OpenCoverage

auth2-chall.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/auth2-chall.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: auth2-chall.c,v 1.50 2018/07/11 18:55:11 markus Exp $ */-
2/*-
3 * Copyright (c) 2001 Markus Friedl. All rights reserved.-
4 * Copyright (c) 2001 Per Allansson. All rights reserved.-
5 *-
6 * Redistribution and use in source and binary forms, with or without-
7 * modification, are permitted provided that the following conditions-
8 * are met:-
9 * 1. Redistributions of source code must retain the above copyright-
10 * notice, this list of conditions and the following disclaimer.-
11 * 2. Redistributions in binary form must reproduce the above copyright-
12 * notice, this list of conditions and the following disclaimer in the-
13 * documentation and/or other materials provided with the distribution.-
14 *-
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR-
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES-
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.-
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,-
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,-
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY-
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT-
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF-
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.-
25 */-
26-
27#include "includes.h"-
28-
29#include <sys/types.h>-
30-
31#include <stdarg.h>-
32#include <stdio.h>-
33#include <string.h>-
34-
35#include "xmalloc.h"-
36#include "ssh2.h"-
37#include "sshkey.h"-
38#include "hostfile.h"-
39#include "auth.h"-
40#include "sshbuf.h"-
41#include "packet.h"-
42#include "dispatch.h"-
43#include "ssherr.h"-
44#include "log.h"-
45#include "misc.h"-
46#include "servconf.h"-
47-
48/* import */-
49extern ServerOptions options;-
50-
51static int auth2_challenge_start(struct ssh *);-
52static int send_userauth_info_request(struct ssh *);-
53static int input_userauth_info_response(int, u_int32_t, struct ssh *);-
54-
55#ifdef BSD_AUTH-
56extern KbdintDevice bsdauth_device;-
57#else-
58#ifdef USE_PAM-
59extern KbdintDevice sshpam_device;-
60#endif-
61#endif-
62-
63KbdintDevice *devices[] = {-
64#ifdef BSD_AUTH-
65 &bsdauth_device,-
66#else-
67#ifdef USE_PAM-
68 &sshpam_device,-
69#endif-
70#endif-
71 NULL-
72};-
73-
74typedef struct KbdintAuthctxt KbdintAuthctxt;-
75struct KbdintAuthctxt-
76{-
77 char *devices;-
78 void *ctxt;-
79 KbdintDevice *device;-
80 u_int nreq;-
81 u_int devices_done;-
82};-
83-
84#ifdef USE_PAM-
85void-
86remove_kbdint_device(const char *devname)-
87{-
88 int i, j;-
89-
90 for (i = 0; devices[i] != NULL; i++)-
91 if (strcmp(devices[i]->name, devname) == 0) {-
92 for (j = i; devices[j] != NULL; j++)-
93 devices[j] = devices[j+1];-
94 i--;-
95 }-
96}-
97#endif-
98-
99static KbdintAuthctxt *-
100kbdint_alloc(const char *devs)-
101{-
102 KbdintAuthctxt *kbdintctxt;-
103 struct sshbuf *b;-
104 int i, r;-
105-
106#ifdef USE_PAM-
107 if (!options.use_pam)-
108 remove_kbdint_device("pam");-
109#endif-
110-
111 kbdintctxt = xcalloc(1, sizeof(KbdintAuthctxt));-
112 if (strcmp(devs, "") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( devs ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
113 if ((b = sshbuf_new()) == NULL)
(b = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
114 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
115 for (i = 0; devices[i]; i++) {
devices[i]Description
TRUEnever evaluated
FALSEnever evaluated
0
116 if ((r = sshbuf_putf(b, "%s%s",
(r = sshbuf_pu...]->name)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
117 sshbuf_len(b) ? "," : "", devices[i]->name)) != 0)
(r = sshbuf_pu...]->name)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
118 fatal("%s: buffer error: %s",
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
119 __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
120 }
never executed: end of block
0
121 if ((kbdintctxt->devices = sshbuf_dup_string(b)) == NULL)
(kbdintctxt->d...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
122 fatal("%s: sshbuf_dup_string failed", __func__);
never executed: fatal("%s: sshbuf_dup_string failed", __func__);
0
123 sshbuf_free(b);-
124 } else {
never executed: end of block
0
125 kbdintctxt->devices = xstrdup(devs);-
126 }
never executed: end of block
0
127 debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);-
128 kbdintctxt->ctxt = NULL;-
129 kbdintctxt->device = NULL;-
130 kbdintctxt->nreq = 0;-
131-
132 return kbdintctxt;
never executed: return kbdintctxt;
0
133}-
134static void-
135kbdint_reset_device(KbdintAuthctxt *kbdintctxt)-
136{-
137 if (kbdintctxt->ctxt) {
kbdintctxt->ctxtDescription
TRUEnever evaluated
FALSEnever evaluated
0
138 kbdintctxt->device->free_ctx(kbdintctxt->ctxt);-
139 kbdintctxt->ctxt = NULL;-
140 }
never executed: end of block
0
141 kbdintctxt->device = NULL;-
142}
never executed: end of block
0
143static void-
144kbdint_free(KbdintAuthctxt *kbdintctxt)-
145{-
146 if (kbdintctxt->device)
kbdintctxt->deviceDescription
TRUEnever evaluated
FALSEnever evaluated
0
147 kbdint_reset_device(kbdintctxt);
never executed: kbdint_reset_device(kbdintctxt);
0
148 free(kbdintctxt->devices);-
149 explicit_bzero(kbdintctxt, sizeof(*kbdintctxt));-
150 free(kbdintctxt);-
151}
never executed: end of block
0
152/* get next device */-
153static int-
154kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt)-
155{-
156 size_t len;-
157 char *t;-
158 int i;-
159-
160 if (kbdintctxt->device)
kbdintctxt->deviceDescription
TRUEnever evaluated
FALSEnever evaluated
0
161 kbdint_reset_device(kbdintctxt);
never executed: kbdint_reset_device(kbdintctxt);
0
162 do {-
163 len = kbdintctxt->devices ?
