| version 1.96.2.2, 2004/03/04 18:18:15 |
version 1.97, 2003/04/08 20:21:28 |
|
|
| #include "pathnames.h" |
#include "pathnames.h" |
| #include "monitor_wrap.h" |
#include "monitor_wrap.h" |
| |
|
| #ifdef GSSAPI |
|
| #include "ssh-gss.h" |
|
| #endif |
|
| |
|
| /* import */ |
/* import */ |
| extern ServerOptions options; |
extern ServerOptions options; |
| extern u_char *session_id2; |
extern u_char *session_id2; |
| extern u_int session_id2_len; |
extern int session_id2_len; |
| |
|
| |
Authctxt *x_authctxt = NULL; |
| |
|
| /* methods */ |
/* methods */ |
| |
|
| extern Authmethod method_none; |
extern Authmethod method_none; |
|
|
| extern Authmethod method_passwd; |
extern Authmethod method_passwd; |
| extern Authmethod method_kbdint; |
extern Authmethod method_kbdint; |
| extern Authmethod method_hostbased; |
extern Authmethod method_hostbased; |
| #ifdef GSSAPI |
|
| extern Authmethod method_gssapi; |
|
| #endif |
|
| |
|
| Authmethod *authmethods[] = { |
Authmethod *authmethods[] = { |
| &method_none, |
&method_none, |
| &method_pubkey, |
&method_pubkey, |
| #ifdef GSSAPI |
|
| &method_gssapi, |
|
| #endif |
|
| &method_passwd, |
&method_passwd, |
| &method_kbdint, |
&method_kbdint, |
| &method_hostbased, |
&method_hostbased, |
|
|
| static Authmethod *authmethod_lookup(const char *); |
static Authmethod *authmethod_lookup(const char *); |
| static char *authmethods_get(void); |
static char *authmethods_get(void); |
| int user_key_allowed(struct passwd *, Key *); |
int user_key_allowed(struct passwd *, Key *); |
| |
int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); |
| |
|
| /* |
/* |
| * loop until authctxt->success == TRUE |
* loop until authctxt->success == TRUE |
| */ |
*/ |
| |
|
| void |
Authctxt * |
| do_authentication2(Authctxt *authctxt) |
do_authentication2(void) |
| { |
{ |
| |
Authctxt *authctxt = authctxt_new(); |
| |
|
| |
x_authctxt = authctxt; /*XXX*/ |
| |
|
| /* challenge-response is implemented via keyboard interactive */ |
/* challenge-response is implemented via keyboard interactive */ |
| if (options.challenge_response_authentication) |
if (options.challenge_response_authentication) |
| options.kbd_interactive_authentication = 1; |
options.kbd_interactive_authentication = 1; |
|
|
| dispatch_init(&dispatch_protocol_error); |
dispatch_init(&dispatch_protocol_error); |
| dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); |
dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); |
| dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); |
dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); |
| |
|
| |
return (authctxt); |
| } |
} |
| |
|
| static void |
static void |
|
|
| debug2("input_userauth_request: setting up authctxt for %s", user); |
debug2("input_userauth_request: setting up authctxt for %s", user); |
| } else { |
} else { |
| logit("input_userauth_request: illegal user %s", user); |
logit("input_userauth_request: illegal user %s", user); |
| authctxt->pw = fakepw(); |
|
| } |
} |
| setproctitle("%s%s", authctxt->pw ? user : "unknown", |
setproctitle("%s%s", authctxt->pw ? user : "unknown", |
| use_privsep ? " [net]" : ""); |
use_privsep ? " [net]" : ""); |
|
|
| } |
} |
| /* reset state */ |
/* reset state */ |
| auth2_challenge_stop(authctxt); |
auth2_challenge_stop(authctxt); |
| |
|
| #ifdef GSSAPI |
|
| dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); |
|
| dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); |
|
| #endif |
|
| |
|
| authctxt->postponed = 0; |
authctxt->postponed = 0; |
| |
|
| /* try to authenticate user */ |
/* try to authenticate user */ |
|
|
| packet_write_wait(); |
packet_write_wait(); |
| xfree(methods); |
xfree(methods); |
| } |
} |
| |
} |
| |
|
| |
/* get current user */ |
| |
|
| |
struct passwd* |
| |
auth_get_user(void) |
| |
{ |
| |
return (x_authctxt != NULL && x_authctxt->valid) ? x_authctxt->pw : NULL; |
| } |
} |
| |
|
| #define DELIM "," |
#define DELIM "," |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth2.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh