- dtucker@cvs.openbsd.org 2009/11/10 04:30:45

[openssh.git] / auth-sia.c

diff --git a/auth-sia.c b/auth-sia.c
index 5c9b3f5de24bfc694baf735230429f964987d486..a9e1c258ca61ec6c302e962aa1de2c8eda4d85dd 100644 (file)
--- a/auth-sia.c
+++ b/auth-sia.c
@@ -25,13 +25,6 @@
 #include "includes.h"
 
 #ifdef HAVE_OSF_SIA
-#include "ssh.h"
-#include "auth.h"
-#include "auth-sia.h"
-#include "log.h"
-#include "servconf.h"
-#include "canohost.h"
-
 #include <sia.h>
 #include <siad.h>
 #include <pwd.h>
@@ -39,39 +32,51 @@
 #include <setjmp.h>
 #include <sys/resource.h>
 #include <unistd.h>
+#include <stdarg.h>
 #include <string.h>
 
+#include "ssh.h"
+#include "key.h"
+#include "hostfile.h"
+#include "auth.h"
+#include "auth-sia.h"
+#include "log.h"
+#include "servconf.h"
+#include "canohost.h"
+#include "uidswap.h"
+
 extern ServerOptions options;
 extern int saved_argc;
 extern char **saved_argv;
 
 int
-auth_sia_password(Authctxt *authctxt, char *pass)
+sys_auth_passwd(Authctxt *authctxt, const char *pass)
 {
        int ret;
        SIAENTITY *ent = NULL;
        const char *host;
 
-       host = get_canonical_hostname(options.verify_reverse_mapping);
+       host = get_canonical_hostname(options.use_dns);
 
-       if (!authctxt->user || !pass || pass[0] == '\0')
-               return(0);
+       if (!authctxt->user || pass == NULL || pass[0] == '\0')
+               return (0);
 
        if (sia_ses_init(&ent, saved_argc, saved_argv, host, authctxt->user,
            NULL, 0, NULL) != SIASUCCESS)
-               return(0);
+               return (0);
 
        if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
-               error("Couldn't authenticate %s from %s", authctxt->user,
-                   host);
+               error("Couldn't authenticate %s from %s",
+                   authctxt->user, host);
                if (ret & SIASTOP)
                        sia_ses_release(&ent);
-               return(0);
+
+               return (0);
        }
 
        sia_ses_release(&ent);
 
-       return(1);
+       return (1);
 }
 
 void
@@ -80,10 +85,10 @@ session_setup_sia(struct passwd *pw, char *tty)
        SIAENTITY *ent = NULL;
        const char *host;
 
-       host = get_canonical_hostname(options.verify_reverse_mapping);
+       host = get_canonical_hostname(options.use_dns);
 
-       if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name, tty,
-           0, NULL) != SIASUCCESS)
+       if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name,
+           tty, 0, NULL) != SIASUCCESS)
                fatal("sia_ses_init failed");
 
        if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
@@ -97,13 +102,13 @@ session_setup_sia(struct passwd *pw, char *tty)
                    pw->pw_name, host);
 
        if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS)
-               fatal("Couldn't launch session for %s from %s", pw->pw_name,
-                   host);
-       
+               fatal("Couldn't launch session for %s from %s",
+                   pw->pw_name, host);
+
        sia_ses_release(&ent);
 
-       if (setreuid(geteuid(), geteuid()) < 0)
-               fatal("setreuid: %s", strerror(errno));
+       setuid(0);
+       permanently_set_uid(pw);
 }
 
 #endif /* HAVE_OSF_SIA */