- (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams

<cmadams@hiwaay.net> with a little modification and KNF.
author: Damien Miller <djm@mindrot.org> 2001-02-14 01:25:23 +1100
committer: Damien Miller <djm@mindrot.org> 2001-02-14 01:25:23 +1100
commit: 92ddb7d6f0d6a1942e27f75883d29dc0ea99223f (patch)
tree: 505a90486e59c722c4226a7c597b449f4b651529 /auth-sia.c
parent: 116b6bdda81d6647cc2742280c15b3f42ab3dd24 (diff)
1 files changed, 96 insertions, 0 deletions
diff --git a/auth-sia.c b/auth-sia.c
new file mode 100644
index 000000000..6fece555d
--- /dev/null
+++ b/auth-sia.c
@@ -0,0 +1,96 @@
+#include "includes.h"
+#ifdef HAVE_OSF_SIA
+#include "ssh.h"
+#include "auth-sia.h"
+#include "log.h"
+#include "servconf.h"
+#include "canohost.h"
+#include <sia.h>
+#include <siad.h>
+#include <pwd.h>
+#include <signal.h>
+#include <setjmp.h>
+#include <sys/resource.h>
+#include <unistd.h>
+#include <string.h>
+extern ServerOptions options;
+extern int saved_argc;
+extern char **saved_argv;
+extern int errno;
+int
+auth_sia_password(char *user, char *pass)
+{
+        int ret;
+        SIAENTITY *ent = NULL;
+        const char *host;
+        host = get_canonical_hostname(options.reverse_mapping_check);
+        if (!user || !pass)
+                return(0);
+        if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0,
+            NULL) != SIASUCCESS)
+                return(0);
+        if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
+                error("couldn't authenticate %s from %s", user, host);
+                if (ret & SIASTOP)
+                        sia_ses_release(&ent);
+                return(0);
+        }
+        sia_ses_release(&ent);
+        return(1);
+}
+void
+session_setup_sia(char *user, char *tty)
+{
+        int ret;
+        struct passwd *pw;
+        SIAENTITY *ent = NULL;
+        const char *host;
+        host = get_canonical_hostname (options.reverse_mapping_check);
+        if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0,
+            NULL) != SIASUCCESS)
+                fatal("sia_ses_init failed");
+        if ((pw = getpwnam(user)) == NULL) {
+                sia_ses_release(&ent);
+                fatal("getpwnam(%s) failed: %s", user, strerror(errno));
+        }
+        if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
+                sia_ses_release(&ent);
+                fatal("sia_make_entity_pwd failed");
+        }
+        ent->authtype = SIA_A_NONE;
+        if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS)
+                fatal("couldn't establish session for %s from %s", user,
+                    host);
+        if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
+                sia_ses_release(&ent);
+                fatal("setpriority failed: %s", strerror (errno));
+        }
+        if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS)
+                fatal("couldn't launch session for %s from %s", user, host);
+        
+        sia_ses_release(&ent);
+        if (setreuid(geteuid(), geteuid()) < 0)
+                fatal("setreuid failed: %s", strerror (errno));
+}
+#endif /* HAVE_OSF_SIA */
author	Damien Miller <djm@mindrot.org>	2001-02-14 01:25:23 +1100
committer	Damien Miller <djm@mindrot.org>	2001-02-14 01:25:23 +1100
commit	92ddb7d6f0d6a1942e27f75883d29dc0ea99223f (patch)
tree	505a90486e59c722c4226a7c597b449f4b651529 /auth-sia.c
parent	116b6bdda81d6647cc2742280c15b3f42ab3dd24 (diff)

diff --git a/auth-sia.c b/auth-sia.c new file mode 100644 index 000000000..6fece555d --- /dev/null +++ b/auth-sia.c
@@ -0,0 +1,96 @@
	1	#include "includes.h"
	2
	3	#ifdef HAVE_OSF_SIA
	4	#include "ssh.h"
	5	#include "auth-sia.h"
	6	#include "log.h"
	7	#include "servconf.h"
	8	#include "canohost.h"
	9
	10	#include <sia.h>
	11	#include <siad.h>
	12	#include <pwd.h>
	13	#include <signal.h>
	14	#include <setjmp.h>
	15	#include <sys/resource.h>
	16	#include <unistd.h>
	17	#include <string.h>
	18
	19	extern ServerOptions options;
	20	extern int saved_argc;
	21	extern char **saved_argv;
	22
	23	extern int errno;
	24
	25	int
	26	auth_sia_password(char user, char pass)
	27	{
	28	int ret;
	29	SIAENTITY *ent = NULL;
	30	const char *host;
	31
	32	host = get_canonical_hostname(options.reverse_mapping_check);
	33
	34	if (!user \|\| !pass)
	35	return(0);
	36
	37	if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0,
	38	NULL) != SIASUCCESS)
	39	return(0);
	40
	41	if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
	42	error("couldn't authenticate %s from %s", user, host);
	43	if (ret & SIASTOP)
	44	sia_ses_release(&ent);
	45	return(0);
	46	}
	47
	48	sia_ses_release(&ent);
	49
	50	return(1);
	51	}
	52
	53	void
	54	session_setup_sia(char user, char tty)
	55	{
	56	int ret;
	57	struct passwd *pw;
	58	SIAENTITY *ent = NULL;
	59	const char *host;
	60
	61	host = get_canonical_hostname (options.reverse_mapping_check);
	62
	63	if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0,
	64	NULL) != SIASUCCESS)
	65	fatal("sia_ses_init failed");
	66
	67	if ((pw = getpwnam(user)) == NULL) {
	68	sia_ses_release(&ent);
	69	fatal("getpwnam(%s) failed: %s", user, strerror(errno));
	70	}
	71	if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
	72	sia_ses_release(&ent);
	73	fatal("sia_make_entity_pwd failed");
	74	}
	75
	76	ent->authtype = SIA_A_NONE;
	77	if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS)
	78	fatal("couldn't establish session for %s from %s", user,
	79	host);
	80
	81	if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
	82	sia_ses_release(&ent);
	83	fatal("setpriority failed: %s", strerror (errno));
	84	}
	85
	86	if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS)
	87	fatal("couldn't launch session for %s from %s", user, host);
	88
	89	sia_ses_release(&ent);
	90
	91	if (setreuid(geteuid(), geteuid()) < 0)
	92	fatal("setreuid failed: %s", strerror (errno));
	93	}
	94
	95	#endif /* HAVE_OSF_SIA */
	96