auth-chall.c revision 76262
1/* 2 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h" 26RCSID("$OpenBSD: auth-chall.c,v 1.7 2001/04/05 10:42:47 markus Exp $"); 27RCSID("$FreeBSD: head/crypto/openssh/auth-chall.c 76262 2001-05-04 04:14:23Z green $"); 28 29#include "auth.h" 30#include "log.h" 31 32#ifdef BSD_AUTH 33char * 34get_challenge(Authctxt *authctxt, char *devs) 35{ 36 char *challenge; 37 38 if (authctxt->as != NULL) { 39 debug2("try reuse session"); 40 challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); 41 if (challenge != NULL) { 42 debug2("reuse bsd auth session"); 43 return challenge; 44 } 45 auth_close(authctxt->as); 46 authctxt->as = NULL; 47 } 48 debug2("new bsd auth session"); 49 if (devs == NULL || strlen(devs) == 0) 50 devs = authctxt->style; 51 debug3("bsd auth: devs %s", devs ? devs : "<default>"); 52 authctxt->as = auth_userchallenge(authctxt->user, devs, "auth-ssh", 53 &challenge); 54 if (authctxt->as == NULL) 55 return NULL; 56 debug2("get_challenge: <%s>", challenge ? challenge : "EMPTY"); 57 return challenge; 58} 59int 60verify_response(Authctxt *authctxt, char *response) 61{ 62 int authok; 63 64 if (authctxt->as == 0) 65 error("verify_response: no bsd auth session"); 66 authok = auth_userresponse(authctxt->as, response, 0); 67 authctxt->as = NULL; 68 debug("verify_response: <%s> = <%d>", response, authok); 69 return authok != 0; 70} 71#else 72#ifdef SKEY 73#include <opie.h> 74 75char * 76get_challenge(Authctxt *authctxt, char *devs) 77{ 78 static char challenge[1024]; 79 struct opie opie; 80 if (opiechallenge(&opie, authctxt->user, challenge) == -1) 81 return NULL; 82 strlcat(challenge, "\nS/Key Password: ", sizeof challenge); 83 return challenge; 84} 85int 86verify_response(Authctxt *authctxt, char *response) 87{ 88 return (authctxt->valid && 89 opie_haskey(authctxt->pw->pw_name) == 0 && 90 opie_passverify(authctxt->pw->pw_name, response) != -1); 91} 92#else 93/* not available */ 94char * 95get_challenge(Authctxt *authctxt, char *devs) 96{ 97 return NULL; 98} 99int 100verify_response(Authctxt *authctxt, char *response) 101{ 102 return 0; 103} 104#endif 105#endif 106