Add ssh_send_issue_banner() API
Signed-off-by: Seung Min Park <smpark@pnpsecure.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
parent
332f1c2e09
commit
4978f30320
@ -49,6 +49,27 @@ static int tries = 0;
|
||||
static int error = 0;
|
||||
static ssh_channel chan=NULL;
|
||||
|
||||
static int auth_none(ssh_session session,
|
||||
const char *user,
|
||||
void *userdata)
|
||||
{
|
||||
ssh_string banner = NULL;
|
||||
|
||||
(void)user; /* unused */
|
||||
(void)userdata; /* unused */
|
||||
|
||||
ssh_set_auth_methods(session,
|
||||
SSH_AUTH_METHOD_PASSWORD | SSH_AUTH_METHOD_GSSAPI_MIC);
|
||||
|
||||
banner = ssh_string_from_char("Banner Example\n");
|
||||
if (banner != NULL) {
|
||||
ssh_send_issue_banner(session, banner);
|
||||
}
|
||||
ssh_string_free(banner);
|
||||
|
||||
return SSH_AUTH_DENIED;
|
||||
}
|
||||
|
||||
static int auth_password(ssh_session session, const char *user,
|
||||
const char *password, void *userdata){
|
||||
(void)userdata;
|
||||
@ -242,6 +263,7 @@ int main(int argc, char **argv){
|
||||
ssh_event mainloop;
|
||||
struct ssh_server_callbacks_struct cb = {
|
||||
.userdata = NULL,
|
||||
.auth_none_function = auth_none,
|
||||
.auth_password_function = auth_password,
|
||||
#ifdef WITH_GSSAPI
|
||||
.auth_gssapi_mic_function = auth_gssapi_mic,
|
||||
|
@ -245,6 +245,18 @@ LIBSSH_API void ssh_bind_free(ssh_bind ssh_bind_o);
|
||||
*/
|
||||
LIBSSH_API void ssh_set_auth_methods(ssh_session session, int auth_methods);
|
||||
|
||||
/**
|
||||
* @brief Send the server's issue-banner to client.
|
||||
*
|
||||
*
|
||||
* @param[in] session The server session.
|
||||
*
|
||||
* @param[in] banner The server's banner.
|
||||
*
|
||||
* @return SSH_OK on success, SSH_ERROR on error.
|
||||
*/
|
||||
LIBSSH_API int ssh_send_issue_banner(ssh_session session, const ssh_string banner);
|
||||
|
||||
/**********************************************************
|
||||
* SERVER MESSAGING
|
||||
**********************************************************/
|
||||
|
24
src/server.c
24
src/server.c
@ -524,6 +524,30 @@ void ssh_set_auth_methods(ssh_session session, int auth_methods)
|
||||
session->auth.supported_methods = (uint32_t)auth_methods & 0x3fU;
|
||||
}
|
||||
|
||||
int ssh_send_issue_banner(ssh_session session, const ssh_string banner)
|
||||
{
|
||||
int rc = SSH_ERROR;
|
||||
|
||||
if (session == NULL) {
|
||||
return SSH_ERROR;
|
||||
}
|
||||
|
||||
SSH_LOG(SSH_LOG_PACKET,
|
||||
"Sending a server issue banner");
|
||||
|
||||
rc = ssh_buffer_pack(session->out_buffer,
|
||||
"bS",
|
||||
SSH2_MSG_USERAUTH_BANNER,
|
||||
banner);
|
||||
if (rc != SSH_OK) {
|
||||
ssh_set_error_oom(session);
|
||||
return SSH_ERROR;
|
||||
}
|
||||
|
||||
rc = ssh_packet_send(session);
|
||||
return rc;
|
||||
}
|
||||
|
||||
/* Do the banner and key exchange */
|
||||
int ssh_handle_key_exchange(ssh_session session) {
|
||||
int rc;
|
||||
|
@ -51,6 +51,40 @@
|
||||
#include <util.h>
|
||||
#endif
|
||||
|
||||
int auth_none_cb(UNUSED_PARAM(ssh_session session),
|
||||
const char *user,
|
||||
void *userdata)
|
||||
{
|
||||
struct session_data_st *sdata = NULL;
|
||||
ssh_string banner = NULL;
|
||||
|
||||
sdata = (struct session_data_st *)userdata;
|
||||
if (sdata == NULL) {
|
||||
fprintf(stderr, "Error: NULL userdata\n");
|
||||
goto denied;
|
||||
}
|
||||
|
||||
if (sdata->username == NULL) {
|
||||
fprintf(stderr, "Error: expected username not set\n");
|
||||
goto denied;
|
||||
}
|
||||
|
||||
printf("None authentication of user %s\n", user);
|
||||
|
||||
/* Send the banner */
|
||||
banner = ssh_string_from_char(SSHD_BANNER_MESSAGE);
|
||||
if (banner == NULL) {
|
||||
goto denied;
|
||||
}
|
||||
if (ssh_send_issue_banner(session, banner) == SSH_ERROR) {
|
||||
fprintf(stderr, "Error: Failed to send the banner.\n");
|
||||
goto denied;
|
||||
}
|
||||
denied:
|
||||
ssh_string_free(banner);
|
||||
return SSH_AUTH_DENIED;
|
||||
}
|
||||
|
||||
int auth_pubkey_cb(UNUSED_PARAM(ssh_session session),
|
||||
const char *user,
|
||||
UNUSED_PARAM(struct ssh_key_struct *pubkey),
|
||||
@ -743,6 +777,7 @@ struct ssh_server_callbacks_struct *get_default_server_cb(void)
|
||||
goto end;
|
||||
}
|
||||
|
||||
cb->auth_none_function = auth_none_cb;
|
||||
cb->auth_password_function = auth_password_cb;
|
||||
cb->auth_pubkey_function = auth_pubkey_cb;
|
||||
cb->channel_open_request_session_function = channel_new_session_cb;
|
||||
|
@ -32,6 +32,8 @@
|
||||
#define SSHD_DEFAULT_ADDRESS "127.0.0.1"
|
||||
#define SSHD_DEFAULT_PCAP_FILE "debug.server.pcap"
|
||||
|
||||
#define SSHD_BANNER_MESSAGE "Test Banner Message\nlibssh-send-banner\n"
|
||||
|
||||
#ifndef KEYS_FOLDER
|
||||
#ifdef _WIN32
|
||||
#define KEYS_FOLDER
|
||||
|
@ -174,6 +174,7 @@ static void torture_server_auth_none(void **state)
|
||||
struct test_server_st *tss = *state;
|
||||
struct torture_state *s = NULL;
|
||||
ssh_session session = NULL;
|
||||
char *banner = NULL;
|
||||
int rc;
|
||||
|
||||
assert_non_null(tss);
|
||||
@ -193,6 +194,11 @@ static void torture_server_auth_none(void **state)
|
||||
rc = ssh_userauth_none(session, NULL);
|
||||
assert_int_equal(rc, SSH_AUTH_DENIED);
|
||||
|
||||
banner = ssh_get_issue_banner(session);
|
||||
assert_string_equal(banner, SSHD_BANNER_MESSAGE);
|
||||
free(banner);
|
||||
banner = NULL;
|
||||
|
||||
/* This request should return a SSH_REQUEST_DENIED error */
|
||||
if (rc == SSH_ERROR) {
|
||||
assert_int_equal(ssh_get_error_code(session), SSH_REQUEST_DENIED);
|
||||
|
Loading…
Reference in New Issue
Block a user