- Merged more OpenBSD CVS changes:

- [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() + krb-cleanup cleanup - [clientloop.c log-client.c log-server.c ] [readconf.c readconf.h servconf.c servconf.h ] [ssh.1 ssh.c ssh.h sshd.8] add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, obsoletes QuietMode and FascistLogging in sshd.
author: Damien Miller <djm@mindrot.org> 1999-11-11 17:57:39 +1100
committer: Damien Miller <djm@mindrot.org> 1999-11-11 17:57:39 +1100
commit: 5ce662a9202240a2f5fa6a9334d58186bdaba50c (patch)
tree: 9fe37122fa27f070abc3c9c28531877d43673b7f /auth-passwd.c
parent: ab5e0d0c27e00dca463c67395c2b5941e778836e (diff)
1 files changed, 13 insertions, 19 deletions
diff --git a/auth-passwd.c b/auth-passwd.c
index 61f66fedd..99d0af2be 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -15,17 +15,13 @@ the password is valid for the user.
 */
 #include "includes.h"
-RCSID("$Id: auth-passwd.c,v 1.2 1999/10/27 13:42:05 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.3 1999/11/11 06:57:39 damien Exp $");
 #include "packet.h"
 #include "ssh.h"
 #include "servconf.h"
 #include "xmalloc.h"
-#ifdef KRB4
-extern char *ticket;
-#endif /* KRB4 */
 /* Tries to authenticate the user using password.  Returns true if
   authentication succeeds. */
@@ -80,9 +76,9 @@ int auth_password(struct passwd *pw, const char *password)
      KTEXT_ST tkt;
      struct hostent *hp;
      unsigned long faddr;
-      char localhost[MAXHOSTNAMELEN];   /* local host name */
+      char localhost[MAXHOSTNAMELEN];
-      char phost[INST_SZ];              /* host instance */
+      char phost[INST_SZ];
-      char realm[REALM_SZ];             /* local Kerberos realm */
+      char realm[REALM_SZ];
      int r;
      
      /* Try Kerberos password authentication only for non-root
@@ -90,9 +86,8 @@ int auth_password(struct passwd *pw, const char *password)
      if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {
        /* Set up our ticket file. */
-        if (!ssh_tf_init(pw->pw_uid)) {
+        if (!krb4_init(pw->pw_uid)) {
-          log("Couldn't initialize Kerberos ticket file for %s!",
+          log("Couldn't initialize Kerberos ticket file for %s!", pw->pw_name);
-              pw->pw_name);
          goto kerberos_auth_failure;
        }
        /* Try to get TGT using our password. */
@@ -104,13 +99,12 @@ int auth_password(struct passwd *pw, const char *password)
          goto kerberos_auth_failure;
        }
        /* Successful authentication. */
-        chown(ticket, pw->pw_uid, pw->pw_gid);
+        chown(tkt_string(), pw->pw_uid, pw->pw_gid);
-        
-        (void) gethostname(localhost, sizeof(localhost));
-        (void) strlcpy(phost, (char *)krb_get_phost(localhost), INST_SZ);
        
        /* Now that we have a TGT, try to get a local "rcmd" ticket to
           ensure that we are not talking to a bogus Kerberos server. */
+        (void) gethostname(localhost, sizeof(localhost));
+        (void) strlcpy(phost, (char *)krb_get_phost(localhost), INST_SZ);
        r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33);
        if (r == KSUCCESS) {
@@ -150,10 +144,10 @@ int auth_password(struct passwd *pw, const char *password)
        return 1;
        
      kerberos_auth_failure:
-        (void) dest_tkt();
+        krb4_cleanup_proc(NULL);
-        xfree(ticket);
+        
-        ticket = NULL;
+        if (!options.kerberos_or_local_passwd)
-        if (!options.kerberos_or_local_passwd ) return 0;
+          return 0;
      }
      else {
        /* Logging in as root or no local Kerberos realm. */
author	Damien Miller <djm@mindrot.org>	1999-11-11 17:57:39 +1100
committer	Damien Miller <djm@mindrot.org>	1999-11-11 17:57:39 +1100
commit	5ce662a9202240a2f5fa6a9334d58186bdaba50c (patch)
tree	9fe37122fa27f070abc3c9c28531877d43673b7f /auth-passwd.c
parent	ab5e0d0c27e00dca463c67395c2b5941e778836e (diff)

