diff options
| author | Damien Miller <djm@mindrot.org> | 2003-09-03 07:32:45 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2003-09-03 07:32:45 +1000 |
| commit | 856f0be66908352828bb595f7ad5213623c0c610 (patch) | |
| tree | 607c8df162abc4a5aa61cbaad86f9a4aaf71718a /auth-passwd.c | |
| parent | 39638b6aebf5ca69ba75c79c0cc0572e1f396258 (diff) | |
- markus@cvs.openbsd.org 2003/08/26 09:58:43
[auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
[auth2.c monitor.c]
fix passwd auth for 'username leaks via timing'; with djm@, original
patches from solar
Diffstat (limited to 'auth-passwd.c')
| -rw-r--r-- | auth-passwd.c | 44 |
1 files changed, 22 insertions, 22 deletions
diff --git a/auth-passwd.c b/auth-passwd.c index a5d23b6bf..57a2d3620 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
| @@ -36,7 +36,7 @@ | |||
| 36 | */ | 36 | */ |
| 37 | 37 | ||
| 38 | #include "includes.h" | 38 | #include "includes.h" |
| 39 | RCSID("$OpenBSD: auth-passwd.c,v 1.28 2003/07/22 13:35:22 markus Exp $"); | 39 | RCSID("$OpenBSD: auth-passwd.c,v 1.29 2003/08/26 09:58:43 markus Exp $"); |
| 40 | 40 | ||
| 41 | #include "packet.h" | 41 | #include "packet.h" |
| 42 | #include "log.h" | 42 | #include "log.h" |
| @@ -62,25 +62,22 @@ auth_password(Authctxt *authctxt, const char *password) | |||
| 62 | 62 | ||
| 63 | /* deny if no user. */ | 63 | /* deny if no user. */ |
| 64 | if (pw == NULL) | 64 | if (pw == NULL) |
| 65 | ok = 0; | 65 | return 0; |
| 66 | #ifndef HAVE_CYGWIN | 66 | #ifndef HAVE_CYGWIN |
| 67 | if (pw && pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) | 67 | if (pw && pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) |
| 68 | ok = 0; | 68 | ok = 0; |
| 69 | #endif | 69 | #endif |
| 70 | if (*password == '\0' && options.permit_empty_passwd == 0) | 70 | if (*password == '\0' && options.permit_empty_passwd == 0) |
| 71 | ok = 0; | ||
| 72 | |||
| 73 | if (!ok) | ||
| 74 | return 0; | 71 | return 0; |
| 75 | 72 | ||
| 76 | #if defined(HAVE_OSF_SIA) | 73 | #if defined(HAVE_OSF_SIA) |
| 77 | return auth_sia_password(authctxt, password); | 74 | return auth_sia_password(authctxt, password) && ok; |
| 78 | #else | 75 | #else |
| 79 | # ifdef KRB5 | 76 | # ifdef KRB5 |
| 80 | if (options.kerberos_authentication == 1) { | 77 | if (options.kerberos_authentication == 1) { |
| 81 | int ret = auth_krb5_password(authctxt, password); | 78 | int ret = auth_krb5_password(authctxt, password); |
| 82 | if (ret == 1 || ret == 0) | 79 | if (ret == 1 || ret == 0) |
| 83 | return ret; | 80 | return ret && ok; |
| 84 | /* Fall back to ordinary passwd authentication. */ | 81 | /* Fall back to ordinary passwd authentication. */ |
| 85 | } | 82 | } |
| 86 | # endif | 83 | # endif |
| @@ -89,30 +86,32 @@ auth_password(Authctxt *authctxt, const char *password) | |||
| 89 | HANDLE hToken = cygwin_logon_user(pw, password); | 86 | HANDLE hToken = cygwin_logon_user(pw, password); |
| 90 | 87 | ||
| 91 | if (hToken == INVALID_HANDLE_VALUE) | 88 | if (hToken == INVALID_HANDLE_VALUE) |
| 92 | return (0); | 89 | return 0; |
| 93 | cygwin_set_impersonation_token(hToken); | 90 | cygwin_set_impersonation_token(hToken); |
| 94 | return (1); | 91 | return ok; |
| 95 | } | 92 | } |
| 96 | # endif | 93 | # endif |
| 97 | # ifdef WITH_AIXAUTHENTICATE | 94 | # ifdef WITH_AIXAUTHENTICATE |
| 98 | { | 95 | { |
| 99 | char *authmsg; | 96 | char *authmsg = NULL; |
| 100 | int reenter = 1; | 97 | int reenter = 1; |
| 101 | int authsuccess = (authenticate(pw->pw_name, password, | 98 | int authsuccess = 0; |
| 102 | &reenter, &authmsg) == 0); | ||
