summaryrefslogtreecommitdiff
path: root/monitor_wrap.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2018-07-20 13:18:28 +1000
committerDamien Miller <djm@mindrot.org>2018-07-31 12:59:30 +1000
commit87f08be054b7eeadbb9cdeb3fb4872be79ccf218 (patch)
tree80bfc724ddd93228b8571702a2f153787994022b /monitor_wrap.c
parent5d14019ba2ff54acbfd20a6b9b96bb860a8c7c31 (diff)
Remove support for S/Key
Most people will 1) be using modern multi-factor authentication methods like TOTP/OATH etc and 2) be getting support for multi-factor authentication via PAM or BSD Auth.
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r--monitor_wrap.c67
1 files changed, 0 insertions, 67 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 3cb26c2ac..732fb3476 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -867,73 +867,6 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses)
867 return ((authok == 0) ? -1 : 0); 867 return ((authok == 0) ? -1 : 0);
868} 868}
869 869
870#ifdef SKEY
871int
872mm_skey_query(void *ctx, char **name, char **infotxt,
873 u_int *numprompts, char ***prompts, u_int **echo_on)
874{
875 struct sshbuf *m;
876 u_int success;
877 char *challenge;
878 int r;
879
880 debug3("%s: entering", __func__);
881
882 if ((m = sshbuf_new()) == NULL)
883 fatal("%s: sshbuf_new failed", __func__);
884 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, m);
885
886 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY, m);
887 if ((r = sshbuf_get_u32(m, &success)) != 0)
888 fatal("%s: buffer error: %s", __func__, ssh_err(r));
889 if (success == 0) {
890 debug3("%s: no challenge", __func__);
891 sshbuf_free(m);
892 return (-1);
893 }
894
895 /* Get the challenge, and format the response */
896 if ((r = sshbuf_get_cstring(m, &challenge, NULL)) != 0)
897 fatal("%s: buffer error: %s", __func__, ssh_err(r));
898 sshbuf_free(m);
899
900 debug3("%s: received challenge: %s", __func__, challenge);
901
902 mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
903
904 xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
905 free(challenge);
906
907 return (0);
908}
909
910int
911mm_skey_respond(void *ctx, u_int numresponses, char **responses)
912{
913 struct sshbuf *m;
914 int authok, r;
915
916 debug3("%s: entering", __func__);
917 if (numresponses != 1)
918 return (-1);
919
920 if ((m = sshbuf_new()) == NULL)
921 fatal("%s: sshbuf_new failed", __func__);
922 if ((r = sshbuf_put_cstring(m, responses[0])) != 0)
923 fatal("%s: buffer error: %s", __func__, ssh_err(r));
924 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, m);
925
926 mm_request_receive_expect(pmonitor->m_recvfd,
927 MONITOR_ANS_SKEYRESPOND, m);
928
929 if ((r = sshbuf_get_u32(m, &authok)) != 0)
930 fatal("%s: buffer error: %s", __func__, ssh_err(r));
931 sshbuf_free(m);
932
933 return ((authok == 0) ? -1 : 0);
934}
935#endif /* SKEY */
936
937#ifdef SSH_AUDIT_EVENTS 870#ifdef SSH_AUDIT_EVENTS
938void 871void
939mm_audit_event(ssh_audit_event_t event) 872mm_audit_event(ssh_audit_event_t event)