1 /* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25 #include "includes.h" 26 RCSID("$FreeBSD$"); 27 RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $"); 28 29 #include <openssl/bn.h> 30 #include <openssl/md5.h> 31 #include <openssl/dh.h> 32 #include <openssl/hmac.h> 33 34 #include "ssh.h" 35 #include "ssh2.h" 36 #include "xmalloc.h" 37 #include "rsa.h" 38 #include "buffer.h" 39 #include "packet.h" 40 #include "uidswap.h" 41 #include "compat.h" 42 #include "bufaux.h" 43 #include "cipher.h" 44 #include "kex.h" 45 #include "myproposal.h" 46 #include "key.h" 47 #include "sshconnect.h" 48 #include "authfile.h" 49 #include "cli.h" 50 #include "dh.h" 51 #include "authfd.h" 52 #include "log.h" 53 #include "readconf.h" 54 #include "readpass.h" 55 #include "match.h" 56 #include "dispatch.h" 57 #include "canohost.h" 58 59 /* import */ 60 extern char *client_version_string; 61 extern char *server_version_string; 62 extern Options options; 63 64 /* 65 * SSH2 key exchange 66 */ 67 68 u_char *session_id2 = NULL; 69 int session_id2_len = 0; 70 71 char *xxx_host; 72 struct sockaddr *xxx_hostaddr; 73 74 Kex *xxx_kex = NULL; 75 76 int 77 check_host_key_callback(Key *hostkey) 78 { 79 check_host_key(xxx_host, xxx_hostaddr, hostkey, 80 options.user_hostfile2, options.system_hostfile2); 81 return 0; 82 } 83 84 void 85 ssh_kex2(char *host, struct sockaddr *hostaddr) 86 { 87 Kex *kex; 88 89 xxx_host = host; 90 xxx_hostaddr = hostaddr; 91 92 if (options.ciphers == (char *)-1) { 93 log("No valid ciphers for protocol version 2 given, using defaults."); 94 options.ciphers = NULL; 95 } 96 if (options.ciphers != NULL) { 97 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 98 myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; 99 } 100 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 101 compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); 102 myproposal[PROPOSAL_ENC_ALGS_STOC] = 103 compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); 104 if (options.compression) { 105 myproposal[PROPOSAL_COMP_ALGS_CTOS] = 106 myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib"; 107 } else { 108 myproposal[PROPOSAL_COMP_ALGS_CTOS] = 109 myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; 110 } 111 if (options.macs != NULL) { 112 myproposal[PROPOSAL_MAC_ALGS_CTOS] = 113 myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; 114 } 115 if (options.hostkeyalgorithms != NULL) 116 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 117 options.hostkeyalgorithms; 118 119 /* start key exchange */ 120 kex = kex_setup(myproposal); 121 kex->client_version_string=client_version_string; 122 kex->server_version_string=server_version_string; 123 kex->check_host_key=&check_host_key_callback; 124 125 xxx_kex = kex; 126 127 dispatch_run(DISPATCH_BLOCK, &kex->done, kex); 128 129 session_id2 = kex->session_id; 130 session_id2_len = kex->session_id_len; 131 132 #ifdef DEBUG_KEXDH 133 /* send 1st encrypted/maced/compressed message */ 134 packet_start(SSH2_MSG_IGNORE); 135 packet_put_cstring("markus"); 136 packet_send(); 137 packet_write_wait(); 138 #endif 139 debug("done: ssh_kex2."); 140 } 141 142 /* 143 * Authenticate user 144 */ 145 146 typedef struct Authctxt Authctxt; 147 typedef struct Authmethod Authmethod; 148 149 typedef int sign_cb_fn( 150 Authctxt *authctxt, Key *key, 151 u_char **sigp, int *lenp, u_char *data, int datalen); 152 153 struct Authctxt { 154 const char *server_user; 155 const char *local_user; 156 const char *host; 157 const char *service; 158 Authmethod *method; 159 int success; 160 char *authlist; 161 /* pubkey */ 162 Key *last_key; 163 sign_cb_fn *last_key_sign; 164 int last_key_hint; 165 AuthenticationConnection *agent; 166 /* hostbased */ 167 Key **keys; 168 int nkeys; 169 }; 170 struct Authmethod { 171 char *name; /* string to compare against server's list */ 172 int (*userauth)(Authctxt *authctxt); 173 int *enabled; /* flag in option struct that enables method */ 174 int *batch_flag; /* flag in option struct that disables method */ 175 }; 176 177 void input_userauth_success(int type, int plen, void *ctxt); 178 void input_userauth_failure(int type, int plen, void *ctxt); 179 void input_userauth_banner(int type, int plen, void *ctxt); 180 void input_userauth_error(int type, int plen, void *ctxt); 181 void input_userauth_info_req(int type, int plen, void *ctxt); 182 void input_userauth_pk_ok(int type, int plen, void *ctxt); 183 184 int userauth_none(Authctxt *authctxt); 185 int userauth_pubkey(Authctxt *authctxt); 186 int userauth_passwd(Authctxt *authctxt); 187 int userauth_kbdint(Authctxt *authctxt); 188 int userauth_hostbased(Authctxt *authctxt); 189 190 void userauth(Authctxt *authctxt, char *authlist); 191 192 int 193 sign_and_send_pubkey(Authctxt *authctxt, Key *k, 194 sign_cb_fn *sign_callback); 195 void clear_auth_state(Authctxt *authctxt); 196 197 Authmethod *authmethod_get(char *authlist); 198 Authmethod *authmethod_lookup(const char *name); 199 char *authmethods_get(void); 200 201 Authmethod authmethods[] = { 202 {"publickey", 203 userauth_pubkey, 204 &options.pubkey_authentication, 205 NULL}, 206 {"password", 207 userauth_passwd, 208 &options.password_authentication, 209 &options.batch_mode}, 210 {"keyboard-interactive", 211 userauth_kbdint, 212 &options.kbd_interactive_authentication, 213 &options.batch_mode}, 214 {"hostbased", 215 userauth_hostbased, 216 &options.hostbased_authentication, 217 NULL}, 218 {"none", 219 userauth_none, 220 NULL, 221 NULL}, 222 {NULL, NULL, NULL, NULL} 223 }; 224 225 void 226 ssh_userauth2(const char *local_user, const char *server_user, char *host, 227 Key **keys, int nkeys) 228 { 229 Authctxt authctxt; 230 int type; 231 int plen; 232 233 if (options.challenge_reponse_authentication) 234 options.kbd_interactive_authentication = 1; 235 236 debug("send SSH2_MSG_SERVICE_REQUEST"); 237 packet_start(SSH2_MSG_SERVICE_REQUEST); 238 packet_put_cstring("ssh-userauth"); 239 packet_send(); 240 packet_write_wait(); 241 type = packet_read(&plen); 242 if (type != SSH2_MSG_SERVICE_ACCEPT) { 243 fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type); 244 } 245 if (packet_remaining() > 0) { 246 char *reply = packet_get_string(&plen); 247 debug("service_accept: %s", reply); 248 xfree(reply); 249 } else { 250 debug("buggy server: service_accept w/o service"); 251 } 252 packet_done(); 253 debug("got SSH2_MSG_SERVICE_ACCEPT"); 254 255 if (options.preferred_authentications == NULL) 256 options.preferred_authentications = authmethods_get(); 257 258 /* setup authentication context */ 259 authctxt.agent = ssh_get_authentication_connection(); 260 authctxt.server_user = server_user; 261 authctxt.local_user = local_user; 262 authctxt.host = host; 263 authctxt.service = "ssh-connection"; /* service name */ 264 authctxt.success = 0; 265 authctxt.method = authmethod_lookup("none"); 266 