| 103 | aix_remove_embedded_newlines(authmsg); | ||
| 104 | 99 | ||
| 105 | if (authsuccess) { | 100 | if (authenticate(pw->pw_name, password, &reenter, |
| 101 | &authmsg) == 0 && ok) { | ||
| 106 | char *msg; | 102 | char *msg; |
| 107 | char *host = | 103 | char *host = |
| 108 | (char *)get_canonical_hostname(options.use_dns); | 104 | (char *)get_canonical_hostname(options.use_dns); |
| 109 | 105 | ||
| 106 | authsuccess = 1; | ||
| 107 | aix_remove_embedded_newlines(authmsg); | ||
| 108 | |||
| 110 | debug3("AIX/authenticate succeeded for user %s: %.100s", | 109 | debug3("AIX/authenticate succeeded for user %s: %.100s", |
| 111 | pw->pw_name, authmsg); | 110 | pw->pw_name, authmsg); |
| 112 | 111 | ||
| 113 | /* No pty yet, so just label the line as "ssh" */ | 112 | /* No pty yet, so just label the line as "ssh" */ |
| 114 | if (loginsuccess(authctxt->user, host, "ssh", | 113 | if (loginsuccess(authctxt->user, host, "ssh", |
| 115 | &msg) == 0){ | 114 | &msg) == 0) { |
| 116 | if (msg != NULL) { | 115 | if (msg != NULL) { |
| 117 | debug("%s: msg %s", __func__, msg); | 116 | debug("%s: msg %s", __func__, msg); |
| 118 | buffer_append(&loginmsg, msg, | 117 | buffer_append(&loginmsg, msg, |
| @@ -120,14 +119,15 @@ auth_password(Authctxt *authctxt, const char *password) | |||
| 120 | xfree(msg); | 119 | xfree(msg); |
| 121 | } | 120 | } |
| 122 | } | 121 | } |
| 123 | } else | 122 | } else { |
| 124 | debug3("AIX/authenticate failed for user %s: %.100s", | 123 | debug3("AIX/authenticate failed for user %s: %.100s", |
| 125 | pw->pw_name, authmsg); | 124 | pw->pw_name, authmsg); |
| 125 | } | ||
| 126 | 126 | ||
| 127 | if (authmsg != NULL) | 127 | if (authmsg != NULL) |
| 128 | xfree(authmsg); | 128 | xfree(authmsg); |
| 129 | 129 | ||
| 130 | return (authsuccess); | 130 | return authsuccess; |
| 131 | } | 131 | } |
| 132 | # endif | 132 | # endif |
| 133 | # ifdef BSD_AUTH | 133 | # ifdef BSD_AUTH |
| @@ -135,15 +135,15 @@ auth_password(Authctxt *authctxt, const char *password) | |||
| 135 | (char *)password) == 0) | 135 | (char *)password) == 0) |
| 136 | return 0; | 136 | return 0; |
| 137 | else | 137 | else |
| 138 | return 1; | 138 | return ok; |
| 139 | # else | 139 | # else |
| 140 | { | 140 | { |
| 141 | char *pw_password = shadow_pw(pw); | 141 | /* Just use the supplied fake password if authctxt is invalid */ |
| 142 | char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; | ||
| 142 | 143 | ||
| 143 | /* Check for users with no password. */ | 144 | /* Check for users with no password. */ |
| 144 | /* XXX Reverted back to OpenBSD, why was this changed again? */ | ||
| 145 | if (strcmp(pw_password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) | 145 | if (strcmp(pw_password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) |
| 146 | return 1; | 146 | return ok; |
| 147 | else { | 147 | else { |
| 148 | /* Encrypt the candidate password using the proper salt. */ | 148 | /* Encrypt the candidate password using the proper salt. */ |
| 149 | char *encrypted_password = xcrypt(password, | 149 | char *encrypted_password = xcrypt(password, |
| @@ -153,7 +153,7 @@ auth_password(Authctxt *authctxt, const char *password) | |||
| 153 | * Authentication is accepted if the encrypted passwords | 153 | * Authentication is accepted if the encrypted passwords |
| 154 | * are identical. | 154 | * are identical. |
| 155 | */ | 155 | */ |
| 156 | return (strcmp(encrypted_password, pw_password) == 0); | 156 | return (strcmp(encrypted_password, pw_password) == 0) && ok; |
| 157 | } | 157 | } |
| 158 | 158 | ||
| 159 | } | 159 | } |