1 /* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25 #include "includes.h" 26 RCSID("$OpenBSD: sshconnect2.c,v 1.95 2002/02/03 17:59:23 markus Exp $"); 27 28 #include "ssh.h" 29 #include "ssh2.h" 30 #include "xmalloc.h" 31 #include "buffer.h" 32 #include "packet.h" 33 #include "compat.h" 34 #include "bufaux.h" 35 #include "cipher.h" 36 #include "kex.h" 37 #include "myproposal.h" 38 #include "sshconnect.h" 39 #include "authfile.h" 40 #include "dh.h" 41 #include "authfd.h" 42 #include "log.h" 43 #include "readconf.h" 44 #include "readpass.h" 45 #include "match.h" 46 #include "dispatch.h" 47 #include "canohost.h" 48 49 /* import */ 50 extern char *client_version_string; 51 extern char *server_version_string; 52 extern Options options; 53 54 /* 55 * SSH2 key exchange 56 */ 57 58 u_char *session_id2 = NULL; 59 int session_id2_len = 0; 60 61 char *xxx_host; 62 struct sockaddr *xxx_hostaddr; 63 64 Kex *xxx_kex = NULL; 65 66 static int 67 verify_host_key_callback(Key *hostkey) 68 { 69 if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1) 70 fatal("Host key verification failed."); 71 return 0; 72 } 73 74 void 75 ssh_kex2(char *host, struct sockaddr *hostaddr) 76 { 77 Kex *kex; 78 79 xxx_host = host; 80 xxx_hostaddr = hostaddr; 81 82 if (options.ciphers == (char *)-1) { 83 log("No valid ciphers for protocol version 2 given, using defaults."); 84 options.ciphers = NULL; 85 } 86 if (options.ciphers != NULL) { 87 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 88 myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; 89 } 90 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 91 compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); 92 myproposal[PROPOSAL_ENC_ALGS_STOC] = 93 compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); 94 if (options.compression) { 95 myproposal[PROPOSAL_COMP_ALGS_CTOS] = 96 myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib"; 97 } else { 98 myproposal[PROPOSAL_COMP_ALGS_CTOS] = 99 myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; 100 } 101 if (options.macs != NULL) { 102 myproposal[PROPOSAL_MAC_ALGS_CTOS] = 103 myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; 104 } 105 if (options.hostkeyalgorithms != NULL) 106 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 107 options.hostkeyalgorithms; 108 109 /* start key exchange */ 110 kex = kex_setup(myproposal); 111 kex->client_version_string=client_version_string; 112 kex->server_version_string=server_version_string; 113 kex->verify_host_key=&verify_host_key_callback; 114 115 xxx_kex = kex; 116 117 dispatch_run(DISPATCH_BLOCK, &kex->done, kex); 118 119 session_id2 = kex->session_id; 120 session_id2_len = kex->session_id_len; 121 122 #ifdef DEBUG_KEXDH 123 /* send 1st encrypted/maced/compressed message */ 124 packet_start(SSH2_MSG_IGNORE); 125 packet_put_cstring("markus"); 126 packet_send(); 127 packet_write_wait(); 128 #endif 129 debug("done: ssh_kex2."); 130 } 131 132 /* 133 * Authenticate user 134 */ 135 136 typedef struct Authctxt Authctxt; 137 typedef struct Authmethod Authmethod; 138 139 typedef int sign_cb_fn( 140 Authctxt *authctxt, Key *key, 141 u_char **sigp, int *lenp, u_char *data, int datalen); 142 143 struct Authctxt { 144 const char *server_user; 145 const char *local_user; 146 const char *host; 147 const char *service; 148 Authmethod *method; 149 int success; 150 char *authlist; 151 /* pubkey */ 152 Key *last_key; 153 sign_cb_fn *last_key_sign; 154 int last_key_hint; 155 AuthenticationConnection *agent; 156 /* hostbased */ 157 Key **keys; 158 int nkeys; 159 /* kbd-interactive */ 160 int info_req_seen; 161 }; 162 struct Authmethod { 163 char *name; /* string to compare against server's list */ 164 int (*userauth)(Authctxt *authctxt); 165 int *enabled; /* flag in option struct that enables method */ 166 int *batch_flag; /* flag in option struct that disables method */ 167 }; 168 169 void input_userauth_success(int, u_int32_t, void *); 170 void input_userauth_failure(int, u_int32_t, void *); 171 void input_userauth_banner(int, u_int32_t, void *); 172 void input_userauth_error(int, u_int32_t, void *); 173 void input_userauth_info_req(int, u_int32_t, void *); 174 void input_userauth_pk_ok(int, u_int32_t, void *); 175 176 int userauth_none(Authctxt *); 177 int userauth_pubkey(Authctxt *); 178 int userauth_passwd(Authctxt *); 179 int userauth_kbdint(Authctxt *); 180 int userauth_hostbased(Authctxt *); 181 182 void userauth(Authctxt *, char *); 183 184 static int sign_and_send_pubkey(Authctxt *, Key *, sign_cb_fn *); 185 static void clear_auth_state(Authctxt *); 186 187 static Authmethod *authmethod_get(char *authlist); 188 static Authmethod *authmethod_lookup(const char *name); 189 static char *authmethods_get(void); 190 191 Authmethod authmethods[] = { 192 {"hostbased", 193 userauth_hostbased, 194 &options.hostbased_authentication, 195 NULL}, 196 {"publickey", 197 userauth_pubkey, 198 &options.pubkey_authentication, 199 NULL}, 200 {"keyboard-interactive", 201 userauth_kbdint, 202 &options.kbd_interactive_authentication, 203 &options.batch_mode}, 204 {"password", 205 userauth_passwd, 206 &options.password_authentication, 207 &options.batch_mode}, 208 {"none", 209 userauth_none, 210 NULL, 211 NULL}, 212 {NULL, NULL, NULL, NULL} 213 }; 214 215 void 216 ssh_userauth2(const char *local_user, const char *server_user, char *host, 217 Key **keys, int nkeys) 218 { 219 Authctxt authctxt; 220 int type; 221 222 if (options.challenge_response_authentication) 223 options.kbd_interactive_authentication = 1; 224 225 debug("send SSH2_MSG_SERVICE_REQUEST"); 226 packet_start(SSH2_MSG_SERVICE_REQUEST); 227 packet_put_cstring("ssh-userauth"); 228 packet_send(); 229 packet_write_wait(); 230 type = packet_read(); 231 if (type != SSH2_MSG_SERVICE_ACCEPT) { 232 fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type); 233 } 234 if (packet_remaining() > 0) { 235 char *reply = packet_get_string(NULL); 236 debug("service_accept: %s", reply); 237 xfree(reply); 238 } else { 239 debug("buggy server: service_accept w/o service"); 240 } 241 packet_check_eom(); 242 debug("got SSH2_MSG_SERVICE_ACCEPT"); 243 244 if (options.preferred_authentications == NULL) 245 options.preferred_authentications = authmethods_get(); 246 247 /* setup authentication context */ 248 memset(&authctxt, 0, sizeof(authctxt)); 249 authctxt.agent = ssh_get_authentication_connection(); 250 authctxt.server_user = server_user; 251 authctxt.local_user = local_user; 252 authctxt.host = host; 253 authctxt.service = "ssh-connection"; /* service name */ 254 authctxt.success = 0; 255 authctxt.method = authmethod_lookup("none"); 256 authctxt.authlist = NULL; 257 authctxt.keys = keys; 258 authctxt.nkeys = nkeys; 259 authctxt.info_req_seen = 0; 260 if (authctxt.method == NULL) 261 fatal("ssh_userauth2: internal error: cannot send userauth none request"); 262 263 /* initial userauth request */ 264 userauth_none(&authctxt); 265 266 dispatch_init(&input_userauth_error); 267 dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); 268 dispatch_set(SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure); 