| version 1.37, 2002/03/18 01:12:14 |
version 1.38, 2002/03/18 17:50:31 |
|
|
| #include "session.h" |
#include "session.h" |
| #include "misc.h" |
#include "misc.h" |
| #include "uidswap.h" |
#include "uidswap.h" |
| |
#include "monitor_wrap.h" |
| |
|
| /* import */ |
/* import */ |
| extern ServerOptions options; |
extern ServerOptions options; |
|
|
| #if defined(KRB4) || defined(KRB5) |
#if defined(KRB4) || defined(KRB5) |
| (!options.kerberos_authentication || options.kerberos_or_local_passwd) && |
(!options.kerberos_authentication || options.kerberos_or_local_passwd) && |
| #endif |
#endif |
| auth_password(authctxt, "")) { |
PRIVSEP(auth_password(authctxt, ""))) { |
| auth_log(authctxt, 1, "without authentication", ""); |
auth_log(authctxt, 1, "without authentication", ""); |
| return; |
return; |
| } |
} |
|
|
| packet_check_eom(); |
packet_check_eom(); |
| |
|
| /* Try authentication with the password. */ |
/* Try authentication with the password. */ |
| authenticated = auth_password(authctxt, password); |
authenticated = PRIVSEP(auth_password(authctxt, password)); |
| |
|
| memset(password, 0, strlen(password)); |
memset(password, 0, strlen(password)); |
| xfree(password); |
xfree(password); |
|
|
| do_authentication(void) |
do_authentication(void) |
| { |
{ |
| Authctxt *authctxt; |
Authctxt *authctxt; |
| struct passwd *pw; |
struct passwd *pw = NULL, *pwent; |
| u_int ulen; |
u_int ulen; |
| char *p, *user, *style = NULL; |
char *p, *user, *style = NULL; |
| |
|
|
|
| authctxt->style = style; |
authctxt->style = style; |
| |
|
| /* Verify that the user is a valid user. */ |
/* Verify that the user is a valid user. */ |
| pw = getpwnamallow(user); |
pwent = PRIVSEP(getpwnamallow(user)); |
| if (pw) { |
if (pwent) { |
| authctxt->valid = 1; |
authctxt->valid = 1; |
| pw = pwcopy(pw); |
pw = pwcopy(pwent); |
| } else { |
} else { |
| debug("do_authentication: illegal user %s", user); |
debug("do_authentication: illegal user %s", user); |
| pw = NULL; |
pw = NULL; |
| } |
} |
| |
/* Free memory */ |
| |
if (use_privsep && pwent != NULL) |
| |
pwfree(pwent); |
| |
|
| authctxt->pw = pw; |
authctxt->pw = pw; |
| |
|
| setproctitle("%s", pw ? user : "unknown"); |
setproctitle("%s%s", pw ? user : "unknown", |
| |
use_privsep ? " [net]" : ""); |
| |
|
| /* |
/* |
| * If we are not running as root, the user must have the same uid as |
* If we are not running as root, the user must have the same uid as |
| * the server. |
* the server. |
| */ |
*/ |
| if (getuid() != 0 && pw && pw->pw_uid != getuid()) |
if (!use_privsep && getuid() != 0 && pw && pw->pw_uid != getuid()) |
| packet_disconnect("Cannot change user when server not running as root."); |
packet_disconnect("Cannot change user when server not running as root."); |
| |
|
| /* |
/* |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth1.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh