Mercurial > dropbear

comparison svr-auth.c @ 801:7dcb46da72d9 ecc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge in HEAD
author Matt Johnston <matt@ucc.asn.au>
date Tue, 21 May 2013 12:09:35 +0800
parents a78a38e402d1 e0084f136cb8
children 4095b6d7c9fc
comparison
equal deleted inserted replaced
799:c344607b7341 801:7dcb46da72d9
223 * returns DROPBEAR_SUCCESS on valid username, DROPBEAR_FAILURE on failure */ 223 * returns DROPBEAR_SUCCESS on valid username, DROPBEAR_FAILURE on failure */
224 static int checkusername(unsigned char *username, unsigned int userlen) { 224 static int checkusername(unsigned char *username, unsigned int userlen) {
225 225
226 char* listshell = NULL; 226 char* listshell = NULL;
227 char* usershell = NULL; 227 char* usershell = NULL;
228 int uid;
228 TRACE(("enter checkusername")) 229 TRACE(("enter checkusername"))
229 if (userlen > MAX_USERNAME_LEN) { 230 if (userlen > MAX_USERNAME_LEN) {
230 return DROPBEAR_FAILURE; 231 return DROPBEAR_FAILURE;
231 } 232 }
232 233
252 svr_ses.addrstring); 253 svr_ses.addrstring);
253 send_msg_userauth_failure(0, 1); 254 send_msg_userauth_failure(0, 1);
254 return DROPBEAR_FAILURE; 255 return DROPBEAR_FAILURE;
255 } 256 }
256 257
258 /* check if we are running as non-root, and login user is different from the server */
259 uid = geteuid();
260 if (uid != 0 && uid != ses.authstate.pw_uid) {
261 TRACE(("running as nonroot, only server uid is allowed"))
262 dropbear_log(LOG_WARNING,
263 "Login attempt with wrong user %s from %s",
264 ses.authstate.pw_name,
265 svr_ses.addrstring);
266 send_msg_userauth_failure(0, 1);
267 return DROPBEAR_FAILURE;
268 }
269
257 /* check for non-root if desired */ 270 /* check for non-root if desired */
258 if (svr_opts.norootlogin && ses.authstate.pw_uid == 0) { 271 if (svr_opts.norootlogin && ses.authstate.pw_uid == 0) {
259 TRACE(("leave checkusername: root login disabled")) 272 TRACE(("leave checkusername: root login disabled"))
260 dropbear_log(LOG_WARNING, "root login rejected"); 273 dropbear_log(LOG_WARNING, "root login rejected");
261 send_msg_userauth_failure(0, 1); 274 send_msg_userauth_failure(0, 1);