version 1.4.2.5, 2001/09/27 00:15:41 |
version 1.5, 2001/03/02 18:54:30 |
|
|
RCSID("$OpenBSD$"); |
RCSID("$OpenBSD$"); |
|
|
#include "auth.h" |
#include "auth.h" |
#include "log.h" |
|
#include "xmalloc.h" |
|
|
|
/* limited protocol v1 interface to kbd-interactive authentication */ |
#ifdef SKEY |
|
#include <skey.h> |
|
|
extern KbdintDevice *devices[]; |
|
static KbdintDevice *device; |
|
|
|
char * |
char * |
get_challenge(Authctxt *authctxt) |
get_challenge(Authctxt *authctxt, char *devs) |
{ |
{ |
char *challenge, *name, *info, **prompts; |
static char challenge[1024]; |
u_int i, numprompts; |
struct skey skey; |
u_int *echo_on; |
if (skeychallenge(&skey, authctxt->user, challenge) == -1) |
|
|
device = devices[0]; /* we always use the 1st device for protocol 1 */ |
|
if (device == NULL) |
|
return NULL; |
return NULL; |
if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL) |
strlcat(challenge, "\nS/Key Password: ", sizeof challenge); |
return NULL; |
return challenge; |
if (device->query(authctxt->kbdintctxt, &name, &info, |
|
&numprompts, &prompts, &echo_on)) { |
|
device->free_ctx(authctxt->kbdintctxt); |
|
authctxt->kbdintctxt = NULL; |
|
return NULL; |
|
} |
|
if (numprompts < 1) |
|
fatal("get_challenge: numprompts < 1"); |
|
challenge = xstrdup(prompts[0]); |
|
for (i = 0; i < numprompts; i++) |
|
xfree(prompts[i]); |
|
xfree(prompts); |
|
xfree(name); |
|
xfree(echo_on); |
|
xfree(info); |
|
|
|
return (challenge); |
|
} |
} |
int |
int |
verify_response(Authctxt *authctxt, const char *response) |
verify_response(Authctxt *authctxt, char *response) |
{ |
{ |
char *resp[1]; |
return (authctxt->valid && |
int res; |
skey_haskey(authctxt->pw->pw_name) == 0 && |
|
skey_passcheck(authctxt->pw->pw_name, response) != -1); |
if (device == NULL) |
|
return 0; |
|
if (authctxt->kbdintctxt == NULL) |
|
return 0; |
|
resp[0] = (char *)response; |
|
res = device->respond(authctxt->kbdintctxt, 1, resp); |
|
device->free_ctx(authctxt->kbdintctxt); |
|
authctxt->kbdintctxt = NULL; |
|
return res ? 0 : 1; |
|
} |
} |
|
#else |
|
/* not available */ |
|
char * |
|
get_challenge(Authctxt *authctxt, char *devs) |
|
{ |
|
return NULL; |
|
} |
|
int |
|
verify_response(Authctxt *authctxt, char *response) |
|
{ |
|
return 0; |
|
} |
|
#endif |