*/
#include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.1 2000/04/26 21:28:32 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.2 2000/04/29 18:11:52 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
#include "auth.h"
#include "session.h"
+#ifdef HAVE_OSF_SIA
+# include <sia.h>
+# include <siad.h>
+#endif
+
/* import */
extern ServerOptions options;
extern char *forced_command;
+#ifdef HAVE_OSF_SIA
+extern int saved_argc;
+extern char **saved_argv;
+#endif /* HAVE_OSF_SIA */
/*
* convert ssh auth msg type into description
get_remote_port());
#ifdef WITH_AIXAUTHENTICATE
- if (strncmp(get_authname(type),"password",
- strlen(get_authname(type))) == 0)
- loginfailed(pw->pw_name,get_canonical_hostname(),"ssh");
+ loginfailed(user,get_canonical_hostname(),"ssh");
#endif /* WITH_AIXAUTHENTICATE */
/* Indicate that authentication is needed. */
packet_get_bignum(client_host_key->n, &nlen);
if (bits != BN_num_bits(client_host_key->n))
- error("Warning: keysize mismatch for client_host_key: "
- "actual %d, announced %d", BN_num_bits(client_host_key->n), bits);
+ log("Warning: keysize mismatch for client_host_key: "
+ "actual %d, announced %d", BN_num_bits(client_host_key->n), bits);
packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
authenticated = auth_rhosts_rsa(pw, client_user, client_host_key);
#ifdef USE_PAM
/* Do PAM auth with password */
authenticated = auth_pam_password(pw, password);
-#else /* USE_PAM */
+#elif defined(HAVE_OSF_SIA)
+ /* Do SIA auth with password */
+ if (sia_validate_user(NULL, saved_argc, saved_argv,
+ get_canonical_hostname(), pw->pw_name, NULL, 0,
+ NULL, password) == SIASUCCESS) {
+ authenticated = 1;
+ }
+#else /* !USE_PAM && !HAVE_OSF_SIA */
/* Try authentication with the password. */
authenticated = auth_password(pw, password);
#endif /* USE_PAM */
client_user = NULL;
}
- if (attempt > AUTH_FAIL_MAX)
+ if (attempt > AUTH_FAIL_MAX) {
+#ifdef WITH_AIXAUTHENTICATE
+ loginfailed(pw->pw_name,get_canonical_hostname(),"ssh");
+#endif /* WITH_AIXAUTHENTICATE */
packet_disconnect(AUTH_FAIL_MSG, pw->pw_name);
+ }
/* Send a message indicating that the authentication attempt failed. */
packet_start(SSH_SMSG_FAILURE);
unsigned int ulen;
char *user;
#ifdef WITH_AIXAUTHENTICATE
- char *loginmsg;
+ extern char *aixloginmsg;
#endif /* WITH_AIXAUTHENTICATE */
/* Get the name of the user that we wish to log in as. */
#endif /* KRB4 */
#ifdef USE_PAM
auth_pam_password(pw, "")) {
-#else /* USE_PAM */
+#elif defined(HAVE_OSF_SIA)
+ (sia_validate_user(NULL, saved_argc, saved_argv,
+ get_canonical_hostname(), pw->pw_name, NULL, 0, NULL,
+ "") == SIASUCCESS)) {
+#else /* !HAVE_OSF_SIA && !USE_PAM */
auth_password(pw, "")) {
#endif /* USE_PAM */
/* Authentication with empty password succeeded. */
/* The user has been authenticated and accepted. */
#ifdef WITH_AIXAUTHENTICATE
- loginsuccess(user,get_canonical_hostname(),"ssh",&loginmsg);
+ /* We don't have a pty yet, so just label the line as "ssh" */
+ if (loginsuccess(user,get_canonical_hostname(),"ssh",&aixloginmsg) < 0)
+ aixloginmsg = NULL;
#endif /* WITH_AIXAUTHENTICATE */
packet_start(SSH_SMSG_SUCCESS);
packet_send();