vishalmishra434 / rpms / openssh

Forked from rpms/openssh a month ago
Clone
Petr Lautrbach d9e618
diff -up openssh-5.9p1/auth-krb5.c.gsskex openssh-5.9p1/auth-krb5.c
Petr Lautrbach d9e618
--- openssh-5.9p1/auth-krb5.c.gsskex	2009-12-21 00:49:22.000000000 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/auth-krb5.c	2012-02-06 17:38:19.166867405 +0100
Jan F. Chadima 69dd72
@@ -170,8 +170,13 @@ auth_krb5_password(Authctxt *authctxt, c
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	len = strlen(authctxt->krb5_ticket_file) + 6;
Jan F. Chadima 69dd72
 	authctxt->krb5_ccname = xmalloc(len);
Jan F. Chadima 69dd72
+#ifdef USE_CCAPI
Jan F. Chadima 69dd72
+	snprintf(authctxt->krb5_ccname, len, "API:%s",
Jan F. Chadima 69dd72
+	    authctxt->krb5_ticket_file);
Jan F. Chadima 69dd72
+#else
Jan F. Chadima 69dd72
 	snprintf(authctxt->krb5_ccname, len, "FILE:%s",
Jan F. Chadima 69dd72
 	    authctxt->krb5_ticket_file);
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #ifdef USE_PAM
Jan F. Chadima 69dd72
 	if (options.use_pam)
Jan F. Chadima 69dd72
@@ -226,15 +231,22 @@ krb5_cleanup_proc(Authctxt *authctxt)
Jan F. Chadima 69dd72
 #ifndef HEIMDAL
Jan F. Chadima 69dd72
 krb5_error_code
Jan F. Chadima 69dd72
 ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) {
Jan F. Chadima 69dd72
-	int tmpfd, ret;
Jan F. Chadima 69dd72
+	int ret;
Jan F. Chadima 69dd72
 	char ccname[40];
Jan F. Chadima 69dd72
 	mode_t old_umask;
Jan F. Chadima 69dd72
+#ifdef USE_CCAPI
Jan F. Chadima 69dd72
+	char cctemplate[] = "API:krb5cc_%d";
Jan F. Chadima 69dd72
+#else
Jan F. Chadima 69dd72
+	char cctemplate[] = "FILE:/tmp/krb5cc_%d_XXXXXXXXXX";
Jan F. Chadima 69dd72
+	int tmpfd;
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	ret = snprintf(ccname, sizeof(ccname),
Jan F. Chadima 69dd72
-	    "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid());
Jan F. Chadima 69dd72
+	    cctemplate, geteuid());
Jan F. Chadima 69dd72
 	if (ret < 0 || (size_t)ret >= sizeof(ccname))
Jan F. Chadima 69dd72
 		return ENOMEM;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifndef USE_CCAPI
Jan F. Chadima 69dd72
 	old_umask = umask(0177);
Jan F. Chadima 69dd72
 	tmpfd = mkstemp(ccname + strlen("FILE:"));
Jan F. Chadima 69dd72
 	umask(old_umask);
Jan F. Chadima 69dd72
@@ -249,6 +261,7 @@ ssh_krb5_cc_gen(krb5_context ctx, krb5_c
Jan F. Chadima 69dd72
 		return errno;
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 	close(tmpfd);
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	return (krb5_cc_resolve(ctx, ccname, ccache));
Jan F. Chadima 69dd72
 }
Petr Lautrbach d9e618
diff -up openssh-5.9p1/auth2.c.gsskex openssh-5.9p1/auth2.c
Petr Lautrbach d9e618
--- openssh-5.9p1/auth2.c.gsskex	2012-02-06 17:38:19.046907913 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/auth2.c	2012-02-06 17:38:19.169220866 +0100
Petr Lautrbach d9e618
@@ -69,6 +69,7 @@ extern Authmethod method_passwd;
Petr Lautrbach d9e618
 extern Authmethod method_kbdint;
Petr Lautrbach d9e618
 extern Authmethod method_hostbased;
Petr Lautrbach d9e618
 #ifdef GSSAPI
Petr Lautrbach d9e618
+extern Authmethod method_gsskeyex;
Petr Lautrbach d9e618
 extern Authmethod method_gssapi;
Petr Lautrbach d9e618
 #endif
Petr Lautrbach d9e618
 #ifdef JPAKE
Petr Lautrbach d9e618
@@ -79,6 +80,7 @@ Authmethod *authmethods[] = {
Petr Lautrbach d9e618
 	&method_none,
Petr Lautrbach d9e618
 	&method_pubkey,
Petr Lautrbach d9e618
 #ifdef GSSAPI
Petr Lautrbach d9e618
+	&method_gsskeyex,
Petr Lautrbach d9e618
 	&method_gssapi,
Petr Lautrbach d9e618
 #endif
Petr Lautrbach d9e618
 #ifdef JPAKE
Petr Lautrbach d9e618
diff -up openssh-5.9p1/auth2-gss.c.gsskex openssh-5.9p1/auth2-gss.c
Petr Lautrbach d9e618
--- openssh-5.9p1/auth2-gss.c.gsskex	2012-02-06 17:38:19.046907913 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/auth2-gss.c	2012-02-06 17:41:33.656381846 +0100
Jan F. Chadima 69dd72
@@ -52,6 +52,40 @@ static void input_gssapi_mic(int type, u
Jan F. Chadima 69dd72
 static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
Jan F. Chadima 69dd72
 static void input_gssapi_errtok(int, u_int32_t, void *);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+/* 
Jan F. Chadima 69dd72
+ * The 'gssapi_keyex' userauth mechanism.
Jan F. Chadima 69dd72
+ */
Jan F. Chadima 69dd72
+static int
Jan F. Chadima 69dd72
+userauth_gsskeyex(Authctxt *authctxt)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	int authenticated = 0;
Jan F. Chadima 69dd72
+	Buffer b;
Jan F. Chadima 69dd72
+	gss_buffer_desc mic, gssbuf;
Jan F. Chadima 69dd72
+	u_int len;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	mic.value = packet_get_string(&len;;
Jan F. Chadima 69dd72
+	mic.length = len;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	packet_check_eom();
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
Jan F. Chadima 69dd72
+	    "gssapi-keyex");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gssbuf.value = buffer_ptr(&b);
Jan F. Chadima 69dd72
+	gssbuf.length = buffer_len(&b);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* gss_kex_context is NULL with privsep, so we can't check it here */
Jan F. Chadima 69dd72
+	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
Jan F. Chadima 69dd72
+	    &gssbuf, &mic))))
Jan F. Chadima 69dd72
+		authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
Jan F. Chadima 69dd72
+		    authctxt->pw));
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	buffer_free(&b);
Jan F. Chadima 69dd72
+	xfree(mic.value);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return (authenticated);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 /*
Jan F. Chadima 69dd72
  * We only support those mechanisms that we know about (ie ones that we know
Jan F. Chadima 69dd72
  * how to check local user kuserok and the like)
Jan F. Chadima 69dd72
@@ -244,7 +278,8 @@ input_gssapi_exchange_complete(int type,
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	packet_check_eom();
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
Jan F. Chadima 69dd72
+	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
Jan F. Chadima 69dd72
+	    authctxt->pw));
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	authctxt->postponed = 0;
Jan F. Chadima 69dd72
 	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
Jan F. Chadima 69dd72
@@ -286,7 +321,8 @@ input_gssapi_mic(int type, u_int32_t ple
Jan F. Chadima 69dd72
 	gssbuf.length = buffer_len(&b);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
Jan F. Chadima 69dd72
-		authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
Jan F. Chadima 69dd72
+		authenticated = 
Jan F. Chadima 69dd72
+		    PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
Jan F. Chadima 69dd72
 	else
Jan F. Chadima 69dd72
 		logit("GSSAPI MIC check failed");
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
@@ -303,6 +339,12 @@ input_gssapi_mic(int type, u_int32_t ple
Petr Lautrbach d9e618
 	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+Authmethod method_gsskeyex = {
Jan F. Chadima 69dd72
+	"gssapi-keyex",
Jan F. Chadima 69dd72
+	userauth_gsskeyex,
Jan F. Chadima 69dd72
+	&options.gss_authentication
Jan F. Chadima 69dd72
+};
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 Authmethod method_gssapi = {
Jan F. Chadima 69dd72
 	"gssapi-with-mic",
Jan F. Chadima 69dd72
 	userauth_gssapi,
Petr Lautrbach d9e618
diff -up openssh-5.9p1/clientloop.c.gsskex openssh-5.9p1/clientloop.c
Petr Lautrbach d9e618
--- openssh-5.9p1/clientloop.c.gsskex	2012-02-06 17:38:18.919095717 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/clientloop.c	2012-02-06 17:38:19.170220176 +0100
Jan F. Chadima 69dd72
@@ -111,6 +111,10 @@
Jan F. Chadima 69dd72
 #include "msg.h"
Jan F. Chadima 69dd72
 #include "roaming.h"
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+#include "ssh-gss.h"
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 /* import options */
Jan F. Chadima 69dd72
 extern Options options;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
@@ -1508,6 +1512,15 @@ client_loop(int have_pty, int escape_cha
Jan F. Chadima 69dd72
 		/* Do channel operations unless rekeying in progress. */
Jan F. Chadima 69dd72
 		if (!rekeying) {
Jan F. Chadima 69dd72
 			channel_after_select(readset, writeset);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+			if (options.gss_renewal_rekey &&
Jan F. Chadima 69dd72
+			    ssh_gssapi_credentials_updated(GSS_C_NO_CONTEXT)) {
Jan F. Chadima 69dd72
+				debug("credentials updated - forcing rekey");
Jan F. Chadima 69dd72
+				need_rekeying = 1;
Jan F. Chadima 69dd72
+			}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 			if (need_rekeying || packet_need_rekeying()) {
Jan F. Chadima 69dd72
 				debug("need rekeying");
Jan F. Chadima 69dd72
 				xxx_kex->done = 0;
Petr Lautrbach d9e618
diff -up openssh-5.9p1/configure.ac.gsskex openssh-5.9p1/configure.ac
Petr Lautrbach d9e618
--- openssh-5.9p1/configure.ac.gsskex	2012-02-06 17:38:19.151008987 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/configure.ac	2012-02-06 17:38:19.171220137 +0100
Jan F. Chadima 69dd72
@@ -515,6 +515,30 @@ main() { if (NSVersionOfRunTimeLibrary("
Jan F. Chadima 69dd72
 	    [Use tunnel device compatibility to OpenBSD])
Jan F. Chadima 69dd72
 	AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
Jan F. Chadima 69dd72
 	    [Prepend the address family to IP tunnel traffic])
Jan F. Chadima 69dd72
+	AC_MSG_CHECKING(if we have the Security Authorization Session API)
Jan F. Chadima 69dd72
+	AC_TRY_COMPILE([#include <Security/AuthSession.h>],
Jan F. Chadima 69dd72
+		[SessionCreate(0, 0);],
Jan F. Chadima 69dd72
+		[ac_cv_use_security_session_api="yes"
Jan F. Chadima 69dd72
+		 AC_DEFINE(USE_SECURITY_SESSION_API, 1, 
Jan F. Chadima 69dd72
+			[platform has the Security Authorization Session API])
Jan F. Chadima 69dd72
+		 LIBS="$LIBS -framework Security"
Jan F. Chadima 69dd72
+		 AC_MSG_RESULT(yes)],
Jan F. Chadima 69dd72
+		[ac_cv_use_security_session_api="no"
Jan F. Chadima 69dd72
+		 AC_MSG_RESULT(no)])
Jan F. Chadima 69dd72
+	AC_MSG_CHECKING(if we have an in-memory credentials cache)
Jan F. Chadima 69dd72
+	AC_TRY_COMPILE(
Jan F. Chadima 69dd72
+		[#include <Kerberos/Kerberos.h>],
Jan F. Chadima 69dd72
+		[cc_context_t c;
Jan F. Chadima 69dd72
+		 (void) cc_initialize (&c, 0, NULL, NULL);],
Jan F. Chadima 69dd72
+		[AC_DEFINE(USE_CCAPI, 1, 
Jan F. Chadima 69dd72
+			[platform uses an in-memory credentials cache])
Jan F. Chadima 69dd72
+		 LIBS="$LIBS -framework Security"
Jan F. Chadima 69dd72
+		 AC_MSG_RESULT(yes)
Jan F. Chadima 69dd72
+		 if test "x$ac_cv_use_security_session_api" = "xno"; then
Jan F. Chadima 69dd72
+			AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
Jan F. Chadima 69dd72
+		fi],
Jan F. Chadima 69dd72
+		[AC_MSG_RESULT(no)]
Jan F. Chadima 69dd72
+	)
Jan F. Chadima 69dd72
 	m4_pattern_allow([AU_IPv])
Jan F. Chadima 69dd72
 	AC_CHECK_DECL([AU_IPv4], [], 
Jan F. Chadima 69dd72
 	    AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records])
Petr Lautrbach d9e618
diff -up openssh-5.9p1/gss-genr.c.gsskex openssh-5.9p1/gss-genr.c
Petr Lautrbach d9e618
--- openssh-5.9p1/gss-genr.c.gsskex	2009-06-22 08:11:07.000000000 +0200
Petr Lautrbach d9e618
+++ openssh-5.9p1/gss-genr.c	2012-02-06 17:38:19.172078790 +0100
Jan F. Chadima 69dd72
@@ -1,7 +1,7 @@
Jan F. Chadima 69dd72
 /* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 /*
Jan F. Chadima 69dd72
- * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
Jan F. Chadima 69dd72
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
Jan F. Chadima 69dd72
  *
Jan F. Chadima 69dd72
  * Redistribution and use in source and binary forms, with or without
Jan F. Chadima 69dd72
  * modification, are permitted provided that the following conditions
Jan F. Chadima 69dd72
@@ -39,12 +39,167 @@
Jan F. Chadima 69dd72
 #include "buffer.h"
Jan F. Chadima 69dd72
 #include "log.h"
Jan F. Chadima 69dd72
 #include "ssh2.h"
Jan F. Chadima 69dd72
+#include "cipher.h"
Jan F. Chadima 69dd72
+#include "key.h"
Jan F. Chadima 69dd72
+#include "kex.h"
Jan F. Chadima 69dd72
+#include <openssl/evp.h>
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #include "ssh-gss.h"
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 extern u_char *session_id2;
Jan F. Chadima 69dd72
 extern u_int session_id2_len;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+typedef struct {
Jan F. Chadima 69dd72
+	char *encoded;
Jan F. Chadima 69dd72
+	gss_OID oid;
Jan F. Chadima 69dd72
+} ssh_gss_kex_mapping;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+/*
Jan F. Chadima 69dd72
+ * XXX - It would be nice to find a more elegant way of handling the
Jan F. Chadima 69dd72
+ * XXX   passing of the key exchange context to the userauth routines
Jan F. Chadima 69dd72
+ */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+Gssctxt *gss_kex_context = NULL;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+static ssh_gss_kex_mapping *gss_enc2oid = NULL;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+int 
Jan F. Chadima 69dd72
+ssh_gssapi_oid_table_ok() {
Jan F. Chadima 69dd72
+	return (gss_enc2oid != NULL);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+/*
Jan F. Chadima 69dd72
+ * Return a list of the gss-group1-sha1 mechanisms supported by this program
Jan F. Chadima 69dd72
+ *
Jan F. Chadima 69dd72
+ * We test mechanisms to ensure that we can use them, to avoid starting
Jan F. Chadima 69dd72
+ * a key exchange with a bad mechanism
Jan F. Chadima 69dd72
+ */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+char *
Jan F. Chadima 69dd72
+ssh_gssapi_client_mechanisms(const char *host, const char *client) {
Jan F. Chadima 69dd72
+	gss_OID_set gss_supported;
Jan F. Chadima 69dd72
+	OM_uint32 min_status;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported)))
Jan F. Chadima 69dd72
+		return NULL;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
Jan F. Chadima 69dd72
+	    host, client));
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+char *
Jan F. Chadima 69dd72
+ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
Jan F. Chadima 69dd72
+    const char *host, const char *client) {
Jan F. Chadima 69dd72
+	Buffer buf;
Jan F. Chadima 69dd72
+	size_t i;
Jan F. Chadima 69dd72
+	int oidpos, enclen;
Jan F. Chadima 69dd72
+	char *mechs, *encoded;
Jan F. Chadima 69dd72
+	u_char digest[EVP_MAX_MD_SIZE];
Jan F. Chadima 69dd72
+	char deroid[2];
Jan F. Chadima 69dd72
+	const EVP_MD *evp_md = EVP_md5();
Jan F. Chadima 69dd72
+	EVP_MD_CTX md;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (gss_enc2oid != NULL) {
Jan F. Chadima 69dd72
+		for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
Jan F. Chadima 69dd72
+			xfree(gss_enc2oid[i].encoded);
Jan F. Chadima 69dd72
+		xfree(gss_enc2oid);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
Jan F. Chadima 69dd72
+	    (gss_supported->count + 1));
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_init(&buf;;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	oidpos = 0;
Jan F. Chadima 69dd72
+	for (i = 0; i < gss_supported->count; i++) {
Jan F. Chadima 69dd72
+		if (gss_supported->elements[i].length < 128 &&
Jan F. Chadima 69dd72
+		    (*check)(NULL, &(gss_supported->elements[i]), host, client)) {
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			deroid[0] = SSH_GSS_OIDTYPE;
Jan F. Chadima 69dd72
+			deroid[1] = gss_supported->elements[i].length;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			EVP_DigestInit(&md, evp_md);
Jan F. Chadima 69dd72
+			EVP_DigestUpdate(&md, deroid, 2);
Jan F. Chadima 69dd72
+			EVP_DigestUpdate(&md,
Jan F. Chadima 69dd72
+			    gss_supported->elements[i].elements,
Jan F. Chadima 69dd72
+			    gss_supported->elements[i].length);
Jan F. Chadima 69dd72
+			EVP_DigestFinal(&md, digest, NULL);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			encoded = xmalloc(EVP_MD_size(evp_md) * 2);
Jan F. Chadima 69dd72
+			enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
Jan F. Chadima 69dd72
+			    encoded, EVP_MD_size(evp_md) * 2);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			if (oidpos != 0)
Jan F. Chadima 69dd72
+				buffer_put_char(&buf, ',');
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
Jan F. Chadima 69dd72
+			    sizeof(KEX_GSS_GEX_SHA1_ID) - 1);
Jan F. Chadima 69dd72
+			buffer_append(&buf, encoded, enclen);
Jan F. Chadima 69dd72
+			buffer_put_char(&buf, ',');
Jan F. Chadima 69dd72
+			buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, 
Jan F. Chadima 69dd72
+			    sizeof(KEX_GSS_GRP1_SHA1_ID) - 1);
Jan F. Chadima 69dd72
+			buffer_append(&buf, encoded, enclen);
Jan F. Chadima 69dd72
+			buffer_put_char(&buf, ',');
Jan F. Chadima 69dd72
+			buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID,
Jan F. Chadima 69dd72
+			    sizeof(KEX_GSS_GRP14_SHA1_ID) - 1);
Jan F. Chadima 69dd72
+			buffer_append(&buf, encoded, enclen);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
Jan F. Chadima 69dd72
+			gss_enc2oid[oidpos].encoded = encoded;
Jan F. Chadima 69dd72
+			oidpos++;
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+	gss_enc2oid[oidpos].oid = NULL;
Jan F. Chadima 69dd72
+	gss_enc2oid[oidpos].encoded = NULL;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_put_char(&buf, '\0');
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	mechs = xmalloc(buffer_len(&buf));
Jan F. Chadima 69dd72
+	buffer_get(&buf, mechs, buffer_len(&buf));
Jan F. Chadima 69dd72
+	buffer_free(&buf;;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (strlen(mechs) == 0) {
Jan F. Chadima 69dd72
+		xfree(mechs);
Jan F. Chadima 69dd72
+		mechs = NULL;
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	return (mechs);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+gss_OID
Jan F. Chadima 69dd72
+ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) {
Jan F. Chadima 69dd72
+	int i = 0;
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	switch (kex_type) {
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP1_SHA1:
Jan F. Chadima 69dd72
+		if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID))
Jan F. Chadima 69dd72
+			return GSS_C_NO_OID;
Jan F. Chadima 69dd72
+		name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1;
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP14_SHA1:
Jan F. Chadima 69dd72
+		if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID))
Jan F. Chadima 69dd72
+			return GSS_C_NO_OID;
Jan F. Chadima 69dd72
+		name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1;
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GEX_SHA1:
Jan F. Chadima 69dd72
+		if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID))
Jan F. Chadima 69dd72
+			return GSS_C_NO_OID;
Jan F. Chadima 69dd72
+		name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1;
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	default:
Jan F. Chadima 69dd72
+		return GSS_C_NO_OID;
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	while (gss_enc2oid[i].encoded != NULL &&
Jan F. Chadima 69dd72
+	    strcmp(name, gss_enc2oid[i].encoded) != 0)
