Blame openssh-4.7p1-gssapi-role.patch
|
|
993dd1a |
Written-by: Nalin Dahyabhai <nalin@redhat.com>
|
|
|
993dd1a |
Reviewed-by: Tomas Mraz <tmraz@redhat.com>
|
|
|
993dd1a |
--- auth2-gss.c 2008-01-02 16:34:03.000000000 -0500
|
|
|
993dd1a |
+++ auth2-gss.c 2008-01-02 16:33:19.000000000 -0500
|
|
|
993dd1a |
@@ -258,6 +258,7 @@
|
|
|
993dd1a |
Authctxt *authctxt = ctxt;
|
|
|
993dd1a |
Gssctxt *gssctxt;
|
|
|
993dd1a |
int authenticated = 0;
|
|
|
993dd1a |
+ char *micuser;
|
|
|
993dd1a |
Buffer b;
|
|
|
993dd1a |
gss_buffer_desc mic, gssbuf;
|
|
|
993dd1a |
u_int len;
|
|
|
993dd1a |
@@ -270,7 +271,11 @@
|
|
|
993dd1a |
mic.value = packet_get_string(&len;;
|
|
|
993dd1a |
mic.length = len;
|
|
|
993dd1a |
|
|
|
993dd1a |
- ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
|
|
|
993dd1a |
+ if (authctxt->role && (strlen(authctxt->role) > 0))
|
|
|
993dd1a |
+ xasprintf(&micuser, "%s/%s", authctxt->user, authctxt->role);
|
|
|
993dd1a |
+ else
|
|
|
993dd1a |
+ micuser = authctxt->user;
|
|
|
993dd1a |
+ ssh_gssapi_buildmic(&b, micuser, authctxt->service,
|
|
|
993dd1a |
"gssapi-with-mic");
|
|
|
993dd1a |
|
|
|
993dd1a |
gssbuf.value = buffer_ptr(&b);
|
|
|
993dd1a |
@@ -285,6 +290,8 @@
|
|
|
993dd1a |
}
|
|
|
993dd1a |
|
|
|
993dd1a |
buffer_free(&b);
|
|
|
993dd1a |
+ if (micuser != authctxt->user)
|
|
|
993dd1a |
+ xfree(micuser);
|
|
|
993dd1a |
xfree(mic.value);
|
|
|
993dd1a |
|
|
|
993dd1a |
authctxt->postponed = 0;
|