xref: /titanic_41/usr/src/cmd/ssh/sshd/auth2-kbdint.c (revision b509e89b2befbaa42939abad9da1d7f5a8c6aaae)
1 /*
2  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23  */
24 /*
25  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
26  * Use is subject to license terms.
27  */
28 
29 #include "includes.h"
30 RCSID("$OpenBSD: auth2-kbdint.c,v 1.2 2002/05/31 11:35:15 markus Exp $");
31 
32 #pragma ident	"%Z%%M%	%I%	%E% SMI"
33 
34 #include "packet.h"
35 #include "auth.h"
36 #include "log.h"
37 #include "servconf.h"
38 #include "xmalloc.h"
39 
40 /* import */
41 extern ServerOptions options;
42 
43 static void
44 userauth_kbdint(Authctxt *authctxt)
45 {
46 	char *lang, *devs;
47 
48 	if (!authctxt || !authctxt->method)
49 		fatal("%s: missing contex", __func__);
50 
51 	lang = packet_get_string(NULL);
52 	devs = packet_get_string(NULL);
53 	packet_check_eom();
54 
55 	debug("keyboard-interactive devs %s", devs);
56 
57 #ifdef USE_PAM
58 	if (options.pam_authentication_via_kbd_int)
59 		auth2_pam(authctxt);
60 #else
61 	if (options.challenge_response_authentication)
62 		auth2_challenge(authctxt, devs);
63 #endif /* USE_PAM */
64 	xfree(devs);
65 	xfree(lang);
66 #ifdef HAVE_CYGWIN
67 	if (check_nt_auth(0, authctxt->pw) == 0) {
68 		authctxt->method->authenticated = 0;
69 		return;
70 	}
71 #endif
72 	return;
73 }
74 
75 #if 0
76 static int
77 userauth_kbdint_abandon_chk(Authctxt *authctxt, Authmethod *method)
78 {
79 #ifdef USE_PAM
80 	return kbdint_pam_abandon_chk(authctxt, method);
81 #endif /* USE_PAM */
82 	if (method->method_data || method->postponed)
83 		return 1;
84 
85 	return 0;
86 }
87 #endif
88 
89 static void
90 userauth_kbdint_abandon(Authctxt *authctxt, Authmethod *method)
91 {
92 #ifdef USE_PAM
93 	kbdint_pam_abandon(authctxt, method);
94 #else
95 	auth2_challenge_abandon(authctxt);
96 #endif /* USE_PAM */
97 }
98 
99 Authmethod method_kbdint = {
100 	"keyboard-interactive",
101 	&options.kbd_interactive_authentication,
102 	userauth_kbdint,
103 	userauth_kbdint_abandon,
104 	NULL, NULL,	    /* method data and historical data */
105 	1,		    /* initial userauth */
106 	0, 0, 0,	    /* counters */
107 	0, 0, 0, 0, 0, 0    /* state */
108 };
109