diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-01-19 21:41:18 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-01-20 09:45:17 +1100 |
| commit | 3a00a921590d4c4b7e96df11bb10e6f9253ad45e (patch) | |
| tree | 24186d71a6a77de7e303af919a4be64f2c7461bf /auth.c | |
| parent | 7ec5cb4d15ed2f2c5c9f5d00e6b361d136fc1e2d (diff) | |
upstream: convert auth.c to new packet API
with & ok markus@
OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
Diffstat (limited to 'auth.c')
| -rw-r--r-- | auth.c | 26 |
1 files changed, 10 insertions, 16 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth.c,v 1.137 2019/01/19 21:37:48 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -77,9 +77,6 @@ | |||
| 77 | #include "compat.h" | 77 | #include "compat.h" |
| 78 | #include "channels.h" | 78 | #include "channels.h" |
| 79 | 79 | ||
| 80 | #include "opacket.h" /* XXX */ | ||
| 81 | extern struct ssh *active_state; /* XXX */ | ||
| 82 | |||
| 83 | /* import */ | 80 | /* import */ |
| 84 | extern ServerOptions options; | 81 | extern ServerOptions options; |
| 85 | extern int use_privsep; | 82 | extern int use_privsep; |
| @@ -100,9 +97,8 @@ static struct sshbuf *auth_debug; | |||
| 100 | * Otherwise true is returned. | 97 | * Otherwise true is returned. |
| 101 | */ | 98 | */ |
| 102 | int | 99 | int |
| 103 | allowed_user(struct passwd * pw) | 100 | allowed_user(struct ssh *ssh, struct passwd * pw) |
| 104 | { | 101 | { |
| 105 | struct ssh *ssh = active_state; /* XXX */ | ||
| 106 | struct stat st; | 102 | struct stat st; |
| 107 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 103 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
| 108 | u_int i; | 104 | u_int i; |
| @@ -312,10 +308,10 @@ format_method_key(Authctxt *authctxt) | |||
| 312 | } | 308 | } |
| 313 | 309 | ||
| 314 | void | 310 | void |
| 315 | auth_log(Authctxt *authctxt, int authenticated, int partial, | 311 | auth_log(struct ssh *ssh, int authenticated, int partial, |
| 316 | const char *method, const char *submethod) | 312 | const char *method, const char *submethod) |
| 317 | { | 313 | { |
| 318 | struct ssh *ssh = active_state; /* XXX */ | 314 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
| 319 | int level = SYSLOG_LEVEL_VERBOSE; | 315 | int level = SYSLOG_LEVEL_VERBOSE; |
| 320 | const char *authmsg; | 316 | const char *authmsg; |
| 321 | char *extra = NULL; | 317 | char *extra = NULL; |
| @@ -377,9 +373,9 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, | |||
| 377 | 373 | ||
| 378 | 374 | ||
| 379 | void | 375 | void |
| 380 | auth_maxtries_exceeded(Authctxt *authctxt) | 376 | auth_maxtries_exceeded(struct ssh *ssh) |
| 381 | { | 377 | { |
| 382 | struct ssh *ssh = active_state; /* XXX */ | 378 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
| 383 | 379 | ||
| 384 | error("maximum authentication attempts exceeded for " | 380 | error("maximum authentication attempts exceeded for " |
| 385 | "%s%.100s from %.200s port %d ssh2", | 381 | "%s%.100s from %.200s port %d ssh2", |
| @@ -387,7 +383,7 @@ auth_maxtries_exceeded(Authctxt *authctxt) | |||
| 387 | authctxt->user, | 383 | authctxt->user, |
| 388 | ssh_remote_ipaddr(ssh), | 384 | ssh_remote_ipaddr(ssh), |
| 389 | ssh_remote_port(ssh)); | 385 | ssh_remote_port(ssh)); |
| 390 | packet_disconnect("Too many authentication failures"); | 386 | ssh_packet_disconnect(ssh, "Too many authentication failures"); |
| 391 | /* NOTREACHED */ | 387 | /* NOTREACHED */ |
| 392 | } | 388 | } |
| 393 | 389 | ||
| @@ -562,9 +558,8 @@ auth_openprincipals(const char *file, struct passwd *pw, int strict_modes) | |||
| 562 | } | 558 | } |
| 563 | 559 | ||
| 564 | struct passwd * | 560 | struct passwd * |
| 565 | getpwnamallow(const char *user) | 561 | getpwnamallow(struct ssh *ssh, const char *user) |
| 566 | { | 562 | { |
| 567 | struct ssh *ssh = active_state; /* XXX */ | ||
| 568 | #ifdef HAVE_LOGIN_CAP | 563 | #ifdef HAVE_LOGIN_CAP |
| 569 | extern login_cap_t *lc; | 564 | extern login_cap_t *lc; |
| 570 | #ifdef BSD_AUTH | 565 | #ifdef BSD_AUTH |
| @@ -614,7 +609,7 @@ getpwnamallow(const char *user) | |||
| 614 | #endif /* SSH_AUDIT_EVENTS */ | 609 | #endif /* SSH_AUDIT_EVENTS */ |
| 615 | return (NULL); | 610 | return (NULL); |
| 616 | } | 611 | } |
| 617 | if (!allowed_user(pw)) | 612 | if (!allowed_user(ssh, pw)) |
| 618 | return (NULL); | 613 | return (NULL); |
| 619 | #ifdef HAVE_LOGIN_CAP | 614 | #ifdef HAVE_LOGIN_CAP |
| 620 | if ((lc = login_getclass(pw->pw_class)) == NULL) { | 615 | if ((lc = login_getclass(pw->pw_class)) == NULL) { |
| @@ -693,9 +688,8 @@ auth_debug_add(const char *fmt,...) | |||
| 693 | } | 688 | } |
| 694 | 689 | ||
| 695 | void | 690 | void |
| 696 | auth_debug_send(void) | 691 | auth_debug_send(struct ssh *ssh) |
| 697 | { | 692 | { |
| 698 | struct ssh *ssh = active_state; /* XXX */ | ||
| 699 | char *msg; | 693 | char *msg; |
| 700 | int r; | 694 | int r; |
| 701 | 695 | ||