diff options
Diffstat (limited to 'monitor_wrap.c')
| -rw-r--r-- | monitor_wrap.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c index c5db6df48..99dc13b61 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor_wrap.c,v 1.87 2016/01/14 16:17:40 markus Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.88 2016/03/07 19:02:43 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -60,6 +60,7 @@ | |||
| 60 | #include "packet.h" | 60 | #include "packet.h" |
| 61 | #include "mac.h" | 61 | #include "mac.h" |
| 62 | #include "log.h" | 62 | #include "log.h" |
| 63 | #include "auth-pam.h" | ||
| 63 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ | 64 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ |
| 64 | #undef TARGET_OS_MAC | 65 | #undef TARGET_OS_MAC |
| 65 | #include "zlib.h" | 66 | #include "zlib.h" |
| @@ -362,6 +363,9 @@ mm_auth_password(Authctxt *authctxt, char *password) | |||
| 362 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); | 363 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); |
| 363 | 364 | ||
| 364 | authenticated = buffer_get_int(&m); | 365 | authenticated = buffer_get_int(&m); |
| 366 | #ifdef USE_PAM | ||
| 367 | sshpam_set_maxtries_reached(buffer_get_int(&m)); | ||
| 368 | #endif | ||
| 365 | 369 | ||
| 366 | buffer_free(&m); | 370 | buffer_free(&m); |
| 367 | 371 | ||
| @@ -378,15 +382,15 @@ mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt) | |||
| 378 | } | 382 | } |
| 379 | 383 | ||
| 380 | int | 384 | int |
| 381 | mm_hostbased_key_allowed(struct passwd *pw, char *user, char *host, | 385 | mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, |
| 382 | Key *key) | 386 | Key *key) |
| 383 | { | 387 | { |
| 384 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); | 388 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); |
| 385 | } | 389 | } |
| 386 | 390 | ||
| 387 | int | 391 | int |
| 388 | mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user, | 392 | mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, const char *user, |
| 389 | char *host, Key *key) | 393 | const char *host, Key *key) |
| 390 | { | 394 | { |
| 391 | int ret; | 395 | int ret; |
| 392 | 396 | ||
| @@ -397,8 +401,8 @@ mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user, | |||
| 397 | } | 401 | } |
| 398 | 402 | ||
| 399 | int | 403 | int |
| 400 | mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key, | 404 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, |
| 401 | int pubkey_auth_attempt) | 405 | Key *key, int pubkey_auth_attempt) |
| 402 | { | 406 | { |
| 403 | Buffer m; | 407 | Buffer m; |
| 404 | u_char *blob; | 408 | u_char *blob; |
| @@ -644,6 +648,7 @@ mm_sshpam_query(void *ctx, char **name, char **info, | |||
| 644 | debug3("%s: pam_query returned %d", __func__, ret); | 648 | debug3("%s: pam_query returned %d", __func__, ret); |
| 645 | *name = buffer_get_string(&m, NULL); | 649 | *name = buffer_get_string(&m, NULL); |
| 646 | *info = buffer_get_string(&m, NULL); | 650 | *info = buffer_get_string(&m, NULL); |
| 651 | sshpam_set_maxtries_reached(buffer_get_int(&m)); | ||
| 647 | *num = buffer_get_int(&m); | 652 | *num = buffer_get_int(&m); |
| 648 | if (*num > PAM_MAX_NUM_MSG) | 653 | if (*num > PAM_MAX_NUM_MSG) |
| 649 | fatal("%s: recieved %u PAM messages, expected <= %u", | 654 | fatal("%s: recieved %u PAM messages, expected <= %u", |