1 /* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25 #include "includes.h" 26 RCSID("$OpenBSD: sshconnect2.c,v 1.81 2001/07/23 09:06:28 markus Exp $"); 27 28 #include <openssl/bn.h> 29 #include <openssl/md5.h> 30 #include <openssl/dh.h> 31 #include <openssl/hmac.h> 32 33 #include "ssh.h" 34 #include "ssh2.h" 35 #include "xmalloc.h" 36 #include "rsa.h" 37 #include "buffer.h" 38 #include "packet.h" 39 #include "uidswap.h" 40 #include "compat.h" 41 #include "bufaux.h" 42 #include "cipher.h" 43 #include "kex.h" 44 #include "myproposal.h" 45 #include "key.h" 46 #include "sshconnect.h" 47 #include "authfile.h" 48 #include "dh.h" 49 #include "authfd.h" 50 #include "log.h" 51 #include "readconf.h" 52 #include "readpass.h" 53 #include "match.h" 54 #include "dispatch.h" 55 #include "canohost.h" 56 57 /* import */ 58 extern char *client_version_string; 59 extern char *server_version_string; 60 extern Options options; 61 62 /* 63 * SSH2 key exchange 64 */ 65 66 u_char *session_id2 = NULL; 67 int session_id2_len = 0; 68 69 char *xxx_host; 70 struct sockaddr *xxx_hostaddr; 71 72 Kex *xxx_kex = NULL; 73 74 static int 75 verify_host_key_callback(Key *hostkey) 76 { 77 if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1) 78 fatal("verify_host_key failed"); 79 return 0; 80 } 81 82 void 83 ssh_kex2(char *host, struct sockaddr *hostaddr) 84 { 85 Kex *kex; 86 87 xxx_host = host; 88 xxx_hostaddr = hostaddr; 89 90 if (options.ciphers == (char *)-1) { 91 log("No valid ciphers for protocol version 2 given, using defaults."); 92 options.ciphers = NULL; 93 } 94 if (options.ciphers != NULL) { 95 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 96 myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; 97 } 98 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 99 compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); 100 myproposal[PROPOSAL_ENC_ALGS_STOC] = 101 compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); 102 if (options.compression) { 103 myproposal[PROPOSAL_COMP_ALGS_CTOS] = 104 myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib"; 105 } else { 106 myproposal[PROPOSAL_COMP_ALGS_CTOS] = 107 myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; 108 } 109 if (options.macs != NULL) { 110 myproposal[PROPOSAL_MAC_ALGS_CTOS] = 111 myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; 112 } 113 if (options.hostkeyalgorithms != NULL) 114 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 115 options.hostkeyalgorithms; 116 117 /* start key exchange */ 118 kex = kex_setup(myproposal); 119 kex->client_version_string=client_version_string; 120 kex->server_version_string=server_version_string; 121 kex->verify_host_key=&verify_host_key_callback; 122 123 xxx_kex = kex; 124 125 dispatch_run(DISPATCH_BLOCK, &kex->done, kex); 126 127 session_id2 = kex->session_id; 128 session_id2_len = kex->session_id_len; 129 130 #ifdef DEBUG_KEXDH 131 /* send 1st encrypted/maced/compressed message */ 132 packet_start(SSH2_MSG_IGNORE); 133 packet_put_cstring("markus"); 134 packet_send(); 135 packet_write_wait(); 136 #endif 137 debug("done: ssh_kex2."); 138 } 139 140 /* 141 * Authenticate user 142 */ 143 144 typedef struct Authctxt Authctxt; 145 typedef struct Authmethod Authmethod; 146 147 typedef int sign_cb_fn( 148 Authctxt *authctxt, Key *key, 149 u_char **sigp, int *lenp, u_char *data, int datalen); 150 151 struct Authctxt { 152 const char *server_user; 153 const char *local_user; 154 const char *host; 155 