1 /* $OpenBSD: auth-skey.c,v 1.27 2007/01/21 01:41:54 stevesk Exp $ */ 2 /* 3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include "includes.h" 27 28 #ifdef SKEY 29 30 #include <sys/types.h> 31 32 #include <pwd.h> 33 #include <stdio.h> 34 35 #include <skey.h> 36 37 #include "xmalloc.h" 38 #include "key.h" 39 #include "hostfile.h" 40 #include "auth.h" 41 #include "ssh-gss.h" 42 #include "log.h" 43 #include "monitor_wrap.h" 44 45 static void * 46 skey_init_ctx(Authctxt *authctxt) 47 { 48 return authctxt; 49 } 50 51 int 52 skey_query(void *ctx, char **name, char **infotxt, 53 u_int* numprompts, char ***prompts, u_int **echo_on) 54 { 55 Authctxt *authctxt = ctx; 56 char challenge[1024]; 57 struct skey skey; 58 59 if (_compat_skeychallenge(&skey, authctxt->user, challenge, 60 sizeof(challenge)) == -1) 61 return -1; 62 63 *name = xstrdup(""); 64 *infotxt = xstrdup(""); 65 *numprompts = 1; 66 *prompts = xcalloc(*numprompts, sizeof(char *)); 67 *echo_on = xcalloc(*numprompts, sizeof(u_int)); 68 69 xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); 70 71 return 0; 72 } 73 74 int 75 skey_respond(void *ctx, u_int numresponses, char **responses) 76 { 77 Authctxt *authctxt = ctx; 78 79 if (authctxt->valid && 80 numresponses == 1 && 81 skey_haskey(authctxt->pw->pw_name) == 0 && 82 skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) 83 return 0; 84 return -1; 85 } 86 87 static void 88 skey_free_ctx(void *ctx) 89 { 90 /* we don't have a special context */ 91 } 92 93 KbdintDevice skey_device = { 94 "skey", 95 skey_init_ctx, 96 skey_query, 97 skey_respond, 98 skey_free_ctx 99 }; 100 101 KbdintDevice mm_skey_device = { 102 "skey", 103 skey_init_ctx, 104 mm_skey_query, 105 mm_skey_respond, 106 skey_free_ctx 107 }; 108 #endif /* SKEY */ 109
