Annotation of src/usr.bin/ssh/auth-chall.c, Revision 1.13
1.13 ! djm 1: /* $OpenBSD: auth-chall.c,v 1.12 2006/08/03 03:34:41 deraadt Exp $ */
1.1 markus 2: /*
1.5 deraadt 3: * Copyright (c) 2001 Markus Friedl. All rights reserved.
1.1 markus 4: *
5: * Redistribution and use in source and binary forms, with or without
6: * modification, are permitted provided that the following conditions
7: * are met:
8: * 1. Redistributions of source code must retain the above copyright
9: * notice, this list of conditions and the following disclaimer.
10: * 2. Redistributions in binary form must reproduce the above copyright
11: * notice, this list of conditions and the following disclaimer in the
12: * documentation and/or other materials provided with the distribution.
13: *
14: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24: */
25:
1.12 deraadt 26: #include <sys/types.h>
1.1 markus 27:
1.12 deraadt 28: #include "xmalloc.h"
29: #include "key.h"
30: #include "hostfile.h"
1.1 markus 31: #include "auth.h"
1.6 markus 32: #include "log.h"
1.8 markus 33:
34: /* limited protocol v1 interface to kbd-interactive authentication */
35:
36: extern KbdintDevice *devices[];
37: static KbdintDevice *device;
1.1 markus 38:
1.6 markus 39: char *
1.8 markus 40: get_challenge(Authctxt *authctxt)
1.6 markus 41: {
1.8 markus 42: char *challenge, *name, *info, **prompts;
43: u_int i, numprompts;
44: u_int *echo_on;
1.6 markus 45:
1.8 markus 46: device = devices[0]; /* we always use the 1st device for protocol 1 */
47: if (device == NULL)
48: return NULL;
49: if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL)
50: return NULL;
51: if (device->query(authctxt->kbdintctxt, &name, &info,
52: &numprompts, &prompts, &echo_on)) {
53: device->free_ctx(authctxt->kbdintctxt);
54: authctxt->kbdintctxt = NULL;
55: return NULL;
1.6 markus 56: }
1.8 markus 57: if (numprompts < 1)
58: fatal("get_challenge: numprompts < 1");
59: challenge = xstrdup(prompts[0]);
60: for (i = 0; i < numprompts; i++)
1.13 ! djm 61: free(prompts[i]);
! 62: free(prompts);
! 63: free(name);
! 64: free(echo_on);
! 65: free(info);
1.8 markus 66:
67: return (challenge);
1.6 markus 68: }
69: int
1.8 markus 70: verify_response(Authctxt *authctxt, const char *response)
1.6 markus 71: {
1.8 markus 72: char *resp[1];
1.9 djm 73: int authenticated = 0;
1.2 markus 74:
1.8 markus 75: if (device == NULL)
76: return 0;
77: if (authctxt->kbdintctxt == NULL)
78: return 0;
79: resp[0] = (char *)response;
1.9 djm 80: if (device->respond(authctxt->kbdintctxt, 1, resp) == 0)
81: authenticated = 1;
1.8 markus 82: device->free_ctx(authctxt->kbdintctxt);
83: authctxt->kbdintctxt = NULL;
1.9 djm 84: return authenticated;
1.1 markus 85: }