auth-skey.c revision 162856 
1/* $OpenBSD: auth-skey.c,v 1.26 2006/08/05 08:28:24 dtucker Exp $ */
2/*
3 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "includes.h"
27__RCSID("$FreeBSD: head/crypto/openssh/auth-skey.c 162856 2006-09-30 13:38:06Z des $");
28
29#ifdef SKEY
30
31#include <sys/types.h>
32
33#include <pwd.h>
34#include <stdio.h>
35
36#ifdef OPIE
37#include <opie.h>
38#define skey			opie
39#define skeychallenge(k, u, c)	opiechallenge((k), (u), (c))
40#define skey_haskey(u)		opie_haskey((u))
41#define skey_passcheck(u, r)	opie_passverify((u), (r))
42#else
43#include <skey.h>
44#endif
45
46#include "xmalloc.h"
47#include "key.h"
48#include "hostfile.h"
49#include "auth.h"
50#include "ssh-gss.h"
51#include "monitor_wrap.h"
52
53static void *
54skey_init_ctx(Authctxt *authctxt)
55{
56	return authctxt;
57}
58
59int
60skey_query(void *ctx, char **name, char **infotxt,
61    u_int* numprompts, char ***prompts, u_int **echo_on)
62{
63	Authctxt *authctxt = ctx;
64	char challenge[1024];
65	struct skey skey;
66
67	if (_compat_skeychallenge(&skey, authctxt->user, challenge,
68	    sizeof(challenge)) == -1)
69		return -1;
70
71	*name  = xstrdup("");
72	*infotxt  = xstrdup("");
73	*numprompts = 1;
74	*prompts = xcalloc(*numprompts, sizeof(char *));
75	*echo_on = xcalloc(*numprompts, sizeof(u_int));
76
77	xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
78
79	return 0;
80}
81
82int
83skey_respond(void *ctx, u_int numresponses, char **responses)
84{
85	Authctxt *authctxt = ctx;
86
87	if (authctxt->valid &&
88	    numresponses == 1 &&
89	    skey_haskey(authctxt->pw->pw_name) == 0 &&
90	    skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
91	    return 0;
92	return -1;
93}
94
95static void
96skey_free_ctx(void *ctx)
97{
98	/* we don't have a special context */
99}
100
101KbdintDevice skey_device = {
102	"skey",
103	skey_init_ctx,
104	skey_query,
105	skey_respond,
106	skey_free_ctx
107};
108
109KbdintDevice mm_skey_device = {
110	"skey",
111	skey_init_ctx,
112	mm_skey_query,
113	mm_skey_respond,
114	skey_free_ctx
115};
116#endif /* SKEY */
117