269 dispatch_set(SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner); 270 dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */ 271 272 if (authctxt.agent != NULL) 273 ssh_close_authentication_connection(authctxt.agent); 274 275 debug("ssh-userauth2 successful: method %s", authctxt.method->name); 276 } 277 void 278 userauth(Authctxt *authctxt, char *authlist) 279 { 280 if (authlist == NULL) { 281 authlist = authctxt->authlist; 282 } else { 283 if (authctxt->authlist) 284 xfree(authctxt->authlist); 285 authctxt->authlist = authlist; 286 } 287 for (;;) { 288 Authmethod *method = authmethod_get(authlist); 289 if (method == NULL) 290 fatal("Permission denied (%s).", authlist); 291 authctxt->method = method; 292 if (method->userauth(authctxt) != 0) { 293 debug2("we sent a %s packet, wait for reply", method->name); 294 break; 295 } else { 296 debug2("we did not send a packet, disable method"); 297 method->enabled = NULL; 298 } 299 } 300 } 301 void 302 input_userauth_error(int type, u_int32_t seq, void *ctxt) 303 { 304 fatal("input_userauth_error: bad message during authentication: " 305 "type %d", type); 306 } 307 void 308 input_userauth_banner(int type, u_int32_t seq, void *ctxt) 309 { 310 char *msg, *lang; 311 debug3("input_userauth_banner"); 312 msg = packet_get_string(NULL); 313 lang = packet_get_string(NULL); 314 fprintf(stderr, "%s", msg); 315 xfree(msg); 316 xfree(lang); 317 } 318 void 319 input_userauth_success(int type, u_int32_t seq, void *ctxt) 320 { 321 Authctxt *authctxt = ctxt; 322 if (authctxt == NULL) 323 fatal("input_userauth_success: no authentication context"); 324 if (authctxt->authlist) 325 xfree(authctxt->authlist); 326 clear_auth_state(authctxt); 327 authctxt->success = 1; /* break out */ 328 } 329 void 330 input_userauth_failure(int type, u_int32_t seq, void *ctxt) 331 { 332 Authctxt *authctxt = ctxt; 333 char *authlist = NULL; 334 int partial; 335 336 if (authctxt == NULL) 337 fatal("input_userauth_failure: no authentication context"); 338 339 authlist = packet_get_string(NULL); 340 partial = packet_get_char(); 341 packet_check_eom(); 342 343 if (partial != 0) 344 log("Authenticated with partial success."); 345 debug("authentications that can continue: %s", authlist); 346 347 clear_auth_state(authctxt); 348 userauth(authctxt, authlist); 349 } 350 void 351 input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) 352 { 353 Authctxt *authctxt = ctxt; 354 Key *key = NULL; 355 Buffer b; 356 int pktype, alen, blen, sent = 0; 357 char *pkalg, *pkblob, *fp; 358 359 if (authctxt == NULL) 360 fatal("input_userauth_pk_ok: no authentication context"); 361 if (datafellows & SSH_BUG_PKOK) { 362 /* this is similar to SSH_BUG_PKAUTH */ 363 debug2("input_userauth_pk_ok: SSH_BUG_PKOK"); 364 pkblob = packet_get_string(&blen); 365 buffer_init(&b); 366 buffer_append(&b, pkblob, blen); 367 pkalg = buffer_get_string(&b, &alen); 368 buffer_free(&b); 369 } else { 370 pkalg = packet_get_string(&alen); 371 pkblob = packet_get_string(&blen); 372 } 373 packet_check_eom(); 374 375 debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", 376 pkalg, blen, authctxt->last_key, authctxt->last_key_hint); 377 378 do { 379 if (authctxt->last_key == NULL || 380 authctxt->last_key_sign == NULL) { 381 debug("no last key or no sign cb"); 382 break; 383 } 384 if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) { 385 debug("unknown pkalg %s", pkalg); 386 break; 387 } 388 if ((key = key_from_blob(pkblob, blen)) == NULL) { 389 debug("no key from