authctxt.authlist = NULL; 267 authctxt.keys = keys; 268 authctxt.nkeys = nkeys; 269 if (authctxt.method == NULL) 270 fatal("ssh_userauth2: internal error: cannot send userauth none request"); 271 272 /* initial userauth request */ 273 userauth_none(&authctxt); 274 275 dispatch_init(&input_userauth_error); 276 dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); 277 dispatch_set(SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure); 278 dispatch_set(SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner); 279 dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */ 280 281 if (authctxt.agent != NULL) 282 ssh_close_authentication_connection(authctxt.agent); 283 284 debug("ssh-userauth2 successful: method %s", authctxt.method->name); 285 } 286 void 287 userauth(Authctxt *authctxt, char *authlist) 288 { 289 if (authlist == NULL) { 290 authlist = authctxt->authlist; 291 } else { 292 if (authctxt->authlist) 293 xfree(authctxt->authlist); 294 authctxt->authlist = authlist; 295 } 296 for (;;) { 297 Authmethod *method = authmethod_get(authlist); 298 if (method == NULL) 299 fatal("Permission denied (%s).", authlist); 300 authctxt->method = method; 301 if (method->userauth(authctxt) != 0) { 302 debug2("we sent a %s packet, wait for reply", method->name); 303 break; 304 } else { 305 debug2("we did not send a packet, disable method"); 306 method->enabled = NULL; 307 } 308 } 309 } 310 void 311 input_userauth_error(int type, int plen, void *ctxt) 312 { 313 fatal("input_userauth_error: bad message during authentication: " 314 "type %d", type); 315 } 316 void 317 input_userauth_banner(int type, int plen, void *ctxt) 318 { 319 char *msg, *lang; 320 debug3("input_userauth_banner"); 321 msg = packet_get_string(NULL); 322 lang = packet_get_string(NULL); 323 fprintf(stderr, "%s", msg); 324 xfree(msg); 325 xfree(lang); 326 } 327 void 328 input_userauth_success(int type, int plen, void *ctxt) 329 { 330 Authctxt *authctxt = ctxt; 331 if (authctxt == NULL) 332 fatal("input_userauth_success: no authentication context"); 333 if (authctxt->authlist) 334 xfree(authctxt->authlist); 335 clear_auth_state(authctxt); 336 authctxt->success = 1; /* break out */ 337 } 338 void 339 input_userauth_failure(int type, int plen, void *ctxt) 340 { 341 Authctxt *authctxt = ctxt; 342 char *authlist = NULL; 343 int partial; 344 345 if (authctxt == NULL) 346 fatal("input_userauth_failure: no authentication context"); 347 348 authlist = packet_get_string(NULL); 349 partial = packet_get_char(); 350 packet_done(); 351 352 if (partial != 0) 353 log("Authenticated with partial success."); 354 debug("authentications that can continue: %s", authlist); 355 356 clear_auth_state(authctxt); 357 userauth(authctxt, authlist); 358 } 359 void 360 input_userauth_pk_ok(int type, int plen, void *ctxt) 361 { 362 Authctxt *authctxt = ctxt; 363 Key *key = NULL; 364 Buffer b; 365 int alen, blen, sent = 0; 366 char *pkalg, *pkblob, *fp; 367 368 if (authctxt == NULL) 369 fatal("input_userauth_pk_ok: no authentication context"); 370 if (datafellows & SSH_BUG_PKOK) { 371 /* this is similar to SSH_BUG_PKAUTH */ 372 debug2("input_userauth_pk_ok: SSH_BUG_PKOK"); 373 pkblob = packet_get_string(&blen); 374 buffer_init(&b); 375 buffer_append(&b, pkblob, blen); 376 pkalg = buffer_get_string(&b, &alen); 377 buffer_free(&b); 378 } else { 379 pkalg = packet_get_string(&alen); 380 pkblob = packet_get_string(&blen); 381 } 382 packet_done(); 