diff options
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 66 |
1 files changed, 0 insertions, 66 deletions
@@ -56,10 +56,6 @@ | |||
56 | # endif | 56 | # endif |
57 | #endif | 57 | #endif |
58 | 58 | ||
59 | #ifdef SKEY | ||
60 | #include <skey.h> | ||
61 | #endif | ||
62 | |||
63 | #ifdef WITH_OPENSSL | 59 | #ifdef WITH_OPENSSL |
64 | #include <openssl/dh.h> | 60 | #include <openssl/dh.h> |
65 | #endif | 61 | #endif |
@@ -122,8 +118,6 @@ int mm_answer_authserv(int, struct sshbuf *); | |||
122 | int mm_answer_authpassword(int, struct sshbuf *); | 118 | int mm_answer_authpassword(int, struct sshbuf *); |
123 | int mm_answer_bsdauthquery(int, struct sshbuf *); | 119 | int mm_answer_bsdauthquery(int, struct sshbuf *); |
124 | int mm_answer_bsdauthrespond(int, struct sshbuf *); | 120 | int mm_answer_bsdauthrespond(int, struct sshbuf *); |
125 | int mm_answer_skeyquery(int, struct sshbuf *); | ||
126 | int mm_answer_skeyrespond(int, struct sshbuf *); | ||
127 | int mm_answer_keyallowed(int, struct sshbuf *); | 121 | int mm_answer_keyallowed(int, struct sshbuf *); |
128 | int mm_answer_keyverify(int, struct sshbuf *); | 122 | int mm_answer_keyverify(int, struct sshbuf *); |
129 | int mm_answer_pty(int, struct sshbuf *); | 123 | int mm_answer_pty(int, struct sshbuf *); |
@@ -212,10 +206,6 @@ struct mon_table mon_dispatch_proto20[] = { | |||
212 | {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, | 206 | {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, |
213 | {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, | 207 | {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, |
214 | #endif | 208 | #endif |
215 | #ifdef SKEY | ||
216 | {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, | ||
217 | {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, | ||
218 | #endif | ||
219 | {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, | 209 | {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, |
220 | {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, | 210 | {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, |
221 | #ifdef GSSAPI | 211 | #ifdef GSSAPI |
@@ -960,62 +950,6 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m) | |||
960 | } | 950 | } |
961 | #endif | 951 | #endif |
962 | 952 | ||
963 | #ifdef SKEY | ||
964 | int | ||
965 | mm_answer_skeyquery(int sock, struct sshbuf *m) | ||
966 | { | ||
967 | struct skey skey; | ||
968 | char challenge[1024]; | ||
969 | u_int success; | ||
970 | int r; | ||
971 | |||
972 | success = _compat_skeychallenge(&skey, authctxt->user, challenge, | ||
973 | sizeof(challenge)) < 0 ? 0 : 1; | ||
974 | |||
975 | sshbuf_reset(m); | ||
976 | if ((r = sshbuf_put_u32(m, success)) != 0) | ||
977 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
978 | if (success) { | ||
979 | if ((r = sshbuf_put_cstring(m, challenge)) != 0) | ||
980 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
981 | } | ||
982 | debug3("%s: sending challenge success: %u", __func__, success); | ||
983 | mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m); | ||
984 | |||
985 | return (0); | ||
986 | } | ||
987 | |||
988 | int | ||
989 | mm_answer_skeyrespond(int sock, struct sshbuf *m) | ||
990 | { | ||
991 | char *response; | ||
992 | size_t rlen; | ||
993 | int authok, r; | ||
994 | |||
995 | if ((r = sshbuf_get_cstring(m, &response, &rlen)) != 0) | ||
996 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
997 | |||
998 | authok = (options.challenge_response_authentication && | ||
999 | authctxt->valid && | ||
1000 | skey_haskey(authctxt->pw->pw_name) == 0 && | ||
1001 | skey_passcheck(authctxt->pw->pw_name, response) != -1); | ||
1002 | |||
1003 | freezero(response, rlen); | ||
1004 | |||
1005 | sshbuf_reset(m); | ||
1006 | if ((r = sshbuf_put_u32(m, authok)) != 0) | ||
1007 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1008 | |||
1009 | debug3("%s: sending authenticated: %d", __func__, authok); | ||
1010 | mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m); | ||
1011 | |||
1012 | auth_method = "keyboard-interactive"; | ||
1013 | auth_submethod = "skey"; | ||
1014 | |||
1015 | return (authok != 0); | ||
1016 | } | ||
1017 | #endif | ||
1018 | |||
1019 | #ifdef USE_PAM | 953 | #ifdef USE_PAM |
1020 | int | 954 | int |
1021 | mm_answer_pam_start(int sock, struct sshbuf *m) | 955 | mm_answer_pam_start(int sock, struct sshbuf *m) |