blob. pkalg %s", pkalg); 390 break; 391 } 392 if (key->type != pktype) { 393 error("input_userauth_pk_ok: type mismatch " 394 "for decoded key (received %d, expected %d)", 395 key->type, pktype); 396 break; 397 } 398 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 399 debug2("input_userauth_pk_ok: fp %s", fp); 400 xfree(fp); 401 if (!key_equal(key, authctxt->last_key)) { 402 debug("key != last_key"); 403 break; 404 } 405 sent = sign_and_send_pubkey(authctxt, key, 406 authctxt->last_key_sign); 407 } while (0); 408 409 if (key != NULL) 410 key_free(key); 411 xfree(pkalg); 412 xfree(pkblob); 413 414 /* unregister */ 415 clear_auth_state(authctxt); 416 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, NULL); 417 418 /* try another method if we did not send a packet*/ 419 if (sent == 0) 420 userauth(authctxt, NULL); 421 422 } 423 424 int 425 userauth_none(Authctxt *authctxt) 426 { 427 /* initial userauth request */ 428 packet_start(SSH2_MSG_USERAUTH_REQUEST); 429 packet_put_cstring(authctxt->server_user); 430 packet_put_cstring(authctxt->service); 431 packet_put_cstring(authctxt->method->name); 432 packet_send(); 433 return 1; 434 } 435 436 int 437 userauth_passwd(Authctxt *authctxt) 438 { 439 static int attempt = 0; 440 char prompt[80]; 441 char *password; 442 443 if (attempt++ >= options.number_of_password_prompts) 444 return 0; 445 446 if (attempt != 1) 447 error("Permission denied, please try again."); 448 449 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", 450 authctxt->server_user, authctxt->host); 451 password = read_passphrase(prompt, 0); 452 packet_start(SSH2_MSG_USERAUTH_REQUEST); 453 packet_put_cstring(authctxt->server_user); 454 packet_put_cstring(authctxt->service); 455 packet_put_cstring(authctxt->method->name); 456 packet_put_char(0); 457 packet_put_cstring(password); 458 memset(password, 0, strlen(password)); 459 xfree(password); 460 packet_add_padding(64); 461 packet_send(); 462 return 1; 463 } 464 465 static void 466 clear_auth_state(Authctxt *authctxt) 467 { 468 /* XXX clear authentication state */ 469 if (authctxt->last_key != NULL && authctxt->last_key_hint == -1) { 470 debug3("clear_auth_state: key_free %p", authctxt->last_key); 471 key_free(authctxt->last_key); 472 } 473 authctxt->last_key = NULL; 474 authctxt->last_key_hint = -2; 475 authctxt->last_key_sign = NULL; 476 } 477 478 static int 479 sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) 480 { 481 Buffer b; 482 u_char *blob, *signature; 483 int bloblen, slen; 484 int skip = 0; 485 int ret = -1; 486 int have_sig = 1; 487 488 debug3("sign_and_send_pubkey"); 489 490 if (key_to_blob(k, &blob, &bloblen) == 0) { 491 /* we cannot handle this key */ 492 debug3("sign_and_send_pubkey: cannot handle key"); 493 return 0; 494 } 495 /* data to be signed */ 496 buffer_init(&b); 497 if (datafellows & SSH_OLD_SESSIONID) { 498 buffer_append(&b, session_id2, session_id2_len); 499 skip = session_id2_len; 500 } else { 501 buffer_put_string(&b, session_id2, session_id2_len); 502 skip = buffer_len(&b); 503 } 504 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 505 buffer_put_cstring(&b, authctxt->server_user); 506 buffer_put_cstring(&b, 507 datafellows & SSH_BUG_PKSERVICE ? 