version 1.125, 2012/11/04 11:09:15 |
version 1.126, 2012/12/02 20:34:09 |
|
|
debug2("input_userauth_request: try method %s", method); |
debug2("input_userauth_request: try method %s", method); |
authenticated = m->userauth(authctxt); |
authenticated = m->userauth(authctxt); |
} |
} |
userauth_finish(authctxt, authenticated, method); |
userauth_finish(authctxt, authenticated, method, NULL); |
|
|
xfree(service); |
xfree(service); |
xfree(user); |
xfree(user); |
|
|
} |
} |
|
|
void |
void |
userauth_finish(Authctxt *authctxt, int authenticated, char *method) |
userauth_finish(Authctxt *authctxt, int authenticated, const char *method, |
|
const char *submethod) |
{ |
{ |
char *methods; |
char *methods; |
int partial = 0; |
int partial = 0; |
|
|
if (!authctxt->valid && authenticated) |
if (!authctxt->valid && authenticated) |
fatal("INTERNAL ERROR: authenticated invalid user %s", |
fatal("INTERNAL ERROR: authenticated invalid user %s", |
authctxt->user); |
authctxt->user); |
|
if (authenticated && authctxt->postponed) |
|
fatal("INTERNAL ERROR: authenticated and postponed"); |
|
|
/* Special handling for root */ |
/* Special handling for root */ |
if (authenticated && authctxt->pw->pw_uid == 0 && |
if (authenticated && authctxt->pw->pw_uid == 0 && |
!auth_root_allowed(method)) |
!auth_root_allowed(method)) |
authenticated = 0; |
authenticated = 0; |
|
|
/* Log before sending the reply */ |
|
auth_log(authctxt, authenticated, method, " ssh2"); |
|
|
|
if (authctxt->postponed) |
|
return; |
|
|
|
if (authenticated && options.num_auth_methods != 0) { |
if (authenticated && options.num_auth_methods != 0) { |
if (!auth2_update_methods_lists(authctxt, method)) { |
if (!auth2_update_methods_lists(authctxt, method)) { |
authenticated = 0; |
authenticated = 0; |
partial = 1; |
partial = 1; |
} |
} |
} |
} |
|
|
|
/* Log before sending the reply */ |
|
auth_log(authctxt, authenticated, partial, method, submethod, " ssh2"); |
|
|
|
if (authctxt->postponed) |
|
return; |
|
|
if (authenticated == 1) { |
if (authenticated == 1) { |
/* turn off userauth */ |
/* turn off userauth */ |