nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-06-30 19:12:48 -05:00
Code Issues Projects Releases Wiki Activity

Cleanups of the GSSAPI support. On Windows, standard GSS libraries

Browse Source 
are now loaded from standard locations (system32 for SSPI, the
registry-stored MIT KfW install location for KfW) rather than using
the risky default DLL search path; I've therefore also added an
option to manually specify a GSS DLL we haven't heard of (which
should in principle Just Work provided it supports proper GSS-API as
specified in the RFC). The same option exists on Unix too, because
it seemed like too useful an idea to reserve to Windows. In
addition, GSSAPI is now documented, and also (unfortunately) its GUI
configuration has been moved out into a sub-subpanel on the grounds
that it was too big to fit in Auth.

[originally from svn r9003]
This commit is contained in:
Simon Tatham
2010-09-25 07:16:56 +00:00
parent 010f8c42c5
commit 406e62f77b
12 changed files with 350 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
ssh.c
View File

@ -941,6 +941,13 @@ struct ssh_tag {
* Fully qualified host name, which we need if doing GSSAPI.
*/
char *fullhostname;
#ifndef NO_GSSAPI
/*
* GSSAPI libraries for this session.
*/
struct ssh_gss_liblist *gsslibs;
#endif
};
#define logevent(s) logevent(ssh->frontend, s)
@ -7645,11 +7652,12 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
in_commasep_string("password", methods, methlen);
s->can_keyb_inter = ssh->cfg.try_ki_auth &&
in_commasep_string("keyboard-interactive", methods, methlen);
#ifndef NO_GSSAPI
ssh_gss_init();
#ifndef NO_GSSAPI
if (!ssh->gsslibs)
ssh->gsslibs = ssh_gss_setup(&ssh->cfg);
s->can_gssapi = ssh->cfg.try_gssapi_auth &&
in_commasep_string("gssapi-with-mic", methods, methlen) &&
n_ssh_gss_libraries > 0;
ssh->gsslibs->nlibraries > 0;
#endif
}
@ -8001,9 +8009,9 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
s->gsslib = NULL;
for (i = 0; i < ngsslibs; i++) {
int want_id = ssh->cfg.ssh_gsslist[i];
for (j = 0; j < n_ssh_gss_libraries; j++)
if (ssh_gss_libraries[j].id == want_id) {
s->gsslib = &ssh_gss_libraries[j];
for (j = 0; j < ssh->gsslibs->nlibraries; j++)
if (ssh->gsslibs->libraries[j].id == want_id) {
s->gsslib = &ssh->gsslibs->libraries[j];
goto got_gsslib; /* double break */
}
}
@ -9283,6 +9291,10 @@ static const char *ssh_init(void *frontend_handle, void **backend_handle,
ssh->max_data_size = parse_blocksize(ssh->cfg.ssh_rekey_data);
ssh->kex_in_progress = FALSE;
#ifndef NO_GSSAPI
ssh->gsslibs = NULL;
#endif
p = connect_to_host(ssh, host, port, realhost, nodelay, keepalive);
if (p != NULL)
return p;
@ -9379,6 +9391,10 @@ static void ssh_free(void *handle)
if (ssh->pinger)
pinger_free(ssh->pinger);
bufchain_clear(&ssh->queued_incoming_data);
#ifndef NO_GSSAPI
if (ssh->gsslibs)
ssh_gss_cleanup(ssh->gsslibs);
#endif
sfree(ssh);
random_unref();