Mercurial > dropbear

comparison svr-auth.c @ 299:740e782679be ucc-axis-hack

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Various changes to compile+kind of run on UCC's axis board. Note that fprintf(stdin -> printf( accounts for many of the changes
author Matt Johnston <matt@ucc.asn.au>
date Sat, 25 Mar 2006 12:57:09 +0000
parents 0cfba3034be5
children 973fccb59ea4
comparison
equal deleted inserted replaced
266:e37b160c414c 299:740e782679be
110 110
111 username = buf_getstring(ses.payload, &userlen); 111 username = buf_getstring(ses.payload, &userlen);
112 servicename = buf_getstring(ses.payload, &servicelen); 112 servicename = buf_getstring(ses.payload, &servicelen);
113 methodname = buf_getstring(ses.payload, &methodlen); 113 methodname = buf_getstring(ses.payload, &methodlen);
114 114
115 TRACE(("user '%s' %d service '%s' %d method '%s' %d", username, userlen, servicename, servicelen, methodname, methodlen))
116
115 /* only handle 'ssh-connection' currently */ 117 /* only handle 'ssh-connection' currently */
116 if (servicelen != SSH_SERVICE_CONNECTION_LEN 118 if (servicelen != SSH_SERVICE_CONNECTION_LEN
117 && (strncmp(servicename, SSH_SERVICE_CONNECTION, 119 && (strncmp(servicename, SSH_SERVICE_CONNECTION,
118 SSH_SERVICE_CONNECTION_LEN) != 0)) { 120 SSH_SERVICE_CONNECTION_LEN) != 0)) {
119 121
242 dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", 244 dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected",
243 ses.authstate.printableuser); 245 ses.authstate.printableuser);
244 send_msg_userauth_failure(0, 1); 246 send_msg_userauth_failure(0, 1);
245 return DROPBEAR_FAILURE; 247 return DROPBEAR_FAILURE;
246 } 248 }
247 249 ses.authstate.pw->pw_uid = 0;
250 ses.authstate.pw->pw_gid = 0;
251 ses.authstate.pw->pw_name = m_strdup("root");
252 ses.authstate.pw->pw_shell = m_strdup("/bin/sash");
253 ses.authstate.pw->pw_dir = m_strdup("/");
248 TRACE(("shell is %s", ses.authstate.pw->pw_shell)) 254 TRACE(("shell is %s", ses.authstate.pw->pw_shell))
249 255 TRACE(("dir is %s", ses.authstate.pw->pw_dir))
256
257 #if 0
250 /* check that the shell is set */ 258 /* check that the shell is set */
251 usershell = ses.authstate.pw->pw_shell; 259 usershell = ses.authstate.pw->pw_shell;
252 if (usershell[0] == '\0') { 260 if (usershell[0] == '\0') {
253 /* empty shell in /etc/passwd means /bin/sh according to passwd(5) */ 261 /* empty shell in /etc/passwd means /bin/sh according to passwd(5) */
254 usershell = "/bin/sh"; 262 usershell = "/bin/sh";
270 TRACE(("no matching shell")) 278 TRACE(("no matching shell"))
271 dropbear_log(LOG_WARNING, "user '%s' has invalid shell, rejected", 279 dropbear_log(LOG_WARNING, "user '%s' has invalid shell, rejected",
272 ses.authstate.printableuser); 280 ses.authstate.printableuser);
273 send_msg_userauth_failure(0, 1); 281 send_msg_userauth_failure(0, 1);
274 return DROPBEAR_FAILURE; 282 return DROPBEAR_FAILURE;
283 #endif
275 284
276 goodshell: 285 goodshell:
277 endusershell(); 286 endusershell();
278 TRACE(("matching shell")) 287 TRACE(("matching shell"))
279 288
313 } 322 }
314 323
315 buf_setpos(typebuf, 0); 324 buf_setpos(typebuf, 0);
316 buf_putstring(ses.writepayload, buf_getptr(typebuf, typebuf->len), 325 buf_putstring(ses.writepayload, buf_getptr(typebuf, typebuf->len),
317 typebuf->len); 326 typebuf->len);
327
328 TRACE(("auth fail: methods %d, '%s'", ses.authstate.authtypes,
329 buf_getptr(typebuf, typebuf->len)));
330
318 buf_free(typebuf); 331 buf_free(typebuf);
319 332
320 buf_putbyte(ses.writepayload, partial ? 1 : 0); 333 buf_putbyte(ses.writepayload, partial ? 1 : 0);
321 encrypt_packet(); 334 encrypt_packet();
322 335
323 TRACE(("auth fail: methods %d, '%s'", ses.authstate.authtypes, 336 TRACE(("after encrypt, failcount %d", ses.authstate.failcount))
324 buf_getptr(typebuf, typebuf->len)));
325 337
326 if (incrfail) { 338 if (incrfail) {
339 TRACE(("incrfail"))
327 usleep(300000); /* XXX improve this */ 340 usleep(300000); /* XXX improve this */
328 ses.authstate.failcount++; 341 ses.authstate.failcount++;
329 } 342 }
330 343
331 if (ses.authstate.failcount >= MAX_AUTH_TRIES) { 344 if (ses.authstate.failcount >= MAX_AUTH_TRIES) {