diff --git a/auth-passwd.c b/auth-passwd.c index 61f66fedd..99d0af2be 100644 --- a/auth-passwd.c +++ b/auth-passwd.c
@@ -15,17 +15,13 @@ the password is valid for the user.
15	*/	15	*/
16		16
17	#include "includes.h"	17	#include "includes.h"
18	RCSID("$Id: auth-passwd.c,v 1.2 1999/10/27 13:42:05 damien Exp $");	18	RCSID("$Id: auth-passwd.c,v 1.3 1999/11/11 06:57:39 damien Exp $");
19		19
20	#include "packet.h"	20	#include "packet.h"
21	#include "ssh.h"	21	#include "ssh.h"
22	#include "servconf.h"	22	#include "servconf.h"
23	#include "xmalloc.h"	23	#include "xmalloc.h"
24		24
25	#ifdef KRB4
26	extern char *ticket;
27	#endif /* KRB4 */
28
29	/* Tries to authenticate the user using password. Returns true if	25	/* Tries to authenticate the user using password. Returns true if
30	authentication succeeds. */	26	authentication succeeds. */
31		27
@@ -80,9 +76,9 @@ int auth_password(struct passwd pw, const char password)
80	KTEXT_ST tkt;	76	KTEXT_ST tkt;
81	struct hostent *hp;	77	struct hostent *hp;
82	unsigned long faddr;	78	unsigned long faddr;
83	char localhost[MAXHOSTNAMELEN]; /* local host name */	79	char localhost[MAXHOSTNAMELEN];
84	char phost[INST_SZ]; /* host instance */	80	char phost[INST_SZ];
85	char realm[REALM_SZ]; /* local Kerberos realm */	81	char realm[REALM_SZ];
86	int r;	82	int r;
87		83
88	/* Try Kerberos password authentication only for non-root	84	/* Try Kerberos password authentication only for non-root
@@ -90,9 +86,8 @@ int auth_password(struct passwd pw, const char password)
90	if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {	86	if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {
91		87
92	/* Set up our ticket file. */	88	/* Set up our ticket file. */
93	if (!ssh_tf_init(pw->pw_uid)) {	89	if (!krb4_init(pw->pw_uid)) {
94	log("Couldn't initialize Kerberos ticket file for %s!",	90	log("Couldn't initialize Kerberos ticket file for %s!", pw->pw_name);
95	pw->pw_name);
96	goto kerberos_auth_failure;	91	goto kerberos_auth_failure;
97	}	92	}
98	/* Try to get TGT using our password. */	93	/* Try to get TGT using our password. */
@@ -104,13 +99,12 @@ int auth_password(struct passwd pw, const char password)
104	goto kerberos_auth_failure;	99	goto kerberos_auth_failure;
105	}	100	}
106	/* Successful authentication. */	101	/* Successful authentication. */
107	chown(ticket, pw->pw_uid, pw->pw_gid);	102	chown(tkt_string(), pw->pw_uid, pw->pw_gid);
108
109	(void) gethostname(localhost, sizeof(localhost));
110	(void) strlcpy(phost, (char *)krb_get_phost(localhost), INST_SZ);
111		103
112	/* Now that we have a TGT, try to get a local "rcmd" ticket to	104	/* Now that we have a TGT, try to get a local "rcmd" ticket to
113	ensure that we are not talking to a bogus Kerberos server. */	105	ensure that we are not talking to a bogus Kerberos server. */
		106	(void) gethostname(localhost, sizeof(localhost));
		107	(void) strlcpy(phost, (char *)krb_get_phost(localhost), INST_SZ);
114	r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33);	108	r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33);
115		109
116	if (r == KSUCCESS) {	110	if (r == KSUCCESS) {
@@ -150,10 +144,10 @@ int auth_password(struct passwd pw, const char password)
150	return 1;	144	return 1;
151		145
152	kerberos_auth_failure:	146	kerberos_auth_failure:
153	(void) dest_tkt();	147	krb4_cleanup_proc(NULL);
154	xfree(ticket);	148
155	ticket = NULL;	149	if (!options.kerberos_or_local_passwd)
156	if (!options.kerberos_or_local_passwd ) return 0;	150	return 0;
157	}	151	}
158	else {	152	else {
159	/* Logging in as root or no local Kerberos realm. */	153	/* Logging in as root or no local Kerberos realm. */