version 1.41, 2002/09/26 11:38:43 |
version 1.41.2.1, 2003/09/16 21:20:24 |
|
|
|
|
struct Authctxt { |
struct Authctxt { |
int success; |
int success; |
int postponed; |
int postponed; /* authentication needs another step */ |
int valid; |
int valid; /* user exists and is allowed to login */ |
int attempt; |
int attempt; |
int failures; |
int failures; |
char *user; |
char *user; /* username sent by the client */ |
char *service; |
char *service; |
struct passwd *pw; |
struct passwd *pw; /* set if 'valid' */ |
char *style; |
char *style; |
void *kbdintctxt; |
void *kbdintctxt; |
#ifdef BSD_AUTH |
#ifdef BSD_AUTH |
auth_session_t *as; |
auth_session_t *as; |
#endif |
#endif |
#ifdef KRB4 |
|
char *krb4_ticket_file; |
|
#endif |
|
#ifdef KRB5 |
#ifdef KRB5 |
krb5_context krb5_ctx; |
krb5_context krb5_ctx; |
krb5_auth_context krb5_auth_ctx; |
|
krb5_ccache krb5_fwd_ccache; |
krb5_ccache krb5_fwd_ccache; |
krb5_principal krb5_user; |
krb5_principal krb5_user; |
char *krb5_ticket_file; |
char *krb5_ticket_file; |
#endif |
#endif |
|
void *methoddata; |
}; |
}; |
|
/* |
|
* Every authentication method has to handle authentication requests for |
|
* non-existing users, or for users that are not allowed to login. In this |
|
* case 'valid' is set to 0, but 'user' points to the username requested by |
|
* the client. |
|
*/ |
|
|
struct Authmethod { |
struct Authmethod { |
char *name; |
char *name; |
|
|
int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); |
int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); |
int user_key_allowed(struct passwd *, Key *); |
int user_key_allowed(struct passwd *, Key *); |
|
|
#ifdef KRB4 |
|
#include <krb.h> |
|
int auth_krb4(Authctxt *, KTEXT, char **, KTEXT); |
|
int auth_krb4_password(Authctxt *, const char *); |
|
void krb4_cleanup_proc(void *); |
|
|
|
#ifdef AFS |
|
#include <kafs.h> |
|
int auth_krb4_tgt(Authctxt *, const char *); |
|
int auth_afs_token(Authctxt *, const char *); |
|
#endif /* AFS */ |
|
|
|
#endif /* KRB4 */ |
|
|
|
#ifdef KRB5 |
#ifdef KRB5 |
int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *); |
int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *); |
int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt); |
int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt); |
|
|
void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); |
void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); |
void auth_debug_send(void); |
void auth_debug_send(void); |
void auth_debug_reset(void); |
void auth_debug_reset(void); |
|
|
|
struct passwd *fakepw(void); |
|
|
#define AUTH_FAIL_MAX 6 |
#define AUTH_FAIL_MAX 6 |
#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) |
#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) |