Jan F. Chadima 69dd72
+		i++;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (gss_enc2oid[i].oid != NULL && ctx != NULL)
Jan F. Chadima 69dd72
+		ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return gss_enc2oid[i].oid;
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 /* Check that the OID in a data stream matches that in the context */
Jan F. Chadima 69dd72
 int
Jan F. Chadima 69dd72
 ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
Jan F. Chadima 69dd72
@@ -197,7 +352,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	ctx->major = gss_init_sec_context(&ctx->minor,
Jan F. Chadima 69dd72
-	    GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid,
Jan F. Chadima 69dd72
+	    ctx->client_creds, &ctx->context, ctx->name, ctx->oid,
Jan F. Chadima 69dd72
 	    GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag,
Jan F. Chadima 69dd72
 	    0, NULL, recv_tok, NULL, send_tok, flags, NULL);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
@@ -227,8 +382,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 OM_uint32
Jan F. Chadima 69dd72
+ssh_gssapi_client_identity(Gssctxt *ctx, const char *name)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	gss_buffer_desc gssbuf;
Jan F. Chadima 69dd72
+	gss_name_t gssname;
Jan F. Chadima 69dd72
+	OM_uint32 status;
Jan F. Chadima 69dd72
+	gss_OID_set oidset;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gssbuf.value = (void *) name;
Jan F. Chadima 69dd72
+	gssbuf.length = strlen(gssbuf.value);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gss_create_empty_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
+	gss_add_oid_set_member(&status, ctx->oid, &oidset);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	ctx->major = gss_import_name(&ctx->minor, &gssbuf,
Jan F. Chadima 69dd72
+	    GSS_C_NT_USER_NAME, &gssname);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (!ctx->major)
Jan F. Chadima 69dd72
+		ctx->major = gss_acquire_cred(&ctx->minor, 
Jan F. Chadima 69dd72
+		    gssname, 0, oidset, GSS_C_INITIATE, 
Jan F. Chadima 69dd72
+		    &ctx->client_creds, NULL, NULL);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gss_release_name(&status, &gssname);
Jan F. Chadima 69dd72
+	gss_release_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (ctx->major)
Jan F. Chadima 69dd72
+		ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return(ctx->major);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+OM_uint32
Jan F. Chadima 69dd72
 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
+	if (ctx == NULL) 
Jan F. Chadima 69dd72
+		return -1;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
Jan F. Chadima 69dd72
 	    GSS_C_QOP_DEFAULT, buffer, hash)))
Jan F. Chadima 69dd72
 		ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
@@ -236,6 +425,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer
Jan F. Chadima 69dd72
 	return (ctx->major);
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+/* Priviledged when used by server */
Jan F. Chadima 69dd72
+OM_uint32
Jan F. Chadima 69dd72
+ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	if (ctx == NULL)
Jan F. Chadima 69dd72
+		return -1;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
Jan F. Chadima 69dd72
+	    gssbuf, gssmic, NULL);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return (ctx->major);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 void
Jan F. Chadima 69dd72
 ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
Jan F. Chadima 69dd72
     const char *context)
Jan F. Chadima 69dd72
@@ -249,11 +451,16 @@ ssh_gssapi_buildmic(Buffer *b, const cha
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 int
Jan F. Chadima 69dd72
-ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
Jan F. Chadima 69dd72
+ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, 
Jan F. Chadima 69dd72
+    const char *client)
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
 	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
Jan F. Chadima 69dd72
 	OM_uint32 major, minor;
Jan F. Chadima 69dd72
 	gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
Jan F. Chadima 69dd72
+	Gssctxt *intctx = NULL;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (ctx == NULL)
Jan F. Chadima 69dd72
+		ctx = &intct;;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	/* RFC 4462 says we MUST NOT do SPNEGO */
Jan F. Chadima 69dd72
 	if (oid->length == spnego_oid.length && 
Jan F. Chadima 69dd72
@@ -263,6 +470,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx
Jan F. Chadima 69dd72
 	ssh_gssapi_build_ctx(ctx);
Jan F. Chadima 69dd72
 	ssh_gssapi_set_oid(*ctx, oid);
Jan F. Chadima 69dd72
 	major = ssh_gssapi_import_name(*ctx, host);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (!GSS_ERROR(major) && client)
Jan F. Chadima 69dd72
+		major = ssh_gssapi_client_identity(*ctx, client);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	if (!GSS_ERROR(major)) {
Jan F. Chadima 69dd72
 		major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, 
Jan F. Chadima 69dd72
 		    NULL);
Jan F. Chadima 69dd72
@@ -272,10 +483,67 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx
Jan F. Chadima 69dd72
 			    GSS_C_NO_BUFFER);
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-	if (GSS_ERROR(major)) 
Jan F. Chadima 69dd72
+	if (GSS_ERROR(major) || intctx != NULL) 
Jan F. Chadima 69dd72
 		ssh_gssapi_delete_ctx(ctx);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	return (!GSS_ERROR(major));
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+int
Jan F. Chadima 69dd72
+ssh_gssapi_credentials_updated(Gssctxt *ctxt) {
Jan F. Chadima 69dd72
+	static gss_name_t saved_name = GSS_C_NO_NAME;
Jan F. Chadima 69dd72
+	static OM_uint32 saved_lifetime = 0;
Jan F. Chadima 69dd72
+	static gss_OID saved_mech = GSS_C_NO_OID;
Jan F. Chadima 69dd72
+	static gss_name_t name;
Jan F. Chadima 69dd72
+	static OM_uint32 last_call = 0;
Jan F. Chadima 69dd72
+	OM_uint32 lifetime, now, major, minor;
Jan F. Chadima 69dd72
+	int equal;
Jan F. Chadima 69dd72
+	gss_cred_usage_t usage = GSS_C_INITIATE;
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	now = time(NULL);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (ctxt) {
Jan F. Chadima 69dd72
+		debug("Rekey has happened - updating saved versions");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (saved_name != GSS_C_NO_NAME)
Jan F. Chadima 69dd72
+			gss_release_name(&minor, &saved_name);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL,
Jan F. Chadima 69dd72
+		    &saved_name, &saved_lifetime, NULL, NULL);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (!GSS_ERROR(major)) {
Jan F. Chadima 69dd72
+			saved_mech = ctxt->oid;
Jan F. Chadima 69dd72
+		        saved_lifetime+= now;
Jan F. Chadima 69dd72
+		} else {
Jan F. Chadima 69dd72
+			/* Handle the error */
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+		return 0;
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (now - last_call < 10)
Jan F. Chadima 69dd72
+		return 0;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	last_call = now;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (saved_mech == GSS_C_NO_OID)
Jan F. Chadima 69dd72
+		return 0;
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, 
Jan F. Chadima 69dd72
+	    &name, &lifetime, NULL, NULL);
Jan F. Chadima 69dd72
+	if (major == GSS_S_CREDENTIALS_EXPIRED)
Jan F. Chadima 69dd72
+		return 0;
Jan F. Chadima 69dd72
+	else if (GSS_ERROR(major))
Jan F. Chadima 69dd72
+		return 0;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	major = gss_compare_name(&minor, saved_name, name, &equal);
Jan F. Chadima 69dd72
+	gss_release_name(&minor, &name);
Jan F. Chadima 69dd72
+	if (GSS_ERROR(major))
Jan F. Chadima 69dd72
+		return 0;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (equal && (saved_lifetime < lifetime + now - 10))
Jan F. Chadima 69dd72
+		return 1;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return 0;
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 #endif /* GSSAPI */
Petr Lautrbach d9e618
diff -up openssh-5.9p1/gss-serv.c.gsskex openssh-5.9p1/gss-serv.c
Petr Lautrbach d9e618
--- openssh-5.9p1/gss-serv.c.gsskex	2011-08-05 22:16:46.000000000 +0200
Petr Lautrbach d9e618
+++ openssh-5.9p1/gss-serv.c	2012-02-06 17:38:19.174112917 +0100
Jan F. Chadima 69dd72
@@ -45,15 +45,20 @@
Jan F. Chadima 69dd72
 #include "channels.h"
Jan F. Chadima 69dd72
 #include "session.h"
Jan F. Chadima 69dd72
 #include "misc.h"
Jan F. Chadima 69dd72
+#include "servconf.h"
Jan F. Chadima 69dd72
+#include "uidswap.h"
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #include "ssh-gss.h"
Jan F. Chadima 69dd72
+#include "monitor_wrap.h"
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+extern ServerOptions options;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 static ssh_gssapi_client gssapi_client =
Jan F. Chadima 69dd72
     { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
Jan F. Chadima 69dd72
-    GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL}};
Jan F. Chadima 69dd72
+    GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME,  NULL, {NULL, NULL, NULL}, 0, 0};
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 ssh_gssapi_mech gssapi_null_mech =
Jan F. Chadima 69dd72
-    { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL};
Jan F. Chadima 69dd72
+    { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL};
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #ifdef KRB5
Jan F. Chadima 69dd72
 extern ssh_gssapi_mech gssapi_kerberos_mech;
Jan F. Chadima 69dd72
@@ -81,25 +86,32 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx)
Jan F. Chadima 69dd72
 	char lname[MAXHOSTNAMELEN];
Jan F. Chadima 69dd72
 	gss_OID_set oidset;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-	gss_create_empty_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
-	gss_add_oid_set_member(&status, ctx->oid, &oidset);
Jan F. Chadima 69dd72
+	if (options.gss_strict_acceptor) {
Jan F. Chadima 69dd72
+		gss_create_empty_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
+		gss_add_oid_set_member(&status, ctx->oid, &oidset);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (gethostname(lname, MAXHOSTNAMELEN)) {
Jan F. Chadima 69dd72
+			gss_release_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
+			return (-1);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-	if (gethostname(lname, MAXHOSTNAMELEN)) {
Jan F. Chadima 69dd72
-		gss_release_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
-		return (-1);
Jan F. Chadima 69dd72
-	}
Jan F. Chadima 69dd72
+		if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
Jan F. Chadima 69dd72
+			gss_release_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
+			return (ctx->major);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if ((ctx->major = gss_acquire_cred(&ctx->minor,
Jan F. Chadima 69dd72
+		    ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, 
Jan F. Chadima 69dd72
+		    NULL, NULL)))
Jan F. Chadima 69dd72
+			ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-	if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
Jan F. Chadima 69dd72
 		gss_release_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
 		return (ctx->major);
Jan F. Chadima 69dd72
+	} else {
Jan F. Chadima 69dd72
+		ctx->name = GSS_C_NO_NAME;
Jan F. Chadima 69dd72
+		ctx->creds = GSS_C_NO_CREDENTIAL;
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
-
Jan F. Chadima 69dd72
-	if ((ctx->major = gss_acquire_cred(&ctx->minor,
Jan F. Chadima 69dd72
-	    ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
Jan F. Chadima 69dd72
-		ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
-
Jan F. Chadima 69dd72
-	gss_release_oid_set(&status, &oidset);
Jan F. Chadima 69dd72
-	return (ctx->major);
Jan F. Chadima 69dd72
+	return GSS_S_COMPLETE;
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 /* Privileged */
Jan F. Chadima 69dd72
@@ -114,6 +126,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 /* Unprivileged */
Jan F. Chadima 69dd72
+char *
Jan F. Chadima 69dd72
+ssh_gssapi_server_mechanisms() {
Jan F. Chadima 69dd72
+	gss_OID_set	supported;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	ssh_gssapi_supported_oids(&supported);
Jan F. Chadima 69dd72
+	return (ssh_gssapi_kex_mechs(supported, &ssh_gssapi_server_check_mech,
Jan F. Chadima 69dd72
+	    NULL, NULL));
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+/* Unprivileged */
Jan F. Chadima 69dd72
+int
Jan F. Chadima 69dd72
+ssh_gssapi_server_check_mech(Gssctxt **dum, gss_OID oid, const char *data,
Jan F. Chadima 69dd72
+    const char *dummy) {
Jan F. Chadima 69dd72
+	Gssctxt *ctx = NULL;
Jan F. Chadima 69dd72
+	int res;
Jan F. Chadima 69dd72
+ 
Jan F. Chadima 69dd72
+	res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid)));
Jan F. Chadima 69dd72
+	ssh_gssapi_delete_ctx(&ctx;;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return (res);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+/* Unprivileged */
Jan F. Chadima 69dd72
 void
Jan F. Chadima 69dd72
 ssh_gssapi_supported_oids(gss_OID_set *oidset)
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
@@ -123,7 +158,9 @@ ssh_gssapi_supported_oids(gss_OID_set *o
Jan F. Chadima 69dd72
 	gss_OID_set supported;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	gss_create_empty_oid_set(&min_status, oidset);
Jan F. Chadima 69dd72
-	gss_indicate_mechs(&min_status, &supported);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (GSS_ERROR(gss_indicate_mechs(&min_status, &supported)))
Jan F. Chadima 69dd72
+		return;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	while (supported_mechs[i]->name != NULL) {
Jan F. Chadima 69dd72
 		if (GSS_ERROR(gss_test_oid_set_member(&min_status,
Jan F. Chadima 69dd72
@@ -249,8 +286,48 @@ OM_uint32
Jan F. Chadima 69dd72
 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
 	int i = 0;
Jan F. Chadima 69dd72
+	int equal = 0;
Jan F. Chadima 69dd72
+	gss_name_t new_name = GSS_C_NO_NAME;
Jan F. Chadima 69dd72
+	gss_buffer_desc ename = GSS_C_EMPTY_BUFFER;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (options.gss_store_rekey && client->used && ctx->client_creds) {
Jan F. Chadima 69dd72
+		if (client->mech->oid.length != ctx->oid->length ||
Jan F. Chadima 69dd72
+		    (memcmp(client->mech->oid.elements,
Jan F. Chadima 69dd72
+		     ctx->oid->elements, ctx->oid->length) !=0)) {
Jan F. Chadima 69dd72
+			debug("Rekeyed credentials have different mechanism");
Jan F. Chadima 69dd72
+			return GSS_S_COMPLETE;
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, 
Jan F. Chadima 69dd72
+		    ctx->client_creds, ctx->oid, &new_name, 
Jan F. Chadima 69dd72
+		    NULL, NULL, NULL))) {
Jan F. Chadima 69dd72
+			ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
+			return (ctx->major);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		ctx->major = gss_compare_name(&ctx->minor, client->name, 
Jan F. Chadima 69dd72
+		    new_name, &equal);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (GSS_ERROR(ctx->major)) {
Jan F. Chadima 69dd72
+			ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
+			return (ctx->major);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+ 
Jan F. Chadima 69dd72
+		if (!equal) {
Jan F. Chadima 69dd72
+			debug("Rekeyed credentials have different name");
Jan F. Chadima 69dd72
+			return GSS_S_COMPLETE;
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		debug("Marking rekeyed credentials for export");
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-	gss_buffer_desc ename;
Jan F. Chadima 69dd72
+		gss_release_name(&ctx->minor, &client->name);
Jan F. Chadima 69dd72
+		gss_release_cred(&ctx->minor, &client->creds);
Jan F. Chadima 69dd72
+		client->name = new_name;
Jan F. Chadima 69dd72
+		client->creds = ctx->client_creds;
Jan F. Chadima 69dd72
+        	ctx->client_creds = GSS_C_NO_CREDENTIAL;
Jan F. Chadima 69dd72
+		client->updated = 1;
Jan F. Chadima 69dd72
+		return GSS_S_COMPLETE;
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	client->mech = NULL;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
@@ -265,6 +342,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g
Jan F. Chadima 69dd72
 	if (client->mech == NULL)
Jan F. Chadima 69dd72
 		return GSS_S_FAILURE;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	if (ctx->client_creds &&
Jan F. Chadima 69dd72
+	    (ctx->major = gss_inquire_cred_by_mech(&ctx->minor,
Jan F. Chadima 69dd72
+	     ctx->client_creds, ctx->oid, &client->name, NULL, NULL, NULL))) {
Jan F. Chadima 69dd72
+		ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
+		return (ctx->major);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	if ((ctx->major = gss_display_name(&ctx->minor, ctx->client,
Jan F. Chadima 69dd72
 	    &client->displayname, NULL))) {
Jan F. Chadima 69dd72
 		ssh_gssapi_error(ctx);
Jan F. Chadima 69dd72
@@ -282,6 +366,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g
Jan F. Chadima 69dd72
 		return (ctx->major);
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	gss_release_buffer(&ctx->minor, &ename);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	/* We can't copy this structure, so we just move the pointer to it */
Jan F. Chadima 69dd72
 	client->creds = ctx->client_creds;
Jan F. Chadima 69dd72
 	ctx->client_creds = GSS_C_NO_CREDENTIAL;
Petr Lautrbach d9e618
@@ -329,7 +415,7 @@ ssh_gssapi_do_child(char ***envp, u_int 
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 /* Privileged */
Jan F. Chadima 69dd72
 int
Jan F. Chadima 69dd72
-ssh_gssapi_userok(char *user)
Jan F. Chadima 69dd72
+ssh_gssapi_userok(char *user, struct passwd *pw)
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
 	OM_uint32 lmin;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
@@ -339,9 +425,11 @@ ssh_gssapi_userok(char *user)
Jan F. Chadima 69dd72
 		return 0;
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 	if (gssapi_client.mech && gssapi_client.mech->userok)
Jan F. Chadima 69dd72
-		if ((*gssapi_client.mech->userok)(&gssapi_client, user))
Jan F. Chadima 69dd72
+		if ((*gssapi_client.mech->userok)(&gssapi_client, user)) {
Jan F. Chadima 69dd72
+			gssapi_client.used = 1;
Jan F. Chadima 69dd72
+			gssapi_client.store.owner = pw;
Jan F. Chadima 69dd72
 			return 1;
Jan F. Chadima 69dd72
-		else {
Jan F. Chadima 69dd72
+		} else {
Jan F. Chadima 69dd72
 			/* Destroy delegated credentials if userok fails */
Jan F. Chadima 69dd72
 			gss_release_buffer(&lmin, &gssapi_client.displayname);
Jan F. Chadima 69dd72
 			gss_release_buffer(&lmin, &gssapi_client.exportedname);
Jan F. Chadima 69dd72
@@ -354,14 +442,90 @@ ssh_gssapi_userok(char *user)
Jan F. Chadima 69dd72
 	return (0);
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-/* Privileged */
Jan F. Chadima 69dd72
-OM_uint32
Jan F. Chadima 69dd72
-ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
Jan F. Chadima 69dd72
+/* These bits are only used for rekeying. The unpriviledged child is running 
Jan F. Chadima 69dd72
+ * as the user, the monitor is root.
