session: Group auth variables in a struct
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
Andreas Schneider
родитель
ae3825dfb2
Коммит
73c9d60e5a
@ -128,11 +128,15 @@ struct ssh_session_struct {
|
||||
enum ssh_session_state_e session_state;
|
||||
int packet_state;
|
||||
enum ssh_dh_state_e dh_handshake_state;
|
||||
enum ssh_auth_service_state_e auth_service_state;
|
||||
enum ssh_auth_state_e auth_state;
|
||||
enum ssh_channel_request_state_e global_req_state;
|
||||
struct ssh_agent_state_struct *agent_state;
|
||||
struct ssh_auth_auto_state_struct *auth_auto_state;
|
||||
|
||||
struct {
|
||||
struct ssh_auth_auto_state_struct *auto_state;
|
||||
enum ssh_auth_service_state_e service_state;
|
||||
enum ssh_auth_state_e state;
|
||||
uint32_t supported_methods;
|
||||
} auth;
|
||||
|
||||
/*
|
||||
* RFC 4253, 7.1: if the first_kex_packet_follows flag was set in
|
||||
@ -167,8 +171,8 @@ struct ssh_session_struct {
|
||||
/* The type of host key wanted by client */
|
||||
enum ssh_keytypes_e hostkey;
|
||||
} srv;
|
||||
|
||||
/* auths accepted by server */
|
||||
int auth_methods;
|
||||
struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
|
||||
int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
|
||||
void *ssh_message_callback_data;
|
||||
|
||||
75
src/auth.c
75
src/auth.c
@ -79,7 +79,7 @@ static int ssh_userauth_request_service(ssh_session session) {
|
||||
|
||||
static int ssh_auth_response_termination(void *user) {
|
||||
ssh_session session = (ssh_session)user;
|
||||
switch (session->auth_state) {
|
||||
switch (session->auth.state) {
|
||||
case SSH_AUTH_STATE_NONE:
|
||||
case SSH_AUTH_STATE_KBDINT_SENT:
|
||||
case SSH_AUTH_STATE_GSSAPI_REQUEST_SENT:
|
||||
@ -116,7 +116,7 @@ static int ssh_userauth_get_response(ssh_session session) {
|
||||
return SSH_AUTH_AGAIN;
|
||||
}
|
||||
|
||||
switch(session->auth_state) {
|
||||
switch(session->auth.state) {
|
||||
case SSH_AUTH_STATE_ERROR:
|
||||
rc = SSH_AUTH_ERROR;
|
||||
break;
|
||||
@ -191,17 +191,17 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure) {
|
||||
if (rc != SSH_OK) {
|
||||
ssh_set_error(session, SSH_FATAL,
|
||||
"Invalid SSH_MSG_USERAUTH_FAILURE message");
|
||||
session->auth_state=SSH_AUTH_STATE_ERROR;
|
||||
session->auth.state = SSH_AUTH_STATE_ERROR;
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (partial) {
|
||||
session->auth_state=SSH_AUTH_STATE_PARTIAL;
|
||||
session->auth.state = SSH_AUTH_STATE_PARTIAL;
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Partial success. Authentication that can continue: %s",
|
||||
auth_methods);
|
||||
} else {
|
||||
session->auth_state=SSH_AUTH_STATE_FAILED;
|
||||
session->auth.state = SSH_AUTH_STATE_FAILED;
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Access denied. Authentication that can continue: %s",
|
||||
auth_methods);
|
||||
@ -210,21 +210,21 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure) {
|
||||
auth_methods);
|
||||
|
||||
}
|
||||
session->auth_methods = 0;
|
||||
session->auth.supported_methods = 0;
|
||||
if (strstr(auth_methods, "password") != NULL) {
|
||||
session->auth_methods |= SSH_AUTH_METHOD_PASSWORD;
|
||||
session->auth.supported_methods |= SSH_AUTH_METHOD_PASSWORD;
|
||||
}
|
||||