const char *service; 156 Authmethod *method; 157 int success; 158 char *authlist; 159 /* pubkey */ 160 Key *last_key; 161 sign_cb_fn *last_key_sign; 162 int last_key_hint; 163 AuthenticationConnection *agent; 164 /* hostbased */ 165 Key **keys; 166 int nkeys; 167 }; 168 struct Authmethod { 169 char *name; /* string to compare against server's list */ 170 int (*userauth)(Authctxt *authctxt); 171 int *enabled; /* flag in option struct that enables method */ 172 int *batch_flag; /* flag in option struct that disables method */ 173 }; 174 175 void input_userauth_success(int type, int plen, void *ctxt); 176 void input_userauth_failure(int type, int plen, void *ctxt); 177 void input_userauth_banner(int type, int plen, void *ctxt); 178 void input_userauth_error(int type, int plen, void *ctxt); 179 void input_userauth_info_req(int type, int plen, void *ctxt); 180 void input_userauth_pk_ok(int type, int plen, void *ctxt); 181 182 int userauth_none(Authctxt *authctxt); 183 int userauth_pubkey(Authctxt *authctxt); 184 int userauth_passwd(Authctxt *authctxt); 185 int userauth_kbdint(Authctxt *authctxt); 186 int userauth_hostbased(Authctxt *authctxt); 187 188 void userauth(Authctxt *authctxt, char *authlist); 189 190 static int sign_and_send_pubkey(Authctxt *, Key *, sign_cb_fn *); 191 static void clear_auth_state(Authctxt *); 192 193 static Authmethod *authmethod_get(char *authlist); 194 static Authmethod *authmethod_lookup(const char *name); 195 static char *authmethods_get(void); 196 197 Authmethod authmethods[] = { 198 {"hostbased", 199 userauth_hostbased, 200 &options.hostbased_authentication, 201 NULL}, 202 {"publickey", 203 userauth_pubkey, 204 &options.pubkey_authentication, 205 NULL}, 206 {"keyboard-interactive", 207 userauth_kbdint, 208 &options.kbd_interactive_authentication, 209 &options.batch_mode}, 210 {"password", 211 userauth_passwd, 212 &options.password_authentication, 213 &options.batch_mode}, 214 {"none", 215 userauth_none, 216 NULL, 217 NULL}, 218 {NULL, NULL, NULL, NULL} 219 }; 220 221 void 222 ssh_userauth2(const char *local_user, const char *server_user, char *host, 223 Key **keys, int nkeys) 224 { 225 Authctxt authctxt; 226 int type; 227 int plen; 228 229 if (options.challenge_response_authentication) 230 options.kbd_interactive_authentication = 1; 231 232 debug("send SSH2_MSG_SERVICE_REQUEST"); 233 packet_start(SSH2_MSG_SERVICE_REQUEST); 234 packet_put_cstring("ssh-userauth"); 235 packet_send(); 236 packet_write_wait(); 237 type = packet_read(&plen); 238 if (type != SSH2_MSG_SERVICE_ACCEPT) { 239 fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type); 240 } 241 if (packet_remaining() > 0) { 242 char *reply = packet_get_string(&plen); 243 debug("service_accept: %s", reply); 244 xfree(reply); 245 } else { 246 debug("buggy server: service_accept w/o service"); 247 } 248 packet_done(); 249 debug("got SSH2_MSG_SERVICE_ACCEPT"); 250 251 if (options.preferred_authentications == NULL) 252 options.preferred_authentications = authmethods_get(); 253 254 /* setup authentication context */ 255 authctxt.agent = ssh_get_authentication_connection(); 256 authctxt.server_user = server_user; 257 authctxt.local_user = local_user; 258 authctxt.host = host; 259 authctxt.service = "ssh-connection"; /* service name */ 260 authctxt.success = 0; 261 authctxt.method = authmethod_lookup("none"); 262 authctxt.authlist = NULL; 263 authctxt.keys = keys; 264 authctxt.nkeys = nkeys; 265 if (authctxt.method == NULL) 266 