server: move message-specific call to ssh_*
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
родитель
3b52e38a33
Коммит
1246ad812c
57
src/server.c
57
src/server.c
@ -524,6 +524,17 @@ static int ssh_server_kex_termination(void *s){
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Set the acceptable authentication methods to be sent to
|
||||||
|
* client.
|
||||||
|
* @param[in] session the SSH server session
|
||||||
|
* @param[in] Bitfield of authentication methods to be accepted,
|
||||||
|
* e.g. SSH_AUTH_METHOD_PUBLICKEY
|
||||||
|
*/
|
||||||
|
void ssh_set_auth_methods(ssh_session session, int auth_methods){
|
||||||
|
/* accept only methods in range */
|
||||||
|
session->auth_methods = auth_methods & 0x3f;
|
||||||
|
}
|
||||||
|
|
||||||
/* Do the banner and key exchange */
|
/* Do the banner and key exchange */
|
||||||
int ssh_handle_key_exchange(ssh_session session) {
|
int ssh_handle_key_exchange(ssh_session session) {
|
||||||
int rc;
|
int rc;
|
||||||
@ -564,8 +575,10 @@ int ssh_handle_key_exchange(ssh_session session) {
|
|||||||
|
|
||||||
/* messages */
|
/* messages */
|
||||||
|
|
||||||
static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
|
/** @internal
|
||||||
ssh_session session = msg->session;
|
* replies to an SSH_AUTH packet with a default (denied) response.
|
||||||
|
*/
|
||||||
|
int ssh_auth_reply_default(ssh_session session,int partial) {
|
||||||
char methods_c[128] = {0};
|
char methods_c[128] = {0};
|
||||||
ssh_string methods = NULL;
|
ssh_string methods = NULL;
|
||||||
int rc = SSH_ERROR;
|
int rc = SSH_ERROR;
|
||||||
@ -583,6 +596,10 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
|
|||||||
strncat(methods_c, "publickey,",
|
strncat(methods_c, "publickey,",
|
||||||
sizeof(methods_c) - strlen(methods_c) - 1);
|
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||||
}
|
}
|
||||||
|
if (session->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC){
|
||||||
|
strncat(methods_c,"gssapi-with-mic,",
|
||||||
|
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||||
|
}
|
||||||
if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
|
if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
|
||||||
strncat(methods_c, "keyboard-interactive,",
|
strncat(methods_c, "keyboard-interactive,",
|
||||||
sizeof(methods_c) - strlen(methods_c) - 1);
|
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||||
@ -611,7 +628,7 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
|
|||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (buffer_add_ssh_string(msg->session->out_buffer, methods) < 0) {
|
if (buffer_add_ssh_string(session->out_buffer, methods) < 0) {
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -625,7 +642,7 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = packet_send(msg->session);
|
rc = packet_send(session);
|
||||||
error:
|
error:
|
||||||
ssh_string_free(methods);
|
ssh_string_free(methods);
|
||||||
|
|
||||||
@ -774,7 +791,7 @@ int ssh_message_reply_default(ssh_message msg) {
|
|||||||
|
|
||||||
switch(msg->type) {
|
switch(msg->type) {
|
||||||
case SSH_REQUEST_AUTH:
|
case SSH_REQUEST_AUTH:
|
||||||
return ssh_message_auth_reply_default(msg, 0);
|
return ssh_auth_reply_default(msg->session, 0);
|
||||||
case SSH_REQUEST_CHANNEL_OPEN:
|
case SSH_REQUEST_CHANNEL_OPEN:
|
||||||
return ssh_message_channel_request_open_reply_default(msg);
|
return ssh_message_channel_request_open_reply_default(msg);
|
||||||
case SSH_REQUEST_CHANNEL:
|
case SSH_REQUEST_CHANNEL:
|
||||||
@ -1005,33 +1022,39 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
int ssh_message_auth_reply_success(ssh_message msg, int partial) {
|
int ssh_auth_reply_success(ssh_session session, int partial) {
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if (msg == NULL) {
|
if (session == NULL) {
|
||||||
return SSH_ERROR;
|
return SSH_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (partial) {
|
if (partial) {
|
||||||
return ssh_message_auth_reply_default(msg, partial);
|
return ssh_auth_reply_default(session, partial);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (buffer_add_u8(msg->session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) {
|
if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) {
|
||||||
return SSH_ERROR;
|
return SSH_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = packet_send(msg->session);
|
r = packet_send(session);
|
||||||
if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_out){
|
if(session->current_crypto && session->current_crypto->delayed_compress_out){
|
||||||
ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT");
|
ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT");
|
||||||
msg->session->current_crypto->do_compress_out=1;
|
session->current_crypto->do_compress_out=1;
|
||||||
}
|
}
|
||||||
if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_in){
|
if(session->current_crypto && session->current_crypto->delayed_compress_in){
|
||||||
ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN");
|
ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN");
|
||||||
msg->session->current_crypto->do_compress_in=1;
|
session->current_crypto->do_compress_in=1;
|
||||||
}
|
}
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int ssh_message_auth_reply_success(ssh_message msg, int partial) {
|
||||||
|
if(msg == NULL)
|
||||||
|
return SSH_ERROR;
|
||||||
|
return ssh_auth_reply_success(msg->session, partial);
|
||||||
|
}
|
||||||
|
|
||||||
/* Answer OK to a pubkey auth request */
|
/* Answer OK to a pubkey auth request */
|
||||||
int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey) {
|
int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey) {
|
||||||
if (msg == NULL) {
|
if (msg == NULL) {
|
||||||
|
Загрузка…
Ссылка в новой задаче
Block a user