if (strstr(auth_methods, "keyboard-interactive") != NULL) {
|
||||
session->auth_methods |= SSH_AUTH_METHOD_INTERACTIVE;
|
||||
session->auth.supported_methods |= SSH_AUTH_METHOD_INTERACTIVE;
|
||||
}
|
||||
if (strstr(auth_methods, "publickey") != NULL) {
|
||||
session->auth_methods |= SSH_AUTH_METHOD_PUBLICKEY;
|
||||
session->auth.supported_methods |= SSH_AUTH_METHOD_PUBLICKEY;
|
||||
}
|
||||
if (strstr(auth_methods, "hostbased") != NULL) {
|
||||
session->auth_methods |= SSH_AUTH_METHOD_HOSTBASED;
|
||||
session->auth.supported_methods |= SSH_AUTH_METHOD_HOSTBASED;
|
||||
}
|
||||
if (strstr(auth_methods, "gssapi-with-mic") != NULL) {
|
||||
session->auth_methods |= SSH_AUTH_METHOD_GSSAPI_MIC;
|
||||
session->auth.supported_methods |= SSH_AUTH_METHOD_GSSAPI_MIC;
|
||||
}
|
||||
|
||||
end:
|
||||
@ -248,7 +248,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_success) {
|
||||
SSH_LOG(SSH_LOG_DEBUG, "Authentication successful");
|
||||
SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_SUCCESS");
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_SUCCESS;
|
||||
session->auth.state = SSH_AUTH_STATE_SUCCESS;
|
||||
session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
|
||||
session->flags |= SSH_SESSION_FLAG_AUTHENTICATED;
|
||||
|
||||
@ -277,17 +277,17 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok) {
|
||||
|
||||
SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_PK_OK/INFO_REQUEST/GSSAPI_RESPONSE");
|
||||
|
||||
if (session->auth_state==SSH_AUTH_STATE_KBDINT_SENT) {
|
||||
if (session->auth.state == SSH_AUTH_STATE_KBDINT_SENT) {
|
||||
/* Assuming we are in keyboard-interactive context */
|
||||
SSH_LOG(SSH_LOG_TRACE,
|
||||
"keyboard-interactive context, assuming SSH_USERAUTH_INFO_REQUEST");
|
||||
rc = ssh_packet_userauth_info_request(session,type,packet,user);
|
||||
#ifdef WITH_GSSAPI
|
||||
} else if (session->auth_state == SSH_AUTH_STATE_GSSAPI_REQUEST_SENT) {
|
||||
} else if (session->auth.state == SSH_AUTH_STATE_GSSAPI_REQUEST_SENT) {
|
||||
rc = ssh_packet_userauth_gssapi_response(session, type, packet, user);
|
||||
#endif
|
||||
} else {
|
||||
session->auth_state = SSH_AUTH_STATE_PK_OK;
|
||||
session->auth.state = SSH_AUTH_STATE_PK_OK;
|
||||
SSH_LOG(SSH_LOG_TRACE, "Assuming SSH_USERAUTH_PK_OK");
|
||||
rc = SSH_PACKET_USED;
|
||||
}
|
||||
@ -323,7 +323,7 @@ int ssh_userauth_list(ssh_session session, const char *username)
|
||||
return 0;
|
||||
}
|
||||
|
||||
return session->auth_methods;
|
||||
return session->auth.supported_methods;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -378,7 +378,7 @@ int ssh_userauth_none(ssh_session session, const char *username) {
|
||||
goto fail;
|
||||
}
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_NONE;
|
||||
rc = ssh_packet_send(session);
|
||||
if (rc == SSH_ERROR) {
|
||||
@ -485,7 +485,7 @@ int ssh_userauth_try_publickey(ssh_session session,
|
||||
|
||||
ssh_string_free(pubkey_s);
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_OFFER_PUBKEY;
|
||||
rc = ssh_packet_send(session);
|
||||
if (rc == SSH_ERROR) {
|
||||
@ -605,7 +605,7 @@ int ssh_userauth_publickey(ssh_session session,
|
||||
goto fail;
|
||||
}
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_PUBKEY;
|
||||
rc = ssh_packet_send(session);
|
||||
if (rc == SSH_ERROR) {
|
||||
@ -690,7 +690,7 @@ static int ssh_userauth_agent_publickey(ssh_session session,
|
||||
goto fail;
|
||||
}
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_AGENT;
|
||||
rc = ssh_packet_send(session);
|
||||
if (rc == SSH_ERROR) {
|
||||
@ -905,23 +905,22 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
return SSH_AUTH_ERROR;
|
||||
}
|
||||
if (! (session->opts.flags & SSH_OPT_FLAG_PUBKEY_AUTH)) {
|
||||
session->auth_methods &= ~SSH_AUTH_METHOD_PUBLICKEY;
|
||||
session->auth.supported_methods &= ~SSH_AUTH_METHOD_PUBLICKEY;
|
||||
return SSH_AUTH_DENIED;
|
||||
}
|
||||
if (session->common.callbacks) {
|
||||
auth_fn = session->common.callbacks->auth_function;
|
||||
auth_data = session->common.callbacks->userdata;
|
||||
}
|
||||
if (!session->auth_auto_state) {
|
||||
session->auth_auto_state =
|
||||
malloc(sizeof(struct ssh_auth_auto_state_struct));
|
||||
if (!session->auth_auto_state) {
|
||||
if (!session->auth.auto_state) {
|
||||
session->auth.auto_state =
|
||||
calloc(1, sizeof(struct ssh_auth_auto_state_struct));
|
||||
if (!session->auth.auto_state) {
|
||||
ssh_set_error_oom(session);
|
||||
return SSH_AUTH_ERROR;
|
||||
}
|
||||
ZERO_STRUCTP(session->auth_auto_state);
|
||||
}
|
||||
state = session->auth_auto_state;
|
||||
state = session->auth.auto_state;
|
||||
if (state->state == SSH_AUTH_AUTO_STATE_NONE) {
|
||||
#ifndef _WIN32
|
||||
/* Try authentication with ssh-agent first */
|
||||
@ -954,7 +953,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
SSH_FATAL,
|
||||
"Failed to import public key: %s",
|
||||
pubkey_file);
|
||||
SAFE_FREE(session->auth_auto_state);
|
||||
SAFE_FREE(session->auth.auto_state);
|
||||
return SSH_AUTH_ERROR;
|
||||
} else if (rc == SSH_EOF) {
|
||||
/* Read the private key and save the public key to file */
|
||||
@ -982,7 +981,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
rc = ssh_pki_export_privkey_to_pubkey(state->privkey, &state->pubkey);
|
||||
if (rc == SSH_ERROR) {
|
||||
ssh_key_free(state->privkey);
|
||||
SAFE_FREE(session->auth_auto_state);
|
||||
SAFE_FREE(session->auth.auto_state);
|
||||
return SSH_AUTH_ERROR;
|
||||
}
|
||||
|
||||
@ -1003,7 +1002,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
privkey_file);
|
||||
ssh_key_free(state->privkey);
|
||||
ssh_key_free(state->pubkey);
|
||||
SAFE_FREE(session->auth_auto_state);
|
||||
SAFE_FREE(session->auth.auto_state);
|
||||
return rc;
|
||||
} else if (rc == SSH_AUTH_AGAIN) {
|
||||
return rc;
|
||||
@ -1056,7 +1055,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
if (rc != SSH_AUTH_AGAIN && rc != SSH_AUTH_DENIED) {
|
||||
ssh_key_free(state->privkey);
|
||||
ssh_key_free(state->pubkey);
|
||||
SAFE_FREE(session->auth_auto_state);
|
||||
SAFE_FREE(session->auth.auto_state);
|
||||
if (rc == SSH_AUTH_SUCCESS) {
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Successfully authenticated using %s",
|
||||
@ -1077,7 +1076,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
}
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Tried every public key, none matched");
|
||||
SAFE_FREE(session->auth_auto_state);
|
||||
SAFE_FREE(session->auth.auto_state);
|
||||
