gssapi-p0.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

--- a/sshconnect2.c.orig	2015-10-26 09:44:28.602338321 +0100
+++ b/sshconnect2.c	2015-10-26 09:43:53.394738805 +0100
@@ -160,9 +160,33 @@
 	struct kex *kex;
 	int r;
 
+#ifdef GSSAPI
+    char *orig = NULL, *gss = NULL;
+    char *gss_host = NULL;
+#endif
+
 	xxx_host = host;
 	xxx_hostaddr = hostaddr;
 
+#ifdef GSSAPI
+if (options.gss_keyex) {
+	/* Add the GSSAPI mechanisms currently supported on this 
+     * client to the key exchange algorithm proposal */
+    orig = options.kex_algorithms;
+    if (options.gss_trust_dns)
+	    gss_host = (char *)get_canonical_hostname(1);
+    else
+    	gss_host = host;
+
+    gss = ssh_gssapi_client_mechanisms(gss_host, options.gss_client_identity);
+    if (gss) {
+    	debug("Offering GSSAPI proposal: %s", gss);
+	    xasprintf(&options.kex_algorithms, "%s,%s", gss, orig);
+    }
+}
+#endif
+
+
 	myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(
 	    options.kex_algorithms);
 	myproposal[PROPOSAL_ENC_ALGS_CTOS] =