summaryrefslogtreecommitdiff
path: root/monitor_wrap.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r--monitor_wrap.c57
1 files changed, 56 insertions, 1 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 8e379a15c..a4b66c56f 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1000,13 +1000,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
}
int
-mm_ssh_gssapi_userok(char *user)
+mm_ssh_gssapi_userok(char *user, struct passwd *pw, int kex)
{
struct sshbuf *m;
int r, authenticated = 0;
if ((m = sshbuf_new()) == NULL)
fatal_f("sshbuf_new failed");
+ if ((r = sshbuf_put_u32(m, kex)) != 0)
+ fatal_fr(r, "buffer error");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m);
mm_request_receive_expect(pmonitor->m_recvfd,
@@ -1019,4 +1021,57 @@ mm_ssh_gssapi_userok(char *user)
debug3_f("user %sauthenticated", authenticated ? "" : "not ");
return (authenticated);
}
+
+OM_uint32
+mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash)
+{
+ struct sshbuf *m;
+ OM_uint32 major;
+ int r;
+
+ if ((m = sshbuf_new()) == NULL)
+ fatal_f("sshbuf_new failed");
+ if ((r = sshbuf_put_string(m, data->value, data->length)) != 0)
+ fatal_fr(r, "buffer error");
+
+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, m);
+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, m);
+
+ if ((r = sshbuf_get_u32(m, &major)) != 0 ||
+ (r = ssh_gssapi_get_buffer_desc(m, hash)) != 0)
+ fatal_fr(r, "buffer error");
+
+ sshbuf_free(m);
+
+ return (major);
+}
+
+int
+mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
+{
+ struct sshbuf *m;
+ int r, ok;
+
+ if ((m = sshbuf_new()) == NULL)
+ fatal_f("sshbuf_new failed");
+
+ if ((r = sshbuf_put_cstring(m,
+ store->filename ? store->filename : "")) != 0 ||
+ (r = sshbuf_put_cstring(m,
+ store->envvar ? store->envvar : "")) != 0 ||
+ (r = sshbuf_put_cstring(m,
+ store->envval ? store->envval : "")) != 0)
+ fatal_fr(r, "buffer error");
+
+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, m);
+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, m);
+
+ if ((r = sshbuf_get_u32(m, &ok)) != 0)
+ fatal_fr(r, "buffer error");
+
+ sshbuf_free(m);
+
+ return (ok);
+}
+
#endif /* GSSAPI */
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 11:31:10 +0000