1 /* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 /* 25 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 26 * Use is subject to license terms. 27 */ 28 29 #include "includes.h" 30 RCSID("$OpenBSD: auth2-kbdint.c,v 1.2 2002/05/31 11:35:15 markus Exp $"); 31 32 #pragma ident "%Z%%M% %I% %E% SMI" 33 34 #include "packet.h" 35 #include "auth.h" 36 #include "log.h" 37 #include "servconf.h" 38 #include "xmalloc.h" 39 40 /* import */ 41 extern ServerOptions options; 42 43 static void 44 userauth_kbdint(Authctxt *authctxt) 45 { 46 char *lang, *devs; 47 48 if (!authctxt || !authctxt->method) 49 fatal("%s: missing contex", __func__); 50 51 lang = packet_get_string(NULL); 52 devs = packet_get_string(NULL); 53 packet_check_eom(); 54 55 debug("keyboard-interactive devs %s", devs); 56 57 #ifdef USE_PAM 58 if (options.pam_authentication_via_kbd_int) 59 auth2_pam(authctxt); 60 #else 61 if (options.challenge_response_authentication) 62 auth2_challenge(authctxt, devs); 63 #endif /* USE_PAM */ 64 xfree(devs); 65 xfree(lang); 66 #ifdef HAVE_CYGWIN 67 if (check_nt_auth(0, authctxt->pw) == 0) { 68 authctxt->method->authenticated = 0; 69 return; 70 } 71 #endif 72 return; 73 } 74 75 #if 0 76 static int 77 userauth_kbdint_abandon_chk(Authctxt *authctxt, Authmethod *method) 78 { 79 #ifdef USE_PAM 80 return kbdint_pam_abandon_chk(authctxt, method); 81 #endif /* USE_PAM */ 82 if (method->method_data || method->postponed) 83 return 1; 84 85 return 0; 86 } 87 #endif 88 89 static void 90 userauth_kbdint_abandon(Authctxt *authctxt, Authmethod *method) 91 { 92 #ifdef USE_PAM 93 kbdint_pam_abandon(authctxt, method); 94 #else 95 auth2_challenge_abandon(authctxt); 96 #endif /* USE_PAM */ 97 } 98 99 Authmethod method_kbdint = { 100 "keyboard-interactive", 101 &options.kbd_interactive_authentication, 102 userauth_kbdint, 103 userauth_kbdint_abandon, 104 NULL, NULL, /* method data and historical data */ 105 1, /* initial userauth */ 106 0, 0, 0, /* counters */ 107 0, 0, 0, 0, 0, 0 /* state */ 108 }; 109