Jan F. Chadima 69dd72
+ *
Jan F. Chadima 69dd72
+ * In the child, we want to :
Jan F. Chadima 69dd72
+ *    *) Ask the monitor to store our credentials into the store we specify
Jan F. Chadima 69dd72
+ *    *) If it succeeds, maybe do a PAM update
Jan F. Chadima 69dd72
+ */
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+/* Stuff for PAM */
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+#ifdef USE_PAM
Petr Lautrbach d9e618
+static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, 
Petr Lautrbach d9e618
+    struct pam_response **resp, void *data)
Petr Lautrbach d9e618
 {
Petr Lautrbach d9e618
-	ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
Petr Lautrbach d9e618
-	    gssbuf, gssmic, NULL);
Petr Lautrbach d9e618
+	return (PAM_CONV_ERR);
Petr Lautrbach d9e618
+}
Petr Lautrbach d9e618
+#endif
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
-	return (ctx->major);
Petr Lautrbach d9e618
+void
Petr Lautrbach d9e618
+ssh_gssapi_rekey_creds() {
Petr Lautrbach d9e618
+	int ok;
Petr Lautrbach d9e618
+	int ret;
Petr Lautrbach d9e618
+#ifdef USE_PAM
Petr Lautrbach d9e618
+	pam_handle_t *pamh = NULL;
Petr Lautrbach d9e618
+	struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL};
Petr Lautrbach d9e618
+	char *envstr;
Petr Lautrbach d9e618
+#endif
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	if (gssapi_client.store.filename == NULL && 
Petr Lautrbach d9e618
+	    gssapi_client.store.envval == NULL &&
Petr Lautrbach d9e618
+	    gssapi_client.store.envvar == NULL)
Petr Lautrbach d9e618
+		return;
Petr Lautrbach d9e618
+ 
Petr Lautrbach d9e618
+	ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store));
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	if (!ok)
Petr Lautrbach d9e618
+		return;
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	debug("Rekeyed credentials stored successfully");
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	/* Actually managing to play with the ssh pam stack from here will
Petr Lautrbach d9e618
+	 * be next to impossible. In any case, we may want different options
Petr Lautrbach d9e618
+	 * for rekeying. So, use our own :)
Petr Lautrbach d9e618
+	 */
Petr Lautrbach d9e618
+#ifdef USE_PAM	
Petr Lautrbach d9e618
+	if (!use_privsep) {
Petr Lautrbach d9e618
+		debug("Not even going to try and do PAM with privsep disabled");
Petr Lautrbach d9e618
+		return;
Petr Lautrbach d9e618
+	}
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	ret = pam_start("sshd-rekey", gssapi_client.store.owner->pw_name,
Petr Lautrbach d9e618
+ 	    &pamconv, &pamh);
Petr Lautrbach d9e618
+	if (ret)
Petr Lautrbach d9e618
+		return;
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, 
Petr Lautrbach d9e618
+	    gssapi_client.store.envval);
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	ret = pam_putenv(pamh, envstr);
Petr Lautrbach d9e618
+	if (!ret)
Petr Lautrbach d9e618
+		pam_setcred(pamh, PAM_REINITIALIZE_CRED);
Petr Lautrbach d9e618
+	pam_end(pamh, PAM_SUCCESS);
Petr Lautrbach d9e618
+#endif
Petr Lautrbach d9e618
+}
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+int 
Petr Lautrbach d9e618
+ssh_gssapi_update_creds(ssh_gssapi_ccache *store) {
Petr Lautrbach d9e618
+	int ok = 0;
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	/* Check we've got credentials to store */
Petr Lautrbach d9e618
+	if (!gssapi_client.updated)
Petr Lautrbach d9e618
+		return 0;
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	gssapi_client.updated = 0;
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	temporarily_use_uid(gssapi_client.store.owner);
Petr Lautrbach d9e618
+	if (gssapi_client.mech && gssapi_client.mech->updatecreds)
Petr Lautrbach d9e618
+		ok = (*gssapi_client.mech->updatecreds)(store, &gssapi_client);
Petr Lautrbach d9e618
+	else
Petr Lautrbach d9e618
+		debug("No update function for this mechanism");
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	restore_uid();
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	return ok;
Petr Lautrbach d9e618
 }
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 #endif
Petr Lautrbach d9e618
diff -up openssh-5.9p1/gss-serv-krb5.c.gsskex openssh-5.9p1/gss-serv-krb5.c
Petr Lautrbach d9e618
--- openssh-5.9p1/gss-serv-krb5.c.gsskex	2006-09-01 07:38:36.000000000 +0200
Petr Lautrbach d9e618
+++ openssh-5.9p1/gss-serv-krb5.c	2012-02-06 17:38:19.173095956 +0100
Petr Lautrbach d9e618
@@ -1,7 +1,7 @@
Petr Lautrbach d9e618
 /* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 /*
Petr Lautrbach d9e618
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
Petr Lautrbach d9e618
+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
Petr Lautrbach d9e618
  *
Petr Lautrbach d9e618
  * Redistribution and use in source and binary forms, with or without
Petr Lautrbach d9e618
  * modification, are permitted provided that the following conditions
Petr Lautrbach d9e618
@@ -120,6 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl
Petr Lautrbach d9e618
 	krb5_principal princ;
Petr Lautrbach d9e618
 	OM_uint32 maj_status, min_status;
Petr Lautrbach d9e618
 	int len;
Petr Lautrbach d9e618
+	const char *new_ccname;
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 	if (client->creds == NULL) {
Petr Lautrbach d9e618
 		debug("No credentials stored");
Petr Lautrbach d9e618
@@ -168,11 +169,16 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl
Petr Lautrbach d9e618
 		return;
Petr Lautrbach d9e618
 	}
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
-	client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
Petr Lautrbach d9e618
+	new_ccname = krb5_cc_get_name(krb_context, ccache);
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
 	client->store.envvar = "KRB5CCNAME";
Petr Lautrbach d9e618
-	len = strlen(client->store.filename) + 6;
Petr Lautrbach d9e618
-	client->store.envval = xmalloc(len);
Petr Lautrbach d9e618
-	snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
Petr Lautrbach d9e618
+#ifdef USE_CCAPI
Petr Lautrbach d9e618
+	xasprintf(&client->store.envval, "API:%s", new_ccname);
Petr Lautrbach d9e618
+	client->store.filename = NULL;
Petr Lautrbach d9e618
+#else
Petr Lautrbach d9e618
+	xasprintf(&client->store.envval, "FILE:%s", new_ccname);
Petr Lautrbach d9e618
+	client->store.filename = xstrdup(new_ccname);
Petr Lautrbach d9e618
+#endif
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 #ifdef USE_PAM
Petr Lautrbach d9e618
 	if (options.use_pam)
Petr Lautrbach d9e618
@@ -184,6 +190,71 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl
Petr Lautrbach d9e618
 	return;
Petr Lautrbach d9e618
 }
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
+int
Petr Lautrbach d9e618
+ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, 
Petr Lautrbach d9e618
+    ssh_gssapi_client *client)
Petr Lautrbach d9e618
+{
Petr Lautrbach d9e618
+	krb5_ccache ccache = NULL;
Petr Lautrbach d9e618
+	krb5_principal principal = NULL;
Petr Lautrbach d9e618
+	char *name = NULL;
Petr Lautrbach d9e618
+	krb5_error_code problem;
Petr Lautrbach d9e618
+	OM_uint32 maj_status, min_status;
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+   	if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) {
Petr Lautrbach d9e618
+                logit("krb5_cc_resolve(): %.100s",
Petr Lautrbach d9e618
+                    krb5_get_err_text(krb_context, problem));
Petr Lautrbach d9e618
+                return 0;
Petr Lautrbach d9e618
+       	}
Petr Lautrbach d9e618
+	
Petr Lautrbach d9e618
+	/* Find out who the principal in this cache is */
Petr Lautrbach d9e618
+	if ((problem = krb5_cc_get_principal(krb_context, ccache, 
Petr Lautrbach d9e618
+	    &principal))) {
Petr Lautrbach d9e618
+		logit("krb5_cc_get_principal(): %.100s",
Petr Lautrbach d9e618
+		    krb5_get_err_text(krb_context, problem));
Petr Lautrbach d9e618
+		krb5_cc_close(krb_context, ccache);
Petr Lautrbach d9e618
+		return 0;
Petr Lautrbach d9e618
+	}
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	if ((problem = krb5_unparse_name(krb_context, principal, &name))) {
Petr Lautrbach d9e618
+		logit("krb5_unparse_name(): %.100s",
Petr Lautrbach d9e618
+		    krb5_get_err_text(krb_context, problem));
Petr Lautrbach d9e618
+		krb5_free_principal(krb_context, principal);
Petr Lautrbach d9e618
+		krb5_cc_close(krb_context, ccache);
Petr Lautrbach d9e618
+		return 0;
Petr Lautrbach d9e618
+	}
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	if (strcmp(name,client->exportedname.value)!=0) {
Petr Lautrbach d9e618
+		debug("Name in local credentials cache differs. Not storing");
Petr Lautrbach d9e618
+		krb5_free_principal(krb_context, principal);
Petr Lautrbach d9e618
+		krb5_cc_close(krb_context, ccache);
Petr Lautrbach d9e618
+		krb5_free_unparsed_name(krb_context, name);
Petr Lautrbach d9e618
+		return 0;
Petr Lautrbach d9e618
+	}
Petr Lautrbach d9e618
+	krb5_free_unparsed_name(krb_context, name);
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	/* Name matches, so lets get on with it! */
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	if ((problem = krb5_cc_initialize(krb_context, ccache, principal))) {
Petr Lautrbach d9e618
+		logit("krb5_cc_initialize(): %.100s",
Petr Lautrbach d9e618
+		    krb5_get_err_text(krb_context, problem));
Petr Lautrbach d9e618
+		krb5_free_principal(krb_context, principal);
Petr Lautrbach d9e618
+		krb5_cc_close(krb_context, ccache);
Petr Lautrbach d9e618
+		return 0;
Petr Lautrbach d9e618
+	}
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	krb5_free_principal(krb_context, principal);
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+	if ((maj_status = gss_krb5_copy_ccache(&min_status, client->creds,
Petr Lautrbach d9e618
+	    ccache))) {
Petr Lautrbach d9e618
+		logit("gss_krb5_copy_ccache() failed. Sorry!");
Petr Lautrbach d9e618
+		krb5_cc_close(krb_context, ccache);
Petr Lautrbach d9e618
+		return 0;
Petr Lautrbach d9e618
+	}
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+	return 1;
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
 ssh_gssapi_mech gssapi_kerberos_mech = {
Petr Lautrbach d9e618
 	"toWM5Slw5Ew8Mqkay+al2g==",
Petr Lautrbach d9e618
 	"Kerberos",
Petr Lautrbach d9e618
@@ -191,7 +262,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = {
Petr Lautrbach d9e618
 	NULL,
Petr Lautrbach d9e618
 	&ssh_gssapi_krb5_userok,
Petr Lautrbach d9e618
 	NULL,
Petr Lautrbach d9e618
-	&ssh_gssapi_krb5_storecreds
Petr Lautrbach d9e618
+	&ssh_gssapi_krb5_storecreds,
Petr Lautrbach d9e618
+	&ssh_gssapi_krb5_updatecreds
Petr Lautrbach d9e618
 };
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 #endif /* KRB5 */
Petr Lautrbach d9e618
diff -up openssh-5.9p1/ChangeLog.gssapi.gsskex openssh-5.9p1/ChangeLog.gssapi
Petr Lautrbach d9e618
--- openssh-5.9p1/ChangeLog.gssapi.gsskex	2012-02-06 17:38:19.166867405 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/ChangeLog.gssapi	2012-02-06 17:38:19.166867405 +0100
Petr Lautrbach d9e618
@@ -0,0 +1,113 @@
Petr Lautrbach d9e618
+20110101
Petr Lautrbach d9e618
+  - Finally update for OpenSSH 5.6p1
Petr Lautrbach d9e618
+  - Add GSSAPIServerIdentity option from Jim Basney
Jan F. Chadima 69dd72
+ 
Petr Lautrbach d9e618
+20100308
Petr Lautrbach d9e618
+  - [ Makefile.in, key.c, key.h ]
Petr Lautrbach d9e618
+    Updates for OpenSSH 5.4p1
Petr Lautrbach d9e618
+  - [ servconf.c ]
Petr Lautrbach d9e618
+    Include GSSAPI options in the sshd -T configuration dump, and flag
Petr Lautrbach d9e618
+    some older configuration options as being unsupported. Thanks to Colin 
Petr Lautrbach d9e618
+    Watson.
Petr Lautrbach d9e618
+  -
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20100124
Petr Lautrbach d9e618
+  - [ sshconnect2.c ]
Petr Lautrbach d9e618
+    Adapt to deal with additional element in Authmethod structure. Thanks to
Petr Lautrbach d9e618
+    Colin Watson
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20090615
Petr Lautrbach d9e618
+  - [ gss-genr.c gss-serv.c kexgssc.c kexgsss.c monitor.c sshconnect2.c
Petr Lautrbach d9e618
+      sshd.c ]
Petr Lautrbach d9e618
+    Fix issues identified by Greg Hudson following a code review
Petr Lautrbach d9e618
+	Check return value of gss_indicate_mechs
Petr Lautrbach d9e618
+	Protect GSSAPI calls in monitor, so they can only be used if enabled
Petr Lautrbach d9e618
+	Check return values of bignum functions in key exchange
Petr Lautrbach d9e618
+	Use BN_clear_free to clear other side's DH value
Petr Lautrbach d9e618
+	Make ssh_gssapi_id_kex more robust
Petr Lautrbach d9e618
+	Only configure kex table pointers if GSSAPI is enabled
Petr Lautrbach d9e618
+	Don't leak mechanism list, or gss mechanism list
Petr Lautrbach d9e618
+	Cast data.length before printing
Petr Lautrbach d9e618
+	If serverkey isn't provided, use an empty string, rather than NULL
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20090201
Petr Lautrbach d9e618
+  - [ gss-genr.c gss-serv.c kex.h kexgssc.c readconf.c readconf.h ssh-gss.h
Petr Lautrbach d9e618
+      ssh_config.5 sshconnet2.c ]
Petr Lautrbach d9e618
+    Add support for the GSSAPIClientIdentity option, which allows the user
Petr Lautrbach d9e618
+    to specify which GSSAPI identity to use to contact a given server
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20080404
Petr Lautrbach d9e618
+  - [ gss-serv.c ]
Petr Lautrbach d9e618
+    Add code to actually implement GSSAPIStrictAcceptCheck, which had somehow
Petr Lautrbach d9e618
+    been omitted from a previous version of this patch. Reported by Borislav
Petr Lautrbach d9e618
+    Stoichkov
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20070317
Petr Lautrbach d9e618
+  - [ gss-serv-krb5.c ]
Petr Lautrbach d9e618
+    Remove C99ism, where new_ccname was being declared in the middle of a 
Petr Lautrbach d9e618
+    function
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20061220
Petr Lautrbach d9e618
+  - [ servconf.c ]
Petr Lautrbach d9e618
+    Make default for GSSAPIStrictAcceptorCheck be Yes, to match previous, and 
Petr Lautrbach d9e618
+    documented, behaviour. Reported by Dan Watson.
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20060910
Petr Lautrbach d9e618
+  - [ gss-genr.c kexgssc.c kexgsss.c kex.h monitor.c sshconnect2.c sshd.c
Petr Lautrbach d9e618
+      ssh-gss.h ]
Petr Lautrbach d9e618
+    add support for gss-group14-sha1 key exchange mechanisms
Petr Lautrbach d9e618
+  - [ gss-serv.c servconf.c servconf.h sshd_config sshd_config.5 ]
Petr Lautrbach d9e618
+    Add GSSAPIStrictAcceptorCheck option to allow the disabling of
Petr Lautrbach d9e618
+    acceptor principal checking on multi-homed machines.
Petr Lautrbach d9e618
+    <Bugzilla #928>
Petr Lautrbach d9e618
+  - [ sshd_config ssh_config ]
Petr Lautrbach d9e618
+    Add settings for GSSAPIKeyExchange and GSSAPITrustDNS to the sample
Petr Lautrbach d9e618
+    configuration files
Petr Lautrbach d9e618
+  - [ kexgss.c kegsss.c sshconnect2.c sshd.c ]
Petr Lautrbach d9e618
+    Code cleanup. Replace strlen/xmalloc/snprintf sequences with xasprintf()
Petr Lautrbach d9e618
+    Limit length of error messages displayed by client
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20060909
Petr Lautrbach d9e618
+  - [ gss-genr.c gss-serv.c ]
Petr Lautrbach d9e618
+    move ssh_gssapi_acquire_cred() and ssh_gssapi_server_ctx to be server
Petr Lautrbach d9e618
+    only, where they belong 
Petr Lautrbach d9e618
+    <Bugzilla #1225>
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20060829
Petr Lautrbach d9e618
+  - [ gss-serv-krb5.c ]
Petr Lautrbach d9e618
+    Fix CCAPI credentials cache name when creating KRB5CCNAME environment 
Petr Lautrbach d9e618
+    variable
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20060828
Petr Lautrbach d9e618
+  - [ gss-genr.c ]
Petr Lautrbach d9e618
+    Avoid Heimdal context freeing problem
Petr Lautrbach d9e618
+    <Fixed upstream 20060829>
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20060818
Petr Lautrbach d9e618
+  - [ gss-genr.c ssh-gss.h sshconnect2.c ]
Petr Lautrbach d9e618
+    Make sure that SPENGO is disabled 
Petr Lautrbach d9e618
+    <Bugzilla #1218 - Fixed upstream 20060818>
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+20060421
Petr Lautrbach d9e618
+  - [ gssgenr.c, sshconnect2.c ]
Petr Lautrbach d9e618
+    a few type changes (signed versus unsigned, int versus size_t) to
Petr Lautrbach d9e618
+    fix compiler errors/warnings 
Petr Lautrbach d9e618
+    (from jbasney AT ncsa.uiuc.edu)
Petr Lautrbach d9e618
+  - [ kexgssc.c, sshconnect2.c ]
Petr Lautrbach d9e618
+    fix uninitialized variable warnings
Petr Lautrbach d9e618
+    (from jbasney AT ncsa.uiuc.edu)
Petr Lautrbach d9e618
+  - [ gssgenr.c ]
Petr Lautrbach d9e618
+    pass oid to gss_display_status (helpful when using GSSAPI mechglue)
Petr Lautrbach d9e618
+    (from jbasney AT ncsa.uiuc.edu)
Petr Lautrbach d9e618
+    <Bugzilla #1220 >
Petr Lautrbach d9e618
+  - [ gss-serv-krb5.c ]
Petr Lautrbach d9e618
+    #ifdef HAVE_GSSAPI_KRB5 should be #ifdef HAVE_GSSAPI_KRB5_H
Petr Lautrbach d9e618
+    (from jbasney AT ncsa.uiuc.edu)
Petr Lautrbach d9e618
+    <Fixed upstream 20060304>
Petr Lautrbach d9e618
+  - [ readconf.c, readconf.h, ssh_config.5, sshconnect2.c 
Petr Lautrbach d9e618
+    add client-side GssapiKeyExchange option
Petr Lautrbach d9e618
+    (from jbasney AT ncsa.uiuc.edu)
Petr Lautrbach d9e618
+  - [ sshconnect2.c ]
Petr Lautrbach d9e618
+    add support for GssapiTrustDns option for gssapi-with-mic
Petr Lautrbach d9e618
+    (from jbasney AT ncsa.uiuc.edu)
Petr Lautrbach d9e618
+    <gssapi-with-mic support is Bugzilla #1008>
Petr Lautrbach d9e618
diff -up openssh-5.9p1/kex.c.gsskex openssh-5.9p1/kex.c
Petr Lautrbach d9e618
--- openssh-5.9p1/kex.c.gsskex	2012-02-06 17:38:19.014845863 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/kex.c	2012-02-06 17:38:19.174112917 +0100
Jan F. Chadima 69dd72
@@ -51,6 +51,10 @@
Jan F. Chadima 69dd72
 #include "roaming.h"
Jan F. Chadima 69dd72
 #include "audit.h"
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+#include "ssh-gss.h"
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L
Jan F. Chadima 69dd72
 # if defined(HAVE_EVP_SHA256)
Jan F. Chadima 69dd72
 # define evp_ssh_sha256 EVP_sha256
Jan F. Chadima 69dd72
@@ -371,6 +375,20 @@ choose_kex(Kex *k, char *client, char *s
Jan F. Chadima 69dd72
  		k->kex_type = KEX_ECDH_SHA2;
Jan F. Chadima 69dd72
 		k->evp_md = kex_ecdh_name_to_evpmd(k->name);
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	} else if (strncmp(k->name, KEX_GSS_GEX_SHA1_ID,
Jan F. Chadima 69dd72
+	    sizeof(KEX_GSS_GEX_SHA1_ID) - 1) == 0) {
Jan F. Chadima 69dd72
+		k->kex_type = KEX_GSS_GEX_SHA1;
Jan F. Chadima 69dd72
+		k->evp_md = EVP_sha1();
Jan F. Chadima 69dd72
+	} else if (strncmp(k->name, KEX_GSS_GRP1_SHA1_ID,
Jan F. Chadima 69dd72
+	    sizeof(KEX_GSS_GRP1_SHA1_ID) - 1) == 0) {
Jan F. Chadima 69dd72
+		k->kex_type = KEX_GSS_GRP1_SHA1;
Jan F. Chadima 69dd72
+		k->evp_md = EVP_sha1();
Jan F. Chadima 69dd72
+	} else if (strncmp(k->name, KEX_GSS_GRP14_SHA1_ID,
Jan F. Chadima 69dd72
+	    sizeof(KEX_GSS_GRP14_SHA1_ID) - 1) == 0) {
Jan F. Chadima 69dd72
+		k->kex_type = KEX_GSS_GRP14_SHA1;
Jan F. Chadima 69dd72
+		k->evp_md = EVP_sha1();
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 	} else
Jan F. Chadima 69dd72
 		fatal("bad kex alg %s", k->name);
Jan F. Chadima 69dd72
 }
Petr Lautrbach d9e618
diff -up openssh-5.9p1/kexgssc.c.gsskex openssh-5.9p1/kexgssc.c
Petr Lautrbach d9e618
--- openssh-5.9p1/kexgssc.c.gsskex	2012-02-06 17:38:19.175129606 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/kexgssc.c	2012-02-06 17:38:19.175129606 +0100
Jan F. Chadima 69dd72
@@ -0,0 +1,334 @@
Jan F. Chadima 69dd72
+/*
Jan F. Chadima 69dd72
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
Jan F. Chadima 69dd72
+ *
Jan F. Chadima 69dd72
+ * Redistribution and use in source and binary forms, with or without
Jan F. Chadima 69dd72
+ * modification, are permitted provided that the following conditions
Jan F. Chadima 69dd72
+ * are met:
Jan F. Chadima 69dd72
+ * 1. Redistributions of source code must retain the above copyright
Jan F. Chadima 69dd72
+ *    notice, this list of conditions and the following disclaimer.
