Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / e5a278a62ab49dffe96929fa8d8506c6928dba90 / . / auth2-passwd.c
blob: 6601e8664c8d1aa218e8227a5a359e0e20181659 [file] [log] [blame]
djm@openbsd.orgbe02d7c2019-09-06 04:53:27 +0000[diff] [blame]1/* $OpenBSD: auth2-passwd.c,v 1.17 2019/09/06 04:53:27 djm Exp $ */
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "includes.h"
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]27
Damien Millerd7834352006-08-05 12:39:39 +1000[diff] [blame]28#include <sys/types.h>
29
djm@openbsd.orgbe02d7c2019-09-06 04:53:27 +0000[diff] [blame]30#include <stdlib.h>
Damien Millere3476ed2006-07-24 14:13:33 +1000[diff] [blame]31#include <string.h>
Damien Millerd7834352006-08-05 12:39:39 +1000[diff] [blame]32#include <stdarg.h>
Darren Tucker9634ffb2019-07-23 22:25:44 +1000[diff] [blame]33#include <stdio.h>
Damien Millere3476ed2006-07-24 14:13:33 +1000[diff] [blame]34
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]35#include "packet.h"
markus@openbsd.org60306b22017-05-30 14:26:49 +0000[diff] [blame]36#include "ssherr.h"
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]37#include "log.h"
markus@openbsd.org60306b22017-05-30 14:26:49 +0000[diff] [blame]38#include "sshkey.h"
Damien Millerd7834352006-08-05 12:39:39 +1000[diff] [blame]39#include "hostfile.h"
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]40#include "auth.h"
Damien Millerd7834352006-08-05 12:39:39 +1000[diff] [blame]41#ifdef GSSAPI
42#include "ssh-gss.h"
43#endif
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]44#include "monitor_wrap.h"
Damien Miller7acefbb2014-07-18 14:11:24 +1000[diff] [blame]45#include "misc.h"
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]46#include "servconf.h"
47
48/* import */
49extern ServerOptions options;
50
51static int
markus@openbsd.orgeb272ea2017-05-30 14:29:59 +0000[diff] [blame]52userauth_passwd(struct ssh *ssh)
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]53{
markus@openbsd.org60306b22017-05-30 14:26:49 +0000[diff] [blame]54 char *password;
55 int authenticated = 0, r;
56 u_char change;
57 size_t len;
Darren Tuckerea287062003-12-31 11:43:24 +1100[diff] [blame]58
markus@openbsd.org60306b22017-05-30 14:26:49 +0000[diff] [blame]59 if ((r = sshpkt_get_u8(ssh, &change)) != 0 ||
60 (r = sshpkt_get_cstring(ssh, &password, &len)) != 0 ||
61 (change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) ||
62 (r = sshpkt_get_end(ssh)) != 0)
63 fatal("%s: %s", __func__, ssh_err(r));
Darren Tuckerea287062003-12-31 11:43:24 +1100[diff] [blame]64
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]65 if (change)
Damien Miller996acd22003-04-09 20:59:48 +1000[diff] [blame]66 logit("password change not supported");
djm@openbsd.org7c856852018-03-03 03:15:51 +0000[diff] [blame]67 else if (PRIVSEP(auth_password(ssh, password)) == 1)
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]68 authenticated = 1;
Damien Millera5103f42014-02-04 11:20:14 +1100[diff] [blame]69 explicit_bzero(password, len);
Darren Tuckera627d422013-06-02 07:31:17 +1000[diff] [blame]70 free(password);
Ben Lindstrom855bf3a2002-06-06 20:27:55 +0000[diff] [blame]71 return authenticated;
72}
73
74Authmethod method_passwd = {
75 "password",
76 userauth_passwd,
77 &options.password_authentication
78};