fatal("ssh_userauth2: internal error: cannot send userauth none request"); 267 268 /* initial userauth request */ 269 userauth_none(&authctxt); 270 271 dispatch_init(&input_userauth_error); 272 dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); 273 dispatch_set(SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure); 274 dispatch_set(SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner); 275 dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */ 276 277 if (authctxt.agent != NULL) 278 ssh_close_authentication_connection(authctxt.agent); 279 280 debug("ssh-userauth2 successful: method %s", authctxt.method->name); 281 } 282 void 283 userauth(Authctxt *authctxt, char *authlist) 284 { 285 if (authlist == NULL) { 286 authlist = authctxt->authlist; 287 } else { 288 if (authctxt->authlist) 289 xfree(authctxt->authlist); 290 authctxt->authlist = authlist; 291 } 292 for (;;) { 293 Authmethod *method = authmethod_get(authlist); 294 if (method == NULL) 295 fatal("Permission denied (%s).", authlist); 296 authctxt->method = method; 297 if (method->userauth(authctxt) != 0) { 298 debug2("we sent a %s packet, wait for reply", method->name); 299 break; 300 } else { 301 debug2("we did not send a packet, disable method"); 302 method->enabled = NULL; 303 } 304 } 305 } 306 void 307 input_userauth_error(int type, int plen, void *ctxt) 308 { 309 fatal("input_userauth_error: bad message during authentication: " 310 "type %d", type); 311 } 312 void 313 input_userauth_banner(int type, int plen, void *ctxt) 314 { 315 char *msg, *lang; 316 debug3("input_userauth_banner"); 317 msg = packet_get_string(NULL); 318 lang = packet_get_string(NULL); 319 fprintf(stderr, "%s", msg); 320 xfree(msg); 321 xfree(lang); 322 } 323 void 324 input_userauth_success(int type, int plen, void *ctxt) 325 { 326 Authctxt *authctxt = ctxt; 327 if (authctxt == NULL) 328 fatal("input_userauth_success: no authentication context"); 329 if (authctxt->authlist) 330 xfree(authctxt->authlist); 331 clear_auth_state(authctxt); 332 authctxt->success = 1; /* break out */ 333 } 334 void 335 input_userauth_failure(int type, int plen, void *ctxt) 336 { 337 Authctxt *authctxt = ctxt; 338 char *authlist = NULL; 339 int partial; 340 341 if (authctxt == NULL) 342 fatal("input_userauth_failure: no authentication context"); 343 344 authlist = packet_get_string(NULL); 345 partial = packet_get_char(); 346 packet_done(); 347 348 if (partial != 0) 349 log("Authenticated with partial success."); 350 debug("authentications that can continue: %s", authlist); 351 352 clear_auth_state(authctxt); 353 userauth(authctxt, authlist); 354 } 355 void 356 input_userauth_pk_ok(int type, int plen, void *ctxt) 357 { 358 Authctxt *authctxt = ctxt; 359 Key *key = NULL; 360 Buffer b; 361 int alen, blen, sent = 0; 362 char *pkalg, *pkblob, *fp; 363 364 if (authctxt == NULL) 365 fatal("input_userauth_pk_ok: no authentication context"); 366 if (datafellows & SSH_BUG_PKOK) { 367 /* this is similar to SSH_BUG_PKAUTH */ 368 debug2("input_userauth_pk_ok: SSH_BUG_PKOK"); 369 pkblob = packet_get_string(&blen); 370 buffer_init(&b); 371 buffer_append(&b, pkblob, blen); 372 pkalg = buffer_get_string(&b, &alen); 373 buffer_free(&b); 374 } else { 375 pkalg = packet_get_string(&alen); 376 pkblob = packet_get_string(&blen); 377 } 378 packet_done(); 379 380 debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", 381 pkalg, blen, authctxt->last_key, authctxt->last_key_hint); 382 383 do { 384 if (authctxt->last_key == NULL || 385 authctxt->last_key_sign == NULL) { 386 debug("no last key or no sign cb"); 387 break; 388 } 389 if (key_type_from_name(pkalg) == KEY_UNSPEC) { 390 debug("unknown pkalg %s", pkalg); 391 break; 392 } 393 if ((key = key_from_blob(pkblob, blen)) == NULL) { 394 debug("no key from blob. pkalg %s", pkalg); 395 break; 396 } 397 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 398 debug2("input_userauth_pk_ok: fp %s", fp); 399 xfree(fp); 400 if (!key_equal(key, authctxt->last_key)) { 401 debug("key != last_key"); 402 break; 403 } 404 sent = sign_and_send_pubkey(authctxt, key, 405 authctxt->last_key_sign); 406 } while(0); 407 408 if (key != NULL) 409 key_free(key); 410 xfree(pkalg); 411 xfree(pkblob); 412 413 /* unregister */ 414 clear_auth_state(authctxt); 415 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, NULL); 416 417 /* try another method if we did not send a packet*/ 418 if (sent == 0) 419 userauth(authctxt, NULL); 420 421 } 422 423 int 424 userauth_none(Authctxt *authctxt) 425 { 426 /* initial userauth request */ 427 packet_start(SSH2_MSG_USERAUTH_REQUEST); 428 packet_put_cstring(authctxt->server_user); 429 packet_put_cstring(authctxt->service); 430 packet_put_cstring(authctxt->method->name); 431 packet_send(); 432 return 1; 433 } 434 435 int 436 userauth_passwd(Authctxt *authctxt) 437 { 438 static int attempt = 0; 439 char prompt[80]; 440 char *password; 441 442 if (attempt++ >= options.number_of_password_prompts) 443 return 0; 444 445 if(attempt != 1) 446 error("Permission denied, please try again."); 447 448 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", 449 authctxt->server_user, authctxt->host); 450 password = read_passphrase(prompt, 0); 451 packet_start(SSH2_MSG_USERAUTH_REQUEST); 452 packet_put_cstring(authctxt->server_user); 453 packet_put_cstring(authctxt->service); 454 packet_put_cstring(authctxt->method->name); 455 packet_put_char(0); 456 packet_put_cstring(password); 457 memset(password, 0, strlen(password)); 458 xfree(password); 459 packet_inject_ignore(64); 460 packet_send(); 461 return 1; 462 } 463 464 static void 465 clear_auth_state(Authctxt *authctxt) 466 { 467 /* XXX clear authentication state */ 468 if (authctxt->last_key != NULL && authctxt->last_key_hint == -1) { 469 debug3("clear_auth_state: key_free %p", authctxt->last_key); 470 key_free(authctxt->last_key); 471 } 472 authctxt->last_key = NULL; 473 authctxt->last_key_hint = -2; 474 authctxt->last_key_sign = NULL; 475 } 476 477 static int 478 sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) 479 { 480 Buffer b; 481 u_char *blob, *signature; 482 int bloblen, slen; 483 int skip = 0; 484 int ret = -1; 485 int have_sig = 1; 486 487 debug3("sign_and_send_pubkey"); 488 489 if (key_to_blob(k, &blob, &bloblen) == 0) { 490 /* we cannot handle this key */ 491 debug3("sign_and_send_pubkey: cannot handle key"); 492 return 0; 493 } 494 /* data to be signed */ 495 buffer_init(&b); 496 if (datafellows & SSH_OLD_SESSIONID) { 497 buffer_append(&b, session_id2, session_id2_len); 498 skip = session_id2_len; 499 } else { 500 buffer_put_string(&b, session_id2, session_id2_len); 501 skip = buffer_len(&b); 502 } 503 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 504 buffer_put_cstring(&b, authctxt->server_user); 505 buffer_put_cstring(&b, 506 datafellows & SSH_BUG_PKSERVICE ? 