version 1.16, 2009/09/01 09:11:05 |
version 1.17, 2009/09/02 16:38:35 |
|
|
|
|
#include <sys/types.h> |
#include <sys/types.h> |
|
|
|
#include <login_cap.h> |
|
#include <pwd.h> |
#include <string.h> |
#include <string.h> |
#include <time.h> |
#include <time.h> |
#include <unistd.h> |
#include <unistd.h> |
|
|
void |
void |
server_lock(void) |
server_lock(void) |
{ |
{ |
struct client *c; |
struct client *c; |
u_int i; |
static struct passwd *pw, pwstore; |
|
static char pwbuf[_PW_BUF_LEN]; |
|
u_int i; |
|
|
if (server_locked) |
if (server_locked) |
return; |
return; |
|
|
|
if (getpwuid_r(getuid(), &pwstore, pwbuf, sizeof pwbuf, &pw) != 0) { |
|
server_locked_pw = NULL; |
|
return; |
|
} |
|
server_locked_pw = pw; |
|
|
for (i = 0; i < ARRAY_LENGTH(&clients); i++) { |
for (i = 0; i < ARRAY_LENGTH(&clients); i++) { |
c = ARRAY_ITEM(&clients, i); |
c = ARRAY_ITEM(&clients, i); |
if (c == NULL || c->session == NULL) |
if (c == NULL || c->session == NULL) |
|
|
"Password:", server_lock_callback, NULL, c, PROMPT_HIDDEN); |
"Password:", server_lock_callback, NULL, c, PROMPT_HIDDEN); |
server_redraw_client(c); |
server_redraw_client(c); |
} |
} |
|
|
server_locked = 1; |
server_locked = 1; |
} |
} |
|
|
|
|
server_unlock(const char *s) |
server_unlock(const char *s) |
{ |
{ |
struct client *c; |
struct client *c; |
|
login_cap_t *lc; |
u_int i; |
u_int i; |
char *out; |
char *out; |
|
u_int failures, tries, backoff; |
|
|
if (!server_locked) |
if (!server_locked || server_locked_pw == NULL) |
return (0); |
return (0); |
server_activity = time(NULL); |
server_activity = time(NULL); |
|
if (server_activity < password_backoff) |
|
return (-2); |
|
|
if (server_password != NULL) { |
if (server_password != NULL) { |
if (s == NULL) |
if (s == NULL) |
|
|
|
|
server_locked = 0; |
server_locked = 0; |
password_failures = 0; |
password_failures = 0; |
|
password_backoff = 0; |
return (0); |
return (0); |
|
|
wrong: |
wrong: |
|
password_backoff = server_activity; |
password_failures++; |
password_failures++; |
|
|
for (i = 0; i < ARRAY_LENGTH(&clients); i++) { |
for (i = 0; i < ARRAY_LENGTH(&clients); i++) { |
c = ARRAY_ITEM(&clients, i); |
c = ARRAY_ITEM(&clients, i); |
if (c == NULL || c->prompt_buffer == NULL) |
if (c == NULL || c->prompt_buffer == NULL) |
|
|
server_redraw_client(c); |
server_redraw_client(c); |
} |
} |
|
|
|
/* |
|
* Start slowing down after "login-backoff" attempts and reset every |
|
* "login-tries" attempts. |
|
*/ |
|
lc = login_getclass(server_locked_pw->pw_class); |
|
if (lc != NULL) { |
|
tries = login_getcapnum(lc, (char *) "login-tries", 10, 10); |
|
backoff = login_getcapnum(lc, (char *) "login-backoff", 3, 3); |
|
} else { |
|
tries = 10; |
|
backoff = 3; |
|
} |
|
failures = password_failures % tries; |
|
if (failures > backoff) { |
|
password_backoff += ((failures - backoff) * tries / 2); |
|
return (-2); |
|
} |
return (-1); |
return (-1); |
} |
} |
|
|