Jan F. Chadima 69dd72
+ * 2. Redistributions in binary form must reproduce the above copyright
Jan F. Chadima 69dd72
+ *    notice, this list of conditions and the following disclaimer in the
Jan F. Chadima 69dd72
+ *    documentation and/or other materials provided with the distribution.
Jan F. Chadima 69dd72
+ *
Jan F. Chadima 69dd72
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
Jan F. Chadima 69dd72
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
Jan F. Chadima 69dd72
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Jan F. Chadima 69dd72
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
Jan F. Chadima 69dd72
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
Jan F. Chadima 69dd72
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
Jan F. Chadima 69dd72
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
Jan F. Chadima 69dd72
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
Jan F. Chadima 69dd72
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
Jan F. Chadima 69dd72
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Jan F. Chadima 69dd72
+ */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include "includes.h"
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include "includes.h"
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include <openssl/crypto.h>
Jan F. Chadima 69dd72
+#include <openssl/bn.h>
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include <string.h>
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include "xmalloc.h"
Jan F. Chadima 69dd72
+#include "buffer.h"
Jan F. Chadima 69dd72
+#include "ssh2.h"
Jan F. Chadima 69dd72
+#include "key.h"
Jan F. Chadima 69dd72
+#include "cipher.h"
Jan F. Chadima 69dd72
+#include "kex.h"
Jan F. Chadima 69dd72
+#include "log.h"
Jan F. Chadima 69dd72
+#include "packet.h"
Jan F. Chadima 69dd72
+#include "dh.h"
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include "ssh-gss.h"
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+void
Jan F. Chadima 69dd72
+kexgss_client(Kex *kex) {
Jan F. Chadima 69dd72
+	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
Jan F. Chadima 69dd72
+	gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr;
Jan F. Chadima 69dd72
+	Gssctxt *ctxt;
Jan F. Chadima 69dd72
+	OM_uint32 maj_status, min_status, ret_flags;
Jan F. Chadima 69dd72
+	u_int klen, kout, slen = 0, hashlen, strlen;
Jan F. Chadima 69dd72
+	DH *dh; 
Jan F. Chadima 69dd72
+	BIGNUM *dh_server_pub = NULL;
Jan F. Chadima 69dd72
+	BIGNUM *shared_secret = NULL;
Jan F. Chadima 69dd72
+	BIGNUM *p = NULL;
Jan F. Chadima 69dd72
+	BIGNUM *g = NULL;	
Jan F. Chadima 69dd72
+	u_char *kbuf, *hash;
Jan F. Chadima 69dd72
+	u_char *serverhostkey = NULL;
Jan F. Chadima 69dd72
+	u_char *empty = "";
Jan F. Chadima 69dd72
+	char *msg;
Jan F. Chadima 69dd72
+	char *lang;
Jan F. Chadima 69dd72
+	int type = 0;
Jan F. Chadima 69dd72
+	int first = 1;
Jan F. Chadima 69dd72
+	int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* Initialise our GSSAPI world */	
Jan F. Chadima 69dd72
+	ssh_gssapi_build_ctx(&ctxt);
Jan F. Chadima 69dd72
+	if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) 
Jan F. Chadima 69dd72
+	    == GSS_C_NO_OID)
Jan F. Chadima 69dd72
+		fatal("Couldn't identify host exchange");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (ssh_gssapi_import_name(ctxt, kex->gss_host))
Jan F. Chadima 69dd72
+		fatal("Couldn't import hostname");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (kex->gss_client && 
Jan F. Chadima 69dd72
+	    ssh_gssapi_client_identity(ctxt, kex->gss_client))
Jan F. Chadima 69dd72
+		fatal("Couldn't acquire client credentials");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	switch (kex->kex_type) {
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP1_SHA1:
Jan F. Chadima 69dd72
+		dh = dh_new_group1();
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP14_SHA1:
Jan F. Chadima 69dd72
+		dh = dh_new_group14();
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GEX_SHA1:
Jan F. Chadima 69dd72
+		debug("Doing group exchange\n");
Jan F. Chadima 69dd72
+		nbits = dh_estimate(kex->we_need * 8);
Jan F. Chadima 69dd72
+		packet_start(SSH2_MSG_KEXGSS_GROUPREQ);
Jan F. Chadima 69dd72
+		packet_put_int(min);
Jan F. Chadima 69dd72
+		packet_put_int(nbits);
Jan F. Chadima 69dd72
+		packet_put_int(max);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		packet_send();
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		packet_read_expect(SSH2_MSG_KEXGSS_GROUP);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if ((p = BN_new()) == NULL)
Jan F. Chadima 69dd72
+			fatal("BN_new() failed");
Jan F. Chadima 69dd72
+		packet_get_bignum2(p);
Jan F. Chadima 69dd72
+		if ((g = BN_new()) == NULL)
Jan F. Chadima 69dd72
+			fatal("BN_new() failed");
Jan F. Chadima 69dd72
+		packet_get_bignum2(g);
Jan F. Chadima 69dd72
+		packet_check_eom();
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (BN_num_bits(p) < min || BN_num_bits(p) > max)
Jan F. Chadima 69dd72
+			fatal("GSSGRP_GEX group out of range: %d !< %d !< %d",
Jan F. Chadima 69dd72
+			    min, BN_num_bits(p), max);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		dh = dh_new_group(g, p);
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	default:
Jan F. Chadima 69dd72
+		fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	/* Step 1 - e is dh->pub_key */
Jan F. Chadima 69dd72
+	dh_gen_key(dh, kex->we_need * 8);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* This is f, we initialise it now to make life easier */
Jan F. Chadima 69dd72
+	dh_server_pub = BN_new();
Jan F. Chadima 69dd72
+	if (dh_server_pub == NULL)
Jan F. Chadima 69dd72
+		fatal("dh_server_pub == NULL");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	token_ptr = GSS_C_NO_BUFFER;
Jan F. Chadima 69dd72
+			 
Jan F. Chadima 69dd72
+	do {
Jan F. Chadima 69dd72
+		debug("Calling gss_init_sec_context");
Jan F. Chadima 69dd72
+		
Jan F. Chadima 69dd72
+		maj_status = ssh_gssapi_init_ctx(ctxt,
Jan F. Chadima 69dd72
+		    kex->gss_deleg_creds, token_ptr, &send_tok,
Jan F. Chadima 69dd72
+		    &ret_flags);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (GSS_ERROR(maj_status)) {
Jan F. Chadima 69dd72
+			if (send_tok.length != 0) {
Jan F. Chadima 69dd72
+				packet_start(SSH2_MSG_KEXGSS_CONTINUE);
Jan F. Chadima 69dd72
+				packet_put_string(send_tok.value,
Jan F. Chadima 69dd72
+				    send_tok.length);
Jan F. Chadima 69dd72
+			}
Jan F. Chadima 69dd72
+			fatal("gss_init_context failed");
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		/* If we've got an old receive buffer get rid of it */
Jan F. Chadima 69dd72
+		if (token_ptr != GSS_C_NO_BUFFER)
Jan F. Chadima 69dd72
+			xfree(recv_tok.value);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (maj_status == GSS_S_COMPLETE) {
Jan F. Chadima 69dd72
+			/* If mutual state flag is not true, kex fails */
Jan F. Chadima 69dd72
+			if (!(ret_flags & GSS_C_MUTUAL_FLAG))
Jan F. Chadima 69dd72
+				fatal("Mutual authentication failed");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			/* If integ avail flag is not true kex fails */
Jan F. Chadima 69dd72
+			if (!(ret_flags & GSS_C_INTEG_FLAG))
Jan F. Chadima 69dd72
+				fatal("Integrity check failed");
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		/* 
Jan F. Chadima 69dd72
+		 * If we have data to send, then the last message that we
Jan F. Chadima 69dd72
+		 * received cannot have been a 'complete'. 
Jan F. Chadima 69dd72
+		 */
Jan F. Chadima 69dd72
+		if (send_tok.length != 0) {
Jan F. Chadima 69dd72
+			if (first) {
Jan F. Chadima 69dd72
+				packet_start(SSH2_MSG_KEXGSS_INIT);
Jan F. Chadima 69dd72
+				packet_put_string(send_tok.value,
Jan F. Chadima 69dd72
+				    send_tok.length);
Jan F. Chadima 69dd72
+				packet_put_bignum2(dh->pub_key);
Jan F. Chadima 69dd72
+				first = 0;
Jan F. Chadima 69dd72
+			} else {
Jan F. Chadima 69dd72
+				packet_start(SSH2_MSG_KEXGSS_CONTINUE);
Jan F. Chadima 69dd72
+				packet_put_string(send_tok.value,
Jan F. Chadima 69dd72
+				    send_tok.length);
Jan F. Chadima 69dd72
+			}
Jan F. Chadima 69dd72
+			packet_send();
Jan F. Chadima 69dd72
+			gss_release_buffer(&min_status, &send_tok);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			/* If we've sent them data, they should reply */
Jan F. Chadima 69dd72
+			do {	
Jan F. Chadima 69dd72
+				type = packet_read();
Jan F. Chadima 69dd72
+				if (type == SSH2_MSG_KEXGSS_HOSTKEY) {
Jan F. Chadima 69dd72
+					debug("Received KEXGSS_HOSTKEY");
Jan F. Chadima 69dd72
+					if (serverhostkey)
Jan F. Chadima 69dd72
+						fatal("Server host key received more than once");
Jan F. Chadima 69dd72
+					serverhostkey = 
Jan F. Chadima 69dd72
+					    packet_get_string(&slen);
Jan F. Chadima 69dd72
+				}
Jan F. Chadima 69dd72
+			} while (type == SSH2_MSG_KEXGSS_HOSTKEY);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			switch (type) {
Jan F. Chadima 69dd72
+			case SSH2_MSG_KEXGSS_CONTINUE:
Jan F. Chadima 69dd72
+				debug("Received GSSAPI_CONTINUE");
Jan F. Chadima 69dd72
+				if (maj_status == GSS_S_COMPLETE) 
Jan F. Chadima 69dd72
+					fatal("GSSAPI Continue received from server when complete");
Jan F. Chadima 69dd72
+				recv_tok.value = packet_get_string(&strlen);
Jan F. Chadima 69dd72
+				recv_tok.length = strlen; 
Jan F. Chadima 69dd72
+				break;
Jan F. Chadima 69dd72
+			case SSH2_MSG_KEXGSS_COMPLETE:
Jan F. Chadima 69dd72
+				debug("Received GSSAPI_COMPLETE");
Jan F. Chadima 69dd72
+				packet_get_bignum2(dh_server_pub);
Jan F. Chadima 69dd72
+				msg_tok.value =  packet_get_string(&strlen);
Jan F. Chadima 69dd72
+				msg_tok.length = strlen; 
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+				/* Is there a token included? */
Jan F. Chadima 69dd72
+				if (packet_get_char()) {
Jan F. Chadima 69dd72
+					recv_tok.value=
Jan F. Chadima 69dd72
+					    packet_get_string(&strlen);
Jan F. Chadima 69dd72
+					recv_tok.length = strlen;
Jan F. Chadima 69dd72
+					/* If we're already complete - protocol error */
Jan F. Chadima 69dd72
+					if (maj_status == GSS_S_COMPLETE)
Jan F. Chadima 69dd72
+						packet_disconnect("Protocol error: received token when complete");
Jan F. Chadima 69dd72
+					} else {
Jan F. Chadima 69dd72
+						/* No token included */
Jan F. Chadima 69dd72
+						if (maj_status != GSS_S_COMPLETE)
Jan F. Chadima 69dd72
+							packet_disconnect("Protocol error: did not receive final token");
Jan F. Chadima 69dd72
+				}
Jan F. Chadima 69dd72
+				break;
Jan F. Chadima 69dd72
+			case SSH2_MSG_KEXGSS_ERROR:
Jan F. Chadima 69dd72
+				debug("Received Error");
Jan F. Chadima 69dd72
+				maj_status = packet_get_int();
Jan F. Chadima 69dd72
+				min_status = packet_get_int();
Jan F. Chadima 69dd72
+				msg = packet_get_string(NULL);
Jan F. Chadima 69dd72
+				lang = packet_get_string(NULL);
Jan F. Chadima 69dd72
+				fatal("GSSAPI Error: \n%.400s",msg);
Jan F. Chadima 69dd72
+			default:
Jan F. Chadima 69dd72
+				packet_disconnect("Protocol error: didn't expect packet type %d",
Jan F. Chadima 69dd72
+		    		type);
Jan F. Chadima 69dd72
+			}
Jan F. Chadima 69dd72
+			token_ptr = &recv_tok;
Jan F. Chadima 69dd72
+		} else {
Jan F. Chadima 69dd72
+			/* No data, and not complete */
Jan F. Chadima 69dd72
+			if (maj_status != GSS_S_COMPLETE)
Jan F. Chadima 69dd72
+				fatal("Not complete, and no token output");
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+	} while (maj_status & GSS_S_CONTINUE_NEEDED);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* 
Jan F. Chadima 69dd72
+	 * We _must_ have received a COMPLETE message in reply from the 
Jan F. Chadima 69dd72
+	 * server, which will have set dh_server_pub and msg_tok 
Jan F. Chadima 69dd72
+	 */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (type != SSH2_MSG_KEXGSS_COMPLETE)
Jan F. Chadima 69dd72
+		fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* Check f in range [1, p-1] */
Jan F. Chadima 69dd72
+	if (!dh_pub_is_valid(dh, dh_server_pub))
Jan F. Chadima 69dd72
+		packet_disconnect("bad server public DH value");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* compute K=f^x mod p */
Jan F. Chadima 69dd72
+	klen = DH_size(dh);
Jan F. Chadima 69dd72
+	kbuf = xmalloc(klen);
Jan F. Chadima 69dd72
+	kout = DH_compute_key(kbuf, dh_server_pub, dh);
Jan F. Chadima 3b545b
+	if ((int)kout < 0)
Jan F. Chadima 69dd72
+		fatal("DH_compute_key: failed");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	shared_secret = BN_new();
Jan F. Chadima 69dd72
+	if (shared_secret == NULL)
Jan F. Chadima 69dd72
+		fatal("kexgss_client: BN_new failed");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
Jan F. Chadima 69dd72
+		fatal("kexdh_client: BN_bin2bn failed");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	memset(kbuf, 0, klen);
Jan F. Chadima 69dd72
+	xfree(kbuf);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	switch (kex->kex_type) {
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP1_SHA1:
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP14_SHA1:
Jan F. Chadima 69dd72
+		kex_dh_hash( kex->client_version_string, 
Jan F. Chadima 69dd72
+		    kex->server_version_string,
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->my), buffer_len(&kex->my),
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
Jan F. Chadima 69dd72
+		    (serverhostkey ? serverhostkey : empty), slen,
Jan F. Chadima 69dd72
+		    dh->pub_key,	/* e */
Jan F. Chadima 69dd72
+		    dh_server_pub,	/* f */
Jan F. Chadima 69dd72
+		    shared_secret,	/* K */
Jan F. Chadima 69dd72
+		    &hash, &hashlen
Jan F. Chadima 69dd72
+		);
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GEX_SHA1:
Jan F. Chadima 69dd72
+		kexgex_hash(
Jan F. Chadima 69dd72
+		    kex->evp_md,
Jan F. Chadima 69dd72
+		    kex->client_version_string,
Jan F. Chadima 69dd72
+		    kex->server_version_string,
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->my), buffer_len(&kex->my),
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
Jan F. Chadima 69dd72
+		    (serverhostkey ? serverhostkey : empty), slen,
Jan F. Chadima 69dd72
+ 		    min, nbits, max,
Jan F. Chadima 69dd72
+		    dh->p, dh->g,
Jan F. Chadima 69dd72
+		    dh->pub_key,
Jan F. Chadima 69dd72
+		    dh_server_pub,
Jan F. Chadima 69dd72
+		    shared_secret,
Jan F. Chadima 69dd72
+		    &hash, &hashlen
Jan F. Chadima 69dd72
+		);
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	default:
Jan F. Chadima 69dd72
+		fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gssbuf.value = hash;
Jan F. Chadima 69dd72
+	gssbuf.length = hashlen;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* Verify that the hash matches the MIC we just got. */
Jan F. Chadima 69dd72
+	if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
Jan F. Chadima 69dd72
+		packet_disconnect("Hash's MIC didn't verify");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	xfree(msg_tok.value);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	DH_free(dh);
Jan F. Chadima 69dd72
+	if (serverhostkey)
Jan F. Chadima 69dd72
+		xfree(serverhostkey);
Jan F. Chadima 69dd72
+	BN_clear_free(dh_server_pub);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* save session id */
Jan F. Chadima 69dd72
+	if (kex->session_id == NULL) {
Jan F. Chadima 69dd72
+		kex->session_id_len = hashlen;
Jan F. Chadima 69dd72
+		kex->session_id = xmalloc(kex->session_id_len);
Jan F. Chadima 69dd72
+		memcpy(kex->session_id, hash, kex->session_id_len);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (kex->gss_deleg_creds)
Jan F. Chadima 69dd72
+		ssh_gssapi_credentials_updated(ctxt);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (gss_kex_context == NULL)
Jan F. Chadima 69dd72
+		gss_kex_context = ctxt;
Jan F. Chadima 69dd72
+	else
Jan F. Chadima 69dd72
+		ssh_gssapi_delete_ctx(&ctxt);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	kex_derive_keys(kex, hash, hashlen, shared_secret);
Jan F. Chadima 69dd72
+	BN_clear_free(shared_secret);
Jan F. Chadima 69dd72
+	kex_finish(kex);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#endif /* GSSAPI */
Petr Lautrbach d9e618
diff -up openssh-5.9p1/kexgsss.c.gsskex openssh-5.9p1/kexgsss.c
Petr Lautrbach d9e618
--- openssh-5.9p1/kexgsss.c.gsskex	2012-02-06 17:38:19.176145304 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/kexgsss.c	2012-02-06 17:38:19.176145304 +0100
Jan F. Chadima 69dd72
@@ -0,0 +1,288 @@
Jan F. Chadima 69dd72
+/*
Jan F. Chadima 69dd72
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
Jan F. Chadima 69dd72
+ *
Jan F. Chadima 69dd72
+ * Redistribution and use in source and binary forms, with or without
Jan F. Chadima 69dd72
+ * modification, are permitted provided that the following conditions
Jan F. Chadima 69dd72
+ * are met:
Jan F. Chadima 69dd72
+ * 1. Redistributions of source code must retain the above copyright
Jan F. Chadima 69dd72
+ *    notice, this list of conditions and the following disclaimer.
Jan F. Chadima 69dd72
+ * 2. Redistributions in binary form must reproduce the above copyright
Jan F. Chadima 69dd72
+ *    notice, this list of conditions and the following disclaimer in the
Jan F. Chadima 69dd72
+ *    documentation and/or other materials provided with the distribution.
