/* * opie.c -- One-Time Password authentication. * * For license terms, see the file COPYING in this directory. */ #include "config.h" #include "fetchmail.h" #include #include #include #if defined(STDC_HEADERS) #include #endif #include "socket.h" #include "i18n.h" #include "fm_md5.h" #ifdef OPIE_ENABLE #ifdef __cplusplus extern "C" { #endif #include #ifdef __cplusplus } #endif int do_otp(int sock, const char *command, struct query *ctl) { int i, rval; char buffer[128]; char challenge[OPIE_CHALLENGE_MAX+1+8]; char response[OPIE_RESPONSE_MAX+1]; gen_send(sock, "%s X-OTP", command); if ((rval = gen_recv(sock, buffer, sizeof(buffer)))) return rval; if (strncmp(buffer, "+", 1)) { report(stderr, GT_("server recv fatal\n")); return PS_AUTHFAIL; } to64frombits(buffer, ctl->remotename, strlen(ctl->remotename), sizeof(buffer)); suppress_tags = TRUE; gen_send(sock, "%s", buffer); suppress_tags = FALSE; if ((rval = gen_recv(sock, buffer, sizeof(buffer)))) return rval; memset(challenge, '\0', sizeof(challenge)); if ((i = from64tobits(challenge, buffer+2, sizeof(challenge))) < 0) { report(stderr, GT_("Could not decode OTP challenge\n")); return PS_AUTHFAIL; }; memset(response, '\0', sizeof(response)); rval = opiegenerator(challenge, ctl->password, response); if ((rval == -2) && !run.poll_interval) { char secret[OPIE_SECRET_MAX+1]; fprintf(stderr, GT_("Secret pass phrase: ")); if (opiereadpass(secret, sizeof(secret), 0)) rval = opiegenerator(challenge, secret, response); memset(secret, 0, sizeof(secret)); }; if (rval) return(PS_AUTHFAIL); to64frombits(buffer, response, strlen(response), sizeof(buffer)); suppress_tags = TRUE; gen_send(sock, "%s", buffer); suppress_tags = FALSE; if ((rval = gen_recv(sock, buffer, sizeof(buffer)))) return rval; return PS_SUCCESS; } #endif /* OPIE_ENABLE */ /* opie.c ends here */