diff options
Diffstat (limited to 'auth2-chall.c')
-rw-r--r-- | auth2-chall.c | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/auth2-chall.c b/auth2-chall.c index 486baaaa3..384a543ee 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -23,7 +23,7 @@ | |||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ | 24 | */ |
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $"); | 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); |
27 | 27 | ||
28 | #include "ssh2.h" | 28 | #include "ssh2.h" |
29 | #include "auth.h" | 29 | #include "auth.h" |
@@ -32,6 +32,10 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $"); | |||
32 | #include "xmalloc.h" | 32 | #include "xmalloc.h" |
33 | #include "dispatch.h" | 33 | #include "dispatch.h" |
34 | #include "log.h" | 34 | #include "log.h" |
35 | #include "servconf.h" | ||
36 | |||
37 | /* import */ | ||
38 | extern ServerOptions options; | ||
35 | 39 | ||
36 | static int auth2_challenge_start(Authctxt *); | 40 | static int auth2_challenge_start(Authctxt *); |
37 | static int send_userauth_info_request(Authctxt *); | 41 | static int send_userauth_info_request(Authctxt *); |
@@ -71,6 +75,21 @@ struct KbdintAuthctxt | |||
71 | u_int nreq; | 75 | u_int nreq; |
72 | }; | 76 | }; |
73 | 77 | ||
78 | #ifdef USE_PAM | ||
79 | void | ||
80 | remove_kbdint_device(const char *devname) | ||
81 | { | ||
82 | int i, j; | ||
83 | |||
84 | for (i = 0; devices[i] != NULL; i++) | ||
85 | if (strcmp(devices[i]->name, devname) == 0) { | ||
86 | for (j = i; devices[j] != NULL; j++) | ||
87 | devices[j] = devices[j+1]; | ||
88 | i--; | ||
89 | } | ||
90 | } | ||
91 | #endif | ||
92 | |||
74 | static KbdintAuthctxt * | 93 | static KbdintAuthctxt * |
75 | kbdint_alloc(const char *devs) | 94 | kbdint_alloc(const char *devs) |
76 | { | 95 | { |
@@ -78,6 +97,11 @@ kbdint_alloc(const char *devs) | |||
78 | Buffer b; | 97 | Buffer b; |
79 | int i; | 98 | int i; |
80 | 99 | ||
100 | #ifdef USE_PAM | ||
101 | if (!options.use_pam) | ||
102 | remove_kbdint_device("pam"); | ||
103 | #endif | ||
104 | |||
81 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); | 105 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); |
82 | if (strcmp(devs, "") == 0) { | 106 | if (strcmp(devs, "") == 0) { |
83 | buffer_init(&b); | 107 | buffer_init(&b); |
@@ -274,12 +298,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) | |||
274 | } | 298 | } |
275 | packet_check_eom(); | 299 | packet_check_eom(); |
276 | 300 | ||
277 | if (authctxt->valid) { | 301 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); |
278 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, | ||
279 | nresp, response); | ||
280 | } else { | ||
281 | res = -1; | ||
282 | } | ||
283 | 302 | ||
284 | for (i = 0; i < nresp; i++) { | 303 | for (i = 0; i < nresp; i++) { |
285 | memset(response[i], 'r', strlen(response[i])); | 304 | memset(response[i], 'r', strlen(response[i])); |
@@ -291,7 +310,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) | |||
291 | switch (res) { | 310 | switch (res) { |
292 | case 0: | 311 | case 0: |
293 | /* Success! */ | 312 | /* Success! */ |
294 | authenticated = 1; | 313 | authenticated = authctxt->valid ? 1 : 0; |
295 | break; | 314 | break; |
296 | case 1: | 315 | case 1: |
297 | /* Authentication needs further interaction */ | 316 | /* Authentication needs further interaction */ |