[openssh.git] / auth2-chall.c

/*
 * Copyright (c) 2001 Markus Friedl. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
#include "includes.h"
RCSID("$OpenBSD: auth2-chall.c,v 1.1 2001/01/18 17:12:43 markus Exp $");

#include "ssh.h"
#include "ssh2.h"
#include "auth.h"
#include "packet.h"
#include "xmalloc.h"
#include "dispatch.h"

void send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo);
void input_userauth_info_response(int type, int plen, void *ctxt);

/*
 * try challenge-reponse, return -1 (= postponed) if we have to
 * wait for the response.
 */
int
auth2_challenge(Authctxt *authctxt, char *devs)
{
	char *challenge;

	if (!authctxt->valid || authctxt->user == NULL)
		return 0;
	if ((challenge = get_challenge(authctxt, devs)) == NULL)
		return 0;
	send_userauth_into_request(authctxt, challenge, 0);
	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
	    &input_userauth_info_response);
	authctxt->postponed = 1;
	return 0;
}

void
send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo)
{
	int nprompts = 1;

	packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
	/* name, instruction and language are unused */
	packet_put_cstring("");
	packet_put_cstring("");
	packet_put_cstring("");
	packet_put_int(nprompts);
	packet_put_cstring(challenge);
	packet_put_char(echo);
	packet_send();
	packet_write_wait();
}

void
input_userauth_info_response(int type, int plen, void *ctxt)
{
	Authctxt *authctxt = ctxt;
	int authenticated = 0;
	u_int nresp, rlen;
	char *response, *method = "challenge-reponse";

	if (authctxt == NULL)
		fatal("input_userauth_info_response: no authctxt");

	authctxt->postponed = 0;	/* reset */
	nresp = packet_get_int();
	if (nresp == 1) {
		response = packet_get_string(&rlen);
		packet_done();
		if (strlen(response) == 0) {
			/*
			 * if we received an empty response, resend challenge
			 * with echo enabled
			 */
			char *challenge = get_challenge(authctxt, NULL);
			if (challenge != NULL) {
				send_userauth_into_request(authctxt,
				    challenge, 1);
				authctxt->postponed = 1;
			}
		} else if (authctxt->valid) {
			authenticated = verify_response(authctxt, response);
			memset(response, 'r', rlen);
		}
		xfree(response);
	}
	auth_log(authctxt, authenticated, method, " ssh2");
	if (!authctxt->postponed) {
		/* unregister callback and send reply */
		dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
		userauth_reply(authctxt, authenticated);
	}
}
Commit	Line	Data
59c97189	1	/*
	2	* Copyright (c) 2001 Markus Friedl. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	* 1. Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* 2. Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	*
	13	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	14	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	15	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	16	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	17	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	18	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	19	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	20	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	21	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	22	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	23	*/
	24	#include "includes.h"
	25	RCSID("$OpenBSD: auth2-chall.c,v 1.1 2001/01/18 17:12:43 markus Exp $");
	26
	27	#include "ssh.h"
	28	#include "ssh2.h"
	29	#include "auth.h"
	30	#include "packet.h"
	31	#include "xmalloc.h"
	32	#include "dispatch.h"
	33
	34	void send_userauth_into_request(Authctxt authctxt, char challenge, int echo);
	35	void input_userauth_info_response(int type, int plen, void *ctxt);
	36
	37	/*
	38	* try challenge-reponse, return -1 (= postponed) if we have to
	39	* wait for the response.
	40	*/
	41	int
	42	auth2_challenge(Authctxt authctxt, char devs)
	43	{
	44	char *challenge;
	45
	46	if (!authctxt->valid \|\| authctxt->user == NULL)
	47	return 0;
	48	if ((challenge = get_challenge(authctxt, devs)) == NULL)
	49	return 0;
	50	send_userauth_into_request(authctxt, challenge, 0);
	51	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
	52	&input_userauth_info_response);
	53	authctxt->postponed = 1;
	54	return 0;
	55	}
	56
	57	void
	58	send_userauth_into_request(Authctxt authctxt, char challenge, int echo)
	59	{
	60	int nprompts = 1;
	61
	62	packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
	63	/* name, instruction and language are unused */
	64	packet_put_cstring("");
65	packet_put_cstring("");
66	packet_put_cstring("");
67	packet_put_int(nprompts);
68	packet_put_cstring(challenge);
69	packet_put_char(echo);
70	packet_send();
71	packet_write_wait();
72	}
73
74	void
75	input_userauth_info_response(int type, int plen, void *ctxt)
76	{
77	Authctxt *authctxt = ctxt;
78	int authenticated = 0;
79	u_int nresp, rlen;
80	char response, method = "challenge-reponse";
81
82	if (authctxt == NULL)
83	fatal("input_userauth_info_response: no authctxt");
84
85	authctxt->postponed = 0; /* reset */
86	nresp = packet_get_int();
87	if (nresp == 1) {
88	response = packet_get_string(&rlen);
89	packet_done();
90	if (strlen(response) == 0) {
91	/*
92	* if we received an empty response, resend challenge
93	* with echo enabled
94	*/
95	char *challenge = get_challenge(authctxt, NULL);
96	if (challenge != NULL) {
97	send_userauth_into_request(authctxt,
98	challenge, 1);
99	authctxt->postponed = 1;
100	}
101	} else if (authctxt->valid) {
102	authenticated = verify_response(authctxt, response);
103	memset(response, 'r', rlen);
104	}
105	xfree(response);
106	}
107	auth_log(authctxt, authenticated, method, " ssh2");
108	if (!authctxt->postponed) {
109	/* unregister callback and send reply */
110	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
111	userauth_reply(authctxt, authenticated);
112	}
113	}