Module Name: src Committed By: elric Date: Sun Apr 24 14:01:46 UTC 2011
Modified Files: src/crypto/external/bsd/openssh/dist: auth-krb5.c gss-serv-krb5.c sshconnect1.c sshconnect2.c Log Message: Stop using functions that are marked as deprecated in Heimdal. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/auth-krb5.c \ src/crypto/external/bsd/openssh/dist/sshconnect1.c cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/sshconnect2.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-krb5.c diff -u src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.2 src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.3 --- src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.2 Sun Jun 7 22:38:46 2009 +++ src/crypto/external/bsd/openssh/dist/auth-krb5.c Sun Apr 24 14:01:46 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $ */ +/* $NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */ /* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */ /* * Kerberos v5 authentication and ticket-passing routines. @@ -30,7 +30,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $"); +__RCSID("$NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $"); #include <sys/types.h> #include <pwd.h> #include <stdarg.h> @@ -80,6 +80,7 @@ krb5_principal server; krb5_ticket *ticket; int fd, ret; + const char *errtxt; ret = 0; server = NULL; @@ -143,10 +144,14 @@ } if (problem) { + errtxt = NULL; if (authctxt->krb5_ctx != NULL) - debug("Kerberos v5 authentication failed: %s", - krb5_get_err_text(authctxt->krb5_ctx, problem)); - else + errtxt = krb5_get_error_message(authctxt->krb5_ctx, + problem); + if (errtxt != NULL) { + debug("Kerberos v5 authentication failed: %s", errtxt); + krb5_free_error_message(authctxt->krb5_ctx, errtxt); + } else debug("Kerberos v5 authentication failed: %d", problem); } @@ -160,13 +165,14 @@ krb5_error_code problem; krb5_ccache ccache = NULL; char *pname; + const char *errtxt; if (authctxt->pw == NULL || authctxt->krb5_user == NULL) return (0); temporarily_use_uid(authctxt->pw); - problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache); + problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL, &ccache); if (problem) goto fail; @@ -201,9 +207,14 @@ return (1); fail: - if (problem) - debug("Kerberos v5 TGT passing failed: %s", - krb5_get_err_text(authctxt->krb5_ctx, problem)); + if (problem) { + errtxt = krb5_get_error_message(authctxt->krb5_ctx, problem); + if (errtxt != NULL) { + debug("Kerberos v5 TGT passing failed: %s", errtxt); + krb5_free_error_message(authctxt->krb5_ctx, errtxt); + } else + debug("Kerberos v5 TGT passing failed: %d", problem); + } if (ccache) krb5_cc_destroy(authctxt->krb5_ctx, ccache); @@ -218,6 +229,7 @@ { krb5_error_code problem; krb5_ccache ccache = NULL; + const char *errtxt; temporarily_use_uid(authctxt->pw); @@ -230,7 +242,8 @@ if (problem) goto out; - problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache); + problem = krb5_cc_new_unique(authctxt->krb5_ctx, "MEMORY", NULL, + &ccache); if (problem) goto out; @@ -249,7 +262,7 @@ if (problem) goto out; - problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, + problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL, &authctxt->krb5_fwd_ccache); if (problem) goto out; @@ -271,10 +284,15 @@ if (ccache) krb5_cc_destroy(authctxt->krb5_ctx, ccache); + errtxt = NULL; if (authctxt->krb5_ctx != NULL) + errtxt = krb5_get_error_message(authctxt->krb5_ctx, + problem); + if (errtxt != NULL) { debug("Kerberos password authentication failed: %s", - krb5_get_err_text(authctxt->krb5_ctx, problem)); - else + errtxt); + krb5_free_error_message(authctxt->krb5_ctx, errtxt); + } else debug("Kerberos password authentication failed: %d", problem); Index: src/crypto/external/bsd/openssh/dist/sshconnect1.c diff -u src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.2 src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.3 --- src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.2 Sun Jun 7 22:38:47 2009 +++ src/crypto/external/bsd/openssh/dist/sshconnect1.c Sun Apr 24 14:01:46 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $ */ +/* $NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */ /* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */ /* * Author: Tatu Ylonen <y...@cs.hut.fi> @@ -15,7 +15,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $"); +__RCSID("$NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $"); #include <sys/types.h> #include <sys/socket.h> #include <sys/stat.h> @@ -466,6 +466,7 @@ int type; krb5_ap_rep_enc_part *reply = NULL; int ret; + const char *errtxt; memset(&ap, 0, sizeof(ap)); @@ -488,8 +489,14 @@ problem = krb5_cc_default(*context, &ccache); if (problem) { - debug("Kerberos v5: krb5_cc_default failed: %s", - krb5_get_err_text(*context, problem)); + errtxt = krb5_get_error_message(*context, problem); + if (errtxt != NULL) { + debug("Kerberos v5: krb5_cc_default failed: %s", + errtxt); + krb5_free_error_message(*context, errtxt); + } else + debug("Kerberos v5: krb5_cc_default failed: %d", + problem); ret = 0; goto out; } @@ -499,8 +506,12 @@ problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED, "host", remotehost, NULL, ccache, &ap); if (problem) { - debug("Kerberos v5: krb5_mk_req failed: %s", - krb5_get_err_text(*context, problem)); + errtxt = krb5_get_error_message(*context, problem); + if (errtxt != NULL) { + debug("Kerberos v5: krb5_mk_req