From 9c870f966a747fc04c69f5203261ee8b936fabd5 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 16 Apr 2004 22:47:55 +1000 Subject: [PATCH] - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache file using FILE: method, fixes problems on Mac OSX. Patch from simon@sxw.org.uk; ok dtucker@ --- ChangeLog | 5 ++++- auth-krb5.c | 6 ++++++ auth.h | 1 + session.c | 4 ++-- 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 293123aef..051418fdb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ 20040416 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com + - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache + file using FILE: method, fixes problems on Mac OSX. + Patch from simon@sxw.org.uk; ok dtucker@ 20040412 - (dtucker) [sshd_config.5] Add PermitRootLogin without-password warning @@ -970,4 +973,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3312 2004/04/16 07:58:28 dtucker Exp $ +$Id: ChangeLog,v 1.3313 2004/04/16 12:47:55 djm Exp $ diff --git a/auth-krb5.c b/auth-krb5.c index baa1a6317..a728ebac1 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -72,6 +72,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) #endif krb5_error_code problem; krb5_ccache ccache = NULL; + int len; if (!authctxt->valid) return (0); @@ -177,6 +178,11 @@ auth_krb5_password(Authctxt *authctxt, const char *password) authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); + len = strlen(authctxt->krb5_ticket_file) + 6; + authctxt->krb5_ccname = xmalloc(len); + snprintf(authctxt->krb5_ccname, len, "FILE:%s", + authctxt->krb5_ticket_file); + out: restore_uid(); diff --git a/auth.h b/auth.h index de2222aaa..3a7d222ef 100644 --- a/auth.h +++ b/auth.h @@ -66,6 +66,7 @@ struct Authctxt { krb5_ccache krb5_fwd_ccache; krb5_principal krb5_user; char *krb5_ticket_file; + char *krb5_ccname; #endif void *methoddata; }; diff --git a/session.c b/session.c index c35d077aa..55db2ffd2 100644 --- a/session.c +++ b/session.c @@ -1093,9 +1093,9 @@ do_setup_env(Session *s, const char *shell) } #endif #ifdef KRB5 - if (s->authctxt->krb5_ticket_file) + if (s->authctxt->krb5_ccname) child_set_env(&env, &envsize, "KRB5CCNAME", - s->authctxt->krb5_ticket_file); + s->authctxt->krb5_ccname); #endif #ifdef USE_PAM /*