Jan F. Chadima 69dd72
+ *
Jan F. Chadima 69dd72
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
Jan F. Chadima 69dd72
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
Jan F. Chadima 69dd72
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Jan F. Chadima 69dd72
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
Jan F. Chadima 69dd72
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
Jan F. Chadima 69dd72
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
Jan F. Chadima 69dd72
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
Jan F. Chadima 69dd72
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
Jan F. Chadima 69dd72
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
Jan F. Chadima 69dd72
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Jan F. Chadima 69dd72
+ */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include "includes.h"
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include <string.h>
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include <openssl/crypto.h>
Jan F. Chadima 69dd72
+#include <openssl/bn.h>
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+#include "xmalloc.h"
Jan F. Chadima 69dd72
+#include "buffer.h"
Jan F. Chadima 69dd72
+#include "ssh2.h"
Jan F. Chadima 69dd72
+#include "key.h"
Jan F. Chadima 69dd72
+#include "cipher.h"
Jan F. Chadima 69dd72
+#include "kex.h"
Jan F. Chadima 69dd72
+#include "log.h"
Jan F. Chadima 69dd72
+#include "packet.h"
Jan F. Chadima 69dd72
+#include "dh.h"
Jan F. Chadima 69dd72
+#include "ssh-gss.h"
Jan F. Chadima 69dd72
+#include "monitor_wrap.h"
Jan F. Chadima 69dd72
+#include "servconf.h"
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+extern ServerOptions options;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+void
Jan F. Chadima 69dd72
+kexgss_server(Kex *kex)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	OM_uint32 maj_status, min_status;
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	/* 
Jan F. Chadima 69dd72
+	 * Some GSSAPI implementations use the input value of ret_flags (an
Jan F. Chadima 69dd72
+ 	 * output variable) as a means of triggering mechanism specific 
Jan F. Chadima 69dd72
+ 	 * features. Initializing it to zero avoids inadvertently 
Jan F. Chadima 69dd72
+ 	 * activating this non-standard behaviour.
Jan F. Chadima 69dd72
+	 */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	OM_uint32 ret_flags = 0;
Jan F. Chadima 69dd72
+	gss_buffer_desc gssbuf, recv_tok, msg_tok;
Jan F. Chadima 69dd72
+	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
Jan F. Chadima 69dd72
+	Gssctxt *ctxt = NULL;
Jan F. Chadima 69dd72
+	u_int slen, klen, kout, hashlen;
Jan F. Chadima 69dd72
+	u_char *kbuf, *hash;
Jan F. Chadima 69dd72
+	DH *dh;
Jan F. Chadima 69dd72
+	int min = -1, max = -1, nbits = -1;
Jan F. Chadima 69dd72
+	BIGNUM *shared_secret = NULL;
Jan F. Chadima 69dd72
+	BIGNUM *dh_client_pub = NULL;
Jan F. Chadima 69dd72
+	int type = 0;
Jan F. Chadima 69dd72
+	gss_OID oid;
Jan F. Chadima 69dd72
+	char *mechs;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* Initialise GSSAPI */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* If we're rekeying, privsep means that some of the private structures
Jan F. Chadima 69dd72
+	 * in the GSSAPI code are no longer available. This kludges them back
Jan F. Chadima 69dd72
+	 * into life
Jan F. Chadima 69dd72
+	 */
Jan F. Chadima 69dd72
+	if (!ssh_gssapi_oid_table_ok()) 
Jan F. Chadima 69dd72
+		if ((mechs = ssh_gssapi_server_mechanisms()))
Jan F. Chadima 69dd72
+			xfree(mechs);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	debug2("%s: Identifying %s", __func__, kex->name);
Jan F. Chadima 69dd72
+	oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
Jan F. Chadima 69dd72
+	if (oid == GSS_C_NO_OID)
Jan F. Chadima 69dd72
+	   fatal("Unknown gssapi mechanism");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	debug2("%s: Acquiring credentials", __func__);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid))))
Jan F. Chadima 69dd72
+		fatal("Unable to acquire credentials for the server");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	switch (kex->kex_type) {
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP1_SHA1:
Jan F. Chadima 69dd72
+		dh = dh_new_group1();
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP14_SHA1:
Jan F. Chadima 69dd72
+		dh = dh_new_group14();
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GEX_SHA1:
Jan F. Chadima 69dd72
+		debug("Doing group exchange");
Jan F. Chadima 69dd72
+		packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ);
Jan F. Chadima 69dd72
+		min = packet_get_int();
Jan F. Chadima 69dd72
+		nbits = packet_get_int();
Jan F. Chadima 69dd72
+		max = packet_get_int();
Jan F. Chadima 69dd72
+		min = MAX(DH_GRP_MIN, min);
Jan F. Chadima 69dd72
+		max = MIN(DH_GRP_MAX, max);
Jan F. Chadima 69dd72
+		packet_check_eom();
Jan F. Chadima 69dd72
+		if (max < min || nbits < min || max < nbits)
Jan F. Chadima 69dd72
+			fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
Jan F. Chadima 69dd72
+			    min, nbits, max);
Jan F. Chadima 69dd72
+		dh = PRIVSEP(choose_dh(min, nbits, max));
Jan F. Chadima 69dd72
+		if (dh == NULL)
Jan F. Chadima 69dd72
+			packet_disconnect("Protocol error: no matching group found");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		packet_start(SSH2_MSG_KEXGSS_GROUP);
Jan F. Chadima 69dd72
+		packet_put_bignum2(dh->p);
Jan F. Chadima 69dd72
+		packet_put_bignum2(dh->g);
Jan F. Chadima 69dd72
+		packet_send();
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		packet_write_wait();
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	default:
Jan F. Chadima 69dd72
+		fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	dh_gen_key(dh, kex->we_need * 8);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	do {
Jan F. Chadima 69dd72
+		debug("Wait SSH2_MSG_GSSAPI_INIT");
Jan F. Chadima 69dd72
+		type = packet_read();
Jan F. Chadima 69dd72
+		switch(type) {
Jan F. Chadima 69dd72
+		case SSH2_MSG_KEXGSS_INIT:
Jan F. Chadima 69dd72
+			if (dh_client_pub != NULL) 
Jan F. Chadima 69dd72
+				fatal("Received KEXGSS_INIT after initialising");
Jan F. Chadima 69dd72
+			recv_tok.value = packet_get_string(&slen);
Jan F. Chadima 69dd72
+			recv_tok.length = slen; 
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			if ((dh_client_pub = BN_new()) == NULL)
Jan F. Chadima 69dd72
+				fatal("dh_client_pub == NULL");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			packet_get_bignum2(dh_client_pub);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			/* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */
Jan F. Chadima 69dd72
+			break;
Jan F. Chadima 69dd72
+		case SSH2_MSG_KEXGSS_CONTINUE:
Jan F. Chadima 69dd72
+			recv_tok.value = packet_get_string(&slen);
Jan F. Chadima 69dd72
+			recv_tok.length = slen; 
Jan F. Chadima 69dd72
+			break;
Jan F. Chadima 69dd72
+		default:
Jan F. Chadima 69dd72
+			packet_disconnect(
Jan F. Chadima 69dd72
+			    "Protocol error: didn't expect packet type %d",
Jan F. Chadima 69dd72
+			    type);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, 
Jan F. Chadima 69dd72
+		    &send_tok, &ret_flags));
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		xfree(recv_tok.value);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
Jan F. Chadima 69dd72
+			fatal("Zero length token output when incomplete");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (dh_client_pub == NULL)
Jan F. Chadima 69dd72
+			fatal("No client public key");
Jan F. Chadima 69dd72
+		
Jan F. Chadima 69dd72
+		if (maj_status & GSS_S_CONTINUE_NEEDED) {
Jan F. Chadima 69dd72
+			debug("Sending GSSAPI_CONTINUE");
Jan F. Chadima 69dd72
+			packet_start(SSH2_MSG_KEXGSS_CONTINUE);
Jan F. Chadima 69dd72
+			packet_put_string(send_tok.value, send_tok.length);
Jan F. Chadima 69dd72
+			packet_send();
Jan F. Chadima 69dd72
+			gss_release_buffer(&min_status, &send_tok);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+	} while (maj_status & GSS_S_CONTINUE_NEEDED);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (GSS_ERROR(maj_status)) {
Jan F. Chadima 69dd72
+		if (send_tok.length > 0) {
Jan F. Chadima 69dd72
+			packet_start(SSH2_MSG_KEXGSS_CONTINUE);
Jan F. Chadima 69dd72
+			packet_put_string(send_tok.value, send_tok.length);
Jan F. Chadima 69dd72
+			packet_send();
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+		fatal("accept_ctx died");
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (!(ret_flags & GSS_C_MUTUAL_FLAG))
Jan F. Chadima 69dd72
+		fatal("Mutual Authentication flag wasn't set");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (!(ret_flags & GSS_C_INTEG_FLAG))
Jan F. Chadima 69dd72
+		fatal("Integrity flag wasn't set");
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	if (!dh_pub_is_valid(dh, dh_client_pub))
Jan F. Chadima 69dd72
+		packet_disconnect("bad client public DH value");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	klen = DH_size(dh);
Jan F. Chadima 69dd72
+	kbuf = xmalloc(klen); 
Jan F. Chadima 69dd72
+	kout = DH_compute_key(kbuf, dh_client_pub, dh);
Jan F. Chadima 3b545b
+	if ((int)kout < 0)
Jan F. Chadima 69dd72
+		fatal("DH_compute_key: failed");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	shared_secret = BN_new();
Jan F. Chadima 69dd72
+	if (shared_secret == NULL)
Jan F. Chadima 69dd72
+		fatal("kexgss_server: BN_new failed");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
Jan F. Chadima 69dd72
+		fatal("kexgss_server: BN_bin2bn failed");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	memset(kbuf, 0, klen);
Jan F. Chadima 69dd72
+	xfree(kbuf);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	switch (kex->kex_type) {
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP1_SHA1:
Jan F. Chadima 69dd72
+	case KEX_GSS_GRP14_SHA1:
Jan F. Chadima 69dd72
+		kex_dh_hash(
Jan F. Chadima 69dd72
+		    kex->client_version_string, kex->server_version_string,
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->my), buffer_len(&kex->my),
Jan F. Chadima 69dd72
+		    NULL, 0, /* Change this if we start sending host keys */
Jan F. Chadima 69dd72
+		    dh_client_pub, dh->pub_key, shared_secret,
Jan F. Chadima 69dd72
+		    &hash, &hashlen
Jan F. Chadima 69dd72
+		);
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	case KEX_GSS_GEX_SHA1:
Jan F. Chadima 69dd72
+		kexgex_hash(
Jan F. Chadima 69dd72
+		    kex->evp_md,
Jan F. Chadima 69dd72
+		    kex->client_version_string, kex->server_version_string,
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
Jan F. Chadima 69dd72
+		    buffer_ptr(&kex->my), buffer_len(&kex->my),
Jan F. Chadima 69dd72
+		    NULL, 0,
Jan F. Chadima 69dd72
+		    min, nbits, max,
Jan F. Chadima 69dd72
+		    dh->p, dh->g,
Jan F. Chadima 69dd72
+		    dh_client_pub,
Jan F. Chadima 69dd72
+		    dh->pub_key,
Jan F. Chadima 69dd72
+		    shared_secret,
Jan F. Chadima 69dd72
+		    &hash, &hashlen
Jan F. Chadima 69dd72
+		);
Jan F. Chadima 69dd72
+		break;
Jan F. Chadima 69dd72
+	default:
Jan F. Chadima 69dd72
+		fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	BN_clear_free(dh_client_pub);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (kex->session_id == NULL) {
Jan F. Chadima 69dd72
+		kex->session_id_len = hashlen;
Jan F. Chadima 69dd72
+		kex->session_id = xmalloc(kex->session_id_len);
Jan F. Chadima 69dd72
+		memcpy(kex->session_id, hash, kex->session_id_len);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gssbuf.value = hash;
Jan F. Chadima 69dd72
+	gssbuf.length = hashlen;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok))))
Jan F. Chadima 69dd72
+		fatal("Couldn't get MIC");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	packet_start(SSH2_MSG_KEXGSS_COMPLETE);
Jan F. Chadima 69dd72
+	packet_put_bignum2(dh->pub_key);
Jan F. Chadima 69dd72
+	packet_put_string(msg_tok.value,msg_tok.length);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (send_tok.length != 0) {
Jan F. Chadima 69dd72
+		packet_put_char(1); /* true */
Jan F. Chadima 69dd72
+		packet_put_string(send_tok.value, send_tok.length);
Jan F. Chadima 69dd72
+	} else {
Jan F. Chadima 69dd72
+		packet_put_char(0); /* false */
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+	packet_send();
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gss_release_buffer(&min_status, &send_tok);
Jan F. Chadima 69dd72
+	gss_release_buffer(&min_status, &msg_tok);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (gss_kex_context == NULL)
Jan F. Chadima 69dd72
+		gss_kex_context = ctxt;
Jan F. Chadima 69dd72
+	else 
Jan F. Chadima 69dd72
+		ssh_gssapi_delete_ctx(&ctxt);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	DH_free(dh);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	kex_derive_keys(kex, hash, hashlen, shared_secret);
Jan F. Chadima 69dd72
+	BN_clear_free(shared_secret);
Jan F. Chadima 69dd72
+	kex_finish(kex);
Jan F. Chadima 69dd72
+
Petr Lautrbach d9e618
+	/* If this was a rekey, then save out any delegated credentials we
Petr Lautrbach d9e618
+	 * just exchanged.  */
Petr Lautrbach d9e618
+	if (options.gss_store_rekey)
Petr Lautrbach d9e618
+		ssh_gssapi_rekey_creds();
Petr Lautrbach d9e618
+}
Petr Lautrbach d9e618
+#endif /* GSSAPI */
Petr Lautrbach d9e618
diff -up openssh-5.9p1/kex.h.gsskex openssh-5.9p1/kex.h
Petr Lautrbach d9e618
--- openssh-5.9p1/kex.h.gsskex	2012-02-06 17:38:19.015845746 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/kex.h	2012-02-06 17:38:19.175129606 +0100
Petr Lautrbach d9e618
@@ -73,6 +73,9 @@ enum kex_exchange {
Petr Lautrbach d9e618
 	KEX_DH_GEX_SHA1,
Petr Lautrbach d9e618
 	KEX_DH_GEX_SHA256,
Petr Lautrbach d9e618
 	KEX_ECDH_SHA2,
Petr Lautrbach d9e618
+	KEX_GSS_GRP1_SHA1,
Petr Lautrbach d9e618
+	KEX_GSS_GRP14_SHA1,
Petr Lautrbach d9e618
+	KEX_GSS_GEX_SHA1,
Petr Lautrbach d9e618
 	KEX_MAX
Petr Lautrbach d9e618
 };
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
@@ -129,6 +132,12 @@ struct Kex {
Petr Lautrbach d9e618
 	sig_atomic_t done;
Petr Lautrbach d9e618
 	int	flags;
Petr Lautrbach d9e618
 	const EVP_MD *evp_md;
Petr Lautrbach d9e618
+#ifdef GSSAPI
Petr Lautrbach d9e618
+	int	gss_deleg_creds;
Petr Lautrbach d9e618
+	int	gss_trust_dns;
Petr Lautrbach d9e618
+	char    *gss_host;
Petr Lautrbach d9e618
+	char	*gss_client;
Petr Lautrbach d9e618
+#endif
Petr Lautrbach d9e618
 	char	*client_version_string;
Petr Lautrbach d9e618
 	char	*server_version_string;
Petr Lautrbach d9e618
 	int	(*verify_host_key)(Key *);
Petr Lautrbach d9e618
@@ -156,6 +165,11 @@ void	 kexgex_server(Kex *);
Petr Lautrbach d9e618
 void	 kexecdh_client(Kex *);
Petr Lautrbach d9e618
 void	 kexecdh_server(Kex *);
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
+#ifdef GSSAPI
Petr Lautrbach d9e618
+void	kexgss_client(Kex *);
Petr Lautrbach d9e618
+void	kexgss_server(Kex *);
Petr Lautrbach d9e618
+#endif
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
 void	newkeys_destroy(Newkeys *newkeys);
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 void
Petr Lautrbach d9e618
diff -up openssh-5.9p1/key.c.gsskex openssh-5.9p1/key.c
Petr Lautrbach d9e618
--- openssh-5.9p1/key.c.gsskex	2012-02-06 17:38:19.121787795 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/key.c	2012-02-06 17:38:19.176793341 +0100
Petr Lautrbach d9e618
@@ -1006,6 +1006,8 @@ key_ssh_name_from_type_nid(int type, int
Jan F. Chadima 69dd72
 		}
Jan F. Chadima 69dd72
 		break;
Jan F. Chadima 69dd72
 #endif /* OPENSSL_HAS_ECC */
Jan F. Chadima 69dd72
+	case KEY_NULL:
Jan F. Chadima 69dd72
+		return "null";
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 	return "ssh-unknown";
Jan F. Chadima 69dd72
 }
Petr Lautrbach d9e618
@@ -1311,6 +1313,8 @@ key_type_from_name(char *name)
Jan F. Chadima 69dd72
 	    strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) {
Jan F. Chadima 69dd72
 		return KEY_ECDSA_CERT;
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
+	} else if (strcmp(name, "null") == 0) {
Jan F. Chadima 69dd72
+		return KEY_NULL;
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	debug2("key_type_from_name: unknown key type '%s'", name);
Petr Lautrbach d9e618
diff -up openssh-5.9p1/key.h.gsskex openssh-5.9p1/key.h
Petr Lautrbach d9e618
--- openssh-5.9p1/key.h.gsskex	2012-02-06 17:38:19.029850894 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/key.h	2012-02-06 17:38:19.177807852 +0100
Jan F. Chadima 69dd72
@@ -44,6 +44,7 @@ enum types {
Jan F. Chadima 69dd72
 	KEY_ECDSA_CERT,
Jan F. Chadima 69dd72
 	KEY_RSA_CERT_V00,
Jan F. Chadima 69dd72
 	KEY_DSA_CERT_V00,
Jan F. Chadima 69dd72
+	KEY_NULL,
Jan F. Chadima 69dd72
 	KEY_UNSPEC
Jan F. Chadima 69dd72
 };
Jan F. Chadima 69dd72
 enum fp_type {
Petr Lautrbach d9e618
diff -up openssh-5.9p1/Makefile.in.gsskex openssh-5.9p1/Makefile.in
Petr Lautrbach d9e618
--- openssh-5.9p1/Makefile.in.gsskex	2012-02-06 17:38:19.164220442 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/Makefile.in	2012-02-06 17:38:19.166867405 +0100
Petr Lautrbach d9e618
@@ -75,6 +75,7 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o b
Petr Lautrbach d9e618
 	atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
Petr Lautrbach d9e618
 	monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
Petr Lautrbach d9e618
 	kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \
Petr Lautrbach d9e618
+	kexgssc.o \
Petr Lautrbach d9e618
 	msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o jpake.o \
Petr Lautrbach d9e618
 	schnorr.o ssh-pkcs11.o auditstub.o
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
@@ -91,7 +92,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
Petr Lautrbach d9e618
 	auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-jpake.o \
Petr Lautrbach d9e618
 	monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \
Petr Lautrbach d9e618
 	auth-krb5.o \
Petr Lautrbach d9e618
-	auth2-gss.o gss-serv.o gss-serv-krb5.o \
Petr Lautrbach d9e618
+	auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o\
Petr Lautrbach d9e618
 	loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
Petr Lautrbach d9e618
 	sftp-server.o sftp-common.o \
Petr Lautrbach d9e618
 	roaming_common.o roaming_serv.o \
Petr Lautrbach d9e618
diff -up openssh-5.9p1/monitor.c.gsskex openssh-5.9p1/monitor.c
Petr Lautrbach d9e618
--- openssh-5.9p1/monitor.c.gsskex	2012-02-06 17:38:19.048914842 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/monitor.c	2012-02-06 17:48:43.113815884 +0100
Petr Lautrbach d9e618
@@ -186,6 +186,8 @@ int mm_answer_gss_setup_ctx(int, Buffer 
Jan F. Chadima 69dd72
 int mm_answer_gss_accept_ctx(int, Buffer *);
Jan F. Chadima 69dd72
 int mm_answer_gss_userok(int, Buffer *);
Jan F. Chadima 69dd72
 int mm_answer_gss_checkmic(int, Buffer *);
Jan F. Chadima 69dd72
+int mm_answer_gss_sign(int, Buffer *);
Jan F. Chadima 69dd72
+int mm_answer_gss_updatecreds(int, Buffer *);
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #ifdef SSH_AUDIT_EVENTS
Petr Lautrbach d9e618
@@ -270,6 +272,7 @@ struct mon_table mon_dispatch_proto20[] 
Jan F. Chadima 69dd72
     {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
Jan F. Chadima 69dd72
     {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
Jan F. Chadima 69dd72
     {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
Jan F. Chadima 69dd72
+    {MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign},
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
 #ifdef JPAKE
Jan F. Chadima 69dd72
     {MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},
Petr Lautrbach d9e618
@@ -282,6 +285,12 @@ struct mon_table mon_dispatch_proto20[] 
Jan F. Chadima 69dd72
 };
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 struct mon_table mon_dispatch_postauth20[] = {
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+    {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx},
Jan F. Chadima 69dd72
+    {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
Jan F. Chadima 69dd72
+    {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign},
Jan F. Chadima 69dd72
+    {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds},
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
     {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
Jan F. Chadima 69dd72
     {MONITOR_REQ_SIGN, 0, mm_answer_sign},
Jan F. Chadima 69dd72
     {MONITOR_REQ_PTY, 0, mm_answer_pty},
Petr Lautrbach d9e618
@@ -406,6 +415,10 @@ monitor_child_preauth(Authctxt *_authctx
Jan F. Chadima 69dd72
 		/* Permit requests for moduli and signatures */
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+		/* and for the GSSAPI key exchange */
Jan F. Chadima 69dd72
+		monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 	} else {
Jan F. Chadima 69dd72
 		mon_dispatch = mon_dispatch_proto15;
Petr Lautrbach d9e618
 		req_auth = &options.required_auth1;
Petr Lautrbach d9e618
@@ -514,6 +527,10 @@ monitor_child_postauth(struct monitor *p
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+		/* and for the GSSAPI key exchange */
Jan F. Chadima 69dd72
+		monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
Jan F. Chadima 69dd72
+#endif		
Jan F. Chadima 69dd72
 	} else {
Jan F. Chadima 69dd72
 		mon_dispatch = mon_dispatch_postauth15;
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
Petr Lautrbach d9e618
@@ -1943,6 +1960,13 @@ mm_get_kex(Buffer *m)
Jan F. Chadima 69dd72
 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
Jan F. Chadima 69dd72
 	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
Jan F. Chadima 69dd72
 	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	if (options.gss_keyex) {
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 	kex->server = 1;
Jan F. Chadima 69dd72
 	kex->hostkey_type = buffer_get_int(m);
Jan F. Chadima 69dd72
 	kex->kex_type = buffer_get_int(m);
Petr Lautrbach d9e618
@@ -2166,6 +2190,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer
Jan F. Chadima 69dd72
 	OM_uint32 major;
Jan F. Chadima 69dd72
 	u_int len;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	if (!options.gss_authentication && !options.gss_keyex)
Jan F. Chadima 69dd72
+		fatal("In GSSAPI monitor when GSSAPI is disabled");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	goid.elements = buffer_get_string(m, &len;;
Jan F. Chadima 69dd72
 	goid.length = len;
Jan F. Chadima 69dd72
 
Petr Lautrbach d9e618
@@ -2193,6 +2220,9 @@ mm_answer_gss_accept_ctx(int sock, Buffe
Jan F. Chadima 69dd72
 	OM_uint32 flags = 0; /* GSI needs this */
Jan F. Chadima 69dd72
 	u_int len;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	if (!options.gss_authentication && !options.gss_keyex)
Jan F. Chadima 69dd72
+		fatal("In GSSAPI monitor when GSSAPI is disabled");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	in.value = buffer_get_string(m, &len;;
Jan F. Chadima 69dd72
 	in.length = len;
Jan F. Chadima 69dd72
 	major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
Petr Lautrbach d9e618
@@ -2210,6 +2240,7 @@ mm_answer_gss_accept_ctx(int sock, Buffe
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
Jan F. Chadima 69dd72
 		monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
Jan F. Chadima 69dd72
+		monitor_permit(mon_dispatch, MONITOR_REQ_GSSSIGN, 1);
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
 	return (0);
Jan F. Chadima 69dd72
 }
Petr Lautrbach d9e618
@@ -2221,6 +2252,9 @@ mm_answer_gss_checkmic(int sock, Buffer 
Jan F. Chadima 69dd72
 	OM_uint32 ret;
Jan F. Chadima 69dd72
 	u_int len;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	if (!options.gss_authentication && !options.gss_keyex)
Jan F. Chadima 69dd72
+		fatal("In GSSAPI monitor when GSSAPI is disabled");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	gssbuf.value = buffer_get_string(m, &len;;
Jan F. Chadima 69dd72
 	gssbuf.length = len;
Jan F. Chadima 69dd72
 	mic.value = buffer_get_string(m, &len;;
Petr Lautrbach d9e618
@@ -2247,7 +2281,11 @@ mm_answer_gss_userok(int sock, Buffer *m
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
 	int authenticated;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
-	authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user);
Jan F. Chadima 69dd72
+	if (!options.gss_authentication && !options.gss_keyex)
Jan F. Chadima 69dd72
+		fatal("In GSSAPI monitor when GSSAPI is disabled");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	authenticated = authctxt->valid && 
Jan F. Chadima 69dd72
+	    ssh_gssapi_userok(authctxt->user, authctxt->pw);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	buffer_clear(m);
Jan F. Chadima 69dd72
 	buffer_put_int(m, authenticated);
Petr Lautrbach d9e618
@@ -2261,6 +2299,74 @@ mm_answer_gss_userok(int sock, Buffer *m
Jan F. Chadima 69dd72
 	/* Monitor loop will terminate if authenticated */
Jan F. Chadima 69dd72
 	return (authenticated);
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+int 
Jan F. Chadima 69dd72
+mm_answer_gss_sign(int socket, Buffer *m)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	gss_buffer_desc data;
Jan F. Chadima 69dd72
+	gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
Jan F. Chadima 69dd72
+	OM_uint32 major, minor;
Jan F. Chadima 69dd72
+	u_int len;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (!options.gss_authentication && !options.gss_keyex)
Jan F. Chadima 69dd72
+		fatal("In GSSAPI monitor when GSSAPI is disabled");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	data.value = buffer_get_string(m, &len;;
Jan F. Chadima 69dd72
+	data.length = len;
Jan F. Chadima 69dd72
+	if (data.length != 20) 
Jan F. Chadima 69dd72
+		fatal("%s: data length incorrect: %d", __func__, 
Jan F. Chadima 69dd72
+		    (int) data.length);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* Save the session ID on the first time around */
Jan F. Chadima 69dd72
+	if (session_id2_len == 0) {
Jan F. Chadima 69dd72
+		session_id2_len = data.length;
Jan F. Chadima 69dd72
+		session_id2 = xmalloc(session_id2_len);
Jan F. Chadima 69dd72
+		memcpy(session_id2, data.value, session_id2_len);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+	major = ssh_gssapi_sign(gsscontext, &data, &hash);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	xfree(data.value);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_clear(m);
Jan F. Chadima 69dd72
+	buffer_put_int(m, major);
Jan F. Chadima 69dd72
+	buffer_put_string(m, hash.value, hash.length);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	mm_request_send(socket, MONITOR_ANS_GSSSIGN, m);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gss_release_buffer(&minor, &hash);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* Turn on getpwnam permissions */
Jan F. Chadima 69dd72
+	monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	/* And credential updating, for when rekeying */
Jan F. Chadima 69dd72
+	monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return (0);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+int
Jan F. Chadima 69dd72
+mm_answer_gss_updatecreds(int socket, Buffer *m) {
Jan F. Chadima 69dd72
+	ssh_gssapi_ccache store;
Jan F. Chadima 69dd72
+	int ok;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	store.filename = buffer_get_string(m, NULL);
Jan F. Chadima 69dd72
+	store.envvar   = buffer_get_string(m, NULL);
Jan F. Chadima 69dd72
+	store.envval   = buffer_get_string(m, NULL);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	ok = ssh_gssapi_update_creds(&store);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	xfree(store.filename);
Jan F. Chadima 69dd72
+	xfree(store.envvar);
Jan F. Chadima 69dd72
+	xfree(store.envval);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_clear(m);
Jan F. Chadima 69dd72
+	buffer_put_int(m, ok);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return(0);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 #endif /* GSSAPI */
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #ifdef JPAKE
Petr Lautrbach d9e618
diff -up openssh-5.9p1/monitor.h.gsskex openssh-5.9p1/monitor.h
Petr Lautrbach d9e618
--- openssh-5.9p1/monitor.h.gsskex	2012-02-06 17:38:19.049917992 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/monitor.h	2012-02-06 17:38:19.178823232 +0100
Jan F. Chadima 69dd72
@@ -56,6 +56,8 @@ enum monitor_reqtype {
Jan F. Chadima 69dd72
 	MONITOR_REQ_GSSSTEP, MONITOR_ANS_GSSSTEP,
Jan F. Chadima 69dd72
 	MONITOR_REQ_GSSUSEROK, MONITOR_ANS_GSSUSEROK,
Jan F. Chadima 69dd72
 	MONITOR_REQ_GSSCHECKMIC, MONITOR_ANS_GSSCHECKMIC,
Jan F. Chadima 69dd72
+	MONITOR_REQ_GSSSIGN, MONITOR_ANS_GSSSIGN,
Jan F. Chadima 69dd72
+	MONITOR_REQ_GSSUPCREDS, MONITOR_ANS_GSSUPCREDS,
Jan F. Chadima 69dd72
 	MONITOR_REQ_PAM_START,
Jan F. Chadima 69dd72
 	MONITOR_REQ_PAM_ACCOUNT, MONITOR_ANS_PAM_ACCOUNT,
Jan F. Chadima 69dd72
 	MONITOR_REQ_PAM_INIT_CTX, MONITOR_ANS_PAM_INIT_CTX,
Petr Lautrbach d9e618
diff -up openssh-5.9p1/monitor_wrap.c.gsskex openssh-5.9p1/monitor_wrap.c
Petr Lautrbach d9e618
--- openssh-5.9p1/monitor_wrap.c.gsskex	2012-02-06 17:38:19.050803985 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/monitor_wrap.c	2012-02-06 17:38:19.179838373 +0100
Petr Lautrbach d9e618
@@ -1326,7 +1326,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 int
Jan F. Chadima 69dd72
-mm_ssh_gssapi_userok(char *user)
Jan F. Chadima 69dd72
+mm_ssh_gssapi_userok(char *user, struct passwd *pw)
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
 	Buffer m;
Jan F. Chadima 69dd72
 	int authenticated = 0;
Petr Lautrbach d9e618
@@ -1343,6 +1343,51 @@ mm_ssh_gssapi_userok(char *user)
Jan F. Chadima 69dd72
 	debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
Jan F. Chadima 69dd72
 	return (authenticated);
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+OM_uint32
Jan F. Chadima 69dd72
+mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	Buffer m;
Jan F. Chadima 69dd72
+	OM_uint32 major;
Jan F. Chadima 69dd72
+	u_int len;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_init(&m);
Jan F. Chadima 69dd72
+	buffer_put_string(&m, data->value, data->length);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, &m);
Jan F. Chadima 69dd72
+	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, &m);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	major = buffer_get_int(&m);
Jan F. Chadima 69dd72
+	hash->value = buffer_get_string(&m, &len;;
Jan F. Chadima 69dd72
+	hash->length = len;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_free(&m);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return(major);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+int
Jan F. Chadima 69dd72
+mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	Buffer m;
Jan F. Chadima 69dd72
+	int ok;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_init(&m);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_put_cstring(&m, store->filename ? store->filename : "");
Jan F. Chadima 69dd72
+	buffer_put_cstring(&m, store->envvar ? store->envvar : "");
Jan F. Chadima 69dd72
+	buffer_put_cstring(&m, store->envval ? store->envval : "");
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, &m);
Jan F. Chadima 69dd72
+	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, &m);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	ok = buffer_get_int(&m);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_free(&m);
Jan F. Chadima 69dd72
+	
Jan F. Chadima 69dd72
+	return (ok);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 #endif /* GSSAPI */
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #ifdef JPAKE
Petr Lautrbach d9e618
diff -up openssh-5.9p1/monitor_wrap.h.gsskex openssh-5.9p1/monitor_wrap.h
Petr Lautrbach d9e618
--- openssh-5.9p1/monitor_wrap.h.gsskex	2012-02-06 17:38:19.050803985 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/monitor_wrap.h	2012-02-06 17:38:19.180853859 +0100
Petr Lautrbach d9e618
@@ -62,8 +62,10 @@ BIGNUM *mm_auth_rsa_generate_challenge(K
Jan F. Chadima 69dd72
 OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
Jan F. Chadima 69dd72
 OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
Jan F. Chadima 69dd72
    gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
Jan F. Chadima 69dd72
-int mm_ssh_gssapi_userok(char *user);
Jan F. Chadima 69dd72
+int mm_ssh_gssapi_userok(char *user, struct passwd *);
Jan F. Chadima 69dd72
 OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
Jan F. Chadima 69dd72
+OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
Jan F. Chadima 69dd72
+int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *);
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 #ifdef USE_PAM
Petr Lautrbach d9e618
diff -up openssh-5.9p1/readconf.c.gsskex openssh-5.9p1/readconf.c
Petr Lautrbach d9e618
--- openssh-5.9p1/readconf.c.gsskex	2011-05-29 13:42:31.000000000 +0200
Petr Lautrbach d9e618
+++ openssh-5.9p1/readconf.c	2012-02-06 17:38:19.181868712 +0100
Jan F. Chadima 69dd72
@@ -129,6 +129,8 @@ typedef enum {
Jan F. Chadima 69dd72
 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
Jan F. Chadima 69dd72
 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
Jan F. Chadima 69dd72
 	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
Jan F. Chadima 69dd72
+	oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
Jan F. Chadima 69dd72
+	oGssServerIdentity, 
Jan F. Chadima 69dd72
 	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
Jan F. Chadima 69dd72
 	oSendEnv, oControlPath, oControlMaster, oControlPersist,
Jan F. Chadima 69dd72
 	oHashKnownHosts,
Jan F. Chadima 69dd72
@@ -169,10 +171,19 @@ static struct {
Jan F. Chadima 69dd72
 	{ "afstokenpassing", oUnsupported },
Jan F. Chadima 69dd72
 #if defined(GSSAPI)
Jan F. Chadima 69dd72
 	{ "gssapiauthentication", oGssAuthentication },
Jan F. Chadima 69dd72
+	{ "gssapikeyexchange", oGssKeyEx },
Jan F. Chadima 69dd72
 	{ "gssapidelegatecredentials", oGssDelegateCreds },
Jan F. Chadima 69dd72
+	{ "gssapitrustdns", oGssTrustDns },
Jan F. Chadima 69dd72
+	{ "gssapiclientidentity", oGssClientIdentity },
Jan F. Chadima 69dd72
+	{ "gssapiserveridentity", oGssServerIdentity },
Jan F. Chadima 69dd72
+	{ "gssapirenewalforcesrekey", oGssRenewalRekey },
Jan F. Chadima 69dd72
 #else
Jan F. Chadima 69dd72
 	{ "gssapiauthentication", oUnsupported },
Jan F. Chadima 69dd72
+	{ "gssapikeyexchange", oUnsupported },
Jan F. Chadima 69dd72
 	{ "gssapidelegatecredentials", oUnsupported },
Jan F. Chadima 69dd72
+	{ "gssapitrustdns", oUnsupported },
Jan F. Chadima 69dd72
+	{ "gssapiclientidentity", oUnsupported },
Jan F. Chadima 69dd72
+	{ "gssapirenewalforcesrekey", oUnsupported },
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
 	{ "fallbacktorsh", oDeprecated },
Jan F. Chadima 69dd72
 	{ "usersh", oDeprecated },
Jan F. Chadima 69dd72
@@ -482,10 +493,30 @@ parse_flag:
Jan F. Chadima 69dd72
 		intptr = &options->gss_authentication;
Jan F. Chadima 69dd72
 		goto parse_flag;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	case oGssKeyEx:
Jan F. Chadima 69dd72
+		intptr = &options->gss_keyex;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	case oGssDelegateCreds:
Jan F. Chadima 69dd72
 		intptr = &options->gss_deleg_creds;
Jan F. Chadima 69dd72
 		goto parse_flag;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	case oGssTrustDns:
Jan F. Chadima 69dd72
+		intptr = &options->gss_trust_dns;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	case oGssClientIdentity:
Jan F. Chadima 69dd72
+		charptr = &options->gss_client_identity;
Jan F. Chadima 69dd72
+		goto parse_string;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	case oGssServerIdentity:
Jan F. Chadima 69dd72
+		charptr = &options->gss_server_identity;
Jan F. Chadima 69dd72
+		goto parse_string;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	case oGssRenewalRekey:
Jan F. Chadima 69dd72
+		intptr = &options->gss_renewal_rekey;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	case oBatchMode:
Jan F. Chadima 69dd72
 		intptr = &options->batch_mode;
Jan F. Chadima 69dd72
 		goto parse_flag;
Jan F. Chadima 69dd72
@@ -1138,7 +1169,12 @@ initialize_options(Options * options)
Jan F. Chadima 69dd72
 	options->pubkey_authentication = -1;
Jan F. Chadima 69dd72
 	options->challenge_response_authentication = -1;
Jan F. Chadima 69dd72
 	options->gss_authentication = -1;
Jan F. Chadima 69dd72
+	options->gss_keyex = -1;
Jan F. Chadima 69dd72
 	options->gss_deleg_creds = -1;
Jan F. Chadima 69dd72
+	options->gss_trust_dns = -1;
Jan F. Chadima 69dd72
+	options->gss_renewal_rekey = -1;
Jan F. Chadima 69dd72
+	options->gss_client_identity = NULL;
Jan F. Chadima 69dd72
+	options->gss_server_identity = NULL;
Jan F. Chadima 69dd72
 	options->password_authentication = -1;
Jan F. Chadima 69dd72
 	options->kbd_interactive_authentication = -1;
Jan F. Chadima 69dd72
 	options->kbd_interactive_devices = NULL;
Jan F. Chadima 69dd72
@@ -1238,8 +1274,14 @@ fill_default_options(Options * options)
Jan F. Chadima 69dd72
 		options->challenge_response_authentication = 1;
Jan F. Chadima 69dd72
 	if (options->gss_authentication == -1)
Jan F. Chadima 69dd72
 		options->gss_authentication = 0;
Jan F. Chadima 69dd72
+	if (options->gss_keyex == -1)
Jan F. Chadima 69dd72
+		options->gss_keyex = 0;
Jan F. Chadima 69dd72
 	if (options->gss_deleg_creds == -1)
Jan F. Chadima 69dd72
 		options->gss_deleg_creds = 0;
Jan F. Chadima 69dd72
+	if (options->gss_trust_dns == -1)
Jan F. Chadima 69dd72
+		options->gss_trust_dns = 0;
Jan F. Chadima 69dd72
+	if (options->gss_renewal_rekey == -1)
Jan F. Chadima 69dd72
+		options->gss_renewal_rekey = 0;
Jan F. Chadima 69dd72
 	if (options->password_authentication == -1)
Jan F. Chadima 69dd72
 		options->password_authentication = 1;
Jan F. Chadima 69dd72
 	if (options->kbd_interactive_authentication == -1)
Petr Lautrbach d9e618
diff -up openssh-5.9p1/readconf.h.gsskex openssh-5.9p1/readconf.h
Petr Lautrbach d9e618
--- openssh-5.9p1/readconf.h.gsskex	2011-05-29 13:42:33.000000000 +0200
Petr Lautrbach d9e618
+++ openssh-5.9p1/readconf.h	2012-02-06 17:38:19.181868712 +0100
Jan F. Chadima 69dd72
@@ -47,7 +47,12 @@ typedef struct {
Jan F. Chadima 69dd72
 	int     challenge_response_authentication;
Jan F. Chadima 69dd72
 					/* Try S/Key or TIS, authentication. */
Jan F. Chadima 69dd72
 	int     gss_authentication;	/* Try GSS authentication */
Jan F. Chadima 69dd72
+	int     gss_keyex;		/* Try GSS key exchange */
Jan F. Chadima 69dd72
 	int     gss_deleg_creds;	/* Delegate GSS credentials */
Jan F. Chadima 69dd72
+	int	gss_trust_dns;		/* Trust DNS for GSS canonicalization */
Jan F. Chadima 69dd72
+	int	gss_renewal_rekey;	/* Credential renewal forces rekey */
Jan F. Chadima 69dd72
+	char    *gss_client_identity;   /* Principal to initiate GSSAPI with */
Jan F. Chadima 69dd72
+	char    *gss_server_identity;   /* GSSAPI target principal */
Jan F. Chadima 69dd72
 	int     password_authentication;	/* Try password
Jan F. Chadima 69dd72
 						 * authentication. */
Jan F. Chadima 69dd72
 	int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
Petr Lautrbach d9e618
diff -up openssh-5.9p1/servconf.c.gsskex openssh-5.9p1/servconf.c
Petr Lautrbach d9e618
--- openssh-5.9p1/servconf.c.gsskex	2012-02-06 17:38:19.152024134 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/servconf.c	2012-02-06 17:51:50.815868372 +0100
Petr Lautrbach d9e618
@@ -99,7 +99,10 @@ initialize_server_options(ServerOptions 
Jan F. Chadima 69dd72
 	options->kerberos_ticket_cleanup = -1;
Jan F. Chadima 69dd72
 	options->kerberos_get_afs_token = -1;
Jan F. Chadima 69dd72
 	options->gss_authentication=-1;
Jan F. Chadima 69dd72
+	options->gss_keyex = -1;
Jan F. Chadima 69dd72
 	options->gss_cleanup_creds = -1;
Jan F. Chadima 69dd72
+	options->gss_strict_acceptor = -1;
Jan F. Chadima 69dd72
+	options->gss_store_rekey = -1;
Jan F. Chadima 69dd72
 	options->password_authentication = -1;
Jan F. Chadima 69dd72
 	options->kbd_interactive_authentication = -1;
Jan F. Chadima 69dd72
 	options->challenge_response_authentication = -1;
Petr Lautrbach d9e618
@@ -232,8 +235,14 @@ fill_default_server_options(ServerOption
Jan F. Chadima 69dd72
 		options->kerberos_get_afs_token = 0;
Jan F. Chadima 69dd72
 	if (options->gss_authentication == -1)
Jan F. Chadima 69dd72
 		options->gss_authentication = 0;
Jan F. Chadima 69dd72
+	if (options->gss_keyex == -1)
Jan F. Chadima 69dd72
+		options->gss_keyex = 0;
Jan F. Chadima 69dd72
 	if (options->gss_cleanup_creds == -1)
