diff --git a/src/libssh2_priv.h b/src/libssh2_priv.h index c9bbe87..04f3427 100644 --- a/src/libssh2_priv.h +++ b/src/libssh2_priv.h @@ -657,33 +657,59 @@ struct _LIBSSH2_SESSION { libssh2_nonblocking_states readPack_state; int readPack_encrypted; - /* - * State variables used in libssh2_userauth_list(), - * libssh2_userauth_password_ex(), libssh2_userauth_hostbased_fromfile_ex(), - * libssh2_userauth_publickey_fromfile_ex(), - * libssh2_userauth_keyboard_interactive_ex - */ - libssh2_nonblocking_states userauth_state; - unsigned char *userauth_data; - unsigned char userauth_data0; - unsigned long userauth_data_len; - char *userauth_newpw; - int userauth_newpw_len; - unsigned char *userauth_packet; - unsigned long userauth_packet_len; - unsigned char *userauth_method; - unsigned long userauth_method_len; - unsigned char *userauth_s; - unsigned char *userauth_b; - unsigned int userauth_auth_name_len; - char *userauth_auth_name; - unsigned userauth_auth_instruction_len; - char *userauth_auth_instruction; - unsigned int userauth_num_prompts; - int userauth_auth_failure; - LIBSSH2_USERAUTH_KBDINT_PROMPT *userauth_prompts; - LIBSSH2_USERAUTH_KBDINT_RESPONSE *userauth_responses; - packet_requirev_state_t userauth_packet_requirev_state; + /* State variables used in libssh2_userauth_list() */ + libssh2_nonblocking_states userauth_list_state; + unsigned char *userauth_list_data; + unsigned long userauth_list_data_len; + packet_requirev_state_t userauth_list_packet_requirev_state; + + /* State variables used in libssh2_userauth_password_ex() */ + libssh2_nonblocking_states userauth_pswd_state; + unsigned char *userauth_pswd_data; + unsigned char userauth_pswd_data0; + unsigned long userauth_pswd_data_len; + char *userauth_pswd_newpw; + int userauth_pswd_newpw_len; + packet_requirev_state_t userauth_pswd_packet_requirev_state; + + /* State variables used in libssh2_userauth_hostbased_fromfile_ex() */ + libssh2_nonblocking_states userauth_host_state; + unsigned char *userauth_host_data; + unsigned long userauth_host_data_len; + unsigned char *userauth_host_packet; + unsigned long userauth_host_packet_len; + unsigned char *userauth_host_method; + unsigned long userauth_host_method_len; + unsigned char *userauth_host_s; + packet_requirev_state_t userauth_host_packet_requirev_state; + + /* State variables used in libssh2_userauth_publickey_fromfile_ex() */ + libssh2_nonblocking_states userauth_pblc_state; + unsigned char *userauth_pblc_data; + unsigned long userauth_pblc_data_len; + unsigned char *userauth_pblc_packet; + unsigned long userauth_pblc_packet_len; + unsigned char *userauth_pblc_method; + unsigned long userauth_pblc_method_len; + unsigned char *userauth_pblc_s; + unsigned char *userauth_pblc_b; + packet_requirev_state_t userauth_pblc_packet_requirev_state; + + /* State variables used in llibssh2_userauth_keyboard_interactive_ex() */ + libssh2_nonblocking_states userauth_kybd_state; + unsigned char *userauth_kybd_data; + unsigned long userauth_kybd_data_len; + unsigned char *userauth_kybd_packet; + unsigned long userauth_kybd_packet_len; + unsigned int userauth_kybd_auth_name_len; + char *userauth_kybd_auth_name; + unsigned userauth_kybd_auth_instruction_len; + char *userauth_kybd_auth_instruction; + unsigned int userauth_kybd_num_prompts; + int userauth_kybd_auth_failure; + LIBSSH2_USERAUTH_KBDINT_PROMPT *userauth_kybd_prompts; + LIBSSH2_USERAUTH_KBDINT_RESPONSE *userauth_kybd_responses; + packet_requirev_state_t userauth_kybd_packet_requirev_state; /* State variables used in libssh2_channel_open_ex() */ libssh2_nonblocking_states open_state; diff --git a/src/session.c b/src/session.c index 6ce319e..4003b43 100644 --- a/src/session.c +++ b/src/session.c @@ -713,20 +713,41 @@ LIBSSH2_API void libssh2_session_free(LIBSSH2_SESSION *session) if (session->disconnect_data) { LIBSSH2_FREE(session, session->disconnect_data); } - if (session->userauth_data) { - LIBSSH2_FREE(session, session->userauth_data); + if (session->userauth_list_data) { + LIBSSH2_FREE(session, session->userauth_list_data); } - if (session->userauth_newpw) { - LIBSSH2_FREE(session, session->userauth_newpw); + if (session->userauth_pswd_data) { + LIBSSH2_FREE(session, session->userauth_pswd_data); } - if (session->userauth_packet) { - LIBSSH2_FREE(session, session->userauth_packet); + if (session->userauth_pswd_newpw) { + LIBSSH2_FREE(session, session->userauth_pswd_newpw); } - if (session->userauth_method) { - LIBSSH2_FREE(session, session->userauth_method); + if (session->userauth_host_packet) { + LIBSSH2_FREE(session, session->userauth_host_packet); } - if (session->userauth_auth_instruction) { - LIBSSH2_FREE(session, session->userauth_auth_instruction); + if (session->userauth_host_method) { + LIBSSH2_FREE(session, session->userauth_host_method); + } + if (session->userauth_host_data) { + LIBSSH2_FREE(session, session->userauth_host_data); + } + if (session->userauth_pblc_data) { + LIBSSH2_FREE(session, session->userauth_pblc_data); + } + if (session->userauth_pblc_packet) { + LIBSSH2_FREE(session, session->userauth_pblc_packet); + } + if (session->userauth_pblc_method) { + LIBSSH2_FREE(session, session->userauth_pblc_method); + } + if (session->userauth_kybd_data) { + LIBSSH2_FREE(session, session->userauth_kybd_data); + } + if (session->userauth_kybd_packet) { + LIBSSH2_FREE(session, session->userauth_kybd_packet); + } + if (session->userauth_kybd_auth_instruction) { + LIBSSH2_FREE(session, session->userauth_kybd_auth_instruction); } if (session->open_packet) { LIBSSH2_FREE(session, session->open_packet); diff --git a/src/userauth.c b/src/userauth.c index 83e6d00..e1bc6ad 100644 --- a/src/userauth.c +++ b/src/userauth.c @@ -61,14 +61,14 @@ LIBSSH2_API char *libssh2_userauth_list(LIBSSH2_SESSION *session, const char *us unsigned char *s; int rc; - if (session->userauth_state == libssh2_NB_state_idle) { + if (session->userauth_list_state == libssh2_NB_state_idle) { /* Zero the whole thing out */ - memset(&session->userauth_packet_requirev_state, 0, sizeof(session->userauth_packet_requirev_state)); + memset(&session->userauth_list_packet_requirev_state, 0, sizeof(session->userauth_list_packet_requirev_state)); - session->userauth_data_len = username_len + 31; + session->userauth_list_data_len = username_len + 31; - s = session->userauth_data = LIBSSH2_ALLOC(session, session->userauth_data_len); - if (!session->userauth_data) { + s = session->userauth_list_data = LIBSSH2_ALLOC(session, session->userauth_list_data_len); + if (!session->userauth_list_data) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for userauth_list", 0); return NULL; } @@ -85,59 +85,59 @@ LIBSSH2_API char *libssh2_userauth_list(LIBSSH2_SESSION *session, const char *us libssh2_htonu32(s, 4); s += 4; memcpy(s, "none", 4); s += 4; - session->userauth_state = libssh2_NB_state_created; + session->userauth_list_state = libssh2_NB_state_created; } - if (session->userauth_state == libssh2_NB_state_created) { - rc = libssh2_packet_write(session, session->userauth_data, session->userauth_data_len); + if (session->userauth_list_state == libssh2_NB_state_created) { + rc = libssh2_packet_write(session, session->userauth_list_data, session->userauth_list_data_len); if (rc == PACKET_EAGAIN) { libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block requesting userauth list", 0); return NULL; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send userauth-none request", 0); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_list_data); + session->userauth_list_data = NULL; + session->userauth_list_state = libssh2_NB_state_idle; return NULL; } - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_list_data); + session->userauth_list_data = NULL; - session->userauth_state = libssh2_NB_state_sent; + session->userauth_list_state = libssh2_NB_state_sent; } - if (session->userauth_state == libssh2_NB_state_sent) { - rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_data, &session->userauth_data_len, - 0, NULL, 0, &session->userauth_packet_requirev_state); + if (session->userauth_list_state == libssh2_NB_state_sent) { + rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_list_data, &session->userauth_list_data_len, + 0, NULL, 0, &session->userauth_list_packet_requirev_state); if (rc == PACKET_EAGAIN) { libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block requesting userauth list", 0); return NULL; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_NONE, "No error", 0); - session->userauth_state = libssh2_NB_state_idle; + session->userauth_list_state = libssh2_NB_state_idle; return NULL; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_SUCCESS) { + if (session->userauth_list_data[0] == SSH_MSG_USERAUTH_SUCCESS) { /* Wow, who'dve thought... */ libssh2_error(session, LIBSSH2_ERROR_NONE, "No error", 0); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_list_data); + session->userauth_list_data = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; - session->userauth_state = libssh2_NB_state_idle; + session->userauth_list_state = libssh2_NB_state_idle; return NULL; } - methods_len = libssh2_ntohu32(session->userauth_data + 1); - memcpy(session->userauth_data, session->userauth_data + 5, methods_len); - session->userauth_data[methods_len] = '\0'; - _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Permitted auth methods: %s", session->userauth_data); + methods_len = libssh2_ntohu32(session->userauth_list_data + 1); + memcpy(session->userauth_list_data, session->userauth_list_data + 5, methods_len); + session->userauth_list_data[methods_len] = '\0'; + _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Permitted auth methods: %s", session->userauth_list_data); } - session->userauth_state = libssh2_NB_state_idle; - return (char *)session->userauth_data; + session->userauth_list_state = libssh2_NB_state_idle; + return (char *)session->userauth_list_data; } /* }}} */ @@ -159,23 +159,24 @@ libssh2_userauth_password_ex(LIBSSH2_SESSION *session, const char *username, uns unsigned int password_len, LIBSSH2_PASSWD_CHANGEREQ_FUNC((*passwd_change_cb))) { unsigned char *s; - static const unsigned char reply_codes[4] = { SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, 0 }; + static const unsigned char reply_codes[4] = { SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, + SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, 0 }; int rc; - if (session->userauth_state == libssh2_NB_state_idle) { + if (session->userauth_pswd_state == libssh2_NB_state_idle) { /* Zero the whole thing out */ - memset(&session->userauth_packet_requirev_state, 0, sizeof(session->userauth_packet_requirev_state)); + memset(&session->userauth_pswd_packet_requirev_state, 0, sizeof(session->userauth_pswd_packet_requirev_state)); /* * 40 = acket_type(1) + username_len(4) + service_len(4) + * service(14)"ssh-connection" + method_len(4) + method(8)"password" + * chgpwdbool(1) + password_len(4) */ - session->userauth_data_len = username_len + password_len + 40; + session->userauth_pswd_data_len = username_len + password_len + 40; - session->userauth_data0 = ~SSH_MSG_USERAUTH_PASSWD_CHANGEREQ; + session->userauth_pswd_data0 = ~SSH_MSG_USERAUTH_PASSWD_CHANGEREQ; - s = session->userauth_data = LIBSSH2_ALLOC(session, session->userauth_data_len); - if (!session->userauth_data) { + s = session->userauth_pswd_data = LIBSSH2_ALLOC(session, session->userauth_pswd_data_len); + if (!session->userauth_pswd_data) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for userauth-password request", 0); return -1; } @@ -197,84 +198,86 @@ libssh2_userauth_password_ex(LIBSSH2_SESSION *session, const char *username, uns _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Attempting to login using password authentication"); - session->userauth_state = libssh2_NB_state_created; + session->userauth_pswd_state = libssh2_NB_state_created; } - if (session->userauth_state == libssh2_NB_state_created) { - rc = libssh2_packet_write(session, session->userauth_data, session->userauth_data_len); + if (session->userauth_pswd_state == libssh2_NB_state_created) { + rc = libssh2_packet_write(session, session->userauth_pswd_data, session->userauth_pswd_data_len); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send userauth-password request", 0); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_pswd_data); + session->userauth_pswd_data = NULL; + session->userauth_pswd_state = libssh2_NB_state_idle; return -1; } - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_data); + session->userauth_pswd_data = NULL; - session->userauth_state = libssh2_NB_state_sent; + session->userauth_pswd_state = libssh2_NB_state_sent; } password_response: - if ((session->userauth_state == libssh2_NB_state_sent) || (session->userauth_state == libssh2_NB_state_sent1) || - (session->userauth_state == libssh2_NB_state_sent2)) { - if (session->userauth_state == libssh2_NB_state_sent) { - rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_data, &session->userauth_data_len, - 0, NULL, 0, &session->userauth_packet_requirev_state); + if ((session->userauth_pswd_state == libssh2_NB_state_sent) || (session->userauth_pswd_state == libssh2_NB_state_sent1) || + (session->userauth_pswd_state == libssh2_NB_state_sent2)) { + if (session->userauth_pswd_state == libssh2_NB_state_sent) { + rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_pswd_data, &session->userauth_pswd_data_len, + 0, NULL, 0, &session->userauth_pswd_packet_requirev_state); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pswd_state = libssh2_NB_state_idle; return -1; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_SUCCESS) { + if (session->userauth_pswd_data[0] == SSH_MSG_USERAUTH_SUCCESS) { _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Password authentication successful"); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_data); + session->userauth_pswd_data = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pswd_state = libssh2_NB_state_idle; return 0; } - session->userauth_newpw = NULL; - session->userauth_newpw_len = 0; + session->userauth_pswd_newpw = NULL; + session->userauth_pswd_newpw_len = 0; - session->userauth_state = libssh2_NB_state_sent1; + session->userauth_pswd_state = libssh2_NB_state_sent1; } - if ((session->userauth_data[0] == SSH_MSG_USERAUTH_PASSWD_CHANGEREQ) || - (session->userauth_data0 == SSH_MSG_USERAUTH_PASSWD_CHANGEREQ)) { - session->userauth_data0 = SSH_MSG_USERAUTH_PASSWD_CHANGEREQ; + if ((session->userauth_pswd_data[0] == SSH_MSG_USERAUTH_PASSWD_CHANGEREQ) || + (session->userauth_pswd_data0 == SSH_MSG_USERAUTH_PASSWD_CHANGEREQ)) { + session->userauth_pswd_data0 = SSH_MSG_USERAUTH_PASSWD_CHANGEREQ; - if ((session->userauth_state == libssh2_NB_state_sent1) || (session->userauth_state == libssh2_NB_state_sent2)) { - if (session->userauth_state == libssh2_NB_state_sent1) { + if ((session->userauth_pswd_state == libssh2_NB_state_sent1) || + (session->userauth_pswd_state == libssh2_NB_state_sent2)) { + if (session->userauth_pswd_state == libssh2_NB_state_sent1) { _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Password change required"); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_data); + session->userauth_pswd_data = NULL; } if (passwd_change_cb) { - if (session->userauth_state == libssh2_NB_state_sent1) { - passwd_change_cb(session, &session->userauth_newpw, &session->userauth_newpw_len, &session->abstract); - if (!session->userauth_newpw) { + if (session->userauth_pswd_state == libssh2_NB_state_sent1) { + passwd_change_cb(session, &session->userauth_pswd_newpw, &session->userauth_pswd_newpw_len, + &session->abstract); + if (!session->userauth_pswd_newpw) { libssh2_error(session, LIBSSH2_ERROR_PASSWORD_EXPIRED, "Password expired, and callback failed", 0); return -1; } /* basic data_len + newpw_len(4) */ - session->userauth_data_len = username_len + password_len + 44 + session->userauth_newpw_len; + session->userauth_pswd_data_len = username_len + password_len + 44 + session->userauth_pswd_newpw_len; - s = session->userauth_data = LIBSSH2_ALLOC(session, session->userauth_data_len); - if (!session->userauth_data) { + s = session->userauth_pswd_data = LIBSSH2_ALLOC(session, session->userauth_pswd_data_len); + if (!session->userauth_pswd_data) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for userauth-password-change request", 0); - LIBSSH2_FREE(session, session->userauth_newpw); - session->userauth_newpw = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_newpw); + session->userauth_pswd_newpw = NULL; return -1; } @@ -293,52 +296,52 @@ libssh2_userauth_password_ex(LIBSSH2_SESSION *session, const char *username, uns libssh2_htonu32(s, password_len); s += 4; memcpy(s, password, password_len); s += password_len; - libssh2_htonu32(s, session->userauth_newpw_len); s += 4; - memcpy(s, session->userauth_newpw, session->userauth_newpw_len); - s += session->userauth_newpw_len; + libssh2_htonu32(s, session->userauth_pswd_newpw_len); s += 4; + memcpy(s, session->userauth_pswd_newpw, session->userauth_pswd_newpw_len); + s += session->userauth_pswd_newpw_len; - session->userauth_state = libssh2_NB_state_sent2; + session->userauth_pswd_state = libssh2_NB_state_sent2; } - if (session->userauth_state == libssh2_NB_state_sent2) { - rc = libssh2_packet_write(session, session->userauth_data, session->userauth_data_len); + if (session->userauth_pswd_state == libssh2_NB_state_sent2) { + rc = libssh2_packet_write(session, session->userauth_pswd_data, session->userauth_pswd_data_len); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send userauth-password-change request", 0); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - LIBSSH2_FREE(session, session->userauth_newpw); - session->userauth_newpw = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_data); + session->userauth_pswd_data = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_newpw); + session->userauth_pswd_newpw = NULL; return -1; } - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - LIBSSH2_FREE(session, session->userauth_newpw); - session->userauth_newpw = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_data); + session->userauth_pswd_data = NULL; + LIBSSH2_FREE(session, session->userauth_pswd_newpw); + session->userauth_pswd_newpw = NULL; /* * Ugliest use of goto ever. Blame it on the * askN => requirev migration. */ - session->userauth_state = libssh2_NB_state_sent; + session->userauth_pswd_state = libssh2_NB_state_sent; goto password_response; } } } else { libssh2_error(session, LIBSSH2_ERROR_PASSWORD_EXPIRED, "Password Expired, and no callback specified", 0); - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pswd_state = libssh2_NB_state_idle; return -1; } } } /* FAILURE */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_pswd_data); + session->userauth_pswd_data = NULL; + session->userauth_pswd_state = libssh2_NB_state_idle; return -1; } /* }}} */ @@ -480,11 +483,11 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, const char *use unsigned long pubkeydata_len, sig_len, data_len; int rc; - if (session->userauth_state == libssh2_NB_state_idle) { + if (session->userauth_host_state == libssh2_NB_state_idle) { /* Zero the whole thing out */ - memset(&session->userauth_packet_requirev_state, 0, sizeof(session->userauth_packet_requirev_state)); + memset(&session->userauth_host_packet_requirev_state, 0, sizeof(session->userauth_host_packet_requirev_state)); - if (libssh2_file_read_publickey(session, &session->userauth_method, &session->userauth_method_len, + if (libssh2_file_read_publickey(session, &session->userauth_host_method, &session->userauth_host_method_len, &pubkeydata, &pubkeydata_len, publickey)) { return -1; } @@ -495,7 +498,7 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, const char *use * authmethod(9)"hostbased" + method_len(4) + pubkeydata_len(4) + * local_username_len(4) */ - session->userauth_packet_len = username_len + session->userauth_method_len + hostname_len + + session->userauth_host_packet_len = username_len + session->userauth_host_method_len + hostname_len + local_username_len + pubkeydata_len + 48; /* @@ -503,43 +506,43 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, const char *use * and the signature, which won't be any larger than the size of * the publickeydata itself */ - session->userauth_s = session->userauth_packet = - LIBSSH2_ALLOC(session, session->userauth_packet_len + 4 + (4 + session->userauth_method_len) +(4 + pubkeydata_len)); - if (!session->userauth_packet) { - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; + session->userauth_host_s = session->userauth_host_packet = + LIBSSH2_ALLOC(session, session->userauth_host_packet_len + 4 + (4 + session->userauth_host_method_len) +(4 + pubkeydata_len)); + if (!session->userauth_host_packet) { + LIBSSH2_FREE(session, session->userauth_host_method); + session->userauth_host_method = NULL; return -1; } - *(session->userauth_s++) = SSH_MSG_USERAUTH_REQUEST; - libssh2_htonu32(session->userauth_s, username_len); session->userauth_s += 4; - memcpy(session->userauth_s, username, username_len); session->userauth_s += username_len; + *(session->userauth_host_s++) = SSH_MSG_USERAUTH_REQUEST; + libssh2_htonu32(session->userauth_host_s, username_len); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, username, username_len); session->userauth_host_s += username_len; - libssh2_htonu32(session->userauth_s, 14); session->userauth_s += 4; - memcpy(session->userauth_s, "ssh-connection", 14); session->userauth_s += 14; + libssh2_htonu32(session->userauth_host_s, 14); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, "ssh-connection", 14); session->userauth_host_s += 14; - libssh2_htonu32(session->userauth_s, 9); session->userauth_s += 4; - memcpy(session->userauth_s, "hostbased", 9); session->userauth_s += 9; + libssh2_htonu32(session->userauth_host_s, 9); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, "hostbased", 9); session->userauth_host_s += 9; - libssh2_htonu32(session->userauth_s, session->userauth_method_len); session->userauth_s += 4; - memcpy(session->userauth_s, session->userauth_method, session->userauth_method_len); - session->userauth_s += session->userauth_method_len; + libssh2_htonu32(session->userauth_host_s, session->userauth_host_method_len); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, session->userauth_host_method, session->userauth_host_method_len); + session->userauth_host_s += session->userauth_host_method_len; - libssh2_htonu32(session->userauth_s, pubkeydata_len); session->userauth_s += 4; - memcpy(session->userauth_s, pubkeydata, pubkeydata_len); session->userauth_s += pubkeydata_len; + libssh2_htonu32(session->userauth_host_s, pubkeydata_len); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, pubkeydata, pubkeydata_len); session->userauth_host_s += pubkeydata_len; - libssh2_htonu32(session->userauth_s, hostname_len); session->userauth_s += 4; - memcpy(session->userauth_s, hostname, hostname_len); session->userauth_s += hostname_len; + libssh2_htonu32(session->userauth_host_s, hostname_len); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, hostname, hostname_len); session->userauth_host_s += hostname_len; - libssh2_htonu32(session->userauth_s, local_username_len); session->userauth_s += 4; - memcpy(session->userauth_s, local_username, local_username_len); session->userauth_s += local_username_len; + libssh2_htonu32(session->userauth_host_s, local_username_len); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, local_username, local_username_len); session->userauth_host_s += local_username_len; - if (libssh2_file_read_privatekey(session, &privkeyobj, &abstract, session->userauth_method, - session->userauth_method_len, privatekey, passphrase)) { - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; + if (libssh2_file_read_privatekey(session, &privkeyobj, &abstract, session->userauth_host_method, + session->userauth_host_method_len, privatekey, passphrase)) { + LIBSSH2_FREE(session, session->userauth_host_method); + session->userauth_host_method = NULL; + LIBSSH2_FREE(session, session->userauth_host_packet); + session->userauth_host_packet = NULL; return -1; } @@ -548,14 +551,14 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, const char *use datavec[0].iov_len = 4; datavec[1].iov_base = session->session_id; datavec[1].iov_len = session->session_id_len; - datavec[2].iov_base = session->userauth_packet; - datavec[2].iov_len = session->userauth_packet_len; + datavec[2].iov_base = session->userauth_host_packet; + datavec[2].iov_len = session->userauth_host_packet_len; if (privkeyobj->signv(session, &sig, &sig_len, 3, datavec, &abstract)) { - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; + LIBSSH2_FREE(session, session->userauth_host_method); + session->userauth_host_method = NULL; + LIBSSH2_FREE(session, session->userauth_host_packet); + session->userauth_host_packet = NULL; if (privkeyobj->dtor) { privkeyobj->dtor(session, &abstract); } @@ -569,86 +572,86 @@ libssh2_userauth_hostbased_fromfile_ex(LIBSSH2_SESSION *session, const char *use if (sig_len > pubkeydata_len) { unsigned char *newpacket; /* Should *NEVER* happen, but...well.. better safe than sorry */ - newpacket = LIBSSH2_REALLOC(session, session->userauth_packet, session->userauth_packet_len + 4 + - (4 + session->userauth_method_len) + (4 + sig_len)); /* PK sigblob */ + newpacket = LIBSSH2_REALLOC(session, session->userauth_host_packet, session->userauth_host_packet_len + 4 + + (4 + session->userauth_host_method_len) + (4 + sig_len)); /* PK sigblob */ if (!newpacket) { libssh2_error(session, LIBSSH2_ERROR_ALLOC,"Failed allocating additional space for userauth-hostbased packet", 0); LIBSSH2_FREE(session, sig); - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; + LIBSSH2_FREE(session, session->userauth_host_packet); + session->userauth_host_packet = NULL; + LIBSSH2_FREE(session, session->userauth_host_method); + session->userauth_host_method = NULL; return -1; } - session->userauth_packet = newpacket; + session->userauth_host_packet = newpacket; } - session->userauth_s = session->userauth_packet + session->userauth_packet_len; + session->userauth_host_s = session->userauth_host_packet + session->userauth_host_packet_len; - libssh2_htonu32(session->userauth_s, 4 + session->userauth_method_len + 4 + sig_len); - session->userauth_s += 4; + libssh2_htonu32(session->userauth_host_s, 4 + session->userauth_host_method_len + 4 + sig_len); + session->userauth_host_s += 4; - libssh2_htonu32(session->userauth_s, session->userauth_method_len); session->userauth_s += 4; - memcpy(session->userauth_s, session->userauth_method, session->userauth_method_len); - session->userauth_s += session->userauth_method_len; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; + libssh2_htonu32(session->userauth_host_s, session->userauth_host_method_len); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, session->userauth_host_method, session->userauth_host_method_len); + session->userauth_host_s += session->userauth_host_method_len; + LIBSSH2_FREE(session, session->userauth_host_method); + session->userauth_host_method = NULL; - libssh2_htonu32(session->userauth_s, sig_len); session->userauth_s += 4; - memcpy(session->userauth_s, sig, sig_len); session->userauth_s += sig_len; + libssh2_htonu32(session->userauth_host_s, sig_len); session->userauth_host_s += 4; + memcpy(session->userauth_host_s, sig, sig_len); session->userauth_host_s += sig_len; LIBSSH2_FREE(session, sig); _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Attempting hostbased authentication"); - session->userauth_state = libssh2_NB_state_created; + session->userauth_host_state = libssh2_NB_state_created; } - if (session->userauth_state == libssh2_NB_state_created) { - rc = libssh2_packet_write(session, session->userauth_packet, session->userauth_s - session->userauth_packet); + if (session->userauth_host_state == libssh2_NB_state_created) { + rc = libssh2_packet_write(session, session->userauth_host_packet, session->userauth_host_s - session->userauth_host_packet); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send userauth-hostbased request", 0); - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_host_packet); + session->userauth_host_packet = NULL; + session->userauth_host_state = libssh2_NB_state_idle; return -1; } - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; + LIBSSH2_FREE(session, session->userauth_host_packet); + session->userauth_host_packet = NULL; - session->userauth_state = libssh2_NB_state_sent; + session->userauth_host_state = libssh2_NB_state_sent; } - if (session->userauth_state == libssh2_NB_state_sent) { - rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_data, &data_len, - 0, NULL, 0, &session->userauth_packet_requirev_state); + if (session->userauth_host_state == libssh2_NB_state_sent) { + rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_host_data, &data_len, + 0, NULL, 0, &session->userauth_host_packet_requirev_state); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { - session->userauth_state = libssh2_NB_state_idle; + session->userauth_host_state = libssh2_NB_state_idle; return -1; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_SUCCESS) { + if (session->userauth_host_data[0] == SSH_MSG_USERAUTH_SUCCESS) { _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Hostbased authentication successful"); /* We are us and we've proved it. */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_host_data); + session->userauth_host_data = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; - session->userauth_state = libssh2_NB_state_idle; + session->userauth_host_state = libssh2_NB_state_idle; return 0; } } /* This public key is not allowed for this user on this server */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_host_data); + session->userauth_host_data = NULL; libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED, "Invalid signature for supplied public key, or bad username/public key combination", 0); - session->userauth_state = libssh2_NB_state_idle; + session->userauth_host_state = libssh2_NB_state_idle; return -1; } /* }}} */ @@ -669,11 +672,11 @@ libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session, const char *use unsigned long pubkeydata_len, sig_len; int rc; - if (session->userauth_state == libssh2_NB_state_idle) { + if (session->userauth_pblc_state == libssh2_NB_state_idle) { /* Zero the whole thing out */ - memset(&session->userauth_packet_requirev_state, 0, sizeof(session->userauth_packet_requirev_state)); + memset(&session->userauth_pblc_packet_requirev_state, 0, sizeof(session->userauth_pblc_packet_requirev_state)); - if (libssh2_file_read_publickey(session, &session->userauth_method, &session->userauth_method_len, + if (libssh2_file_read_publickey(session, &session->userauth_pblc_method, &session->userauth_pblc_method_len, &pubkeydata, &pubkeydata_len, publickey)) { return -1; } @@ -684,145 +687,145 @@ libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session, const char *use * authmethod(9)"publickey" + sig_included(1)'\0' + algmethod_len(4) + * publickey_len(4) */ - session->userauth_packet_len = username_len + session->userauth_method_len + pubkeydata_len + 45; + session->userauth_pblc_packet_len = username_len + session->userauth_pblc_method_len + pubkeydata_len + 45; /* * Preallocate space for an overall length, method name again, and * the signature, which won't be any larger than the size of the * publickeydata itself */ - session->userauth_s = session->userauth_packet = - LIBSSH2_ALLOC(session, session->userauth_packet_len + 4 + (4 + session->userauth_method_len) + (4 + pubkeydata_len)); - if (!session->userauth_packet) { - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; + session->userauth_pblc_s = session->userauth_pblc_packet = + LIBSSH2_ALLOC(session, session->userauth_pblc_packet_len + 4 + (4 + session->userauth_pblc_method_len) + (4 + pubkeydata_len)); + if (!session->userauth_pblc_packet) { + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; LIBSSH2_FREE(session, pubkeydata); return -1; } - *(session->userauth_s++) = SSH_MSG_USERAUTH_REQUEST; - libssh2_htonu32(session->userauth_s, username_len); session->userauth_s += 4; - memcpy(session->userauth_s, username, username_len); session->userauth_s += username_len; + *(session->userauth_pblc_s++) = SSH_MSG_USERAUTH_REQUEST; + libssh2_htonu32(session->userauth_pblc_s, username_len); session->userauth_pblc_s += 4; + memcpy(session->userauth_pblc_s, username, username_len); session->userauth_pblc_s += username_len; - libssh2_htonu32(session->userauth_s, 14); session->userauth_s += 4; - memcpy(session->userauth_s, "ssh-connection", 14); session->userauth_s += 14; + libssh2_htonu32(session->userauth_pblc_s, 14); session->userauth_pblc_s += 4; + memcpy(session->userauth_pblc_s, "ssh-connection", 14); session->userauth_pblc_s += 14; - libssh2_htonu32(session->userauth_s, 9); session->userauth_s += 4; - memcpy(session->userauth_s, "publickey", 9); session->userauth_s += 9; + libssh2_htonu32(session->userauth_pblc_s, 9); session->userauth_pblc_s += 4; + memcpy(session->userauth_pblc_s, "publickey", 9); session->userauth_pblc_s += 9; - session->userauth_b = session->userauth_s; + session->userauth_pblc_b = session->userauth_pblc_s; /* Not sending signature with *this* packet */ - *(session->userauth_s++) = 0; + *(session->userauth_pblc_s++) = 0; - libssh2_htonu32(session->userauth_s, session->userauth_method_len); session->userauth_s += 4; - memcpy(session->userauth_s, session->userauth_method, session->userauth_method_len); - session->userauth_s += session->userauth_method_len; + libssh2_htonu32(session->userauth_pblc_s, session->userauth_pblc_method_len); session->userauth_pblc_s += 4; + memcpy(session->userauth_pblc_s, session->userauth_pblc_method, session->userauth_pblc_method_len); + session->userauth_pblc_s += session->userauth_pblc_method_len; - libssh2_htonu32(session->userauth_s, pubkeydata_len); session->userauth_s += 4; - memcpy(session->userauth_s, pubkeydata, pubkeydata_len); session->userauth_s += pubkeydata_len; + libssh2_htonu32(session->userauth_pblc_s, pubkeydata_len); session->userauth_pblc_s += 4; + memcpy(session->userauth_pblc_s, pubkeydata, pubkeydata_len); session->userauth_pblc_s += pubkeydata_len; LIBSSH2_FREE(session, pubkeydata); _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Attempting publickey authentication"); - session->userauth_state = libssh2_NB_state_created; + session->userauth_pblc_state = libssh2_NB_state_created; } - if (session->userauth_state == libssh2_NB_state_created) { - rc = libssh2_packet_write(session, session->userauth_packet, session->userauth_packet_len); + if (session->userauth_pblc_state == libssh2_NB_state_created) { + rc = libssh2_packet_write(session, session->userauth_pblc_packet, session->userauth_pblc_packet_len); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send userauth-publickey request", 0); - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } - session->userauth_state = libssh2_NB_state_sent; + session->userauth_pblc_state = libssh2_NB_state_sent; } - if (session->userauth_state == libssh2_NB_state_sent) { - rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_data, &session->userauth_data_len, 0, NULL, 0, - &session->userauth_packet_requirev_state); + if (session->userauth_pblc_state == libssh2_NB_state_sent) { + rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_pblc_data, &session->userauth_pblc_data_len, 0, NULL, 0, + &session->userauth_pblc_packet_requirev_state); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_SUCCESS) { + if (session->userauth_pblc_data[0] == SSH_MSG_USERAUTH_SUCCESS) { _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Pubkey authentication prematurely successful"); /* * God help any SSH server that allows an UNVERIFIED * public key to validate the user */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_data); + session->userauth_pblc_data = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pblc_state = libssh2_NB_state_idle; return 0; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_FAILURE) { + if (session->userauth_pblc_data[0] == SSH_MSG_USERAUTH_FAILURE) { /* This public key is not allowed for this user on this server */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_data); + session->userauth_pblc_data = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED, "Username/PublicKey combination invalid", 0); - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } /* Semi-Success! */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_data); + session->userauth_pblc_data = NULL; - if (libssh2_file_read_privatekey(session, &privkeyobj, &abstract, session->userauth_method, - session->userauth_method_len, privatekey, passphrase)) { - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - session->userauth_state = libssh2_NB_state_idle; + if (libssh2_file_read_privatekey(session, &privkeyobj, &abstract, session->userauth_pblc_method, + session->userauth_pblc_method_len, privatekey, passphrase)) { + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } - *session->userauth_b = 0xFF; + *session->userauth_pblc_b = 0xFF; libssh2_htonu32(buf, session->session_id_len); datavec[0].iov_base = buf; datavec[0].iov_len = 4; datavec[1].iov_base = session->session_id; datavec[1].iov_len = session->session_id_len; - datavec[2].iov_base = session->userauth_packet; - datavec[2].iov_len = session->userauth_packet_len; + datavec[2].iov_base = session->userauth_pblc_packet; + datavec[2].iov_len = session->userauth_pblc_packet_len; if (privkeyobj->signv(session, &sig, &sig_len, 3, datavec, &abstract)) { - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; if (privkeyobj->dtor) { privkeyobj->dtor(session, &abstract); } - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } @@ -833,87 +836,87 @@ libssh2_userauth_publickey_fromfile_ex(LIBSSH2_SESSION *session, const char *use if (sig_len > pubkeydata_len) { unsigned char *newpacket; /* Should *NEVER* happen, but...well.. better safe than sorry */ - newpacket = LIBSSH2_REALLOC(session, session->userauth_packet, session->userauth_packet_len + 4 + - (4 + session->userauth_method_len) + (4 + sig_len)); /* PK sigblob */ + newpacket = LIBSSH2_REALLOC(session, session->userauth_pblc_packet, session->userauth_pblc_packet_len + 4 + + (4 + session->userauth_pblc_method_len) + (4 + sig_len)); /* PK sigblob */ if (!newpacket) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Failed allocating additional space for userauth-publickey packet", 0); LIBSSH2_FREE(session, sig); - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } - session->userauth_packet = newpacket; + session->userauth_pblc_packet = newpacket; } - session->userauth_s = session->userauth_packet + session->userauth_packet_len; + session->userauth_pblc_s = session->userauth_pblc_packet + session->userauth_pblc_packet_len; - libssh2_htonu32(session->userauth_s, 4 + session->userauth_method_len + 4 + sig_len); session->userauth_s += 4; + libssh2_htonu32(session->userauth_pblc_s, 4 + session->userauth_pblc_method_len + 4 + sig_len); session->userauth_pblc_s += 4; - libssh2_htonu32(session->userauth_s, session->userauth_method_len); session->userauth_s += 4; - memcpy(session->userauth_s, session->userauth_method, session->userauth_method_len); - session->userauth_s += session->userauth_method_len; - LIBSSH2_FREE(session, session->userauth_method); - session->userauth_method = NULL; + libssh2_htonu32(session->userauth_pblc_s, session->userauth_pblc_method_len); session->userauth_pblc_s += 4; + memcpy(session->userauth_pblc_s, session->userauth_pblc_method, session->userauth_pblc_method_len); + session->userauth_pblc_s += session->userauth_pblc_method_len; + LIBSSH2_FREE(session, session->userauth_pblc_method); + session->userauth_pblc_method = NULL; - libssh2_htonu32(session->userauth_s, sig_len); session->userauth_s += 4; - memcpy(session->userauth_s, sig, sig_len); session->userauth_s += sig_len; + libssh2_htonu32(session->userauth_pblc_s, sig_len); session->userauth_pblc_s += 4; + memcpy(session->userauth_pblc_s, sig, sig_len); session->userauth_pblc_s += sig_len; LIBSSH2_FREE(session, sig); _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Attempting publickey authentication -- phase 2"); - session->userauth_state = libssh2_NB_state_sent1; + session->userauth_pblc_state = libssh2_NB_state_sent1; } - if (session->userauth_state == libssh2_NB_state_sent1) { - rc = libssh2_packet_write(session, session->userauth_packet, session->userauth_s - session->userauth_packet); + if (session->userauth_pblc_state == libssh2_NB_state_sent1) { + rc = libssh2_packet_write(session, session->userauth_pblc_packet, session->userauth_pblc_s - session->userauth_pblc_packet); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send userauth-publickey request", 0); - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } - LIBSSH2_FREE(session, session->userauth_packet); - session->userauth_packet = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_packet); + session->userauth_pblc_packet = NULL; - session->userauth_state = libssh2_NB_state_sent2; + session->userauth_pblc_state = libssh2_NB_state_sent2; } /* PK_OK is no longer valid */ reply_codes[2] = 0; - rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_data, &session->userauth_data_len, 0, NULL, 0, - &session->userauth_packet_requirev_state); + rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_pblc_data, &session->userauth_pblc_data_len, 0, NULL, 0, + &session->userauth_pblc_packet_requirev_state); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_SUCCESS) { + if (session->userauth_pblc_data[0] == SSH_MSG_USERAUTH_SUCCESS) { _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Publickey authentication successful"); /* We are us and we've proved it. */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_data); + session->userauth_pblc_data = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pblc_state = libssh2_NB_state_idle; return 0; } /* This public key is not allowed for this user on this server */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_pblc_data); + session->userauth_pblc_data = NULL; libssh2_error(session, LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED, "Invalid