diff options
| author | markus@openbsd.org <markus@openbsd.org> | 2018-07-09 21:35:50 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-07-10 15:27:43 +1000 |
| commit | c7d39ac8dc3587c5f05bdd5bcd098eb5c201c0c8 (patch) | |
| tree | 28e4a7c9d114a3ab3c7710850e54b1a8c41f840e /auth2-chall.c | |
| parent | c3cb7790e9efb14ba74b2d9f543ad593b3d55b31 (diff) | |
upstream: sshd: switch authentication to sshbuf API; ok djm@
OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
Diffstat (limited to 'auth2-chall.c')
| -rw-r--r-- | auth2-chall.c | 69 |
1 files changed, 40 insertions, 29 deletions
diff --git a/auth2-chall.c b/auth2-chall.c index 11c8d31b3..5edd0e653 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-chall.c,v 1.48 2017/05/30 14:29:59 markus Exp $ */ | 1 | /* $OpenBSD: auth2-chall.c,v 1.49 2018/07/09 21:35:50 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2001 Per Allansson. All rights reserved. | 4 | * Copyright (c) 2001 Per Allansson. All rights reserved. |
| @@ -34,12 +34,13 @@ | |||
| 34 | 34 | ||
| 35 | #include "xmalloc.h" | 35 | #include "xmalloc.h" |
| 36 | #include "ssh2.h" | 36 | #include "ssh2.h" |
| 37 | #include "key.h" | 37 | #include "sshkey.h" |
| 38 | #include "hostfile.h" | 38 | #include "hostfile.h" |
| 39 | #include "auth.h" | 39 | #include "auth.h" |
| 40 | #include "buffer.h" | 40 | #include "sshbuf.h" |
| 41 | #include "packet.h" | 41 | #include "packet.h" |
| 42 | #include "dispatch.h" | 42 | #include "dispatch.h" |
| 43 | #include "ssherr.h" | ||
| 43 | #include "log.h" | 44 | #include "log.h" |
| 44 | #include "misc.h" | 45 | #include "misc.h" |
| 45 | #include "servconf.h" | 46 | #include "servconf.h" |
| @@ -48,7 +49,7 @@ | |||
| 48 | extern ServerOptions options; | 49 | extern ServerOptions options; |
| 49 | 50 | ||
| 50 | static int auth2_challenge_start(struct ssh *); | 51 | static int auth2_challenge_start(struct ssh *); |
| 51 | static int send_userauth_info_request(Authctxt *); | 52 | static int send_userauth_info_request(struct ssh *); |
| 52 | static int input_userauth_info_response(int, u_int32_t, struct ssh *); | 53 | static int input_userauth_info_response(int, u_int32_t, struct ssh *); |
| 53 | 54 | ||
| 54 | #ifdef BSD_AUTH | 55 | #ifdef BSD_AUTH |
| @@ -105,8 +106,8 @@ static KbdintAuthctxt * | |||
| 105 | kbdint_alloc(const char *devs) | 106 | kbdint_alloc(const char *devs) |
| 106 | { | 107 | { |
| 107 | KbdintAuthctxt *kbdintctxt; | 108 | KbdintAuthctxt *kbdintctxt; |
| 108 | Buffer b; | 109 | struct sshbuf *b; |
| 109 | int i; | 110 | int i, r; |
| 110 | 111 | ||
| 111 | #ifdef USE_PAM | 112 | #ifdef USE_PAM |
| 112 | if (!options.use_pam) | 113 | if (!options.use_pam) |
| @@ -115,16 +116,17 @@ kbdint_alloc(const char *devs) | |||
| 115 | 116 | ||
| 116 | kbdintctxt = xcalloc(1, sizeof(KbdintAuthctxt)); | 117 | kbdintctxt = xcalloc(1, sizeof(KbdintAuthctxt)); |
| 117 | if (strcmp(devs, "") == 0) { | 118 | if (strcmp(devs, "") == 0) { |
| 118 | buffer_init(&b); | 119 | if ((b = sshbuf_new()) == NULL) |
| 120 | fatal("%s: sshbuf_new failed", __func__); | ||
