Annotation of src/usr.bin/ssh/auth-bsdauth.c, Revision 1.6.6.1
1.6.6.1 ! brad 1: /* $OpenBSD: auth-bsdauth.c,v 1.10 2006/08/03 03:34:41 deraadt Exp $ */
1.1 markus 2: /*
3: * Copyright (c) 2001 Markus Friedl. All rights reserved.
4: *
5: * Redistribution and use in source and binary forms, with or without
6: * modification, are permitted provided that the following conditions
7: * are met:
8: * 1. Redistributions of source code must retain the above copyright
9: * notice, this list of conditions and the following disclaimer.
10: * 2. Redistributions in binary form must reproduce the above copyright
11: * notice, this list of conditions and the following disclaimer in the
12: * documentation and/or other materials provided with the distribution.
13: *
14: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24: */
1.6.6.1 ! brad 25:
! 26: #include <sys/types.h>
1.1 markus 27:
28: #ifdef BSD_AUTH
29: #include "xmalloc.h"
1.6.6.1 ! brad 30: #include "key.h"
! 31: #include "hostfile.h"
1.1 markus 32: #include "auth.h"
33: #include "log.h"
1.6.6.1 ! brad 34: #include "buffer.h"
! 35: #ifdef GSSAPI
! 36: #include "ssh-gss.h"
! 37: #endif
1.3 provos 38: #include "monitor_wrap.h"
1.1 markus 39:
40: static void *
41: bsdauth_init_ctx(Authctxt *authctxt)
42: {
43: return authctxt;
44: }
45:
1.3 provos 46: int
1.2 deraadt 47: bsdauth_query(void *ctx, char **name, char **infotxt,
1.1 markus 48: u_int *numprompts, char ***prompts, u_int **echo_on)
49: {
1.2 deraadt 50: Authctxt *authctxt = ctx;
51: char *challenge = NULL;
1.1 markus 52:
1.2 deraadt 53: if (authctxt->as != NULL) {
54: debug2("bsdauth_query: try reuse session");
55: challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
56: if (challenge == NULL) {
57: auth_close(authctxt->as);
58: authctxt->as = NULL;
59: }
60: }
61:
62: if (challenge == NULL) {
63: debug2("bsdauth_query: new bsd auth session");
64: debug3("bsdauth_query: style %s",
1.1 markus 65: authctxt->style ? authctxt->style : "<default>");
1.2 deraadt 66: authctxt->as = auth_userchallenge(authctxt->user,
1.4 deraadt 67: authctxt->style, "auth-ssh", &challenge);
1.2 deraadt 68: if (authctxt->as == NULL)
69: challenge = NULL;
70: debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
71: }
72:
73: if (challenge == NULL)
74: return -1;
75:
1.4 deraadt 76: *name = xstrdup("");
77: *infotxt = xstrdup("");
1.2 deraadt 78: *numprompts = 1;
1.6.6.1 ! brad 79: *prompts = xcalloc(*numprompts, sizeof(char *));
! 80: *echo_on = xcalloc(*numprompts, sizeof(u_int));
1.2 deraadt 81: (*prompts)[0] = xstrdup(challenge);
1.1 markus 82:
1.2 deraadt 83: return 0;
1.1 markus 84: }
85:
1.3 provos 86: int
1.1 markus 87: bsdauth_respond(void *ctx, u_int numresponses, char **responses)
88: {
1.2 deraadt 89: Authctxt *authctxt = ctx;
90: int authok;
1.6 dtucker 91:
92: if (!authctxt->valid)
93: return -1;
1.1 markus 94:
1.2 deraadt 95: if (authctxt->as == 0)
96: error("bsdauth_respond: no bsd auth session");
97:
98: if (numresponses != 1)
99: return -1;
100:
101: authok = auth_userresponse(authctxt->as, responses[0], 0);
102: authctxt->as = NULL;
103: debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
104:
105: return (authok == 0) ? -1 : 0;
1.1 markus 106: }
107:
108: static void
109: bsdauth_free_ctx(void *ctx)
110: {
1.2 deraadt 111: Authctxt *authctxt = ctx;
1.1 markus 112:
1.2 deraadt 113: if (authctxt && authctxt->as) {
114: auth_close(authctxt->as);
115: authctxt->as = NULL;
116: }
1.1 markus 117: }
118:
119: KbdintDevice bsdauth_device = {
120: "bsdauth",
121: bsdauth_init_ctx,
122: bsdauth_query,
123: bsdauth_respond,
1.3 provos 124: bsdauth_free_ctx
125: };
126:
127: KbdintDevice mm_bsdauth_device = {
128: "bsdauth",
129: bsdauth_init_ctx,
130: mm_bsdauth_query,
131: mm_bsdauth_respond,
1.1 markus 132: bsdauth_free_ctx
133: };
134: #endif