*/
#include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.14 2001/01/22 23:06:39 markus Exp $");
-
-#ifdef HAVE_OSF_SIA
-# include <sia.h>
-# include <siad.h>
-#endif
+RCSID("$OpenBSD: auth1.c,v 1.18 2001/02/22 21:59:43 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
#include "compat.h"
#include "auth.h"
#include "session.h"
+#include "misc.h"
/* import */
extern ServerOptions options;
#ifdef WITH_AIXAUTHENTICATE
extern char *aixloginmsg;
#endif /* WITH_AIXAUTHENTICATE */
-#ifdef HAVE_OSF_SIA
-extern int saved_argc;
-extern char **saved_argv;
-#endif /* HAVE_OSF_SIA */
/*
* convert ssh auth msg type into description
(!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
#endif
#ifdef USE_PAM
- auth_pam_password(pw, password)) {
+ auth_pam_password(pw, "")) {
+#elif defined(HAVE_OSF_SIA)
+ 0) {
#else
- auth_password(pw, "")) {
+ auth_password(authctxt, "")) {
#endif
auth_log(authctxt, 1, "without authentication", "");
return;
authenticated = auth_pam_password(pw, password);
#elif defined(HAVE_OSF_SIA)
/* Do SIA auth with password */
- if (sia_validate_user(NULL, saved_argc, saved_argv,
- get_canonical_hostname(options.reverse_mapping_check),
- pw->pw_name, NULL, 0, NULL, password) == SIASUCCESS) {
- authenticated = 1;
- }
+ authenticated = auth_sia_password(authctxt->user,
+ password);
#else /* !USE_PAM && !HAVE_OSF_SIA */
/* Try authentication with the password. */
- authenticated = auth_password(pw, password);
+ authenticated = auth_password(authctxt, password);
#endif /* USE_PAM */
memset(password, 0, strlen(password));
log("Unknown message during authentication: type %d", type);
break;
}
+#ifdef BSD_AUTH
+ if (authctxt->as) {
+ auth_close(authctxt->as);
+ authctxt->as = NULL;
+ }
+#endif
if (!authctxt->valid && authenticated)
fatal("INTERNAL ERROR: authenticated invalid user %s",
authctxt->user);
}
#else
/* Special handling for root */
- if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed())
+ if (authenticated && authctxt->pw->pw_uid == 0 &&
+ !auth_root_allowed(get_authname(type)))
authenticated = 0;
#endif
#ifdef USE_PAM
authctxt->user = user;
authctxt->style = style;
- setproctitle("%s", user);
-
-#ifdef AFS
- /* If machine has AFS, set process authentication group. */
- if (k_hasafs()) {
- k_setpag();
- k_unlog();
- }
-#endif /* AFS */
-
/* Verify that the user is a valid user. */
pw = getpwnam(user);
if (pw && allowed_user(pw)) {
}
authctxt->pw = pw;
+ setproctitle("%s", pw ? user : "unknown");
+
#ifdef USE_PAM
if (pw)
start_pam(user);