- djm@cvs.openbsd.org 2013/07/20 01:55:13 [auth-krb5.c gss-serv-krb5.c gss-serv.c] fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@

commit: 63ddc899d28cf60045b560891894b9fbf6f822e9 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Sat Jul 20 13:35:45 2013 +1000
committer: Damien Miller <djm@mindrot.org> Sat Jul 20 13:35:45 2013 +1000
tree: c6d54f7405a993cc6774d5abe0c0398192ddf008
parent: 1f0e86f23fcebb026371c0888402a981df2a61c4 [diff] [blame]
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
index 5a625ac..87f2683 100644
--- a/gss-serv-krb5.c
+++ b/gss-serv-krb5.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -48,12 +48,11 @@
 
 #ifdef HEIMDAL
 # include <krb5.h>
-#else
-# ifdef HAVE_GSSAPI_KRB5_H
-#  include <gssapi_krb5.h>
-# elif HAVE_GSSAPI_GSSAPI_KRB5_H
-#  include <gssapi/gssapi_krb5.h>
-# endif
+#endif
+#ifdef HAVE_GSSAPI_KRB5_H
+# include <gssapi_krb5.h>
+#elif HAVE_GSSAPI_GSSAPI_KRB5_H
+# include <gssapi/gssapi_krb5.h>
 #endif
 
 static krb5_context krb_context = NULL;
@@ -87,14 +86,16 @@
 {
 	krb5_principal princ;
 	int retval;
+	const char *errmsg;
 
 	if (ssh_gssapi_krb5_init() == 0)
 		return 0;
 
 	if ((retval = krb5_parse_name(krb_context, client->exportedname.value,
 	    &princ))) {
-		logit("krb5_parse_name(): %.100s",
-		    krb5_get_err_text(krb_context, retval));
+		errmsg = krb5_get_error_message(krb_context, retval);
+		logit("krb5_parse_name(): %.100s", errmsg);
+		krb5_free_error_message(krb_context, errmsg);
 		return 0;
 	}
 	if (krb5_kuserok(krb_context, princ, name)) {
@@ -120,6 +121,7 @@
 	krb5_principal princ;
 	OM_uint32 maj_status, min_status;
 	int len;
+	const char *errmsg;
 
 	if (client->creds == NULL) {
 		debug("No credentials stored");
@@ -130,30 +132,34 @@
 		return;
 
 #ifdef HEIMDAL
-	if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
-		logit("krb5_cc_gen_new(): %.100s",
-		    krb5_get_err_text(krb_context, problem));
+	if ((problem = krb5_cc_new_unique(krb_context, krb5_fcc_ops.prefix,
+	    NULL, &ccache)) != 0) {
+		errmsg = krb5_get_error_message(krb_context, problem);
+		logit("krb5_cc_new_unique(): %.100s", errmsg);
+		krb5_free_error_message(krb_context, errmsg);
 		return;
 	}
 #else
 	if ((problem = ssh_krb5_cc_gen(krb_context, &ccache))) {
-		logit("ssh_krb5_cc_gen(): %.100s",
-		    krb5_get_err_text(krb_context, problem));
+		errmsg = krb5_get_error_message(krb_context, problem);
+		logit("ssh_krb5_cc_gen(): %.100s", errmsg);
+		krb5_free_error_message(krb_context, errmsg);
 		return;
 	}
 #endif	/* #ifdef HEIMDAL */
 
 	if ((problem = krb5_parse_name(krb_context,
 	    client->exportedname.value, &princ))) {
-		logit("krb5_parse_name(): %.100s",
-		    krb5_get_err_text(krb_context, problem));
-		krb5_cc_destroy(krb_context, ccache);
+		errmsg = krb5_get_error_message(krb_context, problem);
+		logit("krb5_parse_name(): %.100s", errmsg);
+		krb5_free_error_message(krb_context, errmsg);
 		return;
 	}
 
 	if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) {
-		logit("krb5_cc_initialize(): %.100s",
-		    krb5_get_err_text(krb_context, problem));
+		errmsg = krb5_get_error_message(krb_context, problem);
+		logit("krb5_cc_initialize(): %.100s", errmsg);
+		krb5_free_error_message(krb_context, errmsg);
 		krb5_free_principal(krb_context, princ);
 		krb5_cc_destroy(krb_context, ccache);
 		return;
commit	63ddc899d28cf60045b560891894b9fbf6f822e9	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Sat Jul 20 13:35:45 2013 +1000
committer	Damien Miller <djm@mindrot.org>	Sat Jul 20 13:35:45 2013 +1000
tree	c6d54f7405a993cc6774d5abe0c0398192ddf008
parent	1f0e86f23fcebb026371c0888402a981df2a61c4 [diff] [blame]