| 119 | for (i = 0; devices[i]; i++) { | 121 | for (i = 0; devices[i]; i++) { |
| 120 | if (buffer_len(&b) > 0) | 122 | if ((r = sshbuf_putf(b, "%s%s", |
| 121 | buffer_append(&b, ",", 1); | 123 | sshbuf_len(b) ? "," : "", devices[i]->name)) != 0) |
| 122 | buffer_append(&b, devices[i]->name, | 124 | fatal("%s: buffer error: %s", |
| 123 | strlen(devices[i]->name)); | 125 | __func__, ssh_err(r)); |
| 124 | } | 126 | } |
| 125 | if ((kbdintctxt->devices = sshbuf_dup_string(&b)) == NULL) | 127 | if ((kbdintctxt->devices = sshbuf_dup_string(b)) == NULL) |
| 126 | fatal("%s: sshbuf_dup_string failed", __func__); | 128 | fatal("%s: sshbuf_dup_string failed", __func__); |
| 127 | buffer_free(&b); | 129 | sshbuf_free(b); |
| 128 | } else { | 130 | } else { |
| 129 | kbdintctxt->devices = xstrdup(devs); | 131 | kbdintctxt->devices = xstrdup(devs); |
| 130 | } | 132 | } |
| @@ -243,7 +245,7 @@ auth2_challenge_start(struct ssh *ssh) | |||
| 243 | auth2_challenge_stop(ssh); | 245 | auth2_challenge_stop(ssh); |
| 244 | return 0; | 246 | return 0; |
| 245 | } | 247 | } |
| 246 | if (send_userauth_info_request(authctxt) == 0) { | 248 | if (send_userauth_info_request(ssh) == 0) { |
| 247 | auth2_challenge_stop(ssh); | 249 | auth2_challenge_stop(ssh); |
| 248 | return 0; | 250 | return 0; |
| 249 | } | 251 | } |
| @@ -255,28 +257,32 @@ auth2_challenge_start(struct ssh *ssh) | |||
| 255 | } | 257 | } |
| 256 | 258 | ||
| 257 | static int | 259 | static int |
| 258 | send_userauth_info_request(Authctxt *authctxt) | 260 | send_userauth_info_request(struct ssh *ssh) |
| 259 | { | 261 | { |
| 262 | Authctxt *authctxt = ssh->authctxt; | ||
| 260 | KbdintAuthctxt *kbdintctxt; | 263 | KbdintAuthctxt *kbdintctxt; |
| 261 | char *name, *instr, **prompts; | 264 | char *name, *instr, **prompts; |
| 262 | u_int i, *echo_on; | 265 | u_int r, i, *echo_on; |
| 263 | 266 | ||
| 264 | kbdintctxt = authctxt->kbdintctxt; | 267 | kbdintctxt = authctxt->kbdintctxt; |
| 265 | if (kbdintctxt->device->query(kbdintctxt->ctxt, | 268 | if (kbdintctxt->device->query(kbdintctxt->ctxt, |
| 266 | &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on)) | 269 | &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on)) |
| 267 | return 0; | 270 | return 0; |
| 268 | 271 | ||
| 269 | packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); | 272 | if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST)) != 0 || |
| 270 | packet_put_cstring(name); | 273 | (r = sshpkt_put_cstring(ssh, name)) != 0 || |
| 271 | packet_put_cstring(instr); | 274 | (r = sshpkt_put_cstring(ssh, instr)) != 0 || |
| 272 | packet_put_cstring(""); /* language not used */ | 275 | (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language not used */ |
| 273 | packet_put_int(kbdintctxt->nreq); | 276 | (r = sshpkt_put_u32(ssh, kbdintctxt->nreq)) != 0) |
| 277 | fatal("%s: %s", __func__, ssh_err(r)); | ||
| 274 | for (i = 0; i < kbdintctxt->nreq; i++) { | 278 | for (i = 0; i < kbdintctxt->nreq; i++) { |
| 275 | packet_put_cstring(prompts[i]); | 279 | if ((r = sshpkt_put_cstring(ssh, prompts[i])) != 0 || |
