2009-07-25 17:03:01 +02:00
|
|
|
/*
|
|
|
|
* authentication.c
|
|
|
|
* This file contains an example of how to do an authentication to a
|
|
|
|
* SSH server using libssh
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
Copyright 2003-2009 Aris Adamantiadis
|
|
|
|
|
|
|
|
This file is part of the SSH Library
|
|
|
|
|
|
|
|
You are free to copy this file, modify it in any way, consider it being public
|
|
|
|
domain. This does not apply to the rest of the library though, but it is
|
|
|
|
allowed to cut-and-paste working code from this file to any license of
|
|
|
|
program.
|
|
|
|
The goal is to show the API in action. It's not a reference on how terminal
|
|
|
|
clients must be made or how a client should react.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
|
|
|
|
#include <libssh/libssh.h>
|
|
|
|
#include "examples_common.h"
|
|
|
|
|
2011-01-08 10:17:37 +01:00
|
|
|
int authenticate_kbdint(ssh_session session, const char *password) {
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = ssh_userauth_kbdint(session, NULL, NULL);
|
|
|
|
while (err == SSH_AUTH_INFO) {
|
|
|
|
const char *instruction;
|
|
|
|
const char *name;
|
|
|
|
char buffer[128];
|
|
|
|
int i, n;
|
|
|
|
|
|
|
|
name = ssh_userauth_kbdint_getname(session);
|
|
|
|
instruction = ssh_userauth_kbdint_getinstruction(session);
|
|
|
|
n = ssh_userauth_kbdint_getnprompts(session);
|
|
|
|
|
|
|
|
if (name && strlen(name) > 0) {
|
|
|
|
printf("%s\n", name);
|
2010-03-29 22:44:20 +02:00
|
|
|
}
|
2011-01-08 10:17:37 +01:00
|
|
|
|
|
|
|
if (instruction && strlen(instruction) > 0) {
|
|
|
|
printf("%s\n", instruction);
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
2011-01-08 10:17:37 +01:00
|
|
|
|
|
|
|
for (i = 0; i < n; i++) {
|
|
|
|
const char *answer;
|
|
|
|
const char *prompt;
|
|
|
|
char echo;
|
|
|
|
|
|
|
|
prompt = ssh_userauth_kbdint_getprompt(session, i, &echo);
|
|
|
|
if (prompt == NULL) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (echo) {
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
printf("%s", prompt);
|
|
|
|
|
|
|
|
if (fgets(buffer, sizeof(buffer), stdin) == NULL) {
|
|
|
|
return SSH_AUTH_ERROR;
|
|
|
|
}
|
|
|
|
|
|
|
|
buffer[sizeof(buffer) - 1] = '\0';
|
|
|
|
if ((p = strchr(buffer, '\n'))) {
|
|
|
|
*p = '\0';
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ssh_userauth_kbdint_setanswer(session, i, buffer) < 0) {
|
|
|
|
return SSH_AUTH_ERROR;
|
|
|
|
}
|
|
|
|
|
|
|
|
memset(buffer, 0, strlen(buffer));
|
|
|
|
} else {
|
|
|
|
if (password && strstr(prompt, "Password:")) {
|
|
|
|
answer = password;
|
|
|
|
} else {
|
2011-01-23 20:08:25 +01:00
|
|
|
buffer[0] = '\0';
|
|
|
|
|
|
|
|
if (ssh_getpass(prompt, buffer, sizeof(buffer), 0, 0) < 0) {
|
|
|
|
return SSH_AUTH_ERROR;
|
|
|
|
}
|
|
|
|
answer = buffer;
|
2011-01-08 10:17:37 +01:00
|
|
|
}
|
2012-10-07 21:43:59 +02:00
|
|
|
err = ssh_userauth_kbdint_setanswer(session, i, answer);
|
|
|
|
memset(buffer, 0, sizeof(buffer));
|
|
|
|
if (err < 0) {
|
2011-01-08 10:17:37 +01:00
|
|
|
return SSH_AUTH_ERROR;
|
|
|
|
}
|
|
|
|
}
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
2011-01-08 10:17:37 +01:00
|
|
|
err=ssh_userauth_kbdint(session,NULL,NULL);
