Changeset View
Changeset View
Standalone View
Standalone View
head/crypto/openssh/auth1.c
Show All 37 Lines | |||||
#include "channels.h" | #include "channels.h" | ||||
#include "session.h" | #include "session.h" | ||||
#include "uidswap.h" | #include "uidswap.h" | ||||
#ifdef GSSAPI | #ifdef GSSAPI | ||||
#include "ssh-gss.h" | #include "ssh-gss.h" | ||||
#endif | #endif | ||||
#include "monitor_wrap.h" | #include "monitor_wrap.h" | ||||
#include "buffer.h" | #include "buffer.h" | ||||
#include "blacklist_client.h" | |||||
/* import */ | /* import */ | ||||
extern ServerOptions options; | extern ServerOptions options; | ||||
extern Buffer loginmsg; | extern Buffer loginmsg; | ||||
static int auth1_process_password(Authctxt *); | static int auth1_process_password(Authctxt *); | ||||
static int auth1_process_rsa(Authctxt *); | static int auth1_process_rsa(Authctxt *); | ||||
static int auth1_process_rhosts_rsa(Authctxt *); | static int auth1_process_rhosts_rsa(Authctxt *); | ||||
▲ Show 20 Lines • Show All 278 Lines • ▼ Show 20 Lines | |||||
#endif | #endif | ||||
#ifdef USE_PAM | #ifdef USE_PAM | ||||
if (options.use_pam && authenticated && | if (options.use_pam && authenticated && | ||||
!PRIVSEP(do_pam_account())) { | !PRIVSEP(do_pam_account())) { | ||||
char *msg; | char *msg; | ||||
size_t len; | size_t len; | ||||
BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL); | |||||
error("Access denied for user %s by PAM account " | error("Access denied for user %s by PAM account " | ||||
"configuration", authctxt->user); | "configuration", authctxt->user); | ||||
len = buffer_len(&loginmsg); | len = buffer_len(&loginmsg); | ||||
buffer_append(&loginmsg, "\0", 1); | buffer_append(&loginmsg, "\0", 1); | ||||
msg = buffer_ptr(&loginmsg); | msg = buffer_ptr(&loginmsg); | ||||
/* strip trailing newlines */ | /* strip trailing newlines */ | ||||
if (len > 0) | if (len > 0) | ||||
while (len > 0 && msg[--len] == '\n') | while (len > 0 && msg[--len] == '\n') | ||||
▲ Show 20 Lines • Show All 51 Lines • ▼ Show 20 Lines | do_authentication(Authctxt *authctxt) | ||||
authctxt->style = style; | authctxt->style = style; | ||||
/* Verify that the user is a valid user. */ | /* Verify that the user is a valid user. */ | ||||
if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) | if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) | ||||
authctxt->valid = 1; | authctxt->valid = 1; | ||||
else { | else { | ||||
debug("do_authentication: invalid user %s", user); | debug("do_authentication: invalid user %s", user); | ||||
authctxt->pw = fakepw(); | authctxt->pw = fakepw(); | ||||
BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL); | |||||
} | } | ||||
/* Configuration may have changed as a result of Match */ | /* Configuration may have changed as a result of Match */ | ||||
if (options.num_auth_methods != 0) | if (options.num_auth_methods != 0) | ||||
fatal("AuthenticationMethods is not supported with SSH " | fatal("AuthenticationMethods is not supported with SSH " | ||||
"protocol 1"); | "protocol 1"); | ||||
setproctitle("%s%s", authctxt->valid ? user : "unknown", | setproctitle("%s%s", authctxt->valid ? user : "unknown", | ||||
Show All 30 Lines |