diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | auth-chall.c | 7 | ||||
-rw-r--r-- | auth.h | 2 | ||||
-rw-r--r-- | auth2-chall.c | 24 |
4 files changed, 36 insertions, 1 deletions
@@ -41,6 +41,8 @@ | |||
41 | - (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128 | 41 | - (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128 |
42 | bytes to prevent errors from login_init_entry() when the username is | 42 | bytes to prevent errors from login_init_entry() when the username is |
43 | exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@ | 43 | exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@ |
44 | - (dtucker) [auth-chall.c auth.h auth2-chall.c] Bug #936: Remove pam from | ||
45 | the list of available kbdint devices if UsePAM=no. ok djm@ | ||
44 | 46 | ||
45 | 20050118 | 47 | 20050118 |
46 | - (dtucker) [INSTALL Makefile.in configure.ac survey.sh.in] Implement | 48 | - (dtucker) [INSTALL Makefile.in configure.ac survey.sh.in] Implement |
@@ -2013,4 +2015,4 @@ | |||
2013 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2015 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
2014 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2016 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
2015 | 2017 | ||
2016 | $Id: ChangeLog,v 1.3619 2005/01/20 11:07:29 dtucker Exp $ | 2018 | $Id: ChangeLog,v 1.3620 2005/01/20 11:20:50 dtucker Exp $ |
diff --git a/auth-chall.c b/auth-chall.c index a9d314dd2..e4f783096 100644 --- a/auth-chall.c +++ b/auth-chall.c | |||
@@ -28,11 +28,13 @@ RCSID("$OpenBSD: auth-chall.c,v 1.9 2003/11/03 09:03:37 djm Exp $"); | |||
28 | #include "auth.h" | 28 | #include "auth.h" |
29 | #include "log.h" | 29 | #include "log.h" |
30 | #include "xmalloc.h" | 30 | #include "xmalloc.h" |
31 | #include "servconf.h" | ||
31 | 32 | ||
32 | /* limited protocol v1 interface to kbd-interactive authentication */ | 33 | /* limited protocol v1 interface to kbd-interactive authentication */ |
33 | 34 | ||
34 | extern KbdintDevice *devices[]; | 35 | extern KbdintDevice *devices[]; |
35 | static KbdintDevice *device; | 36 | static KbdintDevice *device; |
37 | extern ServerOptions options; | ||
36 | 38 | ||
37 | char * | 39 | char * |
38 | get_challenge(Authctxt *authctxt) | 40 | get_challenge(Authctxt *authctxt) |
@@ -41,6 +43,11 @@ get_challenge(Authctxt *authctxt) | |||
41 | u_int i, numprompts; | 43 | u_int i, numprompts; |
42 | u_int *echo_on; | 44 | u_int *echo_on; |
43 | 45 | ||
46 | #ifdef USE_PAM | ||
47 | if (!options.use_pam) | ||
48 | remove_kbdint_device("pam"); | ||
49 | #endif | ||
50 | |||
44 | device = devices[0]; /* we always use the 1st device for protocol 1 */ | 51 | device = devices[0]; /* we always use the 1st device for protocol 1 */ |
45 | if (device == NULL) | 52 | if (device == NULL) |
46 | return NULL; | 53 | return NULL; |
@@ -130,6 +130,8 @@ int auth_shadow_pwexpired(Authctxt *); | |||
130 | #endif | 130 | #endif |
131 | 131 | ||
132 | #include "auth-pam.h" | 132 | #include "auth-pam.h" |
133 | void remove_kbdint_device(const char *); | ||
134 | |||
133 | void disable_forwarding(void); | 135 | void disable_forwarding(void); |
134 | 136 | ||
135 | void do_authentication(Authctxt *); | 137 | void do_authentication(Authctxt *); |
diff --git a/auth2-chall.c b/auth2-chall.c index 29234439c..384a543ee 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -32,6 +32,10 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); | |||
32 | #include "xmalloc.h" | 32 | #include "xmalloc.h" |
33 | #include "dispatch.h" | 33 | #include "dispatch.h" |
34 | #include "log.h" | 34 | #include "log.h" |
35 | #include "servconf.h" | ||
36 | |||
37 | /* import */ | ||
38 | extern ServerOptions options; | ||
35 | 39 | ||
36 | static int auth2_challenge_start(Authctxt *); | 40 | static int auth2_challenge_start(Authctxt *); |
37 | static int send_userauth_info_request(Authctxt *); | 41 | static int send_userauth_info_request(Authctxt *); |
@@ -71,6 +75,21 @@ struct KbdintAuthctxt | |||
71 | u_int nreq; | 75 | u_int nreq; |
72 | }; | 76 | }; |
73 | 77 | ||
78 | #ifdef USE_PAM | ||
79 | void | ||
80 | remove_kbdint_device(const char *devname) | ||
81 | { | ||
82 | int i, j; | ||
83 | |||
84 | for (i = 0; devices[i] != NULL; i++) | ||
85 | if (strcmp(devices[i]->name, devname) == 0) { | ||
86 | for (j = i; devices[j] != NULL; j++) | ||
87 | devices[j] = devices[j+1]; | ||
88 | i--; | ||
89 | } | ||
90 | } | ||
91 | #endif | ||
92 | |||
74 | static KbdintAuthctxt * | 93 | static KbdintAuthctxt * |
75 | kbdint_alloc(const char *devs) | 94 | kbdint_alloc(const char *devs) |
76 | { | 95 | { |
@@ -78,6 +97,11 @@ kbdint_alloc(const char *devs) | |||
78 | Buffer b; | 97 | Buffer b; |
79 | int i; | 98 | int i; |
80 | 99 | ||
100 | #ifdef USE_PAM | ||
101 | if (!options.use_pam) | ||
102 | remove_kbdint_device("pam"); | ||
103 | #endif | ||
104 | |||
81 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); | 105 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); |
82 | if (strcmp(devs, "") == 0) { | 106 | if (strcmp(devs, "") == 0) { |
83 | buffer_init(&b); | 107 | buffer_init(&b); |