mirror of https://github.com/wolfSSL/wolfssh.git
remove keyboard auth callback and use generic auth callback
JacobBarthelmeh
parent
0e5d1fcc1b
commit
7c7d315121
|
|
@ -1709,7 +1709,7 @@ static void StrListFree(StrList* list)
|
|||
}
|
||||
|
||||
|
||||
/* Map user names to passwords */
|
||||
/* Map user names to passwords and keyboard auth prompts */
|
||||
/* Use arrays for username and p. The password or public key can
|
||||
* be hashed and the hash stored here. Then I won't need the type. */
|
||||
typedef struct PwMap {
|
||||
|
|
@ -1717,6 +1717,9 @@ typedef struct PwMap {
|
|||
byte username[32];
|
||||
word32 usernameSz;
|
||||
byte p[WC_SHA256_DIGEST_SIZE];
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
WS_UserAuthData_Keyboard* keyboard;
|
||||
#endif
|
||||
struct PwMap* next;
|
||||
} PwMap;
|
||||
|
||||
|
|
@ -1752,6 +1755,24 @@ static PwMap* PwMapNew(PwMapList* list, byte type, const byte* username,
|
|||
}
|
||||
|
||||
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
/* Create new node for list of auths, adding keyboard auth prompts */
|
||||
static PwMap* PwMapKeyboardNew(PwMapList* list, byte type, const byte* username,
|
||||
word32 usernameSz, const byte* p, word32 pSz,
|
||||
WS_UserAuthData_Keyboard* keyboard)
|
||||
{
|
||||
PwMap* map;
|
||||
|
||||
map = PwMapNew(list, type, username, usernameSz, p, pSz);
|
||||
if (map) {
|
||||
map->keyboard = keyboard;
|
||||
}
|
||||
|
||||
return map;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
static void PwMapListDelete(PwMapList* list)
|
||||
{
|
||||
if (list != NULL) {
|
||||
|
|
@ -2013,7 +2034,8 @@ static int LoadPasswdList(StrList* strList, PwMapList* mapList)
|
|||
return count;
|
||||
}
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
static int LoadKeyboardList(StrList* strList, PwMapList* mapList)
|
||||
static int LoadKeyboardList(StrList* strList, PwMapList* mapList,
|
||||
WS_UserAuthData_Keyboard* kbAuthData)
|
||||
{
|
||||
char names[256];
|
||||
char* passwd;
|
||||
|
|
@ -2026,9 +2048,10 @@ static int LoadKeyboardList(StrList* strList, PwMapList* mapList)
|
|||
*passwd = 0;
|
||||
passwd++;
|
||||
|
||||
PwMapNew(mapList, WOLFSSH_USERAUTH_KEYBOARD,
|
||||
PwMapKeyboardNew(mapList, WOLFSSH_USERAUTH_KEYBOARD,
|
||||
(byte*)names, (word32)WSTRLEN(names),
|
||||
(byte*)passwd, (word32)WSTRLEN(passwd));
|
||||
(byte*)passwd, (word32)WSTRLEN(passwd),
|
||||
kbAuthData);
|
||||
}
|
||||
else {
|
||||
fprintf(stderr, "Ignoring password: %s\n", names);
|
||||
|
|
@ -2192,6 +2215,7 @@ static int wsUserAuth(byte authType,
|
|||
#endif
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
authType != WOLFSSH_USERAUTH_KEYBOARD &&
|
||||
authType != WOLFSSH_USERAUTH_KEYBOARD_SETUP &&
|
||||
#endif
|
||||
authType != WOLFSSH_USERAUTH_PUBLICKEY) {
|
||||
|
||||
|
|
@ -2315,6 +2339,14 @@ static int wsUserAuth(byte authType,
|
|||
}
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
else if (authData->type == WOLFSSH_USERAUTH_KEYBOARD) {
|
||||
if (authType == WOLFSSH_USERAUTH_KEYBOARD_SETUP) {
|
||||
/* setup the keyboard auth prompts */
|
||||
WMEMCPY(&authData->sf.keyboard, map->keyboard,
|
||||
sizeof(WS_UserAuthData_Keyboard));
|
||||
return WS_SUCCESS;
|
||||
}
|
||||
|
||||
/* do keyboard auth prompts */
|
||||