signature for supplied public key, or bad username/public key combination", 0); - session->userauth_state = libssh2_NB_state_idle; + session->userauth_pblc_state = libssh2_NB_state_idle; return -1; } /* }}} */ @@ -933,18 +936,18 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *u unsigned int language_tag_len; unsigned int i; - if (session->userauth_state == libssh2_NB_state_idle) { - session->userauth_auth_name = NULL; - session->userauth_auth_instruction = NULL; - session->userauth_num_prompts = 0; - session->userauth_auth_failure = 1; - session->userauth_prompts = NULL; - session->userauth_responses = NULL; + if (session->userauth_kybd_state == libssh2_NB_state_idle) { + session->userauth_kybd_auth_name = NULL; + session->userauth_kybd_auth_instruction = NULL; + session->userauth_kybd_num_prompts = 0; + session->userauth_kybd_auth_failure = 1; + session->userauth_kybd_prompts = NULL; + session->userauth_kybd_responses = NULL; /* Zero the whole thing out */ - memset(&session->userauth_packet_requirev_state, 0, sizeof(session->userauth_packet_requirev_state)); + memset(&session->userauth_kybd_packet_requirev_state, 0, sizeof(session->userauth_kybd_packet_requirev_state)); - session->userauth_packet_len = + session->userauth_kybd_packet_len = 1 /* byte SSH_MSG_USERAUTH_REQUEST */ + 4 + username_len /* string user name (ISO-10646 UTF-8, as defined in [RFC-3629]) */ + 4 + 14 /* string service name (US-ASCII) */ @@ -953,7 +956,7 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *u + 4 + 0 /* string submethods (ISO-10646 UTF-8) */ ; - session->userauth_data = s = LIBSSH2_ALLOC(session, session->userauth_packet_len); + session->userauth_kybd_data = s = LIBSSH2_ALLOC(session, session->userauth_kybd_packet_len); if (s) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for keyboard-interactive authentication", 0); return -1; @@ -981,79 +984,79 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *u _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Attempting keyboard-interactive authentication"); - session->userauth_state = libssh2_NB_state_created; + session->userauth_kybd_state = libssh2_NB_state_created; } - if (session->userauth_state == libssh2_NB_state_created) { - rc = libssh2_packet_write(session, session->userauth_data, session->userauth_packet_len); + if (session->userauth_kybd_state == libssh2_NB_state_created) { + rc = libssh2_packet_write(session, session->userauth_kybd_data, session->userauth_kybd_packet_len); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send keyboard-interactive request", 0); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - session->userauth_state = libssh2_NB_state_idle; + LIBSSH2_FREE(session, session->userauth_kybd_data); + session->userauth_kybd_data = NULL; + session->userauth_kybd_state = libssh2_NB_state_idle; return -1; } - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_kybd_data); + session->userauth_kybd_data = NULL; - session->userauth_state = libssh2_NB_state_sent; + session->userauth_kybd_state = libssh2_NB_state_sent; } for (;;) { - if (session->userauth_state == libssh2_NB_state_sent) { - rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_data, &session->userauth_data_len, - 0, NULL, 0, &session->userauth_packet_requirev_state); + if (session->userauth_kybd_state == libssh2_NB_state_sent) { + rc = libssh2_packet_requirev_ex(session, reply_codes, &session->userauth_kybd_data, &session->userauth_kybd_data_len, + 0, NULL, 0, &session->userauth_kybd_packet_requirev_state); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } else if (rc) { - session->userauth_state = libssh2_NB_state_idle; + session->userauth_kybd_state = libssh2_NB_state_idle; return -1; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_SUCCESS) { + if (session->userauth_kybd_data[0] == SSH_MSG_USERAUTH_SUCCESS) { _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Keyboard-interactive authentication successful"); - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_kybd_data); + session->userauth_kybd_data = NULL; session->state |= LIBSSH2_STATE_AUTHENTICATED; - session->userauth_state = libssh2_NB_state_idle; + session->userauth_kybd_state = libssh2_NB_state_idle; return 0; } - if (session->userauth_data[0] == SSH_MSG_USERAUTH_FAILURE) { - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; - session->userauth_state = libssh2_NB_state_idle; + if (session->userauth_kybd_data[0] == SSH_MSG_USERAUTH_FAILURE) { + LIBSSH2_FREE(session, session->userauth_kybd_data); + session->userauth_kybd_data = NULL; + session->userauth_kybd_state = libssh2_NB_state_idle; return -1; } /* server requested PAM-like conversation */ - s = session->userauth_data + 1; + s = session->userauth_kybd_data + 1; /* string name (ISO-10646 UTF-8) */ - session->userauth_auth_name_len = libssh2_ntohu32(s); s += 4; - session->userauth_auth_name = LIBSSH2_ALLOC(session, session->userauth_auth_name_len); - if (!session->userauth_auth_name) { + session->userauth_kybd_auth_name_len = libssh2_ntohu32(s); s += 4; + session->userauth_kybd_auth_name = LIBSSH2_ALLOC(session, session->userauth_kybd_auth_name_len); + if (!session->userauth_kybd_auth_name) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for keyboard-interactive 'name' request field", 0); goto cleanup; } - memcpy(session->userauth_auth_name, s, session->userauth_auth_name_len); s += session->userauth_auth_name_len; + memcpy(session->userauth_kybd_auth_name, s, session->userauth_kybd_auth_name_len); s += session->userauth_kybd_auth_name_len; /* string instruction (ISO-10646 UTF-8) */ - session->userauth_auth_instruction_len = libssh2_ntohu32(s); s += 4; - session->userauth_auth_instruction = LIBSSH2_ALLOC(session, session->userauth_auth_instruction_len); - if (!session->userauth_auth_instruction) { + session->userauth_kybd_auth_instruction_len = libssh2_ntohu32(s); s += 4; + session->userauth_kybd_auth_instruction = LIBSSH2_ALLOC(session, session->userauth_kybd_auth_instruction_len); + if (!session->userauth_kybd_auth_instruction) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for keyboard-interactive 'instruction' request field", 0); goto cleanup; } - memcpy(session->userauth_auth_instruction, s, session->userauth_auth_instruction_len); - s += session->userauth_auth_instruction_len; + memcpy(session->userauth_kybd_auth_instruction, s, session->userauth_kybd_auth_instruction_len); + s += session->userauth_kybd_auth_instruction_len; /* string language tag (as defined in [RFC-3066]) */ language_tag_len = libssh2_ntohu32(s); s += 4; @@ -1061,58 +1064,58 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *u s += language_tag_len; /* int num-prompts */ - session->userauth_num_prompts = libssh2_ntohu32(s); s += 4; + session->userauth_kybd_num_prompts = libssh2_ntohu32(s); s += 4; - session->userauth_prompts = - LIBSSH2_ALLOC(session, sizeof(LIBSSH2_USERAUTH_KBDINT_PROMPT) * session->userauth_num_prompts); - if (!session->userauth_prompts) { + session->userauth_kybd_prompts = + LIBSSH2_ALLOC(session, sizeof(LIBSSH2_USERAUTH_KBDINT_PROMPT) * session->userauth_kybd_num_prompts); + if (!session->userauth_kybd_prompts) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for keyboard-interactive prompts array", 0); goto cleanup; } - memset(session->userauth_prompts, 0, sizeof(LIBSSH2_USERAUTH_KBDINT_PROMPT) * session->userauth_num_prompts); + memset(session->userauth_kybd_prompts, 0, sizeof(LIBSSH2_USERAUTH_KBDINT_PROMPT) * session->userauth_kybd_num_prompts); - session->userauth_responses = - LIBSSH2_ALLOC(session, sizeof(LIBSSH2_USERAUTH_KBDINT_RESPONSE) * session->userauth_num_prompts); - if (!session->userauth_responses) { + session->userauth_kybd_responses = + LIBSSH2_ALLOC(session, sizeof(LIBSSH2_USERAUTH_KBDINT_RESPONSE) * session->userauth_kybd_num_prompts); + if (!session->userauth_kybd_responses) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for keyboard-interactive responses array", 0); goto cleanup; } - memset(session->userauth_responses, 0, sizeof(LIBSSH2_USERAUTH_KBDINT_RESPONSE) * session->userauth_num_prompts); + memset(session->userauth_kybd_responses, 0, sizeof(LIBSSH2_USERAUTH_KBDINT_RESPONSE) * session->userauth_kybd_num_prompts); - for(i = 0; i != session->userauth_num_prompts; ++i) { + for(i = 0; i != session->userauth_kybd_num_prompts; ++i) { /* string prompt[1] (ISO-10646 UTF-8) */ - session->userauth_prompts[i].length = libssh2_ntohu32(s); s += 4; - session->userauth_prompts[i].text = LIBSSH2_ALLOC(session, session->userauth_prompts[i].length); - if (!session->userauth_prompts[i].text) { + session->userauth_kybd_prompts[i].length = libssh2_ntohu32(s); s += 4; + session->userauth_kybd_prompts[i].text = LIBSSH2_ALLOC(session, session->userauth_kybd_prompts[i].length); + if (!session->userauth_kybd_prompts[i].text) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for keyboard-interactive prompt message", 0); goto cleanup; } - memcpy(session->userauth_prompts[i].text, s, session->userauth_prompts[i].length); - s += session->userauth_prompts[i].length; + memcpy(session->userauth_kybd_prompts[i].text, s, session->userauth_kybd_prompts[i].length); + s += session->userauth_kybd_prompts[i].length; /* boolean echo[1] */ - session->userauth_prompts[i].echo = *s++; + session->userauth_kybd_prompts[i].echo = *s++; } - response_callback(session->userauth_auth_name, session->userauth_auth_name_len, session->userauth_auth_instruction, - session->userauth_auth_instruction_len, session->userauth_num_prompts, session->userauth_prompts, - session->userauth_responses, &session->abstract); + response_callback(session->userauth_kybd_auth_name, session->userauth_kybd_auth_name_len, session->userauth_kybd_auth_instruction, + session->userauth_kybd_auth_instruction_len, session->userauth_kybd_num_prompts, session->userauth_kybd_prompts, + session->userauth_kybd_responses, &session->abstract); _libssh2_debug(session, LIBSSH2_DBG_AUTH, "Keyboard-interactive response callback function invoked"); - session->userauth_packet_len = + session->userauth_kybd_packet_len = 1 /* byte SSH_MSG_USERAUTH_INFO_RESPONSE */ + 4 /* int num-responses */ ; - for (i = 0; i != session->userauth_num_prompts; ++i) { + for (i = 0; i != session->userauth_kybd_num_prompts; ++i) { /* string response[1] (ISO-10646 UTF-8) */ - session->userauth_packet_len += 4 + session->userauth_responses[i].length; + session->userauth_kybd_packet_len += 4 + session->userauth_kybd_responses[i].length; } - session->userauth_data = s = LIBSSH2_ALLOC(session, session->userauth_packet_len); + session->userauth_kybd_data = s = LIBSSH2_ALLOC(session, session->userauth_kybd_packet_len); if (!s) { libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for keyboard-interactive response packet", 0); @@ -1120,19 +1123,19 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *u } *s = SSH_MSG_USERAUTH_INFO_RESPONSE; s++; - libssh2_htonu32(s, session->userauth_num_prompts); s += 4; + libssh2_htonu32(s, session->userauth_kybd_num_prompts); s += 4; - for (i = 0; i != session->userauth_num_prompts; ++i) { - libssh2_htonu32(s, session->userauth_responses[i].length); s += 4; - memcpy(s, session->userauth_responses[i].text, session->userauth_responses[i].length); - s += session->userauth_responses[i].length; + for (i = 0; i != session->userauth_kybd_num_prompts; ++i) { + libssh2_htonu32(s, session->userauth_kybd_responses[i].length); s += 4; + memcpy(s, session->userauth_kybd_responses[i].text, session->userauth_kybd_responses[i].length); + s += session->userauth_kybd_responses[i].length; } - session->userauth_state = libssh2_NB_state_sent1; + session->userauth_kybd_state = libssh2_NB_state_sent1; } - if (session->userauth_state == libssh2_NB_state_sent1) { - rc = libssh2_packet_write(session, session->userauth_data, session->userauth_packet_len); + if (session->userauth_kybd_state == libssh2_NB_state_sent1) { + rc = libssh2_packet_write(session, session->userauth_kybd_data, session->userauth_kybd_packet_len); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } @@ -1141,7 +1144,7 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *u goto cleanup; } - session->userauth_auth_failure = 0; + session->userauth_kybd_auth_failure = 0; } cleanup: @@ -1150,34 +1153,34 @@ libssh2_userauth_keyboard_interactive_ex(LIBSSH2_SESSION *session, const char *u * are filled by zeroes */ - LIBSSH2_FREE(session, session->userauth_data); - session->userauth_data = NULL; + LIBSSH2_FREE(session, session->userauth_kybd_data); + session->userauth_kybd_data = NULL; - if (session->userauth_prompts) { - for (i = 0; i != session->userauth_num_prompts; ++i) { - LIBSSH2_FREE(session, session->userauth_prompts[i].text); - session->userauth_prompts[i].text = NULL; + if (session->userauth_kybd_prompts) { + for (i = 0; i != session->userauth_kybd_num_prompts; ++i) { + LIBSSH2_FREE(session, session->userauth_kybd_prompts[i].text); + session->userauth_kybd_prompts[i].text = NULL; } } - if (session->userauth_responses) { - for (i = 0; i != session->userauth_num_prompts; ++i) { - LIBSSH2_FREE(session, session->userauth_responses[i].text); - session->userauth_responses[i].text = NULL; + if (session->userauth_kybd_responses) { + for (i = 0; i != session->userauth_kybd_num_prompts; ++i) { + LIBSSH2_FREE(session, session->userauth_kybd_responses[i].text); + session->userauth_kybd_responses[i].text = NULL; } } - LIBSSH2_FREE(session, session->userauth_prompts); - session->userauth_prompts = NULL; - LIBSSH2_FREE(session, session->userauth_responses); - session->userauth_responses = NULL; + LIBSSH2_FREE(session, session->userauth_kybd_prompts); + session->userauth_kybd_prompts = NULL; + LIBSSH2_FREE(session, session->userauth_kybd_responses); + session->userauth_kybd_responses = NULL; - if (session->userauth_auth_failure) { - session->userauth_state = libssh2_NB_state_idle; + if (session->userauth_kybd_auth_failure) { + session->userauth_kybd_state = libssh2_NB_state_idle; return -1; } - session->userauth_state = libssh2_NB_state_sent; + session->userauth_kybd_state = libssh2_NB_state_sent; } } /* }}} */