diff options
-rw-r--r-- | include/libssh/auth.h | 4 | ||||
-rw-r--r-- | libssh/auth1.c | 35 | ||||
-rw-r--r-- | libssh/channels1.c | 40 | ||||
-rw-r--r-- | libssh/packet1.c | 54 |
4 files changed, 50 insertions, 83 deletions
diff --git a/include/libssh/auth.h b/include/libssh/auth.h index 276c6670..8142143c 100644 --- a/include/libssh/auth.h +++ b/include/libssh/auth.h @@ -21,6 +21,7 @@ #ifndef AUTH_H_ #define AUTH_H_ +#include "config.h" #include "libssh/callbacks.h" SSH_PACKET_CALLBACK(ssh_packet_userauth_banner); @@ -28,6 +29,9 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure); SSH_PACKET_CALLBACK(ssh_packet_userauth_success); SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok); +#ifdef WITH_SSH1 +void ssh_auth1_handler(ssh_session session, uint8_t type); +#endif /** @internal * States of authentication in the client-side. They describe diff --git a/libssh/auth1.c b/libssh/auth1.c index f764fde2..6189f3ec 100644 --- a/libssh/auth1.c +++ b/libssh/auth1.c @@ -36,27 +36,30 @@ #ifdef WITH_SSH1 static int wait_auth1_status(ssh_session session) { /* wait for a packet */ - if (packet_read(session) != SSH_OK) { - return SSH_AUTH_ERROR; - } - - if(packet_translate(session) != SSH_OK) { - return SSH_AUTH_ERROR; - } - - switch(session->in_packet.type) { - case SSH_SMSG_SUCCESS: + while(session->auth_state == SSH_AUTH_STATE_NONE) + ssh_handle_packets(session,-1); + switch(session->auth_state) { + case SSH_AUTH_STATE_SUCCESS: return SSH_AUTH_SUCCESS; - case SSH_SMSG_FAILURE: + case SSH_AUTH_STATE_FAILED: return SSH_AUTH_DENIED; + default: + return SSH_AUTH_ERROR; } - - ssh_set_error(session, SSH_FATAL, "Was waiting for a SUCCESS or " - "FAILURE, got %d", session->in_packet.type); - return SSH_AUTH_ERROR; } +void ssh_auth1_handler(ssh_session session, uint8_t type){ + if(session->session_state != SSH_SESSION_STATE_AUTHENTICATING){ + ssh_set_error(session,SSH_FATAL,"SSH_SMSG_SUCCESS or FAILED received in wrong state"); + return; + } + if(type==SSH_SMSG_SUCCESS) + session->auth_state=SSH_AUTH_STATE_SUCCESS; + if(type==SSH_SMSG_FAILURE) + session->auth_state=SSH_AUTH_STATE_FAILED; +} + static int send_username(ssh_session session, const char *username) { ssh_string user = NULL; /* returns SSH_AUTH_SUCCESS or SSH_AUTH_DENIED */ @@ -173,7 +176,7 @@ int ssh_userauth1_password(ssh_session session, const char *username, string_burn(pwd); string_free(pwd); - + session->auth_state=SSH_AUTH_STATE_NONE; if (packet_send(session) != SSH_OK) { return SSH_AUTH_ERROR; } diff --git a/libssh/channels1.c b/libssh/channels1.c index 1697754a..55f9e91e 100644 --- a/libssh/channels1.c +++ b/libssh/channels1.c @@ -81,9 +81,13 @@ int channel_request_pty_size1(ssh_channel channel, const char *terminal, int col int row) { ssh_session session = channel->session; ssh_string str = NULL; - + if(channel->request_state != SSH_CHANNEL_REQ_STATE_NONE){ + ssh_set_error(session,SSH_REQUEST_DENIED,"Wrong request state"); + return SSH_ERROR; + } str = string_from_char(terminal); if (str == NULL) { + ssh_set_error_oom(session); return -1; } @@ -103,31 +107,29 @@ int channel_request_pty_size1(ssh_channel channel, const char *terminal, int col } ssh_log(session, SSH_LOG_FUNCTIONS, "Opening a ssh1 pty"); - if (packet_send(session) != SSH_OK || - packet_read(session) != SSH_OK || - packet_translate(session) != SSH_OK) { + + if (packet_send(session) != SSH_OK) { return -1; } - - switch (session->in_packet.type) { - case SSH_SMSG_SUCCESS: + switch(channel->request_state){ + case SSH_CHANNEL_REQ_STATE_ERROR: + case SSH_CHANNEL_REQ_STATE_PENDING: + case SSH_CHANNEL_REQ_STATE_NONE: + channel->request_state=SSH_CHANNEL_REQ_STATE_NONE; + return SSH_ERROR; + case SSH_CHANNEL_REQ_STATE_ACCEPTED: + channel->request_state=SSH_CHANNEL_REQ_STATE_NONE; ssh_log(session, SSH_LOG_RARE, "PTY: Success"); - return 0; - break; - case SSH_SMSG_FAILURE: + return SSH_OK; + case SSH_CHANNEL_REQ_STATE_DENIED: + channel->request_state=SSH_CHANNEL_REQ_STATE_NONE; ssh_set_error(session, SSH_REQUEST_DENIED, "Server denied PTY allocation"); ssh_log(session, SSH_LOG_RARE, "PTY: denied\n"); - break; - default: - ssh_log(session, SSH_LOG_RARE, "PTY: error\n"); - ssh_set_error(session, SSH_FATAL, - "Received unexpected packet type %d", - session->in_packet.type); - return -1; + return SSH_ERROR; } - - return -1; + // Not reached + return SSH_ERROR; } int channel_change_pty_size1(ssh_channel channel, int cols, int rows) { diff --git a/libssh/packet1.c b/libssh/packet1.c index 7afab191..dbdcb910 100644 --- a/libssh/packet1.c +++ b/libssh/packet1.c @@ -323,6 +323,9 @@ SSH_PACKET_CALLBACK(ssh_packet_smsg_success1){ if(session->session_state==SSH_SESSION_STATE_KEXINIT_RECEIVED){ session->session_state=SSH_SESSION_STATE_AUTHENTICATING; return SSH_PACKET_USED; + } else if(session->session_state==SSH_SESSION_STATE_AUTHENTICATING){ + ssh_auth1_handler(session,type); + return SSH_PACKET_USED; } else { return ssh_packet_channel_success(session,type,packet,user); } @@ -333,60 +336,15 @@ SSH_PACKET_CALLBACK(ssh_packet_smsg_failure1){ session->session_state=SSH_SESSION_STATE_ERROR; ssh_set_error(session,SSH_FATAL,"Key exchange failed: received SSH_SMSG_FAILURE"); return SSH_PACKET_USED; + } else if(session->session_state==SSH_SESSION_STATE_AUTHENTICATING){ + ssh_auth1_handler(session,type); + return SSH_PACKET_USED; } else { return ssh_packet_channel_failure(session,type,packet,user); } } -int packet_wait(ssh_session session, int type, int blocking) { - - enter_function(); - - ssh_log(session, SSH_LOG_PROTOCOL, "packet_wait1 waiting for %d", type); - - do { - if ((packet_read(session) != SSH_OK) || - (packet_translate(session) != SSH_OK)) { - leave_function(); - return SSH_ERROR; - } - ssh_log(session, SSH_LOG_PACKET, "packet_wait1() received a type %d packet", - session->in_packet.type); - switch (session->in_packet.type) { - case SSH_MSG_DISCONNECT: - case SSH_SMSG_STDOUT_DATA: - case SSH_SMSG_STDERR_DATA: - case SSH_MSG_DEBUG: - case SSH_MSG_IGNORE: - ssh_packet_process(session,type); - break; - case SSH_SMSG_EXITSTATUS: - //This packet must be parsed too - break; - default: - if (type && (type != session->in_packet.type)) { - ssh_set_error(session, SSH_FATAL, - "packet_wait1(): Received a %d type packet, but expected %d\n", - session->in_packet.type, type); - leave_function(); - return SSH_ERROR; - } - leave_function(); - return SSH_OK; - } - - if (blocking == 0) { - leave_function(); - return SSH_OK; - } - } while(1); - - leave_function(); - return SSH_OK; -} - - #endif /* WITH_SSH1 */ /* vim: set ts=2 sw=2 et cindent: */ |