507 "ssh-userauth" : 508 authctxt->service); 509 if (datafellows & SSH_BUG_PKAUTH) { 510 buffer_put_char(&b, have_sig); 511 } else { 512 buffer_put_cstring(&b, authctxt->method->name); 513 buffer_put_char(&b, have_sig); 514 buffer_put_cstring(&b, key_ssh_name(k)); 515 } 516 buffer_put_string(&b, blob, bloblen); 517 518 /* generate signature */ 519 ret = (*sign_callback)(authctxt, k, &signature, &slen, 520 buffer_ptr(&b), buffer_len(&b)); 521 if (ret == -1) { 522 xfree(blob); 523 buffer_free(&b); 524 return 0; 525 } 526 #ifdef DEBUG_PK 527 buffer_dump(&b); 528 #endif 529 if (datafellows & SSH_BUG_PKSERVICE) { 530 buffer_clear(&b); 531 buffer_append(&b, session_id2, session_id2_len); 532 skip = session_id2_len; 533 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 534 buffer_put_cstring(&b, authctxt->server_user); 535 buffer_put_cstring(&b, authctxt->service); 536 buffer_put_cstring(&b, authctxt->method->name); 537 buffer_put_char(&b, have_sig); 538 if (!(datafellows & SSH_BUG_PKAUTH)) 539 buffer_put_cstring(&b, key_ssh_name(k)); 540 buffer_put_string(&b, blob, bloblen); 541 } 542 xfree(blob); 543 544 /* append signature */ 545 buffer_put_string(&b, signature, slen); 546 xfree(signature); 547 548 /* skip session id and packet type */ 549 if (buffer_len(&b) < skip + 1) 550 fatal("userauth_pubkey: internal error"); 551 buffer_consume(&b, skip + 1); 552 553 /* put remaining data from buffer into packet */ 554 packet_start(SSH2_MSG_USERAUTH_REQUEST); 555 packet_put_raw(buffer_ptr(&b), buffer_len(&b)); 556 buffer_free(&b); 557 packet_send(); 558 559 return 1; 560 } 561 562 static int 563 send_pubkey_test(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback, 564 int hint) 565 { 566 u_char *blob; 567 int bloblen, have_sig = 0; 568 569 debug3("send_pubkey_test"); 570 571 if (key_to_blob(k, &blob, &bloblen) == 0) { 572 /* we cannot handle this key */ 573 debug3("send_pubkey_test: cannot handle key"); 574 return 0; 575 } 576 /* register callback for USERAUTH_PK_OK message */ 577 authctxt->last_key_sign = sign_callback; 578 authctxt->last_key_hint = hint; 579 authctxt->last_key = k; 580 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, &input_userauth_pk_ok); 581 582 packet_start(SSH2_MSG_USERAUTH_REQUEST); 583 packet_put_cstring(authctxt->server_user); 584 packet_put_cstring(authctxt->service); 585 packet_put_cstring(authctxt->method->name); 586 packet_put_char(have_sig); 587 if (!(datafellows & SSH_BUG_PKAUTH)) 588 packet_put_cstring(key_ssh_name(k)); 589 packet_put_string(blob, bloblen); 590 xfree(blob); 591 packet_send(); 592 return 1; 593 } 594 595 static Key * 596 load_identity_file(char *filename) 597 { 598 Key *private; 599 char prompt[300], *passphrase; 600 int quit, i; 601 struct stat st; 602 603 if (stat(filename, &st) < 0) { 604 debug3("no such identity: %s", filename); 605 return NULL; 606 } 607 private = key_load_private_type(KEY_UNSPEC, filename, "", NULL); 608 if (private == NULL) { 609 if (options.batch_mode) 610 return NULL; 611 snprintf(prompt, sizeof prompt, 612 "Enter passphrase for key '%.100s': ", filename); 613 for (i = 0; i < options.number_of_password_prompts; i++) { 614 passphrase = read_passphrase(prompt, 0); 615 if (strcmp(passphrase, "") != 0) { 616 private = key_load_private_type(KEY_UNSPEC, filename, 617 passphrase, NULL); 618 quit = 0; 619 } else { 620 debug2("no passphrase given, try next key"); 621 quit = 1; 622 } 623 memset(passphrase, 0, strlen(passphrase)); 624 xfree(passphrase); 625 if (private != NULL || quit) 626 break; 627 debug2("bad passphrase given, try again..."); 628 } 629 } 630 