kbdintctxt->devicesDescription
TRUEnever evaluated
FALSEnever evaluated
0
164 strcspn(kbdintctxt->devices, ",") : 0;-
165-
166 if (len == 0)
len == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
167 break;
never executed: break;
0
168 for (i = 0; devices[i]; i++) {
devices[i]Description
TRUEnever evaluated
FALSEnever evaluated
0
169 if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
(kbdintctxt->d...(1 << i)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
170 !auth2_method_allowed(authctxt,
!auth2_method_...ices[i]->name)Description
TRUEnever evaluated
FALSEnever evaluated
0
171 "keyboard-interactive", devices[i]->name))
!auth2_method_...ices[i]->name)Description
TRUEnever evaluated
FALSEnever evaluated
0
172 continue;
never executed: continue;
0
173 if (strncmp(kbdintctxt->devices, devices[i]->name,
never executed: __result = (((const unsigned char *) (const char *) ( kbdintctxt->devices ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( devices[i]->name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..., len ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( len )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...txt->devices )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( kbdin...ze_t) ( len ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...ces[i]->name )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( devic...ze_t) ( len ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
174 len) == 0) {
(__extension__..., len ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
175 kbdintctxt->device = devices[i];-
176 kbdintctxt->devices_done |= 1 << i;-
177 }
never executed: end of block
0
178 }
never executed: end of block
0
179 t = kbdintctxt->devices;-
180 kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
t[len]Description
TRUEnever evaluated
FALSEnever evaluated
0
181 free(t);-
182 debug2("kbdint_next_device: devices %s", kbdintctxt->devices ?-
183 kbdintctxt->devices : "<empty>");-
184 } while (kbdintctxt->devices && !kbdintctxt->device);
never executed: end of block
kbdintctxt->devicesDescription
TRUEnever evaluated
FALSEnever evaluated
!kbdintctxt->deviceDescription
TRUEnever evaluated
FALSEnever evaluated
0
185-
186 return kbdintctxt->device ? 1 : 0;
never executed: return kbdintctxt->device ? 1 : 0;
kbdintctxt->deviceDescription
TRUEnever evaluated
FALSEnever evaluated
0
187}-
188-
189/*-
190 * try challenge-response, set authctxt->postponed if we have to-
191 * wait for the response.-
192 */-
193int-
194auth2_challenge(struct ssh *ssh, char *devs)-
195{-
196 Authctxt *authctxt = ssh->authctxt;-
197 debug("auth2_challenge: user=%s devs=%s",-
198 authctxt->user ? authctxt->user : "<nouser>",-
199 devs ? devs : "<no devs>");-
200-
201 if (authctxt->user == NULL || !devs)
authctxt->user == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
!devsDescription
TRUEnever evaluated
FALSEnever evaluated
0
202 return 0;
never executed: return 0;
0
203 if (authctxt->kbdintctxt == NULL)
authctxt->kbdi...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
204 authctxt->kbdintctxt = kbdint_alloc(devs);
never executed: authctxt->kbdintctxt = kbdint_alloc(devs);
0
205 return auth2_challenge_start(ssh);
never executed: return auth2_challenge_start(ssh);
0
206}-
207-
208/* unregister kbd-int callbacks and context */-
209void-
210auth2_challenge_stop(struct ssh *ssh)-
211{-
212 Authctxt *authctxt = ssh->authctxt;-
213 /* unregister callback */-
214 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);-
215 if (authctxt->kbdintctxt != NULL) {
authctxt->kbdi...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
216 kbdint_free(authctxt->kbdintctxt);-
217 authctxt->kbdintctxt = NULL;-
218 }
never executed: end of block
0
219}
never executed: end of block
0
220-
221/* side effect: sets authctxt->postponed if a reply was sent*/-
222static int-
223auth2_challenge_start(struct ssh *ssh)-
224{-
225 Authctxt *authctxt = ssh->authctxt;-
226 KbdintAuthctxt *kbdintctxt = authctxt->kbdintctxt;-
227-
228 debug2("auth2_challenge_start: devices %s",-
229 kbdintctxt->devices ? kbdintctxt->devices : "<empty>");-
