auth-skey.c revision 181097 
110216Sphk/* $OpenBSD: auth-skey.c,v 1.26 2006/08/05 08:28:24 dtucker Exp $ */
210216Sphk/*
310216Sphk * Copyright (c) 2001 Markus Friedl.  All rights reserved.
410216Sphk *
510216Sphk * Redistribution and use in source and binary forms, with or without
610216Sphk * modification, are permitted provided that the following conditions
710216Sphk * are met:
810216Sphk * 1. Redistributions of source code must retain the above copyright
910216Sphk *    notice, this list of conditions and the following disclaimer.
1010216Sphk * 2. Redistributions in binary form must reproduce the above copyright
1110216Sphk *    notice, this list of conditions and the following disclaimer in the
1210216Sphk *    documentation and/or other materials provided with the distribution.
1310216Sphk *
1410216Sphk * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
1510216Sphk * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
1610216Sphk * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
1710216Sphk * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
1810216Sphk * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
1910216Sphk * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
2010216Sphk * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
2110216Sphk * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
2210216Sphk * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
2310216Sphk * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2410216Sphk */
2510216Sphk
2610216Sphk#include "includes.h"
2710216Sphk
2810216Sphk#ifdef SKEY
2910216Sphk
3018444Sbde#include <sys/types.h>
3154021Simp
3254021Simp#include <pwd.h>
3331289Snate#include <stdio.h>
3431289Snate
3518444Sbde#include <skey.h>
3655206Speter
3718444Sbde#include "xmalloc.h"
3818444Sbde#include "key.h"
3918444Sbde#include "hostfile.h"
4018444Sbde#include "auth.h"
4110216Sphk#include "ssh-gss.h"
4210216Sphk#include "monitor_wrap.h"
4310216Sphk
4410216Sphkstatic void *
4510216Sphkskey_init_ctx(Authctxt *authctxt)
4656095Shosokawa{
4710216Sphk	return authctxt;
4810216Sphk}
4910216Sphk
5054021Simpint
5143964Skuriyamaskey_query(void *ctx, char **name, char **infotxt,
5265991Ssanpei    u_int* numprompts, char ***prompts, u_int **echo_on)
5310216Sphk{
5410216Sphk	Authctxt *authctxt = ctx;
5510216Sphk	char challenge[1024];
5610216Sphk	struct skey skey;
5710216Sphk
5810216Sphk	if (_compat_skeychallenge(&skey, authctxt->user, challenge,
5910216Sphk	    sizeof(challenge)) == -1)
6010216Sphk		return -1;
6180438Simp
6280438Simp	*name  = xstrdup("");
6380438Simp	*infotxt  = xstrdup("");
6480464Simp	*numprompts = 1;
6580464Simp	*prompts = xcalloc(*numprompts, sizeof(char *));
6680464Simp	*echo_on = xcalloc(*numprompts, sizeof(u_int));
6780464Simp
6880464Simp	xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
6980464Simp
7080464Simp	return 0;
7180464Simp}
7280464Simp
7380464Simpint
7480464Simpskey_respond(void *ctx, u_int numresponses, char **responses)
7580464Simp{
7680464Simp	Authctxt *authctxt = ctx;
7780464Simp
7880438Simp	if (authctxt->valid &&
7980438Simp	    numresponses == 1 &&
8080438Simp	    skey_haskey(authctxt->pw->pw_name) == 0 &&
8180439Simp	    skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
8280439Simp	    return 0;
8380439Simp	return -1;
8480439Simp}
8580438Simp
8680438Simpstatic void
8780438Simpskey_free_ctx(void *ctx)
8880438Simp{
8980438Simp	/* we don't have a special context */
9080438Simp}
9180439Simp
9280439SimpKbdintDevice skey_device = {
9380439Simp	"skey",
9480439Simp	skey_init_ctx,
9510216Sphk	skey_query,
9664878Sume	skey_respond,
9710216Sphk	skey_free_ctx
9810216Sphk};
9910216Sphk
10010216SphkKbdintDevice mm_skey_device = {
10112173Sphk	"skey",
10210216Sphk	skey_init_ctx,
10310216Sphk	mm_skey_query,
10410216Sphk	mm_skey_respond,
10510216Sphk	skey_free_ctx
10610216Sphk};
10712173Sphk#endif /* SKEY */
10810216Sphk