1 /* $NetBSD: auth-skey.c,v 1.5 2017/04/18 18:41:46 christos Exp $ */
2 /* $OpenBSD: auth-skey.c,v 1.27 2007/01/21 01:41:54 stevesk Exp $ */
3 /*
4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26 #include "includes.h"
27 __RCSID("$NetBSD: auth-skey.c,v 1.5 2017/04/18 18:41:46 christos Exp $");
28
29 #ifdef SKEY
30
31 #include <sys/types.h>
32
33 #include <pwd.h>
34 #include <stdio.h>
35
36 #include <skey.h>
37
38 #include "xmalloc.h"
39 #include "key.h"
40 #include "hostfile.h"
41 #include "auth.h"
42
43 #ifdef GSSAPI
44 #include "buffer.h"
45 #include "ssh-gss.h"
46 #endif
47
48 #include "monitor_wrap.h"
49
50 static void *
skey_init_ctx(Authctxt * authctxt)51 skey_init_ctx(Authctxt *authctxt)
52 {
53 return authctxt;
54 }
55
56 int
skey_query(void * ctx,char ** name,char ** infotxt,u_int * numprompts,char *** prompts,u_int ** echo_on)57 skey_query(void *ctx, char **name, char **infotxt,
58 u_int* numprompts, char ***prompts, u_int **echo_on)
59 {
60 Authctxt *authctxt = ctx;
61 char challenge[1024];
62 struct skey skey;
63
64 if (skeychallenge(&skey, authctxt->user, challenge, sizeof(challenge)) == -1)
65 return -1;
66
67 *name = xstrdup("");
68 *infotxt = xstrdup("");
69 *numprompts = 1;
70 *prompts = xcalloc(*numprompts, sizeof(char *));
71 *echo_on = xcalloc(*numprompts, sizeof(u_int));
72
73 xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
74
75 return 0;
76 }
77
78 int
skey_respond(void * ctx,u_int numresponses,char ** responses)79 skey_respond(void *ctx, u_int numresponses, char **responses)
80 {
81 Authctxt *authctxt = ctx;
82
83 if (authctxt->valid &&
84 numresponses == 1 &&
85 skey_haskey(authctxt->pw->pw_name) == 0 &&
86 skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
87 return 0;
88 return -1;
89 }
90
91 static void
skey_free_ctx(void * ctx)92 skey_free_ctx(void *ctx)
93 {
94 /* we don't have a special context */
95 }
96
97 KbdintDevice skey_device = {
98 "skey",
99 skey_init_ctx,
100 skey_query,
101 skey_respond,
102 skey_free_ctx
103 };
104
105 KbdintDevice mm_skey_device = {
106 "skey",
107 skey_init_ctx,
108 mm_skey_query,
109 mm_skey_respond,
110 skey_free_ctx
111 };
112 #endif /* SKEY */
113