Annotation of src/usr.bin/ssh/auth-bsdauth.c, Revision 1.15
1.15 ! markus 1: /* $OpenBSD: auth-bsdauth.c,v 1.14 2015/10/20 23:24:25 mmcc Exp $ */
1.1 markus 2: /*
3: * Copyright (c) 2001 Markus Friedl. All rights reserved.
4: *
5: * Redistribution and use in source and binary forms, with or without
6: * modification, are permitted provided that the following conditions
7: * are met:
8: * 1. Redistributions of source code must retain the above copyright
9: * notice, this list of conditions and the following disclaimer.
10: * 2. Redistributions in binary form must reproduce the above copyright
11: * notice, this list of conditions and the following disclaimer in the
12: * documentation and/or other materials provided with the distribution.
13: *
14: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24: */
1.10 deraadt 25:
26: #include <sys/types.h>
1.13 djm 27: #include <stdarg.h>
28: #include <stdio.h>
1.1 markus 29:
30: #include "xmalloc.h"
1.15 ! markus 31: #include "sshkey.h"
! 32: #include "sshbuf.h"
1.10 deraadt 33: #include "hostfile.h"
1.1 markus 34: #include "auth.h"
35: #include "log.h"
1.10 deraadt 36: #ifdef GSSAPI
37: #include "ssh-gss.h"
38: #endif
1.3 provos 39: #include "monitor_wrap.h"
1.1 markus 40:
41: static void *
42: bsdauth_init_ctx(Authctxt *authctxt)
43: {
44: return authctxt;
45: }
46:
1.3 provos 47: int
1.2 deraadt 48: bsdauth_query(void *ctx, char **name, char **infotxt,
1.1 markus 49: u_int *numprompts, char ***prompts, u_int **echo_on)
50: {
1.2 deraadt 51: Authctxt *authctxt = ctx;
52: char *challenge = NULL;
1.12 djm 53:
54: *infotxt = NULL;
55: *numprompts = 0;
56: *prompts = NULL;
57: *echo_on = NULL;
1.1 markus 58:
1.2 deraadt 59: if (authctxt->as != NULL) {
60: debug2("bsdauth_query: try reuse session");
61: challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
62: if (challenge == NULL) {
63: auth_close(authctxt->as);
64: authctxt->as = NULL;
65: }
66: }
67:
68: if (challenge == NULL) {
69: debug2("bsdauth_query: new bsd auth session");
70: debug3("bsdauth_query: style %s",
1.1 markus 71: authctxt->style ? authctxt->style : "<default>");
1.2 deraadt 72: authctxt->as = auth_userchallenge(authctxt->user,
1.4 deraadt 73: authctxt->style, "auth-ssh", &challenge);
1.2 deraadt 74: if (authctxt->as == NULL)
75: challenge = NULL;
76: debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
77: }
78:
79: if (challenge == NULL)
80: return -1;
81:
1.4 deraadt 82: *name = xstrdup("");
83: *infotxt = xstrdup("");
1.2 deraadt 84: *numprompts = 1;
1.8 djm 85: *prompts = xcalloc(*numprompts, sizeof(char *));
86: *echo_on = xcalloc(*numprompts, sizeof(u_int));
1.2 deraadt 87: (*prompts)[0] = xstrdup(challenge);
1.1 markus 88:
1.2 deraadt 89: return 0;
1.1 markus 90: }
91:
1.3 provos 92: int
1.1 markus 93: bsdauth_respond(void *ctx, u_int numresponses, char **responses)
94: {
1.2 deraadt 95: Authctxt *authctxt = ctx;
96: int authok;
1.6 dtucker 97:
98: if (!authctxt->valid)
99: return -1;
1.1 markus 100:
1.14 mmcc 101: if (authctxt->as == NULL)
1.2 deraadt 102: error("bsdauth_respond: no bsd auth session");
103:
104: if (numresponses != 1)
105: return -1;
106:
107: authok = auth_userresponse(authctxt->as, responses[0], 0);
108: authctxt->as = NULL;
109: debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
110:
111: return (authok == 0) ? -1 : 0;
1.1 markus 112: }
113:
114: static void
115: bsdauth_free_ctx(void *ctx)
116: {
1.2 deraadt 117: Authctxt *authctxt = ctx;
1.1 markus 118:
1.2 deraadt 119: if (authctxt && authctxt->as) {
120: auth_close(authctxt->as);
121: authctxt->as = NULL;
122: }
1.1 markus 123: }
124:
125: KbdintDevice bsdauth_device = {
126: "bsdauth",
127: bsdauth_init_ctx,
128: bsdauth_query,
129: bsdauth_respond,
1.3 provos 130: bsdauth_free_ctx
131: };
132:
133: KbdintDevice mm_bsdauth_device = {
134: "bsdauth",
135: bsdauth_init_ctx,
136: mm_bsdauth_query,
137: mm_bsdauth_respond,
1.1 markus 138: bsdauth_free_ctx
139: };