search for: om_uint32

...+/* + * We only support those mechanisms that we know about (ie ones that we know + * how to check local user kuserok and the like + */ +static int +userauth_gssapi(Authctxt *authctxt) +{ + gss_OID_desc oid = {0, NULL}; + Gssctxt *ctxt = NULL; + int mechs; + gss_OID_set supported; + int present; + OM_uint32 ms; + u_int len; + char *doid = NULL; + + if (!authctxt->valid || authctxt->user == NULL) + return (0); + + mechs = packet_get_int(); + if (mechs == 0) { + debug("Mechanism negotiation is not supported"); + return (0); + } + + ssh_gssapi_supported_oids(&supported); + do { +...

...A -c gss-serv-krb5.ccpp: "/usr/include/sys/xti.h", line 332: warning 2001: Redefinition of macro T_NULL.cpp: "/usr/include/sys/xti.h", line 341: warning 2001: Redefinition of macro T_UNSPEC.cc: "/usr/include/gssapi_krb5.h", line 54: error 1000: Unexpected symbol: "OM_uint32".cc: "/usr/include/gssapi_krb5.h", line 54: warning 557: Missing declaration specifiers, "int" assumed.cc: "/usr/include/gssapi_krb5.h", line 59: error 1000: Unexpected symbol: "OM_uint32".cc: "/usr/include/gssapi_krb5.h", line 59: warning 557:...

If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

...l options (see configure info below), but inclusion of the libraries that we need later for OpenLDAP support I get the following type of errors: ... In file included from include/includes.h:425, from dynconfig.c:21: /usr/local/heimdal/include/gssapi.h:50: warning: redefinition of `OM_uint32' /usr/include/gssapi/gssapi.h:87: warning: `OM_uint32' previously declared here /usr/local/heimdal/include/gssapi.h:52: warning: redefinition of `gss_uint32' /usr/include/gssapi/gssapi.h:64: warning: `gss_uint32' previously declared here /usr/local/heimdal/include/gssapi.h:64: conf...

...".deps/mech-gssapi.Tpo"; exit 1; fi mech-gssapi.c:30:27: gssapi/gssapi.h: No such file or directory mech-gssapi.c:42: error: syntax error before "gss_ctx_id_t" mech-gssapi.c:51: error: syntax error before "gss_name_t" mech-gssapi.c:58: error: syntax error before "OM_uint32" [snipped] mech-gssapi.c:387: error: structure has no member named `authz_name' *** Error code 1 Stop in /usr/local/src/dovecot/dovecot-1.0.alpha5/src/auth. *** Error code 1 Stop in /usr/local/src/dovecot/dovecot-1.0.alpha5/src. *** Error code 1 Any help is greatly appreciated -kim...

...krb5_principal. Not surprisingly, the datatype mismatch causes the call to fail. Could have caused it to crash, I suppose - that would have been a much clearer indication of what the trouble was. I did manage to hack the thing to work - I first hacked libgssapi.so to include a new function: OM_uint32 KRB5_CALLCONV gss_hack_ssh_to_fix_stupid_bug(minor_status, input_name, output_name) OM_uint32 * minor_status; gss_name_t input_name; gss_name_t * output_name; { gss_union_name_t union_name;...

Hi, I am running configure with the option --with-krb5=/opt/local which is where I have heimdal installed. The problem is that after running make, it still tries to use the include files from SUN that are in /usr/ and this screws up the compile. I can compile samba just fine using --without-krb5. I have already tried: setenv CFLAGS "-L/opt/local/lib" setenv CPPFLAGS

...Oct 30 15:02:46 2003 +++ src/gss-genr.c Thu Oct 30 15:02:44 2003 @@ -30,6 +30,7 @@ #include "xmalloc.h" #include "bufaux.h" +#include "canohost.h" #include "compat.h" #include "log.h" #include "monitor_wrap.h" @@ -226,9 +227,18 @@ OM_uint32 status; char lname[MAXHOSTNAMELEN]; gss_OID_set oidset; + char *pname; gss_create_empty_oid_set(&status, &oidset); gss_add_oid_set_member(&status, ctx->oid, &oidset); + + pname = get_local_name(packet_get_connection_in()); + if (pname) { + strlcpy(lname, pname, MAXHOSTN...

