ssh_auth_password made nonblocking

include/libssh/session.h

@@ -54,7 +54,8 @@ enum ssh_dh_state_e {
 enum ssh_pending_call_e {
 	SSH_PENDING_CALL_NONE = 0,
 	SSH_PENDING_CALL_CONNECT,
-	SSH_PENDING_CALL_AUTH_NONE
+	SSH_PENDING_CALL_AUTH_NONE,
+	SSH_PENDING_CALL_AUTH_PASSWORD
 };
 
 /* libssh calls may block an undefined amount of time */

src/auth.c

@@ -344,12 +344,15 @@ int ssh_userauth_list(ssh_session session, const char *username) {
  *          SSH_AUTH_PARTIAL: You've been partially authenticated, you still
  *                            have to use another method\n
  *          SSH_AUTH_SUCCESS: Authentication success
+ *          SSH_AUTH_AGAIN:   In nonblocking mode, you've got to call this again
+ *                            later.
  */
 int ssh_userauth_none(ssh_session session, const char *username) {
   ssh_string user = NULL;
   ssh_string service = NULL;
   ssh_string method = NULL;
   int rc = SSH_AUTH_ERROR;
+  int err;
 
   enter_function();
 
@@ -386,6 +389,8 @@ int ssh_userauth_none(ssh_session session, const char *username) {
   case SSH_PENDING_CALL_NONE:
     break;
   case SSH_PENDING_CALL_AUTH_NONE:
+    ssh_string_free(user);
+    user=NULL;
     goto pending;
   default:
     ssh_set_error(session,SSH_FATAL,"Bad call during pending SSH call in ssh_userauth_none");
@@ -393,7 +398,14 @@ int ssh_userauth_none(ssh_session session, const char *username) {
     rc=SSH_ERROR;
   }
 
-  if (ask_userauth(session) < 0) {
+  err = ask_userauth(session);
+  if(err == SSH_AGAIN){
+    rc=SSH_AUTH_AGAIN;
+    ssh_string_free(user);
+    leave_function();
+    return rc;
+  } else if(err == SSH_ERROR){
+    rc=SSH_AUTH_ERROR;
     ssh_string_free(user);
     leave_function();
     return rc;
@@ -916,6 +928,8 @@ error:
  *          SSH_AUTH_PARTIAL: You've been partially authenticated, you still
  *                            have to use another method.\n
  *          SSH_AUTH_SUCCESS: Authentication successful.
+ *          SSH_AUTH_AGAIN:   In nonblocking mode, you've got to call this again
+ *                            later.
  *
  * @see ssh_userauth_kbdint()
  * @see BURN_STRING
@@ -927,6 +941,7 @@ int ssh_userauth_password(ssh_session session, const char *username,
   ssh_string method = NULL;
   ssh_string pwd = NULL;
   int rc = SSH_AUTH_ERROR;
+  int err;
 
   enter_function();
 
@@ -955,7 +970,27 @@ int ssh_userauth_password(ssh_session session, const char *username,
     return rc;
   }
 
-  if (ask_userauth(session) < 0) {
+  switch(session->pending_call_state){
+  case SSH_PENDING_CALL_NONE:
+    break;
+  case SSH_PENDING_CALL_AUTH_PASSWORD:
+    ssh_string_free(user);
+    user=NULL;
+    goto pending;
+  default:
+    ssh_set_error(session,SSH_FATAL,"Bad call during pending SSH call in ssh_userauth_password");
+    goto error;
+    rc=SSH_ERROR;
+  }
+
+  err = ask_userauth(session);
+  if(err == SSH_AGAIN){
+    rc=SSH_AUTH_AGAIN;
+    ssh_string_free(user);
+    leave_function();
+    return rc;
+  } else if(err == SSH_ERROR){
+    rc=SSH_AUTH_ERROR;
     ssh_string_free(user);
     leave_function();
     return rc;
@@ -989,12 +1024,15 @@ int ssh_userauth_password(ssh_session session, const char *username,
   ssh_string_burn(pwd);
   ssh_string_free(pwd);
   session->auth_state=SSH_AUTH_STATE_NONE;
+  session->pending_call_state=SSH_PENDING_CALL_AUTH_PASSWORD;
   if (packet_send(session) == SSH_ERROR) {
     leave_function();
     return rc;
   }
+pending:
   rc = wait_auth_status(session);
-
+  if(rc!=SSH_AUTH_AGAIN)
+    session->pending_call_state=SSH_PENDING_CALL_NONE;
   leave_function();
   return rc;
 error:

tests/client/torture_auth.c

@@ -142,7 +142,7 @@ static void torture_auth_password(void **state) {
 
     rc = ssh_userauth_none(session, NULL);
     /* This request should return a SSH_REQUEST_DENIED error */
-    if (rc == SSH_ERROR) {
+    if (rc == SSH_AUTH_ERROR) {
         assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
     }
     assert_true(ssh_auth_list(session) & SSH_AUTH_METHOD_PASSWORD);
@@ -151,11 +151,55 @@ static void torture_auth_password(void **state) {
     assert_true(rc == SSH_AUTH_SUCCESS);
 }
 
+static void torture_auth_password_nonblocking(void **state) {
+    ssh_session session = *state;
+    char *user = getenv("TORTURE_USER");
+    char *password = getenv("TORTURE_PASSWORD");
+    int rc;
+
+    if (user == NULL) {
+        print_message("*** Please set the environment variable TORTURE_USER"
+                      " to enable this test!!\n");
+        return;
+    }
+
+    if (password == NULL) {
+        print_message("*** Please set the environment variable "
+                      "TORTURE_PASSWORD to enable this test!!\n");
+        return;
+    }
+
+    rc = ssh_options_set(session, SSH_OPTIONS_USER, user);
+    assert_true(rc == SSH_OK);
+
+    rc = ssh_connect(session);
+    assert_true(rc == SSH_OK);
+    ssh_set_blocking(session,0);
+
+    do {
+      rc = ssh_userauth_none(session, NULL);
+    } while (rc==SSH_AUTH_AGAIN);
+
+    /* This request should return a SSH_REQUEST_DENIED error */
+    if (rc == SSH_AUTH_ERROR) {
+        assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED);
+    }
+    assert_true(ssh_auth_list(session) & SSH_AUTH_METHOD_PASSWORD);
+
+    do {
+      rc = ssh_userauth_password(session, NULL, password);
+    } while(rc==SSH_AUTH_AGAIN);
+
+    assert_true(rc == SSH_AUTH_SUCCESS);
+}
+
+
 int torture_run_tests(void) {
     int rc;
     const UnitTest tests[] = {
         unit_test_setup_teardown(torture_auth_kbdint, setup, teardown),
         unit_test_setup_teardown(torture_auth_password, setup, teardown),
+        unit_test_setup_teardown(torture_auth_password_nonblocking, setup, teardown),
         unit_test_setup_teardown(torture_auth_autopubkey, setup, teardown),
     };