diff options
author | Andreas Schneider <mail@cynapses.org> | 2009-04-30 14:46:40 +0000 |
---|---|---|
committer | Andreas Schneider <mail@cynapses.org> | 2009-04-30 14:46:40 +0000 |
commit | deb9d30f4d124f82491225508a8699b0aad1375b (patch) | |
tree | 2b207ab3453eadc5a683dc601d9695012614c72c /libssh | |
parent | 65d09f3268741a2e03e1a0a9fd4806d8d5f798a7 (diff) | |
download | libssh-deb9d30f4d124f82491225508a8699b0aad1375b.tar.gz libssh-deb9d30f4d124f82491225508a8699b0aad1375b.tar.xz libssh-deb9d30f4d124f82491225508a8699b0aad1375b.zip |
Improve ssh_userauth_pubkey().
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@667 7dcaeef0-15fb-0310-b436-a5af3365683c
Diffstat (limited to 'libssh')
-rw-r--r-- | libssh/auth.c | 197 |
1 files changed, 103 insertions, 94 deletions
diff --git a/libssh/auth.c b/libssh/auth.c index 7632e6b..988bd30 100644 --- a/libssh/auth.c +++ b/libssh/auth.c @@ -390,115 +390,124 @@ error: } -/** \brief Try to authenticate through public key - * \param session ssh session - * \param username username to authenticate. You can specify NULL if - * ssh_option_set_username() has been used. You cannot try two different logins in a row. - * \param publickey a public key returned by publickey_from_file() - * \param privatekey a private key returned by privatekey_from_file() - * \returns SSH_AUTH_ERROR : a serious error happened\n - * SSH_AUTH_DENIED : Authentication failed : use another method\n - * SSH_AUTH_PARTIAL : You've been partially authenticated, you still have to use another method\n - * SSH_AUTH_SUCCESS : Authentication success - * \see publickey_from_file() - * \see privatekey_from_file() - * \see privatekey_free() - * \see ssh_userauth_offer_pubkey() +/** + * @brief Try to authenticate through public key. + * + * @param session The ssh session to use. + * + * @param username The username to authenticate. You can specify NULL if + * ssh_option_set_username() has been used. You cannot try + * two different logins in a row. + * + * @param publickey A public key returned by publickey_from_file(). + * + * @param privatekey A private key returned by privatekey_from_file(). + * + * @returns SSH_AUTH_ERROR: A serious error happened.\n + * SSH_AUTH_DENIED: Authentication failed: use another method.\n + * SSH_AUTH_PARTIAL: You've been partially authenticated, you still + * have to use another method.\n + * SSH_AUTH_SUCCESS: Authentication successful. + * + * @see publickey_from_file() + * @see privatekey_from_file() + * @see privatekey_free() + * @see ssh_userauth_offer_pubkey() */ +int ssh_userauth_pubkey(SSH_SESSION *session, const char *username, + STRING *publickey, PRIVATE_KEY *privatekey) { + STRING *user; + STRING *service; + STRING *method; + STRING *algo; + STRING *sign; + int rc = SSH_AUTH_ERROR; -int ssh_userauth_pubkey(SSH_SESSION *session, const char *username, STRING *publickey, PRIVATE_KEY *privatekey){ - STRING *user = NULL; - STRING *service = NULL; - STRING *method = NULL; - STRING *algo = NULL; - STRING *sign = NULL; - int rc = SSH_AUTH_ERROR; + enter_function(); - enter_function(); -// if(session->version==1) -// return ssh_userauth1_pubkey(session,username,publickey,privatekey); - if(!username) - if(!(username=session->options->username)){ - if(ssh_options_default_username(session->options)){ - leave_function(); - return rc; - } else - username=session->options->username; - } - if(ask_userauth(session)){ +#if 0 + if (session->version == 1) { + return ssh_userauth1_pubkey(session, username, publickey, privatekey); + } +#endif + + if (username == NULL) { + if (session->options->username == NULL) { + if (ssh_options_default_username(session->options) < 0) { leave_function(); return rc; + } } - + user = string_from_char(session->options->username); + } else { user = string_from_char(username); - if (user == NULL) { - goto error; - } - service = string_from_char("ssh-connection"); - if (service == NULL) { - goto error; - } - method = string_from_char("publickey"); - if (method == NULL) { - goto error; - } - algo = string_from_char(ssh_type_to_char(privatekey->type)); - if (algo == NULL) { - goto error; - } + } - /* we said previously the public key was accepted */ - if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) { - goto error; - } - if (buffer_add_ssh_string(session->out_buffer, user) < 0) { - goto error; - } - if (buffer_add_ssh_string(session->out_buffer, service) < 0) { - goto error; - } - if (buffer_add_ssh_string(session->out_buffer, method) < 0) { - goto error; - } - if (buffer_add_u8(session->out_buffer, 1) < 0) { - goto error; - } - if (buffer_add_ssh_string(session->out_buffer, algo) < 0) { - goto error; - } - if (buffer_add_ssh_string(session->out_buffer, publickey) < 0) { + if (user == NULL) { + leave_function(); + return rc; + } + + if (ask_userauth(session) < 0) { + string_free(user); + leave_function(); + return rc; + } + + service = string_from_char("ssh-connection"); + if (service == NULL) { + goto error; + } + method = string_from_char("publickey"); + if (method == NULL) { + goto error; + } + algo = string_from_char(ssh_type_to_char(privatekey->type)); + if (algo == NULL) { + goto error; + } + + /* we said previously the public key was accepted */ + if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0 || + buffer_add_ssh_string(session->out_buffer, user) < 0 || + buffer_add_ssh_string(session->out_buffer, service) < 0 || + buffer_add_ssh_string(session->out_buffer, method) < 0 || + buffer_add_u8(session->out_buffer, 1) < 0 || + buffer_add_ssh_string(session->out_buffer, algo) < 0 || + buffer_add_ssh_string(session->out_buffer, publickey) < 0) { + goto error; + } + + string_free(user); + string_free(service); + string_free(method); + string_free(algo); + + sign = ssh_do_sign(session,session->out_buffer, privatekey); + if (sign) { + if (buffer_add_ssh_string(session->out_buffer,sign) < 0) { goto error; } - sign = ssh_do_sign(session,session->out_buffer, privatekey); - if (sign) { - if (buffer_add_ssh_string(session->out_buffer,sign) < 0) { - goto error; - } - string_free(sign); + string_free(sign); - if (packet_send(session) != SSH_OK) { - leave_function(); - return rc; - } - rc = wait_auth_status(session,0); + if (packet_send(session) != SSH_OK) { + leave_function(); + return rc; } + rc = wait_auth_status(session,0); + } - string_free(user); - string_free(service); - string_free(method); - string_free(algo); - - leave_function(); - return rc; + leave_function(); + return rc; error: - buffer_free(session->out_buffer); - string_free(user); - string_free(service); - string_free(method); - string_free(algo); + buffer_free(session->out_buffer); + string_free(user); + string_free(service); + string_free(method); + string_free(algo); - leave_function(); - return rc; + leave_function(); + return rc; } #ifndef _WIN32 |