auth-chall.c revision 76262 
1/*
2 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 *    notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 *    notice, this list of conditions and the following disclaimer in the
11 *    documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24
25#include "includes.h"
26RCSID("$OpenBSD: auth-chall.c,v 1.7 2001/04/05 10:42:47 markus Exp $");
27RCSID("$FreeBSD: head/crypto/openssh/auth-chall.c 76262 2001-05-04 04:14:23Z green $");
28
29#include "auth.h"
30#include "log.h"
31
32#ifdef BSD_AUTH
33char *
34get_challenge(Authctxt *authctxt, char *devs)
35{
36	char *challenge;
37
38	if (authctxt->as != NULL) {
39		debug2("try reuse session");
40		challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
41		if (challenge != NULL) {
42			debug2("reuse bsd auth session");
43			return challenge;
44		}
45		auth_close(authctxt->as);
46		authctxt->as = NULL;
47	}
48	debug2("new bsd auth session");
49	if (devs == NULL || strlen(devs) == 0)
50		devs = authctxt->style;
51	debug3("bsd auth: devs %s", devs ? devs : "<default>");
52	authctxt->as = auth_userchallenge(authctxt->user, devs, "auth-ssh",
53	    &challenge);
54	if (authctxt->as == NULL)
55		return NULL;
56	debug2("get_challenge: <%s>", challenge ? challenge : "EMPTY");
57	return challenge;
58}
59int
60verify_response(Authctxt *authctxt, char *response)
61{
62	int authok;
63
64	if (authctxt->as == 0)
65		error("verify_response: no bsd auth session");
66	authok = auth_userresponse(authctxt->as, response, 0);
67	authctxt->as = NULL;
68	debug("verify_response: <%s> = <%d>", response, authok);
69	return authok != 0;
70}
71#else
72#ifdef SKEY
73#include <opie.h>
74
75char *
76get_challenge(Authctxt *authctxt, char *devs)
77{
78	static char challenge[1024];
79	struct opie opie;
80	if (opiechallenge(&opie, authctxt->user, challenge) == -1)
81		return NULL;
82	strlcat(challenge, "\nS/Key Password: ", sizeof challenge);
83	return challenge;
84}
85int
86verify_response(Authctxt *authctxt, char *response)
87{
88	return (authctxt->valid &&
89	    opie_haskey(authctxt->pw->pw_name) == 0 &&
90	    opie_passverify(authctxt->pw->pw_name, response) != -1);
91}
92#else
93/* not available */
94char *
95get_challenge(Authctxt *authctxt, char *devs)
96{
97	return NULL;
98}
99int
100verify_response(Authctxt *authctxt, char *response)
101{
102	return 0;
103}
104#endif
105#endif
106