unique(authctxt->krb5_ctx,
  41 +           krb5_cc_default_name(authctxt->krb5_ctx), NULL,
  42             &authctxt->krb5_fwd_ccache);
  43         if (problem)
  44                 goto out;
  45 @@ -180,12 +186,23 @@
  46                 goto out;
  47  #endif
  48
  49 +#ifdef HEIMDAL
  50 +       ccache_type = krb5_cc_get_type(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
  51 +       ccache_name = krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
  52 +       if (strncmp(ccache_type, "FILE", 4) == 0) {
  53 +               authctxt->krb5_ticket_file = (char *)ccache_name;
  54 +       }
  55 +       len = strlen(ccache_type) + strlen(ccache_name) + 2;
  56 +       authctxt->krb5_ccname = xmalloc(len);
  57 +       snprintf(authctxt->krb5_ccname, len, "%s:%s", ccache_type, ccache_name);
  58 +#else
  59         authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
  60
  61         len = strlen(authctxt->krb5_ticket_file) + 6;
  62         authctxt->krb5_ccname = xmalloc(len);
  63         snprintf(authctxt->krb5_ccname, len, "FILE:%s",
  64             authctxt->krb5_ticket_file);
  65 +#endif
  66
  67  #ifdef USE_PAM
  68         if (options.use_pam)
  69 diff -ur openssh-5.8p1-orig/gss-serv-krb5.c openssh-5.8p1/gss-serv-krb5.c
  70 --- openssh-5.8p1-orig/gss-serv-krb5.c  2011-04-20 00:30:23.632652510 +0200
  71 +++ openssh-5.8p1/gss-serv-krb5.c       2011-04-20 00:34:06.218117429 +0200
  72 @@ -121,6 +121,9 @@
  73         krb5_principal princ;
  74         OM_uint32 maj_status, min_status;
  75         int len;
  76 +#ifdef HEIMDAL
  77 +       const char *ccache_type, *ccache_name;
  78 +#endif
  79
  80         if (client->creds == NULL) {
  81                 debug("No credentials stored");
  82 @@ -131,8 +134,14 @@
  83                 return;
  84
  85  #ifdef HEIMDAL
  86 -       if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
  87 -               logit("krb5_cc_gen_new(): %.100s",
  88 +       if ((problem = krb5_cc_set_default_name(krb_context, NULL))) {
  89 +               logit("krb5_cc_set_default_name(): %.100s",
  90 +                   krb5_get_err_text(krb_context, problem));
  91 +               return;
  92 +       }
  93 +       if ((problem = krb5_cc_new_unique(krb_context,
  94 +                       krb5_cc_default_name(krb_context), NULL, &ccache))) {
  95 +               logit("krb5_cc_new_unique(): %.100s",
  96                     krb5_get_err_text(krb_context, problem));
  97                 return;
  98         }
  99 @@ -169,11 +178,23 @@
 100                 return;
 101         }
 102
 103 +#ifdef HEIMDAL
 104 +       ccache_type = krb5_cc_get_type(krb_context, ccache);
 105 +       ccache_name = krb5_cc_get_name(krb_context, ccache);
 106 +       if (strncmp(ccache_type, "FILE", 4) == 0) {
 107 +               client->store.filename = xstrdup(ccache_name);
 108 +       }
 109 +       client->store.envvar = "KRB5CCNAME";
 110 +       len = strlen(ccache_type) + strlen(ccache_name) + 2;
 111 +       client->store.envval = xmalloc(len);
 112 +       snprintf(client->store.envval, len, "%s:%s", ccache_type, ccache_name);
 113 +#else
 114         client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
 115         client->store.envvar = "KRB5CCNAME";
 116         len = strlen(client->store.filename) + 6;
 117         client->store.envval = xmalloc(len);
 118         snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
 119 +#endif
 120
 121  #ifdef USE_PAM
 122         if (options.use_pam)