diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2001-05-30 23:31:15 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2001-05-30 23:31:15 +0000 |
| commit | faa3f333ff97aa2eea0f9042cabac211c11bb018 (patch) | |
| tree | 6d002c8cfc6f8760c5ec7e3cd06b8647eb50759d /usr.bin | |
| parent | 4fcccd774ffde17f8f3e720a3b73319592fc679a (diff) | |
merge
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/auth2.c | 56 |
1 files changed, 26 insertions, 30 deletions
diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c index 8a011e5e5f4..36ead5799b8 100644 --- a/usr.bin/ssh/auth2.c +++ b/usr.bin/ssh/auth2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.59 2001/05/30 12:55:06 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.60 2001/05/30 23:31:14 markus Exp $"); #include <openssl/evp.h> @@ -243,6 +243,8 @@ input_userauth_request(int type, int plen, void *ctxt) void userauth_finish(Authctxt *authctxt, int authenticated, char *method) { + char *methods; + if (!authctxt->valid && authenticated) fatal("INTERNAL ERROR: authenticated invalid user %s", authctxt->user); @@ -255,8 +257,29 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) /* Log before sending the reply */ auth_log(authctxt, authenticated, method, " ssh2"); - if (!authctxt->postponed) - userauth_reply(authctxt, authenticated); + if (authctxt->postponed) + return; + + /* XXX todo: check if multiple auth methods are needed */ + if (authenticated == 1) { + /* turn off userauth */ + dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error); + packet_start(SSH2_MSG_USERAUTH_SUCCESS); + packet_send(); + packet_write_wait(); + /* now we can break out */ + authctxt->success = 1; + } else { + if (authctxt->failures++ > AUTH_FAIL_MAX) + packet_disconnect(AUTH_FAIL_MSG, authctxt->user); + methods = authmethods_get(); + packet_start(SSH2_MSG_USERAUTH_FAILURE); + packet_put_cstring(methods); + packet_put_char(0); /* XXX partial success, unused */ + packet_send(); + packet_write_wait(); + xfree(methods); + } } void @@ -290,33 +313,6 @@ done: return; } -void -userauth_reply(Authctxt *authctxt, int authenticated) -{ - char *methods; - - /* XXX todo: check if multiple auth methods are needed */ - if (authenticated == 1) { - /* turn off userauth */ - dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error); - packet_start(SSH2_MSG_USERAUTH_SUCCESS); - packet_send(); - packet_write_wait(); - /* now we can break out */ - authctxt->success = 1; - } else { - if (authctxt->failures++ > AUTH_FAIL_MAX) - packet_disconnect(AUTH_FAIL_MSG, authctxt->user); - methods = authmethods_get(); - packet_start(SSH2_MSG_USERAUTH_FAILURE); - packet_put_cstring(methods); - packet_put_char(0); /* XXX partial success, unused */ - packet_send(); - packet_write_wait(); - xfree(methods); - } -} - int userauth_none(Authctxt *authctxt) { |