xref: /titanic_44/usr/src/cmd/ssh/sshd/auth-skey.c (revision da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968)
1 /*
2  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23  */
24 #include "includes.h"
25 RCSID("$OpenBSD: auth-skey.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $");
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #ifdef SKEY
30 
31 #include <skey.h>
32 
33 #include "xmalloc.h"
34 #include "auth.h"
35 #include "monitor_wrap.h"
36 
37 static void *
38 skey_init_ctx(Authctxt *authctxt)
39 {
40 	return authctxt;
41 }
42 
43 int
44 skey_query(void *ctx, char **name, char **infotxt,
45     u_int* numprompts, char ***prompts, u_int **echo_on)
46 {
47 	Authctxt *authctxt = ctx;
48 	char challenge[1024], *p;
49 	int len;
50 	struct skey skey;
51 
52 	if (skeychallenge(&skey, authctxt->user, challenge) == -1)
53 		return -1;
54 
55 	*name  = xstrdup("");
56 	*infotxt  = xstrdup("");
57 	*numprompts = 1;
58 	*prompts = xmalloc(*numprompts * sizeof(char *));
59 	*echo_on = xmalloc(*numprompts * sizeof(u_int));
60 	(*echo_on)[0] = 0;
61 
62 	len = strlen(challenge) + strlen(SKEY_PROMPT) + 1;
63 	p = xmalloc(len);
64 	strlcpy(p, challenge, len);
65 	strlcat(p, SKEY_PROMPT, len);
66 	(*prompts)[0] = p;
67 
68 	return 0;
69 }
70 
71 int
72 skey_respond(void *ctx, u_int numresponses, char **responses)
73 {
74 	Authctxt *authctxt = ctx;
75 
76 	if (authctxt->valid &&
77 	    numresponses == 1 &&
78 	    skey_haskey(authctxt->pw->pw_name) == 0 &&
79 	    skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
80 	    return 0;
81 	return -1;
82 }
83 
84 static void
85 skey_free_ctx(void *ctx)
86 {
87 	/* we don't have a special context */
88 }
89 
90 KbdintDevice skey_device = {
91 	"skey",
92 	skey_init_ctx,
93 	skey_query,
94 	skey_respond,
95 	skey_free_ctx
96 };
97 
98 KbdintDevice mm_skey_device = {
99 	"skey",
100 	skey_init_ctx,
101 	mm_skey_query,
102 	mm_skey_respond,
103 	skey_free_ctx
104 };
105 #endif /* SKEY */
106