failed: %s", errtxt); + krb5_free_error_message(*context, errtxt); + } else + debug("Kerberos v5: krb5_mk_req failed: %d", problem); ret = 0; goto out; } @@ -566,6 +577,7 @@ krb5_creds creds; krb5_kdc_flags flags; const char *remotehost; + const char *errtxt; memset(&creds, 0, sizeof(creds)); memset(&outbuf, 0, sizeof(outbuf)); @@ -623,9 +635,14 @@ return; out: - if (problem) - debug("Kerberos v5 TGT forwarding failed: %s", - krb5_get_err_text(context, problem)); + if (problem) { + errtxt = krb5_get_error_message(context, problem); + if (errtxt != NULL) { + debug("Kerberos v5 TGT forwarding failed: %s", errtxt); + krb5_free_error_message(context, errtxt); + } else + debug("Kerberos v5 TGT forwarding failed: %d", problem); + } if (creds.client) krb5_free_principal(context, creds.client); if (creds.server) Index: src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c diff -u src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.3 src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.4 --- src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.3 Fri Apr 15 14:51:22 2011 +++ src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c Sun Apr 24 14:01:46 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $ */ +/* $NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $ */ /* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ /* @@ -26,7 +26,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $"); +__RCSID("$NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $"); #ifdef GSSAPI #ifdef KRB5 @@ -91,14 +91,19 @@ { krb5_principal princ; int retval; + const char *errtxt; if (ssh_gssapi_krb5_init() == 0) return 0; if ((retval = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { - logit("krb5_parse_name(): %.100s", - krb5_get_err_text(krb_context, retval)); + errtxt = krb5_get_error_message(krb_context, retval); + if (errtxt) { + logit("krb5_parse_name(): %.100s", errtxt); + krb5_free_error_message(krb_context, errtxt); + } else + logit("krb5_parse_name(): %d", retval); return 0; } if (krb5_kuserok(krb_context, princ, name)) { @@ -124,6 +129,7 @@ krb5_principal princ; OM_uint32 maj_status, min_status; int len; + const char *errtxt; if (client->creds == NULL) { debug("No credentials stored"); @@ -134,9 +140,14 @@ return; #ifdef HEIMDAL - if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) { - logit("krb5_cc_gen_new(): %.100s", - krb5_get_err_text(krb_context, problem)); + problem = krb5_cc_new_unique(krb_context, "FILE", NULL, &ccache); + if (problem != 0) { + errtxt = krb5_get_error_message(krb_context, problem); + if (errtxt != NULL) { + logit("krb5_cc_new_unique(): %.100s", errtxt); + krb5_free_error_message(krb_context, errtxt); + } else + logit("krb5_cc_new_unique(): %d", problem); return; } #else @@ -149,15 +160,23 @@ if ((problem = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { - logit("krb5_parse_name(): %.100s", - krb5_get_err_text(krb_context, problem)); + errtxt = krb5_get_error_message(krb_context, problem); + if (errtxt != NULL) { + logit("krb5_parse_name(): %.100s", errtxt); + krb5_free_error_message(krb_context, errtxt); + } else + logit("krb5_parse_name(): %d", problem); krb5_cc_destroy(krb_context, ccache); return; } if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) { - logit("krb5_cc_initialize(): %.100s", - krb5_get_err_text(krb_context, problem)); + errtxt = krb5_get_error_message(krb_context, problem); + if (errtxt != NULL) { + logit("krb5_cc_initialize(): %.100s", errtxt); + krb5_free_error_message(krb_context, errtxt); + } else + logit("krb5_cc_initialize(): %d", problem); krb5_free_principal(krb_context, princ); krb5_cc_destroy(krb_context, ccache); return; Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.6 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.7 --- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.6 Mon Jan 3 18:55:41 2011 +++ src/crypto/external/bsd/openssh/dist/sshconnect2.c Sun Apr 24 14:01:46 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $ */ +/* $NetBSD: sshconnect2.c,v 1.7 2011/04/24 14:01:46 elric Exp $ */ /* $OpenBSD: sshconnect2.c,v 1.183 2010/04/26 22:28:24 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $"); +__RCSID("$NetBSD: sshconnect2.c,v 1.7 2011/04/24 14:01:46 elric Exp $"); #include <sys/types.h> #include <sys/socket.h> #include <sys/wait.h> @@ -1805,6 +1805,7 @@ krb5_ccache ccache = NULL; const char *remotehost; int ret; + const char *errtxt; memset(ap, 0, sizeof(*ap)); @@ -1830,8 +1831,14 @@ problem = krb5_cc_default(*context, &ccache); if (problem) { - debug("Kerberos v5: krb5_cc_default failed: %s", - krb5_get_err_text(*context, problem)); + errtxt = krb5_get_error_message(*context, problem); + if (errtxt != NULL) { + debug("Kerberos v5: krb5_cc_default failed: %s", + errtxt); + krb5_free_error_message(*context, errtxt); + } else + debug("Kerberos v5: krb5_cc_default failed: %d", + problem); ret = 0; goto out; } @@ -1841,8 +1848,12 @@ problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED, "host", remotehost, NULL, ccache, ap); if (problem) { - debug("Kerberos v5: krb5_mk_req failed: %s", - krb5_get_err_text(*context, problem)); + errtxt = krb5_get_error_message(*context, problem); + if (errtxt != NULL) { + debug("Kerberos v5: krb5_mk_req failed: %s", errtxt); + krb5_free_error_message(*context, errtxt); + } else + debug("Kerberos v5: krb5_mk_req failed: %d", problem); ret = 0; goto out; }