| auth1.c (92878) | auth1.c (93221) |
|---|---|
| 1/* 2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * All rights reserved 4 * 5 * As far as I am concerned, the code I have written for this software 6 * can be used freely for any purpose. Any derived versions of this 7 * software must be clearly marked as such, and if the derived work is 8 * incompatible with the protocol description in the RFC file, it must be 9 * called by a name other than "ssh" or "Secure Shell". 10 */ 11 12#include "includes.h" 13RCSID("$OpenBSD: auth1.c,v 1.35 2002/02/03 17:53:25 markus Exp $"); | 1/* 2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * All rights reserved 4 * 5 * As far as I am concerned, the code I have written for this software 6 * can be used freely for any purpose. Any derived versions of this 7 * software must be clearly marked as such, and if the derived work is 8 * incompatible with the protocol description in the RFC file, it must be 9 * called by a name other than "ssh" or "Secure Shell". 10 */ 11 12#include "includes.h" 13RCSID("$OpenBSD: auth1.c,v 1.35 2002/02/03 17:53:25 markus Exp $"); |
| 14RCSID("$FreeBSD: head/crypto/openssh/auth1.c 92878 2002-03-21 12:23:09Z des $"); | 14RCSID("$FreeBSD: head/crypto/openssh/auth1.c 93221 2002-03-26 12:52:28Z ru $"); |
| 15 16#include "xmalloc.h" 17#include "rsa.h" 18#include "ssh1.h" 19#include "packet.h" 20#include "buffer.h" 21#include "mpaux.h" 22#include "log.h" --- 60 unchanged lines hidden (view full) --- 83 struct passwd *pw = authctxt->pw; 84 void (*authlog) (const char *fmt,...) = verbose; 85#ifdef HAVE_LOGIN_CAP 86 login_cap_t *lc; 87#endif /* HAVE_LOGIN_CAP */ 88#ifdef USE_PAM 89 struct inverted_pam_cookie *pam_cookie; 90#endif /* USE_PAM */ | 15 16#include "xmalloc.h" 17#include "rsa.h" 18#include "ssh1.h" 19#include "packet.h" 20#include "buffer.h" 21#include "mpaux.h" 22#include "log.h" --- 60 unchanged lines hidden (view full) --- 83 struct passwd *pw = authctxt->pw; 84 void (*authlog) (const char *fmt,...) = verbose; 85#ifdef HAVE_LOGIN_CAP 86 login_cap_t *lc; 87#endif /* HAVE_LOGIN_CAP */ 88#ifdef USE_PAM 89 struct inverted_pam_cookie *pam_cookie; 90#endif /* USE_PAM */ |
| 91#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS) | 91#if defined(HAVE_LOGIN_CAP) |
| 92 const char *from_host, *from_ip; 93 94 from_host = get_canonical_hostname(options.verify_reverse_mapping); 95 from_ip = get_remote_ipaddr(); | 92 const char *from_host, *from_ip; 93 94 from_host = get_canonical_hostname(options.verify_reverse_mapping); 95 from_ip = get_remote_ipaddr(); |
| 96#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ | 96#endif /* HAVE_LOGIN_CAP */ |
| 97 98 debug("Attempting authentication for %s%.100s.", 99 authctxt->valid ? "" : "illegal user ", authctxt->user); 100 101 /* If the user has no password, accept authentication immediately. */ 102 if (options.password_authentication && 103#if defined(KRB4) || defined(KRB5) 104 (!options.kerberos_authentication || options.kerberos_or_local_passwd) && --- 259 unchanged lines hidden (view full) --- 364 log("LOGIN %.200s REFUSED (TIME) FROM %.200s", 365 pw->pw_name, from_host); 366 packet_disconnect("Logins not available right now."); 367 } 368 login_close(lc); 369 lc = NULL; 370 } 371#endif /* HAVE_LOGIN_CAP */ | 97 98 debug("Attempting authentication for %s%.100s.", 99 authctxt->valid ? "" : "illegal user ", authctxt->user); 100 101 /* If the user has no password, accept authentication immediately. */ 102 if (options.password_authentication && 103#if defined(KRB4) || defined(KRB5) 104 (!options.kerberos_authentication || options.kerberos_or_local_passwd) && --- 259 unchanged lines hidden (view full) --- 364 log("LOGIN %.200s REFUSED (TIME) FROM %.200s", 365 pw->pw_name, from_host); 366 packet_disconnect("Logins not available right now."); 367 } 368 login_close(lc); 369 lc = NULL; 370 } 371#endif /* HAVE_LOGIN_CAP */ |
| 372#ifdef LOGIN_ACCESS 373 if (pw != NULL && !login_access(pw->pw_name, from_host)) { 374 log("Denied connection for %.200s from %.200s [%.200s].", 375 pw->pw_name, from_host, from_ip); 376 packet_disconnect("Sorry, you are not allowed to connect."); 377 } 378#endif /* LOGIN_ACCESS */ | |
| 379#ifdef BSD_AUTH 380 if (authctxt->as) { 381 auth_close(authctxt->as); 382 authctxt->as = NULL; 383 } 384#endif 385 if (!authctxt->valid && authenticated) 386 fatal("INTERNAL ERROR: authenticated invalid user %s", --- 105 unchanged lines hidden --- | 372#ifdef BSD_AUTH 373 if (authctxt->as) { 374 auth_close(authctxt->as); 375 authctxt->as = NULL; 376 } 377#endif 378 if (!authctxt->valid && authenticated) 379 fatal("INTERNAL ERROR: authenticated invalid user %s", --- 105 unchanged lines hidden --- |