server_password.c 2.99 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
/* server_password.c
 *
 * System dependant password related functions.
4
 *
Niels Möller's avatar
Niels Möller committed
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 */

/* lsh, an implementation of the ssh protocol
 *
 * Copyright (C) 1998 Niels Mller
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
J.H.M. Dassen's avatar
J.H.M. Dassen committed
23
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
Niels Möller's avatar
Niels Möller committed
24
25
 */

26
27
28
29
#if HAVE_CONFIG_H
#include "config.h"
#endif

30
#include "charset.h"
31
#include "format.h"
32
#include "parse.h"
Niels Möller's avatar
Niels Möller committed
33
#include "ssh.h"
34
#include "server_userauth.h"
35
#include "werror.h"
36
37
#include "xalloc.h"

38
39
40
41
42
43
44
45
46
47
#include "server_password.c.x"

/* GABA:
   (class
     (name userauth_password)
     (super userauth)
     (vars
       (db object user_db)))
*/

Niels Möller's avatar
Niels Möller committed
48
static void
49
do_authenticate(struct userauth *s,
50
		struct ssh_connection *connection UNUSED,
Niels Möller's avatar
Niels Möller committed
51
		struct lsh_string *username,
52
		uint32_t service UNUSED,
Niels Möller's avatar
Niels Möller committed
53
54
55
		struct simple_buffer *args,
		struct command_continuation *c,
		struct exception_handler *e)
56
{
57
58
  CAST(userauth_password, self, s);
  
59
  int change_passwd;
60
  
61
  username = utf8_to_local(username, utf8_paranoid, 1);
62
  if (!username)
Niels Möller's avatar
Niels Möller committed
63
    {
Niels Möller's avatar
Niels Möller committed
64
      PROTOCOL_ERROR(e, "Invalid utf8 in username.");
Niels Möller's avatar
Niels Möller committed
65
66
      return;
    }
67

68
69
  if (parse_boolean(args, &change_passwd))
    {
70
71
      struct lsh_string *password = NULL;
      
72
      if (change_passwd)
73
	{
Niels Möller's avatar
Niels Möller committed
74
75
76
77
	  static const struct exception passwd_change_not_implemented
	    = STATIC_EXCEPTION(EXC_USERAUTH,
			       "Password change not implemented.");
	  
78
	  lsh_string_free(username);
Niels Möller's avatar
Niels Möller committed
79
80
81
	  EXCEPTION_RAISE(e, &passwd_change_not_implemented);
			  
	  return;
82
	}
83
84
      if ( (password = parse_string_copy(args))
	   && parse_eod(args))
85
	{
86
	  struct lsh_user *user;
87

88
	  password = utf8_to_local(password, 0, 1);
89

90
91
92
	  if (!password)
	    {
	      lsh_string_free(username);
93
	      PROTOCOL_ERROR(e, "Invalid utf8 in password.");
Niels Möller's avatar
Niels Möller committed
94
	      return;
95
96
	    }
       
97
	  user = USER_LOOKUP(self->db, username, 1);
98
99
100

	  if (!user)
	    {
Niels Möller's avatar
Niels Möller committed
101
102
103
	      static const struct exception no_such_user
		= STATIC_EXCEPTION(EXC_USERAUTH, "No such user");
	      
104
	      lsh_string_free(password);
Niels Möller's avatar
Niels Möller committed
105
106
	      EXCEPTION_RAISE(e, &no_such_user);
	      return;
107
108
	    }

109
	  USER_VERIFY_PASSWORD(user, password, c, e);
110
	  return;
111
	}
112
113
      if (password)
	lsh_string_free(password);
114
    }
115
  
116
  /* Request was invalid */
117
  lsh_string_free(username);
118
  
119
  PROTOCOL_ERROR(e, "Invalid password USERAUTH message.");
120
}
121

122
123
124
125
126
127
128
129
130
131
struct userauth *
make_userauth_password(struct user_db *db)
{
  NEW(userauth_password, self);
  self->super.authenticate = do_authenticate;
  self->db = db;

  return &self->super;
}