RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- markus@cvs.openbsd.org 2001/05/30 23:31:14 

[auth2.c]
     merge
This commit is contained in:
Ben Lindstrom 2001-06-09 00:23:17 +00:00
parent 5ec2645a2d
commit cd4349f969
1 changed files with 26 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
auth2.c
View File

@ -23,7 +23,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.59 2001/05/30 12:55:06 markus Exp $"); RCSID("$OpenBSD: auth2.c,v 1.60 2001/05/30 23:31:14 markus Exp $");
#include <openssl/evp.h> #include <openssl/evp.h>
@ -88,7 +88,6 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
/* auth */ /* auth */
void userauth_banner(void); void userauth_banner(void);
void userauth_reply(Authctxt *authctxt, int authenticated);
int userauth_none(Authctxt *authctxt); int userauth_none(Authctxt *authctxt);
int userauth_passwd(Authctxt *authctxt); int userauth_passwd(Authctxt *authctxt);
int userauth_pubkey(Authctxt *authctxt); int userauth_pubkey(Authctxt *authctxt);
@ -255,6 +254,8 @@ input_userauth_request(int type, int plen, void *ctxt)
void void
userauth_finish(Authctxt *authctxt, int authenticated, char *method) userauth_finish(Authctxt *authctxt, int authenticated, char *method)
{ {
char *methods;
if (!authctxt->valid && authenticated) if (!authctxt->valid && authenticated)
fatal("INTERNAL ERROR: authenticated invalid user %s", fatal("INTERNAL ERROR: authenticated invalid user %s",
authctxt->user); authctxt->user);
@ -273,8 +274,29 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
/* Log before sending the reply */ /* Log before sending the reply */
auth_log(authctxt, authenticated, method, " ssh2"); auth_log(authctxt, authenticated, method, " ssh2");
if (!authctxt->postponed) if (authctxt->postponed)
userauth_reply(authctxt, authenticated); return;
/* XXX todo: check if multiple auth methods are needed */
if (authenticated == 1) {
/* turn off userauth */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
packet_send();
packet_write_wait();
/* now we can break out */
authctxt->success = 1;
} else {
if (authctxt->failures++ > AUTH_FAIL_MAX)
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
methods = authmethods_get();
packet_start(SSH2_MSG_USERAUTH_FAILURE);
packet_put_cstring(methods);
packet_put_char(0); /* XXX partial success, unused */
packet_send();
packet_write_wait();
xfree(methods);
}
} }
void void
@ -308,40 +330,6 @@ done:
return; return;
} }
void
userauth_reply(Authctxt *authctxt, int authenticated)
{
char *methods;
/* XXX todo: check if multiple auth methods are needed */
if (authenticated == 1) {
#ifdef WITH_AIXAUTHENTICATE
/* We don't have a pty yet, so just label the line as "ssh" */
if (loginsuccess(authctxt->user?authctxt->user:"NOUSER",
get_canonical_hostname(options.reverse_mapping_check),
"ssh", &aixloginmsg) < 0)
aixloginmsg = NULL;
#endif /* WITH_AIXAUTHENTICATE */
/* turn off userauth */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
packet_send();
packet_write_wait();
/* now we can break out */
authctxt->success = 1;
} else {
if (authctxt->failures++ > AUTH_FAIL_MAX)
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
methods = authmethods_get();
packet_start(SSH2_MSG_USERAUTH_FAILURE);
packet_put_cstring(methods);
packet_put_char(0); /* XXX partial success, unused */
packet_send();
packet_write_wait();
xfree(methods);
}
}
int int
userauth_none(Authctxt *authctxt) userauth_none(Authctxt *authctxt)
{ {