version 1.78, 2013/05/17 00:13:13 |
version 1.79, 2013/05/19 02:42:42 |
|
|
/* import */ |
/* import */ |
extern ServerOptions options; |
extern ServerOptions options; |
|
|
static int auth1_process_password(Authctxt *, char *, size_t); |
static int auth1_process_password(Authctxt *); |
static int auth1_process_rsa(Authctxt *, char *, size_t); |
static int auth1_process_rsa(Authctxt *); |
static int auth1_process_rhosts_rsa(Authctxt *, char *, size_t); |
static int auth1_process_rhosts_rsa(Authctxt *); |
static int auth1_process_tis_challenge(Authctxt *, char *, size_t); |
static int auth1_process_tis_challenge(Authctxt *); |
static int auth1_process_tis_response(Authctxt *, char *, size_t); |
static int auth1_process_tis_response(Authctxt *); |
|
|
struct AuthMethod1 { |
struct AuthMethod1 { |
int type; |
int type; |
char *name; |
char *name; |
int *enabled; |
int *enabled; |
int (*method)(Authctxt *, char *, size_t); |
int (*method)(Authctxt *); |
}; |
}; |
|
|
const struct AuthMethod1 auth1_methods[] = { |
const struct AuthMethod1 auth1_methods[] = { |
|
|
|
|
/*ARGSUSED*/ |
/*ARGSUSED*/ |
static int |
static int |
auth1_process_password(Authctxt *authctxt, char *info, size_t infolen) |
auth1_process_password(Authctxt *authctxt) |
{ |
{ |
int authenticated = 0; |
int authenticated = 0; |
char *password; |
char *password; |
|
|
|
|
/*ARGSUSED*/ |
/*ARGSUSED*/ |
static int |
static int |
auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen) |
auth1_process_rsa(Authctxt *authctxt) |
{ |
{ |
int authenticated = 0; |
int authenticated = 0; |
BIGNUM *n; |
BIGNUM *n; |
|
|
|
|
/*ARGSUSED*/ |
/*ARGSUSED*/ |
static int |
static int |
auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen) |
auth1_process_rhosts_rsa(Authctxt *authctxt) |
{ |
{ |
int keybits, authenticated = 0; |
int keybits, authenticated = 0; |
u_int bits; |
u_int bits; |
|
|
client_host_key); |
client_host_key); |
key_free(client_host_key); |
key_free(client_host_key); |
|
|
snprintf(info, infolen, " ruser %.100s", client_user); |
auth_info(authctxt, "ruser %.100s", client_user); |
free(client_user); |
free(client_user); |
|
|
return (authenticated); |
return (authenticated); |
|
|
|
|
/*ARGSUSED*/ |
/*ARGSUSED*/ |
static int |
static int |
auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen) |
auth1_process_tis_challenge(Authctxt *authctxt) |
{ |
{ |
char *challenge; |
char *challenge; |
|
|
|
|
|
|
/*ARGSUSED*/ |
/*ARGSUSED*/ |
static int |
static int |
auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen) |
auth1_process_tis_response(Authctxt *authctxt) |
{ |
{ |
int authenticated = 0; |
int authenticated = 0; |
char *response; |
char *response; |
|
|
do_authloop(Authctxt *authctxt) |
do_authloop(Authctxt *authctxt) |
{ |
{ |
int authenticated = 0; |
int authenticated = 0; |
char info[1024]; |
|
int type = 0; |
int type = 0; |
const struct AuthMethod1 *meth; |
const struct AuthMethod1 *meth; |
|
|
|
|
(!options.kerberos_authentication || options.kerberos_or_local_passwd) && |
(!options.kerberos_authentication || options.kerberos_or_local_passwd) && |
#endif |
#endif |
PRIVSEP(auth_password(authctxt, ""))) { |
PRIVSEP(auth_password(authctxt, ""))) { |
auth_log(authctxt, 1, 0, "without authentication", NULL, ""); |
auth_log(authctxt, 1, 0, "without authentication", NULL); |
return; |
return; |
} |
} |
|
|
|
|
/* default to fail */ |
/* default to fail */ |
authenticated = 0; |
authenticated = 0; |
|
|
info[0] = '\0'; |
|
|
|
/* Get a packet from the client. */ |
/* Get a packet from the client. */ |
type = packet_read(); |
type = packet_read(); |
|
|
goto skip; |
goto skip; |
} |
} |
|
|
authenticated = meth->method(authctxt, info, sizeof(info)); |
authenticated = meth->method(authctxt); |
if (authenticated == -1) |
if (authenticated == -1) |
continue; /* "postponed" */ |
continue; /* "postponed" */ |
|
|
|
|
|
|
skip: |
skip: |
/* Log before sending the reply */ |
/* Log before sending the reply */ |
auth_log(authctxt, authenticated, 0, get_authname(type), |
auth_log(authctxt, authenticated, 0, get_authname(type), NULL); |
NULL, info); |
|
|
|
if (authenticated) |
if (authenticated) |
return; |
return; |