- (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
enable with --with-bsd-auth.
diff --git a/auth-chall.c b/auth-chall.c
index b6ec02a..926c07e 100644
--- a/auth-chall.c
+++ b/auth-chall.c
@@ -26,7 +26,48 @@
RCSID("$OpenBSD: auth-chall.c,v 1.4 2001/02/04 15:32:22 stevesk Exp $");
#include "auth.h"
+#include "log.h"
+#ifdef BSD_AUTH
+char *
+get_challenge(Authctxt *authctxt, char *devs)
+{
+ char *challenge;
+
+ if (authctxt->as != NULL) {
+ debug2("try reuse session");
+ challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
+ if (challenge != NULL) {
+ debug2("reuse bsd auth session");
+ return challenge;
+ }
+ auth_close(authctxt->as);
+ authctxt->as = NULL;
+ }
+ debug2("new bsd auth session");
+ if (devs == NULL || strlen(devs) == 0)
+ devs = authctxt->style;
+ debug3("bsd auth: devs %s", devs ? devs : "<default>");
+ authctxt->as = auth_userchallenge(authctxt->user, devs, "auth-ssh",
+ &challenge);
+ if (authctxt->as == NULL)
+ return NULL;
+ debug2("get_challenge: <%s>", challenge ? challenge : "EMPTY");
+ return challenge;
+}
+int
+verify_response(Authctxt *authctxt, char *response)
+{
+ int authok;
+
+ if (authctxt->as == 0)
+ error("verify_response: no bsd auth session");
+ authok = auth_userresponse(authctxt->as, response, 0);
+ authctxt->as = NULL;
+ debug("verify_response: <%s> = <%d>", response, authok);
+ return authok != 0;
+}
+#else
#ifdef SKEY
#include <skey.h>
@@ -60,3 +101,4 @@
return 0;
}
#endif
+#endif