diff options
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 77 |
1 files changed, 75 insertions, 2 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index fbd18aaa7..d8e1df5ca 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.98 2002/03/19 10:49:35 markus Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.99 2002/03/26 15:58:46 markus Exp $"); |
27 | 27 | ||
28 | #include "ssh.h" | 28 | #include "ssh.h" |
29 | #include "ssh2.h" | 29 | #include "ssh2.h" |
@@ -172,6 +172,7 @@ void input_userauth_banner(int, u_int32_t, void *); | |||
172 | void input_userauth_error(int, u_int32_t, void *); | 172 | void input_userauth_error(int, u_int32_t, void *); |
173 | void input_userauth_info_req(int, u_int32_t, void *); | 173 | void input_userauth_info_req(int, u_int32_t, void *); |
174 | void input_userauth_pk_ok(int, u_int32_t, void *); | 174 | void input_userauth_pk_ok(int, u_int32_t, void *); |
175 | void input_userauth_passwd_changereq(int, u_int32_t, void *); | ||
175 | 176 | ||
176 | int userauth_none(Authctxt *); | 177 | int userauth_none(Authctxt *); |
177 | int userauth_pubkey(Authctxt *); | 178 | int userauth_pubkey(Authctxt *); |
@@ -439,7 +440,7 @@ int | |||
439 | userauth_passwd(Authctxt *authctxt) | 440 | userauth_passwd(Authctxt *authctxt) |
440 | { | 441 | { |
441 | static int attempt = 0; | 442 | static int attempt = 0; |
442 | char prompt[80]; | 443 | char prompt[150]; |
443 | char *password; | 444 | char *password; |
444 | 445 | ||
445 | if (attempt++ >= options.number_of_password_prompts) | 446 | if (attempt++ >= options.number_of_password_prompts) |
@@ -461,13 +462,85 @@ userauth_passwd(Authctxt *authctxt) | |||
461 | xfree(password); | 462 | xfree(password); |
462 | packet_add_padding(64); | 463 | packet_add_padding(64); |
463 | packet_send(); | 464 | packet_send(); |
465 | |||
466 | dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, | ||
467 | &input_userauth_passwd_changereq); | ||
468 | |||
464 | return 1; | 469 | return 1; |
465 | } | 470 | } |
471 | /* | ||
472 | * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST | ||
473 | */ | ||
474 | void | ||
475 | input_userauth_passwd_changereq(int type, uint32_t seqnr, void *ctxt) | ||
476 | { | ||
477 | Authctxt *authctxt = ctxt; | ||
478 | char *info, *lang, *password = NULL, *retype = NULL; | ||
479 | char prompt[150]; | ||
480 | |||
481 | debug2("input_userauth_passwd_changereq"); | ||
482 | |||
483 | if (authctxt == NULL) | ||
484 | fatal("input_userauth_passwd_changereq: " | ||
485 | "no authentication context"); | ||
486 | |||
487 | info = packet_get_string(NULL); | ||
488 | lang = packet_get_string(NULL); | ||
489 | if (strlen(info) > 0) | ||
490 | log("%s", info); | ||
491 | xfree(info); | ||
492 | xfree(lang); | ||
493 | packet_start(SSH2_MSG_USERAUTH_REQUEST); | ||
494 | packet_put_cstring(authctxt->server_user); | ||
495 | packet_put_cstring(authctxt->service); | ||
496 | packet_put_cstring(authctxt->method->name); | ||
497 | packet_put_char(1); /* additional info */ | ||
498 | snprintf(prompt, sizeof(prompt), | ||
499 | "Enter %.30s@%.128s's old password: ", | ||
500 | authctxt->server_user, authctxt->host); | ||
501 | password = read_passphrase(prompt, 0); | ||
502 | packet_put_cstring(password); | ||
503 | memset(password, 0, strlen(password)); | ||
504 | xfree(password); | ||
505 | password = NULL; | ||
506 | while (password == NULL) { | ||
507 | snprintf(prompt, sizeof(prompt), | ||
508 | "Enter %.30s@%.128s's new password: ", | ||
509 | authctxt->server_user, authctxt->host); | ||
510 | password = read_passphrase(prompt, RP_ALLOW_EOF); | ||
511 | if (password == NULL) { | ||
512 | /* bail out */ | ||
513 | return; | ||
514 | } | ||
515 | snprintf(prompt, sizeof(prompt), | ||
516 | "Retype %.30s@%.128s's new password: ", | ||
517 | authctxt->server_user, authctxt->host); | ||
518 | retype = read_passphrase(prompt, 0); | ||
519 | if (strcmp(password, retype) != 0) { | ||
520 | memset(password, 0, strlen(password)); | ||
521 | xfree(password); | ||
522 | log("Mismatch; try again, EOF to quit."); | ||
523 | password = NULL; | ||
524 | } | ||
525 | memset(retype, 0, strlen(retype)); | ||
526 | xfree(retype); | ||
527 | } | ||
528 | packet_put_cstring(password); | ||
529 | memset(password, 0, strlen(password)); | ||
530 | xfree(password); | ||
531 | packet_add_padding(64); | ||
532 | packet_send(); | ||
533 | |||
534 | dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, | ||
535 | &input_userauth_passwd_changereq); | ||
536 | } | ||
466 | 537 | ||
467 | static void | 538 | static void |
468 | clear_auth_state(Authctxt *authctxt) | 539 | clear_auth_state(Authctxt *authctxt) |
469 | { | 540 | { |
470 | /* XXX clear authentication state */ | 541 | /* XXX clear authentication state */ |
542 | dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, NULL); | ||
543 | |||
471 | if (authctxt->last_key != NULL && authctxt->last_key_hint == -1) { | 544 | if (authctxt->last_key != NULL && authctxt->last_key_hint == -1) { |
472 | debug3("clear_auth_state: key_free %p", authctxt->last_key); | 545 | debug3("clear_auth_state: key_free %p", authctxt->last_key); |
473 | key_free(authctxt->last_key); | 546 | key_free(authctxt->last_key); |