if (WMEMCMP(map->p, authHash, WC_SHA256_DIGEST_SIZE) == 0) {
|
||||
return WOLFSSH_USERAUTH_SUCCESS;
|
||||
}
|
||||
|
|
@ -2338,15 +2370,6 @@ static int wsUserAuth(byte authType,
|
|||
return WOLFSSH_USERAUTH_INVALID_USER;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
static int keyboardCallback(WS_UserAuthData_Keyboard *kbAuth, void *ctx)
|
||||
{
|
||||
WS_UserAuthData_Keyboard *kbAuthData = (WS_UserAuthData_Keyboard*) ctx;
|
||||
WMEMCPY(kbAuth, kbAuthData, sizeof(WS_UserAuthData_Keyboard));
|
||||
|
||||
return WS_SUCCESS;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSH_SFTP
|
||||
/*
|
||||
|
|
@ -2800,9 +2823,6 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
|
|||
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
if (keyboardList) {
|
||||
LoadKeyboardList(keyboardList, &pwMapList);
|
||||
StrListFree(keyboardList);
|
||||
keyboardList = NULL;
|
||||
kbAuthData.promptCount = 1;
|
||||
kbAuthData.promptName = NULL;
|
||||
kbAuthData.promptNameSz = 0;
|
||||
|
|
@ -2825,7 +2845,9 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
|
|||
ES_ERROR("Error allocating promptEcho");
|
||||
}
|
||||
kbAuthData.promptEcho[0] = 0;
|
||||
wolfSSH_SetKeyboardAuthPrompts(ctx, keyboardCallback);
|
||||
LoadKeyboardList(keyboardList, &pwMapList, &kbAuthData);
|
||||
StrListFree(keyboardList);
|
||||
keyboardList = NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
@ -3035,9 +3057,6 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
|
|||
#endif
|
||||
wolfSSH_SetUserAuthCtx(ssh, &pwMapList);
|
||||
wolfSSH_SetKeyingCompletionCbCtx(ssh, (void*)ssh);
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
wolfSSH_SetKeyboardAuthCtx(ssh, &kbAuthData);
|
||||
#endif
|
||||
|
||||
/* Use the session object for its own highwater callback ctx */
|
||||
if (defaultHighwater > 0) {
|
||||
|
|
|
|||
|
|
@ -877,9 +877,6 @@ WOLFSSH_CTX* CtxInit(WOLFSSH_CTX* ctx, byte side, void* heap)
|
|||
ctx->algoListCipher = cannedEncAlgoNames;
|
||||
ctx->algoListMac = cannedMacAlgoNames;
|
||||
ctx->algoListKeyAccepted = cannedKeyAlgoNames;
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
ctx->keyboardAuthCb = NULL;
|
||||
#endif
|
||||
|
||||
count = (word32)(sizeof(ctx->privateKey)
|
||||
/ sizeof(ctx->privateKey[0]));
|
||||
|
|
@ -13369,19 +13366,22 @@ int SendUserAuthKeyboardRequest(WOLFSSH* ssh, WS_UserAuthData* authData)
|
|||
|
||||
WLOG(WS_LOG_DEBUG, "Entering SendUserAuthKeyboardRequest()");
|
||||
|
||||
|
||||
if (ssh == NULL || authData == NULL) {
|
||||
ret = WS_BAD_ARGUMENT;
|
||||
}
|
||||
|
||||
if (ssh->ctx->keyboardAuthCb == NULL) {
|
||||
if (ssh->ctx->userAuthCb == NULL) {
|
||||
WLOG(WS_LOG_DEBUG, "SendUserAuthKeyboardRequest called with no Cb set");
|
||||
ret = WS_BAD_USAGE;
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
ret = ssh->ctx->keyboardAuthCb(&authData->sf.keyboard,
|
||||
ssh->keyboardAuthCtx);
|
||||
authData->type = WOLFSSH_USERAUTH_KEYBOARD;
|
||||
ret = ssh->ctx->userAuthCb(WOLFSSH_USERAUTH_KEYBOARD_SETUP, authData,
|
||||
ssh->userAuthCtx);
|
||||
if (ret == WOLFSSH_USERAUTH_SUCCESS) {
|
||||
ret = WS_SUCCESS;
|
||||
}
|
||||
}
|
||||
|
||||
if (authData->sf.keyboard.promptCount > 0 &&
|
||||
|
|
@ -14946,6 +14946,7 @@ int SendUserAuthRequest(WOLFSSH* ssh, byte authType, int addSig)
