Source Jam - openssh-4.3p2

00001 /*
00002  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
00003  *
00004  * Redistribution and use in source and binary forms, with or without
00005  * modification, are permitted provided that the following conditions
00006  * are met:
00007  * 1. Redistributions of source code must retain the above copyright
00008  *    notice, this list of conditions and the following disclaimer.
00009  * 2. Redistributions in binary form must reproduce the above copyright
00010  *    notice, this list of conditions and the following disclaimer in the
00011  *    documentation and/or other materials provided with the distribution.
00012  *
00013  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
00014  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
00015  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
00016  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
00017  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
00018  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
00019  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
00020  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
00021  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
00022  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
00023  */
00024 
00025 #include "includes.h"
00026 RCSID("$OpenBSD: auth2-passwd.c,v 1.5 2003/12/31 00:24:50 dtucker Exp $");
00027 
00028 #include "xmalloc.h"
00029 #include "packet.h"
00030 #include "log.h"
00031 #include "auth.h"
00032 #include "monitor_wrap.h"
00033 #include "servconf.h"
00034 
00035 /* import */
00036 extern ServerOptions options;
00037 
00038 static int
00039 userauth_passwd(Authctxt *authctxt)
00040 {
00041         char *password, *newpass;
00042         int authenticated = 0;
00043         int change;
00044         u_int len, newlen;
00045 
00046         change = packet_get_char();
00047         password = packet_get_string(&len);
00048         if (change) {
00049                 /* discard new password from packet */
00050                 newpass = packet_get_string(&newlen);
00051                 memset(newpass, 0, newlen);
00052                 xfree(newpass);
00053         }
00054         packet_check_eom();
00055 
00056         if (change)
00057                 logit("password change not supported");
00058         else if (PRIVSEP(auth_password(authctxt, password)) == 1)
00059                 authenticated = 1;
00060 #ifdef HAVE_CYGWIN
00061         if (check_nt_auth(1, authctxt->pw) == 0)
00062                 authenticated = 0;
00063 #endif
00064         memset(password, 0, len);
00065         xfree(password);
00066         return authenticated;
00067 }
00068 
00069 Authmethod method_passwd = {
00070         "password",
00071         userauth_passwd,
00072         &options.password_authentication
00073 };