383 384 debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", 385 pkalg, blen, authctxt->last_key, authctxt->last_key_hint); 386 387 do { 388 if (authctxt->last_key == NULL || 389 authctxt->last_key_sign == NULL) { 390 debug("no last key or no sign cb"); 391 break; 392 } 393 if (key_type_from_name(pkalg) == KEY_UNSPEC) { 394 debug("unknown pkalg %s", pkalg); 395 break; 396 } 397 if ((key = key_from_blob(pkblob, blen)) == NULL) { 398 debug("no key from blob. pkalg %s", pkalg); 399 break; 400 } 401 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 402 debug2("input_userauth_pk_ok: fp %s", fp); 403 xfree(fp); 404 if (!key_equal(key, authctxt->last_key)) { 405 debug("key != last_key"); 406 break; 407 } 408 sent = sign_and_send_pubkey(authctxt, key, 409 authctxt->last_key_sign); 410 } while(0); 411 412 if (key != NULL) 413 key_free(key); 414 xfree(pkalg); 415 xfree(pkblob); 416 417 /* unregister */ 418 clear_auth_state(authctxt); 419 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, NULL); 420 421 /* try another method if we did not send a packet*/ 422 if (sent == 0) 423 userauth(authctxt, NULL); 424 425 } 426 427 int 428 userauth_none(Authctxt *authctxt) 429 { 430 /* initial userauth request */ 431 packet_start(SSH2_MSG_USERAUTH_REQUEST); 432 packet_put_cstring(authctxt->server_user); 433 packet_put_cstring(authctxt->service); 434 packet_put_cstring(authctxt->method->name); 435 packet_send(); 436 return 1; 437 } 438 439 int 440 userauth_passwd(Authctxt *authctxt) 441 { 442 static int attempt = 0; 443 char prompt[80]; 444 char *password; 445 446 if (attempt++ >= options.number_of_password_prompts) 447 return 0; 448 449 if(attempt != 1) 450 error("Permission denied, please try again."); 451 452 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", 453 authctxt->server_user, authctxt->host); 454 password = read_passphrase(prompt, 0); 455 packet_start(SSH2_MSG_USERAUTH_REQUEST); 456 packet_put_cstring(authctxt->server_user); 457 packet_put_cstring(authctxt->service); 458 packet_put_cstring(authctxt->method->name); 459 packet_put_char(0); 460 ssh_put_password(password); 461 memset(password, 0, strlen(password)); 462 xfree(password); 463 packet_inject_ignore(64); 464 packet_send(); 465 return 1; 466 } 467 468 void 469 clear_auth_state(Authctxt *authctxt) 470 { 471 /* XXX clear authentication state */ 472 if (authctxt->last_key != NULL && authctxt->last_key_hint == -1) { 473 debug3("clear_auth_state: key_free %p", authctxt->last_key); 474 key_free(authctxt->last_key); 475 } 476 authctxt->last_key = NULL; 477 authctxt->last_key_hint = -2; 478 authctxt->last_key_sign = NULL; 479 } 480 481 int 482 sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) 483 { 484 Buffer b; 485 u_char *blob, *signature; 486 int bloblen, slen; 487 int skip = 0; 488 int ret = -1; 489 int have_sig = 1; 490 491 debug3("sign_and_send_pubkey"); 492 493 if (key_to_blob(k, &blob, &bloblen) == 0) { 494 /* we cannot handle this key */ 495 debug3("sign_and_send_pubkey: cannot handle key"); 496 return 0; 497 } 498 /* data to be signed */ 499 buffer_init(&b); 500 if (datafellows & SSH_OLD_SESSIONID) { 501 buffer_append(&b, session_id2, session_id2_len); 502 skip = session_id2_len; 503 } else { 504 buffer_put_string(&b, session_id2, session_id2_len); 505 skip = buffer_len(&b); 506 } 507 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 508 buffer_put_cstring(&b, authctxt->server_user); 509 buffer_put_cstring(&b, 510 datafellows & SSH_BUG_PKSERVICE ? 