auth2-chall.c (137019) | auth2-chall.c (147005) |
---|---|
1/* 2 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Per Allansson. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25#include "includes.h" | 1/* 2 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Per Allansson. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25#include "includes.h" |
26RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $"); 27RCSID("$FreeBSD: head/crypto/openssh/auth2-chall.c 137019 2004-10-28 16:11:31Z des $"); | 26RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); 27RCSID("$FreeBSD: head/crypto/openssh/auth2-chall.c 147005 2005-06-05 15:46:09Z des $"); |
28 29#include "ssh2.h" 30#include "auth.h" 31#include "buffer.h" 32#include "packet.h" 33#include "xmalloc.h" 34#include "dispatch.h" 35#include "log.h" | 28 29#include "ssh2.h" 30#include "auth.h" 31#include "buffer.h" 32#include "packet.h" 33#include "xmalloc.h" 34#include "dispatch.h" 35#include "log.h" |
36#include "servconf.h" |
|
36 | 37 |
38/* import */ 39extern ServerOptions options; 40 |
|
37static int auth2_challenge_start(Authctxt *); 38static int send_userauth_info_request(Authctxt *); 39static void input_userauth_info_response(int, u_int32_t, void *); 40 41#ifdef BSD_AUTH 42extern KbdintDevice bsdauth_device; 43#else 44#ifdef USE_PAM --- 22 unchanged lines hidden (view full) --- 67struct KbdintAuthctxt 68{ 69 char *devices; 70 void *ctxt; 71 KbdintDevice *device; 72 u_int nreq; 73}; 74 | 41static int auth2_challenge_start(Authctxt *); 42static int send_userauth_info_request(Authctxt *); 43static void input_userauth_info_response(int, u_int32_t, void *); 44 45#ifdef BSD_AUTH 46extern KbdintDevice bsdauth_device; 47#else 48#ifdef USE_PAM --- 22 unchanged lines hidden (view full) --- 71struct KbdintAuthctxt 72{ 73 char *devices; 74 void *ctxt; 75 KbdintDevice *device; 76 u_int nreq; 77}; 78 |
79#ifdef USE_PAM 80void 81remove_kbdint_device(const char *devname) 82{ 83 int i, j; 84 85 for (i = 0; devices[i] != NULL; i++) 86 if (strcmp(devices[i]->name, devname) == 0) { 87 for (j = i; devices[j] != NULL; j++) 88 devices[j] = devices[j+1]; 89 i--; 90 } 91} 92#endif 93 |
|
75static KbdintAuthctxt * 76kbdint_alloc(const char *devs) 77{ 78 KbdintAuthctxt *kbdintctxt; 79 Buffer b; 80 int i; 81 | 94static KbdintAuthctxt * 95kbdint_alloc(const char *devs) 96{ 97 KbdintAuthctxt *kbdintctxt; 98 Buffer b; 99 int i; 100 |
101#ifdef USE_PAM 102 if (!options.use_pam) 103 remove_kbdint_device("pam"); 104#endif 105 |
|
82 kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); 83 if (strcmp(devs, "") == 0) { 84 buffer_init(&b); 85 for (i = 0; devices[i]; i++) { 86 if (buffer_len(&b) > 0) 87 buffer_append(&b, ",", 1); 88 buffer_append(&b, devices[i]->name, 89 strlen(devices[i]->name)); --- 180 unchanged lines hidden (view full) --- 270 fatal("input_userauth_info_response: too many replies"); 271 if (nresp > 0) { 272 response = xmalloc(nresp * sizeof(char *)); 273 for (i = 0; i < nresp; i++) 274 response[i] = packet_get_string(NULL); 275 } 276 packet_check_eom(); 277 | 106 kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); 107 if (strcmp(devs, "") == 0) { 108 buffer_init(&b); 109 for (i = 0; devices[i]; i++) { 110 if (buffer_len(&b) > 0) 111 buffer_append(&b, ",", 1); 112 buffer_append(&b, devices[i]->name, 113 strlen(devices[i]->name)); --- 180 unchanged lines hidden (view full) --- 294 fatal("input_userauth_info_response: too many replies"); 295 if (nresp > 0) { 296 response = xmalloc(nresp * sizeof(char *)); 297 for (i = 0; i < nresp; i++) 298 response[i] = packet_get_string(NULL); 299 } 300 packet_check_eom(); 301 |
278 if (authctxt->valid) { 279 res = kbdintctxt->device->respond(kbdintctxt->ctxt, 280 nresp, response); 281 } else { 282 res = -1; 283 } | 302 res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); |
284 285 for (i = 0; i < nresp; i++) { 286 memset(response[i], 'r', strlen(response[i])); 287 xfree(response[i]); 288 } 289 if (response) 290 xfree(response); 291 292 switch (res) { 293 case 0: 294 /* Success! */ | 303 304 for (i = 0; i < nresp; i++) { 305 memset(response[i], 'r', strlen(response[i])); 306 xfree(response[i]); 307 } 308 if (response) 309 xfree(response); 310 311 switch (res) { 312 case 0: 313 /* Success! */ |
295 authenticated = 1; | 314 authenticated = authctxt->valid ? 1 : 0; |
296 break; 297 case 1: 298 /* Authentication needs further interaction */ 299 if (send_userauth_info_request(authctxt) == 1) 300 authctxt->postponed = 1; 301 break; 302 default: 303 /* Failure! */ --- 49 unchanged lines hidden --- | 315 break; 316 case 1: 317 /* Authentication needs further interaction */ 318 if (send_userauth_info_request(authctxt) == 1) 319 authctxt->postponed = 1; 320 break; 321 default: 322 /* Failure! */ --- 49 unchanged lines hidden --- |