Index: acconfig.h =================================================================== RCS file: /cvs/openssh/acconfig.h,v retrieving revision 1.166 diff -u -p -r1.166 acconfig.h --- acconfig.h 16 Sep 2003 01:52:19 -0000 1.166 +++ acconfig.h 16 Sep 2003 21:51:07 -0000 @@ -247,6 +247,9 @@ /* Define this if you are using the Heimdal version of Kerberos V5 */ #undef HEIMDAL +/* Define if you want GSSLib support */ +#undef GSS + /* Define if you want S/Key support */ #undef SKEY Index: configure.ac =================================================================== RCS file: /cvs/openssh/configure.ac,v retrieving revision 1.155 diff -u -p -r1.155 configure.ac --- configure.ac 16 Sep 2003 05:40:49 -0000 1.155 +++ configure.ac 16 Sep 2003 21:51:07 -0000 @@ -2014,6 +2014,43 @@ AC_ARG_WITH(kerberos5, ) LIBS="$LIBS $K5LIBS" +# Check whether user wants GSSLib support +GSS_MSG="no" +AC_ARG_WITH(gss, + [ --with-gss=PATH Enable GSS support], + [ + if test "x$withval" != "xno" ; then + if test "x$withval" = "xyes" ; then + GSSROOT="/usr/local" + else + GSSROOT=${withval} + fi + CPPFLAGS="$CPPFLAGS -I${GSSROOT}/include" + LDFLAGS="$LDFLAGS -L${GSSROOT}/lib" + AC_DEFINE(GSS) + GSS_MSG="yes" + if test ! -z "$need_dash_r" ; then + LDFLAGS="$LDFLAGS -R${GSSROOT}/lib" + fi + if test ! -z "$blibpath" ; then + blibpath="$blibpath:${GSSROOT}/lib" + fi + + AC_CHECK_LIB(gss,gss_init_sec_context, + [ AC_DEFINE(GSSAPI) + GSSLIBS="-lgss" ], + [ AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]) ], + $K5LIBS) + + AC_CHECK_HEADER(gss.h, , + AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])) + + GSS=yes + fi + ] +) +LIBS="$LIBS $GSSLIBS" + # Looking for programs, paths and files PRIVSEP_PATH=/var/empty Index: gss-serv-krb5.c =================================================================== RCS file: /cvs/openssh/gss-serv-krb5.c,v retrieving revision 1.2 diff -u -p -r1.2 gss-serv-krb5.c --- gss-serv-krb5.c 26 Aug 2003 01:58:16 -0000 1.2 +++ gss-serv-krb5.c 16 Sep 2003 21:51:07 -0000 @@ -27,7 +27,6 @@ #include "includes.h" #ifdef GSSAPI -#ifdef KRB5 #include "auth.h" #include "xmalloc.h" @@ -36,6 +35,7 @@ #include "ssh-gss.h" +#ifdef KRB5 extern ServerOptions options; #ifdef HEIMDAL @@ -198,6 +198,18 @@ ssh_gssapi_mech gssapi_kerberos_mech = { &ssh_gssapi_krb5_userok, NULL, &ssh_gssapi_krb5_storecreds +}; + +#elif defined(GSS) + +ssh_gssapi_mech gssapi_kerberos_mech = { + "toWM5Slw5Ew8Mqkay+al2g==", + "Kerberos", + {9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}, + NULL, + NULL, + NULL, + NULL, }; #endif /* KRB5 */ Index: gss-serv.c =================================================================== RCS file: /cvs/openssh/gss-serv.c,v retrieving revision 1.3 diff -u -p -r1.3 gss-serv.c --- gss-serv.c 2 Sep 2003 12:56:42 -0000 1.3 +++ gss-serv.c 16 Sep 2003 21:51:07 -0000 @@ -50,12 +50,12 @@ static ssh_gssapi_client gssapi_client = ssh_gssapi_mech gssapi_null_mech = { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL}; -#ifdef KRB5 +#if defined(KRB5) || defined(GSS) extern ssh_gssapi_mech gssapi_kerberos_mech; #endif ssh_gssapi_mech* supported_mechs[]= { -#ifdef KRB5 +#if defined(KRB5) || defined(GSS) &gssapi_kerberos_mech, #endif &gssapi_null_mech, @@ -96,7 +96,7 @@ ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_ gss_buffer_desc *send_tok, OM_uint32 *flags) { OM_uint32 status; - gss_OID mech; + gss_OID mech = GSS_C_NO_OID; ctx->major = gss_accept_sec_context(&ctx->minor, &ctx->context, ctx->creds, recv_tok, Index: ssh-gss.h =================================================================== RCS file: /cvs/openssh/ssh-gss.h,v retrieving revision 1.2 diff -u -p -r1.2 ssh-gss.h --- ssh-gss.h 26 Aug 2003 01:58:16 -0000 1.2 +++ ssh-gss.h 16 Sep 2003 21:51:07 -0000 @@ -29,7 +29,11 @@ #include "buffer.h" +#ifdef GSS +#include +#else #include +#endif #ifdef KRB5 #ifndef HEIMDAL