- (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c

4 files changed, 219 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index abeda270..44b28246 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+20010610
+ - (bal) Missed two files in major resync.  auth-bsdauth.c and auth-skey.c
+
 20010609
  - OpenBSD CVS Sync
    - markus@cvs.openbsd.org 2001/05/30 12:55:13
@@ -5592,4 +5595,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1272 2001/06/09 02:26:58 mouring Exp $
+$Id: ChangeLog,v 1.1273 2001/06/10 00:41:18 mouring Exp $
diff --git a/Makefile.in b/Makefile.in
index 3bb432e1..e6dec0be 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.175 2001/05/03 23:39:54 mouring Exp $
+# $Id: Makefile.in,v 1.176 2001/06/10 00:41:19 mouring Exp $
 
 prefix=@prefix@
 exec_prefix=@exec_prefix@
@@ -49,7 +49,7 @@ LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels
 
 SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o
 
-SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o
+SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o
 
 MANPAGES	= scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out
 MANPAGES_IN	= scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1
diff --git a/auth-bsdauth.c b/auth-bsdauth.c
new file mode 100644
index 00000000..3732477d
--- /dev/null
+++ b/auth-bsdauth.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2001 Markus Friedl.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include "includes.h"
+RCSID("$OpenBSD: auth-bsdauth.c,v 1.1 2001/05/18 14:13:28 markus Exp $");
+
+#ifdef BSD_AUTH
+#include "xmalloc.h"
+#include "auth.h"
+#include "log.h"
+
+static void *
+bsdauth_init_ctx(Authctxt *authctxt)
+{
+	return authctxt;
+}
+
+static int
+bsdauth_query(void *ctx, char **name, char **infotxt, 
+   u_int *numprompts, char ***prompts, u_int **echo_on)
+{
+        Authctxt *authctxt = ctx;
+        char *challenge = NULL;
+
+        if (authctxt->as != NULL) {
+                debug2("bsdauth_query: try reuse session");
+                challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
+                if (challenge == NULL) {
+                        auth_close(authctxt->as);
+                        authctxt->as = NULL;
+                }
+        }
+
+        if (challenge == NULL) {
+                debug2("bsdauth_query: new bsd auth session");
+                debug3("bsdauth_query: style %s",
+		    authctxt->style ? authctxt->style : "<default>");
+                authctxt->as = auth_userchallenge(authctxt->user,
+		     authctxt->style, "auth-ssh", &challenge);
+                if (authctxt->as == NULL)
+                        challenge = NULL;
+                debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
+        }
+        
+        if (challenge == NULL)
+                return -1;
+
+        *name       = xstrdup("");
+        *infotxt    = xstrdup("");
+        *numprompts = 1;
+        *prompts = xmalloc(*numprompts * sizeof(char*));
+        *echo_on = xmalloc(*numprompts * sizeof(u_int));
+        (*echo_on)[0] = 0;
+        (*prompts)[0] = xstrdup(challenge);
+
+        return 0;
+}
+
+static int
+bsdauth_respond(void *ctx, u_int numresponses, char **responses)
+{
+        Authctxt *authctxt = ctx;
+        int authok;
+        
+        if (authctxt->as == 0)
+                error("bsdauth_respond: no bsd auth session");
+
+        if (numresponses != 1)
+                return -1;
+
+        authok = auth_userresponse(authctxt->as, responses[0], 0);
+        authctxt->as = NULL;
+        debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
+
+        return (authok == 0) ? -1 : 0;
+}
+
+static void
+bsdauth_free_ctx(void *ctx)
+{
+        Authctxt *authctxt = ctx;
+
+        if (authctxt && authctxt->as) {
+                auth_close(authctxt->as);
+                authctxt->as = NULL;
+        }
+}
+
+KbdintDevice bsdauth_device = {
+	"bsdauth",
+	bsdauth_init_ctx,
+	bsdauth_query,
+	bsdauth_respond,
+	bsdauth_free_ctx
+};
+#endif
diff --git a/auth-skey.c b/auth-skey.c
new file mode 100644
index 00000000..f921fc1b
--- /dev/null
+++ b/auth-skey.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2001 Markus Friedl.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include "includes.h"
+RCSID("$OpenBSD: auth-skey.c,v 1.12 2001/05/18 14:13:28 markus Exp $");
+
+#ifdef SKEY
+
+#include <skey.h>
+
+#include "xmalloc.h"
+#include "auth.h"
+
+static void *
+skey_init_ctx(Authctxt *authctxt)
+{
+	return authctxt;
+}
+
+#define PROMPT "\nS/Key Password: "
+
+static int
+skey_query(void *ctx, char **name, char **infotxt, 
+    u_int* numprompts, char ***prompts, u_int **echo_on)
+{
+	Authctxt *authctxt = ctx;
+	char challenge[1024], *p;
+	int len;
+	struct skey skey;
+
+	if (skeychallenge(&skey, authctxt->user, challenge) == -1)
+		return -1;
+
+	*name       = xstrdup("");
+	*infotxt    = xstrdup("");
+	*numprompts = 1;
+	*prompts = xmalloc(*numprompts * sizeof(char*));
+	*echo_on = xmalloc(*numprompts * sizeof(u_int));
+	(*echo_on)[0] = 0;
+
+	len = strlen(challenge) + strlen(PROMPT) + 1;
+	p = xmalloc(len);
+	p[0] = '\0';
+	strlcat(p, challenge, len);
+	strlcat(p, PROMPT, len);
+	(*prompts)[0] = p;
+
+	return 0;
+}
+
+static int
+skey_respond(void *ctx, u_int numresponses, char **responses)
+{
+	Authctxt *authctxt = ctx;
+ 
+	if (authctxt->valid &&
+	    numresponses == 1 && 
+	    skey_haskey(authctxt->pw->pw_name) == 0 &&
+	    skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
+	    return 0;
+	return -1;
+}
+
+static void
+skey_free_ctx(void *ctx)
+{
+	/* we don't have a special context */
+}
+
+KbdintDevice skey_device = {
+	"skey",
+	skey_init_ctx,
+	skey_query,
+	skey_respond,
+	skey_free_ctx
+};
+#endif /* SKEY */