508 "ssh-userauth" : 509 authctxt->service); 510 if (datafellows & SSH_BUG_PKAUTH) { 511 buffer_put_char(&b, have_sig); 512 } else { 513 buffer_put_cstring(&b, authctxt->method->name); 514 buffer_put_char(&b, have_sig); 515 buffer_put_cstring(&b, key_ssh_name(k)); 516 } 517 buffer_put_string(&b, blob, bloblen); 518 519 /* generate signature */ 520 ret = (*sign_callback)(authctxt, k, &signature, &slen, 521 buffer_ptr(&b), buffer_len(&b)); 522 if (ret == -1) { 523 xfree(blob); 524 buffer_free(&b); 525 return 0; 526 } 527 #ifdef DEBUG_PK 528 buffer_dump(&b); 529 #endif 530 if (datafellows & SSH_BUG_PKSERVICE) { 531 buffer_clear(&b); 532 buffer_append(&b, session_id2, session_id2_len); 533 skip = session_id2_len; 534 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 535 buffer_put_cstring(&b, authctxt->server_user); 536 buffer_put_cstring(&b, authctxt->service); 537 buffer_put_cstring(&b, authctxt->method->name); 538 buffer_put_char(&b, have_sig); 539 if (!(datafellows & SSH_BUG_PKAUTH)) 540 buffer_put_cstring(&b, key_ssh_name(k)); 541 buffer_put_string(&b, blob, bloblen); 542 } 543 xfree(blob); 544 545 /* append signature */ 546 buffer_put_string(&b, signature, slen); 547 xfree(signature); 548 549 /* skip session id and packet type */ 550 if (buffer_len(&b) < skip + 1) 551 fatal("userauth_pubkey: internal error"); 552 buffer_consume(&b, skip + 1); 553 554 /* put remaining data from buffer into packet */ 555 packet_start(SSH2_MSG_USERAUTH_REQUEST); 556 packet_put_raw(buffer_ptr(&b), buffer_len(&b)); 557 buffer_free(&b); 558 packet_send(); 559 560 return 1; 561 } 562 563 static int 564 send_pubkey_test(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback, 565 int hint) 566 { 567 u_char *blob; 568 int bloblen, have_sig = 0; 569 570 debug3("send_pubkey_test"); 571 572 if (key_to_blob(k, &blob, &bloblen) == 0) { 573 /* we cannot handle this key */ 574 debug3("send_pubkey_test: cannot handle key"); 575 return 0; 576 } 577 /* register callback for USERAUTH_PK_OK message */ 578 authctxt->last_key_sign = sign_callback; 579 authctxt->last_key_hint = hint; 580 authctxt->last_key = k; 581 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, &input_userauth_pk_ok); 582 583 packet_start(SSH2_MSG_USERAUTH_REQUEST); 584 packet_put_cstring(authctxt->server_user); 585 packet_put_cstring(authctxt->service); 586 packet_put_cstring(authctxt->method->name); 587 packet_put_char(have_sig); 588 if (!(datafellows & SSH_BUG_PKAUTH)) 589 packet_put_cstring(key_ssh_name(k)); 590 packet_put_string(blob, bloblen); 591 xfree(blob); 592 packet_send(); 593 return 1; 594 } 595 596 static Key * 597 load_identity_file(char *filename) 598 { 599 Key *private; 600 char prompt[300], *passphrase; 601 int quit, i; 602 struct stat st; 603 604 if (stat(filename, &st) < 0) { 605 debug3("no such identity: %s", filename); 606 return NULL; 607 } 608 private = key_load_private_type(KEY_UNSPEC, filename, "", NULL); 609 if (private == NULL) { 610 if (options.batch_mode) 611 return NULL; 612 snprintf(prompt, sizeof prompt, 613 "Enter passphrase for key '%.100s': ", filename); 614 for (i = 0; i < options.number_of_password_prompts; i++) { 615 passphrase = read_passphrase(prompt, 0); 616 if (strcmp(passphrase, "") != 0) { 617 private = key_load_private_type(KEY_UNSPEC, filename, 618 passphrase, NULL); 619 quit = 0; 620 } else { 621 debug2("no passphrase given, try next key"); 622 quit = 1; 623 } 624 memset(passphrase, 0, strlen(passphrase)); 625 xfree(passphrase); 626 if (private != NULL || quit) 627 break; 628 debug2("bad passphrase given, try again..."); 629 } 630 } 631 return private; 632 } 633 634 static int 635 identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 636 u_char *data, int datalen) 637 { 638 Key *private; 639 int idx, ret; 640 641 idx = authctxt->last_key_hint; 642 if (idx < 0) 643 return -1; 644 645 /* private key is stored in external hardware */ 646 if (options.identity_keys[idx]->flags & KEY_FLAG_EXT) 647 return key_sign(options.identity_keys[idx], sigp, lenp, data, datalen); 648 649 private = load_identity_file(options.identity_files[idx]); 650 if (private == NULL) 651 return -1; 652 ret = key_sign(private, sigp, lenp, data, datalen); 653 key_free(private); 654 return ret; 655 } 656 657 static int 658 agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 659 u_char *data, int datalen) 660 { 661 return ssh_agent_sign(authctxt->agent, key, sigp, lenp, data, datalen); 662 } 663 664 static int 665 key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 666 u_char *data, int datalen) 667 { 668 return key_sign(key, sigp, lenp, data, datalen); 669 } 670 671 static int 672 userauth_pubkey_agent(Authctxt *authctxt) 673 { 674 static int called = 0; 675 int ret = 0; 676 char *comment; 677 Key *k; 678 679 if (called == 0) { 680 if (ssh_get_num_identities(authctxt->agent, 2) == 0) 681 debug2("userauth_pubkey_agent: no keys at all"); 682 called = 1; 683 } 684 k = ssh_get_next_identity(authctxt->agent, &comment, 2); 685 if (k == NULL) { 686 debug2("userauth_pubkey_agent: no more keys"); 687 } else { 688 debug("userauth_pubkey_agent: testing agent key %s", comment); 689 xfree(comment); 690 ret = send_pubkey_test(authctxt, k, agent_sign_cb, -1); 691 if (ret == 0) 692 key_free(k); 693 } 694 if (ret == 0) 695 debug2("userauth_pubkey_agent: no message sent"); 696 return ret; 697 } 698 699 int 700 userauth_pubkey(Authctxt *authctxt) 701 { 702 static int idx = 0; 703 int sent = 0; 704 Key *key; 705 char *filename; 706 707 if (authctxt->agent != NULL) { 708 do { 709 sent = userauth_pubkey_agent(authctxt); 710 } while (!sent && authctxt->agent->howmany > 0); 711 } 712 while (!sent && idx < options.num_identity_files) { 713 key = options.identity_keys[idx]; 714 filename = options.identity_files[idx]; 715 if (key == NULL) { 716 debug("try privkey: %s", filename); 717 key = load_identity_file(filename); 718 if (key != NULL) { 719 sent = sign_and_send_pubkey(authctxt, key, 720 key_sign_cb); 721 key_free(key); 722 } 723 } else if (key->type != KEY_RSA1) { 724 debug("try pubkey: %s", filename); 725 sent = send_pubkey_test(authctxt, key, 726 identity_sign_cb, idx); 727 } 728 idx++; 729 } 730 return sent; 731 } 732 733 /* 734 * Send userauth request message specifying keyboard-interactive method. 735 */ 736 int 737 userauth_kbdint(Authctxt *authctxt) 738 { 739 static int attempt = 0; 740 741 if (attempt++ >= options.number_of_password_prompts) 742 return 0; 743 /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */ 744 if (attempt > 1 && !authctxt->info_req_seen) { 745 debug3("userauth_kbdint: disable: no info_req_seen"); 746 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL); 747 return 0; 748 } 749 750 debug2("userauth_kbdint"); 751 packet_start(SSH2_MSG_USERAUTH_REQUEST); 752 packet_put_cstring(authctxt->server_user); 753 packet_put_cstring(authctxt->service); 754 packet_put_cstring(authctxt->method->name); 755 packet_put_cstring(""); /* lang */ 756 packet_put_cstring(options.kbd_interactive_devices ? 