Improve ssh_userauth_pubkey().

git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@667 7dcaeef0-15fb-0310-b436-a5af3365683c
author: Andreas Schneider <mail@cynapses.org> 2009-04-30 14:46:40 +0000
committer: Andreas Schneider <mail@cynapses.org> 2009-04-30 14:46:40 +0000
commit: deb9d30f4d124f82491225508a8699b0aad1375b (patch)
tree: 2b207ab3453eadc5a683dc601d9695012614c72c /libssh
parent: 65d09f3268741a2e03e1a0a9fd4806d8d5f798a7 (diff)
download: libssh-deb9d30f4d124f82491225508a8699b0aad1375b.tar.gz
libssh-deb9d30f4d124f82491225508a8699b0aad1375b.tar.xz
libssh-deb9d30f4d124f82491225508a8699b0aad1375b.zip
1 files changed, 103 insertions, 94 deletions
diff --git a/libssh/auth.c b/libssh/auth.c
index 7632e6b..988bd30 100644
--- a/libssh/auth.c
+++ b/libssh/auth.c
@@ -390,115 +390,124 @@ error:
 }
 
 
-/** \brief Try to authenticate through public key
- * \param session ssh session
- * \param username username to authenticate. You can specify NULL if
- * ssh_option_set_username() has been used. You cannot try two different logins in a row.
- * \param publickey a public key returned by publickey_from_file()
- * \param privatekey a private key returned by privatekey_from_file()
- * \returns SSH_AUTH_ERROR : a serious error happened\n
- * SSH_AUTH_DENIED : Authentication failed : use another method\n
- * SSH_AUTH_PARTIAL : You've been partially authenticated, you still have to use another method\n
- * SSH_AUTH_SUCCESS : Authentication success
- * \see publickey_from_file()
- * \see privatekey_from_file()
- * \see privatekey_free()
- * \see ssh_userauth_offer_pubkey()
+/**
+ * @brief Try to authenticate through public key.
+ *
+ * @param session       The ssh session to use.
+ *
+ * @param username      The username to authenticate. You can specify NULL if
+ *                      ssh_option_set_username() has been used. You cannot try
+ *                      two different logins in a row.
+ *
+ * @param publickey     A public key returned by publickey_from_file().
+ *
+ * @param privatekey    A private key returned by privatekey_from_file().
+ *
+ * @returns SSH_AUTH_ERROR:   A serious error happened.\n
+ *          SSH_AUTH_DENIED:  Authentication failed: use another method.\n
+ *          SSH_AUTH_PARTIAL: You've been partially authenticated, you still
+ *                            have to use another method.\n
+ *          SSH_AUTH_SUCCESS: Authentication successful.
+ *
+ * @see publickey_from_file()
+ * @see privatekey_from_file()
+ * @see privatekey_free()
+ * @see ssh_userauth_offer_pubkey()
  */
+int ssh_userauth_pubkey(SSH_SESSION *session, const char *username,
+    STRING *publickey, PRIVATE_KEY *privatekey) {
+  STRING *user;
+  STRING *service;
+  STRING *method;
+  STRING *algo;
+  STRING *sign;
+  int rc = SSH_AUTH_ERROR;
 
-int ssh_userauth_pubkey(SSH_SESSION *session, const char *username, STRING *publickey, PRIVATE_KEY *privatekey){
-    STRING *user = NULL;
-    STRING *service = NULL;
-    STRING *method = NULL;
-    STRING *algo = NULL;
-    STRING *sign = NULL;
-    int rc = SSH_AUTH_ERROR;
+  enter_function();
 
-    enter_function();
-//    if(session->version==1)
-//        return ssh_userauth1_pubkey(session,username,publickey,privatekey);
-    if(!username)
-        if(!(username=session->options->username)){
-            if(ssh_options_default_username(session->options)){
-              leave_function();
-              return rc;
-            } else
-                username=session->options->username;
-        }
-    if(ask_userauth(session)){
+#if 0
+  if (session->version == 1) {
+    return ssh_userauth1_pubkey(session, username, publickey, privatekey);
+  }
+#endif
+
+  if (username == NULL) {
+    if (session->options->username == NULL) {
+      if (ssh_options_default_username(session->options) < 0) {
         leave_function();
         return rc;
+      }
     }
-
+    user = string_from_char(session->options->username);
+  } else {
     user = string_from_char(username);
-    if (user == NULL) {
-      goto error;
-    }
-    service = string_from_char("ssh-connection");
-    if (service == NULL) {
-      goto error;
-    }
-    method = string_from_char("publickey");
-    if (method == NULL) {
-      goto error;
-    }
-    algo = string_from_char(ssh_type_to_char(privatekey->type));
-    if (algo == NULL) {
-      goto error;
-    }
+  }
 