511 "ssh-userauth" : 512 authctxt->service); 513 if (datafellows & SSH_BUG_PKAUTH) { 514 buffer_put_char(&b, have_sig); 515 } else { 516 buffer_put_cstring(&b, authctxt->method->name); 517 buffer_put_char(&b, have_sig); 518 buffer_put_cstring(&b, key_ssh_name(k)); 519 } 520 buffer_put_string(&b, blob, bloblen); 521 522 /* generate signature */ 523 ret = (*sign_callback)(authctxt, k, &signature, &slen, 524 buffer_ptr(&b), buffer_len(&b)); 525 if (ret == -1) { 526 xfree(blob); 527 buffer_free(&b); 528 return 0; 529 } 530 #ifdef DEBUG_PK 531 buffer_dump(&b); 532 #endif 533 if (datafellows & SSH_BUG_PKSERVICE) { 534 buffer_clear(&b); 535 buffer_append(&b, session_id2, session_id2_len); 536 skip = session_id2_len; 537 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 538 buffer_put_cstring(&b, authctxt->server_user); 539 buffer_put_cstring(&b, authctxt->service); 540 buffer_put_cstring(&b, authctxt->method->name); 541 buffer_put_char(&b, have_sig); 542 if (!(datafellows & SSH_BUG_PKAUTH)) 543 buffer_put_cstring(&b, key_ssh_name(k)); 544 buffer_put_string(&b, blob, bloblen); 545 } 546 xfree(blob); 547 548 /* append signature */ 549 buffer_put_string(&b, signature, slen); 550 xfree(signature); 551 552 /* skip session id and packet type */ 553 if (buffer_len(&b) < skip + 1) 554 fatal("userauth_pubkey: internal error"); 555 buffer_consume(&b, skip + 1); 556 557 /* put remaining data from buffer into packet */ 558 packet_start(SSH2_MSG_USERAUTH_REQUEST); 559 packet_put_raw(buffer_ptr(&b), buffer_len(&b)); 560 buffer_free(&b); 561 packet_send(); 562 563 return 1; 564 } 565 566 int 567 send_pubkey_test(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback, 568 int hint) 569 { 570 u_char *blob; 571 int bloblen, have_sig = 0; 572 573 debug3("send_pubkey_test"); 574 575 if (key_to_blob(k, &blob, &bloblen) == 0) { 576 /* we cannot handle this key */ 577 debug3("send_pubkey_test: cannot handle key"); 578 return 0; 579 } 580 /* register callback for USERAUTH_PK_OK message */ 581 authctxt->last_key_sign = sign_callback; 582 authctxt->last_key_hint = hint; 583 authctxt->last_key = k; 584 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, &input_userauth_pk_ok); 585 586 packet_start(SSH2_MSG_USERAUTH_REQUEST); 587 packet_put_cstring(authctxt->server_user); 588 packet_put_cstring(authctxt->service); 589 packet_put_cstring(authctxt->method->name); 590 packet_put_char(have_sig); 591 if (!(datafellows & SSH_BUG_PKAUTH)) 592 packet_put_cstring(key_ssh_name(k)); 593 packet_put_string(blob, bloblen); 594 xfree(blob); 595 packet_send(); 596 return 1; 597 } 598 599 Key * 600 load_identity_file(char *filename) 601 { 602 Key *private; 603 char prompt[300], *passphrase; 604 int quit, i; 605 struct stat st; 606 607 if (stat(filename, &st) < 0) { 608 debug3("no such identity: %s", filename); 609 return NULL; 610 } 611 private = key_load_private_type(KEY_UNSPEC, filename, "", NULL); 612 if (private == NULL) { 613 if (options.batch_mode) 614 return NULL; 615 snprintf(prompt, sizeof prompt, 616 "Enter passphrase for key '%.100s': ", filename); 617 for (i = 0; i < options.number_of_password_prompts; i++) { 618 passphrase = read_passphrase(prompt, 0); 619 if (strcmp(passphrase, "") != 0) { 620 private = key_load_private_type(KEY_UNSPEC, filename, 621 passphrase, NULL); 622 quit = 0; 623 } else { 624 debug2("no passphrase