1 /* $NetBSD: auth-bsdauth.c,v 1.2 2009/06/07 22:38:46 christos Exp $ */ 2 /* $OpenBSD: auth-bsdauth.c,v 1.11 2007/09/21 08:15:29 djm Exp $ */ 3 /* 4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include "includes.h" 28 __RCSID("$NetBSD: auth-bsdauth.c,v 1.2 2009/06/07 22:38:46 christos Exp $"); 29 #include <sys/types.h> 30 31 #ifdef BSD_AUTH 32 #include "xmalloc.h" 33 #include "key.h" 34 #include "hostfile.h" 35 #include "auth.h" 36 #include "log.h" 37 #include "buffer.h" 38 #ifdef GSSAPI 39 #include "ssh-gss.h" 40 #endif 41 #include "monitor_wrap.h" 42 43 static void * 44 bsdauth_init_ctx(Authctxt *authctxt) 45 { 46 return authctxt; 47 } 48 49 int 50 bsdauth_query(void *ctx, char **name, char **infotxt, 51 u_int *numprompts, char ***prompts, u_int **echo_on) 52 { 53 Authctxt *authctxt = ctx; 54 char *challenge = NULL; 55 56 if (authctxt->as != NULL) { 57 debug2("bsdauth_query: try reuse session"); 58 challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); 59 if (challenge == NULL) { 60 auth_close(authctxt->as); 61 authctxt->as = NULL; 62 } 63 } 64 65 if (challenge == NULL) { 66 debug2("bsdauth_query: new bsd auth session"); 67 debug3("bsdauth_query: style %s", 68 authctxt->style ? authctxt->style : "<default>"); 69 authctxt->as = auth_userchallenge(authctxt->user, 70 authctxt->style, "auth-ssh", &challenge); 71 if (authctxt->as == NULL) 72 challenge = NULL; 73 debug2("bsdauth_query: <%s>", challenge ? challenge : "empty"); 74 } 75 76 if (challenge == NULL) 77 return -1; 78 79 *name = xstrdup(""); 80 *infotxt = xstrdup(""); 81 *numprompts = 1; 82 *prompts = xcalloc(*numprompts, sizeof(char *)); 83 *echo_on = xcalloc(*numprompts, sizeof(u_int)); 84 (*prompts)[0] = xstrdup(challenge); 85 86 return 0; 87 } 88 89 int 90 bsdauth_respond(void *ctx, u_int numresponses, char **responses) 91 { 92 Authctxt *authctxt = ctx; 93 int authok; 94 95 if (!authctxt->valid) 96 return -1; 97 98 if (authctxt->as == 0) 99 error("bsdauth_respond: no bsd auth session"); 100 101 if (numresponses != 1) 102 return -1; 103 104 authok = auth_userresponse(authctxt->as, responses[0], 0); 105 authctxt->as = NULL; 106 debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok); 107 108 return (authok == 0) ? -1 : 0; 109 } 110 111 static void 112 bsdauth_free_ctx(void *ctx) 113 { 114 Authctxt *authctxt = ctx; 115 116 if (authctxt && authctxt->as) { 117 auth_close(authctxt->as); 118 authctxt->as = NULL; 119 } 120 } 121 122 KbdintDevice bsdauth_device = { 123 "bsdauth", 124 bsdauth_init_ctx, 125 bsdauth_query, 126 bsdauth_respond, 127 bsdauth_free_ctx 128 }; 129 130 KbdintDevice mm_bsdauth_device = { 131 "bsdauth", 132 bsdauth_init_ctx, 133 mm_bsdauth_query, 134 mm_bsdauth_respond, 135 bsdauth_free_ctx 136 }; 137 #endif 138