1 /*
2 * Copyright (c) 2001 Markus Friedl. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24 #include "includes.h"
25 RCSID("$OpenBSD: auth-bsdauth.c,v 1.5 2002/06/30 21:59:45 deraadt Exp $");
26
27 #pragma ident "%Z%%M% %I% %E% SMI"
28
29 #ifdef BSD_AUTH
30 #include "xmalloc.h"
31 #include "auth.h"
32 #include "log.h"
33
34 static void *
bsdauth_init_ctx(Authctxt * authctxt)35 bsdauth_init_ctx(Authctxt *authctxt)
36 {
37 return authctxt;
38 }
39
40 int
bsdauth_query(void * ctx,char ** name,char ** infotxt,u_int * numprompts,char *** prompts,u_int ** echo_on)41 bsdauth_query(void *ctx, char **name, char **infotxt,
42 u_int *numprompts, char ***prompts, u_int **echo_on)
43 {
44 Authctxt *authctxt = ctx;
45 char *challenge = NULL;
46
47 if (authctxt->as != NULL) {
48 debug2("bsdauth_query: try reuse session");
49 challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
50 if (challenge == NULL) {
51 auth_close(authctxt->as);
52 authctxt->as = NULL;
53 }
54 }
55
56 if (challenge == NULL) {
57 debug2("bsdauth_query: new bsd auth session");
58 debug3("bsdauth_query: style %s",
59 authctxt->style ? authctxt->style : "<default>");
60 authctxt->as = auth_userchallenge(authctxt->user,
61 authctxt->style, "auth-ssh", &challenge);
62 if (authctxt->as == NULL)
63 challenge = NULL;
64 debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
65 }
66
67 if (challenge == NULL)
68 return -1;
69
70 *name = xstrdup("");
71 *infotxt = xstrdup("");
72 *numprompts = 1;
73 *prompts = xmalloc(*numprompts * sizeof(char *));
74 *echo_on = xmalloc(*numprompts * sizeof(u_int));
75 (*echo_on)[0] = 0;
76 (*prompts)[0] = xstrdup(challenge);
77
78 return 0;
79 }
80
81 int
bsdauth_respond(void * ctx,u_int numresponses,char ** responses)82 bsdauth_respond(void *ctx, u_int numresponses, char **responses)
83 {
84 Authctxt *authctxt = ctx;
85 int authok;
86
87 if (authctxt->as == 0)
88 error("bsdauth_respond: no bsd auth session");
89
90 if (numresponses != 1)
91 return -1;
92
93 authok = auth_userresponse(authctxt->as, responses[0], 0);
94 authctxt->as = NULL;
95 debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
96
97 return (authok == 0) ? -1 : 0;
98 }
99
100 static void
bsdauth_free_ctx(void * ctx)101 bsdauth_free_ctx(void *ctx)
102 {
103 Authctxt *authctxt = ctx;
104
105 if (authctxt && authctxt->as) {
106 auth_close(authctxt->as);
107 authctxt->as = NULL;
108 }
109 }
110
111 KbdintDevice bsdauth_device = {
112 "bsdauth",
113 bsdauth_init_ctx,
114 bsdauth_query,
115 bsdauth_respond,
116 bsdauth_free_ctx
117 };
118
119 KbdintDevice mm_bsdauth_device = {
120 "bsdauth",
121 bsdauth_init_ctx,
122 mm_bsdauth_query,
123 mm_bsdauth_respond,
124 bsdauth_free_ctx
125 };
126 #endif
127