Jan F. Chadima 69dd72
 		options->gss_cleanup_creds = 1;
Jan F. Chadima 69dd72
+	if (options->gss_strict_acceptor == -1)
Jan F. Chadima 69dd72
+		options->gss_strict_acceptor = 1;
Jan F. Chadima 69dd72
+	if (options->gss_store_rekey == -1)
Jan F. Chadima 69dd72
+		options->gss_store_rekey = 0;
Jan F. Chadima 69dd72
 	if (options->password_authentication == -1)
Jan F. Chadima 69dd72
 		options->password_authentication = 1;
Jan F. Chadima 69dd72
 	if (options->kbd_interactive_authentication == -1)
Petr Lautrbach d9e618
@@ -327,7 +336,9 @@ typedef enum {
Petr Lautrbach d9e618
 	sBanner, sShowPatchLevel, sUseDNS, sHostbasedAuthentication,
Petr Lautrbach d9e618
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
Petr Lautrbach d9e618
 	sClientAliveCountMax, sAuthorizedKeysFile,
Jan F. Chadima 69dd72
-	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
Jan F. Chadima 69dd72
+	sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
Jan F. Chadima 69dd72
+	sGssKeyEx, sGssStoreRekey,
Jan F. Chadima 69dd72
+	sAcceptEnv, sPermitTunnel,
Petr Lautrbach d9e618
 	sRequiredAuthentications1, sRequiredAuthentications2,
Jan F. Chadima 69dd72
 	sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
Jan F. Chadima 69dd72
 	sUsePrivilegeSeparation, sAllowAgentForwarding,
Petr Lautrbach d9e618
@@ -393,10 +404,20 @@ static struct {
Jan F. Chadima 69dd72
 #ifdef GSSAPI
Jan F. Chadima 69dd72
 	{ "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapicleanupcreds", sGssCleanupCreds, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 #else
Jan F. Chadima 69dd72
 	{ "gssapiauthentication", sUnsupported, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapicleanupcreds", sUnsupported, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
+	{ "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
+	{ "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 	{ "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
Petr Lautrbach d9e618
@@ -983,10 +1004,22 @@ process_server_config_line(ServerOptions
Jan F. Chadima 69dd72
 		intptr = &options->gss_authentication;
Jan F. Chadima 69dd72
 		goto parse_flag;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	case sGssKeyEx:
Jan F. Chadima 69dd72
+		intptr = &options->gss_keyex;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	case sGssCleanupCreds:
Jan F. Chadima 69dd72
 		intptr = &options->gss_cleanup_creds;
Jan F. Chadima 69dd72
 		goto parse_flag;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	case sGssStrictAcceptor:
Jan F. Chadima 69dd72
+		intptr = &options->gss_strict_acceptor;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	case sGssStoreRekey:
Jan F. Chadima 69dd72
+		intptr = &options->gss_store_rekey;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	case sPasswordAuthentication:
Jan F. Chadima 69dd72
 		intptr = &options->password_authentication;
Jan F. Chadima 69dd72
 		goto parse_flag;
Petr Lautrbach d9e618
@@ -1794,6 +1827,9 @@ dump_config(ServerOptions *o)
Petr Lautrbach d9e618
 #ifdef GSSAPI
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
Jan F. Chadima 69dd72
+	dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
Jan F. Chadima 69dd72
+	dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor);
Jan F. Chadima 69dd72
+	dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey);
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
 #ifdef JPAKE
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
Petr Lautrbach d9e618
diff -up openssh-5.9p1/servconf.h.gsskex openssh-5.9p1/servconf.h
Petr Lautrbach d9e618
--- openssh-5.9p1/servconf.h.gsskex	2012-02-06 17:38:19.153039971 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/servconf.h	2012-02-06 17:38:19.183899042 +0100
Jan F. Chadima 69dd72
@@ -103,7 +103,10 @@ typedef struct {
Jan F. Chadima 69dd72
 	int     kerberos_get_afs_token;		/* If true, try to get AFS token if
Jan F. Chadima 69dd72
 						 * authenticated with Kerberos. */
Jan F. Chadima 69dd72
 	int     gss_authentication;	/* If true, permit GSSAPI authentication */
Jan F. Chadima 69dd72
+	int     gss_keyex;		/* If true, permit GSSAPI key exchange */
Jan F. Chadima 69dd72
 	int     gss_cleanup_creds;	/* If true, destroy cred cache on logout */
Jan F. Chadima 69dd72
+	int 	gss_strict_acceptor;	/* If true, restrict the GSSAPI acceptor name */
Jan F. Chadima 69dd72
+	int 	gss_store_rekey;
Jan F. Chadima 69dd72
 	int     password_authentication;	/* If true, permit password
Jan F. Chadima 69dd72
 						 * authentication. */
Jan F. Chadima 69dd72
 	int     kbd_interactive_authentication;	/* If true, permit */
Petr Lautrbach d9e618
diff -up openssh-5.9p1/ssh_config.gsskex openssh-5.9p1/ssh_config
Petr Lautrbach d9e618
--- openssh-5.9p1/ssh_config.gsskex	2012-02-06 17:38:19.140228679 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/ssh_config	2012-02-06 17:38:19.185931798 +0100
Petr Lautrbach d9e618
@@ -26,6 +26,8 @@
Petr Lautrbach d9e618
 #   HostbasedAuthentication no
Petr Lautrbach d9e618
 #   GSSAPIAuthentication no
Petr Lautrbach d9e618
 #   GSSAPIDelegateCredentials no
Petr Lautrbach d9e618
+#   GSSAPIKeyExchange no
Petr Lautrbach d9e618
+#   GSSAPITrustDNS no
Petr Lautrbach d9e618
 #   BatchMode no
Petr Lautrbach d9e618
 #   CheckHostIP yes
Petr Lautrbach d9e618
 #   AddressFamily any
Petr Lautrbach d9e618
diff -up openssh-5.9p1/ssh_config.5.gsskex openssh-5.9p1/ssh_config.5
Petr Lautrbach d9e618
--- openssh-5.9p1/ssh_config.5.gsskex	2011-08-05 22:17:32.000000000 +0200
Petr Lautrbach d9e618
+++ openssh-5.9p1/ssh_config.5	2012-02-06 17:38:19.184919538 +0100
Jan F. Chadima 69dd72
@@ -527,11 +527,43 @@ Specifies whether user authentication ba
Jan F. Chadima 69dd72
 The default is
Jan F. Chadima 69dd72
 .Dq no .
Jan F. Chadima 69dd72
 Note that this option applies to protocol version 2 only.
Jan F. Chadima 69dd72
+.It Cm GSSAPIKeyExchange
Jan F. Chadima 69dd72
+Specifies whether key exchange based on GSSAPI may be used. When using
Jan F. Chadima 69dd72
+GSSAPI key exchange the server need not have a host key.
Jan F. Chadima 69dd72
+The default is
Jan F. Chadima 69dd72
+.Dq no .
Jan F. Chadima 69dd72
+Note that this option applies to protocol version 2 only.
Jan F. Chadima 69dd72
+.It Cm GSSAPIClientIdentity
Jan F. Chadima 69dd72
+If set, specifies the GSSAPI client identity that ssh should use when 
Jan F. Chadima 69dd72
+connecting to the server. The default is unset, which means that the default 
Jan F. Chadima 69dd72
+identity will be used.
Jan F. Chadima 69dd72
+.It Cm GSSAPIServerIdentity
Jan F. Chadima 69dd72
+If set, specifies the GSSAPI server identity that ssh should expect when 
Jan F. Chadima 69dd72
+connecting to the server. The default is unset, which means that the
Jan F. Chadima 69dd72
+expected GSSAPI server identity will be determined from the target
Jan F. Chadima 69dd72
+hostname.
Jan F. Chadima 69dd72
 .It Cm GSSAPIDelegateCredentials
Jan F. Chadima 69dd72
 Forward (delegate) credentials to the server.
Jan F. Chadima 69dd72
 The default is
Jan F. Chadima 69dd72
 .Dq no .
Jan F. Chadima 69dd72
-Note that this option applies to protocol version 2 only.
Jan F. Chadima 69dd72
+Note that this option applies to protocol version 2 connections using GSSAPI.
Jan F. Chadima 69dd72
+.It Cm GSSAPIRenewalForcesRekey
Jan F. Chadima 69dd72
+If set to 
Jan F. Chadima 69dd72
+.Dq yes
Jan F. Chadima 69dd72
+then renewal of the client's GSSAPI credentials will force the rekeying of the
Jan F. Chadima 69dd72
+ssh connection. With a compatible server, this can delegate the renewed 
Jan F. Chadima 69dd72
+credentials to a session on the server.
Jan F. Chadima 69dd72
+The default is
Jan F. Chadima 69dd72
+.Dq no .
Jan F. Chadima 69dd72
+.It Cm GSSAPITrustDns
Jan F. Chadima 69dd72
+Set to 
Jan F. Chadima 69dd72
+.Dq yes to indicate that the DNS is trusted to securely canonicalize
Jan F. Chadima 69dd72
+the name of the host being connected to. If 
Jan F. Chadima 69dd72
+.Dq no, the hostname entered on the
Jan F. Chadima 69dd72
+command line will be passed untouched to the GSSAPI library.
Jan F. Chadima 69dd72
+The default is
Jan F. Chadima 69dd72
+.Dq no .
Jan F. Chadima 69dd72
+This option only applies to protocol version 2 connections using GSSAPI.
Jan F. Chadima 69dd72
 .It Cm HashKnownHosts
Jan F. Chadima 69dd72
 Indicates that
Jan F. Chadima 69dd72
 .Xr ssh 1
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshconnect2.c.gsskex openssh-5.9p1/sshconnect2.c
Petr Lautrbach d9e618
--- openssh-5.9p1/sshconnect2.c.gsskex	2012-02-06 17:38:19.125220406 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshconnect2.c	2012-02-06 17:38:19.186899323 +0100
Jan F. Chadima 69dd72
@@ -162,9 +162,34 @@ ssh_kex2(char *host, struct sockaddr *ho
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
 	Kex *kex;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	char *orig = NULL, *gss = NULL;
Jan F. Chadima 69dd72
+	char *gss_host = NULL;
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	xxx_host = host;
Jan F. Chadima 69dd72
 	xxx_hostaddr = hostaddr;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	if (options.gss_keyex) {
Jan F. Chadima 69dd72
+		/* Add the GSSAPI mechanisms currently supported on this 
Jan F. Chadima 69dd72
+		 * client to the key exchange algorithm proposal */
Jan F. Chadima 69dd72
+		orig = myproposal[PROPOSAL_KEX_ALGS];
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (options.gss_trust_dns)
Jan F. Chadima 69dd72
+			gss_host = (char *)get_canonical_hostname(1);
Jan F. Chadima 69dd72
+		else
Jan F. Chadima 69dd72
+			gss_host = host;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		gss = ssh_gssapi_client_mechanisms(gss_host, options.gss_client_identity);
Jan F. Chadima 69dd72
+		if (gss) {
Jan F. Chadima 69dd72
+			debug("Offering GSSAPI proposal: %s", gss);
Jan F. Chadima 69dd72
+			xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
Jan F. Chadima 69dd72
+			    "%s,%s", gss, orig);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	if (options.ciphers == (char *)-1) {
Jan F. Chadima 69dd72
 		logit("No valid ciphers for protocol version 2 given, using defaults.");
Jan F. Chadima 69dd72
 		options.ciphers = NULL;
Jan F. Chadima 69dd72
@@ -207,6 +232,17 @@ ssh_kex2(char *host, struct sockaddr *ho
Jan F. Chadima 69dd72
 	if (options.kex_algorithms != NULL)
Jan F. Chadima 69dd72
 		myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	/* If we've got GSSAPI algorithms, then we also support the
Jan F. Chadima 69dd72
+	 * 'null' hostkey, as a last resort */
Jan F. Chadima 69dd72
+	if (options.gss_keyex && gss) {
Jan F. Chadima 69dd72
+		orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
Jan F. Chadima 69dd72
+		xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], 
Jan F. Chadima 69dd72
+		    "%s,null", orig);
Jan F. Chadima 69dd72
+		xfree(gss);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	if (options.rekey_limit)
Jan F. Chadima 69dd72
 		packet_set_rekey_limit((u_int32_t)options.rekey_limit);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
@@ -217,10 +253,30 @@ ssh_kex2(char *host, struct sockaddr *ho
Jan F. Chadima 69dd72
 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
Jan F. Chadima 69dd72
 	kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
Jan F. Chadima 69dd72
 	kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	if (options.gss_keyex) {
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client;
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GEX_SHA1] = kexgss_client;
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 	kex->client_version_string=client_version_string;
Jan F. Chadima 69dd72
 	kex->server_version_string=server_version_string;
Jan F. Chadima 69dd72
 	kex->verify_host_key=&verify_host_key_callback;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	if (options.gss_keyex) {
Jan F. Chadima 69dd72
+		kex->gss_deleg_creds = options.gss_deleg_creds;
Jan F. Chadima 69dd72
+		kex->gss_trust_dns = options.gss_trust_dns;
Jan F. Chadima 69dd72
+		kex->gss_client = options.gss_client_identity;
Jan F. Chadima 69dd72
+		if (options.gss_server_identity) {
Jan F. Chadima 69dd72
+			kex->gss_host = options.gss_server_identity;
Jan F. Chadima 69dd72
+		} else {
Jan F. Chadima 69dd72
+			kex->gss_host = gss_host;
Jan F. Chadima 69dd72
+        }
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	xxx_kex = kex;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	dispatch_run(DISPATCH_BLOCK, &kex->done, kex);
Jan F. Chadima 69dd72
@@ -315,6 +371,7 @@ void	input_gssapi_token(int type, u_int3
Jan F. Chadima 69dd72
 void	input_gssapi_hash(int type, u_int32_t, void *);
Jan F. Chadima 69dd72
 void	input_gssapi_error(int, u_int32_t, void *);
Jan F. Chadima 69dd72
 void	input_gssapi_errtok(int, u_int32_t, void *);
Jan F. Chadima 69dd72
+int	userauth_gsskeyex(Authctxt *authctxt);
Jan F. Chadima 69dd72
 #endif
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 void	userauth(Authctxt *, char *);
Jan F. Chadima 69dd72
@@ -330,6 +387,11 @@ static char *authmethods_get(void);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 Authmethod authmethods[] = {
Jan F. Chadima 69dd72
 #ifdef GSSAPI
Jan F. Chadima 69dd72
+	{"gssapi-keyex",
Jan F. Chadima 69dd72
+		userauth_gsskeyex,
Jan F. Chadima 69dd72
+		NULL,
Jan F. Chadima 69dd72
+		&options.gss_authentication,
Jan F. Chadima 69dd72
+		NULL},
Jan F. Chadima 69dd72
 	{"gssapi-with-mic",
Jan F. Chadima 69dd72
 		userauth_gssapi,
Jan F. Chadima 69dd72
 		NULL,
Jan F. Chadima 69dd72
@@ -637,19 +699,31 @@ userauth_gssapi(Authctxt *authctxt)
Jan F. Chadima 69dd72
 	static u_int mech = 0;
Jan F. Chadima 69dd72
 	OM_uint32 min;
Jan F. Chadima 69dd72
 	int ok = 0;
Jan F. Chadima 69dd72
+	const char *gss_host;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (options.gss_server_identity)
Jan F. Chadima 69dd72
+		gss_host = options.gss_server_identity;
Jan F. Chadima 69dd72
+	else if (options.gss_trust_dns)
Jan F. Chadima 69dd72
+		gss_host = get_canonical_hostname(1);
Jan F. Chadima 69dd72
+	else
Jan F. Chadima 69dd72
+		gss_host = authctxt->host;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	/* Try one GSSAPI method at a time, rather than sending them all at
Jan F. Chadima 69dd72
 	 * once. */
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	if (gss_supported == NULL)
Jan F. Chadima 69dd72
-		gss_indicate_mechs(&min, &gss_supported);
Jan F. Chadima 69dd72
+		if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) {
Jan F. Chadima 69dd72
+			gss_supported = NULL;
Jan F. Chadima 69dd72
+			return 0;
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	/* Check to see if the mechanism is usable before we offer it */
Jan F. Chadima 69dd72
 	while (mech < gss_supported->count && !ok) {
Jan F. Chadima 69dd72
 		/* My DER encoding requires length<128 */
Jan F. Chadima 69dd72
 		if (gss_supported->elements[mech].length < 128 &&
Jan F. Chadima 69dd72
 		    ssh_gssapi_check_mechanism(&gssctxt, 
Jan F. Chadima 69dd72
-		    &gss_supported->elements[mech], authctxt->host)) {
Jan F. Chadima 69dd72
+		    &gss_supported->elements[mech], gss_host, 
Jan F. Chadima 69dd72
+                    options.gss_client_identity)) {
Jan F. Chadima 69dd72
 			ok = 1; /* Mechanism works */
Jan F. Chadima 69dd72
 		} else {
Jan F. Chadima 69dd72
 			mech++;
Jan F. Chadima 69dd72
@@ -746,8 +820,8 @@ input_gssapi_response(int type, u_int32_
Jan F. Chadima 69dd72
 {
Jan F. Chadima 69dd72
 	Authctxt *authctxt = ctxt;
Jan F. Chadima 69dd72
 	Gssctxt *gssctxt;
Jan F. Chadima 69dd72
-	int oidlen;
Jan F. Chadima 69dd72
-	char *oidv;
Jan F. Chadima 69dd72
+	u_int oidlen;
Jan F. Chadima 69dd72
+	u_char *oidv;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	if (authctxt == NULL)
Jan F. Chadima 69dd72
 		fatal("input_gssapi_response: no authentication context");
Jan F. Chadima 69dd72
@@ -857,6 +931,48 @@ input_gssapi_error(int type, u_int32_t p
Jan F. Chadima 69dd72
 	xfree(msg);
Jan F. Chadima 69dd72
 	xfree(lang);
Jan F. Chadima 69dd72
 }
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+int
Jan F. Chadima 69dd72
+userauth_gsskeyex(Authctxt *authctxt)
Jan F. Chadima 69dd72
+{
Jan F. Chadima 69dd72
+	Buffer b;
Jan F. Chadima 69dd72
+	gss_buffer_desc gssbuf;
Jan F. Chadima 69dd72
+	gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
Jan F. Chadima 69dd72
+	OM_uint32 ms;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	static int attempt = 0;
Jan F. Chadima 69dd72
+	if (attempt++ >= 1)
Jan F. Chadima 69dd72
+		return (0);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (gss_kex_context == NULL) {
Jan F. Chadima 69dd72
+		debug("No valid Key exchange context"); 
Jan F. Chadima 69dd72
+		return (0);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	ssh_gssapi_buildmic(&b, authctxt->server_user, authctxt->service,
Jan F. Chadima 69dd72
+	    "gssapi-keyex");
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	gssbuf.value = buffer_ptr(&b);
Jan F. Chadima 69dd72
+	gssbuf.length = buffer_len(&b);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) {
Jan F. Chadima 69dd72
+		buffer_free(&b);
Jan F. Chadima 69dd72
+		return (0);
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	packet_start(SSH2_MSG_USERAUTH_REQUEST);
Jan F. Chadima 69dd72
+	packet_put_cstring(authctxt->server_user);
Jan F. Chadima 69dd72
+	packet_put_cstring(authctxt->service);
Jan F. Chadima 69dd72
+	packet_put_cstring(authctxt->method->name);
Jan F. Chadima 69dd72
+	packet_put_string(mic.value, mic.length);
Jan F. Chadima 69dd72
+	packet_send();
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	buffer_free(&b);
Jan F. Chadima 69dd72
+	gss_release_buffer(&ms, &mic);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	return (1);
Jan F. Chadima 69dd72
+}
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 #endif /* GSSAPI */
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 int
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshd.c.gsskex openssh-5.9p1/sshd.c
Petr Lautrbach d9e618
--- openssh-5.9p1/sshd.c.gsskex	2012-02-06 17:38:19.160220812 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshd.c	2012-02-06 17:38:19.187965866 +0100
Jan F. Chadima 69dd72
@@ -124,6 +124,10 @@
Jan F. Chadima 69dd72
 #include "ssh-sandbox.h"
Jan F. Chadima 69dd72
 #include "version.h"
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef USE_SECURITY_SESSION_API
Jan F. Chadima 69dd72
+#include <Security/AuthSession.h>
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 #ifdef LIBWRAP
Jan F. Chadima 69dd72
 #include <tcpd.h>
Jan F. Chadima 69dd72
 #include <syslog.h>
Petr Lautrbach d9e618
@@ -1691,10 +1695,13 @@ main(int ac, char **av)
Jan F. Chadima 69dd72
 		logit("Disabling protocol version 1. Could not load host key");
Jan F. Chadima 69dd72
 		options.protocol &= ~SSH_PROTO_1;
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
+#ifndef GSSAPI
Jan F. Chadima 69dd72
+	/* The GSSAPI key exchange can run without a host key */
Jan F. Chadima 69dd72
 	if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) {
Jan F. Chadima 69dd72
 		logit("Disabling protocol version 2. Could not load host key");
Jan F. Chadima 69dd72
 		options.protocol &= ~SSH_PROTO_2;
Jan F. Chadima 69dd72
 	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 	if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
Jan F. Chadima 69dd72
 		logit("sshd: no hostkeys available -- exiting.");
Jan F. Chadima 69dd72
 		exit(1);
Petr Lautrbach d9e618
@@ -2027,6 +2034,60 @@ main(int ac, char **av)
Jan F. Chadima 69dd72
 	/* Log the connection. */
Jan F. Chadima 69dd72
 	verbose("Connection from %.500s port %d", remote_ip, remote_port);
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef USE_SECURITY_SESSION_API
Jan F. Chadima 69dd72
+	/*
Jan F. Chadima 69dd72
+	 * Create a new security session for use by the new user login if
Jan F. Chadima 69dd72
+	 * the current session is the root session or we are not launched
Jan F. Chadima 69dd72
+	 * by inetd (eg: debugging mode or server mode).  We do not
Jan F. Chadima 69dd72
+	 * necessarily need to create a session if we are launched from
Jan F. Chadima 69dd72
+	 * inetd because Panther xinetd will create a session for us.
