Changeset View
Changeset View
Standalone View
Standalone View
head/crypto/openssh/auth2.c
Show First 20 Lines • Show All 310 Lines • ▼ Show 20 Lines | if (auth2_setup_methods_lists(authctxt) != 0) | ||||
strcmp(service, authctxt->service) != 0) { | strcmp(service, authctxt->service) != 0) { | ||||
packet_disconnect("Change of username or service not allowed: " | packet_disconnect("Change of username or service not allowed: " | ||||
"(%s,%s) -> (%s,%s)", | "(%s,%s) -> (%s,%s)", | ||||
authctxt->user, authctxt->service, user, service); | authctxt->user, authctxt->service, user, service); | ||||
} | } | ||||
#ifdef HAVE_LOGIN_CAP | #ifdef HAVE_LOGIN_CAP | ||||
if (authctxt->pw != NULL && | if (authctxt->pw != NULL && | ||||
(lc = login_getpwclass(authctxt->pw)) != NULL) { | (lc = PRIVSEP(login_getpwclass(authctxt->pw))) != NULL) { | ||||
logit("user %s login class %s", authctxt->pw->pw_name, | logit("user %s login class %s", authctxt->pw->pw_name, | ||||
authctxt->pw->pw_class); | authctxt->pw->pw_class); | ||||
from_host = auth_get_canonical_hostname(ssh, options.use_dns); | from_host = auth_get_canonical_hostname(ssh, options.use_dns); | ||||
from_ip = ssh_remote_ipaddr(ssh); | from_ip = ssh_remote_ipaddr(ssh); | ||||
if (!auth_hostok(lc, from_host, from_ip)) { | if (!auth_hostok(lc, from_host, from_ip)) { | ||||
logit("Denied connection for %.200s from %.200s [%.200s].", | logit("Denied connection for %.200s from %.200s [%.200s].", | ||||
authctxt->pw->pw_name, from_host, from_ip); | authctxt->pw->pw_name, from_host, from_ip); | ||||
packet_disconnect("Sorry, you are not allowed to connect."); | packet_disconnect("Sorry, you are not allowed to connect."); | ||||
} | } | ||||
if (!auth_timeok(lc, time(NULL))) { | if (!auth_timeok(lc, time(NULL))) { | ||||
logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", | logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", | ||||
authctxt->pw->pw_name, from_host); | authctxt->pw->pw_name, from_host); | ||||
packet_disconnect("Logins not available right now."); | packet_disconnect("Logins not available right now."); | ||||
} | } | ||||
login_close(lc); | PRIVSEP(login_close(lc)); | ||||
} | } | ||||
#endif /* HAVE_LOGIN_CAP */ | #endif /* HAVE_LOGIN_CAP */ | ||||
/* reset state */ | /* reset state */ | ||||
auth2_challenge_stop(ssh); | auth2_challenge_stop(ssh); | ||||
#ifdef GSSAPI | #ifdef GSSAPI | ||||
/* XXX move to auth2_gssapi_stop() */ | /* XXX move to auth2_gssapi_stop() */ | ||||
▲ Show 20 Lines • Show All 482 Lines • Show Last 20 Lines |