given, try next key"); 625 quit = 1; 626 } 627 memset(passphrase, 0, strlen(passphrase)); 628 xfree(passphrase); 629 if (private != NULL || quit) 630 break; 631 debug2("bad passphrase given, try again..."); 632 } 633 } 634 return private; 635 } 636 637 int 638 identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 639 u_char *data, int datalen) 640 { 641 Key *private; 642 int idx, ret; 643 644 idx = authctxt->last_key_hint; 645 if (idx < 0) 646 return -1; 647 private = load_identity_file(options.identity_files[idx]); 648 if (private == NULL) 649 return -1; 650 ret = key_sign(private, sigp, lenp, data, datalen); 651 key_free(private); 652 return ret; 653 } 654 655 int agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 656 u_char *data, int datalen) 657 { 658 return ssh_agent_sign(authctxt->agent, key, sigp, lenp, data, datalen); 659 } 660 661 int key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, 662 u_char *data, int datalen) 663 { 664 return key_sign(key, sigp, lenp, data, datalen); 665 } 666 667 int 668 userauth_pubkey_agent(Authctxt *authctxt) 669 { 670 static int called = 0; 671 int ret = 0; 672 char *comment; 673 Key *k; 674 675 if (called == 0) { 676 if (ssh_get_num_identities(authctxt->agent, 2) == 0) 677 debug2("userauth_pubkey_agent: no keys at all"); 678 called = 1; 679 } 680 k = ssh_get_next_identity(authctxt->agent, &comment, 2); 681 if (k == NULL) { 682 debug2("userauth_pubkey_agent: no more keys"); 683 } else { 684 debug("userauth_pubkey_agent: testing agent key %s", comment); 685 xfree(comment); 686 ret = send_pubkey_test(authctxt, k, agent_sign_cb, -1); 687 if (ret == 0) 688 key_free(k); 689 } 690 if (ret == 0) 691 debug2("userauth_pubkey_agent: no message sent"); 692 return ret; 693 } 694 695 int 696 userauth_pubkey(Authctxt *authctxt) 697 { 698 static int idx = 0; 699 int sent = 0; 700 Key *key; 701 char *filename; 702 703 if (authctxt->agent != NULL) { 704 do { 705 sent = userauth_pubkey_agent(authctxt); 706 } while(!sent && authctxt->agent->howmany > 0); 707 } 708 while (!sent && idx < options.num_identity_files) { 709 key = options.identity_keys[idx]; 710 filename = options.identity_files[idx]; 711 if (key == NULL) { 712 debug("try privkey: %s", filename); 713 key = load_identity_file(filename); 714 if (key != NULL) { 715 sent = sign_and_send_pubkey(authctxt, key, 716 key_sign_cb); 717 key_free(key); 718 } 719 } else if (key->type != KEY_RSA1) { 720 debug("try pubkey: %s", filename); 721 sent = send_pubkey_test(authctxt, key, 722 identity_sign_cb, idx); 723 } 724 idx++; 725 } 726 return sent; 727 } 728 729 /* 730 * Send userauth request message specifying keyboard-interactive method. 731 */ 732 int 733 userauth_kbdint(Authctxt *authctxt) 734 { 735 static int attempt = 0; 736 737 if (attempt++ >= options.number_of_password_prompts) 738 return 0; 739 740 debug2("userauth_kbdint"); 741 packet_start(SSH2_MSG_USERAUTH_REQUEST); 742 packet_put_cstring(authctxt->server_user); 743 packet_put_cstring(authctxt->service); 744 packet_put_cstring(authctxt->method->name); 745 packet_put_cstring(""); /* lang */ 746 packet_put_cstring(options.kbd_interactive_devices ? 