return SSH_AUTH_DENIED;
|
||||
}
|
||||
|
||||
@ -1151,7 +1150,7 @@ int ssh_userauth_password(ssh_session session,
|
||||
goto fail;
|
||||
}
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_OFFER_PUBKEY;
|
||||
rc = ssh_packet_send(session);
|
||||
if (rc == SSH_ERROR) {
|
||||
@ -1323,7 +1322,7 @@ static int ssh_userauth_kbdint_init(ssh_session session,
|
||||
}
|
||||
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_KBDINT_SENT;
|
||||
session->auth.state = SSH_AUTH_STATE_KBDINT_SENT;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_KBDINT_INIT;
|
||||
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
@ -1382,7 +1381,7 @@ static int ssh_userauth_kbdint_send(ssh_session session)
|
||||
}
|
||||
}
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_KBDINT_SENT;
|
||||
session->auth.state = SSH_AUTH_STATE_KBDINT_SENT;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_KBDINT_SEND;
|
||||
ssh_kbdint_free(session->kbdint);
|
||||
session->kbdint = NULL;
|
||||
@ -1495,7 +1494,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request) {
|
||||
return SSH_PACKET_USED;
|
||||
}
|
||||
}
|
||||
session->auth_state=SSH_AUTH_STATE_INFO;
|
||||
session->auth.state=SSH_AUTH_STATE_INFO;
|
||||
|
||||
return SSH_PACKET_USED;
|
||||
}
|
||||
@ -1795,12 +1794,12 @@ int ssh_userauth_gssapi(ssh_session session) {
|
||||
return SSH_AUTH_ERROR;
|
||||
}
|
||||
SSH_LOG(SSH_LOG_PROTOCOL, "Authenticating with gssapi-with-mic");
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_GSSAPI_MIC;
|
||||
rc = ssh_gssapi_auth_mic(session);
|
||||
|
||||
if (rc == SSH_AUTH_ERROR || rc == SSH_AUTH_DENIED) {
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_NONE;
|
||||
return rc;
|
||||
}
|
||||
|
||||
10
src/client.c
10
src/client.c
@ -295,7 +295,7 @@ static int dh_handshake(ssh_session session) {
|
||||
static int ssh_service_request_termination(void *s){
|
||||
ssh_session session = (ssh_session)s;
|
||||
if(session->session_state == SSH_SESSION_STATE_ERROR ||
|
||||
session->auth_service_state != SSH_AUTH_SERVICE_SENT)
|
||||
session->auth.service_state != SSH_AUTH_SERVICE_SENT)
|
||||
return 1;
|
||||
else
|
||||
return 0;
|
||||
@ -319,7 +319,7 @@ static int ssh_service_request_termination(void *s){
|
||||
int ssh_service_request(ssh_session session, const char *service) {
|
||||
int rc=SSH_ERROR;
|
||||
|
||||
if(session->auth_service_state != SSH_AUTH_SERVICE_NONE)
|
||||
if(session->auth.service_state != SSH_AUTH_SERVICE_NONE)
|
||||
goto pending;
|
||||
|
||||
rc = ssh_buffer_pack(session->out_buffer,
|
||||
@ -330,7 +330,7 @@ int ssh_service_request(ssh_session session, const char *service) {
|
||||
ssh_set_error_oom(session);
|
||||
return SSH_ERROR;
|
||||
}
|
||||
session->auth_service_state=SSH_AUTH_SERVICE_SENT;
|
||||
session->auth.service_state = SSH_AUTH_SERVICE_SENT;
|
||||
if (ssh_packet_send(session) == SSH_ERROR) {
|
||||
ssh_set_error(session, SSH_FATAL,
|
||||
"Sending SSH2_MSG_SERVICE_REQUEST failed.");
|
||||
@ -345,7 +345,7 @@ pending:
|
||||
if (rc == SSH_ERROR) {
|
||||
return SSH_ERROR;
|
||||
}
|
||||
switch(session->auth_service_state){
|
||||
switch(session->auth.service_state) {
|
||||
case SSH_AUTH_SERVICE_DENIED:
|
||||
ssh_set_error(session,SSH_FATAL,"ssh_auth_service request denied");
