blob: 37ff893e693854a98f164869f11c5a93bea6f496 [file] [log] [blame]
Damien Miller86687062014-07-02 15:28:02 +10001/* $OpenBSD: auth-bsdauth.c,v 1.13 2014/06/24 01:13:21 djm Exp $ */
Ben Lindstromd1aed9c2001-06-10 00:41:18 +00002/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
Damien Millerd7834352006-08-05 12:39:39 +100025
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000026#include "includes.h"
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000027
Damien Millerd7834352006-08-05 12:39:39 +100028#include <sys/types.h>
Damien Miller86687062014-07-02 15:28:02 +100029#include <stdarg.h>
30#include <stdio.h>
Damien Millerd7834352006-08-05 12:39:39 +100031
Damien Millerded319c2006-09-01 15:38:36 +100032#include <stdarg.h>
33
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000034#ifdef BSD_AUTH
35#include "xmalloc.h"
Damien Millerd7834352006-08-05 12:39:39 +100036#include "key.h"
37#include "hostfile.h"
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000038#include "auth.h"
39#include "log.h"
Damien Millerd7834352006-08-05 12:39:39 +100040#include "buffer.h"
41#ifdef GSSAPI
42#include "ssh-gss.h"
43#endif
Ben Lindstrom7a2073c2002-03-22 02:30:41 +000044#include "monitor_wrap.h"
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000045
46static void *
47bsdauth_init_ctx(Authctxt *authctxt)
48{
49 return authctxt;
50}
51
Ben Lindstrom7a2073c2002-03-22 02:30:41 +000052int
Damien Miller9f0f5c62001-12-21 14:45:46 +110053bsdauth_query(void *ctx, char **name, char **infotxt,
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000054 u_int *numprompts, char ***prompts, u_int **echo_on)
55{
Damien Miller9f0f5c62001-12-21 14:45:46 +110056 Authctxt *authctxt = ctx;
57 char *challenge = NULL;
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000058
Damien Miller8f9cd702014-04-20 13:00:11 +100059 *infotxt = NULL;
60 *numprompts = 0;
61 *prompts = NULL;
62 *echo_on = NULL;
63
Damien Miller9f0f5c62001-12-21 14:45:46 +110064 if (authctxt->as != NULL) {
65 debug2("bsdauth_query: try reuse session");
66 challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
67 if (challenge == NULL) {
68 auth_close(authctxt->as);
69 authctxt->as = NULL;
70 }
71 }
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000072
Damien Miller9f0f5c62001-12-21 14:45:46 +110073 if (challenge == NULL) {
74 debug2("bsdauth_query: new bsd auth session");
75 debug3("bsdauth_query: style %s",
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000076 authctxt->style ? authctxt->style : "<default>");
Damien Miller9f0f5c62001-12-21 14:45:46 +110077 authctxt->as = auth_userchallenge(authctxt->user,
Ben Lindstromcb72e4f2002-06-21 00:41:51 +000078 authctxt->style, "auth-ssh", &challenge);
Damien Miller9f0f5c62001-12-21 14:45:46 +110079 if (authctxt->as == NULL)
80 challenge = NULL;
81 debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
82 }
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000083
Damien Miller9f0f5c62001-12-21 14:45:46 +110084 if (challenge == NULL)
85 return -1;
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000086
Ben Lindstromcb72e4f2002-06-21 00:41:51 +000087 *name = xstrdup("");
88 *infotxt = xstrdup("");
Damien Miller9f0f5c62001-12-21 14:45:46 +110089 *numprompts = 1;
Damien Miller07d86be2006-03-26 14:19:21 +110090 *prompts = xcalloc(*numprompts, sizeof(char *));
91 *echo_on = xcalloc(*numprompts, sizeof(u_int));
Damien Miller9f0f5c62001-12-21 14:45:46 +110092 (*prompts)[0] = xstrdup(challenge);
93
94 return 0;
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000095}
96
Ben Lindstrom7a2073c2002-03-22 02:30:41 +000097int
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000098bsdauth_respond(void *ctx, u_int numresponses, char **responses)
99{
Damien Miller9f0f5c62001-12-21 14:45:46 +1100100 Authctxt *authctxt = ctx;
101 int authok;
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000102
Darren Tucker611649e2005-01-20 11:05:34 +1100103 if (!authctxt->valid)
104 return -1;
105
Damien Miller9f0f5c62001-12-21 14:45:46 +1100106 if (authctxt->as == 0)
107 error("bsdauth_respond: no bsd auth session");
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000108
Damien Miller9f0f5c62001-12-21 14:45:46 +1100109 if (numresponses != 1)
110 return -1;
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000111
Damien Miller9f0f5c62001-12-21 14:45:46 +1100112 authok = auth_userresponse(authctxt->as, responses[0], 0);
113 authctxt->as = NULL;
114 debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
115
116 return (authok == 0) ? -1 : 0;
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000117}
118
119static void
120bsdauth_free_ctx(void *ctx)
121{
Damien Miller9f0f5c62001-12-21 14:45:46 +1100122 Authctxt *authctxt = ctx;
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000123
Damien Miller9f0f5c62001-12-21 14:45:46 +1100124 if (authctxt && authctxt->as) {
125 auth_close(authctxt->as);
126 authctxt->as = NULL;
127 }
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000128}
129
130KbdintDevice bsdauth_device = {
131 "bsdauth",
132 bsdauth_init_ctx,
133 bsdauth_query,
134 bsdauth_respond,
135 bsdauth_free_ctx
136};
Ben Lindstrom7a2073c2002-03-22 02:30:41 +0000137
138KbdintDevice mm_bsdauth_device = {
139 "bsdauth",
140 bsdauth_init_ctx,
141 mm_bsdauth_query,
142 mm_bsdauth_respond,
143 bsdauth_free_ctx
144};
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000145#endif