747 options.kbd_interactive_devices : ""); 748 packet_send(); 749 750 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, &input_userauth_info_req); 751 return 1; 752 } 753 754 /* 755 * parse INFO_REQUEST, prompt user and send INFO_RESPONSE 756 */ 757 void 758 input_userauth_info_req(int type, int plen, void *ctxt) 759 { 760 Authctxt *authctxt = ctxt; 761 char *name, *inst, *lang, *prompt, *response; 762 u_int num_prompts, i; 763 int echo = 0; 764 765 debug2("input_userauth_info_req"); 766 767 if (authctxt == NULL) 768 fatal("input_userauth_info_req: no authentication context"); 769 770 name = packet_get_string(NULL); 771 inst = packet_get_string(NULL); 772 lang = packet_get_string(NULL); 773 if (strlen(name) > 0) 774 cli_mesg(name); 775 if (strlen(inst) > 0) 776 cli_mesg(inst); 777 xfree(name); 778 xfree(inst); 779 xfree(lang); 780 781 num_prompts = packet_get_int(); 782 /* 783 * Begin to build info response packet based on prompts requested. 784 * We commit to providing the correct number of responses, so if 785 * further on we run into a problem that prevents this, we have to 786 * be sure and clean this up and send a correct error response. 787 */ 788 packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE); 789 packet_put_int(num_prompts); 790 791 for (i = 0; i < num_prompts; i++) { 792 prompt = packet_get_string(NULL); 793 echo = packet_get_char(); 794 795 response = cli_prompt(prompt, echo); 796 797 ssh_put_password(response); 798 memset(response, 0, strlen(response)); 799 xfree(response); 800 xfree(prompt); 801 } 802 packet_done(); /* done with parsing incoming message. */ 803 804 packet_inject_ignore(64); 805 packet_send(); 806 } 807 808 /* 809 * this will be move to an external program (ssh-keysign) ASAP. ssh-keysign 810 * will be setuid-root and the sbit can be removed from /usr/bin/ssh. 811 */ 812 int 813 userauth_hostbased(Authctxt *authctxt) 814 { 815 Key *private = NULL; 816 Buffer b; 817 u_char *signature, *blob; 818 char *chost, *pkalg, *p; 819 const char *service; 820 u_int blen, slen; 821 int ok, i, len, found = 0; 822 823 p = get_local_name(packet_get_connection_in()); 824 if (p == NULL) { 825 error("userauth_hostbased: cannot get local ipaddr/name"); 826 return 0; 827 } 828 len = strlen(p) + 2; 829 chost = xmalloc(len); 830 strlcpy(chost, p, len); 831 strlcat(chost, ".", len); 832 debug2("userauth_hostbased: chost %s", chost); 833 /* check for a useful key */ 834 for (i = 0; i < authctxt->nkeys; i++) { 835 private = authctxt->keys[i]; 836 if (private && private->type != KEY_RSA1) { 837 found = 1; 838 /* we take and free the key */ 839 authctxt->keys[i] = NULL; 840 break; 841 } 842 } 843 if (!found) { 844 xfree(chost); 845 return 0; 846 } 847 if (key_to_blob(private, &blob, &blen) == 0) { 848 key_free(private); 849 xfree(chost); 850 return 0; 851 } 852 service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : 853 authctxt->service; 854 pkalg = xstrdup(key_ssh_name(private)); 855 buffer_init(&b); 856 /* construct data */ 857 buffer_put_string(&b, session_id2, session_id2_len); 858 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); 859 buffer_put_cstring(&b, authctxt->server_user); 860 buffer_put_cstring(&b, service); 861 buffer_put_cstring(&b, authctxt->method->name); 862 buffer_put_cstring(&b, pkalg); 863 buffer_put_string(&b, blob, blen); 864 buffer_put_cstring(&b, chost); 865 buffer_put_cstring(&b, authctxt->local_user); 866 #ifdef DEBUG_PK 867 buffer_dump(&b); 868 #endif 869 debug2("xxx: chost %s", chost); 870 ok = key_sign(private, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); 871 key_free(private); 872 buffer_free(&b); 873 if (ok != 0) { 874 error("key_sign failed"); 875 xfree(chost); 876 xfree(pkalg); 877 return 0; 878 } 879 packet_start(SSH2_MSG_USERAUTH_REQUEST); 880 packet_put_cstring(authctxt->server_user); 881 packet_put_cstring(authctxt->service); 882 packet_put_cstring(authctxt->method->name); 883 packet_put_cstring(pkalg); 884 packet_put_string(blob, blen); 885 packet_put_cstring(chost); 886 packet_put_cstring(authctxt->local_user); 887 packet_put_string(signature, slen); 888 memset(signature, 's', slen); 889 xfree(signature); 890 xfree(chost); 891 xfree(pkalg); 892 893 packet_send(); 894 return 1; 895 } 896 897 /* find auth method */ 898 899 /* 900 * given auth method name, if configurable options permit this method fill 901 * in auth_ident field and return true, otherwise return false. 902 */ 903 int 904 authmethod_is_enabled(Authmethod *method) 905 { 906 if (method == NULL) 907 return 0; 908 /* return false if options indicate this method is disabled */ 909 if (method->enabled == NULL || *method->enabled == 0) 910 return 0; 911 /* return false if batch mode is enabled but method needs interactive mode */ 912 if (method->batch_flag != NULL && *method->batch_flag != 0) 913 return 0; 914 return 1; 915 } 916 917 Authmethod * 918 authmethod_lookup(const char *name) 919 { 920 Authmethod *method = NULL; 921 if (name != NULL) 922 for (method = authmethods; method->name != NULL; method++) 923 if (strcmp(name, method->name) == 0) 924 return method; 925 debug2("Unrecognized authentication method name: %s", name ? name : "NULL"); 926 return NULL; 927 } 928 929 /* XXX internal state */ 930 static Authmethod *current = NULL; 931 static char *supported = NULL; 932 static char *preferred = NULL; 933 /* 934 * Given the authentication method list sent by the server, return the 935 * next method we should try. If the server initially sends a nil list, 936 * use a built-in default list. 937 */ 938 Authmethod * 939 authmethod_get(char *authlist) 940 { 941 942 char *name = NULL; 943 int next; 944 945 /* Use a suitable default if we're passed a nil list. */ 946 if (authlist == NULL || strlen(authlist) == 0) 947 authlist = options.preferred_authentications; 948 949 if (supported == NULL || strcmp(authlist, supported) != 0) { 950 debug3("start over, passed a different list %s", authlist); 951 if (supported != NULL) 952 xfree(supported); 953 supported = xstrdup(authlist); 954 preferred = options.preferred_authentications; 955 debug3("preferred %s", preferred); 956 current = NULL; 957 } else if (current != NULL && authmethod_is_enabled(current)) 958 return current; 959 960 for (;;) { 961 if ((name = match_list(preferred, supported, &next)) == NULL) { 962 debug("no more auth methods to try"); 963 current = NULL; 964 return NULL; 965 } 966 preferred += next; 967 debug3("authmethod_lookup %s", name); 968 debug3("remaining preferred: %s", preferred); 969 if ((current = authmethod_lookup(name)) != NULL && 970 authmethod_is_enabled(current)) { 971 debug3("authmethod_is_enabled %s", name); 972 debug("next auth method to try is %s", name); 973 return current; 974 } 975 } 976 } 977 978 979 #define DELIM "," 980 char * 981 authmethods_get(void) 982 { 983 Authmethod *method = NULL; 984 char buf[1024]; 985 986 buf[0] = '\0'; 987 for (method = authmethods; method->name != NULL; method++) { 988 if (authmethod_is_enabled(method)) { 989 if (buf[0] != '\0') 990 strlcat(buf, DELIM, sizeof buf); 991 strlcat(buf, method->name, sizeof buf); 992 } 993 } 994 return xstrdup(buf); 995 } 996