60 	Authctxt *authctxt = (Authctxt *)context;  in krb5_init()  local
63 	if (authctxt->krb5_ctx == NULL) {  in krb5_init()
64 		problem = krb5_init_context(&authctxt->krb5_ctx);  in krb5_init()
72 auth_krb5_password(Authctxt *authctxt, const char *password)  in auth_krb5_password()  argument
85 	platform_client = platform_krb5_get_principal_name(authctxt->pw->pw_name);  in auth_krb5_password()
86 	client = platform_client ? platform_client : authctxt->pw->pw_name;  in auth_krb5_password()
88 	temporarily_use_uid(authctxt->pw);  in auth_krb5_password()
90 	problem = krb5_init(authctxt);  in auth_krb5_password()
94 	problem = krb5_parse_name(authctxt->krb5_ctx, client,  in auth_krb5_password()
95 		    &authctxt->krb5_user);  in auth_krb5_password()
101 	problem = krb5_cc_new_unique(authctxt->krb5_ctx,  in auth_krb5_password()
104 	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache);  in auth_krb5_password()
109 	problem = krb5_cc_initialize(authctxt->krb5_ctx, ccache,  in auth_krb5_password()
110 		authctxt->krb5_user);  in auth_krb5_password()
116 	problem = krb5_verify_user(authctxt->krb5_ctx, authctxt->krb5_user,  in auth_krb5_password()
119 	temporarily_use_uid(authctxt->pw);  in auth_krb5_password()
125 	problem = krb5_cc_new_unique(authctxt->krb5_ctx,  in auth_krb5_password()
126 	    krb5_fcc_ops.prefix, NULL, &authctxt->krb5_fwd_ccache);  in auth_krb5_password()
128 	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,  in auth_krb5_password()
129 	    &authctxt->krb5_fwd_ccache);  in auth_krb5_password()
134 	problem = krb5_cc_copy_cache(authctxt->krb5_ctx, ccache,  in auth_krb5_password()
135 	    authctxt->krb5_fwd_ccache);  in auth_krb5_password()
136 	krb5_cc_destroy(authctxt->krb5_ctx, ccache);  in auth_krb5_password()
142 	problem = krb5_get_init_creds_password(authctxt->krb5_ctx, &creds,  in auth_krb5_password()
143 	    authctxt->krb5_user, (char *)password, NULL, NULL, 0, NULL, NULL);  in auth_krb5_password()
147 	problem = krb5_sname_to_principal(authctxt->krb5_ctx, NULL, NULL,  in auth_krb5_password()
153 	problem = krb5_verify_init_creds(authctxt->krb5_ctx, &creds, server,  in auth_krb5_password()
155 	krb5_free_principal(authctxt->krb5_ctx, server);  in auth_krb5_password()
156 	temporarily_use_uid(authctxt->pw);  in auth_krb5_password()
160 	if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user,  in auth_krb5_password()
161 	    authctxt->pw->pw_name)) {  in auth_krb5_password()
166 	problem = ssh_krb5_cc_gen(authctxt->krb5_ctx,  in auth_krb5_password()
167 	    &authctxt->krb5_fwd_ccache);  in auth_krb5_password()
171 	problem = krb5_cc_initialize(authctxt->krb5_ctx,  in auth_krb5_password()
172 	    authctxt->krb5_fwd_ccache, authctxt->krb5_user);  in auth_krb5_password()
176 	problem = krb5_cc_store_cred(authctxt->krb5_ctx,  in auth_krb5_password()
177 	    authctxt->krb5_fwd_ccache, &creds);  in auth_krb5_password()
182 …authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccach…  in auth_krb5_password()
184 	len = strlen(authctxt->krb5_ticket_file) + 6;  in auth_krb5_password()
185 	authctxt->krb5_ccname = xmalloc(len);  in auth_krb5_password()
186 	snprintf(authctxt->krb5_ccname, len, "FILE:%s",  in auth_krb5_password()
187 	    authctxt->krb5_ticket_file);  in auth_krb5_password()
191 		do_pam_putenv("KRB5CCNAME", authctxt->krb5_ccname);  in auth_krb5_password()
201 			krb5_cc_destroy(authctxt->krb5_ctx, ccache);  in auth_krb5_password()
203 		if (authctxt->krb5_ctx != NULL && problem!=-1) {  in auth_krb5_password()
204 			errmsg = krb5_get_error_message(authctxt->krb5_ctx,  in auth_krb5_password()
208 			krb5_free_error_message(authctxt->krb5_ctx, errmsg);  in auth_krb5_password()
213 		krb5_cleanup_proc(authctxt);  in auth_krb5_password()
220 	return (authctxt->valid ? 1 : 0);  in auth_krb5_password()
224 krb5_cleanup_proc(Authctxt *authctxt)  in krb5_cleanup_proc()  argument
227 	if (authctxt->krb5_fwd_ccache) {  in krb5_cleanup_proc()
228 		krb5_cc_destroy(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);  in krb5_cleanup_proc()
229 		authctxt->krb5_fwd_ccache = NULL;  in krb5_cleanup_proc()
231 	if (authctxt->krb5_user) {  in krb5_cleanup_proc()
232 		krb5_free_principal(authctxt->krb5_ctx, authctxt->krb5_user);  in krb5_cleanup_proc()
233 		authctxt->krb5_user = NULL;  in krb5_cleanup_proc()
235 	if (authctxt->krb5_ctx) {  in krb5_cleanup_proc()
236 		krb5_free_context(authctxt->krb5_ctx);  in krb5_cleanup_proc()
237 		authctxt->krb5_ctx = NULL;  in krb5_cleanup_proc()