Module Name: src
Committed By: elric
Date: Sun Apr 24 14:01:46 UTC 2011
Modified Files:
src/crypto/external/bsd/openssh/dist: auth-krb5.c gss-serv-krb5.c
sshconnect1.c sshconnect2.c
Log Message:
Stop using functions that are marked as deprecated in Heimdal.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/auth-krb5.c \
src/crypto/external/bsd/openssh/dist/sshconnect1.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/sshconnect2.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssh/dist/auth-krb5.c
diff -u src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.2 src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.3
--- src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.2 Sun Jun 7 22:38:46 2009
+++ src/crypto/external/bsd/openssh/dist/auth-krb5.c Sun Apr 24 14:01:46 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $ */
+/* $NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Kerberos v5 authentication and ticket-passing routines.
@@ -30,7 +30,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $");
+__RCSID("$NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <pwd.h>
#include <stdarg.h>
@@ -80,6 +80,7 @@
krb5_principal server;
krb5_ticket *ticket;
int fd, ret;
+ const char *errtxt;
ret = 0;
server = NULL;
@@ -143,10 +144,14 @@
}
if (problem) {
+ errtxt = NULL;
if (authctxt->krb5_ctx != NULL)
- debug("Kerberos v5 authentication failed: %s",
- krb5_get_err_text(authctxt->krb5_ctx, problem));
- else
+ errtxt = krb5_get_error_message(authctxt->krb5_ctx,
+ problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5 authentication failed: %s", errtxt);
+ krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+ } else
debug("Kerberos v5 authentication failed: %d",
problem);
}
@@ -160,13 +165,14 @@
krb5_error_code problem;
krb5_ccache ccache = NULL;
char *pname;
+ const char *errtxt;
if (authctxt->pw == NULL || authctxt->krb5_user == NULL)
return (0);
temporarily_use_uid(authctxt->pw);
- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache);
+ problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL, &ccache);
if (problem)
goto fail;
@@ -201,9 +207,14 @@
return (1);
fail:
- if (problem)
- debug("Kerberos v5 TGT passing failed: %s",
- krb5_get_err_text(authctxt->krb5_ctx, problem));
+ if (problem) {
+ errtxt = krb5_get_error_message(authctxt->krb5_ctx, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5 TGT passing failed: %s", errtxt);
+ krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+ } else
+ debug("Kerberos v5 TGT passing failed: %d", problem);
+ }
if (ccache)
krb5_cc_destroy(authctxt->krb5_ctx, ccache);
@@ -218,6 +229,7 @@
{
krb5_error_code problem;
krb5_ccache ccache = NULL;
+ const char *errtxt;
temporarily_use_uid(authctxt->pw);
@@ -230,7 +242,8 @@
if (problem)
goto out;
- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache);
+ problem = krb5_cc_new_unique(authctxt->krb5_ctx, "MEMORY", NULL,
+ &ccache);
if (problem)
goto out;
@@ -249,7 +262,7 @@
if (problem)
goto out;
- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
+ problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL,
&authctxt->krb5_fwd_ccache);
if (problem)
goto out;
@@ -271,10 +284,15 @@
if (ccache)
krb5_cc_destroy(authctxt->krb5_ctx, ccache);
+ errtxt = NULL;
if (authctxt->krb5_ctx != NULL)
+ errtxt = krb5_get_error_message(authctxt->krb5_ctx,
+ problem);
+ if (errtxt != NULL) {
debug("Kerberos password authentication failed: %s",
- krb5_get_err_text(authctxt->krb5_ctx, problem));
- else
+ errtxt);
+ krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+ } else
debug("Kerberos password authentication failed: %d",
problem);
Index: src/crypto/external/bsd/openssh/dist/sshconnect1.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.2 src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.3
--- src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.2 Sun Jun 7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/sshconnect1.c Sun Apr 24 14:01:46 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $ */
+/* $NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
/*
* Author: Tatu Ylonen <y...@cs.hut.fi>
@@ -15,7 +15,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $");
+__RCSID("$NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
@@ -466,6 +466,7 @@
int type;
krb5_ap_rep_enc_part *reply = NULL;
int ret;
+ const char *errtxt;
memset(&ap, 0, sizeof(ap));
@@ -488,8 +489,14 @@
problem = krb5_cc_default(*context, &ccache);
if (problem) {
- debug("Kerberos v5: krb5_cc_default failed: %s",
- krb5_get_err_text(*context, problem));
+ errtxt = krb5_get_error_message(*context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5: krb5_cc_default failed: %s",
+ errtxt);
+ krb5_free_error_message(*context, errtxt);
+ } else
+ debug("Kerberos v5: krb5_cc_default failed: %d",
+ problem);
ret = 0;
goto out;
}
@@ -499,8 +506,12 @@
problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED,
"host", remotehost, NULL, ccache, &ap);
if (problem) {
- debug("Kerberos v5: krb5_mk_req failed: %s",
- krb5_get_err_text(*context, problem));
+ errtxt = krb5_get_error_message(*context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5: krb5_mk_req failed: %s", errtxt);