230-
231 if (kbdint_next_device(authctxt, kbdintctxt) == 0) {
kbdint_next_de...dintctxt) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
232 auth2_challenge_stop(ssh);-
233 return 0;
never executed: return 0;
0
234 }-
235 debug("auth2_challenge_start: trying authentication method '%s'",-
236 kbdintctxt->device->name);-
237-
238 if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) {
(kbdintctxt->c...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
239 auth2_challenge_stop(ssh);-
240 return 0;
never executed: return 0;
0
241 }-
242 if (send_userauth_info_request(ssh) == 0) {
send_userauth_...uest(ssh) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
243 auth2_challenge_stop(ssh);-
244 return 0;
never executed: return 0;
0
245 }-
246 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_RESPONSE,-
247 &input_userauth_info_response);-
248-
249 authctxt->postponed = 1;-
250 return 0;
never executed: return 0;
0
251}-
252-
253static int-
254send_userauth_info_request(struct ssh *ssh)-
255{-
256 Authctxt *authctxt = ssh->authctxt;-
257 KbdintAuthctxt *kbdintctxt;-
258 char *name, *instr, **prompts;-
259 u_int r, i, *echo_on;-
260-
261 kbdintctxt = authctxt->kbdintctxt;-
262 if (kbdintctxt->device->query(kbdintctxt->ctxt,
kbdintctxt->de...pts, &echo_on)Description
TRUEnever evaluated
FALSEnever evaluated
0
263 &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
kbdintctxt->de...pts, &echo_on)Description
TRUEnever evaluated
FALSEnever evaluated
0
264 return 0;
never executed: return 0;
0
265-
266 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST)) != 0 ||
(r = sshpkt_st...ssh, 60)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
267 (r = sshpkt_put_cstring(ssh, name)) != 0 ||
(r = sshpkt_pu...h, name)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
268 (r = sshpkt_put_cstring(ssh, instr)) != 0 ||
(r = sshpkt_pu..., instr)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
269 (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language not used */
(r = sshpkt_pu...ssh, "")) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
270 (r = sshpkt_put_u32(ssh, kbdintctxt->nreq)) != 0)
(r = sshpkt_pu...t->nreq)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
271 fatal("%s: %s", __func__, ssh_err(r));
never executed: fatal("%s: %s", __func__, ssh_err(r));
0
272 for (i = 0; i < kbdintctxt->nreq; i++) {
i < kbdintctxt->nreqDescription
TRUEnever evaluated
FALSEnever evaluated
0
273 if ((r = sshpkt_put_cstring(ssh, prompts[i])) != 0 ||
(r = sshpkt_pu...mpts[i])) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
274 (r = sshpkt_put_u8(ssh, echo_on[i])) != 0)
(r = sshpkt_pu...o_on[i])) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
275 fatal("%s: %s", __func__, ssh_err(r));
never executed: fatal("%s: %s", __func__, ssh_err(r));
0
276 }
never executed: end of block
0
277 if ((r = sshpkt_send(ssh)) != 0 ||
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
278 (r = ssh_packet_write_wait(ssh)) != 0)
(r = ssh_packe...ait(ssh)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
279 fatal("%s: %s", __func__, ssh_err(r));
never executed: fatal("%s: %s", __func__, ssh_err(r));
0
280-
281 for (i = 0; i < kbdintctxt->nreq; i++)
i < kbdintctxt->nreqDescription
TRUEnever evaluated
FALSEnever evaluated
0
282 free(prompts[i]);
never executed: free(prompts[i]);
0
283 free(prompts);-
284 free(echo_on);-
285 free(name);-
286 free(instr);-
287 return 1;
never executed: return 1;
0
288}-
289-
290static int-
291input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)-
292{-
293 Authctxt *authctxt = ssh->authctxt;-
294 KbdintAuthctxt *kbdintctxt;-
295 int authenticated = 0, res;-
296 int r;-
297 u_int i, nresp;-
298 const char *devicename = NULL;-
299 char **response = NULL;-
300-
301 if (authctxt == NULL)
authctxt == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
302 fatal("input_userauth_info_response: no authctxt");
never executed: fatal("input_userauth_info_response: no authctxt");
0
303 kbdintctxt = authctxt->kbdintctxt;-
304 if (kbdintctxt == NULL || kbdintctxt->ctxt == NULL)
