X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/5156b1a1fca465f5acd9a09f208d610a64ec2ab3..22ce3a3becb01f9487f7fa12b859100c162e231c:/openssh/auth2.c diff --git a/openssh/auth2.c b/openssh/auth2.c index a7553ce..f4ab7f4 100644 --- a/openssh/auth2.c +++ b/openssh/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.119 2008/07/04 23:30:16 djm Exp $ */ +/* $OpenBSD: auth2.c,v 1.121 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -35,8 +35,8 @@ #include #include -#include "xmalloc.h" #include "atomicio.h" +#include "xmalloc.h" #include "ssh2.h" #include "packet.h" #include "log.h" @@ -70,10 +70,11 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; #ifdef GSSAPI -extern Authmethod method_external; extern Authmethod method_gsskeyex; extern Authmethod method_gssapi; -extern Authmethod method_gssapi_compat; +#endif +#ifdef JPAKE +extern Authmethod method_jpake; #endif static int log_flag = 0; @@ -84,9 +85,10 @@ Authmethod *authmethods[] = { &method_pubkey, #ifdef GSSAPI &method_gsskeyex, - &method_external, &method_gssapi, - &method_gssapi_compat, +#endif +#ifdef JPAKE + &method_jpake, #endif &method_passwd, &method_kbdint, @@ -232,8 +234,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) #ifdef GSSAPI if (user[0] == '\0') { debug("received empty username for %s", method); - if (strcmp(method, "external-keyx") == 0 || - strcmp(method, "gssapi-keyex") == 0) { + if (strcmp(method, "gssapi-keyex") == 0) { char *lname = NULL; PRIVSEP(ssh_gssapi_localname(&lname)); if (lname && lname[0] != '\0') { @@ -252,7 +253,8 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) user[0] ? user : "", service, method); if (!log_flag) { logit("SSH: Server;Ltype: Authname;Remote: %s-%d;Name: %s", - get_remote_ipaddr(), get_remote_port(), user); + get_remote_ipaddr(), get_remote_port(), + user[0] ? user : ""); log_flag = 1; } debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); @@ -319,8 +321,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) } /* reset state */ auth2_challenge_stop(authctxt); +#ifdef JPAKE + auth2_jpake_stop(authctxt); +#endif #ifdef GSSAPI + /* XXX move to auth2_gssapi_stop() */ dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); #endif @@ -400,7 +406,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) /* Dont count server configuration issues against the client */ /* Allow initial try of "none" auth without failure penalty */ if (!authctxt->server_caused_failure && - (authctxt->attempt > 1 || strcmp(method, "none") != 0)) + (authctxt->attempt > 1 || strcmp(method, "none") != 0)) authctxt->failures++; if (authctxt->failures >= options.max_authtries) { #ifdef SSH_AUDIT_EVENTS