- markus@cvs.openbsd.org 2001/12/09 18:45:56
[auth2.c auth2-chall.c auth.h]
add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
fixes memleak.
This commit is contained in:
Damien Miller
parent
3afe375fd2
commit
ee11625d43
|
|
@ -8,6 +8,10 @@
|
||||||
[channels.c pathnames.h]
|
[channels.c pathnames.h]
|
||||||
use only one path to X11 UNIX domain socket vs. an array of paths
|
use only one path to X11 UNIX domain socket vs. an array of paths
|
||||||
to try. report from djast@cs.toronto.edu. ok markus@
|
to try. report from djast@cs.toronto.edu. ok markus@
|
||||||
|
- markus@cvs.openbsd.org 2001/12/09 18:45:56
|
||||||
|
[auth2.c auth2-chall.c auth.h]
|
||||||
|
add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
|
||||||
|
fixes memleak.
|
||||||
|
|
||||||
20011219
|
20011219
|
||||||
- (stevesk) OpenBSD CVS sync X11 localhost display
|
- (stevesk) OpenBSD CVS sync X11 localhost display
|
||||||
|
|
@ -7036,4 +7040,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1694 2001/12/21 01:39:51 djm Exp $
|
$Id: ChangeLog,v 1.1695 2001/12/21 01:42:34 djm Exp $
|
||||||
|
|
|
||||||
3
auth.h
3
auth.h
|
|
@ -21,7 +21,7 @@
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $OpenBSD: auth.h,v 1.22 2001/06/26 17:27:22 markus Exp $
|
* $OpenBSD: auth.h,v 1.23 2001/12/09 18:45:56 markus Exp $
|
||||||
*/
|
*/
|
||||||
#ifndef AUTH_H
|
#ifndef AUTH_H
|
||||||
#define AUTH_H
|
#define AUTH_H
|
||||||
|
|
@ -130,6 +130,7 @@ void userauth_finish(Authctxt *, int, char *);
|
||||||
int auth_root_allowed(char *);
|
int auth_root_allowed(char *);
|
||||||
|
|
||||||
int auth2_challenge(Authctxt *, char *);
|
int auth2_challenge(Authctxt *, char *);
|
||||||
|
void auth2_challenge_stop(Authctxt *);
|
||||||
|
|
||||||
int allowed_user(struct passwd *);
|
int allowed_user(struct passwd *);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@
|
||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth2-chall.c,v 1.8 2001/09/27 15:31:17 markus Exp $");
|
RCSID("$OpenBSD: auth2-chall.c,v 1.9 2001/12/09 18:45:56 markus Exp $");
|
||||||
|
|
||||||
#include "ssh2.h"
|
#include "ssh2.h"
|
||||||
#include "auth.h"
|
#include "auth.h"
|
||||||
|
|
@ -156,6 +156,18 @@ auth2_challenge(Authctxt *authctxt, char *devs)
|
||||||
return auth2_challenge_start(authctxt);
|
return auth2_challenge_start(authctxt);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* unregister kbd-int callbacks and context */
|
||||||
|
void
|
||||||
|
auth2_challenge_stop(Authctxt *authctxt)
|
||||||
|
{
|
||||||
|
/* unregister callback */
|
||||||
|
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
|
||||||
|
if (authctxt->kbdintctxt != NULL) {
|
||||||
|
kbdint_free(authctxt->kbdintctxt);
|
||||||
|
authctxt->kbdintctxt = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* side effect: sets authctxt->postponed if a reply was sent*/
|
/* side effect: sets authctxt->postponed if a reply was sent*/
|
||||||
static int
|
static int
|
||||||
auth2_challenge_start(Authctxt *authctxt)
|
auth2_challenge_start(Authctxt *authctxt)
|
||||||
|
|
@ -166,21 +178,18 @@ auth2_challenge_start(Authctxt *authctxt)
|
||||||
kbdintctxt->devices ? kbdintctxt->devices : "<empty>");
|
kbdintctxt->devices ? kbdintctxt->devices : "<empty>");
|
||||||
|
|
||||||
if (kbdint_next_device(kbdintctxt) == 0) {
|
if (kbdint_next_device(kbdintctxt) == 0) {
|
||||||
kbdint_free(kbdintctxt);
|
auth2_challenge_stop(authctxt);
|
||||||
authctxt->kbdintctxt = NULL;
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
debug("auth2_challenge_start: trying authentication method '%s'",
|
debug("auth2_challenge_start: trying authentication method '%s'",
|
||||||
kbdintctxt->device->name);
|
kbdintctxt->device->name);
|
||||||
|
|
||||||
if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) {
|
if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) {
|
||||||
kbdint_free(kbdintctxt);
|
auth2_challenge_stop(authctxt);
|
||||||
authctxt->kbdintctxt = NULL;
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (send_userauth_info_request(authctxt) == 0) {
|
if (send_userauth_info_request(authctxt) == 0) {
|
||||||
kbdint_free(kbdintctxt);
|
auth2_challenge_stop(authctxt);
|
||||||
authctxt->kbdintctxt = NULL;
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
|
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
|
||||||
|
|
@ -271,10 +280,8 @@ input_userauth_info_response(int type, int plen, void *ctxt)
|
||||||
break;
|
break;
|
||||||
case 1:
|
case 1:
|
||||||
/* Authentication needs further interaction */
|
/* Authentication needs further interaction */
|
||||||
authctxt->postponed = 1;
|
if (send_userauth_info_request(authctxt) == 1)
|
||||||
if (send_userauth_info_request(authctxt) == 0) {
|
authctxt->postponed = 1;
|
||||||
authctxt->postponed = 0;
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
/* Failure! */
|
/* Failure! */
|
||||||
|
|
@ -290,12 +297,8 @@ input_userauth_info_response(int type, int plen, void *ctxt)
|
||||||
strlcat(method, kbdintctxt->device->name, len);
|
strlcat(method, kbdintctxt->device->name, len);
|
||||||
|
|
||||||
if (!authctxt->postponed) {
|
if (!authctxt->postponed) {
|
||||||
/* unregister callback */
|
|
||||||
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
|
|
||||||
|
|
||||||
if (authenticated) {
|
if (authenticated) {
|
||||||
kbdint_free(kbdintctxt);
|
auth2_challenge_stop(authctxt);
|
||||||
authctxt->kbdintctxt = NULL;
|
|
||||||
} else {
|
} else {
|
||||||
/* start next device */
|
/* start next device */
|
||||||
/* may set authctxt->postponed */
|
/* may set authctxt->postponed */
|
||||||
|
|
|
||||||
10
auth2.c
10
auth2.c
|
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth2.c,v 1.74 2001/12/05 03:56:39 itojun Exp $");
|
RCSID("$OpenBSD: auth2.c,v 1.75 2001/12/09 18:45:56 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
|
|
@ -220,14 +220,8 @@ input_userauth_request(int type, int plen, void *ctxt)
|
||||||
authctxt->user, authctxt->service, user, service);
|
authctxt->user, authctxt->service, user, service);
|
||||||
}
|
}
|
||||||
/* reset state */
|
/* reset state */
|
||||||
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error);
|
auth2_challenge_stop(authctxt);
|
||||||
authctxt->postponed = 0;
|
authctxt->postponed = 0;
|
||||||
#ifdef BSD_AUTH
|
|
||||||
if (authctxt->as) {
|
|
||||||
auth_close(authctxt->as);
|
|
||||||
authctxt->as = NULL;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* try to authenticate user */
|
/* try to authenticate user */
|
||||||
m = authmethod_lookup(method);
|
m = authmethod_lookup(method);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue