| version 1.8, 2000/05/08 17:42:24 |
version 1.9, 2000/06/18 01:09:10 |
|
|
| /* auth */ |
/* auth */ |
| int ssh2_auth_none(struct passwd *pw); |
int ssh2_auth_none(struct passwd *pw); |
| int ssh2_auth_password(struct passwd *pw); |
int ssh2_auth_password(struct passwd *pw); |
| int ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen); |
int ssh2_auth_pubkey(struct passwd *pw, char *service); |
| |
|
| /* helper */ |
/* helper */ |
| struct passwd* auth_set_user(char *u, char *s); |
struct passwd* auth_set_user(char *u, char *s); |
|
|
| { |
{ |
| static void (*authlog) (const char *fmt,...) = verbose; |
static void (*authlog) (const char *fmt,...) = verbose; |
| static int attempt = 0; |
static int attempt = 0; |
| unsigned int len, rlen; |
unsigned int len; |
| int authenticated = 0; |
int authenticated = 0; |
| char *raw, *user, *service, *method, *authmsg = NULL; |
char *user, *service, *method, *authmsg = NULL; |
| struct passwd *pw; |
struct passwd *pw; |
| |
|
| if (++attempt == AUTH_FAIL_MAX) |
if (++attempt == AUTH_FAIL_MAX) |
| packet_disconnect("too many failed userauth_requests"); |
packet_disconnect("too many failed userauth_requests"); |
| |
|
| raw = packet_get_raw(&rlen); |
|
| if (plen != rlen) |
|
| fatal("plen != rlen"); |
|
| user = packet_get_string(&len); |
user = packet_get_string(&len); |
| service = packet_get_string(&len); |
service = packet_get_string(&len); |
| method = packet_get_string(&len); |
method = packet_get_string(&len); |
|
|
| } else if (strcmp(method, "password") == 0) { |
} else if (strcmp(method, "password") == 0) { |
| authenticated = ssh2_auth_password(pw); |
authenticated = ssh2_auth_password(pw); |
| } else if (strcmp(method, "publickey") == 0) { |
} else if (strcmp(method, "publickey") == 0) { |
| authenticated = ssh2_auth_pubkey(pw, raw, rlen); |
authenticated = ssh2_auth_pubkey(pw, service); |
| } |
} |
| } |
} |
| if (authenticated && pw && pw->pw_uid == 0 && !options.permit_root_login) { |
if (authenticated && pw && pw->pw_uid == 0 && !options.permit_root_login) { |
|
|
| return authenticated; |
return authenticated; |
| } |
} |
| int |
int |
| ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen) |
ssh2_auth_pubkey(struct passwd *pw, char *service) |
| { |
{ |
| Buffer b; |
Buffer b; |
| Key *key; |
Key *key; |
|
|
| debug("pubkey auth disabled"); |
debug("pubkey auth disabled"); |
| return 0; |
return 0; |
| } |
} |
| if (datafellows & SSH_BUG_PUBKEYAUTH) { |
|
| log("bug compatibility with ssh-2.0.13 pubkey not implemented"); |
|
| return 0; |
|
| } |
|
| have_sig = packet_get_char(); |
have_sig = packet_get_char(); |
| pkalg = packet_get_string(&alen); |
pkalg = packet_get_string(&alen); |
| if (strcmp(pkalg, KEX_DSS) != 0) { |
if (strcmp(pkalg, KEX_DSS) != 0) { |
|
|
| packet_done(); |
packet_done(); |
| buffer_init(&b); |
buffer_init(&b); |
| buffer_append(&b, session_id2, session_id2_len); |
buffer_append(&b, session_id2, session_id2_len); |
| |
|
| |
/* reconstruct packet */ |
| buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
| if (slen + 4 > rlen) |
buffer_put_cstring(&b, pw->pw_name); |
| fatal("bad rlen/slen"); |
buffer_put_cstring(&b, |
| buffer_append(&b, raw, rlen - slen - 4); |
datafellows & SSH_BUG_PUBKEYAUTH ? |
| |
"ssh-userauth" : |
| |
service); |
| |
buffer_put_cstring(&b, "publickey"); |
| |
buffer_put_char(&b, have_sig); |
| |
buffer_put_cstring(&b, KEX_DSS); |
| |
buffer_put_string(&b, pkblob, blen); |
| #ifdef DEBUG_DSS |
#ifdef DEBUG_DSS |
| buffer_dump(&b); |
buffer_dump(&b); |
| #endif |
#endif |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth2.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh