Mercurial > dropbear
view cli-authpasswd.c @ 229:1c03b27e1ceb
- "twofish-cbc" is an alias for "twofish256-cbc"
- increase the maximum key length constant
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 30 Aug 2005 17:30:39 +0000 |
parents | 257f09a63dab |
children | efbaf6b03837 |
line wrap: on
line source
/* * Dropbear SSH * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. */ #include "includes.h" #include "buffer.h" #include "dbutil.h" #include "session.h" #include "ssh.h" #include "runopts.h" #ifdef ENABLE_CLI_PASSWORD_AUTH #ifdef ENABLE_CLI_ASKPASS_HELPER /* Returns 1 if we want to use the askpass program, 0 otherwise */ static int want_askpass() { char* askpass_prog = NULL; askpass_prog = getenv("SSH_ASKPASS"); return askpass_prog && !isatty(STDIN_FILENO) && getenv("DISPLAY"); } /* returns a statically allocated password from a helper app, or NULL * on failure */ static char *gui_getpass(const char *prompt) { pid_t pid; int p[2], maxlen, len, status; static char buf[DROPBEAR_MAX_CLI_PASS + 1]; char* helper = NULL; TRACE(("enter gui_getpass")) helper = getenv("SSH_ASKPASS"); if (!helper) { TRACE(("leave gui_getpass: no askpass program")) return NULL; } if (pipe(p) < 0) { TRACE(("error creating child pipe")) return NULL; } pid = fork(); if (pid < 0) { TRACE(("fork error")) return NULL; } if (!pid) { /* child */ close(p[0]); if (dup2(p[1], STDOUT_FILENO) < 0) { TRACE(("error redirecting stdout")) exit(1); } close(p[1]); execlp(helper, helper, prompt, (char *)0); TRACE(("execlp error")) exit(1); } close(p[1]); maxlen = sizeof(buf); while (maxlen > 0) { len = read(p[0], buf + sizeof(buf) - maxlen, maxlen); if (len > 0) { maxlen -= len; } else { if (errno != EINTR) break; } } close(p[0]); while (waitpid(pid, &status, 0) < 0 && errno == EINTR) ; if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) return(NULL); len = sizeof(buf) - maxlen; buf[len] = '\0'; if (len > 0 && buf[len - 1] == '\n') buf[len - 1] = '\0'; TRACE(("leave gui_getpass")) return(buf); } #endif /* ENABLE_CLI_ASKPASS_HELPER */ int cli_auth_password() { char* password = NULL; TRACE(("enter cli_auth_password")) CHECKCLEARTOWRITE(); #ifdef ENABLE_CLI_ASKPASS_HELPER if (want_askpass()) password = gui_getpass("Password: "); else #endif password = getpass("Password: "); if (password == NULL) return 0; buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); buf_putstring(ses.writepayload, cli_opts.username, strlen(cli_opts.username)); buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, SSH_SERVICE_CONNECTION_LEN); buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD, AUTH_METHOD_PASSWORD_LEN); buf_putbyte(ses.writepayload, 0); /* FALSE - so says the spec */ buf_putstring(ses.writepayload, password, strlen(password)); encrypt_packet(); m_burn(password, strlen(password)); TRACE(("leave cli_auth_password")) return 1; /* Password auth can always be tried */ } #endif /* ENABLE_CLI_PASSWORD_AUTH */