version 1.9, 2001/06/19 01:49:45 |
version 1.10, 2002/05/16 17:26:58 |
|
|
/* $OpenBSD$ */ |
/* $OpenBSD$ */ |
|
|
/* |
/* |
* Copyright (c) 1997, 2001 Todd C. Miller <Todd.Miller@courtesan.com> |
* Copyright (c) 1997, 2001, 2002 Todd C. Miller <Todd.Miller@courtesan.com> |
* All rights reserved. |
* All rights reserved. |
* |
* |
* Redistribution and use in source and binary forms, with or without |
* Redistribution and use in source and binary forms, with or without |
|
|
*/ |
*/ |
|
|
#include <err.h> |
#include <err.h> |
|
#include <limits.h> |
|
#include <paths.h> |
#include <pwd.h> |
#include <pwd.h> |
#include <stdio.h> |
#include <stdio.h> |
|
#include <stdlib.h> |
#include <string.h> |
#include <string.h> |
#include <unistd.h> |
#include <unistd.h> |
#include <skey.h> |
#include <skey.h> |
#include <login_cap.h> |
|
#include <bsd_auth.h> |
|
|
|
extern char *__progname; |
extern char *__progname; |
|
|
|
|
main(int argc, char **argv) |
main(int argc, char **argv) |
{ |
{ |
struct passwd *pw; |
struct passwd *pw; |
char *style, *challenge, *cp, *name; |
struct skey key; |
int ch, verbose = 0; |
char *name = NULL; |
login_cap_t *lc; |
int error, ch, verbose = 0; |
auth_session_t *as; |
|
|
|
name = NULL; |
while ((ch = getopt(argc, argv, "v")) != -1) |
style = "skey"; |
|
while ((ch = getopt(argc, argv, "a:v")) != -1) |
|
switch(ch) { |
switch(ch) { |
case 'a': |
|
style = optarg; |
|
break; |
|
case 'v': |
case 'v': |
verbose = 1; |
verbose = 1; |
break; |
break; |
|
|
if ((name = strdup(pw->pw_name)) == NULL) |
if ((name = strdup(pw->pw_name)) == NULL) |
err(1, "cannot allocate memory"); |
err(1, "cannot allocate memory"); |
|
|
if ((lc = login_getclass(pw->pw_class)) == NULL) |
error = skeylookup(&key, name); |
errx(1, "unable to classify user %s", name); |
switch (error) { |
|
case 0: /* Success! */ |
if ((cp = login_getstyle(lc, style, NULL)) == NULL) |
if (verbose) |
errx(1, "unknown authentication method %s", style); |
(void)printf("otp-%s ", skey_get_algorithm()); |
|
(void)printf("%d %s\n", key.n - 1, key.seed); |
as = auth_userchallenge(name, cp, NULL, &challenge); |
break; |
if (as == NULL || challenge == NULL) { |
case -1: /* File error */ |
if (as) |
err(1, "cannot open %s/%s", _PATH_SKEYDIR, name); |
auth_close(as); |
break; |
errx(1, "unable to retrieve challenge for %s", name); |
case 1: /* Unknown user */ |
|
errx(1, "%s is not listed in %s", name, _PATH_SKEYDIR); |
|
break; |
} |
} |
|
(void)fclose(key.keyfile); |
|
|
/* |
exit(error ? 1 : 0); |
* We only want the first line of the challenge so stop after a newline. |
|
* If the user wants the full challenge including the hash type |
|
* or if the challenge didn't start with 'otp-', print it verbatim. |
|
* Otherwise, strip off the first word. |
|
*/ |
|
if ((cp = strchr(challenge, '\n'))) |
|
*cp = '\0'; |
|
cp = strchr(challenge, ' '); |
|
if (verbose || *challenge != 'o' || !cp) |
|
cp = challenge; |
|
else |
|
cp++; |
|
puts(cp); |
|
|
|
auth_close(as); |
|
exit(0); |
|
} |
} |
|
|
void |
void |
usage(void) |
usage() |
{ |
{ |
|
(void)fprintf(stderr, "usage: %s [-v] [user]\n", __progname); |
(void)fprintf(stderr, "Usage: %s [-a auth-type] [-v] [user]\n", |
|
__progname); |
|
exit(1); |
exit(1); |
} |
} |