|
|||
WMEMSET(keySig_ptr, 0, sizeof(WS_KeySignature));
|
||||
keySig_ptr->keySigId = ID_NONE;
|
||||
keySig_ptr->heap = ssh->ctx->heap;
|
||||
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
/* Callback happens later for keyboard auth */
|
||||
if (authType & WOLFSSH_USERAUTH_KEYBOARD) {
|
||||
|
|
@ -15117,9 +15118,7 @@ static int GetAllowedAuth(WOLFSSH* ssh, char* authStr)
|
|||
|
||||
typeAllowed |= WOLFSSH_USERAUTH_PASSWORD;
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
if (ssh->ctx->keyboardAuthCb != NULL) {
|
||||
typeAllowed |= WOLFSSH_USERAUTH_KEYBOARD;
|
||||
}
|
||||
typeAllowed |= WOLFSSH_USERAUTH_KEYBOARD;
|
||||
#endif
|
||||
#if !defined(WOLFSSH_NO_RSA) || !defined(WOLFSSH_NO_ECDSA)
|
||||
typeAllowed |= WOLFSSH_USERAUTH_PUBLICKEY;
|
||||
|
|
|
|||
17
src/ssh.c
17
src/ssh.c
|
|
@ -1338,23 +1338,6 @@ int wolfSSH_SendDisconnect(WOLFSSH *ssh, word32 reason)
|
|||
return SendDisconnect(ssh, reason);
|
||||
}
|
||||
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
void wolfSSH_SetKeyboardAuthPrompts(WOLFSSH_CTX* ctx,
|
||||
WS_CallbackKeyboardAuthPrompts cb)
|
||||
{
|
||||
if (ctx != NULL) {
|
||||
ctx->keyboardAuthCb = cb;
|
||||
}
|
||||
}
|
||||
|
||||
void wolfSSH_SetKeyboardAuthCtx(WOLFSSH* ssh, void* keyboardAuthCtx)
|
||||
{
|
||||
if (ssh != NULL) {
|
||||
ssh->keyboardAuthCtx = keyboardAuthCtx;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
void wolfSSH_SetUserAuth(WOLFSSH_CTX* ctx, WS_CallbackUserAuth cb)
|
||||
{
|
||||
if (ctx != NULL) {
|
||||
|
|
|
|||
|
|
@ -529,9 +529,6 @@ struct WOLFSSH_CTX {
|
|||
WS_CallbackUserAuth userAuthCb; /* User Authentication Callback */
|
||||
WS_CallbackUserAuthTypes userAuthTypesCb; /* Authentication Types Allowed */
|
||||
WS_CallbackUserAuthResult userAuthResultCb; /* User Authentication Result */
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
WS_CallbackKeyboardAuthPrompts keyboardAuthCb; /* Keyboard auth prompts */
|
||||
#endif
|
||||
WS_CallbackHighwater highwaterCb; /* Data Highwater Mark Callback */
|
||||
WS_CallbackGlobalReq globalReqCb; /* Global Request Callback */
|
||||
WS_CallbackReqSuccess reqSuccessCb; /* Global Request Success Callback */
|
||||
|
|
|
|||
|
|
@ -368,13 +368,6 @@ WOLFSSH_API void wolfSSH_SetUserAuthTypes(WOLFSSH_CTX*,
|
|||
WOLFSSH_API void wolfSSH_SetUserAuthCtx(WOLFSSH*, void*);
|
||||
WOLFSSH_API void* wolfSSH_GetUserAuthCtx(WOLFSSH*);
|
||||
|
||||
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
|
||||
typedef int (*WS_CallbackKeyboardAuthPrompts)(WS_UserAuthData_Keyboard*, void*);
|
||||
WOLFSSH_API void wolfSSH_SetKeyboardAuthPrompts(WOLFSSH_CTX*,
|
||||
WS_CallbackKeyboardAuthPrompts);
|
||||
WOLFSSH_API void wolfSSH_SetKeyboardAuthCtx(WOLFSSH*, void*);
|
||||
#endif
|
||||
|
||||
typedef int (*WS_CallbackUserAuthResult)(byte result,
|
||||
WS_UserAuthData* authData, void* userAuthResultCtx);
|
||||
WOLFSSH_API void wolfSSH_SetUserAuthResult(WOLFSSH_CTX* ctx,
|
||||
|
|
@ -474,6 +467,7 @@ enum WS_FormatTypes {
|
|||
#define WOLFSSH_USERAUTH_PUBLICKEY 0x02
|
||||
#define WOLFSSH_USERAUTH_KEYBOARD 0x04
|
||||
#define WOLFSSH_USERAUTH_NONE 0x08
|
||||
#define WOLFSSH_USERAUTH_KEYBOARD_SETUP 0x10
|
||||
|
||||
enum WS_UserAuthResults
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue