Annotation of src/usr.bin/ssh/auth2-skey.c, Revision 1.3
1.3 ! markus 1: /*
! 2: * Copyright (c) 2001 Markus Friedl. All rights reserved.
! 3: *
! 4: * Redistribution and use in source and binary forms, with or without
! 5: * modification, are permitted provided that the following conditions
! 6: * are met:
! 7: * 1. Redistributions of source code must retain the above copyright
! 8: * notice, this list of conditions and the following disclaimer.
! 9: * 2. Redistributions in binary form must reproduce the above copyright
! 10: * notice, this list of conditions and the following disclaimer in the
! 11: * documentation and/or other materials provided with the distribution.
! 12: *
! 13: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
! 14: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
! 15: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
! 16: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
! 17: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
! 18: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
! 19: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
! 20: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
! 21: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
! 22: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
! 23: */
1.1 markus 24: #include "includes.h"
1.3 ! markus 25: RCSID("$OpenBSD: auth2-chall.c,v 1.1 2000/12/19 23:17:55 markus Exp $");
1.1 markus 26:
27: #include "ssh.h"
28: #include "ssh2.h"
29: #include "auth.h"
30: #include "packet.h"
31: #include "xmalloc.h"
32: #include "dispatch.h"
33:
1.3 ! markus 34: void send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo);
! 35: void input_userauth_info_response(int type, int plen, void *ctxt);
1.1 markus 36:
37: /*
1.3 ! markus 38: * try challenge-reponse, return -1 (= postponed) if we have to
! 39: * wait for the response.
1.1 markus 40: */
41: int
1.3 ! markus 42: auth2_challenge(Authctxt *authctxt, char *devs)
1.1 markus 43: {
1.3 ! markus 44: char *challenge;
! 45:
! 46: if (!authctxt->valid || authctxt->user == NULL)
! 47: return 0;
! 48: if ((challenge = get_challenge(authctxt, devs)) == NULL)
! 49: return 0;
! 50: send_userauth_into_request(authctxt, challenge, 0);
! 51: dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
! 52: &input_userauth_info_response);
! 53: authctxt->postponed = 1;
! 54: return 0;
1.1 markus 55: }
56:
57: void
1.3 ! markus 58: send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo)
1.1 markus 59: {
1.3 ! markus 60: int nprompts = 1;
! 61:
1.1 markus 62: packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
1.3 ! markus 63: /* name, instruction and language are unused */
! 64: packet_put_cstring("");
! 65: packet_put_cstring("");
! 66: packet_put_cstring("");
! 67: packet_put_int(nprompts);
! 68: packet_put_cstring(challenge);
! 69: packet_put_char(echo);
1.1 markus 70: packet_send();
71: packet_write_wait();
72: }
73:
74: void
75: input_userauth_info_response(int type, int plen, void *ctxt)
76: {
77: Authctxt *authctxt = ctxt;
78: int authenticated = 0;
1.2 markus 79: u_int nresp, rlen;
1.3 ! markus 80: char *response, *method = "challenge-reponse";
1.1 markus 81:
82: if (authctxt == NULL)
1.3 ! markus 83: fatal("input_userauth_info_response: no authctxt");
1.1 markus 84:
1.3 ! markus 85: authctxt->postponed = 0; /* reset */
1.1 markus 86: nresp = packet_get_int();
87: if (nresp == 1) {
1.3 ! markus 88: response = packet_get_string(&rlen);
1.1 markus 89: packet_done();
1.3 ! markus 90: if (strlen(response) == 0) {
1.1 markus 91: /*
1.3 ! markus 92: * if we received an empty response, resend challenge
! 93: * with echo enabled
1.1 markus 94: */
1.3 ! markus 95: char *challenge = get_challenge(authctxt, NULL);
! 96: if (challenge != NULL) {
! 97: send_userauth_into_request(authctxt,
! 98: challenge, 1);
! 99: authctxt->postponed = 1;
1.1 markus 100: }
1.3 ! markus 101: } else if (authctxt->valid) {
! 102: authenticated = verify_response(authctxt, response);
! 103: memset(response, 'r', rlen);
1.1 markus 104: }
1.3 ! markus 105: xfree(response);
! 106: }
! 107: auth_log(authctxt, authenticated, method, " ssh2");
! 108: if (!authctxt->postponed) {
! 109: /* unregister callback and send reply */
! 110: dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
! 111: userauth_reply(authctxt, authenticated);
1.1 markus 112: }
113: }