Home | History | Annotate | Download | only in sshd
      1 /*
      2  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
      3  *
      4  * Redistribution and use in source and binary forms, with or without
      5  * modification, are permitted provided that the following conditions
      6  * are met:
      7  * 1. Redistributions of source code must retain the above copyright
      8  *    notice, this list of conditions and the following disclaimer.
      9  * 2. Redistributions in binary form must reproduce the above copyright
     10  *    notice, this list of conditions and the following disclaimer in the
     11  *    documentation and/or other materials provided with the distribution.
     12  *
     13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
     14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
     15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
     16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
     17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
     22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     23  */
     24 /*
     25  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
     26  * Use is subject to license terms.
     27  */
     28 
     29 #include "includes.h"
     30 RCSID("$OpenBSD: auth2-kbdint.c,v 1.2 2002/05/31 11:35:15 markus Exp $");
     31 
     32 #pragma ident	"%Z%%M%	%I%	%E% SMI"
     33 
     34 #include "packet.h"
     35 #include "auth.h"
     36 #include "log.h"
     37 #include "servconf.h"
     38 #include "xmalloc.h"
     39 
     40 /* import */
     41 extern ServerOptions options;
     42 
     43 static void
     44 userauth_kbdint(Authctxt *authctxt)
     45 {
     46 	char *lang, *devs;
     47 
     48 	if (!authctxt || !authctxt->method)
     49 		fatal("%s: missing contex", __func__);
     50 
     51 	lang = packet_get_string(NULL);
     52 	devs = packet_get_string(NULL);
     53 	packet_check_eom();
     54 
     55 	debug("keyboard-interactive devs %s", devs);
     56 
     57 #ifdef USE_PAM
     58 	if (options.pam_authentication_via_kbd_int)
     59 		auth2_pam(authctxt);
     60 #else
     61 	if (options.challenge_response_authentication)
     62 		auth2_challenge(authctxt, devs);
     63 #endif /* USE_PAM */
     64 	xfree(devs);
     65 	xfree(lang);
     66 #ifdef HAVE_CYGWIN
     67 	if (check_nt_auth(0, authctxt->pw) == 0) {
     68 		authctxt->method->authenticated = 0;
     69 		return;
     70 	}
     71 #endif
     72 	return;
     73 }
     74 
     75 #if 0
     76 static int
     77 userauth_kbdint_abandon_chk(Authctxt *authctxt, Authmethod *method)
     78 {
     79 #ifdef USE_PAM
     80 	return kbdint_pam_abandon_chk(authctxt, method);
     81 #endif /* USE_PAM */
     82 	if (method->method_data || method->postponed)
     83 		return 1;
     84 
     85 	return 0;
     86 }
     87 #endif
     88 
     89 static void
     90 userauth_kbdint_abandon(Authctxt *authctxt, Authmethod *method)
     91 {
     92 #ifdef USE_PAM
     93 	kbdint_pam_abandon(authctxt, method);
     94 #else
     95 	auth2_challenge_abandon(authctxt);
     96 #endif /* USE_PAM */
     97 }
     98 
     99 Authmethod method_kbdint = {
    100 	"keyboard-interactive",
    101 	&options.kbd_interactive_authentication,
    102 	userauth_kbdint,
    103 	userauth_kbdint_abandon,
    104 	NULL, NULL,	    /* method data and historical data */
    105 	1,		    /* initial userauth */
    106 	0, 0, 0,	    /* counters */
    107 	0, 0, 0, 0, 0, 0    /* state */
    108 };
    109