- OpenBSD CVS Sync

- markus@cvs.openbsd.org 2001/03/28 22:43:31 [auth.h auth2.c auth2-chall.c] check auth_root_allowed for kbd-int auth, too.
author: Damien Miller <djm@mindrot.org> 2001-03-30 10:48:31 +1000
committer: Damien Miller <djm@mindrot.org> 2001-03-30 10:48:31 +1000
commit: 5d57e5073034b41c11366153f3853143c9ce07c0 (patch)
tree: 689156a83c58623993d7047c485983901f9c1abe
parent: 23e526e27199f3ae079ee302581221b49d3e6772 (diff)
4 files changed, 23 insertions, 14 deletions
diff --git a/ChangeLog b/ChangeLog
index c7266684e..5260b890f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,9 @@
   - provos@cvs.openbsd.org 2001/03/28 22:04:57
     [dh.c]
     more sanity checking on primes file
+   - markus@cvs.openbsd.org 2001/03/28 22:43:31
+     [auth.h auth2.c auth2-chall.c]
+     check auth_root_allowed for kbd-int auth, too.
 20010329
 - OpenBSD CVS Sync
@@ -4777,4 +4780,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.1037 2001/03/30 00:47:43 djm Exp $
+$Id: ChangeLog,v 1.1038 2001/03/30 00:48:31 djm Exp $
diff --git a/auth.h b/auth.h
index 960f1ac3b..50375226a 100644
--- a/auth.h
+++ b/auth.h
@@ -21,7 +21,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- * $OpenBSD: auth.h,v 1.13 2001/03/20 18:57:04 markus Exp $
+ * $OpenBSD: auth.h,v 1.14 2001/03/28 22:43:31 markus Exp $
 */
 #ifndef AUTH_H
 #define AUTH_H
@@ -121,7 +121,7 @@ void	do_authentication2(void);
 Authctxt *authctxt_new(void);
 void    auth_log(Authctxt *authctxt, int authenticated, char *method, char *info);
-void    userauth_reply(Authctxt *authctxt, int authenticated);
+void    userauth_finish(Authctxt *authctxt, int authenticated, char *method);
 int     auth_root_allowed(char *method);
 int     auth2_challenge(Authctxt *authctxt, char *devs);
diff --git a/auth2-chall.c b/auth2-chall.c
index 2b96f52a5..5af60e42f 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -22,7 +22,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.3 2001/03/02 18:54:31 deraadt Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.4 2001/03/28 22:43:31 markus Exp $");
 #include "ssh2.h"
 #include "auth.h"
@@ -104,10 +104,9 @@ input_userauth_info_response(int type, int plen, void *ctxt)
                }
                xfree(response);
        }
-        auth_log(authctxt, authenticated, method, " ssh2");
+        /* unregister callback */
-        if (!authctxt->postponed) {
+        if (!authctxt->postponed)
-                /* unregister callback and send reply */
                dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
-                userauth_reply(authctxt, authenticated);
-        }
+        userauth_finish(authctxt, authenticated, method);
 }
diff --git a/auth2.c b/auth2.c
index 2042d1bb7..3e99c5ba2 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.49 2001/03/28 22:43:31 markus Exp $");
 #include <openssl/evp.h>
@@ -81,6 +81,7 @@ char	*authmethods_get(void);
 /* auth */
 void    userauth_banner(void);
+void    userauth_reply(Authctxt *authctxt, int authenticated);
 int     userauth_none(Authctxt *authctxt);
 int     userauth_passwd(Authctxt *authctxt);
 int     userauth_pubkey(Authctxt *authctxt);
@@ -231,6 +232,16 @@ input_userauth_request(int type, int plen, void *ctxt)
                debug2("input_userauth_request: try method %s", method);
                authenticated = m->userauth(authctxt);
        }
+        userauth_finish(authctxt, authenticated, method);
+        xfree(service);
+        xfree(user);
+        xfree(method);
+}
+void
+userauth_finish(Authctxt *authctxt, int authenticated, char *method)
+{
        if (!authctxt->valid && authenticated)
                fatal("INTERNAL ERROR: authenticated invalid user %s",
                    authctxt->user);
@@ -251,10 +262,6 @@ input_userauth_request(int type, int plen, void *ctxt)
        if (!authctxt->postponed)
                userauth_reply(authctxt, authenticated);
-        xfree(service);
-        xfree(user);
-        xfree(method);
 }
 void
author	Damien Miller <djm@mindrot.org>	2001-03-30 10:48:31 +1000
committer	Damien Miller <djm@mindrot.org>	2001-03-30 10:48:31 +1000
commit	5d57e5073034b41c11366153f3853143c9ce07c0 (patch)
tree	689156a83c58623993d7047c485983901f9c1abe
parent	23e526e27199f3ae079ee302581221b49d3e6772 (diff)

diff --git a/ChangeLog b/ChangeLog index c7266684e..5260b890f 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -7,6 +7,9 @@
7	- provos@cvs.openbsd.org 2001/03/28 22:04:57	7	- provos@cvs.openbsd.org 2001/03/28 22:04:57
8	[dh.c]	8	[dh.c]
9	more sanity checking on primes file	9	more sanity checking on primes file
		10	- markus@cvs.openbsd.org 2001/03/28 22:43:31
		11	[auth.h auth2.c auth2-chall.c]
		12	check auth_root_allowed for kbd-int auth, too.
10		13
11	20010329	14	20010329
12	- OpenBSD CVS Sync	15	- OpenBSD CVS Sync
@@ -4777,4 +4780,4 @@
4777	- Wrote replacements for strlcpy and mkdtemp	4780	- Wrote replacements for strlcpy and mkdtemp
4778	- Released 1.0pre1	4781	- Released 1.0pre1
4779		4782
4780	$Id: ChangeLog,v 1.1037 2001/03/30 00:47:43 djm Exp $	4783	$Id: ChangeLog,v 1.1038 2001/03/30 00:48:31 djm Exp $


