Annotation of src/usr.bin/ssh/auth-chall.c, Revision 1.14
1.14 ! djm 1: /* $OpenBSD: auth-chall.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */
1.1 markus 2: /*
1.5 deraadt 3: * Copyright (c) 2001 Markus Friedl. All rights reserved.
1.1 markus 4: *
5: * Redistribution and use in source and binary forms, with or without
6: * modification, are permitted provided that the following conditions
7: * are met:
8: * 1. Redistributions of source code must retain the above copyright
9: * notice, this list of conditions and the following disclaimer.
10: * 2. Redistributions in binary form must reproduce the above copyright
11: * notice, this list of conditions and the following disclaimer in the
12: * documentation and/or other materials provided with the distribution.
13: *
14: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24: */
25:
1.12 deraadt 26: #include <sys/types.h>
1.14 ! djm 27: #include <stdarg.h>
! 28: #include <stdlib.h>
! 29: #include <stdio.h>
1.1 markus 30:
1.12 deraadt 31: #include "xmalloc.h"
32: #include "key.h"
33: #include "hostfile.h"
1.1 markus 34: #include "auth.h"
1.6 markus 35: #include "log.h"
1.8 markus 36:
37: /* limited protocol v1 interface to kbd-interactive authentication */
38:
39: extern KbdintDevice *devices[];
40: static KbdintDevice *device;
1.1 markus 41:
1.6 markus 42: char *
1.8 markus 43: get_challenge(Authctxt *authctxt)
1.6 markus 44: {
1.8 markus 45: char *challenge, *name, *info, **prompts;
46: u_int i, numprompts;
47: u_int *echo_on;
1.6 markus 48:
1.8 markus 49: device = devices[0]; /* we always use the 1st device for protocol 1 */
50: if (device == NULL)
51: return NULL;
52: if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL)
53: return NULL;
54: if (device->query(authctxt->kbdintctxt, &name, &info,
55: &numprompts, &prompts, &echo_on)) {
56: device->free_ctx(authctxt->kbdintctxt);
57: authctxt->kbdintctxt = NULL;
58: return NULL;
1.6 markus 59: }
1.8 markus 60: if (numprompts < 1)
61: fatal("get_challenge: numprompts < 1");
62: challenge = xstrdup(prompts[0]);
63: for (i = 0; i < numprompts; i++)
1.13 djm 64: free(prompts[i]);
65: free(prompts);
66: free(name);
67: free(echo_on);
68: free(info);
1.8 markus 69:
70: return (challenge);
1.6 markus 71: }
72: int
1.8 markus 73: verify_response(Authctxt *authctxt, const char *response)
1.6 markus 74: {
1.8 markus 75: char *resp[1];
1.9 djm 76: int authenticated = 0;
1.2 markus 77:
1.8 markus 78: if (device == NULL)
79: return 0;
80: if (authctxt->kbdintctxt == NULL)
81: return 0;
82: resp[0] = (char *)response;
1.9 djm 83: if (device->respond(authctxt->kbdintctxt, 1, resp) == 0)
84: authenticated = 1;
1.8 markus 85: device->free_ctx(authctxt->kbdintctxt);
86: authctxt->kbdintctxt = NULL;
1.9 djm 87: return authenticated;
1.1 markus 88: }