return private; 631 } 632 633 static int 634 identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 635 u_char *data, int datalen) 636 { 637 Key *private; 638 int idx, ret; 639 640 idx = authctxt->last_key_hint; 641 if (idx < 0) 642 return -1; 643 644 /* private key is stored in external hardware */ 645 if (options.identity_keys[idx]->flags & KEY_FLAG_EXT) 646 return key_sign(options.identity_keys[idx], sigp, lenp, data, datalen); 647 648 private = load_identity_file(options.identity_files[idx]); 649 if (private == NULL) 650 return -1; 651 ret = key_sign(private, sigp, lenp, data, datalen); 652 key_free(private); 653 return ret; 654 } 655 656 static int 657 agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 658 u_char *data, int datalen) 659 { 660 return ssh_agent_sign(authctxt->agent, key, sigp, lenp, data, datalen); 661 } 662 663 static int 664 key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 665 u_char *data, int datalen) 666 { 667 return key_sign(key, sigp, lenp, data, datalen); 668 } 669 670 static int 671 userauth_pubkey_agent(Authctxt *authctxt) 672 { 673 static int called = 0; 674 int ret = 0; 675 char *comment; 676 Key *k; 677 678 if (called == 0) { 679 if (ssh_get_num_identities(authctxt->agent, 2) == 0) 680 debug2("userauth_pubkey_agent: no keys at all"); 681 called = 1; 682 } 683 k = ssh_get_next_identity(authctxt->agent, &comment, 2); 684 if (k == NULL) { 685 debug2("userauth_pubkey_agent: no more keys"); 686 } else { 687 debug("userauth_pubkey_agent: testing agent key %s", comment); 688 xfree(comment); 689 ret = send_pubkey_test(authctxt, k, agent_sign_cb, -1); 690 if (ret == 0) 691 key_free(k); 692 } 693 if (ret == 0) 694 debug2("userauth_pubkey_agent: no message sent"); 695 return ret; 696 } 697 698 int 699 userauth_pubkey(Authctxt *authctxt) 700 { 701 static int idx = 0; 702 int sent = 0; 703 Key *key; 704 char *filename; 705 706 if (authctxt->agent != NULL) { 707 do { 708 sent = userauth_pubkey_agent(authctxt); 709 } while(!sent && authctxt->agent->howmany > 0); 710 } 711 while (!sent && idx < options.num_identity_files) { 712 key = options.identity_keys[idx]; 713 filename = options.identity_files[idx]; 714 if (key == NULL) { 715 debug("try privkey: %s", filename); 716 key = load_identity_file(filename); 717 if (key != NULL) { 718 sent = sign_and_send_pubkey(authctxt, key, 719 key_sign_cb); 720 key_free(key); 721 } 722 } else if (key->type != KEY_RSA1) { 723 debug("try pubkey: %s", filename); 724 sent = send_pubkey_test(authctxt, key, 725 identity_sign_cb, idx); 726 } 727 idx++; 728 } 729 return sent; 730 } 731 732 /* 733 * Send userauth request message specifying keyboard-interactive method. 734 */ 735 int 736 userauth_kbdint(Authctxt *authctxt) 737 { 738 static int attempt = 0; 739 740 if (attempt++ >= options.number_of_password_prompts) 741 return 0; 742 743 debug2("userauth_kbdint"); 744 packet_start(SSH2_MSG_USERAUTH_REQUEST); 745 packet_put_cstring(authctxt->server_user); 746 packet_put_cstring(authctxt->service); 747 packet_put_cstring(authctxt->method->name); 748 packet_put_cstring(""); /* lang */ 749 packet_put_cstring(options.kbd_interactive_devices ? 