diff options
author | Damien Miller <djm@mindrot.org> | 2018-07-20 13:18:28 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-07-31 12:59:30 +1000 |
commit | 87f08be054b7eeadbb9cdeb3fb4872be79ccf218 (patch) | |
tree | 80bfc724ddd93228b8571702a2f153787994022b /monitor_wrap.c | |
parent | 5d14019ba2ff54acbfd20a6b9b96bb860a8c7c31 (diff) | |
download | openssh-git-87f08be054b7eeadbb9cdeb3fb4872be79ccf218.tar.gz |
Remove support for S/Key
Most people will 1) be using modern multi-factor authentication methods
like TOTP/OATH etc and 2) be getting support for multi-factor
authentication via PAM or BSD Auth.
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r-- | monitor_wrap.c | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c index 3cb26c2a..732fb347 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -867,73 +867,6 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses) return ((authok == 0) ? -1 : 0); } -#ifdef SKEY -int -mm_skey_query(void *ctx, char **name, char **infotxt, - u_int *numprompts, char ***prompts, u_int **echo_on) -{ - struct sshbuf *m; - u_int success; - char *challenge; - int r; - - debug3("%s: entering", __func__); - - if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, m); - - mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY, m); - if ((r = sshbuf_get_u32(m, &success)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (success == 0) { - debug3("%s: no challenge", __func__); - sshbuf_free(m); - return (-1); - } - - /* Get the challenge, and format the response */ - if ((r = sshbuf_get_cstring(m, &challenge, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - sshbuf_free(m); - - debug3("%s: received challenge: %s", __func__, challenge); - - mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); - - xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); - free(challenge); - - return (0); -} - -int -mm_skey_respond(void *ctx, u_int numresponses, char **responses) -{ - struct sshbuf *m; - int authok, r; - - debug3("%s: entering", __func__); - if (numresponses != 1) - return (-1); - - if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((r = sshbuf_put_cstring(m, responses[0])) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, m); - - mm_request_receive_expect(pmonitor->m_recvfd, - MONITOR_ANS_SKEYRESPOND, m); - - if ((r = sshbuf_get_u32(m, &authok)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - sshbuf_free(m); - - return ((authok == 0) ? -1 : 0); -} -#endif /* SKEY */ - #ifdef SSH_AUDIT_EVENTS void mm_audit_event(ssh_audit_event_t event) |