1/* 2 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Per Allansson. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25#include "includes.h" |
26RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); 27RCSID("$FreeBSD: head/crypto/openssh/auth2-chall.c 147005 2005-06-05 15:46:09Z des $"); |
28 29#include "ssh2.h" 30#include "auth.h" 31#include "buffer.h" 32#include "packet.h" 33#include "xmalloc.h" 34#include "dispatch.h" 35#include "log.h" |
36#include "servconf.h" |
37 |
38/* import */ 39extern ServerOptions options; 40 |
41static int auth2_challenge_start(Authctxt *); 42static int send_userauth_info_request(Authctxt *); 43static void input_userauth_info_response(int, u_int32_t, void *); 44 45#ifdef BSD_AUTH 46extern KbdintDevice bsdauth_device; 47#else 48#ifdef USE_PAM --- 22 unchanged lines hidden (view full) --- 71struct KbdintAuthctxt 72{ 73 char *devices; 74 void *ctxt; 75 KbdintDevice *device; 76 u_int nreq; 77}; 78 |
79#ifdef USE_PAM 80void 81remove_kbdint_device(const char *devname) 82{ 83 int i, j; 84 85 for (i = 0; devices[i] != NULL; i++) 86 if (strcmp(devices[i]->name, devname) == 0) { 87 for (j = i; devices[j] != NULL; j++) 88 devices[j] = devices[j+1]; 89 i--; 90 } 91} 92#endif 93 |
94static KbdintAuthctxt * 95kbdint_alloc(const char *devs) 96{ 97 KbdintAuthctxt *kbdintctxt; 98 Buffer b; 99 int i; 100 |
101#ifdef USE_PAM 102 if (!options.use_pam) 103 remove_kbdint_device("pam"); 104#endif 105 |
106 kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); 107 if (strcmp(devs, "") == 0) { 108 buffer_init(&b); 109 for (i = 0; devices[i]; i++) { 110 if (buffer_len(&b) > 0) 111 buffer_append(&b, ",", 1); 112 buffer_append(&b, devices[i]->name, 113 strlen(devices[i]->name)); --- 180 unchanged lines hidden (view full) --- 294 fatal("input_userauth_info_response: too many replies"); 295 if (nresp > 0) { 296 response = xmalloc(nresp * sizeof(char *)); 297 for (i = 0; i < nresp; i++) 298 response[i] = packet_get_string(NULL); 299 } 300 packet_check_eom(); 301 |
302 res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); |
303 304 for (i = 0; i < nresp; i++) { 305 memset(response[i], 'r', strlen(response[i])); 306 xfree(response[i]); 307 } 308 if (response) 309 xfree(response); 310 311 switch (res) { 312 case 0: 313 /* Success! */ |
314 authenticated = authctxt->valid ? 1 : 0; |
315 break; 316 case 1: 317 /* Authentication needs further interaction */ 318 if (send_userauth_info_request(authctxt) == 1) 319 authctxt->postponed = 1; 320 break; 321 default: 322 /* Failure! */ --- 49 unchanged lines hidden --- |