1 /*
2 * Copyright (c) 2001 Markus Friedl. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24 #include "includes.h"
25 RCSID("$OpenBSD: auth-skey.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $");
26
27 #pragma ident "%Z%%M% %I% %E% SMI"
28
29 #ifdef SKEY
30
31 #include <skey.h>
32
33 #include "xmalloc.h"
34 #include "auth.h"
35
36 static void *
skey_init_ctx(Authctxt * authctxt)37 skey_init_ctx(Authctxt *authctxt)
38 {
39 return authctxt;
40 }
41
42 int
skey_query(void * ctx,char ** name,char ** infotxt,u_int * numprompts,char *** prompts,u_int ** echo_on)43 skey_query(void *ctx, char **name, char **infotxt,
44 u_int* numprompts, char ***prompts, u_int **echo_on)
45 {
46 Authctxt *authctxt = ctx;
47 char challenge[1024], *p;
48 int len;
49 struct skey skey;
50
51 if (skeychallenge(&skey, authctxt->user, challenge) == -1)
52 return -1;
53
54 *name = xstrdup("");
55 *infotxt = xstrdup("");
56 *numprompts = 1;
57 *prompts = xmalloc(*numprompts * sizeof(char *));
58 *echo_on = xmalloc(*numprompts * sizeof(u_int));
59 (*echo_on)[0] = 0;
60
61 len = strlen(challenge) + strlen(SKEY_PROMPT) + 1;
62 p = xmalloc(len);
63 strlcpy(p, challenge, len);
64 strlcat(p, SKEY_PROMPT, len);
65 (*prompts)[0] = p;
66
67 return 0;
68 }
69
70 int
skey_respond(void * ctx,u_int numresponses,char ** responses)71 skey_respond(void *ctx, u_int numresponses, char **responses)
72 {
73 Authctxt *authctxt = ctx;
74
75 if (authctxt->valid &&
76 numresponses == 1 &&
77 skey_haskey(authctxt->pw->pw_name) == 0 &&
78 skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
79 return 0;
80 return -1;
81 }
82
83 static void
skey_free_ctx(void * ctx)84 skey_free_ctx(void *ctx)
85 {
86 /* we don't have a special context */
87 }
88
89 KbdintDevice skey_device = {
90 "skey",
91 skey_init_ctx,
92 skey_query,
93 skey_respond,
94 skey_free_ctx
95 };
96
97 KbdintDevice mm_skey_device = {
98 "skey",
99 skey_init_ctx,
100 mm_skey_query,
101 mm_skey_respond,
102 skey_free_ctx
103 };
104 #endif /* SKEY */
105