/* Logs password auth attempts. Always replies with SSH_MESSAGE_USERAUTH_FAILURE. */
int handle_auth(ssh_session session) {
struct connection con;
con.session = session;
/* Perform key exchange. */
if (ssh_handle_key_exchange(con.session)) {
fprintf(stderr, "Error exchanging keys: `%s'.\n", ssh_get_error(con.session));
return -1;
}
if (DEBUG) { printf("Successful key exchange.\n"); }
/* Wait for a message, which should be an authentication attempt. Send the default
* reply if it isn't. Log the attempt and quit. */
while (1) {
if ((con.message = ssh_message_get(con.session)) == NULL) {
break;
}
/* Log the authentication request and disconnect. */
if (ssh_message_subtype(con.message) == SSH_AUTH_METHOD_PASSWORD) {
log_attempt(&con);
}
else {
if (DEBUG) { fprintf(stderr, "Not a password authentication attempt.\n"); }
}
/* Send the default message regardless of the request type. */
ssh_message_reply_default(con.message);
ssh_message_free(con.message);
}
if (DEBUG) { printf("Exiting child.\n"); }
return 0;
}
int bbs_auth(const char *name, const char *passwd)
{
if (!name || *name == '\0')
return BBS_ENOUSR;
if (currentuser.userid[0] == '\0') {
if (session_count_online() > MAXACTIVE)
return BBS_E2MANY;
if (!dosearchuser(name, ¤tuser, &usernum))
return BBS_ENOUSR;
}
if (!passwd_check(currentuser.userid, passwd)) {
log_attempt(currentuser.userid, fromhost, "telnet");
return BBS_EWPSWD;
}
if (strcasecmp(currentuser.userid, "guest") && !HAS_PERM(PERM_LOGIN)) {
if (chk_giveupbbs())
return BBS_EGIVEUP;
if (currentuser.userlevel == 0) {
return BBS_ESUICIDE;
} else {
return BBS_EBANNED;
}
}
#ifdef CHECK_FREQUENTLOGIN
if (!HAS_PERM(PERM_SYSOPS)
&& strcasecmp(currentuser.userid, "guest") != 0
&& abs(time(NULL) - currentuser.lastlogin) < 10) {
return BBS_ELFREQ;
}
#endif
session_set_uid(get_user_id(name));
return 0;
}
