version 1.11, 2001/01/18 17:12:43 |
version 1.12, 2001/05/18 14:13:28 |
|
|
/* |
/* |
* Copyright (c) 2001 Markus Friedl. All rights reserved. |
* Copyright (c) 2001 Markus Friedl. All rights reserved. |
* |
* |
* Redistribution and use in source and binary forms, with or without |
* Redistribution and use in source and binary forms, with or without |
* modification, are permitted provided that the following conditions |
* modification, are permitted provided that the following conditions |
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
*/ |
|
|
#include "includes.h" |
#include "includes.h" |
RCSID("$OpenBSD$"); |
RCSID("$OpenBSD$"); |
|
|
#include "ssh.h" |
#ifdef SKEY |
|
|
|
#include <skey.h> |
|
|
|
#include "xmalloc.h" |
#include "auth.h" |
#include "auth.h" |
|
|
#ifdef SKEY |
static void * |
char * |
skey_init_ctx(Authctxt *authctxt) |
get_challenge(Authctxt *authctxt, char *devs) |
|
{ |
{ |
static char challenge[1024]; |
return authctxt; |
struct skey skey; |
} |
|
|
|
#define PROMPT "\nS/Key Password: " |
|
|
|
static int |
|
skey_query(void *ctx, char **name, char **infotxt, |
|
u_int* numprompts, char ***prompts, u_int **echo_on) |
|
{ |
|
Authctxt *authctxt = ctx; |
|
char challenge[1024], *p; |
|
int len; |
|
struct skey skey; |
|
|
if (skeychallenge(&skey, authctxt->user, challenge) == -1) |
if (skeychallenge(&skey, authctxt->user, challenge) == -1) |
return NULL; |
return -1; |
strlcat(challenge, "\nS/Key Password: ", sizeof challenge); |
|
return challenge; |
*name = xstrdup(""); |
|
*infotxt = xstrdup(""); |
|
*numprompts = 1; |
|
*prompts = xmalloc(*numprompts * sizeof(char*)); |
|
*echo_on = xmalloc(*numprompts * sizeof(u_int)); |
|
(*echo_on)[0] = 0; |
|
|
|
len = strlen(challenge) + strlen(PROMPT) + 1; |
|
p = xmalloc(len); |
|
p[0] = '\0'; |
|
strlcat(p, challenge, len); |
|
strlcat(p, PROMPT, len); |
|
(*prompts)[0] = p; |
|
|
|
return 0; |
} |
} |
int |
|
verify_response(Authctxt *authctxt, char *response) |
static int |
|
skey_respond(void *ctx, u_int numresponses, char **responses) |
{ |
{ |
return (authctxt->valid && |
Authctxt *authctxt = ctx; |
|
|
|
if (authctxt->valid && |
|
numresponses == 1 && |
skey_haskey(authctxt->pw->pw_name) == 0 && |
skey_haskey(authctxt->pw->pw_name) == 0 && |
skey_passcheck(authctxt->pw->pw_name, response) != -1); |
skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) |
|
return 0; |
|
return -1; |
} |
} |
#else |
|
/* not available */ |
static void |
char * |
skey_free_ctx(void *ctx) |
get_challenge(Authctxt *authctxt, char *devs) |
|
{ |
{ |
return NULL; |
/* we don't have a special context */ |
} |
} |
int |
|
verify_response(Authctxt *authctxt, char *response) |
KbdintDevice skey_device = { |
{ |
"skey", |
return 0; |
skey_init_ctx, |
} |
skey_query, |
#endif |
skey_respond, |
|
skey_free_ctx |
|
}; |
|
#endif /* SKEY */ |