Mercurial > dropbear

comparison cli-auth.c @ 45:9ee8996a375f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Pubkey auth is mostly there for the client. Something strange with remote hostkey verification though.
author Matt Johnston <matt@ucc.asn.au>
date Tue, 03 Aug 2004 17:26:56 +0000
parents 942b22d7dd1c
children eee77ac31ccc
comparison
equal deleted inserted replaced
44:45edf30ea0a6 45:9ee8996a375f
5 #include "buffer.h" 5 #include "buffer.h"
6 #include "ssh.h" 6 #include "ssh.h"
7 #include "packet.h" 7 #include "packet.h"
8 #include "runopts.h" 8 #include "runopts.h"
9 9
10 #undef DROPBEAR_PUBKEY_AUTH
11 10
12 void cli_authinitialise() { 11 void cli_authinitialise() {
13 12
14 memset(&ses.authstate, 0, sizeof(ses.authstate)); 13 memset(&ses.authstate, 0, sizeof(ses.authstate));
15 } 14 }
28 buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, 27 buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
29 SSH_SERVICE_CONNECTION_LEN); 28 SSH_SERVICE_CONNECTION_LEN);
30 buf_putstring(ses.writepayload, "none", 4); /* 'none' method */ 29 buf_putstring(ses.writepayload, "none", 4); /* 'none' method */
31 30
32 encrypt_packet(); 31 encrypt_packet();
33 cli_ses.state = USERAUTH_METHODS_SENT;
34 TRACE(("leave cli_auth_getmethods")); 32 TRACE(("leave cli_auth_getmethods"));
35 33
36 } 34 }
37 35
38 void recv_msg_userauth_banner() { 36 void recv_msg_userauth_banner() {
85 unsigned int partial = 0; 83 unsigned int partial = 0;
86 unsigned int i = 0; 84 unsigned int i = 0;
87 85
88 TRACE(("<- MSG_USERAUTH_FAILURE")); 86 TRACE(("<- MSG_USERAUTH_FAILURE"));
89 TRACE(("enter recv_msg_userauth_failure")); 87 TRACE(("enter recv_msg_userauth_failure"));
88
89 if (cli_ses.state != USERAUTH_REQ_SENT) {
90 /* Perhaps we should be more fatal? */
91 TRACE(("But we didn't send a userauth request!!!!!!"));
92 return;
93 }
94
95 #ifdef DROPBEAR_PUBKEY_AUTH
96 /* If it was a pubkey auth request, we should cross that key
97 * off the list. */
98 if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) {
99 cli_pubkeyfail();
100 }
101 #endif
90 102
91 methods = buf_getstring(ses.payload, &methlen); 103 methods = buf_getstring(ses.payload, &methlen);
92 104
93 partial = buf_getbyte(ses.payload); 105 partial = buf_getbyte(ses.payload);
94 106
152 164
153 /* XXX We hardcode that we try a pubkey first */ 165 /* XXX We hardcode that we try a pubkey first */
154 #ifdef DROPBEAR_PUBKEY_AUTH 166 #ifdef DROPBEAR_PUBKEY_AUTH
155 if (ses.authstate.authtypes & AUTH_TYPE_PUBKEY) { 167 if (ses.authstate.authtypes & AUTH_TYPE_PUBKEY) {
156 finished = cli_auth_pubkey(); 168 finished = cli_auth_pubkey();
169 cli_ses.lastauthtype = AUTH_TYPE_PUBKEY;
157 } 170 }
158 #endif 171 #endif
159 172
160 #ifdef DROPBEAR_PASSWORD_AUTH 173 #ifdef DROPBEAR_PASSWORD_AUTH
161 if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) { 174 if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
162 finished = cli_auth_password(); 175 finished = cli_auth_password();
176 cli_ses.lastauthtype = AUTH_TYPE_PASSWORD;
163 } 177 }
164 #endif 178 #endif
165 179
166 if (!finished) { 180 if (!finished) {
167 dropbear_exit("No auth methods could be used."); 181 dropbear_exit("No auth methods could be used.");
168 } 182 }
169 183
170 cli_ses.state = USERAUTH_REQ_SENT;
171 TRACE(("leave cli_auth_try")); 184 TRACE(("leave cli_auth_try"));
172 } 185 }