[BACK]Return to auth-passwd.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth-passwd.c between version 1.29.2.1 and 1.30

version 1.29.2.1, 2004/02/28 03:51:32 version 1.30, 2003/11/04 08:54:09
Line 42 
Line 42 
 #include "log.h"  #include "log.h"
 #include "servconf.h"  #include "servconf.h"
 #include "auth.h"  #include "auth.h"
 #include "auth-options.h"  
   
   
 extern ServerOptions options;  extern ServerOptions options;
 int sys_auth_passwd(Authctxt *, const char *);  
   
 static void  
 disable_forwarding(void)  
 {  
         no_port_forwarding_flag = 1;  
         no_agent_forwarding_flag = 1;  
         no_x11_forwarding_flag = 1;  
 }  
   
 /*  /*
  * Tries to authenticate the user using password.  Returns true if   * Tries to authenticate the user using password.  Returns true if
  * authentication succeeds.   * authentication succeeds.
Line 77 
Line 68 
                 /* Fall back to ordinary passwd authentication. */                  /* Fall back to ordinary passwd authentication. */
         }          }
 #endif  #endif
         return (sys_auth_passwd(authctxt, password) && ok);  
 }  
   
 #ifdef BSD_AUTH  #ifdef BSD_AUTH
 int          if (auth_userokay(pw->pw_name, authctxt->style, "auth-ssh",
 sys_auth_passwd(Authctxt *authctxt, const char *password)              (char *)password) == 0)
 {                  return 0;
         struct passwd *pw = authctxt->pw;          else
         auth_session_t *as;                  return ok;
   
         as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh",  
             (char *)password);  
         if (auth_getstate(as) & AUTH_PWEXPIRED) {  
                 auth_close(as);  
                 disable_forwarding();  
                 authctxt->force_pwchange = 1;  
                 return (1);  
         } else {  
                 return (auth_close(as));  
         }  
 }  
 #else  #else
 int  
 sys_auth_passwd(Authctxt *authctxt, const char *password)  
 {  
         struct passwd *pw = authctxt->pw;  
         char *encrypted_password;  
   
         /* Check for users with no password. */          /* Check for users with no password. */
         if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)          if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
                 return (1);                  return ok;
           else {
         /* Encrypt the candidate password using the proper salt. */                  /* Encrypt the candidate password using the proper salt. */
         encrypted_password = crypt(password,                  char *encrypted_password = crypt(password,
             (pw->pw_passwd[0] && pw->pw_passwd[1]) ?                      (pw->pw_passwd[0] && pw->pw_passwd[1]) ?
             pw->pw_passwd : "xx");                      pw->pw_passwd : "xx");
                   /*
         /*                   * Authentication is accepted if the encrypted passwords
          * Authentication is accepted if the encrypted passwords                   * are identical.
          * are identical.                   */
          */                  return (strcmp(encrypted_password, pw->pw_passwd) == 0) && ok;
         return (strcmp(encrypted_password, pw->pw_passwd) == 0);          }
 }  
 #endif  #endif
   }
Legend:
Removed from v.1.29.2.1  
changed lines
  Added in v.1.30