version 1.35, 2001/06/23 15:12:21 |
version 1.36, 2001/06/23 22:37:46 |
|
|
try_rsa_authentication(const char *authfile) |
try_rsa_authentication(const char *authfile) |
{ |
{ |
BIGNUM *challenge; |
BIGNUM *challenge; |
Key *public; |
Key *public, *private; |
Key *private; |
char buf[300], *passphrase, *comment; |
char *passphrase, *comment; |
int i, type, quit, plen, clen; |
int type, i; |
|
int plen, clen; |
|
|
|
/* Try to load identification for the authentication key. */ |
/* Try to load identification for the authentication key. */ |
/* XXKEYLOAD */ |
/* XXKEYLOAD */ |
|
|
* fails, ask for a passphrase. |
* fails, ask for a passphrase. |
*/ |
*/ |
private = key_load_private_type(KEY_RSA1, authfile, "", NULL); |
private = key_load_private_type(KEY_RSA1, authfile, "", NULL); |
if (private == NULL) { |
if (private == NULL && !options.batch_mode) { |
char buf[300]; |
snprintf(buf, sizeof(buf), |
snprintf(buf, sizeof buf, "Enter passphrase for RSA key '%.100s': ", |
"Enter passphrase for RSA key '%.100s': ", comment); |
comment); |
for (i = 0; i < options.number_of_password_prompts; i++) { |
if (!options.batch_mode) |
|
passphrase = read_passphrase(buf, 0); |
passphrase = read_passphrase(buf, 0); |
else { |
if (strcmp(passphrase, "") != 0) { |
debug("Will not query passphrase for %.100s in batch mode.", |
private = key_load_private_type(KEY_RSA1, |
comment); |
authfile, passphrase, NULL); |
passphrase = xstrdup(""); |
quit = 0; |
} |
} else { |
|
debug2("no passphrase given, try next key"); |
/* Load the authentication file using the pasphrase. */ |
quit = 1; |
private = key_load_private_type(KEY_RSA1, authfile, passphrase, NULL); |
} |
if (private == NULL) { |
|
memset(passphrase, 0, strlen(passphrase)); |
memset(passphrase, 0, strlen(passphrase)); |
xfree(passphrase); |
xfree(passphrase); |
error("Bad passphrase."); |
if (private != NULL || quit) |
|
break; |
/* Send a dummy response packet to avoid protocol error. */ |
debug2("bad passphrase given, try again..."); |
packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); |
|
for (i = 0; i < 16; i++) |
|
packet_put_char(0); |
|
packet_send(); |
|
packet_write_wait(); |
|
|
|
/* Expect the server to reject it... */ |
|
packet_read_expect(&plen, SSH_SMSG_FAILURE); |
|
xfree(comment); |
|
BN_clear_free(challenge); |
|
return 0; |
|
} |
} |
/* Destroy the passphrase. */ |
|
memset(passphrase, 0, strlen(passphrase)); |
|
xfree(passphrase); |
|
} |
} |
/* We no longer need the comment. */ |
/* We no longer need the comment. */ |
xfree(comment); |
xfree(comment); |
|
|
|
if (private == NULL) { |
|
if (!options.batch_mode) |
|
error("Bad passphrase."); |
|
|
|
/* Send a dummy response packet to avoid protocol error. */ |
|
packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); |
|
for (i = 0; i < 16; i++) |
|
packet_put_char(0); |
|
packet_send(); |
|
packet_write_wait(); |
|
|
|
/* Expect the server to reject it... */ |
|
packet_read_expect(&plen, SSH_SMSG_FAILURE); |
|
BN_clear_free(challenge); |
|
return 0; |
|
} |
|
|
/* Compute and send a response to the challenge. */ |
/* Compute and send a response to the challenge. */ |
respond_to_rsa_challenge(challenge, private->rsa); |
respond_to_rsa_challenge(challenge, private->rsa); |