X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/704994401c23d71f1846c42409d571265bbfdb28..HEAD:/auth2-chall.c

diff --git a/auth2-chall.c b/auth2-chall.c
index 92d0020e..e6dbffe2 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: auth2-chall.c,v 1.34 2008/12/09 04:32:22 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -22,16 +23,28 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
+
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.14 2002/01/11 20:14:11 markus Exp $");
 
+#include <sys/types.h>
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "xmalloc.h"
 #include "ssh2.h"
+#include "key.h"
+#include "hostfile.h"
 #include "auth.h"
+#include "buffer.h"
 #include "packet.h"
-#include "xmalloc.h"
 #include "dispatch.h"
-#include "auth.h"
 #include "log.h"
+#include "servconf.h"
+
+/* import */
+extern ServerOptions options;
 
 static int auth2_challenge_start(Authctxt *);
 static int send_userauth_info_request(Authctxt *);
@@ -40,6 +53,9 @@ static void input_userauth_info_response(int, u_int32_t, void *);
 #ifdef BSD_AUTH
 extern KbdintDevice bsdauth_device;
 #else
+#ifdef USE_PAM
+extern KbdintDevice sshpam_device;
+#endif
 #ifdef SKEY
 extern KbdintDevice skey_device;
 #endif
@@ -49,6 +65,9 @@ KbdintDevice *devices[] = {
 #ifdef BSD_AUTH
 	&bsdauth_device,
 #else
+#ifdef USE_PAM
+	&sshpam_device,
+#endif
 #ifdef SKEY
 	&skey_device,
 #endif
@@ -62,30 +81,55 @@ struct KbdintAuthctxt
 	char *devices;
 	void *ctxt;
 	KbdintDevice *device;
+	u_int nreq;
 };
 
+#ifdef USE_PAM
+void
+remove_kbdint_device(const char *devname)
+{
+	int i, j;
+
+	for (i = 0; devices[i] != NULL; i++)
+		if (strcmp(devices[i]->name, devname) == 0) {
+			for (j = i; devices[j] != NULL; j++)
+				devices[j] = devices[j+1];
+			i--;
+		}
+}
+#endif
+
 static KbdintAuthctxt *
 kbdint_alloc(const char *devs)
 {
 	KbdintAuthctxt *kbdintctxt;
+	Buffer b;
 	int i;
-	char buf[1024];
+
+#ifdef USE_PAM
+	if (!options.use_pam)
+		remove_kbdint_device("pam");
+#endif
 
 	kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));
 	if (strcmp(devs, "") == 0) {
-		buf[0] = '\0';
+		buffer_init(&b);
 		for (i = 0; devices[i]; i++) {
-			if (i != 0)
-				strlcat(buf, ",", sizeof(buf));
-			strlcat(buf, devices[i]->name, sizeof(buf));
+			if (buffer_len(&b) > 0)
+				buffer_append(&b, ",", 1);
+			buffer_append(&b, devices[i]->name,
+			    strlen(devices[i]->name));
 		}
-		debug("kbdint_alloc: devices '%s'", buf);
-		kbdintctxt->devices = xstrdup(buf);
+		buffer_append(&b, "\0", 1);
+		kbdintctxt->devices = xstrdup(buffer_ptr(&b));
+		buffer_free(&b);
 	} else {
 		kbdintctxt->devices = xstrdup(devs);
 	}
+	debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
 	kbdintctxt->ctxt = NULL;
 	kbdintctxt->device = NULL;
+	kbdintctxt->nreq = 0;
 
 	return kbdintctxt;
 }
@@ -132,7 +176,7 @@ kbdint_next_device(KbdintAuthctxt *kbdintctxt)
 		kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
 		xfree(t);
 		debug2("kbdint_next_device: devices %s", kbdintctxt->devices ?
-		   kbdintctxt->devices : "<empty>");
+		    kbdintctxt->devices : "<empty>");
 	} while (kbdintctxt->devices && !kbdintctxt->device);
 
