* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.17 2002/03/18 17:50:31 provos Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $");
#include "ssh2.h"
#include "auth.h"
#include "packet.h"
#include "xmalloc.h"
#include "dispatch.h"
-#include "auth.h"
#include "log.h"
static int auth2_challenge_start(Authctxt *);
#ifdef BSD_AUTH
extern KbdintDevice bsdauth_device;
#else
+#ifdef USE_PAM
+extern KbdintDevice sshpam_device;
+#endif
#ifdef SKEY
extern KbdintDevice skey_device;
#endif
#ifdef BSD_AUTH
&bsdauth_device,
#else
+#ifdef USE_PAM
+ &sshpam_device,
+#endif
#ifdef SKEY
&skey_device,
#endif
char *devices;
void *ctxt;
KbdintDevice *device;
+ u_int nreq;
};
static KbdintAuthctxt *
debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
kbdintctxt->ctxt = NULL;
kbdintctxt->device = NULL;
+ kbdintctxt->nreq = 0;
return kbdintctxt;
}
KbdintAuthctxt *kbdintctxt;
char *name, *instr, **prompts;
int i;
- u_int numprompts, *echo_on;
+ u_int *echo_on;
kbdintctxt = authctxt->kbdintctxt;
if (kbdintctxt->device->query(kbdintctxt->ctxt,
- &name, &instr, &numprompts, &prompts, &echo_on))
+ &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
return 0;
packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
packet_put_cstring(name);
packet_put_cstring(instr);
- packet_put_cstring(""); /* language not used */
- packet_put_int(numprompts);
- for (i = 0; i < numprompts; i++) {
+ packet_put_cstring(""); /* language not used */
+ packet_put_int(kbdintctxt->nreq);
+ for (i = 0; i < kbdintctxt->nreq; i++) {
packet_put_cstring(prompts[i]);
packet_put_char(echo_on[i]);
}
packet_send();
packet_write_wait();
- for (i = 0; i < numprompts; i++)
+ for (i = 0; i < kbdintctxt->nreq; i++)
xfree(prompts[i]);
xfree(prompts);
xfree(echo_on);
authctxt->postponed = 0; /* reset */
nresp = packet_get_int();
+ if (nresp != kbdintctxt->nreq)
+ fatal("input_userauth_info_response: wrong number of replies");
+ if (nresp > 100)
+ fatal("input_userauth_info_response: too many replies");
if (nresp > 0) {
- response = xmalloc(nresp * sizeof(char*));
+ response = xmalloc(nresp * sizeof(char *));
for (i = 0; i < nresp; i++)
response[i] = packet_get_string(NULL);
}
void
privsep_challenge_enable(void)
{
+#if defined(BSD_AUTH) || defined(USE_PAM) || defined(SKEY)
+ int n = 0;
+#endif
#ifdef BSD_AUTH
extern KbdintDevice mm_bsdauth_device;
#endif
+#ifdef USE_PAM
+ extern KbdintDevice mm_sshpam_device;
+#endif
#ifdef SKEY
extern KbdintDevice mm_skey_device;
#endif
- /* As long as SSHv1 has devices[0] hard coded this is fine */
+
#ifdef BSD_AUTH
- devices[0] = &mm_bsdauth_device;
+ devices[n++] = &mm_bsdauth_device;
#else
+#ifdef USE_PAM
+ devices[n++] = &mm_sshpam_device;
+#endif
#ifdef SKEY
- devices[0] = &mm_skey_device;
+ devices[n++] = &mm_skey_device;
#endif
#endif
}
andersk / openssh.git / blobdiff