| version 1.5, 2000/05/01 23:13:39 |
version 1.6, 2000/05/05 18:50:57 |
|
|
| get_canonical_hostname()); |
get_canonical_hostname()); |
| } |
} |
| |
|
| /* XXX todo: check if multiple auth methods are needed */ |
/* Raise logging level */ |
| |
if (authenticated == 1 || |
| |
attempt == AUTH_FAIL_LOG || |
| |
strcmp(method, "password") == 0) |
| |
authlog = log; |
| |
|
| |
/* Log before sending the reply */ |
| if (authenticated == 1) { |
if (authenticated == 1) { |
| authmsg = "Accepted"; |
authmsg = "Accepted"; |
| |
} else if (authenticated == 0) { |
| |
authmsg = "Failed"; |
| |
} else { |
| |
authmsg = "Postponed"; |
| |
} |
| |
authlog("%s %s for %.200s from %.200s port %d ssh2", |
| |
authmsg, |
| |
method, |
| |
pw && pw->pw_uid == 0 ? "ROOT" : user, |
| |
get_remote_ipaddr(), |
| |
get_remote_port()); |
| |
|
| |
/* XXX todo: check if multiple auth methods are needed */ |
| |
if (authenticated == 1) { |
| /* turn off userauth */ |
/* turn off userauth */ |
| dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error); |
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error); |
| packet_start(SSH2_MSG_USERAUTH_SUCCESS); |
packet_start(SSH2_MSG_USERAUTH_SUCCESS); |
|
|
| /* now we can break out */ |
/* now we can break out */ |
| userauth_success = 1; |
userauth_success = 1; |
| } else if (authenticated == 0) { |
} else if (authenticated == 0) { |
| authmsg = "Failed"; |
|
| packet_start(SSH2_MSG_USERAUTH_FAILURE); |
packet_start(SSH2_MSG_USERAUTH_FAILURE); |
| packet_put_cstring("publickey,password"); /* XXX dynamic */ |
packet_put_cstring("publickey,password"); /* XXX dynamic */ |
| packet_put_char(0); /* XXX partial success, unused */ |
packet_put_char(0); /* XXX partial success, unused */ |
| packet_send(); |
packet_send(); |
| packet_write_wait(); |
packet_write_wait(); |
| } else { |
|
| authmsg = "Postponed"; |
|
| } |
} |
| /* Raise logging level */ |
|
| if (authenticated == 1|| |
|
| attempt == AUTH_FAIL_LOG || |
|
| strcmp(method, "password") == 0) |
|
| authlog = log; |
|
| |
|
| authlog("%s %s for %.200s from %.200s port %d ssh2", |
|
| authmsg, |
|
| method, |
|
| pw && pw->pw_uid == 0 ? "ROOT" : user, |
|
| get_remote_ipaddr(), |
|
| get_remote_port()); |
|
| |
|
| xfree(service); |
xfree(service); |
| xfree(user); |
xfree(user); |
| xfree(method); |
xfree(method); |
|
|
| debug("test key..."); |
debug("test key..."); |
| /* test whether pkalg/pkblob are acceptable */ |
/* test whether pkalg/pkblob are acceptable */ |
| /* XXX fake reply and always send PK_OK ? */ |
/* XXX fake reply and always send PK_OK ? */ |
| |
/* |
| |
* XXX this allows testing whether a user is allowed |
| |
* to login: if you happen to have a valid pubkey this |
| |
* message is sent. the message is NEVER sent at all |
| |
* if a user is not allowed to login. is this an |
| |
* issue? -markus |
| |
*/ |
| if (user_dsa_key_allowed(pw, key)) { |
if (user_dsa_key_allowed(pw, key)) { |
| packet_start(SSH2_MSG_USERAUTH_PK_OK); |
packet_start(SSH2_MSG_USERAUTH_PK_OK); |
| packet_put_string(pkalg, alen); |
packet_put_string(pkalg, alen); |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth2.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh