version 1.11.4.1, 2002/06/02 22:56:10 |
version 1.12, 2002/06/04 19:42:35 |
|
|
|
|
passwd = buffer_get_string(m, &plen); |
passwd = buffer_get_string(m, &plen); |
/* Only authenticate if the context is valid */ |
/* Only authenticate if the context is valid */ |
authenticated = authctxt->valid && auth_password(authctxt, passwd); |
authenticated = options.password_authentication && |
|
authctxt->valid && auth_password(authctxt, passwd); |
memset(passwd, 0, strlen(passwd)); |
memset(passwd, 0, strlen(passwd)); |
xfree(passwd); |
xfree(passwd); |
|
|
|
|
fatal("%s: no bsd auth session", __FUNCTION__); |
fatal("%s: no bsd auth session", __FUNCTION__); |
|
|
response = buffer_get_string(m, NULL); |
response = buffer_get_string(m, NULL); |
authok = auth_userresponse(authctxt->as, response, 0); |
authok = options.challenge_response_authentication && |
|
auth_userresponse(authctxt->as, response, 0); |
authctxt->as = NULL; |
authctxt->as = NULL; |
debug3("%s: <%s> = <%d>", __FUNCTION__, response, authok); |
debug3("%s: <%s> = <%d>", __FUNCTION__, response, authok); |
xfree(response); |
xfree(response); |
|
|
|
|
response = buffer_get_string(m, NULL); |
response = buffer_get_string(m, NULL); |
|
|
authok = (authctxt->valid && |
authok = (options.challenge_response_authentication && |
|
authctxt->valid && |
skey_haskey(authctxt->pw->pw_name) == 0 && |
skey_haskey(authctxt->pw->pw_name) == 0 && |
skey_passcheck(authctxt->pw->pw_name, response) != -1); |
skey_passcheck(authctxt->pw->pw_name, response) != -1); |
|
|
|
|
if (key != NULL && authctxt->pw != NULL) { |
if (key != NULL && authctxt->pw != NULL) { |
switch(type) { |
switch(type) { |
case MM_USERKEY: |
case MM_USERKEY: |
allowed = user_key_allowed(authctxt->pw, key); |
allowed = options.pubkey_authentication && |
|
user_key_allowed(authctxt->pw, key); |
break; |
break; |
case MM_HOSTKEY: |
case MM_HOSTKEY: |
allowed = hostbased_key_allowed(authctxt->pw, |
allowed = options.hostbased_authentication && |
|
hostbased_key_allowed(authctxt->pw, |
cuser, chost, key); |
cuser, chost, key); |
break; |
break; |
case MM_RSAHOSTKEY: |
case MM_RSAHOSTKEY: |
key->type = KEY_RSA1; /* XXX */ |
key->type = KEY_RSA1; /* XXX */ |
allowed = auth_rhosts_rsa_key_allowed(authctxt->pw, |
allowed = options.rhosts_rsa_authentication && |
|
auth_rhosts_rsa_key_allowed(authctxt->pw, |
cuser, chost, key); |
cuser, chost, key); |
break; |
break; |
default: |
default: |
|
|
buffer_put_int(m, verified); |
buffer_put_int(m, verified); |
mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); |
mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); |
|
|
auth_method = "publickey"; |
auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased"; |
|
|
return (verified); |
return (verified); |
} |
} |
|
|
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __FUNCTION__); |
|
|
if (authctxt->valid) { |
if (options.rsa_authentication && authctxt->valid) { |
if ((client_n = BN_new()) == NULL) |
if ((client_n = BN_new()) == NULL) |
fatal("%s: BN_new", __FUNCTION__); |
fatal("%s: BN_new", __FUNCTION__); |
buffer_get_bignum2(m, client_n); |
buffer_get_bignum2(m, client_n); |