1295367Sdes/* $OpenBSD: auth2-passwd.c,v 1.12 2014/07/15 15:54:14 millert Exp $ */ 298675Sdes/* 398675Sdes * Copyright (c) 2000 Markus Friedl. All rights reserved. 498675Sdes * 598675Sdes * Redistribution and use in source and binary forms, with or without 698675Sdes * modification, are permitted provided that the following conditions 798675Sdes * are met: 898675Sdes * 1. Redistributions of source code must retain the above copyright 998675Sdes * notice, this list of conditions and the following disclaimer. 1098675Sdes * 2. Redistributions in binary form must reproduce the above copyright 1198675Sdes * notice, this list of conditions and the following disclaimer in the 1298675Sdes * documentation and/or other materials provided with the distribution. 1398675Sdes * 1498675Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1598675Sdes * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 1698675Sdes * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 1798675Sdes * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 1898675Sdes * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 1998675Sdes * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2098675Sdes * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2198675Sdes * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2298675Sdes * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2398675Sdes * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2498675Sdes */ 2598675Sdes 2698675Sdes#include "includes.h" 2798675Sdes 28162852Sdes#include <sys/types.h> 29162852Sdes 30162852Sdes#include <string.h> 31162852Sdes#include <stdarg.h> 32162852Sdes 3398675Sdes#include "xmalloc.h" 3498675Sdes#include "packet.h" 3598675Sdes#include "log.h" 36162852Sdes#include "key.h" 37162852Sdes#include "hostfile.h" 3898675Sdes#include "auth.h" 39162852Sdes#include "buffer.h" 40162852Sdes#ifdef GSSAPI 41162852Sdes#include "ssh-gss.h" 42162852Sdes#endif 4398675Sdes#include "monitor_wrap.h" 44295367Sdes#include "misc.h" 4598675Sdes#include "servconf.h" 4698675Sdes 4798675Sdes/* import */ 4898675Sdesextern ServerOptions options; 4998675Sdes 5098675Sdesstatic int 5198675Sdesuserauth_passwd(Authctxt *authctxt) 5298675Sdes{ 53126274Sdes char *password, *newpass; 5498675Sdes int authenticated = 0; 5598675Sdes int change; 56126274Sdes u_int len, newlen; 57126274Sdes 5898675Sdes change = packet_get_char(); 59126274Sdes password = packet_get_string(&len); 60126274Sdes if (change) { 61126274Sdes /* discard new password from packet */ 62126274Sdes newpass = packet_get_string(&newlen); 63264377Sdes explicit_bzero(newpass, newlen); 64255767Sdes free(newpass); 65126274Sdes } 66126274Sdes packet_check_eom(); 67126274Sdes 6898675Sdes if (change) 69124208Sdes logit("password change not supported"); 70146998Sdes else if (PRIVSEP(auth_password(authctxt, password)) == 1) 71146998Sdes authenticated = 1; 72264377Sdes explicit_bzero(password, len); 73255767Sdes free(password); 7498675Sdes return authenticated; 7598675Sdes} 7698675Sdes 7798675SdesAuthmethod method_passwd = { 7898675Sdes "password", 7998675Sdes userauth_passwd, 8098675Sdes &options.password_authentication 8198675Sdes}; 82