1181111Sdes/* $OpenBSD: auth-skey.c,v 1.27 2007/01/21 01:41:54 stevesk Exp $ */ 292564Sdes/* 392564Sdes * Copyright (c) 2001 Markus Friedl. All rights reserved. 492564Sdes * 592564Sdes * Redistribution and use in source and binary forms, with or without 692564Sdes * modification, are permitted provided that the following conditions 792564Sdes * are met: 892564Sdes * 1. Redistributions of source code must retain the above copyright 992564Sdes * notice, this list of conditions and the following disclaimer. 1092564Sdes * 2. Redistributions in binary form must reproduce the above copyright 1192564Sdes * notice, this list of conditions and the following disclaimer in the 1292564Sdes * documentation and/or other materials provided with the distribution. 1392564Sdes * 1492564Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1592564Sdes * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 1692564Sdes * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 1792564Sdes * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 1892564Sdes * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 1992564Sdes * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2092564Sdes * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2192564Sdes * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2292564Sdes * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2392564Sdes * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2492564Sdes */ 25162856Sdes 2692564Sdes#include "includes.h" 2792564Sdes 2892564Sdes#ifdef SKEY 2992564Sdes 30162856Sdes#include <sys/types.h> 31162856Sdes 32162856Sdes#include <pwd.h> 33162856Sdes#include <stdio.h> 34162856Sdes 3598941Sdes#include <skey.h> 3692564Sdes 3792564Sdes#include "xmalloc.h" 38162856Sdes#include "key.h" 39162856Sdes#include "hostfile.h" 4092564Sdes#include "auth.h" 41162856Sdes#include "ssh-gss.h" 42226046Sdes#include "log.h" 4398684Sdes#include "monitor_wrap.h" 4492564Sdes 4592564Sdesstatic void * 4692564Sdesskey_init_ctx(Authctxt *authctxt) 4792564Sdes{ 4892564Sdes return authctxt; 4992564Sdes} 5092564Sdes 5198684Sdesint 5292564Sdesskey_query(void *ctx, char **name, char **infotxt, 5392564Sdes u_int* numprompts, char ***prompts, u_int **echo_on) 5492564Sdes{ 5592564Sdes Authctxt *authctxt = ctx; 56162856Sdes char challenge[1024]; 5798941Sdes struct skey skey; 5892564Sdes 59149753Sdes if (_compat_skeychallenge(&skey, authctxt->user, challenge, 60128460Sdes sizeof(challenge)) == -1) 6192832Sdes return -1; 6292564Sdes 63181111Sdes *name = xstrdup(""); 64181111Sdes *infotxt = xstrdup(""); 6592564Sdes *numprompts = 1; 66162856Sdes *prompts = xcalloc(*numprompts, sizeof(char *)); 67162856Sdes *echo_on = xcalloc(*numprompts, sizeof(u_int)); 6892564Sdes 69162856Sdes xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); 7092564Sdes 7192564Sdes return 0; 7292564Sdes} 7392564Sdes 7498684Sdesint 7592564Sdesskey_respond(void *ctx, u_int numresponses, char **responses) 7692564Sdes{ 7792564Sdes Authctxt *authctxt = ctx; 7892564Sdes 7992564Sdes if (authctxt->valid && 8092564Sdes numresponses == 1 && 8198941Sdes skey_haskey(authctxt->pw->pw_name) == 0 && 8298941Sdes skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) 8392564Sdes return 0; 8492564Sdes return -1; 8592564Sdes} 8692564Sdes 8792564Sdesstatic void 8892564Sdesskey_free_ctx(void *ctx) 8992564Sdes{ 9092564Sdes /* we don't have a special context */ 9192564Sdes} 9292564Sdes 9392564SdesKbdintDevice skey_device = { 9492564Sdes "skey", 9592564Sdes skey_init_ctx, 9692564Sdes skey_query, 9792564Sdes skey_respond, 9892564Sdes skey_free_ctx 9992564Sdes}; 10098684Sdes 10198684SdesKbdintDevice mm_skey_device = { 10298684Sdes "skey", 10398684Sdes skey_init_ctx, 10498684Sdes mm_skey_query, 10598684Sdes mm_skey_respond, 10698684Sdes skey_free_ctx 10798684Sdes}; 10892564Sdes#endif /* SKEY */ 109