=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/Attic/auth-chall.c,v retrieving revision 1.4.2.5 retrieving revision 1.5 diff -u -r1.4.2.5 -r1.5 --- src/usr.bin/ssh/Attic/auth-chall.c 2001/09/27 00:15:41 1.4.2.5 +++ src/usr.bin/ssh/Attic/auth-chall.c 2001/03/02 18:54:30 1.5 @@ -23,60 +23,40 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-chall.c,v 1.4.2.5 2001/09/27 00:15:41 miod Exp $"); +RCSID("$OpenBSD: auth-chall.c,v 1.5 2001/03/02 18:54:30 deraadt Exp $"); #include "auth.h" -#include "log.h" -#include "xmalloc.h" -/* limited protocol v1 interface to kbd-interactive authentication */ +#ifdef SKEY +#include -extern KbdintDevice *devices[]; -static KbdintDevice *device; - char * -get_challenge(Authctxt *authctxt) +get_challenge(Authctxt *authctxt, char *devs) { - char *challenge, *name, *info, **prompts; - u_int i, numprompts; - u_int *echo_on; - - device = devices[0]; /* we always use the 1st device for protocol 1 */ - if (device == NULL) + static char challenge[1024]; + struct skey skey; + if (skeychallenge(&skey, authctxt->user, challenge) == -1) return NULL; - if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL) - return NULL; - if (device->query(authctxt->kbdintctxt, &name, &info, - &numprompts, &prompts, &echo_on)) { - device->free_ctx(authctxt->kbdintctxt); - authctxt->kbdintctxt = NULL; - return NULL; - } - if (numprompts < 1) - fatal("get_challenge: numprompts < 1"); - challenge = xstrdup(prompts[0]); - for (i = 0; i < numprompts; i++) - xfree(prompts[i]); - xfree(prompts); - xfree(name); - xfree(echo_on); - xfree(info); - - return (challenge); + strlcat(challenge, "\nS/Key Password: ", sizeof challenge); + return challenge; } int -verify_response(Authctxt *authctxt, const char *response) +verify_response(Authctxt *authctxt, char *response) { - char *resp[1]; - int res; - - if (device == NULL) - return 0; - if (authctxt->kbdintctxt == NULL) - return 0; - resp[0] = (char *)response; - res = device->respond(authctxt->kbdintctxt, 1, resp); - device->free_ctx(authctxt->kbdintctxt); - authctxt->kbdintctxt = NULL; - return res ? 0 : 1; + return (authctxt->valid && + skey_haskey(authctxt->pw->pw_name) == 0 && + skey_passcheck(authctxt->pw->pw_name, response) != -1); } +#else +/* not available */ +char * +get_challenge(Authctxt *authctxt, char *devs) +{ + return NULL; +} +int +verify_response(Authctxt *authctxt, char *response) +{ + return 0; +} +#endif