1
1

server: move message-specific call to ssh_*

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
Aris Adamantiadis 2013-02-20 23:18:46 +01:00 коммит произвёл Andreas Schneider
родитель 3b52e38a33
Коммит 1246ad812c

Просмотреть файл

@ -524,6 +524,17 @@ static int ssh_server_kex_termination(void *s){
return 1; return 1;
} }
/** Set the acceptable authentication methods to be sent to
* client.
* @param[in] session the SSH server session
* @param[in] Bitfield of authentication methods to be accepted,
* e.g. SSH_AUTH_METHOD_PUBLICKEY
*/
void ssh_set_auth_methods(ssh_session session, int auth_methods){
/* accept only methods in range */
session->auth_methods = auth_methods & 0x3f;
}
/* Do the banner and key exchange */ /* Do the banner and key exchange */
int ssh_handle_key_exchange(ssh_session session) { int ssh_handle_key_exchange(ssh_session session) {
int rc; int rc;
@ -564,8 +575,10 @@ int ssh_handle_key_exchange(ssh_session session) {
/* messages */ /* messages */
static int ssh_message_auth_reply_default(ssh_message msg,int partial) { /** @internal
ssh_session session = msg->session; * replies to an SSH_AUTH packet with a default (denied) response.
*/
int ssh_auth_reply_default(ssh_session session,int partial) {
char methods_c[128] = {0}; char methods_c[128] = {0};
ssh_string methods = NULL; ssh_string methods = NULL;
int rc = SSH_ERROR; int rc = SSH_ERROR;
@ -583,6 +596,10 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
strncat(methods_c, "publickey,", strncat(methods_c, "publickey,",
sizeof(methods_c) - strlen(methods_c) - 1); sizeof(methods_c) - strlen(methods_c) - 1);
} }
if (session->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC){
strncat(methods_c,"gssapi-with-mic,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) { if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
strncat(methods_c, "keyboard-interactive,", strncat(methods_c, "keyboard-interactive,",
sizeof(methods_c) - strlen(methods_c) - 1); sizeof(methods_c) - strlen(methods_c) - 1);
@ -611,7 +628,7 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
goto error; goto error;
} }
if (buffer_add_ssh_string(msg->session->out_buffer, methods) < 0) { if (buffer_add_ssh_string(session->out_buffer, methods) < 0) {
goto error; goto error;
} }
@ -625,7 +642,7 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
} }
} }
rc = packet_send(msg->session); rc = packet_send(session);
error: error:
ssh_string_free(methods); ssh_string_free(methods);
@ -774,7 +791,7 @@ int ssh_message_reply_default(ssh_message msg) {
switch(msg->type) { switch(msg->type) {
case SSH_REQUEST_AUTH: case SSH_REQUEST_AUTH:
return ssh_message_auth_reply_default(msg, 0); return ssh_auth_reply_default(msg->session, 0);
case SSH_REQUEST_CHANNEL_OPEN: case SSH_REQUEST_CHANNEL_OPEN:
return ssh_message_channel_request_open_reply_default(msg); return ssh_message_channel_request_open_reply_default(msg);
case SSH_REQUEST_CHANNEL: case SSH_REQUEST_CHANNEL:
@ -1005,33 +1022,39 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
return r; return r;
} }
int ssh_message_auth_reply_success(ssh_message msg, int partial) { int ssh_auth_reply_success(ssh_session session, int partial) {
int r; int r;
if (msg == NULL) { if (session == NULL) {
return SSH_ERROR; return SSH_ERROR;
} }
if (partial) { if (partial) {
return ssh_message_auth_reply_default(msg, partial); return ssh_auth_reply_default(session, partial);
} }
if (buffer_add_u8(msg->session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) { if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) {
return SSH_ERROR; return SSH_ERROR;
} }
r = packet_send(msg->session); r = packet_send(session);
if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_out){ if(session->current_crypto && session->current_crypto->delayed_compress_out){
ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT"); ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT");
msg->session->current_crypto->do_compress_out=1; session->current_crypto->do_compress_out=1;
} }
if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_in){ if(session->current_crypto && session->current_crypto->delayed_compress_in){
ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN"); ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN");
msg->session->current_crypto->do_compress_in=1; session->current_crypto->do_compress_in=1;
} }
return r; return r;
} }
int ssh_message_auth_reply_success(ssh_message msg, int partial) {
if(msg == NULL)
return SSH_ERROR;
return ssh_auth_reply_success(msg->session, partial);
}
/* Answer OK to a pubkey auth request */ /* Answer OK to a pubkey auth request */
int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey) { int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey) {
if (msg == NULL) { if (msg == NULL) {