shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 09:54:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

Improve wait_auth_status().

Browse Source 
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@662 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Andreas Schneider
2009-04-30 14:18:44 +00:00
parent a1802f1c32
commit e8f783eb36
1 changed files with 102 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

185
libssh/auth.c
View File

@@ -53,92 +53,111 @@ static int ask_userauth(SSH_SESSION *session) {
return rc; return rc;
} }
static int wait_auth_status(SSH_SESSION *session,int kbdint){ static int wait_auth_status(SSH_SESSION *session, int kbdint) {
int err=SSH_AUTH_ERROR; char *auth_methods = NULL;
int cont=1; STRING *auth;
STRING *auth; int rc = SSH_AUTH_ERROR;
u8 partial=0; int cont = 1;
char *auth_methods = NULL; u8 partial = 0;
enter_function();
while(cont){
if(packet_read(session))
break;
if(packet_translate(session) != SSH_OK)
break;
switch(session->in_packet.type){
case SSH2_MSG_USERAUTH_FAILURE:
auth = buffer_get_ssh_string(session->in_buffer);
if(!auth || buffer_get_u8(session->in_buffer,&partial)!=1 ){
ssh_set_error(session,SSH_FATAL,
"invalid SSH_MSG_USERAUTH_FAILURE message");
leave_function();
return SSH_AUTH_ERROR;
}
auth_methods = string_to_char(auth);
if(partial) {
err=SSH_AUTH_PARTIAL;
ssh_set_error(session,SSH_NO_ERROR,"partial success, authentications that can continue : %s", auth_methods);
} else {
err=SSH_AUTH_DENIED;
ssh_set_error(session,SSH_REQUEST_DENIED,"Access denied. authentications that can continue : %s", auth_methods);
session->auth_methods = 0; enter_function();
if (strstr(auth_methods, "password") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_PASSWORD;
}
if (strstr(auth_methods, "keyboard-interactive") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_INTERACTIVE;
}
if (strstr(auth_methods, "publickey") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_PUBLICKEY;
}
if (strstr(auth_methods, "hostbased") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_HOSTBASED;
}
}
while (cont) {
free(auth); if (packet_read(session) != SSH_OK) {
free(auth_methods); break;
cont=0;
break;
case SSH2_MSG_USERAUTH_PK_OK:
/* SSH monkeys have defined the same number for both */
/* SSH_MSG_USERAUTH_PK_OK and SSH_MSG_USERAUTH_INFO_REQUEST */
/* which is not really smart; */
/*case SSH2_MSG_USERAUTH_INFO_REQUEST: */
if(kbdint){
err=SSH_AUTH_INFO;
cont=0;
break;
}
/* continue through success */
case SSH2_MSG_USERAUTH_SUCCESS:
err=SSH_AUTH_SUCCESS;
cont=0;
break;
case SSH2_MSG_USERAUTH_BANNER:
{
STRING *banner=buffer_get_ssh_string(session->in_buffer);
if(!banner){
ssh_log(session, SSH_LOG_PACKET,
"The banner message was invalid. continuing though\n");
break;
}
ssh_log(session, SSH_LOG_PACKET,
"Received a message banner\n");
if(session->banner)
free(session->banner); /* erase the older one */
session->banner=banner;
break;
}
default:
packet_parse(session);
break;
}
} }
leave_function(); if (packet_translate(session) != SSH_OK) {
return err; break;
}
switch (session->in_packet.type) {
case SSH2_MSG_USERAUTH_FAILURE:
auth = buffer_get_ssh_string(session->in_buffer);
if (auth == NULL || buffer_get_u8(session->in_buffer, &partial) != 1) {
ssh_set_error(session, SSH_FATAL,
"Invalid SSH_MSG_USERAUTH_FAILURE message");
leave_function();
return SSH_AUTH_ERROR;
}
auth_methods = string_to_char(auth);
if (auth_methods == NULL) {
ssh_set_error(session, SSH_FATAL,
"Not enough space");
string_free(auth);
leave_function();
return SSH_AUTH_ERROR;
}
if (partial) {
rc = SSH_AUTH_PARTIAL;
ssh_set_error(session, SSH_NO_ERROR,
"Partial success. Authentication that can continue: %s",
auth_methods);
} else {
rc = SSH_AUTH_DENIED;
ssh_set_error(session, SSH_REQUEST_DENIED,
"Access denied. Authentication that can continue: %s",
auth_methods);
session->auth_methods = 0;
if (strstr(auth_methods, "password") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_PASSWORD;
}
if (strstr(auth_methods, "keyboard-interactive") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_INTERACTIVE;
}
if (strstr(auth_methods, "publickey") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_PUBLICKEY;
}
if (strstr(auth_methods, "hostbased") != NULL) {
session->auth_methods |= SSH_AUTH_METHOD_HOSTBASED;
}
}
string_free(auth);
SAFE_FREE(auth_methods);
cont = 0;
break;
case SSH2_MSG_USERAUTH_PK_OK:
/* SSH monkeys have defined the same number for both */
/* SSH_MSG_USERAUTH_PK_OK and SSH_MSG_USERAUTH_INFO_REQUEST */
/* which is not really smart; */
/*case SSH2_MSG_USERAUTH_INFO_REQUEST: */
if (kbdint) {
rc = SSH_AUTH_INFO;
cont = 0;
break;
}
/* continue through success */
case SSH2_MSG_USERAUTH_SUCCESS:
rc = SSH_AUTH_SUCCESS;
cont = 0;
break;
case SSH2_MSG_USERAUTH_BANNER:
{
STRING *banner;
banner = buffer_get_ssh_string(session->in_buffer);
if (banner == NULL) {
ssh_log(session, SSH_LOG_PACKET,
"The banner message was invalid. Continuing though\n");
break;
}
ssh_log(session, SSH_LOG_PACKET,
"Received a message banner\n");
string_free(session->banner); /* erase the older one */
session->banner = banner;
break;
}
default:
packet_parse(session);
break;
}
}
leave_function();
return rc;
} }
int ssh_auth_list(SSH_SESSION *session) { int ssh_auth_list(SSH_SESSION *session) {