version 1.12, 2014/07/15 15:54:14 |
version 1.13, 2017/05/30 14:26:49 |
|
|
#include <string.h> |
#include <string.h> |
#include <stdarg.h> |
#include <stdarg.h> |
|
|
#include "xmalloc.h" |
|
#include "packet.h" |
#include "packet.h" |
|
#include "ssherr.h" |
#include "log.h" |
#include "log.h" |
#include "key.h" |
#include "sshkey.h" |
#include "hostfile.h" |
#include "hostfile.h" |
#include "auth.h" |
#include "auth.h" |
#include "buffer.h" |
#include "buffer.h" |
|
|
static int |
static int |
userauth_passwd(Authctxt *authctxt) |
userauth_passwd(Authctxt *authctxt) |
{ |
{ |
char *password, *newpass; |
struct ssh *ssh = active_state; /* XXX */ |
int authenticated = 0; |
char *password; |
int change; |
int authenticated = 0, r; |
u_int len, newlen; |
u_char change; |
|
size_t len; |
|
|
change = packet_get_char(); |
if ((r = sshpkt_get_u8(ssh, &change)) != 0 || |
password = packet_get_string(&len); |
(r = sshpkt_get_cstring(ssh, &password, &len)) != 0 || |
if (change) { |
(change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) || |
/* discard new password from packet */ |
(r = sshpkt_get_end(ssh)) != 0) |
newpass = packet_get_string(&newlen); |
fatal("%s: %s", __func__, ssh_err(r)); |
explicit_bzero(newpass, newlen); |
|
free(newpass); |
|
} |
|
packet_check_eom(); |
|
|
|
if (change) |
if (change) |
logit("password change not supported"); |
logit("password change not supported"); |
else if (PRIVSEP(auth_password(authctxt, password)) == 1) |
else if (PRIVSEP(auth_password(ssh->authctxt, password)) == 1) |
authenticated = 1; |
authenticated = 1; |
explicit_bzero(password, len); |
explicit_bzero(password, len); |
free(password); |
free(password); |