|
||||
break;
|
||||
@ -700,7 +700,7 @@ error:
|
||||
if (session->out_hashbuf) {
|
||||
ssh_buffer_reinit(session->out_hashbuf);
|
||||
}
|
||||
session->auth_methods = 0;
|
||||
session->auth.supported_methods = 0;
|
||||
SAFE_FREE(session->serverbanner);
|
||||
SAFE_FREE(session->clientbanner);
|
||||
|
||||
|
||||
14
src/gssapi.c
14
src/gssapi.c
@ -598,7 +598,7 @@ static int ssh_gssapi_send_auth_mic(ssh_session session, ssh_string *oid_set, in
|
||||
}
|
||||
}
|
||||
|
||||
session->auth_state = SSH_AUTH_STATE_GSSAPI_REQUEST_SENT;
|
||||
session->auth.state = SSH_AUTH_STATE_GSSAPI_REQUEST_SENT;
|
||||
return ssh_packet_send(session);
|
||||
fail:
|
||||
ssh_buffer_reinit(session->out_buffer);
|
||||
@ -797,7 +797,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
|
||||
(void)user;
|
||||
|
||||
SSH_LOG(SSH_LOG_PACKET, "Received SSH_USERAUTH_GSSAPI_RESPONSE");
|
||||
if (session->auth_state != SSH_AUTH_STATE_GSSAPI_REQUEST_SENT){
|
||||
if (session->auth.state != SSH_AUTH_STATE_GSSAPI_REQUEST_SENT){
|
||||
ssh_set_error(session, SSH_FATAL, "Invalid state in ssh_packet_userauth_gssapi_response");
|
||||
goto error;
|
||||
}
|
||||
@ -845,12 +845,12 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
|
||||
output_token.length,
|
||||
(size_t)output_token.length, output_token.value);
|
||||
ssh_packet_send(session);
|
||||
session->auth_state = SSH_AUTH_STATE_GSSAPI_TOKEN;
|
||||
session->auth.state = SSH_AUTH_STATE_GSSAPI_TOKEN;
|
||||
}
|
||||
return SSH_PACKET_USED;
|
||||
|
||||
error:
|
||||
session->auth_state = SSH_AUTH_STATE_ERROR;
|
||||
session->auth.state = SSH_AUTH_STATE_ERROR;
|
||||
ssh_gssapi_free(session);
|
||||
session->gssapi = NULL;
|
||||
return SSH_PACKET_USED;
|
||||
@ -907,7 +907,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
|
||||
(void)type;
|
||||
|
||||
SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_USERAUTH_GSSAPI_TOKEN");
|
||||
if (!session->gssapi || session->auth_state != SSH_AUTH_STATE_GSSAPI_TOKEN) {
|
||||
if (!session->gssapi || session->auth.state != SSH_AUTH_STATE_GSSAPI_TOKEN) {
|
||||
ssh_set_error(session, SSH_FATAL,
|
||||
"Received SSH_MSG_USERAUTH_GSSAPI_TOKEN in invalid state");
|
||||
goto error;
|
||||
@ -960,14 +960,14 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
|
||||
}
|
||||
|
||||
if (maj_stat == GSS_S_COMPLETE) {
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->auth.state = SSH_AUTH_STATE_NONE;
|
||||
ssh_gssapi_send_mic(session);
|
||||
}
|
||||
|
||||
return SSH_PACKET_USED;
|
||||
|
||||
error:
|
||||
session->auth_state = SSH_AUTH_STATE_ERROR;
|
||||
session->auth.state = SSH_AUTH_STATE_ERROR;
|
||||
ssh_gssapi_free(session);
|
||||
session->gssapi = NULL;
|
||||
return SSH_PACKET_USED;
|
||||
|
||||
@ -264,7 +264,7 @@ SSH_PACKET_CALLBACK(ssh_packet_service_accept){
|
||||
(void)type;
|
||||
(void)user;
|
||||
|
||||
session->auth_service_state=SSH_AUTH_SERVICE_ACCEPTED;
|
||||
session->auth.service_state = SSH_AUTH_SERVICE_ACCEPTED;
|
||||
SSH_LOG(SSH_LOG_PACKET,
|
||||
"Received SSH_MSG_SERVICE_ACCEPT");
|
||||
|
||||
|
||||
18
src/server.c
18
src/server.c
@ -574,7 +574,7 @@ static int ssh_server_kex_termination(void *s){
|
||||
|
||||
void ssh_set_auth_methods(ssh_session session, int auth_methods){