757 options.kbd_interactive_devices : ""); 758 packet_send(); 759 760 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, &input_userauth_info_req); 761 return 1; 762 } 763 764 /* 765 * parse INFO_REQUEST, prompt user and send INFO_RESPONSE 766 */ 767 void 768 input_userauth_info_req(int type, u_int32_t seq, void *ctxt) 769 { 770 Authctxt *authctxt = ctxt; 771 char *name, *inst, *lang, *prompt, *response; 772 u_int num_prompts, i; 773 int echo = 0; 774 775 debug2("input_userauth_info_req"); 776 777 if (authctxt == NULL) 778 fatal("input_userauth_info_req: no authentication context"); 779 780 authctxt->info_req_seen = 1; 781 782 name = packet_get_string(NULL); 783 inst = packet_get_string(NULL); 784 lang = packet_get_string(NULL); 785 if (strlen(name) > 0) 786 log("%s", name); 787 if (strlen(inst) > 0) 788 log("%s", inst); 789 xfree(name); 790 xfree(inst); 791 xfree(lang); 792 793 num_prompts = packet_get_int(); 794 /* 795 * Begin to build info response packet based on prompts requested. 796 * We commit to providing the correct number of responses, so if 797 * further on we run into a problem that prevents this, we have to 798 * be sure and clean this up and send a correct error response. 799 */ 800 packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE); 801 packet_put_int(num_prompts); 802 803 debug2("input_userauth_info_req: num_prompts %d", num_prompts); 804 for (i = 0; i < num_prompts; i++) { 805 prompt = packet_get_string(NULL); 806 echo = packet_get_char(); 807 808 response = read_passphrase(prompt, echo ? RP_ECHO : 0); 809 810 packet_put_cstring(response); 811 memset(response, 0, strlen(response)); 812 xfree(response); 813 xfree(prompt); 814 } 815 packet_check_eom(); /* done with parsing incoming message. */ 816 817 packet_add_padding(64); 818 packet_send(); 819 } 820 821 /* 822 * this will be move to an external program (ssh-keysign) ASAP. ssh-keysign 823 * will be setuid-root and the sbit can be removed from /usr/bin/ssh. 824 */ 825 int 826 userauth_hostbased(Authctxt *authctxt) 827 { 828 Key *private = NULL; 829 Buffer b; 830 u_char *signature, *blob; 831 char *chost, *pkalg, *p; 832 const char *service; 833 u_int blen, slen; 834 int ok, i, len, found = 0; 835 836 /* check for a useful key */ 837 for (i = 0; i < authctxt->nkeys; i++) { 838 private = authctxt->keys[i]; 839 if (private && private->type != KEY_RSA1) { 840 found = 1; 841 /* we take and free the key */ 842 authctxt->keys[i] = NULL; 843 break; 844 } 845 } 846 if (!found) { 847 debug("userauth_hostbased: no more client hostkeys"); 848 return 0; 849 } 850 if (key_to_blob(private, &blob, &blen) == 0) { 851 key_free(private); 852 return 0; 853 } 854 /* figure out a name for the client host */ 855 p = get_local_name(packet_get_connection_in()); 856 if (p == NULL) { 857 error("userauth_hostbased: cannot get local ipaddr/name"); 858 key_free(private); 859 return 0; 860 } 861 len = strlen(p) + 2; 862 chost = xmalloc(len); 863 strlcpy(chost, p, len); 864 strlcat(chost, ".", len); 865 debug2("userauth_hostbased: chost %s", chost); 866 867 service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : 868 authctxt->service; 869 pkalg = xstrdup(key_ssh_name(private)); 870 buffer_init(&b); 871 /* construct data */ 872 buffer_put_string(&b, session_id2, session_id2_len); 873 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 874 buffer_put_cstring(&b, authctxt->server_user); 875 buffer_put_cstring(&b, service); 876 buffer_put_cstring(&b, authctxt->method->name); 877 buffer_put_cstring(&b, pkalg); 878 buffer_put_string(&b, blob, blen); 879 buffer_put_cstring(&b, chost); 880 buffer_put_cstring(&b, authctxt->local_user); 881 #ifdef DEBUG_PK 882 buffer_dump(&b); 883 #endif 884 ok = key_sign(private, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); 885 key_free(private); 886 buffer_free(&b); 887 if (ok != 0) { 888 error("key_sign failed"); 889 xfree(chost); 890 xfree(pkalg); 891 