aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2013-02-20 23:18:46 +0100
committerAndreas Schneider <asn@cryptomilk.org>2013-07-13 14:21:36 +0200
commit1246ad812c1aedb73bd75db86732fa60eb8a6aec (patch)
treeccff6e414fc524332e1cd93678c881c62da967a9
parent3b52e38a333cb204673b9401b0e895d96d9fb02f (diff)
downloadlibssh-1246ad812c1aedb73bd75db86732fa60eb8a6aec.tar.gz
libssh-1246ad812c1aedb73bd75db86732fa60eb8a6aec.tar.xz
libssh-1246ad812c1aedb73bd75db86732fa60eb8a6aec.zip
server: move message-specific call to ssh_*
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/server.c57
1 files changed, 40 insertions, 17 deletions
diff --git a/src/server.c b/src/server.c
index 4d97b973..1acaac7a 100644
--- a/src/server.c
+++ b/src/server.c
@@ -524,6 +524,17 @@ static int ssh_server_kex_termination(void *s){
return 1;
}
+/** Set the acceptable authentication methods to be sent to
+ * client.
+ * @param[in] session the SSH server session
+ * @param[in] Bitfield of authentication methods to be accepted,
+ * e.g. SSH_AUTH_METHOD_PUBLICKEY
+ */
+void ssh_set_auth_methods(ssh_session session, int auth_methods){
+ /* accept only methods in range */
+ session->auth_methods = auth_methods & 0x3f;
+}
+
/* Do the banner and key exchange */
int ssh_handle_key_exchange(ssh_session session) {
int rc;
@@ -564,8 +575,10 @@ int ssh_handle_key_exchange(ssh_session session) {
/* messages */
-static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
- ssh_session session = msg->session;
+/** @internal
+ * replies to an SSH_AUTH packet with a default (denied) response.
+ */
+int ssh_auth_reply_default(ssh_session session,int partial) {
char methods_c[128] = {0};
ssh_string methods = NULL;
int rc = SSH_ERROR;
@@ -583,6 +596,10 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
strncat(methods_c, "publickey,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
+ if (session->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC){
+ strncat(methods_c,"gssapi-with-mic,",
+ sizeof(methods_c) - strlen(methods_c) - 1);
+ }
if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
strncat(methods_c, "keyboard-interactive,",
sizeof(methods_c) - strlen(methods_c) - 1);
@@ -611,7 +628,7 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
goto error;
}
- if (buffer_add_ssh_string(msg->session->out_buffer, methods) < 0) {
+ if (buffer_add_ssh_string(session->out_buffer, methods) < 0) {
goto error;
}
@@ -625,7 +642,7 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
}
}
- rc = packet_send(msg->session);
+ rc = packet_send(session);
error:
ssh_string_free(methods);
@@ -774,7 +791,7 @@ int ssh_message_reply_default(ssh_message msg) {
switch(msg->type) {
case SSH_REQUEST_AUTH:
- return ssh_message_auth_reply_default(msg, 0);
+ return ssh_auth_reply_default(msg->session, 0);
case SSH_REQUEST_CHANNEL_OPEN:
return ssh_message_channel_request_open_reply_default(msg);
case SSH_REQUEST_CHANNEL:
@@ -1005,33 +1022,39 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
return r;
}
-int ssh_message_auth_reply_success(ssh_message msg, int partial) {
+int ssh_auth_reply_success(ssh_session session, int partial) {
int r;
- if (msg == NULL) {
- return SSH_ERROR;
+ if (session == NULL) {
+ return SSH_ERROR;
}
if (partial) {
- return ssh_message_auth_reply_default(msg, partial);
+ return ssh_auth_reply_default(session, partial);
}
- if (buffer_add_u8(msg->session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) {
+ if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) {
return SSH_ERROR;
}
- r = packet_send(msg->session);
- if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_out){
- ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT");
- msg->session->current_crypto->do_compress_out=1;
+ r = packet_send(session);
+ if(session->current_crypto && session->current_crypto->delayed_compress_out){
+ ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT");
+ session->current_crypto->do_compress_out=1;
}
- if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_in){
- ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN");
- msg->session->current_crypto->do_compress_in=1;
+ if(session->current_crypto && session->current_crypto->delayed_compress_in){
+ ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN");
+ session->current_crypto->do_compress_in=1;
}
return r;
}
+int ssh_message_auth_reply_success(ssh_message msg, int partial) {
+ if(msg == NULL)
+ return SSH_ERROR;
+ return ssh_auth_reply_success(msg->session, partial);
+}
+
/* Answer OK to a pubkey auth request */
int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey) {
if (msg == NULL) {