Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh/dist Stop using functions that a...
details: https://anonhg.NetBSD.org/src/rev/db93d96ce733
branches: trunk
changeset: 764455:db93d96ce733
user: elric <elric%NetBSD.org@localhost>
date: Sun Apr 24 14:01:46 2011 +0000
description:
Stop using functions that are marked as deprecated in Heimdal.
diffstat:
crypto/external/bsd/openssh/dist/auth-krb5.c | 44 ++++++++++++++++-------
crypto/external/bsd/openssh/dist/gss-serv-krb5.c | 41 ++++++++++++++++------
crypto/external/bsd/openssh/dist/sshconnect1.c | 35 ++++++++++++++----
crypto/external/bsd/openssh/dist/sshconnect2.c | 23 +++++++++---
4 files changed, 104 insertions(+), 39 deletions(-)
diffs (truncated from 359 to 300 lines):
diff -r 943fd7fcb4ca -r db93d96ce733 crypto/external/bsd/openssh/dist/auth-krb5.c
--- a/crypto/external/bsd/openssh/dist/auth-krb5.c Sun Apr 24 11:32:36 2011 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-krb5.c Sun Apr 24 14:01:46 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $ */
+/* $NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Kerberos v5 authentication and ticket-passing routines.
@@ -30,7 +30,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $");
+__RCSID("$NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <pwd.h>
#include <stdarg.h>
@@ -80,6 +80,7 @@
krb5_principal server;
krb5_ticket *ticket;
int fd, ret;
+ const char *errtxt;
ret = 0;
server = NULL;
@@ -143,10 +144,14 @@
}
if (problem) {
+ errtxt = NULL;
if (authctxt->krb5_ctx != NULL)
- debug("Kerberos v5 authentication failed: %s",
- krb5_get_err_text(authctxt->krb5_ctx, problem));
- else
+ errtxt = krb5_get_error_message(authctxt->krb5_ctx,
+ problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5 authentication failed: %s", errtxt);
+ krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+ } else
debug("Kerberos v5 authentication failed: %d",
problem);
}
@@ -160,13 +165,14 @@
krb5_error_code problem;
krb5_ccache ccache = NULL;
char *pname;
+ const char *errtxt;
if (authctxt->pw == NULL || authctxt->krb5_user == NULL)
return (0);
temporarily_use_uid(authctxt->pw);
- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache);
+ problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL, &ccache);
if (problem)
goto fail;
@@ -201,9 +207,14 @@
return (1);
fail:
- if (problem)
- debug("Kerberos v5 TGT passing failed: %s",
- krb5_get_err_text(authctxt->krb5_ctx, problem));
+ if (problem) {
+ errtxt = krb5_get_error_message(authctxt->krb5_ctx, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5 TGT passing failed: %s", errtxt);
+ krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+ } else
+ debug("Kerberos v5 TGT passing failed: %d", problem);
+ }
if (ccache)
krb5_cc_destroy(authctxt->krb5_ctx, ccache);
@@ -218,6 +229,7 @@
{
krb5_error_code problem;
krb5_ccache ccache = NULL;
+ const char *errtxt;
temporarily_use_uid(authctxt->pw);
@@ -230,7 +242,8 @@
if (problem)
goto out;
- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache);
+ problem = krb5_cc_new_unique(authctxt->krb5_ctx, "MEMORY", NULL,
+ &ccache);
if (problem)
goto out;
@@ -249,7 +262,7 @@
if (problem)
goto out;
- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
+ problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL,
&authctxt->krb5_fwd_ccache);
if (problem)
goto out;
@@ -271,10 +284,15 @@
if (ccache)
krb5_cc_destroy(authctxt->krb5_ctx, ccache);
+ errtxt = NULL;
if (authctxt->krb5_ctx != NULL)
+ errtxt = krb5_get_error_message(authctxt->krb5_ctx,
+ problem);
+ if (errtxt != NULL) {
debug("Kerberos password authentication failed: %s",
- krb5_get_err_text(authctxt->krb5_ctx, problem));
- else
+ errtxt);
+ krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+ } else
debug("Kerberos password authentication failed: %d",
problem);
diff -r 943fd7fcb4ca -r db93d96ce733 crypto/external/bsd/openssh/dist/gss-serv-krb5.c
--- a/crypto/external/bsd/openssh/dist/gss-serv-krb5.c Sun Apr 24 11:32:36 2011 +0000
+++ b/crypto/external/bsd/openssh/dist/gss-serv-krb5.c Sun Apr 24 14:01:46 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $ */
+/* $NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
/*
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $");
+__RCSID("$NetBSD: gss-serv-krb5.c,v 1.4 2011/04/24 14:01:46 elric Exp $");
#ifdef GSSAPI
#ifdef KRB5
@@ -91,14 +91,19 @@
{
