diff options
| -rw-r--r-- | CMakeLists.txt | 7 | ||||
| -rw-r--r-- | DefineOptions.cmake | 1 | ||||
| -rw-r--r-- | config.h.cmake | 3 | ||||
| -rw-r--r-- | examples/CMakeLists.txt | 10 | ||||
| -rw-r--r-- | src/CMakeLists.txt | 12 | ||||
| -rw-r--r-- | src/auth.c | 7 | ||||
| -rw-r--r-- | src/messages.c | 10 | ||||
| -rw-r--r-- | src/packet.c | 4 |
8 files changed, 38 insertions, 16 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 28b2c0e7..b56a2ad4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -67,10 +67,9 @@ endif(WITH_GCRYPT) set(CMAKE_THREAD_PREFER_PTHREADS ON) find_package(Threads) -find_package(GSSAPI) -if (GSSAPI_LIBS) - set (WITH_GSSAPI "ON") -endif (GSSAPI_LIBS) +if (WITH_GSSAPI) + find_package(GSSAPI REQUIRED) +endif (WITH_GSSAPI) # config.h checks include(ConfigureChecks.cmake) diff --git a/DefineOptions.cmake b/DefineOptions.cmake index ea8265c0..6913f040 100644 --- a/DefineOptions.cmake +++ b/DefineOptions.cmake @@ -1,3 +1,4 @@ +option(WITH_GSSAPI "Build with GSSAPI support" ON) option(WITH_ZLIB "Build with ZLIB support" ON) option(WITH_SSH1 "Build with SSH1 support" OFF) option(WITH_SFTP "Build with SFTP support" ON) diff --git a/config.h.cmake b/config.h.cmake index 2014e8d9..cea26f01 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -120,6 +120,9 @@ /**************************** OPTIONS ****************************/ +/* Define to 1 if you want to enable GSSAPI */ +#cmakedefine WITH_GSSAPI 1 + /* Define to 1 if you want to enable ZLIB */ #cmakedefine WITH_ZLIB 1 diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt index a3db2355..842f022d 100644 --- a/examples/CMakeLists.txt +++ b/examples/CMakeLists.txt @@ -46,11 +46,13 @@ if (WITH_SERVER) add_executable(samplesshd samplesshd.c) target_link_libraries(samplesshd ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARIES}) - add_executable(samplesshd-cb samplesshd-cb.c) - target_link_libraries(samplesshd-cb ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARIES}) + if (WITH_GSSAPI) + add_executable(samplesshd-cb samplesshd-cb.c) + target_link_libraries(samplesshd-cb ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARIES}) - add_executable(proxy proxy.c) - target_link_libraries(proxy ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARIES}) + add_executable(proxy proxy.c) + target_link_libraries(proxy ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARIES}) + endif (WITH_GSSAPI) add_executable(samplesshd-kbdint samplesshd-kbdint.c) target_link_libraries(samplesshd-kbdint ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARIES}) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index fc01df3a..d4949c3a 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -64,12 +64,12 @@ if (WITH_ZLIB) ) endif (WITH_ZLIB) -if (GSSAPI_LIBS) +if (WITH_GSSAPI AND GSSAPI_LIBS) set(LIBSSH_LINK_LIBRARIES ${LIBSSH_LINK_LIBRARIES} ${GSSAPI_LIBS} ) -endif (GSSAPI_LIBS) +endif (WITH_GSSAPI AND GSSAPI_LIBS) set(LIBSSH_LINK_LIBRARIES ${LIBSSH_LINK_LIBRARIES} @@ -102,7 +102,6 @@ set(libssh_SRCS ecdh.c error.c getpass.c - gssapi.c init.c kex.c known_hosts.c @@ -181,6 +180,13 @@ if (WITH_ZLIB) ) endif(WITH_ZLIB) +if (WITH_GSSAPI AND GSSAPI_LIBS) + set(libssh_SRCS + ${libssh_SRCS} + gssapi.c + ) +endif (WITH_GSSAPI AND GSSAPI_LIBS) + include_directories( ${LIBSSH_PUBLIC_INCLUDE_DIRS} ${LIBSSH_PRIVATE_INCLUDE_DIRS} @@ -291,8 +291,10 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok){ SSH_LOG(session, SSH_LOG_TRACE, "keyboard-interactive context, assuming SSH_USERAUTH_INFO_REQUEST"); rc=ssh_packet_userauth_info_request(session,type,packet,user); +#if WITH_GSSAPI } else if (session->auth_state == SSH_AUTH_STATE_GSSAPI_REQUEST_SENT){ rc = ssh_packet_userauth_gssapi_response(session, type, packet, user); +#endif } else { session->auth_state=SSH_AUTH_STATE_PK_OK; SSH_LOG(session, SSH_LOG_TRACE, "Assuming SSH_USERAUTH_PK_OK"); @@ -2131,7 +2133,8 @@ int ssh_userauth_kbdint_setanswer(ssh_session session, unsigned int i, * later. */ int ssh_userauth_gssapi(ssh_session session) { - int rc; + int rc = SSH_AUTH_DENIED; +#if WITH_GSSAPI switch(session->pending_call_state) { case SSH_PENDING_CALL_NONE: break; @@ -2166,7 +2169,7 @@ pending: if (rc != SSH_AUTH_AGAIN) { session->pending_call_state = SSH_PENDING_CALL_NONE; } - +#endif return rc; } diff --git a/src/messages.c b/src/messages.c index d7d06ac7..59b795e1 100644 --- a/src/messages.c +++ b/src/messages.c @@ -817,6 +817,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ } goto end; } +#if WITH_GSSAPI if (strncmp(method, "gssapi-with-mic", method_size) == 0) { uint32_t n_oid; ssh_string *oids; @@ -865,6 +866,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ leave_function(); return SSH_PACKET_USED; } +#endif msg->auth_request.method = SSH_AUTH_METHOD_UNKNOWN; SAFE_FREE(method); @@ -909,9 +911,11 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){ ssh_message msg = NULL; /* GSSAPI_TOKEN has same packed number. XXX fix this */ - if (session->gssapi != NULL) - return ssh_packet_userauth_gssapi_token(session, type, packet, user); - +#if WITH_GSSAPI + if (session->gssapi != NULL) { + return ssh_packet_userauth_gssapi_token(session, type, packet, user); + } +#endif enter_function(); (void)user; diff --git a/src/packet.c b/src/packet.c index 25989b9e..4dee9c33 100644 --- a/src/packet.c +++ b/src/packet.c @@ -92,7 +92,11 @@ static ssh_packet_callback default_packet_handlers[]= { NULL, // SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE 63 NULL, // SSH2_MSG_USERAUTH_GSSAPI_ERROR 64 NULL, // SSH2_MSG_USERAUTH_GSSAPI_ERRTOK 65 +#ifdef WITH_GSSAPI ssh_packet_userauth_gssapi_mic, // SSH2_MSG_USERAUTH_GSSAPI_MIC 66 +#else /* WITH_GSSAPI */ + NULL, +#endif /* WITH_GSSAPI */ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, // 67-79 |