64 static char *get_method_name(Authctxt *authctxt);
75 get_method_name(Authctxt *authctxt)
77 	if (!authctxt)
81 		return (authctxt->v1_auth_name) ? authctxt->v1_auth_name :
84 	if (!authctxt->method || !authctxt->method->name)
87 	return authctxt->method->name;
153 new_start_pam(Authctxt *authctxt, struct pam_conv *conv)
162 	if (authctxt == NULL)
165 	if (compat20 && authctxt->method == NULL)
169 	svc = derive_pam_service_name(authctxt->method);
171 		get_method_name(authctxt));
173 	if (authctxt->user != NULL)
174 		user = authctxt->user;
177 	if (authctxt->pam != NULL) {
178 		fatal_remove_cleanup(&do_pam_cleanup_proc, authctxt->pam);
179 		do_pam_cleanup_proc(authctxt->pam);
197 	pam->authctxt = authctxt;
200 	authctxt->pam = pam;
210 			get_method_name(authctxt));
216 			  (void *) authctxt->pam);
222 			get_method_name(authctxt));
228 			get_method_name(authctxt));
231 	if (authctxt->cuser != NULL) 
232 		if ((retval = pam_set_item(pamh, PAM_AUSER, authctxt->cuser)) != PAM_SUCCESS) {
235 				get_method_name(authctxt));
238 	authctxt->pam->h = pamh;
251 finish_userauth_do_pam(Authctxt *authctxt)
257 	if (authctxt == NULL || authctxt->pam == NULL)
261 		if (authctxt->method == NULL || authctxt->method->name == NULL)
263 		method = authctxt->method->name;
264 	} else if ((method = authctxt->v1_auth_name) == NULL)
267 	if (AUTHPAM_DONE(authctxt))
270 	if (!(authctxt->pam->state & PAM_S_DONE_ACCT_MGMT)) {
271 		retval = pam_acct_mgmt(authctxt->pam->h, 0);
272 		authctxt->pam->last_pam_retval = retval;
279 		authctxt->pam->state |= PAM_S_DONE_ACCT_MGMT;
291 	retval = pam_get_item(authctxt->pam->h, PAM_USER, (void **) &user);
295 		      PAM_STRERROR(authctxt->pam->h, retval));
303 	if (strcmp(user, authctxt->user) != 0) {
305 		pwfree(&authctxt->pw);
306 		authctxt->pw = getpwnamallow(user);
307 		authctxt->valid = (authctxt->pw != NULL);
308 		xfree(authctxt->user);
309 		authctxt->user = xstrdup(user);
312 	if (!authctxt->valid) {
322 	if (authctxt->pw->pw_uid == 0 && !auth_root_allowed(method))
325 	if (!(authctxt->pam->state & PAM_S_DONE_SETCRED)) {
326 		retval = pam_setcred(authctxt->pam->h,
328 		authctxt->pam->last_pam_retval = retval;
331 		authctxt->pam->state |= PAM_S_DONE_SETCRED;
338 		ssh_gssapi_storecreds(NULL, authctxt);
347 	authctxt->last_login_time =
348 		get_last_login_time(authctxt->pw->pw_uid,
349 			authctxt->pw->pw_name,
350 			authctxt->last_login_host,
351 			sizeof(authctxt->last_login_host));
353 	if (!(authctxt->pam->state & PAM_S_DONE_OPEN_SESSION)) {
354 		retval = pam_open_session(authctxt->pam->h, 0);
355 		authctxt->pam->last_pam_retval = retval;
358 		authctxt->pam->state |= PAM_S_DONE_OPEN_SESSION;
439 	if (pam->authctxt != NULL && pam->authctxt->pam == pam) {
440 		pam->authctxt->pam_retval = pam->last_pam_retval;
441 		pam->authctxt->pam = NULL;
442 		pam->authctxt = NULL;
492 auth_pam_password(Authctxt *authctxt, const char *password)
497 	new_start_pam(authctxt, &conv);
499 	retval = pam_set_item(authctxt->pam->h, PAM_AUTHTOK, password);
501 		authctxt->pam->last_pam_retval = retval;
505 	retval = pam_authenticate(authctxt->pam->h,
510 		authctxt->pam->last_pam_retval = retval;
514 	if ((retval = finish_userauth_do_pam(authctxt)) != PAM_SUCCESS)
517 	if (authctxt->method)
518 		authctxt->method->authenticated = 1;	/* SSHv2 */
524 do_pam_non_initial_userauth(Authctxt *authctxt)
526 	new_start_pam(authctxt, NULL);
527 	return (finish_userauth_do_pam(authctxt) == PAM_SUCCESS);
531 void finish_pam(Authctxt *authctxt)
533 	fatal_remove_cleanup(&do_pam_cleanup_proc, authctxt->pam);
534 	do_pam_cleanup_proc(authctxt->pam);
559 fetch_pam_environment(Authctxt *authctxt)
564 	if (authctxt == NULL || authctxt->pam == NULL ||
565 	    authctxt->pam->h == NULL)
568 	penv = pam_getenvlist(authctxt->pam->h);

Indexes created Mon Jul 01 21:43:02 MDT 2024