Mercurial > dropbear
comparison cli-auth.c @ 165:0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 02 Jan 2005 20:25:56 +0000 |
| parents | 2be6aa26a8c9 |
| children | 161557a9dde8 |
comparison
equal
deleted
inserted
replaced
| 161:b9d3f725e00b | 165:0cfba3034be5 |
|---|---|
| 40 | 40 |
| 41 | 41 |
| 42 /* Send a "none" auth request to get available methods */ | 42 /* Send a "none" auth request to get available methods */ |
| 43 void cli_auth_getmethods() { | 43 void cli_auth_getmethods() { |
| 44 | 44 |
| 45 TRACE(("enter cli_auth_getmethods")); | 45 TRACE(("enter cli_auth_getmethods")) |
| 46 | 46 |
| 47 CHECKCLEARTOWRITE(); | 47 CHECKCLEARTOWRITE(); |
| 48 | 48 |
| 49 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); | 49 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); |
| 50 buf_putstring(ses.writepayload, cli_opts.username, | 50 buf_putstring(ses.writepayload, cli_opts.username, |
| 52 buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, | 52 buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, |
| 53 SSH_SERVICE_CONNECTION_LEN); | 53 SSH_SERVICE_CONNECTION_LEN); |
| 54 buf_putstring(ses.writepayload, "none", 4); /* 'none' method */ | 54 buf_putstring(ses.writepayload, "none", 4); /* 'none' method */ |
| 55 | 55 |
| 56 encrypt_packet(); | 56 encrypt_packet(); |
| 57 TRACE(("leave cli_auth_getmethods")); | 57 TRACE(("leave cli_auth_getmethods")) |
| 58 | 58 |
| 59 } | 59 } |
| 60 | 60 |
| 61 void recv_msg_userauth_banner() { | 61 void recv_msg_userauth_banner() { |
| 62 | 62 |
| 63 unsigned char* banner = NULL; | 63 unsigned char* banner = NULL; |
| 64 unsigned int bannerlen; | 64 unsigned int bannerlen; |
| 65 unsigned int i, linecount; | 65 unsigned int i, linecount; |
| 66 | 66 |
| 67 TRACE(("enter recv_msg_userauth_banner")); | 67 TRACE(("enter recv_msg_userauth_banner")) |
| 68 if (ses.authstate.authdone) { | 68 if (ses.authstate.authdone) { |
| 69 TRACE(("leave recv_msg_userauth_banner: banner after auth done")); | 69 TRACE(("leave recv_msg_userauth_banner: banner after auth done")) |
| 70 return; | 70 return; |
| 71 } | 71 } |
| 72 | 72 |
| 73 banner = buf_getstring(ses.payload, &bannerlen); | 73 banner = buf_getstring(ses.payload, &bannerlen); |
| 74 buf_eatstring(ses.payload); /* The language string */ | 74 buf_eatstring(ses.payload); /* The language string */ |
| 75 | 75 |
| 76 if (bannerlen > MAX_BANNER_SIZE) { | 76 if (bannerlen > MAX_BANNER_SIZE) { |
| 77 TRACE(("recv_msg_userauth_banner: bannerlen too long: %d", bannerlen)); | 77 TRACE(("recv_msg_userauth_banner: bannerlen too long: %d", bannerlen)) |
| 78 goto out; | 78 goto out; |
| 79 } | 79 } |
| 80 | 80 |
| 81 cleantext(banner); | 81 cleantext(banner); |
| 82 | 82 |
| 94 | 94 |
| 95 printf("%s\n", banner); | 95 printf("%s\n", banner); |
| 96 | 96 |
| 97 out: | 97 out: |
| 98 m_free(banner); | 98 m_free(banner); |
| 99 TRACE(("leave recv_msg_userauth_banner")); | 99 TRACE(("leave recv_msg_userauth_banner")) |
| 100 } | 100 } |
| 101 | 101 |
| 102 | 102 |
| 103 void recv_msg_userauth_failure() { | 103 void recv_msg_userauth_failure() { |
| 104 | 104 |
| 106 unsigned char * tok = NULL; | 106 unsigned char * tok = NULL; |
| 107 unsigned int methlen = 0; | 107 unsigned int methlen = 0; |
| 108 unsigned int partial = 0; | 108 unsigned int partial = 0; |
| 109 unsigned int i = 0; | 109 unsigned int i = 0; |
| 110 | 110 |
| 111 TRACE(("<- MSG_USERAUTH_FAILURE")); | 111 TRACE(("<- MSG_USERAUTH_FAILURE")) |
