Add code for being compatible with ssh.com's krb5 authentication.

It is done by using the same ssh messages for v4 and v5 authentication
(since the ssh.com does not now anything about v4) and looking at the
contents after unpacking it to see if it is v4 or v5.
Based on code from Björn Grönvall <bg@sics.se>

PR:		misc/20504

1 files changed, 7 insertions, 11 deletions

diff --git a/crypto/openssh/ssh.h b/crypto/openssh/ssh.h
index 82e7eb1..82ed914 100644
--- a/crypto/openssh/ssh.h
+++ b/crypto/openssh/ssh.h
@@ -182,14 +182,11 @@
 #define SSH_AUTH_PASSWORD	3
 #define SSH_AUTH_RHOSTS_RSA	4
 #define SSH_AUTH_TIS		5
-#define SSH_AUTH_KRB4		6
-#define SSH_PASS_KRB4_TGT	7
+#define SSH_AUTH_KERBEROS	6
+#define SSH_PASS_KERBEROS_TGT	7
 				/* 8 to 15 are reserved */
 #define SSH_PASS_AFS_TOKEN	21
 
-#define SSH_AUTH_KRB5		29
-#define SSH_PASS_KRB5_TGT	30
-
 /* Protocol flags.  These are bit masks. */
 #define SSH_PROTOFLAG_SCREEN_NUMBER	1	/* X11 forwarding includes screen */
 #define SSH_PROTOFLAG_HOST_IN_FWD_OPEN	2	/* forwarding opens contain host */
@@ -243,14 +240,13 @@
 #define SSH_CMSG_AUTH_TIS			39	/* we use this for s/key */
 #define SSH_SMSG_AUTH_TIS_CHALLENGE		40	/* challenge (string) */
 #define SSH_CMSG_AUTH_TIS_RESPONSE		41	/* response (string) */
-#define SSH_CMSG_AUTH_KRB4			42	/* (KTEXT) */
-#define SSH_SMSG_AUTH_KRB4_RESPONSE		43	/* (KTEXT) */
-#define SSH_CMSG_HAVE_KRB4_TGT			44	/* credentials (s) */
+#define SSH_CMSG_AUTH_KERBEROS			42	/* (KTEXT) */
+#define SSH_SMSG_AUTH_KERBEROS_RESPONSE		43	/* (KTEXT) */
+#define	SSH_CMSG_HAVE_KERBEROS_TGT			44
 #define SSH_CMSG_HAVE_AFS_TOKEN			65	/* token (s) */
 
-#define SSH_CMSG_AUTH_KRB5			110
-#define SSH_SMSG_AUTH_KRB5_RESPONSE		111
-#define	SSH_CMSG_HAVE_KRB5_TGT			112
+/* Kerberos IV tickets can't be forwarded. This is an AFS hack! */ 
+#define SSH_CMSG_HAVE_KRB4_TGT SSH_CMSG_HAVE_KERBEROS_TGT /* credentials (s) */
 
 /*------------ definitions for login.c -------------*/