auth2-passwd.c revision 146998
198675Sdes/* 298675Sdes * Copyright (c) 2000 Markus Friedl. All rights reserved. 398675Sdes * 498675Sdes * Redistribution and use in source and binary forms, with or without 598675Sdes * modification, are permitted provided that the following conditions 698675Sdes * are met: 798675Sdes * 1. Redistributions of source code must retain the above copyright 898675Sdes * notice, this list of conditions and the following disclaimer. 998675Sdes * 2. Redistributions in binary form must reproduce the above copyright 1098675Sdes * notice, this list of conditions and the following disclaimer in the 1198675Sdes * documentation and/or other materials provided with the distribution. 1298675Sdes * 1398675Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1498675Sdes * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 1598675Sdes * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 1698675Sdes * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 1798675Sdes * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 1898675Sdes * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 1998675Sdes * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2098675Sdes * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2198675Sdes * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2298675Sdes * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2398675Sdes */ 2498675Sdes 2598675Sdes#include "includes.h" 26126274SdesRCSID("$OpenBSD: auth2-passwd.c,v 1.5 2003/12/31 00:24:50 dtucker Exp $"); 2798675Sdes 2898675Sdes#include "xmalloc.h" 2998675Sdes#include "packet.h" 3098675Sdes#include "log.h" 3198675Sdes#include "auth.h" 3298675Sdes#include "monitor_wrap.h" 3398675Sdes#include "servconf.h" 3498675Sdes 3598675Sdes/* import */ 3698675Sdesextern ServerOptions options; 3798675Sdes 3898675Sdesstatic int 3998675Sdesuserauth_passwd(Authctxt *authctxt) 4098675Sdes{ 41126274Sdes char *password, *newpass; 4298675Sdes int authenticated = 0; 4398675Sdes int change; 44126274Sdes u_int len, newlen; 45126274Sdes 4698675Sdes change = packet_get_char(); 47126274Sdes password = packet_get_string(&len); 48126274Sdes if (change) { 49126274Sdes /* discard new password from packet */ 50126274Sdes newpass = packet_get_string(&newlen); 51126274Sdes memset(newpass, 0, newlen); 52126274Sdes xfree(newpass); 53126274Sdes } 54126274Sdes packet_check_eom(); 55126274Sdes 5698675Sdes if (change) 57124208Sdes logit("password change not supported"); 58146998Sdes else if (PRIVSEP(auth_password(authctxt, password)) == 1) 59146998Sdes authenticated = 1; 6098937Sdes#ifdef HAVE_CYGWIN 61146998Sdes if (check_nt_auth(1, authctxt->pw) == 0) 62146998Sdes authenticated = 0; 6398937Sdes#endif 6498675Sdes memset(password, 0, len); 6598675Sdes xfree(password); 6698675Sdes return authenticated; 6798675Sdes} 6898675Sdes 6998675SdesAuthmethod method_passwd = { 7098675Sdes "password", 7198675Sdes userauth_passwd, 7298675Sdes &options.password_authentication 7398675Sdes}; 74