[BACK]Return to auth-passwd.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth-passwd.c between version 1.30 and 1.31

version 1.30, 2003/11/04 08:54:09 version 1.31, 2004/01/30 09:48:57
Line 42 
Line 42 
 #include "log.h"  #include "log.h"
 #include "servconf.h"  #include "servconf.h"
 #include "auth.h"  #include "auth.h"
   #include "auth-options.h"
   
   
 extern ServerOptions options;  extern ServerOptions options;
   int sys_auth_passwd(Authctxt *, const char *);
   
   static void
   disable_forwarding(void)
   {
           no_port_forwarding_flag = 1;
           no_agent_forwarding_flag = 1;
           no_x11_forwarding_flag = 1;
   }
   
 /*  /*
  * Tries to authenticate the user using password.  Returns true if   * Tries to authenticate the user using password.  Returns true if
  * authentication succeeds.   * authentication succeeds.
Line 68 
Line 77 
                 /* Fall back to ordinary passwd authentication. */                  /* Fall back to ordinary passwd authentication. */
         }          }
 #endif  #endif
           return (sys_auth_passwd(authctxt, password) && ok);
   }
   
 #ifdef BSD_AUTH  #ifdef BSD_AUTH
         if (auth_userokay(pw->pw_name, authctxt->style, "auth-ssh",  int
             (char *)password) == 0)  sys_auth_passwd(Authctxt *authctxt, const char *password)
                 return 0;  {
         else          struct passwd *pw = authctxt->pw;
                 return ok;          auth_session_t *as;
   
           as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh",
               (char *)password);
           if (auth_getstate(as) & AUTH_PWEXPIRED) {
                   auth_close(as);
                   disable_forwarding();
                   authctxt->force_pwchange = 1;
                   return (1);
           } else {
                   return (auth_close(as));
           }
   }
 #else  #else
   int
   sys_auth_passwd(Authctxt *authctxt, const char *password)
   {
           struct passwd *pw = authctxt->pw;
           char *encrypted_password;
   
         /* Check for users with no password. */          /* Check for users with no password. */
         if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)          if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
                 return ok;                  return (1);
         else {  
                 /* Encrypt the candidate password using the proper salt. */          /* Encrypt the candidate password using the proper salt. */
                 char *encrypted_password = crypt(password,          encrypted_password = crypt(password,
                     (pw->pw_passwd[0] && pw->pw_passwd[1]) ?              (pw->pw_passwd[0] && pw->pw_passwd[1]) ?
                     pw->pw_passwd : "xx");              pw->pw_passwd : "xx");
                 /*  
                  * Authentication is accepted if the encrypted passwords          /*
                  * are identical.           * Authentication is accepted if the encrypted passwords
                  */           * are identical.
                 return (strcmp(encrypted_password, pw->pw_passwd) == 0) && ok;           */
         }          return (strcmp(encrypted_password, pw->pw_passwd) == 0);
 #endif  
 }  }
   #endif
Legend:
Removed from v.1.30  
changed lines
  Added in v.1.31