krb5_principal princ;
int retval;
+ const char *errtxt;
if (ssh_gssapi_krb5_init() == 0)
return 0;
if ((retval = krb5_parse_name(krb_context, client->exportedname.value,
&princ))) {
- logit("krb5_parse_name(): %.100s",
- krb5_get_err_text(krb_context, retval));
+ errtxt = krb5_get_error_message(krb_context, retval);
+ if (errtxt) {
+ logit("krb5_parse_name(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_parse_name(): %d", retval);
return 0;
}
if (krb5_kuserok(krb_context, princ, name)) {
@@ -124,6 +129,7 @@
krb5_principal princ;
OM_uint32 maj_status, min_status;
int len;
+ const char *errtxt;
if (client->creds == NULL) {
debug("No credentials stored");
@@ -134,9 +140,14 @@
return;
#ifdef HEIMDAL
- if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
- logit("krb5_cc_gen_new(): %.100s",
- krb5_get_err_text(krb_context, problem));
+ problem = krb5_cc_new_unique(krb_context, "FILE", NULL, &ccache);
+ if (problem != 0) {
+ errtxt = krb5_get_error_message(krb_context, problem);
+ if (errtxt != NULL) {
+ logit("krb5_cc_new_unique(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_cc_new_unique(): %d", problem);
return;
}
#else
@@ -149,15 +160,23 @@
if ((problem = krb5_parse_name(krb_context,
client->exportedname.value, &princ))) {
- logit("krb5_parse_name(): %.100s",
- krb5_get_err_text(krb_context, problem));
+ errtxt = krb5_get_error_message(krb_context, problem);
+ if (errtxt != NULL) {
+ logit("krb5_parse_name(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_parse_name(): %d", problem);
krb5_cc_destroy(krb_context, ccache);
return;
}
if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) {
- logit("krb5_cc_initialize(): %.100s",
- krb5_get_err_text(krb_context, problem));
+ errtxt = krb5_get_error_message(krb_context, problem);
+ if (errtxt != NULL) {
+ logit("krb5_cc_initialize(): %.100s", errtxt);
+ krb5_free_error_message(krb_context, errtxt);
+ } else
+ logit("krb5_cc_initialize(): %d", problem);
krb5_free_principal(krb_context, princ);
krb5_cc_destroy(krb_context, ccache);
return;
diff -r 943fd7fcb4ca -r db93d96ce733 crypto/external/bsd/openssh/dist/sshconnect1.c
--- a/crypto/external/bsd/openssh/dist/sshconnect1.c Sun Apr 24 11:32:36 2011 +0000
+++ b/crypto/external/bsd/openssh/dist/sshconnect1.c Sun Apr 24 14:01:46 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $ */
+/* $NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $ */
/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -15,7 +15,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $");
+__RCSID("$NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
@@ -466,6 +466,7 @@
int type;
krb5_ap_rep_enc_part *reply = NULL;
int ret;
+ const char *errtxt;
memset(&ap, 0, sizeof(ap));
@@ -488,8 +489,14 @@
problem = krb5_cc_default(*context, &ccache);
if (problem) {
- debug("Kerberos v5: krb5_cc_default failed: %s",
- krb5_get_err_text(*context, problem));
+ errtxt = krb5_get_error_message(*context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5: krb5_cc_default failed: %s",
+ errtxt);
+ krb5_free_error_message(*context, errtxt);
+ } else
+ debug("Kerberos v5: krb5_cc_default failed: %d",
+ problem);
ret = 0;
goto out;
}
@@ -499,8 +506,12 @@
problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED,
"host", remotehost, NULL, ccache, &ap);
if (problem) {
- debug("Kerberos v5: krb5_mk_req failed: %s",
- krb5_get_err_text(*context, problem));
+ errtxt = krb5_get_error_message(*context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5: krb5_mk_req failed: %s", errtxt);
+ krb5_free_error_message(*context, errtxt);
+ } else
+ debug("Kerberos v5: krb5_mk_req failed: %d", problem);
ret = 0;
goto out;
}
@@ -566,6 +577,7 @@
krb5_creds creds;
krb5_kdc_flags flags;
const char *remotehost;
+ const char *errtxt;
memset(&creds, 0, sizeof(creds));
memset(&outbuf, 0, sizeof(outbuf));
@@ -623,9 +635,14 @@
return;
out:
- if (problem)
- debug("Kerberos v5 TGT forwarding failed: %s",
- krb5_get_err_text(context, problem));
+ if (problem) {
+ errtxt = krb5_get_error_message(context, problem);
+ if (errtxt != NULL) {
+ debug("Kerberos v5 TGT forwarding failed: %s", errtxt);
+ krb5_free_error_message(context, errtxt);
+ } else
+ debug("Kerberos v5 TGT forwarding failed: %d", problem);
+ }
if (creds.client)
krb5_free_principal(context, creds.client);
Home |
Main Index |
Thread Index |
Old Index