1 /*
   2  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions
   6  * are met:
   7  * 1. Redistributions of source code must retain the above copyright
   8  *    notice, this list of conditions and the following disclaimer.
   9  * 2. Redistributions in binary form must reproduce the above copyright
  10  *    notice, this list of conditions and the following disclaimer in the
  11  *    documentation and/or other materials provided with the distribution.
  12  *
  13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  23  */
  24 #include "includes.h"
  25 RCSID("$OpenBSD: auth-bsdauth.c,v 1.5 2002/06/30 21:59:45 deraadt Exp $");
  26 
  27 #pragma ident   "%Z%%M% %I%     %E% SMI"
  28 
  29 #ifdef BSD_AUTH
  30 #include "xmalloc.h"
  31 #include "auth.h"
  32 #include "log.h"
  33 
  34 static void *
  35 bsdauth_init_ctx(Authctxt *authctxt)
  36 {
  37         return authctxt;
  38 }
  39 
  40 int
  41 bsdauth_query(void *ctx, char **name, char **infotxt,
  42    u_int *numprompts, char ***prompts, u_int **echo_on)
  43 {
  44         Authctxt *authctxt = ctx;
  45         char *challenge = NULL;
  46 
  47         if (authctxt->as != NULL) {
  48                 debug2("bsdauth_query: try reuse session");
  49                 challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
  50                 if (challenge == NULL) {
  51                         auth_close(authctxt->as);
  52                         authctxt->as = NULL;
  53                 }
  54         }
  55 
  56         if (challenge == NULL) {
  57                 debug2("bsdauth_query: new bsd auth session");
  58                 debug3("bsdauth_query: style %s",
  59                     authctxt->style ? authctxt->style : "<default>");
  60                 authctxt->as = auth_userchallenge(authctxt->user,
  61                     authctxt->style, "auth-ssh", &challenge);
  62                 if (authctxt->as == NULL)
  63                         challenge = NULL;
  64                 debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
  65         }
  66 
  67         if (challenge == NULL)
  68                 return -1;
  69 
  70         *name = xstrdup("");
  71         *infotxt = xstrdup("");
  72         *numprompts = 1;
  73         *prompts = xmalloc(*numprompts * sizeof(char *));
  74         *echo_on = xmalloc(*numprompts * sizeof(u_int));
  75         (*echo_on)[0] = 0;
  76         (*prompts)[0] = xstrdup(challenge);
  77 
  78         return 0;
  79 }
  80 
  81 int
  82 bsdauth_respond(void *ctx, u_int numresponses, char **responses)
  83 {
  84         Authctxt *authctxt = ctx;
  85         int authok;
  86 
  87         if (authctxt->as == 0)
  88                 error("bsdauth_respond: no bsd auth session");
  89 
  90         if (numresponses != 1)
  91                 return -1;
  92 
  93         authok = auth_userresponse(authctxt->as, responses[0], 0);
  94         authctxt->as = NULL;
  95         debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
  96 
  97         return (authok == 0) ? -1 : 0;
  98 }
  99 
 100 static void
 101 bsdauth_free_ctx(void *ctx)
 102 {
 103         Authctxt *authctxt = ctx;
 104 
 105         if (authctxt && authctxt->as) {
 106                 auth_close(authctxt->as);
 107                 authctxt->as = NULL;
 108         }
 109 }
 110 
 111 KbdintDevice bsdauth_device = {
 112         "bsdauth",
 113         bsdauth_init_ctx,
 114         bsdauth_query,
 115         bsdauth_respond,
 116         bsdauth_free_ctx
 117 };
 118 
 119 KbdintDevice mm_bsdauth_device = {
 120         "bsdauth",
 121         bsdauth_init_ctx,
 122         mm_bsdauth_query,
 123         mm_bsdauth_respond,
 124         bsdauth_free_ctx
 125 };
 126 #endif