Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 6939b233d03d59f9ead3469975f7bf72585c6ffa / . / auth-sia.c
blob: 3a4159448dc97f763590257d931b750cb5317ae6 [file] [log] [blame]
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]1#include "includes.h"
2
3#ifdef HAVE_OSF_SIA
4#include "ssh.h"
Kevin Steves6939b232002-04-10 16:09:51 +0000[diff] [blame^]5#include "auth.h"
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]6#include "auth-sia.h"
7#include "log.h"
8#include "servconf.h"
9#include "canohost.h"
10
11#include <sia.h>
12#include <siad.h>
13#include <pwd.h>
14#include <signal.h>
15#include <setjmp.h>
16#include <sys/resource.h>
17#include <unistd.h>
18#include <string.h>
19
20extern ServerOptions options;
21extern int saved_argc;
22extern char **saved_argv;
23
24extern int errno;
25
26int
Kevin Stevese683e762002-04-04 19:02:28 +0000[diff] [blame]27auth_sia_password(Authctxt *authctxt, char *pass)
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]28{
29 int ret;
30 SIAENTITY *ent = NULL;
31 const char *host;
Kevin Stevese683e762002-04-04 19:02:28 +0000[diff] [blame]32 char *user = authctxt->user;
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]33
Damien Millerf3451a22002-02-05 12:40:46 +1100[diff] [blame]34 host = get_canonical_hostname(options.verify_reverse_mapping);
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]35
Kevin Stevese683e762002-04-04 19:02:28 +0000[diff] [blame]36 if (!user || !pass || pass[0] == '\0')
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]37 return(0);
38
39 if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0,
40 NULL) != SIASUCCESS)
41 return(0);
42
43 if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
44 error("couldn't authenticate %s from %s", user, host);
45 if (ret & SIASTOP)
46 sia_ses_release(&ent);
47 return(0);
48 }
49
50 sia_ses_release(&ent);
51
52 return(1);
53}
54
55void
56session_setup_sia(char *user, char *tty)
57{
58 int ret;
59 struct passwd *pw;
60 SIAENTITY *ent = NULL;
61 const char *host;
62
Damien Millerf3451a22002-02-05 12:40:46 +1100[diff] [blame]63 host = get_canonical_hostname (options.verify_reverse_mapping);
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]64
65 if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0,
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]66 NULL) != SIASUCCESS) {
67 error("sia_ses_init failed");
68 exit(1);
69 }
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]70
71 if ((pw = getpwnam(user)) == NULL) {
72 sia_ses_release(&ent);
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]73 error("getpwnam(%s) failed: %s", user, strerror(errno));
74 exit(1);
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]75 }
76 if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
77 sia_ses_release(&ent);
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]78 error("sia_make_entity_pwd failed");
79 exit(1);
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]80 }
81
82 ent->authtype = SIA_A_NONE;
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]83 if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) {
84 error("couldn't establish session for %s from %s", user,
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]85 host);
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]86 exit(1);
87 }
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]88
89 if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
90 sia_ses_release(&ent);
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]91 error("setpriority failed: %s", strerror (errno));
92 exit(1);
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]93 }
94
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]95 if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) {
96 error("couldn't launch session for %s from %s", user, host);
97 exit(1);
98 }
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]99
100 sia_ses_release(&ent);
101
Damien Miller364a9bd2001-04-16 18:37:05 +1000[diff] [blame]102 if (setreuid(geteuid(), geteuid()) < 0) {
103 error("setreuid failed: %s", strerror (errno));
104 exit(1);
105 }
Damien Miller92ddb7d2001-02-14 01:25:23 +1100[diff] [blame]106}
107
108#endif /* HAVE_OSF_SIA */
109