summaryrefslogtreecommitdiffstats
path: root/auth-skey.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>1999-12-06 01:47:28 +0100
committerDamien Miller <djm@mindrot.org>1999-12-06 01:47:28 +0100
commitaae6c614da614eb10ced16505f35410671c95d9d (patch)
tree441e578781d38e7de4c5f609a4f86695d937e640 /auth-skey.c
parentSmall cleanup of PAM code (diff)
downloadopenssh-aae6c614da614eb10ced16505f35410671c95d9d.tar.xz
openssh-aae6c614da614eb10ced16505f35410671c95d9d.zip
- Merged OpenBSD CVS changes:
- [auth-krb4.c auth-passwd.c auth-skey.c ssh. move skey-auth from auth-passwd.c to auth-s - [auth-rsa.c] warn only about mismatch if key is _used_ warn about keysize-mismatch with log() not channels.c readconf.c readconf.h ssh.c ssh. ports are u_short - [hostfile.c] indent, shorter warning - [nchan.c] use error() for internal errors - [packet.c] set loglevel for SSH_MSG_DISCONNECT to log( serverloop.c indent - [ssh-add.1 ssh-add.c ssh.h] document , reasonable default - [ssh.1] CheckHostIP is not available for connects v - [sshconnect.c] typo easier to read client code for passwd and s turn of checkhostip for proxy connects, sin
Diffstat (limited to 'auth-skey.c')
-rw-r--r--auth-skey.c33
1 files changed, 32 insertions, 1 deletions
diff --git a/auth-skey.c b/auth-skey.c
index a0d786cb2..cc5f45101 100644
--- a/auth-skey.c
+++ b/auth-skey.c
@@ -1,9 +1,11 @@
#include "includes.h"
#ifdef SKEY
-RCSID("$Id: auth-skey.c,v 1.3 1999/11/23 22:25:52 markus Exp $");
+RCSID("$Id: auth-skey.c,v 1.4 1999/12/01 16:54:35 markus Exp $");
#include "ssh.h"
+#include "packet.h"
+
#ifdef HAVE_OPENSSL
#include <openssl/sha1.h>
#endif
@@ -13,6 +15,35 @@ RCSID("$Id: auth-skey.c,v 1.3 1999/11/23 22:25:52 markus Exp $");
/* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
+/*
+ * try skey authentication,
+ * return 1 on success, 0 on failure, -1 if skey is not available
+ */
+
+int
+auth_skey_password(struct passwd * pw, const char *password)
+{
+ if (strncasecmp(password, "s/key", 5) == 0) {
+ char *skeyinfo = skey_keyinfo(pw->pw_name);
+ if (skeyinfo == NULL) {
+ debug("generating fake skeyinfo for %.100s.",
+ pw->pw_name);
+ skeyinfo = skey_fake_keyinfo(pw->pw_name);
+ }
+ if (skeyinfo != NULL)
+ packet_send_debug(skeyinfo);
+ /* Try again. */
+ return 0;
+ } else if (skey_haskey(pw->pw_name) == 0 &&
+ skey_passcheck(pw->pw_name, (char *) password) != -1) {
+ /* Authentication succeeded. */
+ return 1;
+ }
+ /* Fall back to ordinary passwd authentication. */
+ return -1;
+}
+
++ /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
#define ROUND(x) (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \
((x)[3]))