64 static char *get_method_name(Authctxt *authctxt);
75 get_method_name(Authctxt *authctxt)  in get_method_name()  argument
77 	if (!authctxt)  in get_method_name()
81 		return (authctxt->v1_auth_name) ? authctxt->v1_auth_name :  in get_method_name()
84 	if (!authctxt->method || !authctxt->method->name)  in get_method_name()
87 	return authctxt->method->name;  in get_method_name()
153 new_start_pam(Authctxt *authctxt, struct pam_conv *conv)  in new_start_pam()  argument
162 	if (authctxt == NULL)  in new_start_pam()
165 	if (compat20 && authctxt->method == NULL)  in new_start_pam()
169 	svc = derive_pam_service_name(authctxt->method);  in new_start_pam()
171 		get_method_name(authctxt));  in new_start_pam()
173 	if (authctxt->user != NULL)  in new_start_pam()
174 		user = authctxt->user;  in new_start_pam()
177 	if (authctxt->pam != NULL) {  in new_start_pam()
178 		fatal_remove_cleanup(&do_pam_cleanup_proc, authctxt->pam);  in new_start_pam()
179 		do_pam_cleanup_proc(authctxt->pam);  in new_start_pam()
197 	pam->authctxt = authctxt;  in new_start_pam()
200 	authctxt->pam = pam;  in new_start_pam()
210 			get_method_name(authctxt));  in new_start_pam()
216 			  (void *) authctxt->pam);  in new_start_pam()
222 			get_method_name(authctxt));  in new_start_pam()
228 			get_method_name(authctxt));  in new_start_pam()
231 	if (authctxt->cuser != NULL)   in new_start_pam()
232 		if ((retval = pam_set_item(pamh, PAM_AUSER, authctxt->cuser)) != PAM_SUCCESS) {  in new_start_pam()
235 				get_method_name(authctxt));  in new_start_pam()
238 	authctxt->pam->h = pamh;  in new_start_pam()
251 finish_userauth_do_pam(Authctxt *authctxt)  in finish_userauth_do_pam()  argument
257 	if (authctxt == NULL || authctxt->pam == NULL)  in finish_userauth_do_pam()
261 		if (authctxt->method == NULL || authctxt->method->name == NULL)  in finish_userauth_do_pam()
263 		method = authctxt->method->name;  in finish_userauth_do_pam()
264 	} else if ((method = authctxt->v1_auth_name) == NULL)  in finish_userauth_do_pam()
267 	if (AUTHPAM_DONE(authctxt))  in finish_userauth_do_pam()
270 	if (!(authctxt->pam->state & PAM_S_DONE_ACCT_MGMT)) {  in finish_userauth_do_pam()
271 		retval = pam_acct_mgmt(authctxt->pam->h, 0);  in finish_userauth_do_pam()
272 		authctxt->pam->last_pam_retval = retval;  in finish_userauth_do_pam()
279 		authctxt->pam->state |= PAM_S_DONE_ACCT_MGMT;  in finish_userauth_do_pam()
291 	retval = pam_get_item(authctxt->pam->h, PAM_USER, (void **) &user);  in finish_userauth_do_pam()
295 		      PAM_STRERROR(authctxt->pam->h, retval));  in finish_userauth_do_pam()
303 	if (strcmp(user, authctxt->user) != 0) {  in finish_userauth_do_pam()
305 		pwfree(&authctxt->pw);  in finish_userauth_do_pam()
306 		authctxt->pw = getpwnamallow(user);  in finish_userauth_do_pam()
307 		authctxt->valid = (authctxt->pw != NULL);  in finish_userauth_do_pam()
308 		xfree(authctxt->user);  in finish_userauth_do_pam()
309 		authctxt->user = xstrdup(user);  in finish_userauth_do_pam()
312 	if (!authctxt->valid) {  in finish_userauth_do_pam()
322 	if (authctxt->pw->pw_uid == 0 && !auth_root_allowed(method))  in finish_userauth_do_pam()
325 	if (!(authctxt->pam->state & PAM_S_DONE_SETCRED)) {  in finish_userauth_do_pam()
326 		retval = pam_setcred(authctxt->pam->h,  in finish_userauth_do_pam()
328 		authctxt->pam->last_pam_retval = retval;  in finish_userauth_do_pam()
331 		authctxt->pam->state |= PAM_S_DONE_SETCRED;  in finish_userauth_do_pam()
338 		ssh_gssapi_storecreds(NULL, authctxt);  in finish_userauth_do_pam()
347 	authctxt->last_login_time =  in finish_userauth_do_pam()
348 		get_last_login_time(authctxt->pw->pw_uid,  in finish_userauth_do_pam()
349 			authctxt->pw->pw_name,  in finish_userauth_do_pam()
350 			authctxt->last_login_host,  in finish_userauth_do_pam()
351 			sizeof(authctxt->last_login_host));  in finish_userauth_do_pam()
353 	if (!(authctxt->pam->state & PAM_S_DONE_OPEN_SESSION)) {  in finish_userauth_do_pam()
354 		retval = pam_open_session(authctxt->pam->h, 0);  in finish_userauth_do_pam()
355 		authctxt->pam->last_pam_retval = retval;  in finish_userauth_do_pam()
358 		authctxt->pam->state |= PAM_S_DONE_OPEN_SESSION;  in finish_userauth_do_pam()
439 	if (pam->authctxt != NULL && pam->authctxt->pam == pam) {  in do_pam_cleanup_proc()
440 		pam->authctxt->pam_retval = pam->last_pam_retval;  in do_pam_cleanup_proc()
441 		pam->authctxt->pam = NULL;  in do_pam_cleanup_proc()
442 		pam->authctxt = NULL;  in do_pam_cleanup_proc()
492 auth_pam_password(Authctxt *authctxt, const char *password)  in auth_pam_password()  argument
497 	new_start_pam(authctxt, &conv);  in auth_pam_password()
499 	retval = pam_set_item(authctxt->pam->h, PAM_AUTHTOK, password);  in auth_pam_password()
501 		authctxt->pam->last_pam_retval = retval;  in auth_pam_password()
505 	retval = pam_authenticate(authctxt->pam->h,  in auth_pam_password()
510 		authctxt->pam->last_pam_retval = retval;  in auth_pam_password()
514 	if ((retval = finish_userauth_do_pam(authctxt)) != PAM_SUCCESS)  in auth_pam_password()
517 	if (authctxt->method)  in auth_pam_password()
518 		authctxt->method->authenticated = 1;	/* SSHv2 */  in auth_pam_password()
524 do_pam_non_initial_userauth(Authctxt *authctxt)  in do_pam_non_initial_userauth()  argument
526 	new_start_pam(authctxt, NULL);  in do_pam_non_initial_userauth()
527 	return (finish_userauth_do_pam(authctxt) == PAM_SUCCESS);  in do_pam_non_initial_userauth()
531 void finish_pam(Authctxt *authctxt)  in finish_pam()  argument
533 	fatal_remove_cleanup(&do_pam_cleanup_proc, authctxt->pam);  in finish_pam()
534 	do_pam_cleanup_proc(authctxt->pam);  in finish_pam()
559 fetch_pam_environment(Authctxt *authctxt)  in fetch_pam_environment()  argument
564 	if (authctxt == NULL || authctxt->pam == NULL ||  in fetch_pam_environment()
565 	    authctxt->pam->h == NULL)  in fetch_pam_environment()
568 	penv = pam_getenvlist(authctxt->pam->h);  in fetch_pam_environment()