GSSAPI patch sync from OpenBSD to Portable
Steven Michaud
smichaud at pobox.com
Sat Aug 23 08:21:30 EST 2003
One really minor nit:
Shouldn't the last hunk of gss-serv-krb5.c be this:
@@ -147,6 +179,11 @@
client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
client->store.envvar = "KRB5CCNAME";
client->store.envval = xstrdup(client->store.filename);
+
+#ifdef USE_PAM
+ if (options.use_pam)
+ do_pam_putenv(client->store.envvar, client->store.envval);
+#endif
krb5_cc_close(krb_context, ccache);
instead of this?
@@ -147,6 +179,10 @@
client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
client->store.envvar = "KRB5CCNAME";
client->store.envval = xstrdup(client->store.filename);
+
+#ifdef USE_PAM
+ do_pam_putenv(client->store.envvar,client->store.envval);
+#endif
krb5_cc_close(krb_context, ccache);
On Fri, 22 Aug 2003 sxw at inf.ed.ac.uk wrote:
>
> > I'm working on a forward port of my portable stuff, just testing ATM. It
> > covers a couple of areas missing from Steven's one (PAM support, some
> > header file inclusion). I've KNF'd the code as much as I can see ...
>
> Replying to my own mail. Attached is a patch to add MIT/portable support
> to the GSSAPI code. Tested against both my 3.6.1 patches, and a current
> snapshot running the OpenBSD code.
>
> The patch adds PAM support by moving credentials storage before PAM
> execution, and by adding pam_putenv calls. It factors out the definition
> of krb5_err_text() to one location, adds support for MIT style
> credentials cache creation, and includes some MIT specific header files if
> we're not using HEIMDAL.
>
> Hope this is of use!
>
> Cheers,
>
> Simon.
>
>
>
More information about the openssh-unix-dev
mailing list