diff options
-rw-r--r-- | include/libssh/legacy.h | 1 | ||||
-rw-r--r-- | include/libssh/libssh.h | 1 | ||||
-rw-r--r-- | include/libssh/libsshpp.hpp | 10 | ||||
-rw-r--r-- | src/auth.c | 178 | ||||
-rw-r--r-- | src/legacy.c | 29 |
5 files changed, 32 insertions, 187 deletions
diff --git a/include/libssh/legacy.h b/include/libssh/legacy.h index 1905e89..9e5c9f0 100644 --- a/include/libssh/legacy.h +++ b/include/libssh/legacy.h @@ -32,6 +32,7 @@ #define LEGACY_H_ LIBSSH_API int ssh_auth_list(ssh_session session); LIBSSH_API int ssh_userauth_offer_pubkey(ssh_session session, const char *username, int type, ssh_string publickey); +LIBSSH_API int ssh_userauth_pubkey(ssh_session session, const char *username, ssh_string publickey, ssh_private_key privatekey); LIBSSH_API void buffer_free(ssh_buffer buffer); LIBSSH_API void *buffer_get(ssh_buffer buffer); diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h index 01d6c52..acf1292 100644 --- a/include/libssh/libssh.h +++ b/include/libssh/libssh.h @@ -516,7 +516,6 @@ LIBSSH_API const char *ssh_userauth_kbdint_getanswer(ssh_session session, unsign LIBSSH_API int ssh_userauth_kbdint_setanswer(ssh_session session, unsigned int i, const char *answer); LIBSSH_API int ssh_userauth_password(ssh_session session, const char *username, const char *password); -LIBSSH_API int ssh_userauth_pubkey(ssh_session session, const char *username, ssh_string publickey, ssh_private_key privatekey); LIBSSH_API int ssh_userauth_privatekey_file(ssh_session session, const char *username, const char *filename, const char *passphrase); LIBSSH_API const char *ssh_version(int req_version); diff --git a/include/libssh/libsshpp.hpp b/include/libssh/libsshpp.hpp index 3c82e58..70d7db0 100644 --- a/include/libssh/libsshpp.hpp +++ b/include/libssh/libsshpp.hpp @@ -219,19 +219,13 @@ public: return ret; } /** @brief Authenticates using the publickey method. - * @param[in] pubkey public key to use for authentication * @param[in] privkey private key to use for authentication * @throws SshException on error * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED * @see ssh_userauth_pubkey */ - int userauthPubkey(ssh_string pubkey, ssh_private_key privkey){ - int ret=ssh_userauth_pubkey(c_session,NULL,pubkey,privkey); - ssh_throw(ret); - return ret; - } - int userauthPubkey(ssh_private_key privkey){ - int ret=ssh_userauth_pubkey(c_session,NULL,NULL,privkey); + int userauthPublickey(ssh_key privkey){ + int ret=ssh_userauth_publickey(c_session, NULL, privkey); ssh_throw(ret); return ret; } @@ -804,184 +804,6 @@ fail: } /** - * @brief Try to authenticate through public key (deprecated). - * - * @param[in] session The ssh session to use. - * - * @param[in] username The username to authenticate. You can specify NULL if - * ssh_option_set_username() has been used. You cannot try - * two different logins in a row. - * - * @param[in] publickey A public key returned by publickey_from_file(), or NULL - * to generate automatically from privatekey. - * - * @param[in] privatekey A private key returned by privatekey_from_file(). - * - * @returns SSH_AUTH_ERROR: A serious error happened.\n - * SSH_AUTH_DENIED: Authentication failed: use another method.\n - * SSH_AUTH_PARTIAL: You've been partially authenticated, you still - * have to use another method.\n - * SSH_AUTH_SUCCESS: Authentication successful. - * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again - * later. - * @see publickey_from_file() - * @see privatekey_from_file() - * @see privatekey_free() - * @see ssh_userauth_offer_pubkey() - */ -int ssh_userauth_pubkey(ssh_session session, const char *username, - ssh_string publickey, ssh_private_key privatekey) { - ssh_string user = NULL; - ssh_string service = NULL; - ssh_string method = NULL; - ssh_string algo = NULL; - ssh_string sign = NULL; - ssh_public_key pk = NULL; - ssh_string pkstr = NULL; - int rc = SSH_AUTH_ERROR; - - if(session==NULL) - return SSH_AUTH_ERROR; - if(privatekey==NULL){ - ssh_set_error(session,SSH_FATAL,"invalid arguments"); - return SSH_AUTH_ERROR; - } - enter_function(); - -#if 0 - if (session->version == 1) { - return