summaryrefslogtreecommitdiff
path: root/auth1.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth1.c')
-rw-r--r--auth1.c47
1 files changed, 21 insertions, 26 deletions
diff --git a/auth1.c b/auth1.c
index 6eea8d81e..f1ac59814 100644
--- a/auth1.c
+++ b/auth1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth1.c,v 1.77 2012/12/02 20:34:09 djm Exp $ */ 1/* $OpenBSD: auth1.c,v 1.79 2013/05/19 02:42:42 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -45,11 +45,11 @@
45extern ServerOptions options; 45extern ServerOptions options;
46extern Buffer loginmsg; 46extern Buffer loginmsg;
47 47
48static int auth1_process_password(Authctxt *, char *, size_t); 48static int auth1_process_password(Authctxt *);
49static int auth1_process_rsa(Authctxt *, char *, size_t); 49static int auth1_process_rsa(Authctxt *);
50static int auth1_process_rhosts_rsa(Authctxt *, char *, size_t); 50static int auth1_process_rhosts_rsa(Authctxt *);
51static int auth1_process_tis_challenge(Authctxt *, char *, size_t); 51static int auth1_process_tis_challenge(Authctxt *);
52static int auth1_process_tis_response(Authctxt *, char *, size_t); 52static int auth1_process_tis_response(Authctxt *);
53 53
54static char *client_user = NULL; /* Used to fill in remote user for PAM */ 54static char *client_user = NULL; /* Used to fill in remote user for PAM */
55 55
@@ -57,7 +57,7 @@ struct AuthMethod1 {
57 int type; 57 int type;
58 char *name; 58 char *name;
59 int *enabled; 59 int *enabled;
60 int (*method)(Authctxt *, char *, size_t); 60 int (*method)(Authctxt *);
61}; 61};
62 62
63const struct AuthMethod1 auth1_methods[] = { 63const struct AuthMethod1 auth1_methods[] = {
@@ -112,7 +112,7 @@ get_authname(int type)
112 112
113/*ARGSUSED*/ 113/*ARGSUSED*/
114static int 114static int
115auth1_process_password(Authctxt *authctxt, char *info, size_t infolen) 115auth1_process_password(Authctxt *authctxt)
116{ 116{
117 int authenticated = 0; 117 int authenticated = 0;
118 char *password; 118 char *password;
@@ -130,14 +130,14 @@ auth1_process_password(Authctxt *authctxt, char *info, size_t infolen)
130 authenticated = PRIVSEP(auth_password(authctxt, password)); 130 authenticated = PRIVSEP(auth_password(authctxt, password));
131 131
132 memset(password, 0, dlen); 132 memset(password, 0, dlen);
133 xfree(password); 133 free(password);
134 134
135 return (authenticated); 135 return (authenticated);
136} 136}
137 137
138/*ARGSUSED*/ 138/*ARGSUSED*/
139static int 139static int
140auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen) 140auth1_process_rsa(Authctxt *authctxt)
141{ 141{
142 int authenticated = 0; 142 int authenticated = 0;
143 BIGNUM *n; 143 BIGNUM *n;
@@ -155,7 +155,7 @@ auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen)
155 155
156/*ARGSUSED*/ 156/*ARGSUSED*/
157static int 157static int
158auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen) 158auth1_process_rhosts_rsa(Authctxt *authctxt)
159{ 159{
160 int keybits, authenticated = 0; 160 int keybits, authenticated = 0;
161 u_int bits; 161 u_int bits;
@@ -187,14 +187,14 @@ auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen)
187 client_host_key); 187 client_host_key);
188 key_free(client_host_key); 188 key_free(client_host_key);
189 189
190 snprintf(info, infolen, " ruser %.100s", client_user); 190 auth_info(authctxt, "ruser %.100s", client_user);
191 191
192 return (authenticated); 192 return (authenticated);
193} 193}
194 194
195/*ARGSUSED*/ 195/*ARGSUSED*/
196static int 196static int
197auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen) 197auth1_process_tis_challenge(Authctxt *authctxt)
198{ 198{
199 char *challenge; 199 char *challenge;
200 200
@@ -204,7 +204,7 @@ auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
204 debug("sending challenge '%s'", challenge); 204 debug("sending challenge '%s'", challenge);
205 packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); 205 packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
206 packet_put_cstring(challenge); 206 packet_put_cstring(challenge);
207 xfree(challenge); 207 free(challenge);
208 packet_send(); 208 packet_send();
209 packet_write_wait(); 209 packet_write_wait();
210 210
@@ -213,7 +213,7 @@ auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
213 213
214/*ARGSUSED*/ 214/*ARGSUSED*/
215static int 215static int
216auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen) 216auth1_process_tis_response(Authctxt *authctxt)
217{ 217{
218 int authenticated = 0; 218 int authenticated = 0;
219 char *response; 219 char *response;
@@ -223,7 +223,7 @@ auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen)
223 packet_check_eom(); 223 packet_check_eom();
224 authenticated = verify_response(authctxt, response); 224 authenticated = verify_response(authctxt, response);
225 memset(response, 'r', dlen); 225 memset(response, 'r', dlen);
226 xfree(response); 226 free(response);
227 227
228 return (authenticated); 228 return (authenticated);
229} 229}
@@ -236,7 +236,6 @@ static void
236do_authloop(Authctxt *authctxt) 236do_authloop(Authctxt *authctxt)
237{ 237{
238 int authenticated = 0; 238 int authenticated = 0;
239 char info[1024];
240 int prev = 0, type = 0; 239 int prev = 0, type = 0;
241 const struct AuthMethod1 *meth; 240 const struct AuthMethod1 *meth;
242 241
@@ -254,7 +253,7 @@ do_authloop(Authctxt *authctxt)
254#endif 253#endif
255 { 254 {
256 auth_log(authctxt, 1, 0, "without authentication", 255 auth_log(authctxt, 1, 0, "without authentication",
257 NULL, ""); 256 NULL);
258 return; 257 return;
259 } 258 }
260 } 259 }
@@ -268,7 +267,6 @@ do_authloop(Authctxt *authctxt)
268 /* default to fail */ 267 /* default to fail */
269 authenticated = 0; 268 authenticated = 0;
270 269
271 info[0] = '\0';
272 270
273 /* Get a packet from the client. */ 271 /* Get a packet from the client. */
274 prev = type; 272 prev = type;
@@ -298,7 +296,7 @@ do_authloop(Authctxt *authctxt)
298 goto skip; 296 goto skip;
299 } 297 }
300 298
301 authenticated = meth->method(authctxt, info, sizeof(info)); 299 authenticated = meth->method(authctxt);
302 if (authenticated == -1) 300 if (authenticated == -1)
303 continue; /* "postponed" */ 301 continue; /* "postponed" */
304 302
@@ -353,13 +351,10 @@ do_authloop(Authctxt *authctxt)
353 351
354 skip: 352 skip:
355 /* Log before sending the reply */ 353 /* Log before sending the reply */
356 auth_log(authctxt, authenticated, 0, get_authname(type), 354 auth_log(authctxt, authenticated, 0, get_authname(type), NULL);
357 NULL, info);
358 355
359 if (client_user != NULL) { 356 free(client_user);
360 xfree(client_user); 357 client_user = NULL;
361 client_user = NULL;
362 }
363 358
364 if (authenticated) 359 if (authenticated)
365 return; 360 return;