|
||||
/* accept only methods in range */
|
||||
session->auth_methods = auth_methods & 0x3f;
|
||||
session->auth.supported_methods = auth_methods & 0x3f;
|
||||
}
|
||||
|
||||
/* Do the banner and key exchange */
|
||||
@ -625,26 +625,26 @@ int ssh_auth_reply_default(ssh_session session,int partial) {
|
||||
int rc = SSH_ERROR;
|
||||
|
||||
|
||||
if (session->auth_methods == 0) {
|
||||
session->auth_methods = SSH_AUTH_METHOD_PUBLICKEY | SSH_AUTH_METHOD_PASSWORD;
|
||||
if (session->auth.supported_methods == 0) {
|
||||
session->auth.supported_methods = SSH_AUTH_METHOD_PUBLICKEY | SSH_AUTH_METHOD_PASSWORD;
|
||||
}
|
||||
if (session->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) {
|
||||
if (session->auth.supported_methods & SSH_AUTH_METHOD_PUBLICKEY) {
|
||||
strncat(methods_c, "publickey,",
|
||||
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||
}
|
||||
if (session->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC){
|
||||
if (session->auth.supported_methods & SSH_AUTH_METHOD_GSSAPI_MIC){
|
||||
strncat(methods_c,"gssapi-with-mic,",
|
||||
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||
}
|
||||
if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
|
||||
if (session->auth.supported_methods & SSH_AUTH_METHOD_INTERACTIVE) {
|
||||
strncat(methods_c, "keyboard-interactive,",
|
||||
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||
}
|
||||
if (session->auth_methods & SSH_AUTH_METHOD_PASSWORD) {
|
||||
if (session->auth.supported_methods & SSH_AUTH_METHOD_PASSWORD) {
|
||||
strncat(methods_c, "password,",
|
||||
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||
}
|
||||
if (session->auth_methods & SSH_AUTH_METHOD_HOSTBASED) {
|
||||
if (session->auth.supported_methods & SSH_AUTH_METHOD_HOSTBASED) {
|
||||
strncat(methods_c, "hostbased,",
|
||||
sizeof(methods_c) - strlen(methods_c) - 1);
|
||||
}
|
||||
@ -887,7 +887,7 @@ int ssh_message_auth_set_methods(ssh_message msg, int methods) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
msg->session->auth_methods = methods;
|
||||
msg->session->auth.supported_methods = methods;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -60,11 +60,10 @@ ssh_session ssh_new(void) {
|
||||
char *id = NULL;
|
||||
int rc;
|
||||
|
||||
session = malloc(sizeof (struct ssh_session_struct));
|
||||
session = calloc(1, sizeof (struct ssh_session_struct));
|
||||
if (session == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
ZERO_STRUCTP(session);
|
||||
|
||||
session->next_crypto = crypto_new();
|
||||
if (session->next_crypto == NULL) {
|
||||
@ -87,7 +86,7 @@ ssh_session ssh_new(void) {
|
||||
}
|
||||
|
||||
session->alive = 0;
|
||||
session->auth_methods = 0;
|
||||
session->auth.supported_methods = 0;
|
||||
ssh_set_blocking(session, 1);
|
||||
session->maxchannel = FIRST_CHANNEL;
|
||||
|
||||
@ -268,7 +267,7 @@ void ssh_free(ssh_session session) {
|
||||
#endif
|
||||
session->agent_state = NULL;
|
||||
|
||||
SAFE_FREE(session->auth_auto_state);
|
||||
SAFE_FREE(session->auth.auto_state);
|
||||
SAFE_FREE(session->serverbanner);
|
||||
SAFE_FREE(session->clientbanner);
|
||||
SAFE_FREE(session->banner);
|
||||
|
||||
Загрузка…
x
Ссылка в новой задаче
Block a user