diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2013-11-15 15:36:02 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2013-11-15 16:29:49 +0100 |
commit | 651c173e72ceecb648c24c12d3a900deeb200470 (patch) | |
tree | 6a81f3407b854e0b70b5f25f09fe13b52d502a48 /src | |
parent | f76cd8b6d5fd9215e10640075880b4d7eddb1b7d (diff) | |
download | libssh-651c173e72ceecb648c24c12d3a900deeb200470.tar.gz libssh-651c173e72ceecb648c24c12d3a900deeb200470.tar.xz libssh-651c173e72ceecb648c24c12d3a900deeb200470.zip |
gssapi: Add suppport to set GSSAPI server identity.
Diffstat (limited to 'src')
-rw-r--r-- | src/gssapi.c | 7 | ||||
-rw-r--r-- | src/options.c | 18 | ||||
-rw-r--r-- | src/session.c | 1 |
3 files changed, 25 insertions, 1 deletions
diff --git a/src/gssapi.c b/src/gssapi.c index a0ab3646..edcb66d4 100644 --- a/src/gssapi.c +++ b/src/gssapi.c @@ -672,12 +672,17 @@ int ssh_gssapi_auth_mic(ssh_session session){ OM_uint32 maj_stat, min_stat; char name_buf[256]; gss_buffer_desc hostname; + const char *gss_host = session->opts.host; if (ssh_gssapi_init(session) == SSH_ERROR) return SSH_AUTH_ERROR; + if (session->opts.gss_server_identity != NULL) { + gss_host = session->opts.gss_server_identity; + } /* import target host name */ - snprintf(name_buf, sizeof(name_buf), "host@%s", session->opts.host); + snprintf(name_buf, sizeof(name_buf), "host@%s", gss_host); + hostname.value = name_buf; hostname.length = strlen(name_buf) + 1; maj_stat = gss_import_name(&min_stat, &hostname, diff --git a/src/options.c b/src/options.c index e02ad4df..d43e25d4 100644 --- a/src/options.c +++ b/src/options.c @@ -367,6 +367,10 @@ int ssh_options_set_algo(ssh_session session, int algo, * Set the command to be executed in order to connect to * server (const char *). * + * - SSH_OPTIONS_GSSAPI_SERVER_IDENTITY + * Set it to specify the GSSAPI server identity that libssh + * should expect when connecting to the server (const char *). + * * @param value The value to set. This is a generic pointer and the * datatype which is used should be set according to the * type set. @@ -792,6 +796,20 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, } } break; + case SSH_OPTIONS_GSSAPI_SERVER_IDENTITY: + v = value; + if (v == NULL || v[0] == '\0') { + ssh_set_error_invalid(session); + return -1; + } else { + SAFE_FREE(session->opts.gss_server_identity); + session->opts.gss_server_identity = strdup(v); + if (session->opts.gss_server_identity == NULL) { + ssh_set_error_oom(session); + return -1; + } + } + break; default: ssh_set_error(session, SSH_REQUEST_DENIED, "Unknown ssh option %d", type); return -1; diff --git a/src/session.c b/src/session.c index 72c186e5..d0691106 100644 --- a/src/session.c +++ b/src/session.c @@ -265,6 +265,7 @@ void ssh_free(ssh_session session) { SAFE_FREE(session->opts.sshdir); SAFE_FREE(session->opts.knownhosts); SAFE_FREE(session->opts.ProxyCommand); + SAFE_FREE(session->opts.gss_server_identity); for (i = 0; i < 10; i++) { if (session->opts.wanted_methods[i]) { |