return 0; 892 } 893 packet_start(SSH2_MSG_USERAUTH_REQUEST); 894 packet_put_cstring(authctxt->server_user); 895 packet_put_cstring(authctxt->service); 896 packet_put_cstring(authctxt->method->name); 897 packet_put_cstring(pkalg); 898 packet_put_string(blob, blen); 899 packet_put_cstring(chost); 900 packet_put_cstring(authctxt->local_user); 901 packet_put_string(signature, slen); 902 memset(signature, 's', slen); 903 xfree(signature); 904 xfree(chost); 905 xfree(pkalg); 906 907 packet_send(); 908 return 1; 909 } 910 911 /* find auth method */ 912 913 /* 914 * given auth method name, if configurable options permit this method fill 915 * in auth_ident field and return true, otherwise return false. 916 */ 917 static int 918 authmethod_is_enabled(Authmethod *method) 919 { 920 if (method == NULL) 921 return 0; 922 /* return false if options indicate this method is disabled */ 923 if (method->enabled == NULL || *method->enabled == 0) 924 return 0; 925 /* return false if batch mode is enabled but method needs interactive mode */ 926 if (method->batch_flag != NULL && *method->batch_flag != 0) 927 return 0; 928 return 1; 929 } 930 931 static Authmethod * 932 authmethod_lookup(const char *name) 933 { 934 Authmethod *method = NULL; 935 if (name != NULL) 936 for (method = authmethods; method->name != NULL; method++) 937 if (strcmp(name, method->name) == 0) 938 return method; 939 debug2("Unrecognized authentication method name: %s", name ? name : "NULL"); 940 return NULL; 941 } 942 943 /* XXX internal state */ 944 static Authmethod *current = NULL; 945 static char *supported = NULL; 946 static char *preferred = NULL; 947 /* 948 * Given the authentication method list sent by the server, return the 949 * next method we should try. If the server initially sends a nil list, 950 * use a built-in default list. 951 */ 952 static Authmethod * 953 authmethod_get(char *authlist) 954 { 955 956 char *name = NULL; 957 int next; 958 959 /* Use a suitable default if we're passed a nil list. */ 960 if (authlist == NULL || strlen(authlist) == 0) 961 authlist = options.preferred_authentications; 962 963 if (supported == NULL || strcmp(authlist, supported) != 0) { 964 debug3("start over, passed a different list %s", authlist); 965 if (supported != NULL) 966 xfree(supported); 967 supported = xstrdup(authlist); 968 preferred = options.preferred_authentications; 969 debug3("preferred %s", preferred); 970 current = NULL; 971 } else if (current != NULL && authmethod_is_enabled(current)) 972 return current; 973 974 for (;;) { 975 if ((name = match_list(preferred, supported, &next)) == NULL) { 976 debug("no more auth methods to try"); 977 current = NULL; 978 return NULL; 979 } 980 preferred += next; 981 debug3("authmethod_lookup %s", name); 982 debug3("remaining preferred: %s", preferred); 983 if ((current = authmethod_lookup(name)) != NULL && 984 authmethod_is_enabled(current)) { 985 debug3("authmethod_is_enabled %s", name); 986 debug("next auth method to try is %s", name); 987 return current; 988 } 989 } 990 } 991 992 static char * 993 authmethods_get(void) 994 { 995 Authmethod *method = NULL; 996 Buffer b; 997 char *list; 998 999 buffer_init(&b); 1000 for (method = authmethods; method->name != NULL; method++) { 1001 if (authmethod_is_enabled(method)) { 1002 if (buffer_len(&b) > 0) 1003 buffer_append(&b, ",", 1); 1004 buffer_append(&b, method->name, strlen(method->name)); 1005 } 1006 } 1007 buffer_append(&b, "\0", 1); 1008 list = xstrdup(buffer_ptr(&b)); 1009 buffer_free(&b); 1010 return list; 1011 } 1012