kbdintctxt == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
kbdintctxt->ct...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
305 fatal("input_userauth_info_response: no kbdintctxt");
never executed: fatal("input_userauth_info_response: no kbdintctxt");
0
306 if (kbdintctxt->device == NULL)
kbdintctxt->de...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
307 fatal("input_userauth_info_response: no device");
never executed: fatal("input_userauth_info_response: no device");
0
308-
309 authctxt->postponed = 0; /* reset */-
310 if ((r = sshpkt_get_u32(ssh, &nresp)) != 0)
(r = sshpkt_ge... &nresp)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
311 fatal("%s: %s", __func__, ssh_err(r));
never executed: fatal("%s: %s", __func__, ssh_err(r));
0
312 if (nresp != kbdintctxt->nreq)
nresp != kbdintctxt->nreqDescription
TRUEnever evaluated
FALSEnever evaluated
0
313 fatal("input_userauth_info_response: wrong number of replies");
never executed: fatal("input_userauth_info_response: wrong number of replies");
0
314 if (nresp > 100)
nresp > 100Description
TRUEnever evaluated
FALSEnever evaluated
0
315 fatal("input_userauth_info_response: too many replies");
never executed: fatal("input_userauth_info_response: too many replies");
0
316 if (nresp > 0) {
nresp > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
317 response = xcalloc(nresp, sizeof(char *));-
318 for (i = 0; i < nresp; i++)
i < nrespDescription
TRUEnever evaluated
FALSEnever evaluated
0
319 if ((r = sshpkt_get_cstring(ssh, &response[i],
(r = sshpkt_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
320 NULL)) != 0)
(r = sshpkt_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
321 fatal("%s: %s", __func__, ssh_err(r));
never executed: fatal("%s: %s", __func__, ssh_err(r));
0
322 }
never executed: end of block
0
323 if ((r = sshpkt_get_end(ssh)) != 0)
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
324 fatal("%s: %s", __func__, ssh_err(r));
never executed: fatal("%s: %s", __func__, ssh_err(r));
0
325-
326 res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);-
327-
328 for (i = 0; i < nresp; i++) {
i < nrespDescription
TRUEnever evaluated
FALSEnever evaluated
0
329 explicit_bzero(response[i], strlen(response[i]));-
330 free(response[i]);-
331 }
never executed: end of block
0
332 free(response);-
333-
334 switch (res) {-
335 case 0:
never executed: case 0:
0
336 /* Success! */-
337 authenticated = authctxt->valid ? 1 : 0;
authctxt->validDescription
TRUEnever evaluated
FALSEnever evaluated
0
338 break;
never executed: break;
0
339 case 1:
never executed: case 1:
0
340 /* Authentication needs further interaction */-
341 if (send_userauth_info_request(ssh) == 1)
send_userauth_...uest(ssh) == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
342 authctxt->postponed = 1;
never executed: authctxt->postponed = 1;
0
343 break;
never executed: break;
0
344 default:
never executed: default:
0
345 /* Failure! */-
346 break;
never executed: break;
0
347 }-
348 devicename = kbdintctxt->device->name;-
349 if (!authctxt->postponed) {
!authctxt->postponedDescription
TRUEnever evaluated
FALSEnever evaluated
0
350 if (authenticated) {
authenticatedDescription
TRUEnever evaluated
FALSEnever evaluated
0
351 auth2_challenge_stop(ssh);-
352 } else {
never executed: end of block
0
353 /* start next device */-
354 /* may set authctxt->postponed */-
355 auth2_challenge_start(ssh);-
356 }
never executed: end of block
0
357 }-
358 userauth_finish(ssh, authenticated, "keyboard-interactive",-
359 devicename);-
360 return 0;
never executed: return 0;
0
361}-
362-
363void-
364privsep_challenge_enable(void)-
365{-
366#if defined(BSD_AUTH) || defined(USE_PAM)-
367 int n = 0;-
368#endif-
369#ifdef BSD_AUTH-
370 extern KbdintDevice mm_bsdauth_device;-
371#endif-
372#ifdef USE_PAM-
373 extern KbdintDevice mm_sshpam_device;-
374#endif-
375-
376#ifdef BSD_AUTH-
377 devices[n++] = &mm_bsdauth_device;-
378#else-
379#ifdef USE_PAM-
380 devices[n++] = &mm_sshpam_device;-
381#endif-
382#endif-
383}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2