| 276 | packet_put_char(echo_on[i]); | 280 | (r = sshpkt_put_u8(ssh, echo_on[i])) != 0) |
| 281 | fatal("%s: %s", __func__, ssh_err(r)); | ||
| 277 | } | 282 | } |
| 278 | packet_send(); | 283 | if ((r = sshpkt_send(ssh)) != 0) |
| 279 | packet_write_wait(); | 284 | fatal("%s: %s", __func__, ssh_err(r)); |
| 285 | ssh_packet_write_wait(ssh); | ||
| 280 | 286 | ||
| 281 | for (i = 0; i < kbdintctxt->nreq; i++) | 287 | for (i = 0; i < kbdintctxt->nreq; i++) |
| 282 | free(prompts[i]); | 288 | free(prompts[i]); |
| @@ -293,6 +299,7 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) | |||
| 293 | Authctxt *authctxt = ssh->authctxt; | 299 | Authctxt *authctxt = ssh->authctxt; |
| 294 | KbdintAuthctxt *kbdintctxt; | 300 | KbdintAuthctxt *kbdintctxt; |
| 295 | int authenticated = 0, res; | 301 | int authenticated = 0, res; |
| 302 | int r; | ||
| 296 | u_int i, nresp; | 303 | u_int i, nresp; |
| 297 | const char *devicename = NULL; | 304 | const char *devicename = NULL; |
| 298 | char **response = NULL; | 305 | char **response = NULL; |
| @@ -306,7 +313,8 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) | |||
| 306 | fatal("input_userauth_info_response: no device"); | 313 | fatal("input_userauth_info_response: no device"); |
| 307 | 314 | ||
| 308 | authctxt->postponed = 0; /* reset */ | 315 | authctxt->postponed = 0; /* reset */ |
| 309 | nresp = packet_get_int(); | 316 | if ((r = sshpkt_get_u32(ssh, &nresp)) != 0) |
| 317 | fatal("%s: %s", __func__, ssh_err(r)); | ||
| 310 | if (nresp != kbdintctxt->nreq) | 318 | if (nresp != kbdintctxt->nreq) |
| 311 | fatal("input_userauth_info_response: wrong number of replies"); | 319 | fatal("input_userauth_info_response: wrong number of replies"); |
| 312 | if (nresp > 100) | 320 | if (nresp > 100) |
| @@ -314,9 +322,12 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) | |||
| 314 | if (nresp > 0) { | 322 | if (nresp > 0) { |
| 315 | response = xcalloc(nresp, sizeof(char *)); | 323 | response = xcalloc(nresp, sizeof(char *)); |
| 316 | for (i = 0; i < nresp; i++) | 324 | for (i = 0; i < nresp; i++) |
| 317 | response[i] = packet_get_string(NULL); | 325 | if ((r = sshpkt_get_cstring(ssh, &response[i], |
| 326 | NULL)) != 0) | ||
| 327 | fatal("%s: %s", __func__, ssh_err(r)); | ||
| 318 | } | 328 | } |
| 319 | packet_check_eom(); | 329 | if ((r = sshpkt_get_end(ssh)) != 0) |
| 330 | fatal("%s: %s", __func__, ssh_err(r)); | ||
| 320 | 331 | ||
| 321 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); | 332 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); |
| 322 | 333 | ||
| @@ -333,7 +344,7 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) | |||
| 333 | break; | 344 | break; |
| 334 | case 1: | 345 | case 1: |
| 335 | /* Authentication needs further interaction */ | 346 | /* Authentication needs further interaction */ |
| 336 | if (send_userauth_info_request(authctxt) == 1) | 347 | if (send_userauth_info_request(ssh) == 1) |
| 337 | authctxt->postponed = 1; | 348 | authctxt->postponed = 1; |
| 338 | break; | 349 | break; |
| 339 | default: | 350 | default: |