auth-sia.c

   1 #include "includes.h"
   2
   3 #ifdef HAVE_OSF_SIA
   4 #include "ssh.h"
   5 #include "auth-sia.h"
   6 #include "log.h"
   7 #include "servconf.h"
   8 #include "canohost.h"
   9 #include "auth.h"
  10
  11 #include <sia.h>
  12 #include <siad.h>
  13 #include <pwd.h>
  14 #include <signal.h>
  15 #include <setjmp.h>
  16 #include <sys/resource.h>
  17 #include <unistd.h>
  18 #include <string.h>
  19
  20 extern ServerOptions options;
  21 extern int saved_argc;
  22 extern char **saved_argv;
  23
  24 extern int errno;
  25
  26 int
  27 auth_sia_password(Authctxt *authctxt, char *pass)
  28 {
  29         int ret;
  30         SIAENTITY *ent = NULL;
  31         const char *host;
  32         char *user = authctxt->user;
  33
  34         host = get_canonical_hostname(options.verify_reverse_mapping);
  35
  36         if (!user || !pass || pass[0] == '\0')
  37                 return(0);
  38
  39         if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0,
  40             NULL) != SIASUCCESS)
  41                 return(0);
  42
  43         if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
  44                 error("couldn't authenticate %s from %s", user, host);
  45                 if (ret & SIASTOP)
  46                         sia_ses_release(&ent);
  47                 return(0);
  48         }
  49
  50         sia_ses_release(&ent);
  51
  52         return(1);
  53 }
  54
  55 void
  56 session_setup_sia(char *user, char *tty)
  57 {
  58         int ret;
  59         struct passwd *pw;
  60         SIAENTITY *ent = NULL;
  61         const char *host;
  62
  63         host = get_canonical_hostname (options.verify_reverse_mapping);
  64
  65         if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0,
  66             NULL) != SIASUCCESS) {
  67                 error("sia_ses_init failed");
  68                 exit(1);
  69         }
  70
  71         if ((pw = getpwnam(user)) == NULL) {
  72                 sia_ses_release(&ent);
  73                 error("getpwnam(%s) failed: %s", user, strerror(errno));
  74                 exit(1);
  75         }
  76         if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
  77                 sia_ses_release(&ent);
  78                 error("sia_make_entity_pwd failed");
  79                 exit(1);
  80         }
  81
  82         ent->authtype = SIA_A_NONE;
  83         if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) {
  84                 error("couldn't establish session for %s from %s", user,
  85                     host);
  86                 exit(1);
  87         }
  88
  89         if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
  90                 sia_ses_release(&ent);
  91                 error("setpriority failed: %s", strerror (errno));
  92                 exit(1);
  93         }
  94
  95         if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) {
  96                 error("couldn't launch session for %s from %s", user, host);
  97                 exit(1);
  98         }
  99
 100         sia_ses_release(&ent);
 101
 102         if (setreuid(geteuid(), geteuid()) < 0) {
 103                 error("setreuid failed: %s", strerror (errno));
 104                 exit(1);
 105         }
 106 }
 107
 108 #endif /* HAVE_OSF_SIA */
 109