- markus@cvs.openbsd.org 2003/11/17 11:06:07

     [auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h sshconnect2.c ssh-gss.h]
     replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson;
     test + ok jakob.

1 files changed, 26 insertions, 1 deletions

diff --git a/gss-genr.c b/gss-genr.c
index bda12d6f1..6b7caad0e 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gss-genr.c,v 1.1 2003/08/22 10:56:09 markus Exp $	*/
+/*	$OpenBSD: gss-genr.c,v 1.2 2003/11/17 11:06:07 markus Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -33,9 +33,12 @@
 #include "compat.h"
 #include "log.h"
 #include "monitor_wrap.h"
+#include "ssh2.h"
 
 #include "ssh-gss.h"
 
+extern u_char *session_id2;
+extern u_int session_id2_len;
 
 /* Check that the OID in a data stream matches that in the context */
 int
@@ -245,6 +248,28 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx)
 }
 
 OM_uint32
+ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
+{
+	if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
+	    GSS_C_QOP_DEFAULT, buffer, hash)))
+		ssh_gssapi_error(ctx);
+	
+	return (ctx->major);
+}
+
+void
+ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, 
+    const char *context) 
+{	
+	buffer_init(b);
+	buffer_put_string(b, session_id2, session_id2_len);
+	buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST);
+	buffer_put_cstring(b, user);
+	buffer_put_cstring(b, service);
+	buffer_put_cstring(b, context);
+}
+
+OM_uint32
 ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) {
 	if (*ctx)
 		ssh_gssapi_delete_ctx(ctx);