diff options
author | Aris Adamantiadis <aris@0xbadc0de.be> | 2011-01-16 21:57:11 +0100 |
---|---|---|
committer | Aris Adamantiadis <aris@0xbadc0de.be> | 2011-01-16 23:42:19 +0100 |
commit | 6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c (patch) | |
tree | 53a231553784bc96180c3ac3eacebdca6ae74172 | |
parent | 227764a8033c773397bc997239bfad1f85ef40a5 (diff) | |
download | libssh-6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c.tar.gz libssh-6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c.tar.xz libssh-6b52aaff1c7128f4221632e0eb7fc1fd6a916b7c.zip |
ssh_auth_password made nonblocking
-rw-r--r-- | include/libssh/session.h | 3 | ||||
-rw-r--r-- | src/auth.c | 44 | ||||
-rw-r--r-- | tests/client/torture_auth.c | 46 |
3 files changed, 88 insertions, 5 deletions
diff --git a/include/libssh/session.h b/include/libssh/session.h index bcb4ed4..58df0d5 100644 --- a/include/libssh/session.h +++ b/include/libssh/session.h @@ -54,7 +54,8 @@ enum ssh_dh_state_e { enum ssh_pending_call_e { SSH_PENDING_CALL_NONE = 0, SSH_PENDING_CALL_CONNECT, - SSH_PENDING_CALL_AUTH_NONE + SSH_PENDING_CALL_AUTH_NONE, + SSH_PENDING_CALL_AUTH_PASSWORD }; /* libssh calls may block an undefined amount of time */ @@ -344,12 +344,15 @@ int ssh_userauth_list(ssh_session session, const char *username) { * SSH_AUTH_PARTIAL: You've been partially authenticated, you still * have to use another method\n * SSH_AUTH_SUCCESS: Authentication success + * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again + * later. */ int ssh_userauth_none(ssh_session session, const char *username) { ssh_string user = NULL; ssh_string service = NULL; ssh_string method = NULL; int rc = SSH_AUTH_ERROR; + int err; enter_function(); @@ -386,6 +389,8 @@ int ssh_userauth_none(ssh_session session, const char *username) { case SSH_PENDING_CALL_NONE: break; case SSH_PENDING_CALL_AUTH_NONE: + ssh_string_free(user); + user=NULL; goto pending; default: ssh_set_error(session,SSH_FATAL,"Bad call during pending SSH call in ssh_userauth_none"); @@ -393,7 +398,14 @@ int ssh_userauth_none(ssh_session session, const char *username) { rc=SSH_ERROR; } - if (ask_userauth(session) < 0) { + err = ask_userauth(session); + if(err == SSH_AGAIN){ + rc=SSH_AUTH_AGAIN; + ssh_string_free(user); + leave_function(); + return rc; + } else if(err == SSH_ERROR){ + rc=SSH_AUTH_ERROR; ssh_string_free(user); leave_function(); return rc; @@ -916,6 +928,8 @@ error: * SSH_AUTH_PARTIAL: You've been partially authenticated, you still * have to use another method.\n * SSH_AUTH_SUCCESS: Authentication successful. + * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again + * later. * * @see ssh_userauth_kbdint() * @see BURN_STRING @@ -927,6 +941,7 @@ int ssh_userauth_password(ssh_session session, const char *username, ssh_string method = NULL; ssh_string pwd = NULL; int rc = SSH_AUTH_ERROR; + int err; enter_function(); @@ -955,7 +970,27 @@ int ssh_userauth_password(ssh_session session, const char *username, return rc; } - if (ask_userauth(session) < 0) { + switch(session->pending_call_state){ + case SSH_PENDING_CALL_NONE: + break; + case SSH_PENDING_CALL_AUTH_PASSWORD: + ssh_string_free(user); + user=NULL; + goto pending; + default: + ssh_set_error(session,SSH_FATAL,"Bad call during pending SSH call in ssh_userauth_password"); + goto error; + rc=SSH_ERROR; + } + + err = ask_userauth(session); + if(err == SSH_AGAIN){ + rc=SSH_AUTH_AGAIN; + ssh_string_free(user); + leave_function(); + return rc; + } else if(err == SSH_ERROR){ + rc=SSH_AUTH_ERROR; ssh_string_free(user); leave_function(); return rc; @@ -989,12 +1024,15 @@ int ssh_userauth_password(ssh_session session, const char *username, ssh_string_burn(pwd); ssh_string_free(pwd); session->auth_state=SSH_AUTH_STATE_NONE; + session->pending_call_state=SSH_PENDING_CALL_AUTH_PASSWORD; if (packet_send(session) == SSH_ERROR) { leave_function(); return rc; } +pending: rc = wait_auth_status(session); - + if(rc!=SSH_AUTH_AGAIN) + session->pending_call_state=SSH_PENDING_CALL_NONE; leave_function(); return rc; error: diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c index adcf708..3637a6a 100644 --- a/tests/client/torture_auth.c +++ b/tests/client/torture_auth.c @@ -142,7 +142,7 @@ static void torture_auth_password(void **state) { rc = ssh_userauth_none(session, NULL); /* This request should return a SSH_REQUEST_DENIED error */ - if (rc == SSH_ERROR) { + if (rc == SSH_AUTH_ERROR) { assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED); } assert_true(ssh_auth_list(session) & SSH_AUTH_METHOD_PASSWORD); @@ -151,11 +151,55 @@ static void torture_auth_password(void **state) { assert_true(rc == SSH_AUTH_SUCCESS); } +static void torture_auth_password_nonblocking(void **state) { + ssh_session session = *state; + char *user = getenv("TORTURE_USER"); + char *password = getenv("TORTURE_PASSWORD"); + int rc; + + if (user == NULL) { + print_message("*** Please set the environment variable TORTURE_USER" + " to enable this test!!\n"); + return; + } + + if (password == NULL) { + print_message("*** Please set the environment variable " + "TORTURE_PASSWORD to enable this test!!\n"); + return; + } + + rc = ssh_options_set(session, SSH_OPTIONS_USER, user); + assert_true(rc == SSH_OK); + + rc = ssh_connect(session); + assert_true(rc == SSH_OK); + ssh_set_blocking(session,0); + + do { + rc = ssh_userauth_none(session, NULL); + } while (rc==SSH_AUTH_AGAIN); + + /* This request should return a SSH_REQUEST_DENIED error */ + if (rc == SSH_AUTH_ERROR) { + assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED); + } + assert_true(ssh_auth_list(session) & SSH_AUTH_METHOD_PASSWORD); + + do { + rc = ssh_userauth_password(session, NULL, password); + } while(rc==SSH_AUTH_AGAIN); + + assert_true(rc == SSH_AUTH_SUCCESS); +} + + int torture_run_tests(void) { int rc; const UnitTest tests[] = { unit_test_setup_teardown(torture_auth_kbdint, setup, teardown), unit_test_setup_teardown(torture_auth_password, setup, teardown), + unit_test_setup_teardown(torture_auth_password_nonblocking, setup, teardown), unit_test_setup_teardown(torture_auth_autopubkey, setup, teardown), }; |