Changeset View
Changeset View
Standalone View
Standalone View
head/crypto/openssh/auth2.c
| Show First 20 Lines • Show All 310 Lines • ▼ Show 20 Lines | if (auth2_setup_methods_lists(authctxt) != 0) | ||||
| strcmp(service, authctxt->service) != 0) { | strcmp(service, authctxt->service) != 0) { | ||||
| packet_disconnect("Change of username or service not allowed: " | packet_disconnect("Change of username or service not allowed: " | ||||
| "(%s,%s) -> (%s,%s)", | "(%s,%s) -> (%s,%s)", | ||||
| authctxt->user, authctxt->service, user, service); | authctxt->user, authctxt->service, user, service); | ||||
| } | } | ||||
| #ifdef HAVE_LOGIN_CAP | #ifdef HAVE_LOGIN_CAP | ||||
| if (authctxt->pw != NULL && | if (authctxt->pw != NULL && | ||||
| (lc = login_getpwclass(authctxt->pw)) != NULL) { | (lc = PRIVSEP(login_getpwclass(authctxt->pw))) != NULL) { | ||||
| logit("user %s login class %s", authctxt->pw->pw_name, | logit("user %s login class %s", authctxt->pw->pw_name, | ||||
| authctxt->pw->pw_class); | authctxt->pw->pw_class); | ||||
| from_host = auth_get_canonical_hostname(ssh, options.use_dns); | from_host = auth_get_canonical_hostname(ssh, options.use_dns); | ||||
| from_ip = ssh_remote_ipaddr(ssh); | from_ip = ssh_remote_ipaddr(ssh); | ||||
| if (!auth_hostok(lc, from_host, from_ip)) { | if (!auth_hostok(lc, from_host, from_ip)) { | ||||
| logit("Denied connection for %.200s from %.200s [%.200s].", | logit("Denied connection for %.200s from %.200s [%.200s].", | ||||
| authctxt->pw->pw_name, from_host, from_ip); | authctxt->pw->pw_name, from_host, from_ip); | ||||
| packet_disconnect("Sorry, you are not allowed to connect."); | packet_disconnect("Sorry, you are not allowed to connect."); | ||||
| } | } | ||||
| if (!auth_timeok(lc, time(NULL))) { | if (!auth_timeok(lc, time(NULL))) { | ||||
| logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", | logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", | ||||
| authctxt->pw->pw_name, from_host); | authctxt->pw->pw_name, from_host); | ||||
| packet_disconnect("Logins not available right now."); | packet_disconnect("Logins not available right now."); | ||||
| } | } | ||||
| login_close(lc); | PRIVSEP(login_close(lc)); | ||||
| } | } | ||||
| #endif /* HAVE_LOGIN_CAP */ | #endif /* HAVE_LOGIN_CAP */ | ||||
| /* reset state */ | /* reset state */ | ||||
| auth2_challenge_stop(ssh); | auth2_challenge_stop(ssh); | ||||
| #ifdef GSSAPI | #ifdef GSSAPI | ||||
| /* XXX move to auth2_gssapi_stop() */ | /* XXX move to auth2_gssapi_stop() */ | ||||
| ▲ Show 20 Lines • Show All 482 Lines • Show Last 20 Lines | |||||