| version 1.8.2.3, 2001/03/21 19:46:31 |
version 1.8.2.4, 2001/05/07 21:09:37 |
|
|
| int plen, clen; |
int plen, clen; |
| |
|
| /* Try to load identification for the authentication key. */ |
/* Try to load identification for the authentication key. */ |
| public = key_new(KEY_RSA1); |
/* XXKEYLOAD */ |
| if (!load_public_key(authfile, public, &comment)) { |
public = key_load_public_type(KEY_RSA1, authfile, &comment); |
| key_free(public); |
if (public == NULL) { |
| /* Could not load it. Fail. */ |
/* Could not load it. Fail. */ |
| return 0; |
return 0; |
| } |
} |
|
|
| |
|
| debug("Received RSA challenge from server."); |
debug("Received RSA challenge from server."); |
| |
|
| private = key_new(KEY_RSA1); |
|
| /* |
/* |
| * Load the private key. Try first with empty passphrase; if it |
* Load the private key. Try first with empty passphrase; if it |
| * fails, ask for a passphrase. |
* fails, ask for a passphrase. |
| */ |
*/ |
| if (!load_private_key(authfile, "", private, NULL)) { |
private = key_load_private_type(KEY_RSA1, authfile, "", NULL); |
| |
if (private == NULL) { |
| char buf[300]; |
char buf[300]; |
| snprintf(buf, sizeof buf, "Enter passphrase for RSA key '%.100s': ", |
snprintf(buf, sizeof buf, "Enter passphrase for RSA key '%.100s': ", |
| comment); |
comment); |
|
|
| } |
} |
| |
|
| /* Load the authentication file using the pasphrase. */ |
/* Load the authentication file using the pasphrase. */ |
| if (!load_private_key(authfile, passphrase, private, NULL)) { |
private = key_load_private_type(KEY_RSA1, authfile, passphrase, NULL); |
| |
if (private == NULL) { |
| memset(passphrase, 0, strlen(passphrase)); |
memset(passphrase, 0, strlen(passphrase)); |
| xfree(passphrase); |
xfree(passphrase); |
| error("Bad passphrase."); |
error("Bad passphrase."); |
|
|
| /* Expect the server to reject it... */ |
/* Expect the server to reject it... */ |
| packet_read_expect(&plen, SSH_SMSG_FAILURE); |
packet_read_expect(&plen, SSH_SMSG_FAILURE); |
| xfree(comment); |
xfree(comment); |
| key_free(private); |
|
| BN_clear_free(challenge); |
BN_clear_free(challenge); |
| return 0; |
return 0; |
| } |
} |
|
|
| * authentication and RSA host authentication. |
* authentication and RSA host authentication. |
| */ |
*/ |
| int |
int |
| try_rhosts_rsa_authentication(const char *local_user, RSA * host_key) |
try_rhosts_rsa_authentication(const char *local_user, Key * host_key) |
| { |
{ |
| int type; |
int type; |
| BIGNUM *challenge; |
BIGNUM *challenge; |
|
|
| /* Tell the server that we are willing to authenticate using this key. */ |
/* Tell the server that we are willing to authenticate using this key. */ |
| packet_start(SSH_CMSG_AUTH_RHOSTS_RSA); |
packet_start(SSH_CMSG_AUTH_RHOSTS_RSA); |
| packet_put_string(local_user, strlen(local_user)); |
packet_put_string(local_user, strlen(local_user)); |
| packet_put_int(BN_num_bits(host_key->n)); |
packet_put_int(BN_num_bits(host_key->rsa->n)); |
| packet_put_bignum(host_key->e); |
packet_put_bignum(host_key->rsa->e); |
| packet_put_bignum(host_key->n); |
packet_put_bignum(host_key->rsa->n); |
| packet_send(); |
packet_send(); |
| packet_write_wait(); |
packet_write_wait(); |
| |
|
|
|
| debug("Received RSA challenge for host key from server."); |
debug("Received RSA challenge for host key from server."); |
| |
|
| /* Compute a response to the challenge. */ |
/* Compute a response to the challenge. */ |
| respond_to_rsa_challenge(challenge, host_key); |
respond_to_rsa_challenge(challenge, host_key->rsa); |
| |
|
| /* We no longer need the challenge. */ |
/* We no longer need the challenge. */ |
| BN_clear_free(challenge); |
BN_clear_free(challenge); |
|
|
| * Authenticate user |
* Authenticate user |
| */ |
*/ |
| void |
void |
| ssh_userauth( |
ssh_userauth1(const char *local_user, const char *server_user, char *host, |
| const char *local_user, |
Key **keys, int nkeys) |
| const char *server_user, |
|
| char *host, |
|
| int host_key_valid, RSA *own_host_key) |
|
| { |
{ |
| int i, type; |
int i, type; |
| int payload_len; |
int payload_len; |
| |
|
| if (supported_authentications == 0) |
if (supported_authentications == 0) |
| fatal("ssh_userauth: server supports no auth methods"); |
fatal("ssh_userauth1: server supports no auth methods"); |
| |
|
| /* Send the name of the user to log in as on the server. */ |
/* Send the name of the user to log in as on the server. */ |
| packet_start(SSH_CMSG_USER); |
packet_start(SSH_CMSG_USER); |
|
|
| * authentication. |
* authentication. |
| */ |
*/ |
| if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) && |
if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) && |
| options.rhosts_rsa_authentication && host_key_valid) { |
options.rhosts_rsa_authentication) { |
| if (try_rhosts_rsa_authentication(local_user, own_host_key)) |
for (i = 0; i < nkeys; i++) { |
| return; |
if (keys[i] != NULL && keys[i]->type == KEY_RSA1 && |
| |
try_rhosts_rsa_authentication(local_user, keys[i])) |
| |
return; |
| |
} |
| } |
} |
| /* Try RSA authentication if the server supports it. */ |
/* Try RSA authentication if the server supports it. */ |
| if ((supported_authentications & (1 << SSH_AUTH_RSA)) && |
if ((supported_authentications & (1 << SSH_AUTH_RSA)) && |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshconnect1.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh