Apple-2gs-SW
/
telnetd
mirror of https://github.com/sheumann/telnetd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Unbreak Kerberos 5 authentication in telnet. 

(Credential forwarding is still broken.)

PR:	bin/45397


git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@111946 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
This commit is contained in:
nectar 2003-03-06 13:41:53 +00:00
parent a6a592c797
commit a948d8a850
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
libtelnet/kerberos5.c
View File

@ -192,6 +192,7 @@ kerberos5_send(const char *name, Authenticator *ap)
ap_opts = AP_OPTS_MUTUAL_REQUIRED;
else
ap_opts = 0;
ap_opts |= AP_OPTS_USE_SUBKEY;
ret = krb5_auth_con_init (context, &auth_context);
if (ret) {
@ -409,6 +410,29 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
return;
}
if (key_block == NULL) {
ret = krb5_auth_con_getkey(context,
auth_context,
&key_block);
}
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_getkey failed", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("Kerberos V5: "
"krb5_auth_con_getkey failed (%s)\r\n",
krb5_get_err_text(context, ret));
return;
}
if (key_block == NULL) {
Data(ap, KRB_REJECT, "no subkey received", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("Kerberos V5: "
"krb5_auth_con_getremotesubkey returned NULL key\r\n");
return;
}
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
ret = krb5_mk_rep(context, auth_context, &outbuf);
if (ret) {