tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- provos@cvs.openbsd.org 2002/03/18 03:41:08 

[auth.c session.c]
     move auth_approval into getpwnamallow with help from millert@
This commit is contained in:
Ben Lindstrom 2002-03-22 01:35:47 +00:00
parent abf3144064
commit b481e1323e
3 changed files with 29 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -41,6 +41,9 @@
[auth-krb4.c]
set client to NULL after xfree(), from Rolf Braun
<rbraun+ssh@andrew.cmu.edu>
- provos@cvs.openbsd.org 2002/03/18 03:41:08
[auth.c session.c]
move auth_approval into getpwnamallow with help from millert@
20020317
- (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
@ -7887,4 +7890,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1936 2002/03/22 01:30:40 mouring Exp $
$Id: ChangeLog,v 1.1937 2002/03/22 01:35:47 mouring Exp $

26
auth.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth.c,v 1.37 2002/03/17 20:25:56 provos Exp $");
RCSID("$OpenBSD: auth.c,v 1.38 2002/03/18 03:41:08 provos Exp $");
#ifdef HAVE_LOGIN_H
#include <login.h>
@ -443,11 +443,31 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
struct passwd *
getpwnamallow(const char *user)
{
#ifdef HAVE_LOGIN_CAP
extern login_cap_t *lc;
#ifdef BSD_AUTH
auth_session_t *as;
#endif
#endif
struct passwd *pw;
pw = getpwnam(user);
if (pw != NULL && !allowed_user(pw))
if (pw == NULL || !allowed_user(pw))
return (NULL);
#ifdef HAVE_LOGIN_CAP
if ((lc = login_getclass(pw->pw_class)) == NULL) {
debug("unable to get login class: %s", user);
return (NULL);
}
#ifdef BSD_AUTH
if ((as = auth_open()) == NULL || auth_setpwd(as, pw) != 0 ||
auth_approval(NULL, lc, pw->pw_name, "ssh") <= 0) {
debug("Approval failure for %s", user);
pw = NULL;
}
if (as != NULL)
auth_close(as);
#endif
#endif
return (pw);
}

16
session.c
View File

@ -33,7 +33,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: session.c,v 1.128 2002/02/16 00:51:44 markus Exp $");
RCSID("$OpenBSD: session.c,v 1.129 2002/03/18 03:41:08 provos Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -136,7 +136,7 @@ char *aixloginmsg;
#endif /* WITH_AIXAUTHENTICATE */
#ifdef HAVE_LOGIN_CAP
static login_cap_t *lc;
login_cap_t *lc;
#endif
void
@ -151,18 +151,6 @@ do_authenticated(Authctxt *authctxt)
close(startup_pipe);
startup_pipe = -1;
}
#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
error("unable to get login class");
return;
}
#ifdef BSD_AUTH
if (auth_approval(NULL, lc, authctxt->pw->pw_name, "ssh") <= 0) {
packet_disconnect("Approval failure for %s",
authctxt->pw->pw_name);
}
#endif
#endif
#ifdef WITH_AIXAUTHENTICATE
/* We don't have a pty yet, so just label the line as "ssh" */
if (loginsuccess(authctxt->user,