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
2011-01-08 10:17:37 +01:00
|
|
|
|
|
|
|
return err;
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
|
|
|
|
2009-12-13 19:53:32 +01:00
|
|
|
static void error(ssh_session session){
|
|
|
|
fprintf(stderr,"Authentication failed: %s\n",ssh_get_error(session));
|
|
|
|
}
|
|
|
|
|
2009-07-25 17:03:01 +02:00
|
|
|
int authenticate_console(ssh_session session){
|
2009-10-15 17:56:03 +02:00
|
|
|
int rc;
|
|
|
|
int method;
|
2011-01-23 20:08:25 +01:00
|
|
|
char password[128] = {0};
|
2009-07-25 17:03:01 +02:00
|
|
|
char *banner;
|
|
|
|
|
2009-10-15 17:56:03 +02:00
|
|
|
// Try to authenticate
|
|
|
|
rc = ssh_userauth_none(session, NULL);
|
|
|
|
if (rc == SSH_AUTH_ERROR) {
|
2009-12-13 19:53:32 +01:00
|
|
|
error(session);
|
2009-10-15 17:56:03 +02:00
|
|
|
return rc;
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
|
|
|
|
2009-10-15 17:56:03 +02:00
|
|
|
method = ssh_auth_list(session);
|
|
|
|
while (rc != SSH_AUTH_SUCCESS) {
|
2013-03-04 00:36:55 +01:00
|
|
|
if (method & SSH_AUTH_METHOD_GSSAPI_MIC){
|
|
|
|
rc = ssh_userauth_gssapi(session);
|
|
|
|
if(rc == SSH_AUTH_ERROR) {
|
|
|
|
error(session);
|
|
|
|
return rc;
|
|
|
|
} else if (rc == SSH_AUTH_SUCCESS) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2009-10-15 17:56:03 +02:00
|
|
|
// Try to authenticate with public key first
|
|
|
|
if (method & SSH_AUTH_METHOD_PUBLICKEY) {
|
|
|
|
rc = ssh_userauth_autopubkey(session, NULL);
|
|
|
|
if (rc == SSH_AUTH_ERROR) {
|
2009-12-13 19:53:32 +01:00
|
|
|
error(session);
|
2009-10-15 17:56:03 +02:00
|
|
|
return rc;
|
|
|
|
} else if (rc == SSH_AUTH_SUCCESS) {
|
|
|
|
break;
|
|
|
|
}
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
2009-10-15 17:56:03 +02:00
|
|
|
|
|
|
|
// Try to authenticate with keyboard interactive";
|
|
|
|
if (method & SSH_AUTH_METHOD_INTERACTIVE) {
|
2011-01-08 10:17:37 +01:00
|
|
|
rc = authenticate_kbdint(session, NULL);
|
2009-10-15 17:56:03 +02:00
|
|
|
if (rc == SSH_AUTH_ERROR) {
|
2009-12-13 19:53:32 +01:00
|
|
|
error(session);
|
2009-10-15 17:56:03 +02:00
|
|
|
return rc;
|
|
|
|
} else if (rc == SSH_AUTH_SUCCESS) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-01-23 20:08:25 +01:00
|
|
|
if (ssh_getpass("Password: ", password, sizeof(password), 0, 0) < 0) {
|
|
|
|
return SSH_AUTH_ERROR;
|
|
|
|
}
|
|
|
|
|
2009-10-15 17:56:03 +02:00
|
|
|
// Try to authenticate with password
|
|
|
|
if (method & SSH_AUTH_METHOD_PASSWORD) {
|
|
|
|
rc = ssh_userauth_password(session, NULL, password);
|
|
|
|
if (rc == SSH_AUTH_ERROR) {
|
2009-12-13 19:53:32 +01:00
|
|
|
error(session);
|
2009-10-15 17:56:03 +02:00
|
|
|
return rc;
|
|
|
|
} else if (rc == SSH_AUTH_SUCCESS) {
|
|
|
|
break;
|
|
|
|
}
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
2012-10-07 21:43:59 +02:00
|
|
|
memset(password, 0, sizeof(password));
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|
2009-10-15 17:56:03 +02:00
|
|
|
|
|
|
|
banner = ssh_get_issue_banner(session);
|
|
|
|
if (banner) {
|
|
|
|
printf("%s\n",banner);
|
2011-05-13 05:50:41 -07:00
|
|
|
ssh_string_free_char(banner);
|
2009-10-15 17:56:03 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return rc;
|
2009-07-25 17:03:01 +02:00
|
|
|
}
|