diff options
author | markus@openbsd.org <markus@openbsd.org> | 2016-08-13 17:47:40 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2016-08-14 11:19:14 +1000 |
commit | 6cb6dcffe1a2204ba9006de20f73255c268fcb6b (patch) | |
tree | 235267a1264f9363c39c4c0b11b59384e9acbdcf /auth-chall.c | |
parent | 42d47adc5ad1187f22c726cbc52e71d6b1767ca2 (diff) |
upstream commit
remove ssh1 server code; ok djm@
Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
Diffstat (limited to 'auth-chall.c')
-rw-r--r-- | auth-chall.c | 125 |
1 files changed, 0 insertions, 125 deletions
diff --git a/auth-chall.c b/auth-chall.c deleted file mode 100644 index 60c9f14ca..000000000 --- a/auth-chall.c +++ /dev/null | |||
@@ -1,125 +0,0 @@ | |||
1 | /* $OpenBSD: auth-chall.c,v 1.14 2014/06/24 01:13:21 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions | ||
7 | * are met: | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * 2. Redistributions in binary form must reproduce the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer in the | ||
12 | * documentation and/or other materials provided with the distribution. | ||
13 | * | ||
14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
24 | */ | ||
25 | |||
26 | #include "includes.h" | ||
27 | |||
28 | #include <sys/types.h> | ||
29 | #include <stdarg.h> | ||
30 | #include <stdlib.h> | ||
31 | #include <stdio.h> | ||
32 | |||
33 | #include "xmalloc.h" | ||
34 | #include "key.h" | ||
35 | #include "hostfile.h" | ||
36 | #include "auth.h" | ||
37 | #include "log.h" | ||
38 | #include "misc.h" | ||
39 | #include "servconf.h" | ||
40 | |||
41 | /* limited protocol v1 interface to kbd-interactive authentication */ | ||
42 | |||
43 | extern KbdintDevice *devices[]; | ||
44 | static KbdintDevice *device; | ||
45 | extern ServerOptions options; | ||
46 | |||
47 | char * | ||
48 | get_challenge(Authctxt *authctxt) | ||
49 | { | ||
50 | char *challenge, *name, *info, **prompts; | ||
51 | u_int i, numprompts; | ||
52 | u_int *echo_on; | ||
53 | |||
54 | #ifdef USE_PAM | ||
55 | if (!options.use_pam) | ||
56 | remove_kbdint_device("pam"); | ||
57 | #endif | ||
58 | |||
59 | device = devices[0]; /* we always use the 1st device for protocol 1 */ | ||
60 | if (device == NULL) | ||
61 | return NULL; | ||
62 | if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL) | ||
63 | return NULL; | ||
64 | if (device->query(authctxt->kbdintctxt, &name, &info, | ||
65 | &numprompts, &prompts, &echo_on)) { | ||
66 | device->free_ctx(authctxt->kbdintctxt); | ||
67 | authctxt->kbdintctxt = NULL; | ||
68 | return NULL; | ||
69 | } | ||
70 | if (numprompts < 1) | ||
71 | fatal("get_challenge: numprompts < 1"); | ||
72 | challenge = xstrdup(prompts[0]); | ||
73 | for (i = 0; i < numprompts; i++) | ||
74 | free(prompts[i]); | ||
75 | free(prompts); | ||
76 | free(name); | ||
77 | free(echo_on); | ||
78 | free(info); | ||
79 | |||
80 | return (challenge); | ||
81 | } | ||
82 | int | ||
83 | verify_response(Authctxt *authctxt, const char *response) | ||
84 | { | ||
85 | char *resp[1], *name, *info, **prompts; | ||
86 | u_int i, numprompts, *echo_on; | ||
87 | int authenticated = 0; | ||
88 | |||
89 | if (device == NULL) | ||
90 | return 0; | ||
91 | if (authctxt->kbdintctxt == NULL) | ||
92 | return 0; | ||
93 | resp[0] = (char *)response; | ||
94 | switch (device->respond(authctxt->kbdintctxt, 1, resp)) { | ||
95 | case 0: /* Success */ | ||
96 | authenticated = 1; | ||
97 | break; | ||
98 | case 1: /* Postponed - retry with empty query for PAM */ | ||
99 | if ((device->query(authctxt->kbdintctxt, &name, &info, | ||
100 | &numprompts, &prompts, &echo_on)) != 0) | ||
101 | break; | ||
102 | if (numprompts == 0 && | ||
103 | device->respond(authctxt->kbdintctxt, 0, resp) == 0) | ||
104 | authenticated = 1; | ||
105 | |||
106 | for (i = 0; i < numprompts; i++) | ||
107 | free(prompts[i]); | ||
108 | free(prompts); | ||
109 | free(name); | ||
110 | free(echo_on); | ||
111 | free(info); | ||
112 | break; | ||
113 | } | ||
114 | device->free_ctx(authctxt->kbdintctxt); | ||
115 | authctxt->kbdintctxt = NULL; | ||
116 | return authenticated; | ||
117 | } | ||
118 | void | ||
119 | abandon_challenge_response(Authctxt *authctxt) | ||
120 | { | ||
121 | if (authctxt->kbdintctxt != NULL) { | ||
122 | device->free_ctx(authctxt->kbdintctxt); | ||
123 | authctxt->kbdintctxt = NULL; | ||
124 | } | ||
125 | } | ||