aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2011-01-16 21:57:11 +0100
committerAris Adamantiadis <aris@0xbadc0de.be>2011-01-16 23:42:19 +0100
commit6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c (patch)
tree53a231553784bc96180c3ac3eacebdca6ae74172
parent227764a8033c773397bc997239bfad1f85ef40a5 (diff)
downloadlibssh-6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c.tar.gz
libssh-6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c.tar.xz
libssh-6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c.zip
ssh_auth_password made nonblocking
-rw-r--r--include/libssh/session.h3
-rw-r--r--src/auth.c44
-rw-r--r--tests/client/torture_auth.c46
3 files changed, 88 insertions, 5 deletions
diff --git a/include/libssh/session.h b/include/libssh/session.h
index bcb4ed4..58df0d5 100644
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -54,7 +54,8 @@ enum ssh_dh_state_e {
enum ssh_pending_call_e {
SSH_PENDING_CALL_NONE = 0,
SSH_PENDING_CALL_CONNECT,
- SSH_PENDING_CALL_AUTH_NONE
+ SSH_PENDING_CALL_AUTH_NONE,
+ SSH_PENDING_CALL_AUTH_PASSWORD
};
/* libssh calls may block an undefined amount of time */
diff --git a/src/auth.c b/src/auth.c
index 96ec06a..c29317d 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -344,12 +344,15 @@ int ssh_userauth_list(ssh_session session, const char *username) {
* SSH_AUTH_PARTIAL: You've been partially authenticated, you still
* have to use another method\n
* SSH_AUTH_SUCCESS: Authentication success
+ * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again
+ * later.
*/
int ssh_userauth_none(ssh_session session, const char *username) {
ssh_string user = NULL;
ssh_string service = NULL;
ssh_string method = NULL;
int rc = SSH_AUTH_ERROR;
+ int err;
enter_function();
@@ -386,6 +389,8 @@ int ssh_userauth_none(ssh_session session, const char *username) {
case SSH_PENDING_CALL_NONE:
break;
case SSH_PENDING_CALL_AUTH_NONE:
+ ssh_string_free(user);
+ user=NULL;
goto pending;
default:
ssh_set_error(session,SSH_FATAL,"Bad call during pending SSH call in ssh_userauth_none");
@@ -393,7 +398,14 @@ int ssh_userauth_none(ssh_session session, const char *username) {
rc=SSH_ERROR;
}
- if (ask_userauth(session) < 0) {
+ err = ask_userauth(session);
+ if(err == SSH_AGAIN){
+ rc=SSH_AUTH_AGAIN;
+ ssh_string_free(user);
+ leave_function();
+ return rc;
+ } else if(err == SSH_ERROR){
+ rc=SSH_AUTH_ERROR;
ssh_string_free(user);
leave_function();
return rc;
@@ -916,6 +928,8 @@ error:
* SSH_AUTH_PARTIAL: You've been partially authenticated, you still
* have to use another method.\n
* SSH_AUTH_SUCCESS: Authentication successful.
+ * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again
+ * later.
*
* @see ssh_userauth_kbdint()
* @see BURN_STRING
@@ -927,6 +941,7 @@ int ssh_userauth_password(ssh_session session, const char *username,
ssh_string method = NULL;
ssh_string pwd = NULL;
int rc = SSH_AUTH_ERROR;
+ int err;
enter_function();
@@ -955,7 +970,27 @@ int ssh_userauth_password(ssh_session session, const char *username,
return rc;
}
- if (ask_userauth(session) < 0) {
+ switch(session->pending_call_state){
+ case SSH_PENDING_CALL_NONE:
+ break;
+ case SSH_PENDING_CALL_AUTH_PASSWORD:
+ ssh_string_free(user);
+ user=NULL;
+ goto pending;
+ default:
+ ssh_set_error(session,SSH_FATAL,"Bad call during pending SSH call in ssh_userauth_password");
+ goto error;
+ rc=SSH_ERROR;
+ }
+
+ err = ask_userauth(session);
+ if(err == SSH_AGAIN){
+ rc=SSH_AUTH_AGAIN;
+ ssh_string_free(user);
+ leave_function();
+ return rc;
+ } else if(err == SSH_ERROR){
+ rc=SSH_AUTH_ERROR;
ssh_string_free(user);
leave_function();
return rc;
@@ -989,12 +1024,15 @@ int ssh_userauth_password(ssh_session session, const char *username,
ssh_string_burn(pwd);
ssh_string_free(pwd);
session->auth_state=SSH_AUTH_STATE_NONE;
+ session->pending_call_state=SSH_PENDING_CALL_AUTH_PASSWORD;
if (packet_send(session) == SSH_ERROR) {
leave_function();
return rc;
}
+pending:
rc = wait_auth_status(session);
-
+ if(rc!=SSH_AUTH_AGAIN)
+ session->pending_call_state=SSH_PENDING_CALL_NONE;
leave_function();
return rc;
error:
diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c
index adcf708..3637a6a 100644
--- a/tests/client/torture_auth.c
+++ b/tests/client/torture_auth.c
@@ -142,7 +142,7 @@ static void torture_auth_password(void **state) {
rc = ssh_userauth_none(session, NULL);
/* This request should return a SSH_REQUEST_DENIED error */
- if (rc == SSH_ERROR) {
+ if (rc == SSH_AUTH_ERROR) {
assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
}
assert_true(ssh_auth_list(session) & SSH_AUTH_METHOD_PASSWORD);
@@ -151,11 +151,55 @@ static void torture_auth_password(void **state) {
assert_true(rc == SSH_AUTH_SUCCESS);
}
+static void torture_auth_password_nonblocking(void **state) {
+ ssh_session session = *state;
+ char *user = getenv("TORTURE_USER");
+ char *password = getenv("TORTURE_PASSWORD");
+ int rc;
+
+ if (user == NULL) {
+ print_message("*** Please set the environment variable TORTURE_USER"
+ " to enable this test!!\n");
+ return;
+ }
+
+ if (password == NULL) {
+ print_message("*** Please set the environment variable "
+ "TORTURE_PASSWORD to enable this test!!\n");
+ return;
+ }
+
+ rc = ssh_options_set(session, SSH_OPTIONS_USER, user);
+ assert_true(rc == SSH_OK);
+
+ rc = ssh_connect(session);
+ assert_true(rc == SSH_OK);
+ ssh_set_blocking(session,0);
+
+ do {
+ rc = ssh_userauth_none(session, NULL);
+ } while (rc==SSH_AUTH_AGAIN);
+
+ /* This request should return a SSH_REQUEST_DENIED error */
+ if (rc == SSH_AUTH_ERROR) {
+ assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+ }
+ assert_true(ssh_auth_list(session) & SSH_AUTH_METHOD_PASSWORD);
+
+ do {
+ rc = ssh_userauth_password(session, NULL, password);
+ } while(rc==SSH_AUTH_AGAIN);
+
+ assert_true(rc == SSH_AUTH_SUCCESS);
+}
+
+
int torture_run_tests(void) {
int rc;
const UnitTest tests[] = {
unit_test_setup_teardown(torture_auth_kbdint, setup, teardown),
unit_test_setup_teardown(torture_auth_password, setup, teardown),
+ unit_test_setup_teardown(torture_auth_password_nonblocking, setup, teardown),
unit_test_setup_teardown(torture_auth_autopubkey, setup, teardown),
};