Mercurial > dropbear

comparison svr-authpam.c @ 835:4095b6d7c9fc ecc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge in changes from the past couple of releases
author Matt Johnston <matt@ucc.asn.au>
date Fri, 18 Oct 2013 21:38:01 +0800
parents fee485ce81eb
children bae0b34bc059 aaf576b27a10
comparison
equal deleted inserted replaced
807:75509065db53 835:4095b6d7c9fc
140 resp->resp = m_strdup(userDatap->user); 140 resp->resp = m_strdup(userDatap->user);
141 TRACE(("userDatap->user='%s'", userDatap->user)) 141 TRACE(("userDatap->user='%s'", userDatap->user))
142 (*respp) = resp; 142 (*respp) = resp;
143 break; 143 break;
144 144
145 case PAM_ERROR_MSG:
146 case PAM_TEXT_INFO:
147
148 if (msg_len > 0) {
149 buffer * pam_err = buf_new(msg_len + 4);
150 buf_setpos(pam_err, 0);
151 buf_putbytes(pam_err, "\r\n", 2);
152 buf_putbytes(pam_err, (*msg)->msg, msg_len);
153 buf_putbytes(pam_err, "\r\n", 2);
154 buf_setpos(pam_err, 0);
155
156 send_msg_userauth_banner(pam_err);
157 buf_free(pam_err);
158 }
159 break;
160
145 default: 161 default:
146 TRACE(("Unknown message type")) 162 TRACE(("Unknown message type"))
147 rc = PAM_CONV_ERR; 163 rc = PAM_CONV_ERR;
148 break; 164 break;
149 } 165 }
194 userData.user = ses.authstate.pw_name; 210 userData.user = ses.authstate.pw_name;
195 userData.passwd = password; 211 userData.passwd = password;
196 212
197 /* Init pam */ 213 /* Init pam */
198 if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { 214 if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
199 dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n", 215 dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s",
200 rc, pam_strerror(pamHandlep, rc)); 216 rc, pam_strerror(pamHandlep, rc));
201 goto cleanup; 217 goto cleanup;
202 } 218 }
203 219
204 /* just to set it to something */ 220 /* just to set it to something */
205 if ((rc = pam_set_item(pamHandlep, PAM_TTY, "ssh") != PAM_SUCCESS)) { 221 if ((rc = pam_set_item(pamHandlep, PAM_TTY, "ssh") != PAM_SUCCESS)) {
206 dropbear_log(LOG_WARNING, "pam_set_item() failed, rc=%d, %s\n", 222 dropbear_log(LOG_WARNING, "pam_set_item() failed, rc=%d, %s",
207 rc, pam_strerror(pamHandlep, rc)); 223 rc, pam_strerror(pamHandlep, rc));
208 goto cleanup; 224 goto cleanup;
209 } 225 }
210 226
211 #ifdef HAVE_PAM_FAIL_DELAY 227 #ifdef HAVE_PAM_FAIL_DELAY
214 #endif 230 #endif
215 231
216 /* (void) pam_set_item(pamHandlep, PAM_FAIL_DELAY, (void*) pamDelayFunc); */ 232 /* (void) pam_set_item(pamHandlep, PAM_FAIL_DELAY, (void*) pamDelayFunc); */
217 233
218 if ((rc = pam_authenticate(pamHandlep, 0)) != PAM_SUCCESS) { 234 if ((rc = pam_authenticate(pamHandlep, 0)) != PAM_SUCCESS) {
219 dropbear_log(LOG_WARNING, "pam_authenticate() failed, rc=%d, %s\n", 235 dropbear_log(LOG_WARNING, "pam_authenticate() failed, rc=%d, %s",
220 rc, pam_strerror(pamHandlep, rc)); 236 rc, pam_strerror(pamHandlep, rc));
221 dropbear_log(LOG_WARNING, 237 dropbear_log(LOG_WARNING,
222 "Bad PAM password attempt for '%s' from %s", 238 "Bad PAM password attempt for '%s' from %s",
223 ses.authstate.pw_name, 239 ses.authstate.pw_name,
224 svr_ses.addrstring); 240 svr_ses.addrstring);
225 send_msg_userauth_failure(0, 1); 241 send_msg_userauth_failure(0, 1);
226 goto cleanup; 242 goto cleanup;
227 } 243 }
228 244
229 if ((rc = pam_acct_mgmt(pamHandlep, 0)) != PAM_SUCCESS) { 245 if ((rc = pam_acct_mgmt(pamHandlep, 0)) != PAM_SUCCESS) {
230 dropbear_log(LOG_WARNING, "pam_acct_mgmt() failed, rc=%d, %s\n", 246 dropbear_log(LOG_WARNING, "pam_acct_mgmt() failed, rc=%d, %s",
231 rc, pam_strerror(pamHandlep, rc)); 247 rc, pam_strerror(pamHandlep, rc));
232 dropbear_log(LOG_WARNING, 248 dropbear_log(LOG_WARNING,
233 "Bad PAM password attempt for '%s' from %s", 249 "Bad PAM password attempt for '%s' from %s",
234 ses.authstate.pw_name, 250 ses.authstate.pw_name,
235 svr_ses.addrstring); 251 svr_ses.addrstring);