-/*
+/*
Copyright (c) 1995-1998 by Cisco systems, Inc.
Permission to use, copy, modify, and distribute this software for
FITNESS FOR A PARTICULAR PURPOSE.
*/
-#ifdef SKEY
+
#include "tac_plus.h"
+
+#ifdef SKEY
+
+#include <skey.h>
+
+#include "skey_fn.h"
#include "expire.h"
+
/* internal state variables */
#define STATE_AUTHEN_START 0 /* no requests issued */
#define STATE_AUTHEN_GETUSER 1 /* username has been requested */
#define STATE_AUTHEN_GETPASS 2 /* password has been requested */
-#include <skey.h>
-
struct private_data {
struct skey skey;
char password[MAX_PASSWD_LEN + 1];
/* Use s/key to verify a supplied password using state set up earlier
when the username was supplied */
+static int skey_verify TAC_ARGS((char *passwd, struct authen_data *data));
+
static int
skey_verify(passwd, data)
char *passwd;
* Return 0 if data->status is valid, otherwise 1
*/
+int skey_fn TAC_ARGS((struct authen_data *data));
+
int
skey_fn(data)
struct authen_data *data;
default:
/* something awful has happened. Give up and die */
- report(LOG_ERR, "%s: skey_fn bad state %d",
+ report(LOG_ERR, "%s: skey_fn bad state %d",
session.peer, p->state);
return (1);
}
data->status = TAC_PLUS_AUTHEN_STATUS_GETPASS;
p->state = STATE_AUTHEN_GETPASS;
return (0);
- }
+ }
data->status = TAC_PLUS_AUTHEN_STATUS_ERROR;
report(LOG_ERR, "Cannot generate skey prompt for %s", name);
default:
data->status = TAC_PLUS_AUTHEN_STATUS_ERROR;
- report(LOG_ERR, "%s: Bogus service value %d from packet",
+ report(LOG_ERR, "%s: Bogus service value %d from packet",
session.peer, data->service);
break;
}
return (1);
}
}
-#else /* SKEY */
-/* The following code is not needed or used. It exists solely to
- prevent compilers from "helpfully" complaining that this source
- file is empty, which upsets novices building the software */
+#else /* SKEY */
-static int dummy = 0;
+TAC_SOURCEFILE_EMPTY
#endif /* SKEY */