auth-skey.c revision 162856
1/* $OpenBSD: auth-skey.c,v 1.26 2006/08/05 08:28:24 dtucker Exp $ */ 2/* 3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" 27__RCSID("$FreeBSD: head/crypto/openssh/auth-skey.c 162856 2006-09-30 13:38:06Z des $"); 28 29#ifdef SKEY 30 31#include <sys/types.h> 32 33#include <pwd.h> 34#include <stdio.h> 35 36#ifdef OPIE 37#include <opie.h> 38#define skey opie 39#define skeychallenge(k, u, c) opiechallenge((k), (u), (c)) 40#define skey_haskey(u) opie_haskey((u)) 41#define skey_passcheck(u, r) opie_passverify((u), (r)) 42#else 43#include <skey.h> 44#endif 45 46#include "xmalloc.h" 47#include "key.h" 48#include "hostfile.h" 49#include "auth.h" 50#include "ssh-gss.h" 51#include "monitor_wrap.h" 52 53static void * 54skey_init_ctx(Authctxt *authctxt) 55{ 56 return authctxt; 57} 58 59int 60skey_query(void *ctx, char **name, char **infotxt, 61 u_int* numprompts, char ***prompts, u_int **echo_on) 62{ 63 Authctxt *authctxt = ctx; 64 char challenge[1024]; 65 struct skey skey; 66 67 if (_compat_skeychallenge(&skey, authctxt->user, challenge, 68 sizeof(challenge)) == -1) 69 return -1; 70 71 *name = xstrdup(""); 72 *infotxt = xstrdup(""); 73 *numprompts = 1; 74 *prompts = xcalloc(*numprompts, sizeof(char *)); 75 *echo_on = xcalloc(*numprompts, sizeof(u_int)); 76 77 xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); 78 79 return 0; 80} 81 82int 83skey_respond(void *ctx, u_int numresponses, char **responses) 84{ 85 Authctxt *authctxt = ctx; 86 87 if (authctxt->valid && 88 numresponses == 1 && 89 skey_haskey(authctxt->pw->pw_name) == 0 && 90 skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) 91 return 0; 92 return -1; 93} 94 95static void 96skey_free_ctx(void *ctx) 97{ 98 /* we don't have a special context */ 99} 100 101KbdintDevice skey_device = { 102 "skey", 103 skey_init_ctx, 104 skey_query, 105 skey_respond, 106 skey_free_ctx 107}; 108 109KbdintDevice mm_skey_device = { 110 "skey", 111 skey_init_ctx, 112 mm_skey_query, 113 mm_skey_respond, 114 skey_free_ctx 115}; 116#endif /* SKEY */ 117