Hi, Was trying to use the gssapi support and the authentication would consistently die for me. The following patch fixes: --- src/auth/mech-gssapi.c.orig 2006-01-10 15:46:10.000000000 +1300 +++ src/auth/mech-gssapi.c @@ -138,7 +138,7 @@ static OM_uint32 obtain_service_credenti return major_status; } - gss_release_name(&minor_status, gss_principal); + gss_release_name(&minor_status, &gss_principal); return major_status; } as gss_release_name takes a pointer to a gss_name_t as second arg. cheers mark

I'm trying to troubleshoot gssapi_with_mic authentication with OpenSSH 5.2p1 on FreeBSD 8.0. If I run sshd with maximum debug "sshd -ddd" the most detail I get is: GSSAPI MIC check failed That comes from line 282 in auth2-gss.c 279 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) 280 authenticated =

...(void) { @@ -350,3 +351,4 @@ #endif #endif } +#endif /* DISABLE_PRIVSEP */ diff -adurN openssh-3.7.1p2.privsep/auth2-gss.c openssh-3.7.1p2/auth2-gss.c --- openssh-3.7.1p2.privsep/auth2-gss.c Tue Sep 2 16:59:01 2003 +++ openssh-3.7.1p2/auth2-gss.c Sat Oct 4 23:17:47 2003 @@ -130,7 +130,11 @@ OM_uint32 maj_status, min_status; u_int len; +#ifndef DISABLE_PRIVSEP if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) +#else + if (authctxt == NULL || authctxt->methoddata == NULL) +#endif /* DISABLE_PRIVSEP */ fatal("No authentication or GSSAPI context&quo...

I cooked this up while trying to figure out why thunderbird on Windows w/ SSPI was not working, but it turned out thunderbird does not use it, so I haven't been able to test it yet. I'm presenting it for discussion only, unless someone else can try it :) Modern versions of MIT kerberos support GSS-SPNEGO natively, but are only willing to negotiate for kerberos tickets and not NTLM

...th_gssapi_hostname = efim.test.local >> then everything works fine. I decided to find out where is the problem, so I dig into source code of gssapi module, "mech-gssapi.c". For versions 2.0.13 and 2.0.14 of dovecot I see there the following: ********* mech-gssapi.c ********* static OM_uint32 obtain_service_credentials(struct auth_request *request, gss_cred_id_t *ret_r) /* blah-blah-blah */ principal_name = t_str_new(128); str_append(principal_name, service_name); str_append_c(principal_name, '@'); str_append(principal_name, request->set->gssapi_hostname);...

I have error while compiling dovecot with GSSAPI under FreeBSD 6.2: Is this dovecot-related or not? cc -std=gnu99 -O2 -fno-strict-aliasing -pipe -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -o dovecot-auth auth.o auth-cache.o auth-client-connection.o auth-master-connection.o auth-master-listener.o auth-module.o

https://bugzilla.mindrot.org/show_bug.cgi?id=2319 Bug ID: 2319 Summary: [PATCH REVIEW] U2F authentication Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at

...Failure <sniff> */ - auth_log(authctxt, 0, "gssapi", " ssh2"); authctxt->postponed = 0; + auth_log(authctxt, 0, "gssapi", " ssh2"); dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); userauth_reply(authctxt, 0); } @@ -563,6 +584,8 @@ OM_uint32 maj_status, min_status; int authenticated; gss_buffer_desc gssbuf,msg_tok; + char *info; + int info_len; if (authctxt == NULL || authctxt->methoddata == NULL) fatal("No authentication or GSSAPI context"); @@ -598,8 +621,24 @@ packet_write_wait(); } - au...