xref: /titanic_50/usr/src/cmd/ssh/sshd/auth-skey.c (revision cd3e933325e68e23516a196a8fea7f49b1e497c3)
1 /*
2  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23  */
24 #include "includes.h"
25 RCSID("$OpenBSD: auth-skey.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $");
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #ifdef SKEY
30 
31 #include <skey.h>
32 
33 #include "xmalloc.h"
34 #include "auth.h"
35 
36 static void *
37 skey_init_ctx(Authctxt *authctxt)
38 {
39 	return authctxt;
40 }
41 
42 int
43 skey_query(void *ctx, char **name, char **infotxt,
44     u_int* numprompts, char ***prompts, u_int **echo_on)
45 {
46 	Authctxt *authctxt = ctx;
47 	char challenge[1024], *p;
48 	int len;
49 	struct skey skey;
50 
51 	if (skeychallenge(&skey, authctxt->user, challenge) == -1)
52 		return -1;
53 
54 	*name  = xstrdup("");
55 	*infotxt  = xstrdup("");
56 	*numprompts = 1;
57 	*prompts = xmalloc(*numprompts * sizeof(char *));
58 	*echo_on = xmalloc(*numprompts * sizeof(u_int));
59 	(*echo_on)[0] = 0;
60 
61 	len = strlen(challenge) + strlen(SKEY_PROMPT) + 1;
62 	p = xmalloc(len);
63 	strlcpy(p, challenge, len);
64 	strlcat(p, SKEY_PROMPT, len);
65 	(*prompts)[0] = p;
66 
67 	return 0;
68 }
69 
70 int
71 skey_respond(void *ctx, u_int numresponses, char **responses)
72 {
73 	Authctxt *authctxt = ctx;
74 
75 	if (authctxt->valid &&
76 	    numresponses == 1 &&
77 	    skey_haskey(authctxt->pw->pw_name) == 0 &&
78 	    skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
79 	    return 0;
80 	return -1;
81 }
82 
83 static void
84 skey_free_ctx(void *ctx)
85 {
86 	/* we don't have a special context */
87 }
88 
89 KbdintDevice skey_device = {
90 	"skey",
91 	skey_init_ctx,
92 	skey_query,
93 	skey_respond,
94 	skey_free_ctx
95 };
96 
97 KbdintDevice mm_skey_device = {
98 	"skey",
99 	skey_init_ctx,
100 	mm_skey_query,
101 	mm_skey_respond,
102 	skey_free_ctx
103 };
104 #endif /* SKEY */
105