diff options
author | Damien Miller <djm@mindrot.org> | 1999-12-06 01:47:28 +0100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-12-06 01:47:28 +0100 |
commit | aae6c614da614eb10ced16505f35410671c95d9d (patch) | |
tree | 441e578781d38e7de4c5f609a4f86695d937e640 /auth-skey.c | |
parent | Small cleanup of PAM code (diff) | |
download | openssh-aae6c614da614eb10ced16505f35410671c95d9d.tar.xz openssh-aae6c614da614eb10ced16505f35410671c95d9d.zip |
- Merged OpenBSD CVS changes:
- [auth-krb4.c auth-passwd.c auth-skey.c ssh.
move skey-auth from auth-passwd.c to auth-s
- [auth-rsa.c]
warn only about mismatch if key is _used_
warn about keysize-mismatch with log() not
channels.c readconf.c readconf.h ssh.c ssh.
ports are u_short
- [hostfile.c]
indent, shorter warning
- [nchan.c]
use error() for internal errors
- [packet.c]
set loglevel for SSH_MSG_DISCONNECT to log(
serverloop.c
indent
- [ssh-add.1 ssh-add.c ssh.h]
document , reasonable default
- [ssh.1]
CheckHostIP is not available for connects v
- [sshconnect.c]
typo
easier to read client code for passwd and s
turn of checkhostip for proxy connects, sin
Diffstat (limited to 'auth-skey.c')
-rw-r--r-- | auth-skey.c | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/auth-skey.c b/auth-skey.c index a0d786cb2..cc5f45101 100644 --- a/auth-skey.c +++ b/auth-skey.c @@ -1,9 +1,11 @@ #include "includes.h" #ifdef SKEY -RCSID("$Id: auth-skey.c,v 1.3 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: auth-skey.c,v 1.4 1999/12/01 16:54:35 markus Exp $"); #include "ssh.h" +#include "packet.h" + #ifdef HAVE_OPENSSL #include <openssl/sha1.h> #endif @@ -13,6 +15,35 @@ RCSID("$Id: auth-skey.c,v 1.3 1999/11/23 22:25:52 markus Exp $"); /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */ +/* + * try skey authentication, + * return 1 on success, 0 on failure, -1 if skey is not available + */ + +int +auth_skey_password(struct passwd * pw, const char *password) +{ + if (strncasecmp(password, "s/key", 5) == 0) { + char *skeyinfo = skey_keyinfo(pw->pw_name); + if (skeyinfo == NULL) { + debug("generating fake skeyinfo for %.100s.", + pw->pw_name); + skeyinfo = skey_fake_keyinfo(pw->pw_name); + } + if (skeyinfo != NULL) + packet_send_debug(skeyinfo); + /* Try again. */ + return 0; + } else if (skey_haskey(pw->pw_name) == 0 && + skey_passcheck(pw->pw_name, (char *) password) != -1) { + /* Authentication succeeded. */ + return 1; + } + /* Fall back to ordinary passwd authentication. */ + return -1; +} + ++ /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */ #define ROUND(x) (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \ ((x)[3])) |