]>
Commit | Line | Data |
---|---|---|
b7ccb051 | 1 | #include "includes.h" |
2 | ||
3 | #ifdef HAVE_OSF_SIA | |
4 | #include "ssh.h" | |
ca8aba40 | 5 | #include "auth.h" |
b7ccb051 | 6 | #include "auth-sia.h" |
7 | #include "log.h" | |
8 | #include "servconf.h" | |
9 | #include "canohost.h" | |
10 | ||
11 | #include <sia.h> | |
12 | #include <siad.h> | |
13 | #include <pwd.h> | |
14 | #include <signal.h> | |
15 | #include <setjmp.h> | |
16 | #include <sys/resource.h> | |
17 | #include <unistd.h> | |
18 | #include <string.h> | |
19 | ||
20 | extern ServerOptions options; | |
21 | extern int saved_argc; | |
22 | extern char **saved_argv; | |
23 | ||
24 | extern int errno; | |
25 | ||
26 | int | |
fde58bd4 | 27 | auth_sia_password(Authctxt *authctxt, char *pass) |
b7ccb051 | 28 | { |
29 | int ret; | |
30 | SIAENTITY *ent = NULL; | |
31 | const char *host; | |
fde58bd4 | 32 | char *user = authctxt->user; |
b7ccb051 | 33 | |
983784a1 | 34 | host = get_canonical_hostname(options.verify_reverse_mapping); |
b7ccb051 | 35 | |
fde58bd4 | 36 | if (!user || !pass || pass[0] == '\0') |
b7ccb051 | 37 | return(0); |
38 | ||
39 | if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0, | |
40 | NULL) != SIASUCCESS) | |
41 | return(0); | |
42 | ||
43 | if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) { | |
65b91c76 | 44 | error("Couldn't authenticate %s from %s", user, host); |
b7ccb051 | 45 | if (ret & SIASTOP) |
46 | sia_ses_release(&ent); | |
47 | return(0); | |
48 | } | |
49 | ||
50 | sia_ses_release(&ent); | |
51 | ||
52 | return(1); | |
53 | } | |
54 | ||
55 | void | |
56 | session_setup_sia(char *user, char *tty) | |
57 | { | |
b7ccb051 | 58 | struct passwd *pw; |
59 | SIAENTITY *ent = NULL; | |
60 | const char *host; | |
61 | ||
983784a1 | 62 | host = get_canonical_hostname (options.verify_reverse_mapping); |
b7ccb051 | 63 | |
64 | if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0, | |
c96a4aaf | 65 | NULL) != SIASUCCESS) { |
65b91c76 | 66 | fatal("sia_ses_init failed"); |
c96a4aaf | 67 | } |
b7ccb051 | 68 | |
69 | if ((pw = getpwnam(user)) == NULL) { | |
70 | sia_ses_release(&ent); | |
65b91c76 | 71 | fatal("getpwnam: no user: %s", user); |
b7ccb051 | 72 | } |
73 | if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) { | |
74 | sia_ses_release(&ent); | |
65b91c76 | 75 | fatal("sia_make_entity_pwd failed"); |
b7ccb051 | 76 | } |
77 | ||
78 | ent->authtype = SIA_A_NONE; | |
c96a4aaf | 79 | if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) { |
65b91c76 | 80 | fatal("Couldn't establish session for %s from %s", user, |
b7ccb051 | 81 | host); |
c96a4aaf | 82 | } |
b7ccb051 | 83 | |
84 | if (setpriority(PRIO_PROCESS, 0, 0) == -1) { | |
85 | sia_ses_release(&ent); | |
65b91c76 | 86 | fatal("setpriority: %s", strerror (errno)); |
b7ccb051 | 87 | } |
88 | ||
c96a4aaf | 89 | if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) { |
65b91c76 | 90 | fatal("Couldn't launch session for %s from %s", user, host); |
c96a4aaf | 91 | } |
b7ccb051 | 92 | |
93 | sia_ses_release(&ent); | |
94 | ||
c96a4aaf | 95 | if (setreuid(geteuid(), geteuid()) < 0) { |
65b91c76 | 96 | fatal("setreuid: %s", strerror(errno)); |
c96a4aaf | 97 | } |
b7ccb051 | 98 | } |
99 | ||
100 | #endif /* HAVE_OSF_SIA */ |