comparison cli-authinteract.c @ 285:1b9e69c058d2

propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3) to branch 'au.asn.ucc.matt.dropbear' (head fdf4a7a3b97ae5046139915de7e40399cceb2c01)
author Matt Johnston <matt@ucc.asn.au>
date Wed, 08 Mar 2006 13:23:58 +0000
parents 475a818dd6e7
children 973fccb59ea4 31743c9bdf78
comparison
equal deleted inserted replaced
281:997e6f7dc01e 285:1b9e69c058d2
1 /*
2 * Dropbear SSH
3 *
4 * Copyright (c) 2005 Matt Johnston
5 * All rights reserved.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE. */
24
25 #include "includes.h"
26 #include "buffer.h"
27 #include "dbutil.h"
28 #include "session.h"
29 #include "ssh.h"
30 #include "runopts.h"
31
32 #ifdef ENABLE_CLI_INTERACT_AUTH
33
34 static unsigned char* get_response(unsigned char* prompt)
35 {
36 FILE* tty = NULL;
37 unsigned char* response = NULL;
38 /* not a password, but a reasonable limit */
39 char buf[DROPBEAR_MAX_CLI_PASS];
40 char* ret = NULL;
41
42 fprintf(stderr, "%s", prompt);
43
44 tty = fopen(_PATH_TTY, "r");
45 if (tty) {
46 ret = fgets(buf, sizeof(buf), tty);
47 fclose(tty);
48 } else {
49 ret = fgets(buf, sizeof(buf), stdin);
50 }
51
52 if (ret == NULL) {
53 response = (unsigned char*)m_strdup("");
54 } else {
55 unsigned int buflen = strlen(buf);
56 /* fgets includes newlines */
57 if (buflen > 0 && buf[buflen-1] == '\n')
58 buf[buflen-1] = '\0';
59 response = (unsigned char*)m_strdup(buf);
60 }
61
62 m_burn(buf, sizeof(buf));
63
64 return response;
65 }
66
67 void recv_msg_userauth_info_request() {
68
69 unsigned char *name = NULL;
70 unsigned char *instruction = NULL;
71 unsigned int num_prompts = 0;
72 unsigned int i;
73
74 unsigned char *prompt = NULL;
75 unsigned int echo = 0;
76 unsigned char *response = NULL;
77
78 TRACE(("enter recv_msg_recv_userauth_info_request"))
79
80 cli_ses.interact_request_received = 1;
81
82 name = buf_getstring(ses.payload, NULL);
83 instruction = buf_getstring(ses.payload, NULL);
84
85 /* language tag */
86 buf_eatstring(ses.payload);
87
88 num_prompts = buf_getint(ses.payload);
89
90 if (num_prompts >= DROPBEAR_MAX_CLI_INTERACT_PROMPTS) {
91 dropbear_exit("Too many prompts received for keyboard-interactive");
92 }
93
94 /* we'll build the response as we go */
95 CHECKCLEARTOWRITE();
96 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_INFO_RESPONSE);
97 buf_putint(ses.writepayload, num_prompts);
98
99 if (strlen(name) > 0) {
100 cleantext(name);
101 fprintf(stderr, "%s", name);
102 m_free(name);
103 }
104 if (strlen(instruction) > 0) {
105 cleantext(instruction);
106 fprintf(stderr, "%s", instruction);
107 m_free(instruction);
108 }
109
110 for (i = 0; i < num_prompts; i++) {
111 unsigned int response_len = 0;
112 prompt = buf_getstring(ses.payload, NULL);
113 cleantext(prompt);
114
115 echo = buf_getbool(ses.payload);
116
117 if (!echo) {
118 unsigned char* p = getpass_or_cancel(prompt);
119 response = m_strdup(p);
120 m_burn(p, strlen(p));
121 } else {
122 response = get_response(prompt);
123 }
124
125 response_len = strlen(response);
126 buf_putstring(ses.writepayload, response, response_len);
127 m_burn(response, response_len);
128 m_free(response);
129 }
130
131 encrypt_packet();
132
133
134 TRACE(("leave recv_msg_recv_userauth_info_request"))
135 }
136
137 void cli_auth_interactive() {
138
139 TRACE(("enter cli_auth_interactive"))
140 CHECKCLEARTOWRITE();
141
142 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
143
144 /* username */
145 buf_putstring(ses.writepayload, cli_opts.username,
146 strlen(cli_opts.username));
147
148 /* service name */
149 buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
150 SSH_SERVICE_CONNECTION_LEN);
151
152 /* method */
153 buf_putstring(ses.writepayload, AUTH_METHOD_INTERACT,
154 AUTH_METHOD_INTERACT_LEN);
155
156 /* empty language tag */
157 buf_putstring(ses.writepayload, "", 0);
158
159 /* empty submethods */
160 buf_putstring(ses.writepayload, "", 0);
161
162 encrypt_packet();
163 cli_ses.interact_request_received = 0;
164
165 TRACE(("leave cli_auth_interactive"))
166
167 }
168 #endif /* ENABLE_CLI_INTERACT_AUTH */