diff options
Diffstat (limited to 'monitor_wrap.c')
| -rw-r--r-- | monitor_wrap.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c index eaf0a1294..11e3a6956 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor_wrap.c,v 1.87 2016/01/14 16:17:40 markus Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.88 2016/03/07 19:02:43 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -60,6 +60,7 @@ | |||
| 60 | #include "packet.h" | 60 | #include "packet.h" |
| 61 | #include "mac.h" | 61 | #include "mac.h" |
| 62 | #include "log.h" | 62 | #include "log.h" |
| 63 | #include "auth-pam.h" | ||
| 63 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ | 64 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ |
| 64 | #undef TARGET_OS_MAC | 65 | #undef TARGET_OS_MAC |
| 65 | #include "zlib.h" | 66 | #include "zlib.h" |
| @@ -380,6 +381,9 @@ mm_auth_password(Authctxt *authctxt, char *password) | |||
| 380 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); | 381 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); |
| 381 | 382 | ||
| 382 | authenticated = buffer_get_int(&m); | 383 | authenticated = buffer_get_int(&m); |
| 384 | #ifdef USE_PAM | ||
| 385 | sshpam_set_maxtries_reached(buffer_get_int(&m)); | ||
| 386 | #endif | ||
| 383 | 387 | ||
| 384 | buffer_free(&m); | 388 | buffer_free(&m); |
| 385 | 389 | ||
| @@ -396,15 +400,15 @@ mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt) | |||
| 396 | } | 400 | } |
| 397 | 401 | ||
| 398 | int | 402 | int |
| 399 | mm_hostbased_key_allowed(struct passwd *pw, char *user, char *host, | 403 | mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, |
| 400 | Key *key) | 404 | Key *key) |
| 401 | { | 405 | { |
| 402 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); | 406 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); |
| 403 | } | 407 | } |
| 404 | 408 | ||
| 405 | int | 409 | int |
| 406 | mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user, | 410 | mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, const char *user, |
| 407 | char *host, Key *key) | 411 | const char *host, Key *key) |
| 408 | { | 412 | { |
| 409 | int ret; | 413 | int ret; |
| 410 | 414 | ||
| @@ -415,8 +419,8 @@ mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user, | |||
| 415 | } | 419 | } |
| 416 | 420 | ||
| 417 | int | 421 | int |
| 418 | mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key, | 422 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, |
| 419 | int pubkey_auth_attempt) | 423 | Key *key, int pubkey_auth_attempt) |
| 420 | { | 424 | { |
| 421 | Buffer m; | 425 | Buffer m; |
| 422 | u_char *blob; | 426 | u_char *blob; |
| @@ -662,6 +666,7 @@ mm_sshpam_query(void *ctx, char **name, char **info, | |||
| 662 | debug3("%s: pam_query returned %d", __func__, ret); | 666 | debug3("%s: pam_query returned %d", __func__, ret); |
| 663 | *name = buffer_get_string(&m, NULL); | 667 | *name = buffer_get_string(&m, NULL); |
| 664 | *info = buffer_get_string(&m, NULL); | 668 | *info = buffer_get_string(&m, NULL); |
| 669 | sshpam_set_maxtries_reached(buffer_get_int(&m)); | ||
| 665 | *num = buffer_get_int(&m); | 670 | *num = buffer_get_int(&m); |
| 666 | if (*num > PAM_MAX_NUM_MSG) | 671 | if (*num > PAM_MAX_NUM_MSG) |
| 667 | fatal("%s: recieved %u PAM messages, expected <= %u", | 672 | fatal("%s: recieved %u PAM messages, expected <= %u", |