X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/2b87da3b1fb7c5ca907cb65aa048fada4ad29803..b8dc87d3feda0eb7c5f8dc5a13ae8442951e8044:/auth1.c

diff --git a/auth1.c b/auth1.c
index 1feedc9a..4d623717 100644
--- a/auth1.c
+++ b/auth1.c
@@ -10,12 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.14 2001/01/22 23:06:39 markus Exp $");
-
-#ifdef HAVE_OSF_SIA
-# include <sia.h>
-# include <siad.h>
-#endif
+RCSID("$OpenBSD: auth1.c,v 1.18 2001/02/22 21:59:43 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -28,6 +23,7 @@ RCSID("$OpenBSD: auth1.c,v 1.14 2001/01/22 23:06:39 markus Exp $");
 #include "compat.h"
 #include "auth.h"
 #include "session.h"
+#include "misc.h"
 
 /* import */
 extern ServerOptions options;
@@ -36,10 +32,6 @@ extern char *forced_command;
 #ifdef WITH_AIXAUTHENTICATE
 extern char *aixloginmsg;
 #endif /* WITH_AIXAUTHENTICATE */
-#ifdef HAVE_OSF_SIA
-extern int saved_argc;
-extern char **saved_argv;
-#endif /* HAVE_OSF_SIA */
 
 /*
  * convert ssh auth msg type into description
@@ -97,9 +89,11 @@ do_authloop(Authctxt *authctxt)
 	    (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
 #endif
 #ifdef USE_PAM
-	    auth_pam_password(pw, password)) {
+	    auth_pam_password(pw, "")) {
+#elif defined(HAVE_OSF_SIA)
+	    0) {
 #else
-	    auth_password(pw, "")) {
+	    auth_password(authctxt, "")) {
 #endif
 		auth_log(authctxt, 1, "without authentication", "");
 		return;
@@ -265,14 +259,11 @@ do_authloop(Authctxt *authctxt)
 			authenticated = auth_pam_password(pw, password);
 #elif defined(HAVE_OSF_SIA)
 			/* Do SIA auth with password */
-			if (sia_validate_user(NULL, saved_argc, saved_argv,
-			    get_canonical_hostname(options.reverse_mapping_check),
-			    pw->pw_name, NULL, 0, NULL, password) == SIASUCCESS) {
-				authenticated = 1;
-			}
+			authenticated = auth_sia_password(authctxt->user, 
+			    password);
 #else /* !USE_PAM && !HAVE_OSF_SIA */
 			/* Try authentication with the password. */
-			authenticated = auth_password(pw, password);
+			authenticated = auth_password(authctxt, password);
 #endif /* USE_PAM */
 
 			memset(password, 0, strlen(password));
@@ -313,6 +304,12 @@ do_authloop(Authctxt *authctxt)
 			log("Unknown message during authentication: type %d", type);
 			break;
 		}
+#ifdef BSD_AUTH
+		if (authctxt->as) {
+			auth_close(authctxt->as);
+			authctxt->as = NULL;
+		}
+#endif
 		if (!authctxt->valid && authenticated)
 			fatal("INTERNAL ERROR: authenticated invalid user %s",
 			    authctxt->user);
@@ -326,7 +323,8 @@ do_authloop(Authctxt *authctxt)
 		}
 #else
 		/* Special handling for root */
-		if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed())
+		if (authenticated && authctxt->pw->pw_uid == 0 &&
+		    !auth_root_allowed(get_authname(type)))
 			authenticated = 0;
 #endif
 #ifdef USE_PAM
@@ -387,16 +385,6 @@ do_authentication()
 	authctxt->user = user;
 	authctxt->style = style;
 
-	setproctitle("%s", user);
-
-#ifdef AFS
-	/* If machine has AFS, set process authentication group. */
-	if (k_hasafs()) {
-		k_setpag();
-		k_unlog();
-	}
-#endif /* AFS */
-
 	/* Verify that the user is a valid user. */
 	pw = getpwnam(user);
 	if (pw && allowed_user(pw)) {
@@ -408,6 +396,8 @@ do_authentication()
 	}
 	authctxt->pw = pw;
 
+	setproctitle("%s", pw ? user : "unknown");
+
 #ifdef USE_PAM
 	if (pw)
 		start_pam(user);