version 1.23, 2000/12/19 23:17:55 |
version 1.24, 2000/12/28 14:25:51 |
|
|
memset(authctxt, 'a', sizeof(*authctxt)); |
memset(authctxt, 'a', sizeof(*authctxt)); |
authctxt->valid = 0; |
authctxt->valid = 0; |
authctxt->attempt = 0; |
authctxt->attempt = 0; |
|
authctxt->failures = 0; |
authctxt->success = 0; |
authctxt->success = 0; |
x_authctxt = authctxt; /*XXX*/ |
x_authctxt = authctxt; /*XXX*/ |
|
|
|
|
|
|
if (authctxt == NULL) |
if (authctxt == NULL) |
fatal("input_userauth_request: no authctxt"); |
fatal("input_userauth_request: no authctxt"); |
if (authctxt->attempt++ >= AUTH_FAIL_MAX) |
|
packet_disconnect("too many failed userauth_requests"); |
|
|
|
user = packet_get_string(NULL); |
user = packet_get_string(NULL); |
service = packet_get_string(NULL); |
service = packet_get_string(NULL); |
method = packet_get_string(NULL); |
method = packet_get_string(NULL); |
debug("userauth-request for user %s service %s method %s", user, service, method); |
debug("userauth-request for user %s service %s method %s", user, service, method); |
debug("attempt #%d", authctxt->attempt); |
debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); |
|
|
if (authctxt->attempt == 1) { |
if (authctxt->attempt++ == 0) { |
/* setup auth context */ |
/* setup auth context */ |
struct passwd *pw = NULL; |
struct passwd *pw = NULL; |
setproctitle("%s", user); |
setproctitle("%s", user); |
|
|
/* Raise logging level */ |
/* Raise logging level */ |
if (authenticated == 1 || |
if (authenticated == 1 || |
!authctxt->valid || |
!authctxt->valid || |
authctxt->attempt >= AUTH_FAIL_LOG || |
authctxt->failures >= AUTH_FAIL_LOG || |
strcmp(method, "password") == 0) |
strcmp(method, "password") == 0) |
authlog = log; |
authlog = log; |
|
|
|
|
void |
void |
userauth_reply(Authctxt *authctxt, int authenticated) |
userauth_reply(Authctxt *authctxt, int authenticated) |
{ |
{ |
|
char *methods; |
/* XXX todo: check if multiple auth methods are needed */ |
/* XXX todo: check if multiple auth methods are needed */ |
if (authenticated == 1) { |
if (authenticated == 1) { |
/* turn off userauth */ |
/* turn off userauth */ |
|
|
/* now we can break out */ |
/* now we can break out */ |
authctxt->success = 1; |
authctxt->success = 1; |
} else if (authenticated == 0) { |
} else if (authenticated == 0) { |
char *methods = authmethods_get(); |
if (authctxt->failures++ >= AUTH_FAIL_MAX) |
|
packet_disconnect("too many failed userauth_requests"); |
|
methods = authmethods_get(); |
packet_start(SSH2_MSG_USERAUTH_FAILURE); |
packet_start(SSH2_MSG_USERAUTH_FAILURE); |
packet_put_cstring(methods); |
packet_put_cstring(methods); |
packet_put_char(0); /* XXX partial success, unused */ |
packet_put_char(0); /* XXX partial success, unused */ |