Lines Matching defs:authctxt
94 static char *authmethods_get(Authctxt *authctxt);
158 * loop until authctxt->success == TRUE
163 Authctxt *authctxt = ssh->authctxt;
169 ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt->success);
170 ssh->authctxt = NULL;
176 Authctxt *authctxt = ssh->authctxt;
184 if (authctxt == NULL)
185 fatal("input_service_request: no authctxt");
188 if (!authctxt->success) {
261 Authctxt *authctxt = ssh->authctxt;
267 if (authctxt == NULL)
268 fatal("input_userauth_request: no authctxt");
275 debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
280 if (authctxt->attempt >= 1024)
282 if (authctxt->attempt++ == 0) {
284 authctxt->pw = mm_getpwnamallow(ssh, user);
285 if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
286 authctxt->valid = 1;
287 debug2_f("setting up authctxt for %s", user);
289 authctxt->valid = 0;
291 authctxt->pw = fakepw();
294 authctxt->valid ? "authenticating " : "invalid ", user);
295 setproctitle("%s [net]", authctxt->valid ? user : "unknown");
296 authctxt->user = xstrdup(user);
297 authctxt->service = xstrdup(service);
298 authctxt->style = style ? xstrdup(style) : NULL;
303 if (auth2_setup_methods_lists(authctxt) != 0)
306 } else if (strcmp(user, authctxt->user) != 0 ||
307 strcmp(service, authctxt->service) != 0) {
310 authctxt->user, authctxt->service, user, service);
321 auth2_authctxt_reset_info(authctxt);
322 authctxt->postponed = 0;
323 authctxt->server_caused_failure = 0;
326 m = authmethod_lookup(authctxt, method);
327 if (m != NULL && authctxt->failures < options.max_authtries) {
331 if (!authctxt->authenticated && strcmp(method, "none") != 0)
333 user_specific_delay(authctxt->user));
347 Authctxt *authctxt = ssh->authctxt;
354 if (!authctxt->valid) {
356 authctxt->user);
358 if (authctxt->postponed)
367 if (authenticated && authctxt->pw->pw_uid == 0 &&
372 if (!auth2_update_methods_lists(authctxt, method, submethod)) {
383 auth2_update_session_info(authctxt, method, submethod);
385 if (authctxt->postponed)
397 authctxt->success = 1;
398 ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user);
401 if (!partial && !authctxt->server_caused_failure &&
402 (authctxt->attempt > 1 || strcmp(method, "none") != 0))
403 authctxt->failures++;
404 if (authctxt->failures >= options.max_authtries)
406 methods = authmethods_get(authctxt);
425 auth2_method_allowed(Authctxt *authctxt, const char *method,
431 * NB. authctxt->num_auth_methods might be zero as a result of
436 for (i = 0; i < authctxt->num_auth_methods; i++) {
437 if (list_starts_with(authctxt->auth_methods[i], method,
445 authmethods_get(Authctxt *authctxt)
459 if (!auth2_method_allowed(authctxt, authmethods[i]->cfg->name,
490 authmethod_lookup(Authctxt *authctxt, const char *name)
501 if (!auth2_method_allowed(authctxt, method->cfg->name, NULL)) {
512 * leave authctxt->num_auth_methods == 0, even when multiple required auth
517 auth2_setup_methods_lists(Authctxt *authctxt)
532 authctxt->auth_methods = xcalloc(options.num_auth_methods,
533 sizeof(*authctxt->auth_methods));
534 authctxt->num_auth_methods = 0;
543 authctxt->num_auth_methods, options.auth_methods[i]);
544 authctxt->auth_methods[authctxt->num_auth_methods++] =
547 if (authctxt->num_auth_methods == 0) {
614 auth2_update_methods_lists(Authctxt *authctxt, const char *method,
620 for (i = 0; i < authctxt->num_auth_methods; i++) {
621 if (!remove_method(&(authctxt->auth_methods[i]), method,
625 if (*authctxt->auth_methods[i] == '\0') {
630 i, authctxt->auth_methods[i]);
639 void auth2_authctxt_reset_info(Authctxt *authctxt)
641 sshkey_free(authctxt->auth_method_key);
642 free(authctxt->auth_method_info);
643 authctxt->auth_method_key = NULL;
644 authctxt->auth_method_info = NULL;
649 auth2_record_info(Authctxt *authctxt, const char *fmt, ...)
654 free(authctxt->auth_method_info);
655 authctxt->auth_method_info = NULL;
658 i = vasprintf(&authctxt->auth_method_info, fmt, ap);
671 auth2_record_key(Authctxt *authctxt, int authenticated,
679 sshkey_free(authctxt->auth_method_key);
680 authctxt->auth_method_key = dup;
688 if (authctxt->nprev_keys >= INT_MAX ||
689 (tmp = recallocarray(authctxt->prev_keys, authctxt->nprev_keys,
690 authctxt->nprev_keys + 1, sizeof(*authctxt->prev_keys))) == NULL)
692 authctxt->prev_keys = tmp;
693 authctxt->prev_keys[authctxt->nprev_keys] = dup;
694 authctxt->nprev_keys++;
700 auth2_key_already_used(Authctxt *authctxt, const struct sshkey *key)
705 for (i = 0; i < authctxt->nprev_keys; i++) {
706 if (sshkey_equal_public(key, authctxt->prev_keys[i])) {
707 fp = sshkey_fingerprint(authctxt->prev_keys[i],
710 sshkey_type(authctxt->prev_keys[i]),
720 * Updates authctxt->session_info with details of authentication. Should be
724 auth2_update_session_info(Authctxt *authctxt, const char *method,
729 if (authctxt->session_info == NULL) {
730 if ((authctxt->session_info = sshbuf_new()) == NULL)
735 if ((r = sshbuf_putf(authctxt->session_info, "%s%s%s",
741 if (authctxt->auth_method_key != NULL) {
742 if ((r = sshbuf_put_u8(authctxt->session_info, ' ')) != 0 ||
743 (r = sshkey_format_text(authctxt->auth_method_key,
744 authctxt->session_info)) != 0)
748 if (authctxt->auth_method_info != NULL) {
750 if (strchr(authctxt->auth_method_info, '\n') != NULL)
752 if ((r = sshbuf_put_u8(authctxt->session_info, ' ')) != 0 ||
753 (r = sshbuf_putf(authctxt->session_info, "%s",
754 authctxt->auth_method_info)) != 0) {
758 if ((r = sshbuf_put_u8(authctxt->session_info, '\n')) != 0)