version 1.38, 2002/03/18 17:50:31 |
version 1.39, 2002/03/19 14:27:39 |
|
|
#include "auth.h" |
#include "auth.h" |
#include "channels.h" |
#include "channels.h" |
#include "session.h" |
#include "session.h" |
#include "misc.h" |
|
#include "uidswap.h" |
#include "uidswap.h" |
#include "monitor_wrap.h" |
#include "monitor_wrap.h" |
|
|
|
|
do_authentication(void) |
do_authentication(void) |
{ |
{ |
Authctxt *authctxt; |
Authctxt *authctxt; |
struct passwd *pw = NULL, *pwent; |
|
u_int ulen; |
u_int ulen; |
char *p, *user, *style = NULL; |
char *p, *user, *style = NULL; |
|
|
|
|
authctxt->style = style; |
authctxt->style = style; |
|
|
/* Verify that the user is a valid user. */ |
/* Verify that the user is a valid user. */ |
pwent = PRIVSEP(getpwnamallow(user)); |
if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) |
if (pwent) { |
|
authctxt->valid = 1; |
authctxt->valid = 1; |
pw = pwcopy(pwent); |
else |
} else { |
|
debug("do_authentication: illegal user %s", user); |
debug("do_authentication: illegal user %s", user); |
pw = NULL; |
|
} |
|
/* Free memory */ |
|
if (use_privsep && pwent != NULL) |
|
pwfree(pwent); |
|
|
|
authctxt->pw = pw; |
setproctitle("%s%s", authctxt->pw ? user : "unknown", |
|
|
setproctitle("%s%s", pw ? user : "unknown", |
|
use_privsep ? " [net]" : ""); |
use_privsep ? " [net]" : ""); |
|
|
/* |
/* |
* If we are not running as root, the user must have the same uid as |
* If we are not running as root, the user must have the same uid as |
* the server. |
* the server. |
*/ |
*/ |
if (!use_privsep && getuid() != 0 && pw && pw->pw_uid != getuid()) |
if (!use_privsep && getuid() != 0 && authctxt->pw && |
|
authctxt->pw->pw_uid != getuid()) |
packet_disconnect("Cannot change user when server not running as root."); |
packet_disconnect("Cannot change user when server not running as root."); |
|
|
/* |
/* |