 	return kbdintctxt->device ? 1 : 0;
@@ -162,7 +206,7 @@ auth2_challenge_stop(Authctxt *authctxt)
 {
 	/* unregister callback */
 	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
-	if (authctxt->kbdintctxt != NULL)  {
+	if (authctxt->kbdintctxt != NULL) {
 		kbdint_free(authctxt->kbdintctxt);
 		authctxt->kbdintctxt = NULL;
 	}
@@ -204,27 +248,26 @@ send_userauth_info_request(Authctxt *authctxt)
 {
 	KbdintAuthctxt *kbdintctxt;
 	char *name, *instr, **prompts;
-	int i;
-	u_int numprompts, *echo_on;
+	u_int i, *echo_on;
 
 	kbdintctxt = authctxt->kbdintctxt;
 	if (kbdintctxt->device->query(kbdintctxt->ctxt,
-	    &name, &instr, &numprompts, &prompts, &echo_on))
+	    &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
 		return 0;
 
 	packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
 	packet_put_cstring(name);
 	packet_put_cstring(instr);
-	packet_put_cstring(""); 	/* language not used */
-	packet_put_int(numprompts);
-	for (i = 0; i < numprompts; i++) {
+	packet_put_cstring("");		/* language not used */
+	packet_put_int(kbdintctxt->nreq);
+	for (i = 0; i < kbdintctxt->nreq; i++) {
 		packet_put_cstring(prompts[i]);
 		packet_put_char(echo_on[i]);
 	}
 	packet_send();
 	packet_write_wait();
 
-	for (i = 0; i < numprompts; i++)
+	for (i = 0; i < kbdintctxt->nreq; i++)
 		xfree(prompts[i]);
 	xfree(prompts);
 	xfree(echo_on);
@@ -238,8 +281,8 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
 	KbdintAuthctxt *kbdintctxt;
-	int i, authenticated = 0, res, len;
-	u_int nresp;
+	int authenticated = 0, res;
+	u_int i, nresp;
 	char **response = NULL, *method;
 
 	if (authctxt == NULL)
@@ -252,19 +295,18 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 
 	authctxt->postponed = 0;	/* reset */
 	nresp = packet_get_int();
+	if (nresp != kbdintctxt->nreq)
+		fatal("input_userauth_info_response: wrong number of replies");
+	if (nresp > 100)
+		fatal("input_userauth_info_response: too many replies");
 	if (nresp > 0) {
-		response = xmalloc(nresp * sizeof(char*));
+		response = xcalloc(nresp, sizeof(char *));
 		for (i = 0; i < nresp; i++)
 			response[i] = packet_get_string(NULL);
 	}
 	packet_check_eom();
 
-	if (authctxt->valid) {
-		res = kbdintctxt->device->respond(kbdintctxt->ctxt,
-		    nresp, response);
-	} else {
-		res = -1;
-	}
+	res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);
 
 	for (i = 0; i < nresp; i++) {
 		memset(response[i], 'r', strlen(response[i]));
@@ -276,7 +318,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 	switch (res) {
 	case 0:
 		/* Success! */
-		authenticated = 1;
+		authenticated = authctxt->valid ? 1 : 0;
 		break;
 	case 1:
 		/* Authentication needs further interaction */
@@ -288,12 +330,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 		break;
 	}
 
-	len = strlen("keyboard-interactive") + 2 +
-		strlen(kbdintctxt->device->name);
-	method = xmalloc(len);
-	strlcpy(method, "keyboard-interactive", len);
-	strlcat(method, "/", len);
-	strlcat(method, kbdintctxt->device->name, len);
+	xasprintf(&method, "keyboard-interactive/%s", kbdintctxt->device->name);
 
 	if (!authctxt->postponed) {
 		if (authenticated) {
@@ -307,3 +344,31 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 	userauth_finish(authctxt, authenticated, method);
 	xfree(method);
 }
+
+void
+privsep_challenge_enable(void)
+{
+#if defined(BSD_AUTH) || defined(USE_PAM) || defined(SKEY)
+	int n = 0;
+#endif
+#ifdef BSD_AUTH
+	extern KbdintDevice mm_bsdauth_device;
+#endif
+#ifdef USE_PAM
+	extern KbdintDevice mm_sshpam_device;
+#endif
+#ifdef SKEY
+	extern KbdintDevice mm_skey_device;
+#endif
+
+#ifdef BSD_AUTH
+	devices[n++] = &mm_bsdauth_device;
+#else
+#ifdef USE_PAM
+	devices[n++] = &mm_sshpam_device;
+#endif
+#ifdef SKEY
+	devices[n++] = &mm_skey_device;
+#endif
+#endif
+}