750 options.kbd_interactive_devices : ""); 751 packet_send(); 752 753 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, &input_userauth_info_req); 754 return 1; 755 } 756 757 /* 758 * parse INFO_REQUEST, prompt user and send INFO_RESPONSE 759 */ 760 void 761 input_userauth_info_req(int type, int plen, void *ctxt) 762 { 763 Authctxt *authctxt = ctxt; 764 char *name, *inst, *lang, *prompt, *response; 765 u_int num_prompts, i; 766 int echo = 0; 767 768 debug2("input_userauth_info_req"); 769 770 if (authctxt == NULL) 771 fatal("input_userauth_info_req: no authentication context"); 772 773 name = packet_get_string(NULL); 774 inst = packet_get_string(NULL); 775 lang = packet_get_string(NULL); 776 if (strlen(name) > 0) 777 log("%s", name); 778 if (strlen(inst) > 0) 779 log("%s", inst); 780 xfree(name); 781 xfree(inst); 782 xfree(lang); 783 784 num_prompts = packet_get_int(); 785 /* 786 * Begin to build info response packet based on prompts requested. 787 * We commit to providing the correct number of responses, so if 788 * further on we run into a problem that prevents this, we have to 789 * be sure and clean this up and send a correct error response. 790 */ 791 packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE); 792 packet_put_int(num_prompts); 793 794 debug2("input_userauth_info_req: num_prompts %d", num_prompts); 795 for (i = 0; i < num_prompts; i++) { 796 prompt = packet_get_string(NULL); 797 echo = packet_get_char(); 798 799 response = read_passphrase(prompt, echo ? RP_ECHO : 0); 800 801 packet_put_cstring(response); 802 memset(response, 0, strlen(response)); 803 xfree(response); 804 xfree(prompt); 805 } 806 packet_done(); /* done with parsing incoming message. */ 807 808 packet_inject_ignore(64); 809 packet_send(); 810 } 811 812 /* 813 * this will be move to an external program (ssh-keysign) ASAP. ssh-keysign 814 * will be setuid-root and the sbit can be removed from /usr/bin/ssh. 815 */ 816 int 817 userauth_hostbased(Authctxt *authctxt) 818 { 819 Key *private = NULL; 820 Buffer b; 821 u_char *signature, *blob; 822 char *chost, *pkalg, *p; 823 const char *service; 824 u_int blen, slen; 825 int ok, i, len, found = 0; 826 827 p = get_local_name(packet_get_connection_in()); 828 if (p == NULL) { 829 error("userauth_hostbased: cannot get local ipaddr/name"); 830 return 0; 831 } 832 len = strlen(p) + 2; 833 chost = xmalloc(len); 834 strlcpy(chost, p, len); 835 strlcat(chost, ".", len); 836 debug2("userauth_hostbased: chost %s", chost); 837 /* check for a useful key */ 838 for (i = 0; i < authctxt->nkeys; i++) { 839 private = authctxt->keys[i]; 840 if (private && private->type != KEY_RSA1) { 841 found = 1; 842 /* we take and free the key */ 843 authctxt->keys[i] = NULL; 844 break; 845 } 846 } 847 if (!found) { 848 xfree(chost); 849 return 0; 850 } 851 if (key_to_blob(private, &blob, &blen) == 0) { 852 key_free(private); 853 xfree(chost); 854 return 0; 855 } 856 service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : 857 authctxt->service; 858 pkalg = xstrdup(key_ssh_name(private)); 859 buffer_init(&b); 860 /* construct data */ 861 buffer_put_string(&b, session_id2, session_id2_len); 862 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 863 buffer_put_cstring(&b, authctxt->server_user); 864 buffer_put_cstring(&b, service); 865 buffer_put_cstring(&b, authctxt->method->name); 866 buffer_put_cstring(&b, pkalg); 867 buffer_put_string(&b, blob, blen); 868 buffer_put_cstring(&b, chost); 869 buffer_put_cstring(&b, authctxt->local_user); 870 #ifdef DEBUG_PK 871 buffer_dump(&b); 872 #endif 873 debug2("xxx: chost %s", chost); 874 ok = key_sign(private, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); 875 key_free(private); 876 buffer_free(&b); 877 if (ok != 0) { 878 error("key_sign failed"); 879 xfree(chost); 