1/* challenge.c: The opiechallenge() library function.
2
3%%% portions-copyright-cmetz-96
4Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
5Reserved. The Inner Net License Version 2 applies to these portions of
6the software.
7You should have received a copy of the license with this software. If
8you didn't get a copy, you may request one from <license@inner.net>.
9
10Portions of this software are Copyright 1995 by Randall Atkinson and Dan
11McDonald, All Rights Reserved. All Rights under this copyright are assigned
12to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
13License Agreement applies to this software.
14
15        History:
16
17	Modified by cmetz for OPIE 2.32. Added extended response set
18		identifier to the challenge.
19	Modified by cmetz for OPIE 2.3. Use opie_ prefix. Send debug info to
20		syslog. Add sha plumbing.
21	Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
22        Created at NRL for OPIE 2.2 from opiesubr2.c
23
24$FreeBSD$
25
26*/
27#include "opie_cfg.h"
28#include <stdio.h>
29#include <string.h>
30#if DEBUG
31#include <syslog.h>
32#endif /* DEBUG */
33#include "opie.h"
34
35/* Return an OTP challenge string for user 'name'.
36
37   The return values are:
38
39   0  = All good
40   -1 = Low-level error (file, memory, I/O, etc.)
41   1  = High-level error (user not found or locked)
42
43   This function MUST eventually be followed by an opieverify() to release
44   the user lock and file handles.
45
46   This function will give you a blanked-out state block if it returns a
47   nonzero status. Even though it returns a non-zero status and a blank
48   state block, you still MUST call opieverify() to clear the lock and
49   any internal state (the latter condition is not actually used yet).
50*/
51
52static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" };
53
54int opiechallenge FUNCTION((mp, name, ss), struct opie *mp AND char *name AND char *ss)
55{
56  int rval = -1;
57
58  rval = opielookup(mp, name);
59#if DEBUG
60  if (rval) syslog(LOG_DEBUG, "opiechallenge: opielookup(mp, name=%s) returned %d", name, rval);
61#endif /* DEBUG */
62
63  if (!rval) {
64    rval = opielock(name);
65#if DEBUG
66    if (rval) syslog(LOG_DEBUG, "opiechallenge: opielock(name=%s) returned %d", name, rval);
67#endif /* DEBUG */
68  }
69
70  if (rval ||
71    (snprintf(ss, OPIE_CHALLENGE_MAX+1, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed) >= OPIE_CHALLENGE_MAX+1)) {
72    if (!rval)
73      rval = 1;
74    opierandomchallenge(ss);
75    memset(mp, 0, sizeof(*mp));
76  }
77
78  return rval;
79}
80