diff options
Diffstat (limited to 'auth2-chall.c')
| -rw-r--r-- | auth2-chall.c | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/auth2-chall.c b/auth2-chall.c index 486baaaa3..384a543ee 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
| @@ -23,7 +23,7 @@ | |||
| 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 24 | */ | 24 | */ |
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $"); | 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); |
| 27 | 27 | ||
| 28 | #include "ssh2.h" | 28 | #include "ssh2.h" |
| 29 | #include "auth.h" | 29 | #include "auth.h" |
| @@ -32,6 +32,10 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $"); | |||
| 32 | #include "xmalloc.h" | 32 | #include "xmalloc.h" |
| 33 | #include "dispatch.h" | 33 | #include "dispatch.h" |
| 34 | #include "log.h" | 34 | #include "log.h" |
| 35 | #include "servconf.h" | ||
| 36 | |||
| 37 | /* import */ | ||
| 38 | extern ServerOptions options; | ||
| 35 | 39 | ||
| 36 | static int auth2_challenge_start(Authctxt *); | 40 | static int auth2_challenge_start(Authctxt *); |
| 37 | static int send_userauth_info_request(Authctxt *); | 41 | static int send_userauth_info_request(Authctxt *); |
| @@ -71,6 +75,21 @@ struct KbdintAuthctxt | |||
| 71 | u_int nreq; | 75 | u_int nreq; |
| 72 | }; | 76 | }; |
| 73 | 77 | ||
| 78 | #ifdef USE_PAM | ||
| 79 | void | ||
| 80 | remove_kbdint_device(const char *devname) | ||
| 81 | { | ||
| 82 | int i, j; | ||
| 83 | |||
| 84 | for (i = 0; devices[i] != NULL; i++) | ||
| 85 | if (strcmp(devices[i]->name, devname) == 0) { | ||
| 86 | for (j = i; devices[j] != NULL; j++) | ||
| 87 | devices[j] = devices[j+1]; | ||
| 88 | i--; | ||
| 89 | } | ||
| 90 | } | ||
| 91 | #endif | ||
| 92 | |||
| 74 | static KbdintAuthctxt * | 93 | static KbdintAuthctxt * |
| 75 | kbdint_alloc(const char *devs) | 94 | kbdint_alloc(const char *devs) |
| 76 | { | 95 | { |
| @@ -78,6 +97,11 @@ kbdint_alloc(const char *devs) | |||
| 78 | Buffer b; | 97 | Buffer b; |
| 79 | int i; | 98 | int i; |
| 80 | 99 | ||
| 100 | #ifdef USE_PAM | ||
| 101 | if (!options.use_pam) | ||
| 102 | remove_kbdint_device("pam"); | ||
| 103 | #endif | ||
| 104 | |||
| 81 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); | 105 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); |
| 82 | if (strcmp(devs, "") == 0) { | 106 | if (strcmp(devs, "") == 0) { |
| 83 | buffer_init(&b); | 107 | buffer_init(&b); |
| @@ -274,12 +298,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) | |||
| 274 | } | 298 | } |
| 275 | packet_check_eom(); | 299 | packet_check_eom(); |
| 276 | 300 | ||
| 277 | if (authctxt->valid) { | 301 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); |
| 278 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, | ||
| 279 | nresp, response); | ||
| 280 | } else { | ||
| 281 | res = -1; | ||
| 282 | } | ||
| 283 | 302 | ||
| 284 | for (i = 0; i < nresp; i++) { | 303 | for (i = 0; i < nresp; i++) { |
| 285 | memset(response[i], 'r', strlen(response[i])); | 304 | memset(response[i], 'r', strlen(response[i])); |
| @@ -291,7 +310,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) | |||
| 291 | switch (res) { | 310 | switch (res) { |
| 292 | case 0: | 311 | case 0: |
| 293 | /* Success! */ | 312 | /* Success! */ |
| 294 | authenticated = 1; | 313 | authenticated = authctxt->valid ? 1 : 0; |
| 295 | break; | 314 | break; |
| 296 | case 1: | 315 | case 1: |
| 297 | /* Authentication needs further interaction */ | 316 | /* Authentication needs further interaction */ |