auth-skey.c revision 181111
1181111Sdes/* $OpenBSD: auth-skey.c,v 1.27 2007/01/21 01:41:54 stevesk Exp $ */ 292564Sdes/* 392564Sdes * Copyright (c) 2001 Markus Friedl. All rights reserved. 492564Sdes * 592564Sdes * Redistribution and use in source and binary forms, with or without 692564Sdes * modification, are permitted provided that the following conditions 792564Sdes * are met: 892564Sdes * 1. Redistributions of source code must retain the above copyright 992564Sdes * notice, this list of conditions and the following disclaimer. 1092564Sdes * 2. Redistributions in binary form must reproduce the above copyright 1192564Sdes * notice, this list of conditions and the following disclaimer in the 1292564Sdes * documentation and/or other materials provided with the distribution. 1392564Sdes * 1492564Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1592564Sdes * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 1692564Sdes * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 1792564Sdes * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 1892564Sdes * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 1992564Sdes * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2092564Sdes * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2192564Sdes * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2292564Sdes * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2392564Sdes * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2492564Sdes */ 25162856Sdes 2692564Sdes#include "includes.h" 2792564Sdes 2892564Sdes#ifdef SKEY 2992564Sdes 30162856Sdes#include <sys/types.h> 31162856Sdes 32162856Sdes#include <pwd.h> 33162856Sdes#include <stdio.h> 34162856Sdes 3598941Sdes#include <skey.h> 3692564Sdes 3792564Sdes#include "xmalloc.h" 38162856Sdes#include "key.h" 39162856Sdes#include "hostfile.h" 4092564Sdes#include "auth.h" 41162856Sdes#include "ssh-gss.h" 4298684Sdes#include "monitor_wrap.h" 4392564Sdes 4492564Sdesstatic void * 4592564Sdesskey_init_ctx(Authctxt *authctxt) 4692564Sdes{ 4792564Sdes return authctxt; 4892564Sdes} 4992564Sdes 5098684Sdesint 5192564Sdesskey_query(void *ctx, char **name, char **infotxt, 5292564Sdes u_int* numprompts, char ***prompts, u_int **echo_on) 5392564Sdes{ 5492564Sdes Authctxt *authctxt = ctx; 55162856Sdes char challenge[1024]; 5698941Sdes struct skey skey; 5792564Sdes 58149753Sdes if (_compat_skeychallenge(&skey, authctxt->user, challenge, 59128460Sdes sizeof(challenge)) == -1) 6092832Sdes return -1; 6192564Sdes 62181111Sdes *name = xstrdup(""); 63181111Sdes *infotxt = xstrdup(""); 6492564Sdes *numprompts = 1; 65162856Sdes *prompts = xcalloc(*numprompts, sizeof(char *)); 66162856Sdes *echo_on = xcalloc(*numprompts, sizeof(u_int)); 6792564Sdes 68162856Sdes xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); 6992564Sdes 7092564Sdes return 0; 7192564Sdes} 7292564Sdes 7398684Sdesint 7492564Sdesskey_respond(void *ctx, u_int numresponses, char **responses) 7592564Sdes{ 7692564Sdes Authctxt *authctxt = ctx; 7792564Sdes 7892564Sdes if (authctxt->valid && 7992564Sdes numresponses == 1 && 8098941Sdes skey_haskey(authctxt->pw->pw_name) == 0 && 8198941Sdes skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) 8292564Sdes return 0; 8392564Sdes return -1; 8492564Sdes} 8592564Sdes 8692564Sdesstatic void 8792564Sdesskey_free_ctx(void *ctx) 8892564Sdes{ 8992564Sdes /* we don't have a special context */ 9092564Sdes} 9192564Sdes 9292564SdesKbdintDevice skey_device = { 9392564Sdes "skey", 9492564Sdes skey_init_ctx, 9592564Sdes skey_query, 9692564Sdes skey_respond, 9792564Sdes skey_free_ctx 9892564Sdes}; 9998684Sdes 10098684SdesKbdintDevice mm_skey_device = { 10198684Sdes "skey", 10298684Sdes skey_init_ctx, 10398684Sdes mm_skey_query, 10498684Sdes mm_skey_respond, 10598684Sdes skey_free_ctx 10698684Sdes}; 10792564Sdes#endif /* SKEY */ 108