diff options
Diffstat (limited to 'auth1.c')
| -rw-r--r-- | auth1.c | 30 |
1 files changed, 8 insertions, 22 deletions
| @@ -26,13 +26,8 @@ RCSID("$OpenBSD: auth1.c,v 1.35 2002/02/03 17:53:25 markus Exp $"); | |||
| 26 | #include "session.h" | 26 | #include "session.h" |
| 27 | #include "misc.h" | 27 | #include "misc.h" |
| 28 | #include "uidswap.h" | 28 | #include "uidswap.h" |
| 29 | #include "monitor.h" | ||
| 30 | #include "monitor_wrap.h" | ||
| 31 | 29 | ||
| 32 | /* import */ | 30 | /* import */ |
| 33 | extern int use_privsep; | ||
| 34 | extern int mm_recvfd; | ||
| 35 | |||
| 36 | extern ServerOptions options; | 31 | extern ServerOptions options; |
| 37 | 32 | ||
| 38 | /* | 33 | /* |
| @@ -360,13 +355,12 @@ do_authloop(Authctxt *authctxt) | |||
| 360 | * Performs authentication of an incoming connection. Session key has already | 355 | * Performs authentication of an incoming connection. Session key has already |
| 361 | * been exchanged and encryption is enabled. | 356 | * been exchanged and encryption is enabled. |
| 362 | */ | 357 | */ |
| 363 | Authctxt * | 358 | void |
| 364 | do_authentication(void) | 359 | do_authentication(void) |
| 365 | { | 360 | { |
| 366 | Authctxt *authctxt; | 361 | Authctxt *authctxt; |
| 367 | struct passwd *pw = NULL, *pwent; | 362 | struct passwd *pw; |
| 368 | u_int ulen; | 363 | u_int ulen; |
| 369 | int allowed; | ||
| 370 | char *p, *user, *style = NULL; | 364 | char *p, *user, *style = NULL; |
| 371 | 365 | ||
| 372 | /* Get the name of the user that we wish to log in as. */ | 366 | /* Get the name of the user that we wish to log in as. */ |
| @@ -388,26 +382,17 @@ do_authentication(void) | |||
| 388 | authctxt->style = style; | 382 | authctxt->style = style; |
| 389 | 383 | ||
| 390 | /* Verify that the user is a valid user. */ | 384 | /* Verify that the user is a valid user. */ |
| 391 | if (!use_privsep) { | 385 | pw = getpwnam(user); |
| 392 | pwent = getpwnam(user); | 386 | if (pw && allowed_user(pw)) { |
| 393 | allowed = pwent ? allowed_user(pwent) : 0; | ||
| 394 | } else | ||
| 395 | pwent = mm_getpwnamallow(mm_recvfd, user, &allowed); | ||
| 396 | if (pwent && allowed) { | ||
| 397 | authctxt->valid = 1; | 387 | authctxt->valid = 1; |
| 398 | pw = pwcopy(pwent); | 388 | pw = pwcopy(pw); |
| 399 | } else { | 389 | } else { |
| 400 | debug("do_authentication: illegal user %s", user); | 390 | debug("do_authentication: illegal user %s", user); |
| 401 | pw = NULL; | 391 | pw = NULL; |
| 402 | } | 392 | } |
| 403 | /* Free memory */ | ||
| 404 | if (use_privsep) | ||
| 405 | pwfree(pwent); | ||
| 406 | |||
| 407 | authctxt->pw = pw; | 393 | authctxt->pw = pw; |
| 408 | 394 | ||
| 409 | setproctitle("%s%s", use_privsep ? " [net]" : "", | 395 | setproctitle("%s", pw ? user : "unknown"); |
| 410 | pw ? user : "unknown"); | ||
| 411 | 396 | ||
| 412 | #ifdef USE_PAM | 397 | #ifdef USE_PAM |
| 413 | start_pam(pw == NULL ? "NOUSER" : user); | 398 | start_pam(pw == NULL ? "NOUSER" : user); |
| @@ -433,5 +418,6 @@ do_authentication(void) | |||
| 433 | packet_send(); | 418 | packet_send(); |
| 434 | packet_write_wait(); | 419 | packet_write_wait(); |
| 435 | 420 | ||
| 436 | return (authctxt); | 421 | /* Perform session preparation. */ |
| 422 | do_authenticated(authctxt); | ||
| 437 | } | 423 | } |