auth1.c (301551) | auth1.c (302182) |
---|---|
1/* $OpenBSD: auth1.c,v 1.82 2014/07/15 15:54:14 millert Exp $ */ 2/* 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * 6 * As far as I am concerned, the code I have written for this software 7 * can be used freely for any purpose. Any derived versions of this 8 * software must be clearly marked as such, and if the derived work is --- 29 unchanged lines hidden (view full) --- 38#include "channels.h" 39#include "session.h" 40#include "uidswap.h" 41#ifdef GSSAPI 42#include "ssh-gss.h" 43#endif 44#include "monitor_wrap.h" 45#include "buffer.h" | 1/* $OpenBSD: auth1.c,v 1.82 2014/07/15 15:54:14 millert Exp $ */ 2/* 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * 6 * As far as I am concerned, the code I have written for this software 7 * can be used freely for any purpose. Any derived versions of this 8 * software must be clearly marked as such, and if the derived work is --- 29 unchanged lines hidden (view full) --- 38#include "channels.h" 39#include "session.h" 40#include "uidswap.h" 41#ifdef GSSAPI 42#include "ssh-gss.h" 43#endif 44#include "monitor_wrap.h" 45#include "buffer.h" |
46#ifdef USE_BLACKLIST 47#include "blacklist_client.h" 48#endif | |
49 50/* import */ 51extern ServerOptions options; 52extern Buffer loginmsg; 53 54static int auth1_process_password(Authctxt *); 55static int auth1_process_rsa(Authctxt *); 56static int auth1_process_rhosts_rsa(Authctxt *); --- 278 unchanged lines hidden (view full) --- 335#endif 336 337#ifdef USE_PAM 338 if (options.use_pam && authenticated && 339 !PRIVSEP(do_pam_account())) { 340 char *msg; 341 size_t len; 342 | 46 47/* import */ 48extern ServerOptions options; 49extern Buffer loginmsg; 50 51static int auth1_process_password(Authctxt *); 52static int auth1_process_rsa(Authctxt *); 53static int auth1_process_rhosts_rsa(Authctxt *); --- 278 unchanged lines hidden (view full) --- 332#endif 333 334#ifdef USE_PAM 335 if (options.use_pam && authenticated && 336 !PRIVSEP(do_pam_account())) { 337 char *msg; 338 size_t len; 339 |
343#ifdef USE_BLACKLIST 344 blacklist_notify(1); 345#endif | |
346 error("Access denied for user %s by PAM account " 347 "configuration", authctxt->user); 348 len = buffer_len(&loginmsg); 349 buffer_append(&loginmsg, "\0", 1); 350 msg = buffer_ptr(&loginmsg); 351 /* strip trailing newlines */ 352 if (len > 0) 353 while (len > 0 && msg[--len] == '\n') --- 51 unchanged lines hidden (view full) --- 405 authctxt->style = style; 406 407 /* Verify that the user is a valid user. */ 408 if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) 409 authctxt->valid = 1; 410 else { 411 debug("do_authentication: invalid user %s", user); 412 authctxt->pw = fakepw(); | 340 error("Access denied for user %s by PAM account " 341 "configuration", authctxt->user); 342 len = buffer_len(&loginmsg); 343 buffer_append(&loginmsg, "\0", 1); 344 msg = buffer_ptr(&loginmsg); 345 /* strip trailing newlines */ 346 if (len > 0) 347 while (len > 0 && msg[--len] == '\n') --- 51 unchanged lines hidden (view full) --- 399 authctxt->style = style; 400 401 /* Verify that the user is a valid user. */ 402 if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) 403 authctxt->valid = 1; 404 else { 405 debug("do_authentication: invalid user %s", user); 406 authctxt->pw = fakepw(); |
413#ifdef USE_BLACKLIST 414 blacklist_notify(1); 415#endif | |
416 } 417 418 /* Configuration may have changed as a result of Match */ 419 if (options.num_auth_methods != 0) 420 fatal("AuthenticationMethods is not supported with SSH " 421 "protocol 1"); 422 423 setproctitle("%s%s", authctxt->valid ? user : "unknown", --- 30 unchanged lines hidden --- | 407 } 408 409 /* Configuration may have changed as a result of Match */ 410 if (options.num_auth_methods != 0) 411 fatal("AuthenticationMethods is not supported with SSH " 412 "protocol 1"); 413 414 setproctitle("%s%s", authctxt->valid ? user : "unknown", --- 30 unchanged lines hidden --- |