view cli-authpasswd.c @ 53:0fe267cc9dee

Be a bit safer with reentrant pw_name
author Matt Johnston <matt@ucc.asn.au>
date Sun, 08 Aug 2004 16:41:26 +0000
parents 0ad5fb979f42
children eee77ac31ccc
line wrap: on
line source

#include "includes.h"
#include "buffer.h"
#include "dbutil.h"
#include "session.h"
#include "ssh.h"
#include "runopts.h"

int cli_auth_password() {

	char* password = NULL;
	TRACE(("enter cli_auth_password"));

	CHECKCLEARTOWRITE();
	password = getpass("Password: ");

	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);

	buf_putstring(ses.writepayload, cli_opts.username,
			strlen(cli_opts.username));

	buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, 
			SSH_SERVICE_CONNECTION_LEN);

	buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD, 
			AUTH_METHOD_PASSWORD_LEN);

	buf_putbyte(ses.writepayload, 0); /* FALSE - so says the spec */

	buf_putstring(ses.writepayload, password, strlen(password));

	encrypt_packet();
	m_burn(password, strlen(password));

	TRACE(("leave cli_auth_password"));
	return 1; /* Password auth can always be tried */

}