X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/f5799ae11d9a6d85b68449a35cd4077ae9090357..HEAD:/openssh/auth2-chall.c diff --git a/openssh/auth2-chall.c b/openssh/auth2-chall.c index f35bfb2..5e6a691 100644 --- a/openssh/auth2-chall.c +++ b/openssh/auth2-chall.c @@ -23,11 +23,10 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.8 2001/09/27 15:31:17 markus Exp $"); #include "ssh2.h" #include "auth.h" -#include "buffer.h" #include "packet.h" #include "xmalloc.h" #include "dispatch.h" @@ -36,7 +35,7 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $"); static int auth2_challenge_start(Authctxt *); static int send_userauth_info_request(Authctxt *); -static void input_userauth_info_response(int, u_int32_t, void *); +static void input_userauth_info_response(int, int, void *); #ifdef BSD_AUTH extern KbdintDevice bsdauth_device; @@ -69,25 +68,22 @@ static KbdintAuthctxt * kbdint_alloc(const char *devs) { KbdintAuthctxt *kbdintctxt; - Buffer b; int i; + char buf[1024]; kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); if (strcmp(devs, "") == 0) { - buffer_init(&b); + buf[0] = '\0'; for (i = 0; devices[i]; i++) { - if (buffer_len(&b) > 0) - buffer_append(&b, ",", 1); - buffer_append(&b, devices[i]->name, - strlen(devices[i]->name)); + if (i != 0) + strlcat(buf, ",", sizeof(buf)); + strlcat(buf, devices[i]->name, sizeof(buf)); } - buffer_append(&b, "\0", 1); - kbdintctxt->devices = xstrdup(buffer_ptr(&b)); - buffer_free(&b); + debug("kbdint_alloc: devices '%s'", buf); + kbdintctxt->devices = xstrdup(buf); } else { kbdintctxt->devices = xstrdup(devs); } - debug("kbdint_alloc: devices '%s'", kbdintctxt->devices); kbdintctxt->ctxt = NULL; kbdintctxt->device = NULL; @@ -155,23 +151,11 @@ auth2_challenge(Authctxt *authctxt, char *devs) if (authctxt->user == NULL || !devs) return 0; - if (authctxt->kbdintctxt == NULL) + if (authctxt->kbdintctxt == NULL) authctxt->kbdintctxt = kbdint_alloc(devs); return auth2_challenge_start(authctxt); } -/* unregister kbd-int callbacks and context */ -void -auth2_challenge_stop(Authctxt *authctxt) -{ - /* unregister callback */ - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); - if (authctxt->kbdintctxt != NULL) { - kbdint_free(authctxt->kbdintctxt); - authctxt->kbdintctxt = NULL; - } -} - /* side effect: sets authctxt->postponed if a reply was sent*/ static int auth2_challenge_start(Authctxt *authctxt) @@ -182,18 +166,21 @@ auth2_challenge_start(Authctxt *authctxt) kbdintctxt->devices ? kbdintctxt->devices : ""); if (kbdint_next_device(kbdintctxt) == 0) { - auth2_challenge_stop(authctxt); + kbdint_free(kbdintctxt); + authctxt->kbdintctxt = NULL; return 0; } debug("auth2_challenge_start: trying authentication method '%s'", kbdintctxt->device->name); if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) { - auth2_challenge_stop(authctxt); + kbdint_free(kbdintctxt); + authctxt->kbdintctxt = NULL; return 0; } if (send_userauth_info_request(authctxt) == 0) { - auth2_challenge_stop(authctxt); + kbdint_free(kbdintctxt); + authctxt->kbdintctxt = NULL; return 0; } dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, @@ -219,7 +206,7 @@ send_userauth_info_request(Authctxt *authctxt) packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); packet_put_cstring(name); packet_put_cstring(instr); - packet_put_cstring(""); /* language not used */ + packet_put_cstring(""); /* language not used */ packet_put_int(numprompts); for (i = 0; i < numprompts; i++) { packet_put_cstring(prompts[i]); @@ -238,7 +225,7 @@ send_userauth_info_request(Authctxt *authctxt) } static void -input_userauth_info_response(int type, u_int32_t seq, void *ctxt) +input_userauth_info_response(int type, int plen, void *ctxt) { Authctxt *authctxt = ctxt; KbdintAuthctxt *kbdintctxt; @@ -261,7 +248,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) for (i = 0; i < nresp; i++) response[i] = packet_get_string(NULL); } - packet_check_eom(); + packet_done(); if (authctxt->valid) { res = kbdintctxt->device->respond(kbdintctxt->ctxt, @@ -284,8 +271,10 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) break; case 1: /* Authentication needs further interaction */ - if (send_userauth_info_request(authctxt) == 1) - authctxt->postponed = 1; + authctxt->postponed = 1; + if (send_userauth_info_request(authctxt) == 0) { + authctxt->postponed = 0; + } break; default: /* Failure! */ @@ -295,12 +284,18 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) len = strlen("keyboard-interactive") + 2 + strlen(kbdintctxt->device->name); method = xmalloc(len); - snprintf(method, len, "keyboard-interactive/%s", - kbdintctxt->device->name); + method[0] = '\0'; + strlcat(method, "keyboard-interactive", len); + strlcat(method, "/", len); + strlcat(method, kbdintctxt->device->name, len); if (!authctxt->postponed) { + /* unregister callback */ + dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); + if (authenticated) { - auth2_challenge_stop(authctxt); + kbdint_free(kbdintctxt); + authctxt->kbdintctxt = NULL; } else { /* start next device */ /* may set authctxt->postponed */ @@ -310,22 +305,3 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) userauth_finish(authctxt, authenticated, method); xfree(method); } - -void -privsep_challenge_enable(void) -{ -#ifdef BSD_AUTH - extern KbdintDevice mm_bsdauth_device; -#endif -#ifdef SKEY - extern KbdintDevice mm_skey_device; -#endif - /* As long as SSHv1 has devices[0] hard coded this is fine */ -#ifdef BSD_AUTH - devices[0] = &mm_bsdauth_device; -#else -#ifdef SKEY - devices[0] = &mm_skey_device; -#endif -#endif -}