[Bug 445] New: User DCE Credentials do not get forwarded to child session

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Nov 27 06:41:56 EST 2002


           Summary: User DCE Credentials do not get forwarded to child
           Product: Portable OpenSSH
           Version: 3.4p1
          Platform: Alpha
        OS/Version: OSF/1
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: kmy at ornl.gov

Under OSF/1, DCE credentials are created in the SIA layer for the
parent when the user log's in with a password.  These credentials
do not get forwarded to the child session.  This can be done via
passing an environmental variable from parent to child in session.c.

The following fix accomplishes this functionality and is basically
a NO-OP in the event that the required environmental variable is
not present:
	[kmy at gazelle:/dfs/sys/packages/ssh/openssh-3.4p1/alpha_tru64_v510] diff
session.c.orig session.c 
	<       char **env;
	>       char **env, *dcecreds;
	> /*    Propagate DCE credentials to child .. kmy at ornl.gov            */
	>       if( (dcecreds=getenv("KRB5CCNAME")) )
	>               child_set_env( &env, &envsize, "KRB5CCNAME", dcecreds );
	[kmy at gazelle:/dfs/sys/packages/ssh/openssh-3.4p1/alpha_tru64_v510] 

With this fix installed, users may use native DFS without
the complexity of having to perform a dce_login in addition
to their normal login, because the child now has access to
the file containing the credentials of the parent and accepts
them as their credentials.
are sent to the

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-unix-dev mailing list