int auth_sia_password(Authctxt *authctxt, char *pass) { int ret; SIAENTITY *ent = NULL; const char *host; host = get_canonical_hostname(options.verify_reverse_mapping); if (!authctxt->user || !pass || pass[0] == '\0') return(0); if (sia_ses_init(&ent, saved_argc, saved_argv, host, authctxt->user, NULL, 0, NULL) != SIASUCCESS) return(0); if ((ret = sia_ses_authent(NULL, pass, ent)) != SIASUCCESS) { error("Couldn't authenticate %s from %s", authctxt->user, host); if (ret & SIASTOP) sia_ses_release(&ent); return(0); } sia_ses_release(&ent); return(1); }
void session_setup_sia(struct passwd *pw, char *tty) { SIAENTITY *ent = NULL; const char *host; host = get_canonical_hostname(options.verify_reverse_mapping); if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name, tty, 0, NULL) != SIASUCCESS) fatal("sia_ses_init failed"); if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) { sia_ses_release(&ent); fatal("sia_make_entity_pwd failed"); } ent->authtype = SIA_A_NONE; if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) fatal("Couldn't establish session for %s from %s", pw->pw_name, host); if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) fatal("Couldn't launch session for %s from %s", pw->pw_name, host); sia_ses_release(&ent); if (setreuid(geteuid(), geteuid()) < 0) fatal("setreuid: %s", strerror(errno)); }
void session_setup_sia(struct passwd *pw, char *tty) { SIAENTITY *ent = NULL; const char *host; host = get_canonical_hostname(options.use_dns); if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name, tty, 0, NULL) != SIASUCCESS) fatal("sia_ses_init failed"); if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) { sia_ses_release(&ent); fatal("sia_make_entity_pwd failed"); } ent->authtype = SIA_A_NONE; if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) fatal("Couldn't establish session for %s from %s", pw->pw_name, host); if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) fatal("Couldn't launch session for %s from %s", pw->pw_name, host); sia_ses_release(&ent); setuid(0); permanently_set_uid(pw); }
int sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth) { SIAENTITY *siah = NULL; int i; extern int NewArgc; extern char **NewArgv; /* Rebuild argv for sia_ses_init() */ sudo_argc = NewArgc + 1; sudo_argv = emalloc2(sudo_argc + 1, sizeof(char *)); sudo_argv[0] = "sudo"; for (i = 0; i < NewArgc; i++) sudo_argv[i + 1] = NewArgv[i]; sudo_argv[sudo_argc] = NULL; if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ttypath, 1, NULL) != SIASUCCESS) { log_error(USE_ERRNO|NO_EXIT|NO_MAIL, _("unable to initialize SIA session")); return AUTH_FATAL; } auth->data = (void *) siah; return AUTH_SUCCESS; }
int sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth) { SIAENTITY *siah = NULL; extern int Argc; extern char **Argv; if (sia_ses_init(&siah, Argc, Argv, NULL, pw->pw_name, ttyname(0), 1, NULL) != SIASUCCESS) { log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize SIA session"); return AUTH_FATAL; } auth->data = (void *) siah; return AUTH_SUCCESS; }
void session_setup_sia(char *user, char *tty) { struct passwd *pw; SIAENTITY *ent = NULL; const char *host; host = get_canonical_hostname (options.verify_reverse_mapping); if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0, NULL) != SIASUCCESS) { fatal("sia_ses_init failed"); } if ((pw = getpwnam(user)) == NULL) { sia_ses_release(&ent); fatal("getpwnam: no user: %s", user); } if (sia_make_entity_pwd(pw, ent) != SIASUCCESS) { sia_ses_release(&ent); fatal("sia_make_entity_pwd failed"); } ent->authtype = SIA_A_NONE; if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) { fatal("Couldn't establish session for %s from %s", user, host); } if (setpriority(PRIO_PROCESS, 0, 0) == -1) { sia_ses_release(&ent); fatal("setpriority: %s", strerror (errno)); } if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) { fatal("Couldn't launch session for %s from %s", user, host); } sia_ses_release(&ent); if (setreuid(geteuid(), geteuid()) < 0) { fatal("setreuid: %s", strerror(errno)); } }
int my_sia_validate_user(sia_collect_func_t *collect, /* communication routine */ int argc, char **argv, char *hostname, /* remote host (or user@host) info */ char *username, char *tty, /* ttyname() or X display (if any) */ int colinput, /* can call collect() for input */ char *gssapi, char *passphrase) /* pre-gathered passphrase (bad) */ { SIAENTITY *ent = NULL; int status; status = sia_ses_init(&ent, argc, argv, hostname, username, tty, colinput, gssapi); if (status != SIASUCCESS || !ent) return SIAFAIL; status = sia_ses_authent(collect, passphrase, ent); (void) sia_ses_release(&ent); return status; }