ssh_userauth1_pubkey(session, username, publickey, privatekey); - } -#endif - - if (username == NULL) { - if (session->username == NULL) { - if (ssh_options_apply(session) < 0) { - leave_function(); - return rc; - } - } - user = ssh_string_from_char(session->username); - } else { - user = ssh_string_from_char(username); - } - - if (user == NULL) { - ssh_set_error_oom(session); - leave_function(); - return rc; - } - - switch(session->pending_call_state){ - case SSH_PENDING_CALL_NONE: - break; - case SSH_PENDING_CALL_AUTH_PUBKEY: - ssh_string_free(user); - user=NULL; - goto pending; - default: - ssh_set_error(session,SSH_FATAL,"Bad call during pending SSH call in ssh_userauth_pubkey"); - goto error; - rc=SSH_ERROR; - } - - rc = ssh_userauth_request_service(session); - if (rc < 0) { - ssh_string_free(user); - leave_function(); - return rc; - } - - service = ssh_string_from_char("ssh-connection"); - if (service == NULL) { - ssh_set_error_oom(session); - goto error; - } - method = ssh_string_from_char("publickey"); - if (method == NULL) { - ssh_set_error_oom(session); - goto error; - } - algo = ssh_string_from_char(ssh_type_to_char(privatekey->type)); - if (algo == NULL) { - ssh_set_error_oom(session); - goto error; - } - if (publickey == NULL) { - pk = publickey_from_privatekey(privatekey); - if (pk == NULL) { - /* most likely oom, and publickey_from_privatekey does not - * return any more information */ - ssh_set_error_oom(session); - goto error; - } - pkstr = publickey_to_string(pk); - publickey_free(pk); - if (pkstr == NULL) { - /* same as above */ - ssh_set_error_oom(session); - goto error; - } - } - - /* we said previously the public key was accepted */ - if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0 || - buffer_add_ssh_string(session->out_buffer, user) < 0 || - buffer_add_ssh_string(session->out_buffer, service) < 0 || - buffer_add_ssh_string(session->out_buffer, method) < 0 || - buffer_add_u8(session->out_buffer, 1) < 0 || - buffer_add_ssh_string(session->out_buffer, algo) < 0 || - buffer_add_ssh_string(session->out_buffer, (publickey == NULL ? pkstr : publickey)) < 0) { - ssh_set_error_oom(session); - goto error; - } - - ssh_string_free(user); - ssh_string_free(service); - ssh_string_free(method); - ssh_string_free(algo); - ssh_string_free(pkstr); - - sign = ssh_do_sign(session,session->out_buffer, privatekey); - if(sign == NULL) { - ssh_set_error_oom(session); - leave_function(); - return rc; - } - - if (buffer_add_ssh_string(session->out_buffer,sign) < 0) { - ssh_set_error_oom(session); - ssh_string_free(sign); - leave_function(); - return rc; - } - - ssh_string_free(sign); - session->auth_state=SSH_AUTH_STATE_NONE; - session->pending_call_state=SSH_PENDING_CALL_AUTH_PUBKEY; - if (packet_send(session) == SSH_ERROR) { - leave_function(); - return rc; - } -pending: - rc = ssh_userauth_get_response(session); - if (rc != SSH_AUTH_AGAIN) - session->pending_call_state=SSH_PENDING_CALL_NONE; - leave_function(); - return rc; -error: - buffer_reinit(session->out_buffer); - ssh_string_free(user); - ssh_string_free(service); - ssh_string_free(method); - ssh_string_free(algo); - ssh_string_free(pkstr); - - leave_function(); - return rc; -} - -/** * @brief Try to authenticate through public key. * * @param[in] session The ssh session to use. diff --git a/src/legacy.c b/src/legacy.c index 58ee1be..50e8a93 100644 --- a/src/legacy.c +++ b/src/legacy.c @@ -60,6 +60,35 @@ int ssh_userauth_offer_pubkey(ssh_session session, const char *username, return rc; } +int ssh_userauth_pubkey(ssh_session session, + const char *username, + ssh_string publickey, + ssh_private_key privatekey) +{ + ssh_key key; + int rc; + + (void) publickey; /* unused */ + + key = ssh_key_new(); + if (key == NULL) { + return SSH_AUTH_ERROR; + } + + key->type = privatekey->type; + key->type_c = ssh_key_type_to_char(key->type); + key->flags = SSH_KEY_FLAG_PRIVATE|SSH_KEY_FLAG_PUBLIC; + key->dsa = privatekey->dsa_priv; + key->rsa = privatekey->rsa_priv; + + rc = ssh_userauth_publickey(session, username, key); + key->dsa = NULL; + key->rsa = NULL; + ssh_key_free(key); + + return rc; +} + /* BUFFER FUNCTIONS */ void buffer_free(ssh_buffer buffer){ |