Annotation of src/usr.bin/ssh/auth-chall.c, Revision 1.10
1.1 markus 1: /*
1.5 deraadt 2: * Copyright (c) 2001 Markus Friedl. All rights reserved.
1.1 markus 3: *
4: * Redistribution and use in source and binary forms, with or without
5: * modification, are permitted provided that the following conditions
6: * are met:
7: * 1. Redistributions of source code must retain the above copyright
8: * notice, this list of conditions and the following disclaimer.
9: * 2. Redistributions in binary form must reproduce the above copyright
10: * notice, this list of conditions and the following disclaimer in the
11: * documentation and/or other materials provided with the distribution.
12: *
13: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23: */
24:
25: #include "includes.h"
26:
27: #include "auth.h"
1.6 markus 28: #include "log.h"
1.8 markus 29: #include "xmalloc.h"
30:
31: /* limited protocol v1 interface to kbd-interactive authentication */
32:
33: extern KbdintDevice *devices[];
34: static KbdintDevice *device;
1.1 markus 35:
1.6 markus 36: char *
1.8 markus 37: get_challenge(Authctxt *authctxt)
1.6 markus 38: {
1.8 markus 39: char *challenge, *name, *info, **prompts;
40: u_int i, numprompts;
41: u_int *echo_on;
1.6 markus 42:
1.8 markus 43: device = devices[0]; /* we always use the 1st device for protocol 1 */
44: if (device == NULL)
45: return NULL;
46: if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL)
47: return NULL;
48: if (device->query(authctxt->kbdintctxt, &name, &info,
49: &numprompts, &prompts, &echo_on)) {
50: device->free_ctx(authctxt->kbdintctxt);
51: authctxt->kbdintctxt = NULL;
52: return NULL;
1.6 markus 53: }
1.8 markus 54: if (numprompts < 1)
55: fatal("get_challenge: numprompts < 1");
56: challenge = xstrdup(prompts[0]);
57: for (i = 0; i < numprompts; i++)
58: xfree(prompts[i]);
59: xfree(prompts);
60: xfree(name);
61: xfree(echo_on);
62: xfree(info);
63:
64: return (challenge);
1.6 markus 65: }
66: int
1.8 markus 67: verify_response(Authctxt *authctxt, const char *response)
1.6 markus 68: {
1.8 markus 69: char *resp[1];
1.9 djm 70: int authenticated = 0;
1.2 markus 71:
1.8 markus 72: if (device == NULL)
73: return 0;
74: if (authctxt->kbdintctxt == NULL)
75: return 0;
76: resp[0] = (char *)response;
1.9 djm 77: if (device->respond(authctxt->kbdintctxt, 1, resp) == 0)
78: authenticated = 1;
1.8 markus 79: device->free_ctx(authctxt->kbdintctxt);
80: authctxt->kbdintctxt = NULL;
1.9 djm 81: return authenticated;
1.1 markus 82: }