diff options
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 26 |
1 files changed, 23 insertions, 3 deletions
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth.c,v 1.37 2002/03/17 20:25:56 provos Exp $"); | 26 | RCSID("$OpenBSD: auth.c,v 1.38 2002/03/18 03:41:08 provos Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_LOGIN_H | 28 | #ifdef HAVE_LOGIN_H |
29 | #include <login.h> | 29 | #include <login.h> |
@@ -443,11 +443,31 @@ secure_filename(FILE *f, const char *file, struct passwd *pw, | |||
443 | struct passwd * | 443 | struct passwd * |
444 | getpwnamallow(const char *user) | 444 | getpwnamallow(const char *user) |
445 | { | 445 | { |
446 | #ifdef HAVE_LOGIN_CAP | ||
447 | extern login_cap_t *lc; | ||
448 | #ifdef BSD_AUTH | ||
449 | auth_session_t *as; | ||
450 | #endif | ||
451 | #endif | ||
446 | struct passwd *pw; | 452 | struct passwd *pw; |
447 | 453 | ||
448 | pw = getpwnam(user); | 454 | pw = getpwnam(user); |
449 | if (pw != NULL && !allowed_user(pw)) | 455 | if (pw == NULL || !allowed_user(pw)) |
456 | return (NULL); | ||
457 | #ifdef HAVE_LOGIN_CAP | ||
458 | if ((lc = login_getclass(pw->pw_class)) == NULL) { | ||
459 | debug("unable to get login class: %s", user); | ||
460 | return (NULL); | ||
461 | } | ||
462 | #ifdef BSD_AUTH | ||
463 | if ((as = auth_open()) == NULL || auth_setpwd(as, pw) != 0 || | ||
464 | auth_approval(NULL, lc, pw->pw_name, "ssh") <= 0) { | ||
465 | debug("Approval failure for %s", user); | ||
450 | pw = NULL; | 466 | pw = NULL; |
451 | 467 | } | |
468 | if (as != NULL) | ||
469 | auth_close(as); | ||
470 | #endif | ||
471 | #endif | ||
452 | return (pw); | 472 | return (pw); |
453 | } | 473 | } |