+/* $OpenBSD: auth2-chall.c,v 1.34 2008/12/09 04:32:22 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2001 Per Allansson. All rights reserved.
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+
#include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $");
+#include <sys/types.h>
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "xmalloc.h"
#include "ssh2.h"
+#include "key.h"
+#include "hostfile.h"
#include "auth.h"
#include "buffer.h"
#include "packet.h"
-#include "xmalloc.h"
#include "dispatch.h"
#include "log.h"
+#include "servconf.h"
+
+/* import */
+extern ServerOptions options;
static int auth2_challenge_start(Authctxt *);
static int send_userauth_info_request(Authctxt *);
u_int nreq;
};
+#ifdef USE_PAM
+void
+remove_kbdint_device(const char *devname)
+{
+ int i, j;
+
+ for (i = 0; devices[i] != NULL; i++)
+ if (strcmp(devices[i]->name, devname) == 0) {
+ for (j = i; devices[j] != NULL; j++)
+ devices[j] = devices[j+1];
+ i--;
+ }
+}
+#endif
+
static KbdintAuthctxt *
kbdint_alloc(const char *devs)
{
Buffer b;
int i;
+#ifdef USE_PAM
+ if (!options.use_pam)
+ remove_kbdint_device("pam");
+#endif
+
kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));
if (strcmp(devs, "") == 0) {
buffer_init(&b);
kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
xfree(t);
debug2("kbdint_next_device: devices %s", kbdintctxt->devices ?
- kbdintctxt->devices : "<empty>");
+ kbdintctxt->devices : "<empty>");
} while (kbdintctxt->devices && !kbdintctxt->device);
return kbdintctxt->device ? 1 : 0;
{
/* unregister callback */
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
- if (authctxt->kbdintctxt != NULL) {
+ if (authctxt->kbdintctxt != NULL) {
kbdint_free(authctxt->kbdintctxt);
authctxt->kbdintctxt = NULL;
}
{
KbdintAuthctxt *kbdintctxt;
char *name, *instr, **prompts;
- int i;
- u_int *echo_on;
+ u_int i, *echo_on;
kbdintctxt = authctxt->kbdintctxt;
if (kbdintctxt->device->query(kbdintctxt->ctxt,
{
Authctxt *authctxt = ctxt;
KbdintAuthctxt *kbdintctxt;
- int i, authenticated = 0, res, len;
- u_int nresp;
+ int authenticated = 0, res;
+ u_int i, nresp;
char **response = NULL, *method;
if (authctxt == NULL)
if (nresp > 100)
fatal("input_userauth_info_response: too many replies");
if (nresp > 0) {
- response = xmalloc(nresp * sizeof(char *));
+ response = xcalloc(nresp, sizeof(char *));
for (i = 0; i < nresp; i++)
response[i] = packet_get_string(NULL);
}
break;
}
- len = strlen("keyboard-interactive") + 2 +
- strlen(kbdintctxt->device->name);
- method = xmalloc(len);
- snprintf(method, len, "keyboard-interactive/%s",
- kbdintctxt->device->name);
+ xasprintf(&method, "keyboard-interactive/%s", kbdintctxt->device->name);
if (!authctxt->postponed) {
if (authenticated) {