| 112 TRACE(("enter recv_msg_userauth_failure")); | 112 TRACE(("enter recv_msg_userauth_failure")) |
| 113 | 113 |
| 114 if (cli_ses.state != USERAUTH_REQ_SENT) { | 114 if (cli_ses.state != USERAUTH_REQ_SENT) { |
| 115 /* Perhaps we should be more fatal? */ | 115 /* Perhaps we should be more fatal? */ |
| 116 TRACE(("But we didn't send a userauth request!!!!!!")); | 116 TRACE(("But we didn't send a userauth request!!!!!!")) |
| 117 return; | 117 return; |
| 118 } | 118 } |
| 119 | 119 |
| 120 #ifdef ENABLE_CLI_PUBKEY_AUTH | 120 #ifdef ENABLE_CLI_PUBKEY_AUTH |
| 121 /* If it was a pubkey auth request, we should cross that key | 121 /* If it was a pubkey auth request, we should cross that key |
| 133 dropbear_log(LOG_INFO, "Authentication partially succeeded, more attempts required"); | 133 dropbear_log(LOG_INFO, "Authentication partially succeeded, more attempts required"); |
| 134 } else { | 134 } else { |
| 135 ses.authstate.failcount++; | 135 ses.authstate.failcount++; |
| 136 } | 136 } |
| 137 | 137 |
| 138 TRACE(("Methods (len %d): '%s'", methlen, methods)); | 138 TRACE(("Methods (len %d): '%s'", methlen, methods)) |
| 139 | 139 |
| 140 ses.authstate.authdone=0; | 140 ses.authstate.authdone=0; |
| 141 ses.authstate.authtypes=0; | 141 ses.authstate.authtypes=0; |
| 142 | 142 |
| 143 /* Split with nulls rather than commas */ | 143 /* Split with nulls rather than commas */ |
| 148 } | 148 } |
| 149 | 149 |
| 150 tok = methods; /* tok stores the next method we'll compare */ | 150 tok = methods; /* tok stores the next method we'll compare */ |
| 151 for (i = 0; i <= methlen; i++) { | 151 for (i = 0; i <= methlen; i++) { |
| 152 if (methods[i] == '\0') { | 152 if (methods[i] == '\0') { |
| 153 TRACE(("auth method '%s'", tok)); | 153 TRACE(("auth method '%s'", tok)) |
| 154 #ifdef ENABLE_CLI_PUBKEY_AUTH | 154 #ifdef ENABLE_CLI_PUBKEY_AUTH |
| 155 if (strncmp(AUTH_METHOD_PUBKEY, tok, | 155 if (strncmp(AUTH_METHOD_PUBKEY, tok, |
| 156 AUTH_METHOD_PUBKEY_LEN) == 0) { | 156 AUTH_METHOD_PUBKEY_LEN) == 0) { |
| 157 ses.authstate.authtypes |= AUTH_TYPE_PUBKEY; | 157 ses.authstate.authtypes |= AUTH_TYPE_PUBKEY; |
| 158 } | 158 } |
| 171 | 171 |
| 172 m_free(methods); | 172 m_free(methods); |
| 173 | 173 |
| 174 cli_ses.state = USERAUTH_FAIL_RCVD; | 174 cli_ses.state = USERAUTH_FAIL_RCVD; |
| 175 | 175 |
| 176 TRACE(("leave recv_msg_userauth_failure")); | 176 TRACE(("leave recv_msg_userauth_failure")) |
| 177 } | 177 } |
| 178 | 178 |
| 179 void recv_msg_userauth_success() { | 179 void recv_msg_userauth_success() { |
| 180 TRACE(("received msg_userauth_success")); | 180 TRACE(("received msg_userauth_success")) |
| 181 ses.authstate.authdone = 1; | 181 ses.authstate.authdone = 1; |
| 182 cli_ses.state = USERAUTH_SUCCESS_RCVD; | 182 cli_ses.state = USERAUTH_SUCCESS_RCVD; |
| 183 } | 183 } |
| 184 | 184 |
| 185 void cli_auth_try() { | 185 void cli_auth_try() { |
| 186 | 186 |
| 187 TRACE(("enter cli_auth_try")); | 187 TRACE(("enter cli_auth_try")) |
| 188 int finished = 0; | 188 int finished = 0; |
| 189 | 189 |
| 190 CHECKCLEARTOWRITE(); | 190 CHECKCLEARTOWRITE(); |
| 191 | 191 |
| 192 /* XXX We hardcode that we try a pubkey first */ | 192 /* XXX We hardcode that we try a pubkey first */ |
| 206 | 206 |
| 207 if (!finished) { | 207 if (!finished) { |
| 208 dropbear_exit("No auth methods could be used."); | 208 dropbear_exit("No auth methods could be used."); |
| 209 } | 209 } |
| 210 | 210 |
| 211 TRACE(("leave cli_auth_try")); | 211 TRACE(("leave cli_auth_try")) |
| 212 } | 212 } |