xref: /titanic_44/usr/src/cmd/ssh/sshd/auth-bsdauth.c (revision df8bdeb362277e8d95a74d6c097341fe97409948)
1 /*
2  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23  */
24 #include "includes.h"
25 RCSID("$OpenBSD: auth-bsdauth.c,v 1.5 2002/06/30 21:59:45 deraadt Exp $");
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #ifdef BSD_AUTH
30 #include "xmalloc.h"
31 #include "auth.h"
32 #include "log.h"
33 #include "monitor_wrap.h"
34 
35 static void *
36 bsdauth_init_ctx(Authctxt *authctxt)
37 {
38 	return authctxt;
39 }
40 
41 int
42 bsdauth_query(void *ctx, char **name, char **infotxt,
43    u_int *numprompts, char ***prompts, u_int **echo_on)
44 {
45 	Authctxt *authctxt = ctx;
46 	char *challenge = NULL;
47 
48 	if (authctxt->as != NULL) {
49 		debug2("bsdauth_query: try reuse session");
50 		challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
51 		if (challenge == NULL) {
52 			auth_close(authctxt->as);
53 			authctxt->as = NULL;
54 		}
55 	}
56 
57 	if (challenge == NULL) {
58 		debug2("bsdauth_query: new bsd auth session");
59 		debug3("bsdauth_query: style %s",
60 		    authctxt->style ? authctxt->style : "<default>");
61 		authctxt->as = auth_userchallenge(authctxt->user,
62 		    authctxt->style, "auth-ssh", &challenge);
63 		if (authctxt->as == NULL)
64 			challenge = NULL;
65 		debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
66 	}
67 
68 	if (challenge == NULL)
69 		return -1;
70 
71 	*name = xstrdup("");
72 	*infotxt = xstrdup("");
73 	*numprompts = 1;
74 	*prompts = xmalloc(*numprompts * sizeof(char *));
75 	*echo_on = xmalloc(*numprompts * sizeof(u_int));
76 	(*echo_on)[0] = 0;
77 	(*prompts)[0] = xstrdup(challenge);
78 
79 	return 0;
80 }
81 
82 int
83 bsdauth_respond(void *ctx, u_int numresponses, char **responses)
84 {
85 	Authctxt *authctxt = ctx;
86 	int authok;
87 
88 	if (authctxt->as == 0)
89 		error("bsdauth_respond: no bsd auth session");
90 
91 	if (numresponses != 1)
92 		return -1;
93 
94 	authok = auth_userresponse(authctxt->as, responses[0], 0);
95 	authctxt->as = NULL;
96 	debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
97 
98 	return (authok == 0) ? -1 : 0;
99 }
100 
101 static void
102 bsdauth_free_ctx(void *ctx)
103 {
104 	Authctxt *authctxt = ctx;
105 
106 	if (authctxt && authctxt->as) {
107 		auth_close(authctxt->as);
108 		authctxt->as = NULL;
109 	}
110 }
111 
112 KbdintDevice bsdauth_device = {
113 	"bsdauth",
114 	bsdauth_init_ctx,
115 	bsdauth_query,
116 	bsdauth_respond,
117 	bsdauth_free_ctx
118 };
119 
120 KbdintDevice mm_bsdauth_device = {
121 	"bsdauth",
122 	bsdauth_init_ctx,
123 	mm_bsdauth_query,
124 	mm_bsdauth_respond,
125 	bsdauth_free_ctx
126 };
127 #endif
128