1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
| | commit 8b728dc144ea12f3a339a2009e403e9bbd8fd39c
Author: Lars-Dominik Braun <ldb@leibniz-psychology.org>
Date: Thu Dec 5 10:31:00 2019 +0100
Add GSSAPI user authentication method
Bind to libssh’s ssh_userauth_gssapi().
diff --git a/doc/api-auth.texi b/doc/api-auth.texi
index b2975d2..9f2884d 100644
--- a/doc/api-auth.texi
+++ b/doc/api-auth.texi
@@ -125,6 +125,26 @@ In nonblocking mode, you've got to call this again later.
@end deffn
+@deffn {Scheme Procedure} userauth-gssapi! session
+Try to authenticate through the @code{gssapi-with-mic} method.
+
+Return one of the following symbols:
+
+@table @samp
+@item success
+Authentication success.
+@item partial
+You've been partially authenticated, you still have to use another method.
+@item again
+In nonblocking mode, you've got to call this again later.
+@item denied
+Authentication failed: use another method.
+@item error
+A serious error happened.
+@end table
+
+@end deffn
+
@deffn {Scheme Procedure} userauth-none! session
Try to authenticate through the @code{none} method.
diff --git a/libguile-ssh/auth.c b/libguile-ssh/auth.c
index 52d3262..e9efe9e 100644
--- a/libguile-ssh/auth.c
+++ b/libguile-ssh/auth.c
@@ -206,6 +206,27 @@ Throw `wrong-type-arg' if a disconnected SESSION is passed as an argument.\
}
#undef FUNC_NAME
+SCM_DEFINE (guile_ssh_userauth_gssapi_x,
+ "userauth-gssapi!", 1, 0, 0,
+ (SCM session),
+ "\
+Try to authenticate through the \"gssapi-with-mic\" method.\
+Throw `wrong-type-arg' if a disconnected SESSION is passed as an argument.\
+")
+#define FUNC_NAME s_guile_ssh_userauth_gssapi_x
+{
+ struct session_data *sd = _scm_to_session_data (session);
+
+ int res;
+
+ GSSH_VALIDATE_CONNECTED_SESSION (sd, session, SCM_ARG1);
+
+ res = ssh_userauth_gssapi (sd->ssh_session);
+
+ return ssh_auth_result_to_symbol (res);
+}
+#undef FUNC_NAME
+
\f
/* Try to authenticate through the "none" method.
diff --git a/modules/ssh/auth.scm b/modules/ssh/auth.scm
index 158cab1..7a4be10 100644
--- a/modules/ssh/auth.scm
+++ b/modules/ssh/auth.scm
@@ -29,6 +29,7 @@
;; userauth-public-key/try
;; userauth-agent!
;; userauth-password!
+;; userauth-gssapi!
;; userauth-none!
;; userauth-get-list
@@ -46,6 +47,7 @@
userauth-public-key/try
userauth-agent!
userauth-password!
+ userauth-gssapi!
userauth-none!
userauth-get-list
openssh-agent-start
diff --git a/tests/client-server.scm b/tests/client-server.scm
index 2704280..d8f490a 100644
--- a/tests/client-server.scm
+++ b/tests/client-server.scm
@@ -429,6 +429,19 @@
(userauth-public-key/auto! (make-session-for-test)))
\f
+;;; 'userauth-gssapi!'
+
+;; The procedure called with a wrong object as a parameter which leads to an
+;; exception.
+(test-error-with-log "userauth-gssapi!, wrong parameter" 'wrong-type-arg
+ (userauth-gssapi! "Not a session."))
+
+;; Client tries to authenticate using a non-connected session which leads to
+;; an exception.
+(test-error-with-log "userauth-gssapi!, not connected" 'wrong-type-arg
+ (userauth-gssapi! (make-session-for-test)))
+
+\f
;;;
\f
|