auth-sia.c 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. /*
  2. * Copyright (c) 2002 Chris Adams. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. * 1. Redistributions of source code must retain the above copyright
  8. * notice, this list of conditions and the following disclaimer.
  9. * 2. Redistributions in binary form must reproduce the above copyright
  10. * notice, this list of conditions and the following disclaimer in the
  11. * documentation and/or other materials provided with the distribution.
  12. *
  13. * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  14. * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  15. * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  16. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  17. * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  18. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  19. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  20. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  21. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  22. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  23. */
  24. #include "includes.h"
  25. #ifdef HAVE_OSF_SIA
  26. #include <sia.h>
  27. #include <siad.h>
  28. #include <pwd.h>
  29. #include <signal.h>
  30. #include <setjmp.h>
  31. #include <sys/resource.h>
  32. #include <unistd.h>
  33. #include <stdarg.h>
  34. #include <string.h>
  35. #include "ssh.h"
  36. #include "ssh_api.h"
  37. #include "hostfile.h"
  38. #include "auth.h"
  39. #include "auth-sia.h"
  40. #include "log.h"
  41. #include "servconf.h"
  42. #include "canohost.h"
  43. #include "uidswap.h"
  44. extern ServerOptions options;
  45. extern int saved_argc;
  46. extern char **saved_argv;
  47. int
  48. sys_auth_passwd(struct ssh *ssh, const char *pass)
  49. {
  50. int ret;
  51. SIAENTITY *ent = NULL;
  52. const char *host;
  53. Authctxt *authctxt = ssh->authctxt;
  54. host = get_canonical_hostname(options.use_dns);
  55. if (!authctxt->user || pass == NULL || pass[0] == '\0')
  56. return (0);
  57. if (sia_ses_init(&ent, saved_argc, saved_argv, host, authctxt->user,
  58. NULL, 0, NULL) != SIASUCCESS)
  59. return (0);
  60. if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) {
  61. error("Couldn't authenticate %s from %s",
  62. authctxt->user, host);
  63. if (ret & SIASTOP)
  64. sia_ses_release(&ent);
  65. return (0);
  66. }
  67. sia_ses_release(&ent);
  68. return (1);
  69. }
  70. void
  71. session_setup_sia(struct passwd *pw, char *tty)
  72. {
  73. SIAENTITY *ent = NULL;
  74. const char *host;
  75. host = get_canonical_hostname(options.use_dns);
  76. if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name,
  77. tty, 0, NULL) != SIASUCCESS)
  78. fatal("sia_ses_init failed");
  79. if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) {
  80. sia_ses_release(&ent);
  81. fatal("sia_make_entity_pwd failed");
  82. }
  83. ent->authtype = SIA_A_NONE;
  84. if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS)
  85. fatal("Couldn't establish session for %s from %s",
  86. pw->pw_name, host);
  87. if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS)
  88. fatal("Couldn't launch session for %s from %s",
  89. pw->pw_name, host);
  90. sia_ses_release(&ent);
  91. setuid(0);
  92. permanently_set_uid(pw);
  93. }
  94. #endif /* HAVE_OSF_SIA */