| auth2.c (92559) | auth2.c (93221) |
|---|---|
| 1/* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h" 26RCSID("$OpenBSD: auth2.c,v 1.85 2002/02/24 19:14:59 markus Exp $"); | 1/* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h" 26RCSID("$OpenBSD: auth2.c,v 1.85 2002/02/24 19:14:59 markus Exp $"); |
| 27RCSID("$FreeBSD: head/crypto/openssh/auth2.c 92559 2002-03-18 10:09:43Z des $"); | 27RCSID("$FreeBSD: head/crypto/openssh/auth2.c 93221 2002-03-26 12:52:28Z ru $"); |
| 28 29#include <openssl/evp.h> 30 31#include "ssh2.h" 32#include "xmalloc.h" 33#include "rsa.h" 34#include "sshpty.h" 35#include "packet.h" --- 133 unchanged lines hidden (view full) --- 169{ 170 Authctxt *authctxt = ctxt; 171 Authmethod *m = NULL; 172 char *user, *service, *method, *style = NULL; 173 int authenticated = 0; 174#ifdef HAVE_LOGIN_CAP 175 login_cap_t *lc; 176#endif /* HAVE_LOGIN_CAP */ | 28 29#include <openssl/evp.h> 30 31#include "ssh2.h" 32#include "xmalloc.h" 33#include "rsa.h" 34#include "sshpty.h" 35#include "packet.h" --- 133 unchanged lines hidden (view full) --- 169{ 170 Authctxt *authctxt = ctxt; 171 Authmethod *m = NULL; 172 char *user, *service, *method, *style = NULL; 173 int authenticated = 0; 174#ifdef HAVE_LOGIN_CAP 175 login_cap_t *lc; 176#endif /* HAVE_LOGIN_CAP */ |
| 177#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS) | 177#if defined(HAVE_LOGIN_CAP) |
| 178 const char *from_host, *from_ip; 179 180 from_host = get_canonical_hostname(options.verify_reverse_mapping); 181 from_ip = get_remote_ipaddr(); | 178 const char *from_host, *from_ip; 179 180 from_host = get_canonical_hostname(options.verify_reverse_mapping); 181 from_ip = get_remote_ipaddr(); |
| 182#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ | 182#endif /* HAVE_LOGIN_CAP */ |
| 183 184 if (authctxt == NULL) 185 fatal("input_userauth_request: no authctxt"); 186 187 user = packet_get_string(NULL); 188 service = packet_get_string(NULL); 189 method = packet_get_string(NULL); 190 debug("userauth-request for user %s service %s method %s", user, service, method); --- 42 unchanged lines hidden (view full) --- 233 log("LOGIN %.200s REFUSED (TIME) FROM %.200s", 234 authctxt->pw->pw_name, from_host); 235 packet_disconnect("Logins not available right now."); 236 } 237 login_close(lc); 238 lc = NULL; 239 } 240#endif /* HAVE_LOGIN_CAP */ | 183 184 if (authctxt == NULL) 185 fatal("input_userauth_request: no authctxt"); 186 187 user = packet_get_string(NULL); 188 service = packet_get_string(NULL); 189 method = packet_get_string(NULL); 190 debug("userauth-request for user %s service %s method %s", user, service, method); --- 42 unchanged lines hidden (view full) --- 233 log("LOGIN %.200s REFUSED (TIME) FROM %.200s", 234 authctxt->pw->pw_name, from_host); 235 packet_disconnect("Logins not available right now."); 236 } 237 login_close(lc); 238 lc = NULL; 239 } 240#endif /* HAVE_LOGIN_CAP */ |
| 241#ifdef LOGIN_ACCESS 242 if (authctxt->pw != NULL && 243 !login_access(authctxt->pw->pw_name, from_host)) { 244 log("Denied connection for %.200s from %.200s [%.200s].", 245 authctxt->pw->pw_name, from_host, from_ip); 246 packet_disconnect("Sorry, you are not allowed to connect."); 247 } 248#endif /* LOGIN_ACCESS */ | |
| 249 /* reset state */ 250 auth2_challenge_stop(authctxt); 251 authctxt->postponed = 0; 252 253 /* try to authenticate user */ 254 m = authmethod_lookup(method); 255 if (m != NULL) { 256 debug2("input_userauth_request: try method %s", method); --- 545 unchanged lines hidden --- | 241 /* reset state */ 242 auth2_challenge_stop(authctxt); 243 authctxt->postponed = 0; 244 245 /* try to authenticate user */ 246 m = authmethod_lookup(method); 247 if (m != NULL) { 248 debug2("input_userauth_request: try method %s", method); --- 545 unchanged lines hidden --- |