880 xfree(pkalg); 881 return 0; 882 } 883 packet_start(SSH2_MSG_USERAUTH_REQUEST); 884 packet_put_cstring(authctxt->server_user); 885 packet_put_cstring(authctxt->service); 886 packet_put_cstring(authctxt->method->name); 887 packet_put_cstring(pkalg); 888 packet_put_string(blob, blen); 889 packet_put_cstring(chost); 890 packet_put_cstring(authctxt->local_user); 891 packet_put_string(signature, slen); 892 memset(signature, 's', slen); 893 xfree(signature); 894 xfree(chost); 895 xfree(pkalg); 896 897 packet_send(); 898 return 1; 899 } 900 901 /* find auth method */ 902 903 /* 904 * given auth method name, if configurable options permit this method fill 905 * in auth_ident field and return true, otherwise return false. 906 */ 907 static int 908 authmethod_is_enabled(Authmethod *method) 909 { 910 if (method == NULL) 911 return 0; 912 /* return false if options indicate this method is disabled */ 913 if (method->enabled == NULL || *method->enabled == 0) 914 return 0; 915 /* return false if batch mode is enabled but method needs interactive mode */ 916 if (method->batch_flag != NULL && *method->batch_flag != 0) 917 return 0; 918 return 1; 919 } 920 921 static Authmethod * 922 authmethod_lookup(const char *name) 923 { 924 Authmethod *method = NULL; 925 if (name != NULL) 926 for (method = authmethods; method->name != NULL; method++) 927 if (strcmp(name, method->name) == 0) 928 return method; 929 debug2("Unrecognized authentication method name: %s", name ? name : "NULL"); 930 return NULL; 931 } 932 933 /* XXX internal state */ 934 static Authmethod *current = NULL; 935 static char *supported = NULL; 936 static char *preferred = NULL; 937 /* 938 * Given the authentication method list sent by the server, return the 939 * next method we should try. If the server initially sends a nil list, 940 * use a built-in default list. 941 */ 942 static Authmethod * 943 authmethod_get(char *authlist) 944 { 945 946 char *name = NULL; 947 int next; 948 949 /* Use a suitable default if we're passed a nil list. */ 950 if (authlist == NULL || strlen(authlist) == 0) 951 authlist = options.preferred_authentications; 952 953 if (supported == NULL || strcmp(authlist, supported) != 0) { 954 debug3("start over, passed a different list %s", authlist); 955 if (supported != NULL) 956 xfree(supported); 957 supported = xstrdup(authlist); 958 preferred = options.preferred_authentications; 959 debug3("preferred %s", preferred); 960 current = NULL; 961 } else if (current != NULL && authmethod_is_enabled(current)) 962 return current; 963 964 for (;;) { 965 if ((name = match_list(preferred, supported, &next)) == NULL) { 966 debug("no more auth methods to try"); 967 current = NULL; 968 return NULL; 969 } 970 preferred += next; 971 debug3("authmethod_lookup %s", name); 972 debug3("remaining preferred: %s", preferred); 973 if ((current = authmethod_lookup(name)) != NULL && 974 authmethod_is_enabled(current)) { 975 debug3("authmethod_is_enabled %s", name); 976 debug("next auth method to try is %s", name); 977 return current; 978 } 979 } 980 } 981 982 983 #define DELIM "," 984 985 static char * 986 authmethods_get(void) 987 { 988 Authmethod *method = NULL; 989 char buf[1024]; 990 991 buf[0] = '\0'; 992 for (method = authmethods; method->name != NULL; method++) { 993 if (authmethod_is_enabled(method)) { 994 if (buf[0] != '\0') 995 strlcat(buf, DELIM, sizeof buf); 996 strlcat(buf, method->name, sizeof buf); 997 } 998 } 999 return xstrdup(buf); 1000 } 1001