#include "config.h"
#include <sys/types.h>
#include <sys/param.h>
#include <stdio.h>
#ifdef STDC_HEADERS
# include <stdlib.h>
# include <stddef.h>
#else
# ifdef HAVE_STDLIB_H
# include <stdlib.h>
# endif
#endif
#ifdef HAVE_STRING_H
# include <string.h>
#else
# ifdef HAVE_STRINGS_H
# include <strings.h>
# endif
#endif
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif
#include <pwd.h>
#if defined(HAVE_SKEY)
#include <skey.h>
#define RFC1938 skey
#define rfc1938challenge skeychallenge
#define rfc1938verify skeyverify
#elif defined(HAVE_OPIE)
#include <opie.h>
#define RFC1938 opie
#define rfc1938challenge opiechallenge
#define rfc1938verify opieverify
#endif
#include "sudo.h"
#include "sudo_auth.h"
#ifndef lint
static const char rcsid[] = "$Sudo: rfc1938.c,v 1.9 2001/12/14 19:52:53 millert Exp $";
#endif
int
rfc1938_setup(pw, promptp, auth)
struct passwd *pw;
char **promptp;
sudo_auth *auth;
{
char challenge[256];
static char *orig_prompt = NULL, *new_prompt = NULL;
static int op_len, np_size;
static struct RFC1938 rfc1938;
if (!auth->data)
auth->data = &rfc1938;
if (orig_prompt == NULL) {
orig_prompt = *promptp;
op_len = strlen(orig_prompt);
if (orig_prompt[op_len - 1] == ':')
op_len--;
else if (op_len >= 2 && orig_prompt[op_len - 1] == ' '
&& orig_prompt[op_len - 2] == ':')
op_len -= 2;
}
#ifdef HAVE_SKEY
if (rfc1938.keyfile)
(void) fclose(rfc1938.keyfile);
#endif
if (rfc1938challenge(&rfc1938, pw->pw_name, challenge) != 0) {
if (IS_ONEANDONLY(auth)) {
(void) fprintf(stderr,
"%s: You do not exist in the %s database.\n",
Argv[0], auth->name);
return(AUTH_FATAL);
} else {
return(AUTH_FAILURE);
}
}
if (np_size < op_len + strlen(challenge) + 7) {
np_size = op_len + strlen(challenge) + 7;
new_prompt = (char *) erealloc(new_prompt, np_size);
}
if (def_flag(I_LONG_OTP_PROMPT))
(void) sprintf(new_prompt, "%s\n%s", challenge, orig_prompt);
else
(void) sprintf(new_prompt, "%.*s [ %s ]:", op_len, orig_prompt,
challenge);
*promptp = new_prompt;
return(AUTH_SUCCESS);
}
int
rfc1938_verify(pw, pass, auth)
struct passwd *pw;
char *pass;
sudo_auth *auth;
{
if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
return(AUTH_SUCCESS);
else
return(AUTH_FAILURE);
}