1/* challenge.c: The opiechallenge() library function. 2 3%%% portions-copyright-cmetz-96 4Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights 5Reserved. The Inner Net License Version 2 applies to these portions of 6the software. 7You should have received a copy of the license with this software. If 8you didn't get a copy, you may request one from <license@inner.net>. 9 10Portions of this software are Copyright 1995 by Randall Atkinson and Dan 11McDonald, All Rights Reserved. All Rights under this copyright are assigned 12to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and 13License Agreement applies to this software. 14 15 History: 16 17 Modified by cmetz for OPIE 2.32. Added extended response set 18 identifier to the challenge. 19 Modified by cmetz for OPIE 2.3. Use opie_ prefix. Send debug info to 20 syslog. Add sha plumbing. 21 Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. 22 Created at NRL for OPIE 2.2 from opiesubr2.c 23 24$FreeBSD$ 25 26*/ 27#include "opie_cfg.h" 28#include <stdio.h> 29#include <string.h> 30#if DEBUG 31#include <syslog.h> 32#endif /* DEBUG */ 33#include "opie.h" 34 35/* Return an OTP challenge string for user 'name'. 36 37 The return values are: 38 39 0 = All good 40 -1 = Low-level error (file, memory, I/O, etc.) 41 1 = High-level error (user not found or locked) 42 43 This function MUST eventually be followed by an opieverify() to release 44 the user lock and file handles. 45 46 This function will give you a blanked-out state block if it returns a 47 nonzero status. Even though it returns a non-zero status and a blank 48 state block, you still MUST call opieverify() to clear the lock and 49 any internal state (the latter condition is not actually used yet). 50*/ 51 52static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" }; 53 54int opiechallenge FUNCTION((mp, name, ss), struct opie *mp AND char *name AND char *ss) 55{ 56 int rval = -1; 57 58 rval = opielookup(mp, name); 59#if DEBUG 60 if (rval) syslog(LOG_DEBUG, "opiechallenge: opielookup(mp, name=%s) returned %d", name, rval); 61#endif /* DEBUG */ 62 63 if (!rval) { 64 rval = opielock(name); 65#if DEBUG 66 if (rval) syslog(LOG_DEBUG, "opiechallenge: opielock(name=%s) returned %d", name, rval); 67#endif /* DEBUG */ 68 } 69 70 if (rval || 71 (snprintf(ss, OPIE_CHALLENGE_MAX+1, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed) >= OPIE_CHALLENGE_MAX+1)) { 72 if (!rval) 73 rval = 1; 74 opierandomchallenge(ss); 75 memset(mp, 0, sizeof(*mp)); 76 } 77 78 return rval; 79} 80