| |
@@ -160,7 +160,7 @@
|
| |
+ * The 'gssapi_keyex' userauth mechanism.
|
| |
+ */
|
| |
+static int
|
| |
- +userauth_gsskeyex(struct ssh *ssh)
|
| |
+ +userauth_gsskeyex(struct ssh *ssh, const char *method)
|
| |
+{
|
| |
+ Authctxt *authctxt = ssh->authctxt;
|
| |
+ int r, authenticated = 0;
|
| |
@@ -221,19 +221,20 @@
|
| |
else
|
| |
logit("GSSAPI MIC check failed");
|
| |
|
| |
- @@ -326,6 +370,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
|
| |
+ @@ -326,6 +370,13 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
|
| |
return 0;
|
| |
}
|
| |
|
| |
+Authmethod method_gsskeyex = {
|
| |
+ "gssapi-keyex",
|
| |
+ + NULL,
|
| |
+ userauth_gsskeyex,
|
| |
+ &options.gss_authentication
|
| |
+};
|
| |
+
|
| |
Authmethod method_gssapi = {
|
| |
"gssapi-with-mic",
|
| |
- NULL,
|
| |
+ NULL,
|
| |
diff --git a/auth2.c b/auth2.c
|
| |
index 0e776224..1c217268 100644
|
| |
--- a/auth2.c
|
| |
@@ -400,8 +401,8 @@
|
| |
+#endif
|
| |
+
|
| |
/* Buffer input from the connection. */
|
| |
- if (conn_in_ready)
|
| |
- client_process_net_input(ssh);
|
| |
+ if (conn_in_ready)
|
| |
+ client_process_net_input(ssh);
|
| |
diff --git a/configure.ac b/configure.ac
|
| |
index b689db4b..efafb6bd 100644
|
| |
--- a/configure.ac
|
| |
@@ -1368,8 +1369,8 @@
|
| |
+#ifdef GSSAPI
|
| |
+ free(kex->gss_host);
|
| |
+#endif /* GSSAPI */
|
| |
- sshbuf_free(kex->initial_sig);
|
| |
- sshkey_free(kex->initial_hostkey);
|
| |
+ sshbuf_free(kex->initial_sig);
|
| |
+ sshkey_free(kex->initial_hostkey);
|
| |
free(kex->failed_choice);
|
| |
diff --git a/kex.h b/kex.h
|
| |
index a5ae6ac0..fe714141 100644
|
| |
@@ -3584,7 +3585,7 @@
|
| |
+# endif
|
| |
+#endif /* WITH_OPENSSL */
|
| |
ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client;
|
| |
- ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client;
|
| |
+ ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client;
|
| |
ssh->kex->verify_host_key=&verify_host_key_callback;
|
| |
|
| |
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
|
| |
userauth_gsskeyex must have the same argument as userauth_gssapi
method_gsskeyex must have the same members as method_gssapi