merge key exchange patch without rekeying support

[openssh.git] / clientloop.c

diff --git a/clientloop.c b/clientloop.c
index f6c1444..ed19023 100644 (file)
--- a/clientloop.c
+++ b/clientloop.c
@@ -111,6 +111,10 @@
 #include "msg.h"
 #include "roaming.h"
 
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
+
 /* import options */
 extern Options options;
 
@@ -1483,6 +1487,15 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
                /* Do channel operations unless rekeying in progress. */
                if (!rekeying) {
                        channel_after_select(readset, writeset);
+
+#ifdef GSSAPI
+                       if (options.gss_renewal_rekey &&
+                           ssh_gssapi_credentials_updated(GSS_C_NO_CONTEXT)) {
+                               debug("credentials updated - forcing rekey");
+                               need_rekeying = 1;
+                       }
+#endif
+
                        if (need_rekeying || packet_need_rekeying()) {
                                debug("need rekeying");
                                xxx_kex->done = 0;