diff --git a/auth.h b/auth.h index 960f1ac3b..50375226a 100644 --- a/auth.h +++ b/auth.h
@@ -21,7 +21,7 @@
21	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	21	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	22	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23	*	23	*
24	* $OpenBSD: auth.h,v 1.13 2001/03/20 18:57:04 markus Exp $	24	* $OpenBSD: auth.h,v 1.14 2001/03/28 22:43:31 markus Exp $
25	*/	25	*/
26	#ifndef AUTH_H	26	#ifndef AUTH_H
27	#define AUTH_H	27	#define AUTH_H
@@ -121,7 +121,7 @@ void do_authentication2(void);
121		121
122	Authctxt *authctxt_new(void);	122	Authctxt *authctxt_new(void);
123	void auth_log(Authctxt authctxt, int authenticated, char method, char *info);	123	void auth_log(Authctxt authctxt, int authenticated, char method, char *info);
124	void userauth_reply(Authctxt *authctxt, int authenticated);	124	void userauth_finish(Authctxt authctxt, int authenticated, char method);
125	int auth_root_allowed(char *method);	125	int auth_root_allowed(char *method);
126		126
127	int auth2_challenge(Authctxt authctxt, char devs);	127	int auth2_challenge(Authctxt authctxt, char devs);


diff --git a/auth2-chall.c b/auth2-chall.c index 2b96f52a5..5af60e42f 100644 --- a/auth2-chall.c +++ b/auth2-chall.c
@@ -22,7 +22,7 @@
22	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	22	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23	*/	23	*/
24	#include "includes.h"	24	#include "includes.h"
25	RCSID("$OpenBSD: auth2-chall.c,v 1.3 2001/03/02 18:54:31 deraadt Exp $");	25	RCSID("$OpenBSD: auth2-chall.c,v 1.4 2001/03/28 22:43:31 markus Exp $");
26		26
27	#include "ssh2.h"	27	#include "ssh2.h"
28	#include "auth.h"	28	#include "auth.h"
@@ -104,10 +104,9 @@ input_userauth_info_response(int type, int plen, void *ctxt)
104	}	104	}
105	xfree(response);	105	xfree(response);
106	}	106	}
107	auth_log(authctxt, authenticated, method, " ssh2");	107	/* unregister callback */
108	if (!authctxt->postponed) {	108	if (!authctxt->postponed)
109	/* unregister callback and send reply */
110	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);	109	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
111	userauth_reply(authctxt, authenticated);	110
112	}	111	userauth_finish(authctxt, authenticated, method);
113	}	112	}


diff --git a/auth2.c b/auth2.c index 2042d1bb7..3e99c5ba2 100644 --- a/auth2.c +++ b/auth2.c
@@ -23,7 +23,7 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $");	26	RCSID("$OpenBSD: auth2.c,v 1.49 2001/03/28 22:43:31 markus Exp $");
27		27
28	#include <openssl/evp.h>	28	#include <openssl/evp.h>
29		29
@@ -81,6 +81,7 @@ char *authmethods_get(void);
81		81
82	/* auth */	82	/* auth */
83	void userauth_banner(void);	83	void userauth_banner(void);
		84	void userauth_reply(Authctxt *authctxt, int authenticated);
84	int userauth_none(Authctxt *authctxt);	85	int userauth_none(Authctxt *authctxt);
85	int userauth_passwd(Authctxt *authctxt);	86	int userauth_passwd(Authctxt *authctxt);
86	int userauth_pubkey(Authctxt *authctxt);	87	int userauth_pubkey(Authctxt *authctxt);
@@ -231,6 +232,16 @@ input_userauth_request(int type, int plen, void *ctxt)
231	debug2("input_userauth_request: try method %s", method);	232	debug2("input_userauth_request: try method %s", method);
232	authenticated = m->userauth(authctxt);	233	authenticated = m->userauth(authctxt);
233	}	234	}
		235	userauth_finish(authctxt, authenticated, method);
		236
		237	xfree(service);
		238	xfree(user);
		239	xfree(method);
		240	}
		241
		242	void
		243	userauth_finish(Authctxt authctxt, int authenticated, char method)
		244	{
234	if (!authctxt->valid && authenticated)	245	if (!authctxt->valid && authenticated)
235	fatal("INTERNAL ERROR: authenticated invalid user %s",	246	fatal("INTERNAL ERROR: authenticated invalid user %s",
236	authctxt->user);	247	authctxt->user);
@@ -251,10 +262,6 @@ input_userauth_request(int type, int plen, void *ctxt)
251		262
252	if (!authctxt->postponed)	263	if (!authctxt->postponed)
253	userauth_reply(authctxt, authenticated);	264	userauth_reply(authctxt, authenticated);
254
255	xfree(service);
256	xfree(user);
257	xfree(method);
258	}	265	}
259		266
260	void	267	void