2 * Copyright (c) 1999-2001 Todd C. Miller <Todd.Miller@courtesan.com>
5 * This code is derived from software contributed by Spider Boardman
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * 3. The name of the author may not be used to endorse or promote products
19 * derived from this software without specific prior written permission.
21 * 4. Products derived from this software may not be called "Sudo" nor
22 * may "Sudo" appear in their names without specific prior written
23 * permission from the author.
25 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
26 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
27 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
28 * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
29 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
30 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
31 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
32 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
33 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
34 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 #include <sys/types.h>
40 #include <sys/param.h>
49 #endif /* STDC_HEADERS */
53 # ifdef HAVE_STRINGS_H
56 #endif /* HAVE_STRING_H */
59 #endif /* HAVE_UNISTD_H */
64 #include "sudo_auth.h"
67 static const char rcsid[] = "$Sudo: sia.c,v 1.10 2001/12/14 19:52:53 millert Exp $";
70 static int sudo_collect __P((int, int, uchar_t *, int, prompt_t *));
72 static char *def_prompt;
75 * Collection routine (callback) for limiting the timeouts in SIA
76 * prompts and (possibly) setting a custom prompt.
79 sudo_collect(timeout, rendition, title, nprompts, prompts)
89 if (timeout <= 0 || timeout > def_ival(I_PASSWD_TIMEOUT) * 60)
90 timeout = def_ival(I_PASSWD_TIMEOUT) * 60;
92 * Substitute custom prompt if a) the sudo prompt is not "Password:"
93 * and b) the SIA prompt is "Password:" (so we know it is safe).
94 * This keeps us from overwriting things like S/Key challenges.
96 if (strcmp((char *)prompts[0].prompt, "Password:") == 0 &&
97 strcmp(def_prompt, "Password:") != 0)
98 prompts[0].prompt = (unsigned char *)def_prompt;
104 return sia_collect_trm(timeout, rendition, title, nprompts, prompts);
108 sia_setup(pw, promptp, auth)
113 SIAENTITY *siah = NULL;
115 if (sia_ses_init(&siah, Argc, Argv, NULL, pw->pw_name, ttyname(0), 1, NULL)
118 log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
119 "unable to initialize SIA session");
123 auth->data = (VOID *) siah;
124 return(AUTH_SUCCESS);
128 sia_verify(pw, prompt, auth)
133 SIAENTITY *siah = (SIAENTITY *) auth->data;
135 def_prompt = prompt; /* for sudo_collect */
137 /* XXX - need a way to detect user hitting return or EOF at prompt */
138 if (sia_ses_reauthent(sudo_collect, siah) == SIASUCCESS)
139 return(AUTH_SUCCESS);
141 return(AUTH_FAILURE);
145 sia_cleanup(pw, auth)
149 SIAENTITY *siah = (SIAENTITY *) auth->data;
151 (void) sia_ses_release(&siah);
152 return(AUTH_SUCCESS);