summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c20
1 files changed, 19 insertions, 1 deletions
diff --git a/monitor.c b/monitor.c
index b255f273f..2dfe0c41e 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.163 2016/08/19 03:18:06 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.164 2016/08/30 07:50:21 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -844,6 +844,8 @@ mm_answer_authpassword(int sock, Buffer *m)
844 int authenticated; 844 int authenticated;
845 u_int plen; 845 u_int plen;
846 846
847 if (!options.password_authentication)
848 fatal("%s: password authentication not enabled", __func__);
847 passwd = buffer_get_string(m, &plen); 849 passwd = buffer_get_string(m, &plen);
848 /* Only authenticate if the context is valid */ 850 /* Only authenticate if the context is valid */
849 authenticated = options.password_authentication && 851 authenticated = options.password_authentication &&
@@ -880,6 +882,8 @@ mm_answer_bsdauthquery(int sock, Buffer *m)
880 char **prompts; 882 char **prompts;
881 u_int success; 883 u_int success;
882 884
885 if (!options.kbd_interactive_authentication)
886 fatal("%s: kbd-int authentication not enabled", __func__);
883 success = bsdauth_query(authctxt, &name, &infotxt, &numprompts, 887 success = bsdauth_query(authctxt, &name, &infotxt, &numprompts,
884 &prompts, &echo_on) < 0 ? 0 : 1; 888 &prompts, &echo_on) < 0 ? 0 : 1;
885 889
@@ -907,6 +911,8 @@ mm_answer_bsdauthrespond(int sock, Buffer *m)
907 char *response; 911 char *response;
908 int authok; 912 int authok;
909 913
914 if (!options.kbd_interactive_authentication)
915 fatal("%s: kbd-int authentication not enabled", __func__);
910 if (authctxt->as == NULL) 916 if (authctxt->as == NULL)
911 fatal("%s: no bsd auth session", __func__); 917 fatal("%s: no bsd auth session", __func__);
912 918
@@ -1716,6 +1722,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
1716 OM_uint32 major; 1722 OM_uint32 major;
1717 u_int len; 1723 u_int len;
1718 1724
1725 if (!options.gss_authentication)
1726 fatal("%s: GSSAPI authentication not enabled", __func__);
1727
1719 goid.elements = buffer_get_string(m, &len); 1728 goid.elements = buffer_get_string(m, &len);
1720 goid.length = len; 1729 goid.length = len;
1721 1730
@@ -1743,6 +1752,9 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
1743 OM_uint32 flags = 0; /* GSI needs this */ 1752 OM_uint32 flags = 0; /* GSI needs this */
1744 u_int len; 1753 u_int len;
1745 1754
1755 if (!options.gss_authentication)
1756 fatal("%s: GSSAPI authentication not enabled", __func__);
1757
1746 in.value = buffer_get_string(m, &len); 1758 in.value = buffer_get_string(m, &len);
1747 in.length = len; 1759 in.length = len;
1748 major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); 1760 major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
@@ -1771,6 +1783,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m)
1771 OM_uint32 ret; 1783 OM_uint32 ret;
1772 u_int len; 1784 u_int len;
1773 1785
1786 if (!options.gss_authentication)
1787 fatal("%s: GSSAPI authentication not enabled", __func__);
1788
1774 gssbuf.value = buffer_get_string(m, &len); 1789 gssbuf.value = buffer_get_string(m, &len);
1775 gssbuf.length = len; 1790 gssbuf.length = len;
1776 mic.value = buffer_get_string(m, &len); 1791 mic.value = buffer_get_string(m, &len);
@@ -1797,6 +1812,9 @@ mm_answer_gss_userok(int sock, Buffer *m)
1797{ 1812{
1798 int authenticated; 1813 int authenticated;
1799 1814
1815 if (!options.gss_authentication)
1816 fatal("%s: GSSAPI authentication not enabled", __func__);
1817
1800 authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); 1818 authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user);
1801 1819
1802 buffer_clear(m); 1820 buffer_clear(m);