From 86620fc9914b7a2a558bdc20148fd4b898bbda4b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <mail@cynapses.org>
Date: Thu, 15 Oct 2009 17:56:03 +0200
Subject: Improve example authentication.

---
 examples/authentication.c | 85 ++++++++++++++++++++++++++---------------------
 1 file changed, 48 insertions(+), 37 deletions(-)

(limited to 'examples')

diff --git a/examples/authentication.c b/examples/authentication.c
index 06a0b713..29b83eaa 100644
--- a/examples/authentication.c
+++ b/examples/authentication.c
@@ -65,50 +65,61 @@ int authenticate_kbdint(ssh_session session){
 }
 
 int authenticate_console(ssh_session session){
-  int auth;
-  int methods;
+  int rc;
+  int method;
   char *password;
   char *banner;
 
-  ssh_userauth_none(session, NULL);
-  methods = ssh_auth_list(session);
-  printf("supported auth methods: ");
-  if (methods & SSH_AUTH_METHOD_PUBLICKEY) {
-    printf("publickey");
+  // Try to authenticate
+  rc = ssh_userauth_none(session, NULL);
+  if (rc == SSH_AUTH_ERROR) {
+    perror("Authentication failed.");
+    return rc;
   }
-  if (methods & SSH_AUTH_METHOD_INTERACTIVE) {
-    printf(", keyboard-interactive");
-  }
-  if (methods & SSH_AUTH_METHOD_PASSWORD) {
-    printf(", password");
-  }
-  printf("\n");
 
-  auth=ssh_userauth_autopubkey(session, NULL);
-  if(auth==SSH_AUTH_ERROR){
-    return auth;
-  }
-  banner=ssh_get_issue_banner(session);
-  if(banner){
-    printf("%s\n",banner);
-    free(banner);
-  }
-  if(auth!=SSH_AUTH_SUCCESS && (methods & SSH_AUTH_METHOD_INTERACTIVE)){
-    auth=authenticate_kbdint(session);
-    if(auth==SSH_AUTH_ERROR){
-      return auth;
+  method = ssh_auth_list(session);
+  while (rc != SSH_AUTH_SUCCESS) {
+
+    // Try to authenticate with public key first
+    if (method & SSH_AUTH_METHOD_PUBLICKEY) {
+      rc = ssh_userauth_autopubkey(session, NULL);
+      if (rc == SSH_AUTH_ERROR) {
+        perror("Authentication failed.");
+        return rc;
+      } else if (rc == SSH_AUTH_SUCCESS) {
+        break;
+      }
     }
-  }
-  if(auth!=SSH_AUTH_SUCCESS && (methods & SSH_AUTH_METHOD_PASSWORD)){
+
+    // Try to authenticate with keyboard interactive";
+    if (method & SSH_AUTH_METHOD_INTERACTIVE) {
+      rc = authenticate_kbdint(session);
+      if (rc == SSH_AUTH_ERROR) {
+        perror("Authentication failed.");
+        return rc;
+      } else if (rc == SSH_AUTH_SUCCESS) {
+        break;
+      }
+    }
+
     password=getpass("Password: ");
-    if(ssh_userauth_password(session,NULL,password) != SSH_AUTH_SUCCESS){
-      return auth;
+    // Try to authenticate with password
+    if (method & SSH_AUTH_METHOD_PASSWORD) {
+      rc = ssh_userauth_password(session, NULL, password);
+      if (rc == SSH_AUTH_ERROR) {
+        perror("Authentication failed.");
+        return rc;
+      } else if (rc == SSH_AUTH_SUCCESS) {
+        break;
+      }
     }
-    memset(password,0,strlen(password));
   }
-  if(auth==SSH_AUTH_SUCCESS)
-    ssh_log(session, SSH_LOG_FUNCTIONS, "Authentication success");
-  if(auth==SSH_AUTH_PARTIAL)
-    return SSH_AUTH_DENIED;
-  return auth;
+
+  banner = ssh_get_issue_banner(session);
+  if (banner) {
+    printf("%s\n",banner);
+    free(banner);
+  }
+
+  return rc;
 }
-- 
cgit v1.2.3