Jan F. Chadima 69dd72
+	 *
Jan F. Chadima 69dd72
+	 * The only case where this logic will fail is if there is an
Jan F. Chadima 69dd72
+	 * inetd running in a non-root session which is not creating
Jan F. Chadima 69dd72
+	 * new sessions for us.  Then all the users will end up in the
Jan F. Chadima 69dd72
+	 * same session (bad).
Jan F. Chadima 69dd72
+	 *
Jan F. Chadima 69dd72
+	 * When the client exits, the session will be destroyed for us
Jan F. Chadima 69dd72
+	 * automatically.
Jan F. Chadima 69dd72
+	 *
Jan F. Chadima 69dd72
+	 * We must create the session before any credentials are stored
Jan F. Chadima 69dd72
+	 * (including AFS pags, which happens a few lines below).
Jan F. Chadima 69dd72
+	 */
Jan F. Chadima 69dd72
+	{
Jan F. Chadima 69dd72
+		OSStatus err = 0;
Jan F. Chadima 69dd72
+		SecuritySessionId sid = 0;
Jan F. Chadima 69dd72
+		SessionAttributeBits sattrs = 0;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		err = SessionGetInfo(callerSecuritySession, &sid, &sattrs);
Jan F. Chadima 69dd72
+		if (err)
Jan F. Chadima 69dd72
+			error("SessionGetInfo() failed with error %.8X",
Jan F. Chadima 69dd72
+			    (unsigned) err);
Jan F. Chadima 69dd72
+		else
Jan F. Chadima 69dd72
+			debug("Current Session ID is %.8X / Session Attributes are %.8X",
Jan F. Chadima 69dd72
+			    (unsigned) sid, (unsigned) sattrs);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+		if (inetd_flag && !(sattrs & sessionIsRoot))
Jan F. Chadima 69dd72
+			debug("Running in inetd mode in a non-root session... "
Jan F. Chadima 69dd72
+			    "assuming inetd created the session for us.");
Jan F. Chadima 69dd72
+		else {
Jan F. Chadima 69dd72
+			debug("Creating new security session...");
Jan F. Chadima 69dd72
+			err = SessionCreate(0, sessionHasTTY | sessionIsRemote);
Jan F. Chadima 69dd72
+			if (err)
Jan F. Chadima 69dd72
+				error("SessionCreate() failed with error %.8X",
Jan F. Chadima 69dd72
+				    (unsigned) err);
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+			err = SessionGetInfo(callerSecuritySession, &sid, 
Jan F. Chadima 69dd72
+			    &sattrs);
Jan F. Chadima 69dd72
+			if (err)
Jan F. Chadima 69dd72
+				error("SessionGetInfo() failed with error %.8X",
Jan F. Chadima 69dd72
+				    (unsigned) err);
Jan F. Chadima 69dd72
+			else
Jan F. Chadima 69dd72
+				debug("New Session ID is %.8X / Session Attributes are %.8X",
Jan F. Chadima 69dd72
+				    (unsigned) sid, (unsigned) sattrs);
Jan F. Chadima 69dd72
+		}
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	/*
Jan F. Chadima 69dd72
 	 * We don't want to listen forever unless the other side
Jan F. Chadima 69dd72
 	 * successfully authenticates itself.  So we set up an alarm which is
Petr Lautrbach d9e618
@@ -2425,6 +2486,48 @@ do_ssh2_kex(void)
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	{
Jan F. Chadima 69dd72
+	char *orig;
Jan F. Chadima 69dd72
+	char *gss = NULL;
Jan F. Chadima 69dd72
+	char *newstr = NULL;
Jan F. Chadima 69dd72
+	orig = myproposal[PROPOSAL_KEX_ALGS];
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* 
Jan F. Chadima 69dd72
+	 * If we don't have a host key, then there's no point advertising
Jan F. Chadima 69dd72
+	 * the other key exchange algorithms
Jan F. Chadima 69dd72
+	 */
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)
Jan F. Chadima 69dd72
+		orig = NULL;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (options.gss_keyex)
Jan F. Chadima 69dd72
+		gss = ssh_gssapi_server_mechanisms();
Jan F. Chadima 69dd72
+	else
Jan F. Chadima 69dd72
+		gss = NULL;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (gss && orig)
Jan F. Chadima 69dd72
+		xasprintf(&newstr, "%s,%s", gss, orig);
Jan F. Chadima 69dd72
+	else if (gss)
Jan F. Chadima 69dd72
+		newstr = gss;
Jan F. Chadima 69dd72
+	else if (orig)
Jan F. Chadima 69dd72
+		newstr = orig;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	/* 
Jan F. Chadima 69dd72
+	 * If we've got GSSAPI mechanisms, then we've got the 'null' host
Jan F. Chadima 69dd72
+	 * key alg, but we can't tell people about it unless its the only
Jan F. Chadima 69dd72
+  	 * host key algorithm we support
Jan F. Chadima 69dd72
+	 */
Jan F. Chadima 69dd72
+	if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0)
Jan F. Chadima 69dd72
+		myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null";
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
+	if (newstr)
Jan F. Chadima 69dd72
+		myproposal[PROPOSAL_KEX_ALGS] = newstr;
Jan F. Chadima 69dd72
+	else
Jan F. Chadima 69dd72
+		fatal("No supported key exchange algorithms");
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	/* start key exchange */
Jan F. Chadima 69dd72
 	kex = kex_setup(myproposal);
Jan F. Chadima 69dd72
 	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
Petr Lautrbach d9e618
@@ -2432,6 +2535,13 @@ do_ssh2_kex(void)
Jan F. Chadima 69dd72
 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
Jan F. Chadima 69dd72
 	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
Jan F. Chadima 69dd72
 	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
Jan F. Chadima 69dd72
+#ifdef GSSAPI
Jan F. Chadima 69dd72
+	if (options.gss_keyex) {
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
Jan F. Chadima 69dd72
+		kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
Jan F. Chadima 69dd72
+	}
Jan F. Chadima 69dd72
+#endif
Jan F. Chadima 69dd72
 	kex->server = 1;
Jan F. Chadima 69dd72
 	kex->client_version_string=client_version_string;
Jan F. Chadima 69dd72
 	kex->server_version_string=server_version_string;
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshd_config.gsskex openssh-5.9p1/sshd_config
Petr Lautrbach d9e618
--- openssh-5.9p1/sshd_config.gsskex	2012-02-06 17:38:19.160220812 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshd_config	2012-02-06 17:38:19.189998533 +0100
Petr Lautrbach d9e618
@@ -83,6 +83,8 @@ ChallengeResponseAuthentication no
Petr Lautrbach d9e618
 GSSAPIAuthentication yes
Petr Lautrbach d9e618
 #GSSAPICleanupCredentials yes
Petr Lautrbach d9e618
 GSSAPICleanupCredentials yes
Petr Lautrbach d9e618
+#GSSAPIStrictAcceptorCheck yes
Petr Lautrbach d9e618
+#GSSAPIKeyExchange no
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 # Set this to 'yes' to enable PAM authentication, account processing, 
Petr Lautrbach d9e618
 # and session processing. If this is enabled, PAM authentication will 
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshd_config.5.gsskex openssh-5.9p1/sshd_config.5
Petr Lautrbach d9e618
--- openssh-5.9p1/sshd_config.5.gsskex	2012-02-06 17:38:19.154809764 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshd_config.5	2012-02-06 17:38:19.188982680 +0100
Jan F. Chadima 69dd72
@@ -424,12 +424,40 @@ Specifies whether user authentication ba
Jan F. Chadima 69dd72
 The default is
Jan F. Chadima 69dd72
 .Dq no .
Jan F. Chadima 69dd72
 Note that this option applies to protocol version 2 only.
Jan F. Chadima 69dd72
+.It Cm GSSAPIKeyExchange
Jan F. Chadima 69dd72
+Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange
Jan F. Chadima 69dd72
+doesn't rely on ssh keys to verify host identity.
Jan F. Chadima 69dd72
+The default is
Jan F. Chadima 69dd72
+.Dq no .
Jan F. Chadima 69dd72
+Note that this option applies to protocol version 2 only.
Jan F. Chadima 69dd72
 .It Cm GSSAPICleanupCredentials
Jan F. Chadima 69dd72
 Specifies whether to automatically destroy the user's credentials cache
Jan F. Chadima 69dd72
 on logout.
Jan F. Chadima 69dd72
 The default is
Jan F. Chadima 69dd72
 .Dq yes .
Jan F. Chadima 69dd72
 Note that this option applies to protocol version 2 only.
Jan F. Chadima 69dd72
+.It Cm GSSAPIStrictAcceptorCheck
Jan F. Chadima 69dd72
+Determines whether to be strict about the identity of the GSSAPI acceptor 
Jan F. Chadima 69dd72
+a client authenticates against. If
Jan F. Chadima 69dd72
+.Dq yes
Jan F. Chadima 69dd72
+then the client must authenticate against the
Jan F. Chadima 69dd72
+.Pa host
Jan F. Chadima 69dd72
+service on the current hostname. If 
Jan F. Chadima 69dd72
+.Dq no
Jan F. Chadima 69dd72
+then the client may authenticate against any service key stored in the 
Jan F. Chadima 69dd72
+machine's default store. This facility is provided to assist with operation 
Jan F. Chadima 69dd72
+on multi homed machines. 
Jan F. Chadima 69dd72
+The default is
Jan F. Chadima 69dd72
+.Dq yes .
Jan F. Chadima 69dd72
+Note that this option applies only to protocol version 2 GSSAPI connections,
Jan F. Chadima 69dd72
+and setting it to 
Jan F. Chadima 69dd72
+.Dq no
Jan F. Chadima 69dd72
+may only work with recent Kerberos GSSAPI libraries.
Jan F. Chadima 69dd72
+.It Cm GSSAPIStoreCredentialsOnRekey
Jan F. Chadima 69dd72
+Controls whether the user's GSSAPI credentials should be updated following a 
Jan F. Chadima 69dd72
+successful connection rekeying. This option can be used to accepted renewed 
Jan F. Chadima 69dd72
+or updated credentials from a compatible client. The default is
Jan F. Chadima 69dd72
+.Dq no .
Jan F. Chadima 69dd72
 .It Cm HostbasedAuthentication
Jan F. Chadima 69dd72
 Specifies whether rhosts or /etc/hosts.equiv authentication together
Jan F. Chadima 69dd72
 with successful public key client host authentication is allowed
Petr Lautrbach d9e618
diff -up openssh-5.9p1/ssh-gss.h.gsskex openssh-5.9p1/ssh-gss.h
Petr Lautrbach d9e618
--- openssh-5.9p1/ssh-gss.h.gsskex	2007-06-12 15:40:39.000000000 +0200
Petr Lautrbach d9e618
+++ openssh-5.9p1/ssh-gss.h	2012-02-06 17:38:19.184919538 +0100
Petr Lautrbach d9e618
@@ -1,6 +1,6 @@
Petr Lautrbach d9e618
 /* $OpenBSD: ssh-gss.h,v 1.10 2007/06/12 08:20:00 djm Exp $ */
Petr Lautrbach d9e618
 /*
Petr Lautrbach d9e618
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
Petr Lautrbach d9e618
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
Petr Lautrbach d9e618
  *
Petr Lautrbach d9e618
  * Redistribution and use in source and binary forms, with or without
Petr Lautrbach d9e618
  * modification, are permitted provided that the following conditions
Petr Lautrbach d9e618
@@ -60,10 +60,22 @@
Jan F. Chadima 69dd72
 
Petr Lautrbach d9e618
 #define SSH_GSS_OIDTYPE 0x06
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
+#define SSH2_MSG_KEXGSS_INIT                            30
Petr Lautrbach d9e618
+#define SSH2_MSG_KEXGSS_CONTINUE                        31
Petr Lautrbach d9e618
+#define SSH2_MSG_KEXGSS_COMPLETE                        32
Petr Lautrbach d9e618
+#define SSH2_MSG_KEXGSS_HOSTKEY                         33
Petr Lautrbach d9e618
+#define SSH2_MSG_KEXGSS_ERROR                           34
Petr Lautrbach d9e618
+#define SSH2_MSG_KEXGSS_GROUPREQ			40
Petr Lautrbach d9e618
+#define SSH2_MSG_KEXGSS_GROUP				41
Petr Lautrbach d9e618
+#define KEX_GSS_GRP1_SHA1_ID				"gss-group1-sha1-"
Petr Lautrbach d9e618
+#define KEX_GSS_GRP14_SHA1_ID				"gss-group14-sha1-"
Petr Lautrbach d9e618
+#define KEX_GSS_GEX_SHA1_ID				"gss-gex-sha1-"
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
 typedef struct {
Petr Lautrbach d9e618
 	char *filename;
Petr Lautrbach d9e618
 	char *envvar;
Petr Lautrbach d9e618
 	char *envval;
Petr Lautrbach d9e618
+	struct passwd *owner;
Petr Lautrbach d9e618
 	void *data;
Petr Lautrbach d9e618
 } ssh_gssapi_ccache;
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
@@ -71,8 +83,11 @@ typedef struct {
Petr Lautrbach d9e618
 	gss_buffer_desc displayname;
Petr Lautrbach d9e618
 	gss_buffer_desc exportedname;
Petr Lautrbach d9e618
 	gss_cred_id_t creds;
Petr Lautrbach d9e618
+	gss_name_t name;
Petr Lautrbach d9e618
 	struct ssh_gssapi_mech_struct *mech;
Petr Lautrbach d9e618
 	ssh_gssapi_ccache store;
Petr Lautrbach d9e618
+	int used;
Petr Lautrbach d9e618
+	int updated;
Petr Lautrbach d9e618
 } ssh_gssapi_client;
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 typedef struct ssh_gssapi_mech_struct {
Petr Lautrbach d9e618
@@ -83,6 +98,7 @@ typedef struct ssh_gssapi_mech_struct {
Petr Lautrbach d9e618
 	int (*userok) (ssh_gssapi_client *, char *);
Petr Lautrbach d9e618
 	int (*localname) (ssh_gssapi_client *, char **);
Petr Lautrbach d9e618
 	void (*storecreds) (ssh_gssapi_client *);
Petr Lautrbach d9e618
+	int (*updatecreds) (ssh_gssapi_ccache *, ssh_gssapi_client *);
Petr Lautrbach d9e618
 } ssh_gssapi_mech;
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 typedef struct {
Petr Lautrbach d9e618
@@ -93,10 +109,11 @@ typedef struct {
Petr Lautrbach d9e618
 	gss_OID		oid; /* client */
Petr Lautrbach d9e618
 	gss_cred_id_t	creds; /* server */
Petr Lautrbach d9e618
 	gss_name_t	client; /* server */
Petr Lautrbach d9e618
-	gss_cred_id_t	client_creds; /* server */
Petr Lautrbach d9e618
+	gss_cred_id_t	client_creds; /* both */
Petr Lautrbach d9e618
 } Gssctxt;
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 extern ssh_gssapi_mech *supported_mechs[];
Petr Lautrbach d9e618
+extern Gssctxt *gss_kex_context;
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 int  ssh_gssapi_check_oid(Gssctxt *, void *, size_t);
Petr Lautrbach d9e618
 void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t);
Petr Lautrbach d9e618
@@ -116,16 +133,30 @@ void ssh_gssapi_build_ctx(Gssctxt **);
Petr Lautrbach d9e618
 void ssh_gssapi_delete_ctx(Gssctxt **);
Petr Lautrbach d9e618
 OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
Petr Lautrbach d9e618
 void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *);
Petr Lautrbach d9e618
-int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *);
Petr Lautrbach d9e618
+int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *);
Petr Lautrbach d9e618
+OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *);
Petr Lautrbach d9e618
+int ssh_gssapi_credentials_updated(Gssctxt *);
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 /* In the server */
Petr Lautrbach d9e618
+typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, 
Petr Lautrbach d9e618
+    const char *);
Petr Lautrbach d9e618
+char *ssh_gssapi_client_mechanisms(const char *, const char *);
Petr Lautrbach d9e618
+char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *,
Petr Lautrbach d9e618
+    const char *);
Petr Lautrbach d9e618
+gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int);
Petr Lautrbach d9e618
+int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, 
Petr Lautrbach d9e618
+    const char *);
Petr Lautrbach d9e618
 OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
Petr Lautrbach d9e618
-int ssh_gssapi_userok(char *name);
Petr Lautrbach d9e618
+int ssh_gssapi_userok(char *name, struct passwd *);
Petr Lautrbach d9e618
 OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
Petr Lautrbach d9e618
 void ssh_gssapi_do_child(char ***, u_int *);
Petr Lautrbach d9e618
 void ssh_gssapi_cleanup_creds(void);
Petr Lautrbach d9e618
 void ssh_gssapi_storecreds(void);
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
+char *ssh_gssapi_server_mechanisms(void);
Petr Lautrbach d9e618
+int ssh_gssapi_oid_table_ok();
Petr Lautrbach d9e618
+
Petr Lautrbach d9e618
+int ssh_gssapi_update_creds(ssh_gssapi_ccache *store);
Petr Lautrbach d9e618
 #endif /* GSSAPI */
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 #endif /* _SSH_GSS_H */