-    /* we said previously the public key was accepted */
-    if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) {
-      goto error;
-    }
-    if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
-      goto error;
-    }
-    if (buffer_add_ssh_string(session->out_buffer, service) < 0) {
-      goto error;
-    }
-    if (buffer_add_ssh_string(session->out_buffer, method) < 0) {
-      goto error;
-    }
-    if (buffer_add_u8(session->out_buffer, 1) < 0) {
-      goto error;
-    }
-    if (buffer_add_ssh_string(session->out_buffer, algo) < 0) {
-      goto error;
-    }
-    if (buffer_add_ssh_string(session->out_buffer, publickey) < 0) {
+  if (user == NULL) {
+    leave_function();
+    return rc;
+  }
+
+  if (ask_userauth(session) < 0) {
+    string_free(user);
+    leave_function();
+    return rc;
+  }
+
+  service = string_from_char("ssh-connection");
+  if (service == NULL) {
+    goto error;
+  }
+  method = string_from_char("publickey");
+  if (method == NULL) {
+    goto error;
+  }
+  algo = string_from_char(ssh_type_to_char(privatekey->type));
+  if (algo == NULL) {
+    goto error;
+  }
+
+  /* we said previously the public key was accepted */
+  if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0 ||
+      buffer_add_ssh_string(session->out_buffer, user) < 0 ||
+      buffer_add_ssh_string(session->out_buffer, service) < 0 ||
+      buffer_add_ssh_string(session->out_buffer, method) < 0 ||
+      buffer_add_u8(session->out_buffer, 1) < 0 ||
+      buffer_add_ssh_string(session->out_buffer, algo) < 0 ||
+      buffer_add_ssh_string(session->out_buffer, publickey) < 0) {
+    goto error;
+  }
+
+  string_free(user);
+  string_free(service);
+  string_free(method);
+  string_free(algo);
+
+  sign = ssh_do_sign(session,session->out_buffer, privatekey);
+  if (sign) {
+    if (buffer_add_ssh_string(session->out_buffer,sign) < 0) {
       goto error;
     }
-    sign = ssh_do_sign(session,session->out_buffer, privatekey);
-    if (sign) {
-      if (buffer_add_ssh_string(session->out_buffer,sign) < 0) {
-        goto error;
-      }
-      string_free(sign);
+    string_free(sign);
 
-      if (packet_send(session) != SSH_OK) {
-        leave_function();
-        return rc;
-      }
-      rc = wait_auth_status(session,0);
+    if (packet_send(session) != SSH_OK) {
+      leave_function();
+      return rc;
     }
+    rc = wait_auth_status(session,0);
+  }
 
-    string_free(user);
-    string_free(service);
-    string_free(method);
-    string_free(algo);
-
-    leave_function();
-    return rc;
+  leave_function();
+  return rc;
 error:
-    buffer_free(session->out_buffer);
-    string_free(user);
-    string_free(service);
-    string_free(method);
-    string_free(algo);
+  buffer_free(session->out_buffer);
+  string_free(user);
+  string_free(service);
+  string_free(method);
+  string_free(algo);
 
-    leave_function();
-    return rc;
+  leave_function();
+  return rc;
 }
 
 #ifndef _WIN32
author	Andreas Schneider <mail@cynapses.org>	2009-04-30 14:46:40 +0000
committer	Andreas Schneider <mail@cynapses.org>	2009-04-30 14:46:40 +0000
commit	deb9d30f4d124f82491225508a8699b0aad1375b (patch)
tree	2b207ab3453eadc5a683dc601d9695012614c72c /libssh
parent	65d09f3268741a2e03e1a0a9fd4806d8d5f798a7 (diff)
download	libssh-deb9d30f4d124f82491225508a8699b0aad1375b.tar.gz libssh-deb9d30f4d124f82491225508a8699b0aad1375b.tar.xz libssh-deb9d30f4d124f82491225508a8699b0aad1375b.zip