+ krb5_free_error_message(*context, errtxt);
+ } else
+ debug("Kerberos v5: krb5_mk_req failed: %d", problem);
ret = 0;
goto out;
}
@@ -566,6 +577,7 @@
krb5_creds creds;
krb5_kdc_flags flags;
const char *remotehost;
+ const char *errtxt;
memset(&creds, 0, sizeof(creds));
memset(&outbuf, 0, sizeof(outbuf));
@@ -623,9 +635,14 @@
return;
out:
- if (problem)
- debug("Kerberos v5 TGT forwarding failed: %s",
- krb5_get_err_text(context, problem));
+ if (problem) {
+ errtxt = krb5_get_error_message(context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5 TGT forwarding failed: %s", errtxt);
+ krb5_free_error_message(context, errtxt);
+ } else
+ debug("Kerberos v5 TGT forwarding failed: %d", problem);
+ }
if (creds.client)
krb5_free_principal(context, creds.client);
if (creds.server)
Index: src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
diff -u src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.3 src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.4
--- src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.3 Fri Apr 15 14:51:22 2011
+++ src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c Sun Apr 24 14:01:46 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $ */
+/* $NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
/*
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $");
+__RCSID("$NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $");
#ifdef GSSAPI
#ifdef KRB5
@@ -91,14 +91,19 @@
{
krb5_principal princ;
int retval;
+ const char *errtxt;
if (ssh_gssapi_krb5_init() == 0)
return 0;
if ((retval = krb5_parse_name(krb_context, client->exportedname.value,
&princ))) {
- logit("krb5_parse_name(): %.100s",
- krb5_get_err_text(krb_context, retval));
+ errtxt = krb5_get_error_message(krb_context, retval);
+ if (errtxt) {
+ logit("krb5_parse_name(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_parse_name(): %d", retval);
return 0;
}
if (krb5_kuserok(krb_context, princ, name)) {
@@ -124,6 +129,7 @@
krb5_principal princ;
OM_uint32 maj_status, min_status;
int len;
+ const char *errtxt;
if (client->creds == NULL) {
debug("No credentials stored");
@@ -134,9 +140,14 @@
return;
#ifdef HEIMDAL
- if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
- logit("krb5_cc_gen_new(): %.100s",
- krb5_get_err_text(krb_context, problem));
+ problem = krb5_cc_new_unique(krb_context, "FILE", NULL, &ccache);
+ if (problem != 0) {
+ errtxt = krb5_get_error_message(krb_context, problem);
+ if (errtxt != NULL) {
+ logit("krb5_cc_new_unique(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_cc_new_unique(): %d", problem);
return;
}
#else
@@ -149,15 +160,23 @@
if ((problem = krb5_parse_name(krb_context,
client->exportedname.value, &princ))) {
- logit("krb5_parse_name(): %.100s",
- krb5_get_err_text(krb_context, problem));
+ errtxt = krb5_get_error_message(krb_context, problem);
+ if (errtxt != NULL) {
+ logit("krb5_parse_name(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_parse_name(): %d", problem);
krb5_cc_destroy(krb_context, ccache);
return;
}
if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) {
- logit("krb5_cc_initialize(): %.100s",
- krb5_get_err_text(krb_context, problem));
+ errtxt = krb5_get_error_message(krb_context, problem);
+ if (errtxt != NULL) {
+ logit("krb5_cc_initialize(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_cc_initialize(): %d", problem);
krb5_free_principal(krb_context, princ);
krb5_cc_destroy(krb_context, ccache);
return;
Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.6 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.7
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.6 Mon Jan 3 18:55:41 2011
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c Sun Apr 24 14:01:46 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $ */
+/* $NetBSD: sshconnect2.c,v 1.7 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.183 2010/04/26 22:28:24 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.7 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
@@ -1805,6 +1805,7 @@
krb5_ccache ccache = NULL;
const char *remotehost;
int ret;
+ const char *errtxt;
memset(ap, 0, sizeof(*ap));
@@ -1830,8 +1831,14 @@
problem = krb5_cc_default(*context, &ccache);
if (problem) {
- debug("Kerberos v5: krb5_cc_default failed: %s",
- krb5_get_err_text(*context, problem));
+ errtxt = krb5_get_error_message(*context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5: krb5_cc_default failed: %s",
+ errtxt);
+ krb5_free_error_message(*context, errtxt);
+ } else
+ debug("Kerberos v5: krb5_cc_default failed: %d",
+ problem);
ret = 0;
goto out;
}
@@ -1841,8 +1848,12 @@
problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED,
"host", remotehost, NULL, ccache, ap);
if (problem) {
- debug("Kerberos v5: krb5_mk_req failed: %s",
- krb5_get_err_text(*context, problem));
+ errtxt = krb5_get_error_message(*context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5: krb5_mk_req failed: %s", errtxt);
+ krb5_free_error_message(*context, errtxt);
+ } else
+ debug("Kerberos v5: krb5_mk_req failed: %d", problem);
ret = 0;
goto out;
}
