| version 1.7, 2001/04/05 10:42:47 |
version 1.8, 2001/05/18 14:13:28 |
|
|
| |
|
| #include "auth.h" |
#include "auth.h" |
| #include "log.h" |
#include "log.h" |
| |
#include "xmalloc.h" |
| |
|
| #ifdef BSD_AUTH |
/* limited protocol v1 interface to kbd-interactive authentication */ |
| |
|
| |
extern KbdintDevice *devices[]; |
| |
static KbdintDevice *device; |
| |
|
| char * |
char * |
| get_challenge(Authctxt *authctxt, char *devs) |
get_challenge(Authctxt *authctxt) |
| { |
{ |
| char *challenge; |
char *challenge, *name, *info, **prompts; |
| |
u_int i, numprompts; |
| |
u_int *echo_on; |
| |
|
| if (authctxt->as != NULL) { |
device = devices[0]; /* we always use the 1st device for protocol 1 */ |
| debug2("try reuse session"); |
if (device == NULL) |
| challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); |
|
| if (challenge != NULL) { |
|
| debug2("reuse bsd auth session"); |
|
| return challenge; |
|
| } |
|
| auth_close(authctxt->as); |
|
| authctxt->as = NULL; |
|
| } |
|
| debug2("new bsd auth session"); |
|
| if (devs == NULL || strlen(devs) == 0) |
|
| devs = authctxt->style; |
|
| debug3("bsd auth: devs %s", devs ? devs : "<default>"); |
|
| authctxt->as = auth_userchallenge(authctxt->user, devs, "auth-ssh", |
|
| &challenge); |
|
| if (authctxt->as == NULL) |
|
| return NULL; |
return NULL; |
| debug2("get_challenge: <%s>", challenge ? challenge : "EMPTY"); |
if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL) |
| return challenge; |
return NULL; |
| |
if (device->query(authctxt->kbdintctxt, &name, &info, |
| |
&numprompts, &prompts, &echo_on)) { |
| |
device->free_ctx(authctxt->kbdintctxt); |
| |
authctxt->kbdintctxt = NULL; |
| |
return NULL; |
| |
} |
| |
if (numprompts < 1) |
| |
fatal("get_challenge: numprompts < 1"); |
| |
challenge = xstrdup(prompts[0]); |
| |
for (i = 0; i < numprompts; i++) |
| |
xfree(prompts[i]); |
| |
xfree(prompts); |
| |
xfree(name); |
| |
xfree(echo_on); |
| |
xfree(info); |
| |
|
| |
return (challenge); |
| } |
} |
| int |
int |
| verify_response(Authctxt *authctxt, char *response) |
verify_response(Authctxt *authctxt, const char *response) |
| { |
{ |
| int authok; |
char *resp[1]; |
| |
int res; |
| |
|
| if (authctxt->as == 0) |
if (device == NULL) |
| error("verify_response: no bsd auth session"); |
return 0; |
| authok = auth_userresponse(authctxt->as, response, 0); |
if (authctxt->kbdintctxt == NULL) |
| authctxt->as = NULL; |
return 0; |
| debug("verify_response: <%s> = <%d>", response, authok); |
resp[0] = (char *)response; |
| return authok != 0; |
res = device->respond(authctxt->kbdintctxt, 1, resp); |
| |
device->free_ctx(authctxt->kbdintctxt); |
| |
authctxt->kbdintctxt = NULL; |
| |
return res ? 0 : 1; |
| } |
} |
| #else |
|
| #ifdef SKEY |
|
| #include <skey.h> |
|
| |
|
| char * |
|
| get_challenge(Authctxt *authctxt, char *devs) |
|
| { |
|
| static char challenge[1024]; |
|
| struct skey skey; |
|
| if (skeychallenge(&skey, authctxt->user, challenge) == -1) |
|
| return NULL; |
|
| strlcat(challenge, "\nS/Key Password: ", sizeof challenge); |
|
| return challenge; |
|
| } |
|
| int |
|
| verify_response(Authctxt *authctxt, char *response) |
|
| { |
|
| return (authctxt->valid && |
|
| skey_haskey(authctxt->pw->pw_name) == 0 && |
|
| skey_passcheck(authctxt->pw->pw_name, response) != -1); |
|
| } |
|
| #else |
|
| /* not available */ |
|
| char * |
|
| get_challenge(Authctxt *authctxt, char *devs) |
|
| { |
|
| return NULL; |
|
| } |
|
| int |
|
| verify_response(Authctxt *authctxt, char *response) |
|
| { |
|
| return 0; |
|
| } |
|
| #endif |
|
| #endif |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to auth-chall.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh