gssapi: set error state when GSSAPI auth fails
When errors occurred, the session auth state was not being updated, leading to failures due to the wrong state in following authentication methods. Fixes T56 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
родитель
d85827f646
Коммит
18dd902307
50
src/gssapi.c
50
src/gssapi.c
@ -763,9 +763,15 @@ int ssh_gssapi_auth_mic(ssh_session session){
|
|||||||
}
|
}
|
||||||
|
|
||||||
static gss_OID ssh_gssapi_oid_from_string(ssh_string oid_s){
|
static gss_OID ssh_gssapi_oid_from_string(ssh_string oid_s){
|
||||||
gss_OID ret = malloc(sizeof (gss_OID_desc));
|
gss_OID ret;
|
||||||
unsigned char *data = ssh_string_data(oid_s);
|
unsigned char *data = ssh_string_data(oid_s);
|
||||||
size_t len = ssh_string_len(oid_s);
|
size_t len = ssh_string_len(oid_s);
|
||||||
|
|
||||||
|
ret = malloc(sizeof(gss_OID_desc));
|
||||||
|
if (ret == NULL) {
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (len > 256 || len <= 2) {
|
if (len > 256 || len <= 2) {
|
||||||
SAFE_FREE(ret);
|
SAFE_FREE(ret);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -777,6 +783,7 @@ static gss_OID ssh_gssapi_oid_from_string(ssh_string oid_s){
|
|||||||
ret->elements = malloc(len - 2);
|
ret->elements = malloc(len - 2);
|
||||||
memcpy(ret->elements, &data[2], len-2);
|
memcpy(ret->elements, &data[2], len-2);
|
||||||
ret->length = len-2;
|
ret->length = len-2;
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -792,18 +799,19 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
|
|||||||
SSH_LOG(SSH_LOG_PACKET, "Received SSH_USERAUTH_GSSAPI_RESPONSE");
|
SSH_LOG(SSH_LOG_PACKET, "Received SSH_USERAUTH_GSSAPI_RESPONSE");
|
||||||
if (session->auth_state != SSH_AUTH_STATE_GSSAPI_REQUEST_SENT){
|
if (session->auth_state != SSH_AUTH_STATE_GSSAPI_REQUEST_SENT){
|
||||||
ssh_set_error(session, SSH_FATAL, "Invalid state in ssh_packet_userauth_gssapi_response");
|
ssh_set_error(session, SSH_FATAL, "Invalid state in ssh_packet_userauth_gssapi_response");
|
||||||
return SSH_PACKET_USED;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
oid_s = ssh_buffer_get_ssh_string(packet);
|
oid_s = ssh_buffer_get_ssh_string(packet);
|
||||||
if (!oid_s){
|
if (!oid_s){
|
||||||
ssh_set_error(session, SSH_FATAL, "Missing OID");
|
ssh_set_error(session, SSH_FATAL, "Missing OID");
|
||||||
return SSH_PACKET_USED;
|
goto error;
|
||||||
}
|
}
|
||||||
session->gssapi->client.oid = ssh_gssapi_oid_from_string(oid_s);
|
session->gssapi->client.oid = ssh_gssapi_oid_from_string(oid_s);
|
||||||
ssh_string_free(oid_s);
|
ssh_string_free(oid_s);
|
||||||
if (!session->gssapi->client.oid) {
|
if (!session->gssapi->client.oid) {
|
||||||
ssh_set_error(session, SSH_FATAL, "Invalid OID");
|
ssh_set_error(session, SSH_FATAL, "Invalid OID");
|
||||||
return SSH_PACKET_USED;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
session->gssapi->client.flags = GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG;
|
session->gssapi->client.flags = GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG;
|
||||||
@ -825,7 +833,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
|
|||||||
"Initializing gssapi context",
|
"Initializing gssapi context",
|
||||||
maj_stat,
|
maj_stat,
|
||||||
min_stat);
|
min_stat);
|
||||||
return SSH_PACKET_USED;
|
goto error;
|
||||||
}
|
}
|
||||||
if (output_token.length != 0){
|
if (output_token.length != 0){
|
||||||
hexa = ssh_get_hexa(output_token.value, output_token.length);
|
hexa = ssh_get_hexa(output_token.value, output_token.length);
|
||||||
@ -840,6 +848,12 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
|
|||||||
session->auth_state = SSH_AUTH_STATE_GSSAPI_TOKEN;
|
session->auth_state = SSH_AUTH_STATE_GSSAPI_TOKEN;
|
||||||
}
|
}
|
||||||
return SSH_PACKET_USED;
|
return SSH_PACKET_USED;
|
||||||
|
|
||||||
|
error:
|
||||||
|
session->auth_state = SSH_AUTH_STATE_ERROR;
|
||||||
|
ssh_gssapi_free(session);
|
||||||
|
session->gssapi = NULL;
|
||||||
|
return SSH_PACKET_USED;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ssh_gssapi_send_mic(ssh_session session){
|
static int ssh_gssapi_send_mic(ssh_session session){
|
||||||
@ -859,7 +873,8 @@ static int ssh_gssapi_send_mic(ssh_session session){
|
|||||||
mic_buf.length = ssh_buffer_get_len(mic_buffer);
|
mic_buf.length = ssh_buffer_get_len(mic_buffer);
|
||||||
mic_buf.value = ssh_buffer_get(mic_buffer);
|
mic_buf.value = ssh_buffer_get(mic_buffer);
|
||||||
|
|
||||||
maj_stat = gss_get_mic(&min_stat,session->gssapi->ctx, GSS_C_QOP_DEFAULT, &mic_buf, &mic_token_buf);
|
maj_stat = gss_get_mic(&min_stat,session->gssapi->ctx, GSS_C_QOP_DEFAULT,
|
||||||
|
&mic_buf, &mic_token_buf);
|
||||||
if (GSS_ERROR(maj_stat)){
|
if (GSS_ERROR(maj_stat)){
|
||||||
ssh_buffer_free(mic_buffer);
|
ssh_buffer_free(mic_buffer);
|
||||||
ssh_gssapi_log_error(SSH_LOG_PROTOCOL,
|
ssh_gssapi_log_error(SSH_LOG_PROTOCOL,
|
||||||
@ -893,15 +908,18 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
|
|||||||
|
|
||||||
SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_USERAUTH_GSSAPI_TOKEN");
|
SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_USERAUTH_GSSAPI_TOKEN");
|
||||||
if (!session->gssapi || session->auth_state != SSH_AUTH_STATE_GSSAPI_TOKEN) {
|
if (!session->gssapi || session->auth_state != SSH_AUTH_STATE_GSSAPI_TOKEN) {
|
||||||
ssh_set_error(session, SSH_FATAL, "Received SSH_MSG_USERAUTH_GSSAPI_TOKEN in invalid state");
|
ssh_set_error(session, SSH_FATAL,
|
||||||
return SSH_PACKET_USED;
|
"Received SSH_MSG_USERAUTH_GSSAPI_TOKEN in invalid state");
|
||||||
|
goto error;
|
||||||
}
|
}
|
||||||
token = ssh_buffer_get_ssh_string(packet);
|
token = ssh_buffer_get_ssh_string(packet);
|
||||||
|
|
||||||
if (token == NULL){
|
if (token == NULL){
|
||||||
ssh_set_error(session, SSH_REQUEST_DENIED, "ssh_packet_userauth_gssapi_token: invalid packet");
|
ssh_set_error(session, SSH_REQUEST_DENIED,
|
||||||
return SSH_PACKET_USED;
|
"ssh_packet_userauth_gssapi_token: invalid packet");
|
||||||
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
hexa = ssh_get_hexa(ssh_string_data(token),ssh_string_len(token));
|
hexa = ssh_get_hexa(ssh_string_data(token),ssh_string_len(token));
|
||||||
SSH_LOG(SSH_LOG_PACKET, "GSSAPI Token : %s",hexa);
|
SSH_LOG(SSH_LOG_PACKET, "GSSAPI Token : %s",hexa);
|
||||||
SAFE_FREE(hexa);
|
SAFE_FREE(hexa);
|
||||||
@ -926,9 +944,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
|
|||||||
"Gssapi error",
|
"Gssapi error",
|
||||||
maj_stat,
|
maj_stat,
|
||||||
min_stat);
|
min_stat);
|
||||||
ssh_gssapi_free(session);
|
goto error;
|
||||||
session->gssapi=NULL;
|
|
||||||
return SSH_PACKET_USED;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (output_token.length != 0) {
|
if (output_token.length != 0) {
|
||||||
@ -942,9 +958,17 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
|
|||||||
(size_t)output_token.length, output_token.value);
|
(size_t)output_token.length, output_token.value);
|
||||||
ssh_packet_send(session);
|
ssh_packet_send(session);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (maj_stat == GSS_S_COMPLETE) {
|
if (maj_stat == GSS_S_COMPLETE) {
|
||||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||||
ssh_gssapi_send_mic(session);
|
ssh_gssapi_send_mic(session);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return SSH_PACKET_USED;
|
||||||
|
|
||||||
|
error:
|
||||||
|
session->auth_state = SSH_AUTH_STATE_ERROR;
|
||||||
|
ssh_gssapi_free(session);
|
||||||
|
session->gssapi = NULL;
|
||||||
return SSH_PACKET_USED;
|
return SSH_PACKET_USED;
|
||||||
}
|
}
|
||||||
|
Загрузка…
x
Ссылка в новой задаче
Block a user