summaryrefslogtreecommitdiff
path: root/auth-sia.c
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2003-03-21 01:18:09 +0000
committerBen Lindstrom <mouring@eviladmin.org>2003-03-21 01:18:09 +0000
commitc8c548d24883eaff20ea1665022ee92bd0632e29 (patch)
treeae926d0d3ef2d1c08f34c5b5f919451d0d29e7fa /auth-sia.c
parenta5a2648b81c9347c241c37e6cba78f1df47e9320 (diff)
- (bal) Disable Privsep for Tru64 after pre-authentication due to issues
with SIA. Also, clean up of tru64 support patch by Chris Adams <cmadams@hiwaay.net>
Diffstat (limited to 'auth-sia.c')
-rw-r--r--auth-sia.c47
1 files changed, 16 insertions, 31 deletions
diff --git a/auth-sia.c b/auth-sia.c
index 071e154d8..5c9b3f5de 100644
--- a/auth-sia.c
+++ b/auth-sia.c
@@ -45,27 +45,25 @@ extern ServerOptions options;
45extern int saved_argc; 45extern int saved_argc;
46extern char **saved_argv; 46extern char **saved_argv;
47 47
48extern int errno;
49
50int 48int
51auth_sia_password(Authctxt *authctxt, char *pass) 49auth_sia_password(Authctxt *authctxt, char *pass)
52{ 50{
53 int ret; 51 int ret;
54 SIAENTITY *ent = NULL; 52 SIAENTITY *ent = NULL;
55 const char *host; 53 const char *host;
56 char *user = authctxt->user;
57 54
58 host = get_canonical_hostname(options.verify_reverse_mapping); 55 host = get_canonical_hostname(options.verify_reverse_mapping);
59 56
60 if (pass[0] == '\0') 57 if (!authctxt->user || !pass || pass[0] == '\0')
61 return(0); 58 return(0);
62 59
63 if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0, 60 if (sia_ses_init(&ent, saved_argc, saved_argv, host, authctxt->user,
64 NULL) != SIASUCCESS) 61 NULL, 0, NULL) != SIASUCCESS)
65 return(0); 62 return(0);
66 63
67 if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) { 64 if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
68 error("Couldn't authenticate %s from %s", user, host); 65 error("Couldn't authenticate %s from %s", authctxt->user,
66 host);
69 if (ret & SIASTOP) 67 if (ret & SIASTOP)
70 sia_ses_release(&ent); 68 sia_ses_release(&ent);
71 return(0); 69 return(0);
@@ -77,48 +75,35 @@ auth_sia_password(Authctxt *authctxt, char *pass)
77} 75}
78 76
79void 77void
80session_setup_sia(char *user, char *tty) 78session_setup_sia(struct passwd *pw, char *tty)
81{ 79{
82 struct passwd *pw;
83 SIAENTITY *ent = NULL; 80 SIAENTITY *ent = NULL;
84 const char *host; 81 const char *host;
85 82
86 host = get_canonical_hostname (options.verify_reverse_mapping); 83 host = get_canonical_hostname(options.verify_reverse_mapping);
87 84
88 if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0, 85 if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name, tty,
89 NULL) != SIASUCCESS) { 86 0, NULL) != SIASUCCESS)
90 fatal("sia_ses_init failed"); 87 fatal("sia_ses_init failed");
91 }
92 88
93 if ((pw = getpwnam(user)) == NULL) {
94 sia_ses_release(&ent);
95 fatal("getpwnam: no user: %s", user);
96 }
97 if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) { 89 if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
98 sia_ses_release(&ent); 90 sia_ses_release(&ent);
99 fatal("sia_make_entity_pwd failed"); 91 fatal("sia_make_entity_pwd failed");
100 } 92 }
101 93
102 ent->authtype = SIA_A_NONE; 94 ent->authtype = SIA_A_NONE;
103 if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) { 95 if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS)
104 fatal("Couldn't establish session for %s from %s", user, 96 fatal("Couldn't establish session for %s from %s",
105 host); 97 pw->pw_name, host);
106 }
107
108 if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
109 sia_ses_release(&ent);
110 fatal("setpriority: %s", strerror (errno));
111 }
112 98
113 if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) { 99 if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS)
114 fatal("Couldn't launch session for %s from %s", user, host); 100 fatal("Couldn't launch session for %s from %s", pw->pw_name,
115 } 101 host);
116 102
117 sia_ses_release(&ent); 103 sia_ses_release(&ent);
118 104
119 if (setreuid(geteuid(), geteuid()) < 0) { 105 if (setreuid(geteuid(), geteuid()) < 0)
120 fatal("setreuid: %s", strerror(errno)); 106 fatal("setreuid: %s", strerror(errno));
121 }
122} 107}
123 108
124#endif /* HAVE_OSF_SIA */ 109#endif /* HAVE_OSF_SIA */