version 1.34, 2002/03/25 09:25:06 |
version 1.34.6.2, 2004/03/04 18:18:15 |
|
|
* its host key. Returns true if authentication succeeds. |
* its host key. Returns true if authentication succeeds. |
*/ |
*/ |
int |
int |
auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key) |
auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) |
{ |
{ |
char *chost; |
char *chost; |
|
struct passwd *pw = authctxt->pw; |
|
|
debug("Trying rhosts with RSA host authentication for client user %.100s", |
debug("Trying rhosts with RSA host authentication for client user %.100s", |
cuser); |
cuser); |
|
|
if (pw == NULL || client_host_key == NULL || |
if (!authctxt->valid || client_host_key == NULL || |
client_host_key->rsa == NULL) |
client_host_key->rsa == NULL) |
return 0; |
return 0; |
|
|
chost = (char *)get_canonical_hostname(options.verify_reverse_mapping); |
chost = (char *)get_canonical_hostname(options.use_dns); |
debug("Rhosts RSA authentication: canonical host %.900s", chost); |
debug("Rhosts RSA authentication: canonical host %.900s", chost); |
|
|
if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) { |
if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) { |
|
|
|
|
/* Perform the challenge-response dialog with the client for the host key. */ |
/* Perform the challenge-response dialog with the client for the host key. */ |
if (!auth_rsa_challenge_dialog(client_host_key)) { |
if (!auth_rsa_challenge_dialog(client_host_key)) { |
log("Client on %.800s failed to respond correctly to host authentication.", |
logit("Client on %.800s failed to respond correctly to host authentication.", |
chost); |
chost); |
return 0; |
return 0; |
} |
} |