]> asedeno.scripts.mit.edu Git - PuTTY.git/commitdiff
projects / PuTTY.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d4e5b0d)
Don't try to load GSSAPI libs unless we'll use them.
authorSimon Tatham <anakin@pobox.com>
Sat, 1 Aug 2015 21:11:16 +0000 (22:11 +0100)
committerSimon Tatham <anakin@pobox.com>
Sat, 17 Oct 2015 16:30:17 +0000 (17:30 +0100)
A user reports that in a particular situation one of the calls to
LoadLibrary from wingss.c has unwanted side effects, and points out
that this happens even when the saved session has GSSAPI disabled. So
I've evaluated as much as possible of the condition under which we
check the results of GSS library loading, and deferred the library
loading itself until after that condition says we even care about the
results.

(cherry picked from commit 9a08d9a7c10458356b934af54206f0b642ecf715)

ssh.c patch | blob | history

diff --git a/ssh.c b/ssh.c
index 34500821f05e87dc949f0d8684bb8dda482a3ce0..cf4f0bfc77805d2b6f348dd89c0e80bf66d6fe92 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -9148,11 +9148,20 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
                s->can_keyb_inter = conf_get_int(ssh->conf, CONF_try_ki_auth) &&
                    in_commasep_string("keyboard-interactive", methods, methlen);
 #ifndef NO_GSSAPI
-               if (!ssh->gsslibs)
-                   ssh->gsslibs = ssh_gss_setup(ssh->conf);
-               s->can_gssapi = conf_get_int(ssh->conf, CONF_try_gssapi_auth) &&
-                   in_commasep_string("gssapi-with-mic", methods, methlen) &&
-                   ssh->gsslibs->nlibraries > 0;
+                if (conf_get_int(ssh->conf, CONF_try_gssapi_auth) &&
+                   in_commasep_string("gssapi-with-mic", methods, methlen)) {
+                    /* Try loading the GSS libraries and see if we
+                     * have any. */
+                    if (!ssh->gsslibs)
+                        ssh->gsslibs = ssh_gss_setup(ssh->conf);
+                    s->can_gssapi = (ssh->gsslibs->nlibraries > 0);
+                } else {
+                    /* No point in even bothering to try to load the
+                     * GSS libraries, if the user configuration and
+                     * server aren't both prepared to attempt GSSAPI
+                     * auth in the first place. */
+                    s->can_gssapi = FALSE;
+                }
 #endif
            }
 
local copy of git://git.tartarus.org/simon/putty.git