auth-sia.c

   1 #include "includes.h"
   2
   3 #ifdef HAVE_OSF_SIA
   4 #include "ssh.h"
   5 #include "auth.h"
   6 #include "auth-sia.h"
   7 #include "log.h"
   8 #include "servconf.h"
   9 #include "canohost.h"
  10
  11 #include <sia.h>
  12 #include <siad.h>
  13 #include <pwd.h>
  14 #include <signal.h>
  15 #include <setjmp.h>
  16 #include <sys/resource.h>
  17 #include <unistd.h>
  18 #include <string.h>
  19
  20 extern ServerOptions options;
  21 extern int saved_argc;
  22 extern char **saved_argv;
  23
  24 extern int errno;
  25
  26 int
  27 auth_sia_password(Authctxt *authctxt, char *pass)
  28 {
  29         int ret;
  30         SIAENTITY *ent = NULL;
  31         const char *host;
  32         char *user = authctxt->user;
  33
  34         host = get_canonical_hostname(options.verify_reverse_mapping);
  35
  36         if (!user || !pass || pass[0] == '\0')
  37                 return(0);
  38
  39         if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0,
  40             NULL) != SIASUCCESS)
  41                 return(0);
  42
  43         if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
  44                 error("Couldn't authenticate %s from %s", user, host);
  45                 if (ret & SIASTOP)
  46                         sia_ses_release(&ent);
  47                 return(0);
  48         }
  49
  50         sia_ses_release(&ent);
  51
  52         return(1);
  53 }
  54
  55 void
  56 session_setup_sia(char *user, char *tty)
  57 {
  58         struct passwd *pw;
  59         SIAENTITY *ent = NULL;
  60         const char *host;
  61
  62         host = get_canonical_hostname (options.verify_reverse_mapping);
  63
  64         if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0,
  65             NULL) != SIASUCCESS) {
  66                 fatal("sia_ses_init failed");
  67         }
  68
  69         if ((pw = getpwnam(user)) == NULL) {
  70                 sia_ses_release(&ent);
  71                 fatal("getpwnam: no user: %s", user);
  72         }
  73         if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
  74                 sia_ses_release(&ent);
  75                 fatal("sia_make_entity_pwd failed");
  76         }
  77
  78         ent->authtype = SIA_A_NONE;
  79         if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) {
  80                 fatal("Couldn't establish session for %s from %s", user,
  81                     host);
  82         }
  83
  84         if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
  85                 sia_ses_release(&ent);
  86                 fatal("setpriority: %s", strerror (errno));
  87         }
  88
  89         if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) {
  90                 fatal("Couldn't launch session for %s from %s", user, host);
  91         }
  92
  93         sia_ses_release(&ent);
  94
  95         if (setreuid(geteuid(), geteuid()) < 0) {
  96                 fatal("setreuid: %s", strerror(errno));
  97         }
  98 }
  99
 100 #endif /* HAVE_OSF_SIA */