src/usr.bin/ssh/auth2-chall.c - diff

Return to auth2-chall.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth2-chall.c between version 1.8 and 1.8.2.5

version 1.8, 2001/09/27 15:31:17

version 1.8.2.5, 2002/10/11 14:53:06

Line 27

#include "ssh2.h"

#include "auth.h"

#include "buffer.h"

#include "packet.h"

#include "xmalloc.h"

#include "dispatch.h"

Line 35

Line 36

static int auth2_challenge_start(Authctxt *);

static int send_userauth_info_request(Authctxt *);

static void input_userauth_info_response(int, int, void *);

static void input_userauth_info_response(int, u_int32_t, void *);

#ifdef BSD_AUTH

extern KbdintDevice bsdauth_device;

Line 62

Line 63

char *devices;

void *ctxt;

KbdintDevice *device;

u_int nreq;

};

static KbdintAuthctxt *

kbdint_alloc(const char *devs)

{

KbdintAuthctxt *kbdintctxt;

Buffer b;

int i;

char buf[1024];

kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));

if (strcmp(devs, "") == 0) {

buf[0] = '\0';

buffer_init(&b);

for (i = 0; devices[i]; i++) {

if (i != 0)

if (buffer_len(&b) > 0)

strlcat(buf, ",", sizeof(buf));

buffer_append(&b, ",", 1);

strlcat(buf, devices[i]->name, sizeof(buf));

buffer_append(&b, devices[i]->name,

strlen(devices[i]->name));

}

debug("kbdint_alloc: devices '%s'", buf);

buffer_append(&b, "\0", 1);

kbdintctxt->devices = xstrdup(buf);

kbdintctxt->devices = xstrdup(buffer_ptr(&b));

buffer_free(&b);

} else {

kbdintctxt->devices = xstrdup(devs);

}

debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);

kbdintctxt->ctxt = NULL;

kbdintctxt->device = NULL;

kbdintctxt->nreq = 0;

return kbdintctxt;

}

Line 151

Line 157

if (authctxt->user == NULL || !devs)

return 0;

if (authctxt->kbdintctxt == NULL)

authctxt->kbdintctxt = kbdint_alloc(devs);

return auth2_challenge_start(authctxt);

}

/* unregister kbd-int callbacks and context */

void

auth2_challenge_stop(Authctxt *authctxt)

{

/* unregister callback */

dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);

if (authctxt->kbdintctxt != NULL) {

kbdint_free(authctxt->kbdintctxt);

authctxt->kbdintctxt = NULL;

}

/* side effect: sets authctxt->postponed if a reply was sent*/

static int

auth2_challenge_start(Authctxt *authctxt)

Line 166

Line 184

kbdintctxt->devices ? kbdintctxt->devices : "<empty>");

if (kbdint_next_device(kbdintctxt) == 0) {

kbdint_free(kbdintctxt);

auth2_challenge_stop(authctxt);

authctxt->kbdintctxt = NULL;

return 0;

}

debug("auth2_challenge_start: trying authentication method '%s'",

kbdintctxt->device->name);

if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) {

kbdint_free(kbdintctxt);

auth2_challenge_stop(authctxt);

authctxt->kbdintctxt = NULL;

return 0;

}

if (send_userauth_info_request(authctxt) == 0) {

kbdint_free(kbdintctxt);

auth2_challenge_stop(authctxt);

authctxt->kbdintctxt = NULL;

return 0;

}

dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,

Line 196

Line 211

KbdintAuthctxt *kbdintctxt;

char *name, *instr, **prompts;

int i;

u_int numprompts, *echo_on;

u_int *echo_on;

kbdintctxt = authctxt->kbdintctxt;

if (kbdintctxt->device->query(kbdintctxt->ctxt,

&name, &instr, &numprompts, &prompts, &echo_on))

&name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))

return 0;

packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);

packet_put_cstring(name);

packet_put_cstring(instr);

packet_put_cstring(""); /* language not used */

packet_put_int(numprompts);

packet_put_int(kbdintctxt->nreq);

for (i = 0; i < numprompts; i++) {

for (i = 0; i < kbdintctxt->nreq; i++) {

packet_put_cstring(prompts[i]);

packet_put_char(echo_on[i]);

}

packet_send();

packet_write_wait();

for (i = 0; i < numprompts; i++)

for (i = 0; i < kbdintctxt->nreq; i++)

xfree(prompts[i]);

xfree(prompts);

xfree(echo_on);

Line 225

Line 240

}

static void

input_userauth_info_response(int type, int plen, void *ctxt)

input_userauth_info_response(int type, u_int32_t seq, void *ctxt)

{

Authctxt *authctxt = ctxt;

KbdintAuthctxt *kbdintctxt;

Line 243

Line 258

authctxt->postponed = 0; /* reset */

nresp = packet_get_int();

if (nresp != kbdintctxt->nreq)

fatal("input_userauth_info_response: wrong number of replies");

if (nresp > 100)

fatal("input_userauth_info_response: too many replies");

if (nresp > 0) {

response = xmalloc(nresp * sizeof(char*));

response = xmalloc(nresp * sizeof(char *));

for (i = 0; i < nresp; i++)

response[i] = packet_get_string(NULL);

}

packet_done();

packet_check_eom();

if (authctxt->valid) {

res = kbdintctxt->device->respond(kbdintctxt->ctxt,

Line 271

Line 290

break;

case 1:

/* Authentication needs further interaction */

authctxt->postponed = 1;

if (send_userauth_info_request(authctxt) == 1)

if (send_userauth_info_request(authctxt) == 0) {

authctxt->postponed = 1;

authctxt->postponed = 0;

}

break;

default:

/* Failure! */

Line 284

Line 301

len = strlen("keyboard-interactive") + 2 +

strlen(kbdintctxt->device->name);

method = xmalloc(len);

method[0] = '\0';

snprintf(method, len, "keyboard-interactive/%s",

strlcat(method, "keyboard-interactive", len);

kbdintctxt->device->name);

strlcat(method, "/", len);

strlcat(method, kbdintctxt->device->name, len);

if (!authctxt->postponed) {

/* unregister callback */

dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);

if (authenticated) {

kbdint_free(kbdintctxt);

auth2_challenge_stop(authctxt);

authctxt->kbdintctxt = NULL;

} else {

/* start next device */

/* may set authctxt->postponed */

Line 304

Line 315

}

userauth_finish(authctxt, authenticated, method);

xfree(method);

}

void

privsep_challenge_enable(void)

{

#ifdef BSD_AUTH

extern KbdintDevice mm_bsdauth_device;

#endif

#ifdef SKEY

extern KbdintDevice mm_skey_device;

#endif

/* As long as SSHv1 has devices[0] hard coded this is fine */

#ifdef BSD_AUTH

devices[0] = &mm_bsdauth_device;

#else

#ifdef SKEY

devices[0] = &mm_skey_device;

#endif

}