=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth2-chall.c,v retrieving revision 1.4.2.2 retrieving revision 1.4.2.3 diff -u -r1.4.2.2 -r1.4.2.3 --- src/usr.bin/ssh/auth2-chall.c 2001/11/15 00:15:19 1.4.2.2 +++ src/usr.bin/ssh/auth2-chall.c 2002/03/09 00:20:43 1.4.2.3 @@ -23,10 +23,11 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.4.2.2 2001/11/15 00:15:19 miod Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.4.2.3 2002/03/09 00:20:43 miod Exp $"); #include "ssh2.h" #include "auth.h" +#include "buffer.h" #include "packet.h" #include "xmalloc.h" #include "dispatch.h" @@ -35,7 +36,7 @@ static int auth2_challenge_start(Authctxt *); static int send_userauth_info_request(Authctxt *); -static void input_userauth_info_response(int, int, void *); +static void input_userauth_info_response(int, u_int32_t, void *); #ifdef BSD_AUTH extern KbdintDevice bsdauth_device; @@ -68,22 +69,25 @@ kbdint_alloc(const char *devs) { KbdintAuthctxt *kbdintctxt; + Buffer b; int i; - char buf[1024]; kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); if (strcmp(devs, "") == 0) { - buf[0] = '\0'; + buffer_init(&b); for (i = 0; devices[i]; i++) { - if (i != 0) - strlcat(buf, ",", sizeof(buf)); - strlcat(buf, devices[i]->name, sizeof(buf)); + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + buffer_append(&b, devices[i]->name, + strlen(devices[i]->name)); } - debug("kbdint_alloc: devices '%s'", buf); - kbdintctxt->devices = xstrdup(buf); + buffer_append(&b, "\0", 1); + kbdintctxt->devices = xstrdup(buffer_ptr(&b)); + buffer_free(&b); } else { kbdintctxt->devices = xstrdup(devs); } + debug("kbdint_alloc: devices '%s'", kbdintctxt->devices); kbdintctxt->ctxt = NULL; kbdintctxt->device = NULL; @@ -151,11 +155,23 @@ if (authctxt->user == NULL || !devs) return 0; - if (authctxt->kbdintctxt == NULL) + if (authctxt->kbdintctxt == NULL) authctxt->kbdintctxt = kbdint_alloc(devs); return auth2_challenge_start(authctxt); } +/* unregister kbd-int callbacks and context */ +void +auth2_challenge_stop(Authctxt *authctxt) +{ + /* unregister callback */ + dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); + if (authctxt->kbdintctxt != NULL) { + kbdint_free(authctxt->kbdintctxt); + authctxt->kbdintctxt = NULL; + } +} + /* side effect: sets authctxt->postponed if a reply was sent*/ static int auth2_challenge_start(Authctxt *authctxt) @@ -166,21 +182,18 @@ kbdintctxt->devices ? kbdintctxt->devices : ""); if (kbdint_next_device(kbdintctxt) == 0) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); return 0; } debug("auth2_challenge_start: trying authentication method '%s'", kbdintctxt->device->name); if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); return 0; } if (send_userauth_info_request(authctxt) == 0) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); return 0; } dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, @@ -225,7 +238,7 @@ } static void -input_userauth_info_response(int type, int plen, void *ctxt) +input_userauth_info_response(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; KbdintAuthctxt *kbdintctxt; @@ -248,7 +261,7 @@ for (i = 0; i < nresp; i++) response[i] = packet_get_string(NULL); } - packet_done(); + packet_check_eom(); if (authctxt->valid) { res = kbdintctxt->device->respond(kbdintctxt->ctxt, @@ -271,10 +284,8 @@ break; case 1: /* Authentication needs further interaction */ - authctxt->postponed = 1; - if (send_userauth_info_request(authctxt) == 0) { - authctxt->postponed = 0; - } + if (send_userauth_info_request(authctxt) == 1) + authctxt->postponed = 1; break; default: /* Failure! */ @@ -284,18 +295,12 @@ len = strlen("keyboard-interactive") + 2 + strlen(kbdintctxt->device->name); method = xmalloc(len); - method[0] = '\0'; - strlcat(method, "keyboard-interactive", len); - strlcat(method, "/", len); - strlcat(method, kbdintctxt->device->name, len); + snprintf(method, len, "keyboard-interactive/%s", + kbdintctxt->device->name); if (!authctxt->postponed) { - /* unregister callback */ - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); - if (authenticated) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); } else { /* start next device */ /* may set authctxt->postponed */