Mercurial > dropbear
comparison cli-authinteract.c @ 285:1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
to branch 'au.asn.ucc.matt.dropbear' (head fdf4a7a3b97ae5046139915de7e40399cceb2c01)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 08 Mar 2006 13:23:58 +0000 |
parents | 475a818dd6e7 |
children | 973fccb59ea4 31743c9bdf78 |
comparison
equal
deleted
inserted
replaced
281:997e6f7dc01e | 285:1b9e69c058d2 |
---|---|
1 /* | |
2 * Dropbear SSH | |
3 * | |
4 * Copyright (c) 2005 Matt Johnston | |
5 * All rights reserved. | |
6 * | |
7 * Permission is hereby granted, free of charge, to any person obtaining a copy | |
8 * of this software and associated documentation files (the "Software"), to deal | |
9 * in the Software without restriction, including without limitation the rights | |
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
11 * copies of the Software, and to permit persons to whom the Software is | |
12 * furnished to do so, subject to the following conditions: | |
13 * | |
14 * The above copyright notice and this permission notice shall be included in | |
15 * all copies or substantial portions of the Software. | |
16 * | |
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
23 * SOFTWARE. */ | |
24 | |
25 #include "includes.h" | |
26 #include "buffer.h" | |
27 #include "dbutil.h" | |
28 #include "session.h" | |
29 #include "ssh.h" | |
30 #include "runopts.h" | |
31 | |
32 #ifdef ENABLE_CLI_INTERACT_AUTH | |
33 | |
34 static unsigned char* get_response(unsigned char* prompt) | |
35 { | |
36 FILE* tty = NULL; | |
37 unsigned char* response = NULL; | |
38 /* not a password, but a reasonable limit */ | |
39 char buf[DROPBEAR_MAX_CLI_PASS]; | |
40 char* ret = NULL; | |
41 | |
42 fprintf(stderr, "%s", prompt); | |
43 | |
44 tty = fopen(_PATH_TTY, "r"); | |
45 if (tty) { | |
46 ret = fgets(buf, sizeof(buf), tty); | |
47 fclose(tty); | |
48 } else { | |
49 ret = fgets(buf, sizeof(buf), stdin); | |
50 } | |
51 | |
52 if (ret == NULL) { | |
53 response = (unsigned char*)m_strdup(""); | |
54 } else { | |
55 unsigned int buflen = strlen(buf); | |
56 /* fgets includes newlines */ | |
57 if (buflen > 0 && buf[buflen-1] == '\n') | |
58 buf[buflen-1] = '\0'; | |
59 response = (unsigned char*)m_strdup(buf); | |
60 } | |
61 | |
62 m_burn(buf, sizeof(buf)); | |
63 | |
64 return response; | |
65 } | |
66 | |
67 void recv_msg_userauth_info_request() { | |
68 | |
69 unsigned char *name = NULL; | |
70 unsigned char *instruction = NULL; | |
71 unsigned int num_prompts = 0; | |
72 unsigned int i; | |
73 | |
74 unsigned char *prompt = NULL; | |
75 unsigned int echo = 0; | |
76 unsigned char *response = NULL; | |
77 | |
78 TRACE(("enter recv_msg_recv_userauth_info_request")) | |
79 | |
80 cli_ses.interact_request_received = 1; | |
81 | |
82 name = buf_getstring(ses.payload, NULL); | |
83 instruction = buf_getstring(ses.payload, NULL); | |
84 | |
85 /* language tag */ | |
86 buf_eatstring(ses.payload); | |
87 | |
88 num_prompts = buf_getint(ses.payload); | |
89 | |
90 if (num_prompts >= DROPBEAR_MAX_CLI_INTERACT_PROMPTS) { | |
91 dropbear_exit("Too many prompts received for keyboard-interactive"); | |
92 } | |
93 | |
94 /* we'll build the response as we go */ | |
95 CHECKCLEARTOWRITE(); | |
96 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_INFO_RESPONSE); | |
97 buf_putint(ses.writepayload, num_prompts); | |
98 | |
99 if (strlen(name) > 0) { | |
100 cleantext(name); | |
101 fprintf(stderr, "%s", name); | |
102 m_free(name); | |
103 } | |
104 if (strlen(instruction) > 0) { | |
105 cleantext(instruction); | |
106 fprintf(stderr, "%s", instruction); | |
107 m_free(instruction); | |
108 } | |
109 | |
110 for (i = 0; i < num_prompts; i++) { | |
111 unsigned int response_len = 0; | |
112 prompt = buf_getstring(ses.payload, NULL); | |
113 cleantext(prompt); | |
114 | |
115 echo = buf_getbool(ses.payload); | |
116 | |
117 if (!echo) { | |
118 unsigned char* p = getpass_or_cancel(prompt); | |
119 response = m_strdup(p); | |
120 m_burn(p, strlen(p)); | |
121 } else { | |
122 response = get_response(prompt); | |
123 } | |
124 | |
125 response_len = strlen(response); | |
126 buf_putstring(ses.writepayload, response, response_len); | |
127 m_burn(response, response_len); | |
128 m_free(response); | |
129 } | |
130 | |
131 encrypt_packet(); | |
132 | |
133 | |
134 TRACE(("leave recv_msg_recv_userauth_info_request")) | |
135 } | |
136 | |
137 void cli_auth_interactive() { | |
138 | |
139 TRACE(("enter cli_auth_interactive")) | |
140 CHECKCLEARTOWRITE(); | |
141 | |
142 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); | |
143 | |
144 /* username */ | |
145 buf_putstring(ses.writepayload, cli_opts.username, | |
146 strlen(cli_opts.username)); | |
147 | |
148 /* service name */ | |
149 buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, | |
150 SSH_SERVICE_CONNECTION_LEN); | |
151 | |
152 /* method */ | |
153 buf_putstring(ses.writepayload, AUTH_METHOD_INTERACT, | |
154 AUTH_METHOD_INTERACT_LEN); | |
155 | |
156 /* empty language tag */ | |
157 buf_putstring(ses.writepayload, "", 0); | |
158 | |
159 /* empty submethods */ | |
160 buf_putstring(ses.writepayload, "", 0); | |
161 | |
162 encrypt_packet(); | |
163 cli_ses.interact_request_received = 0; | |
164 | |
165 TRACE(("leave cli_auth_interactive")) | |
166 | |
167 } | |
168 #endif /* ENABLE_CLI_INTERACT_AUTH */ |