1 |
|
|
/* $OpenBSD: auth2-passwd.c,v 1.14 2017/05/30 14:29:59 markus Exp $ */ |
2 |
|
|
/* |
3 |
|
|
* Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 |
|
|
* |
5 |
|
|
* Redistribution and use in source and binary forms, with or without |
6 |
|
|
* modification, are permitted provided that the following conditions |
7 |
|
|
* are met: |
8 |
|
|
* 1. Redistributions of source code must retain the above copyright |
9 |
|
|
* notice, this list of conditions and the following disclaimer. |
10 |
|
|
* 2. Redistributions in binary form must reproduce the above copyright |
11 |
|
|
* notice, this list of conditions and the following disclaimer in the |
12 |
|
|
* documentation and/or other materials provided with the distribution. |
13 |
|
|
* |
14 |
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
15 |
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
16 |
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
17 |
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
18 |
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
19 |
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
20 |
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
21 |
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
22 |
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
23 |
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 |
|
|
*/ |
25 |
|
|
|
26 |
|
|
#include <sys/types.h> |
27 |
|
|
|
28 |
|
|
#include <string.h> |
29 |
|
|
#include <stdarg.h> |
30 |
|
|
|
31 |
|
|
#include "packet.h" |
32 |
|
|
#include "ssherr.h" |
33 |
|
|
#include "log.h" |
34 |
|
|
#include "sshkey.h" |
35 |
|
|
#include "hostfile.h" |
36 |
|
|
#include "auth.h" |
37 |
|
|
#include "buffer.h" |
38 |
|
|
#ifdef GSSAPI |
39 |
|
|
#include "ssh-gss.h" |
40 |
|
|
#endif |
41 |
|
|
#include "monitor_wrap.h" |
42 |
|
|
#include "misc.h" |
43 |
|
|
#include "servconf.h" |
44 |
|
|
|
45 |
|
|
/* import */ |
46 |
|
|
extern ServerOptions options; |
47 |
|
|
|
48 |
|
|
static int |
49 |
|
|
userauth_passwd(struct ssh *ssh) |
50 |
|
|
{ |
51 |
|
|
char *password; |
52 |
|
|
int authenticated = 0, r; |
53 |
|
|
u_char change; |
54 |
|
|
size_t len; |
55 |
|
|
|
56 |
|
|
if ((r = sshpkt_get_u8(ssh, &change)) != 0 || |
57 |
|
|
(r = sshpkt_get_cstring(ssh, &password, &len)) != 0 || |
58 |
|
|
(change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) || |
59 |
|
|
(r = sshpkt_get_end(ssh)) != 0) |
60 |
|
|
fatal("%s: %s", __func__, ssh_err(r)); |
61 |
|
|
|
62 |
|
|
if (change) |
63 |
|
|
logit("password change not supported"); |
64 |
|
|
else if (PRIVSEP(auth_password(ssh->authctxt, password)) == 1) |
65 |
|
|
authenticated = 1; |
66 |
|
|
explicit_bzero(password, len); |
67 |
|
|
free(password); |
68 |
|
|
return authenticated; |
69 |
|
|
} |
70 |
|
|
|
71 |
|
|
Authmethod method_passwd = { |
72 |
|
|
"password", |
73 |
|
|
userauth_passwd, |
74 |
|
|
&options.password_authentication |
75 |
|
|
}; |