lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-29 01:03:57 +03:00
Code Activity

Check return values of buffer_add_* and packet_send functions.

Browse Source 
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@410 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Andreas Schneider
2009-04-07 13:40:40 +00:00
parent cd3dd624b3
commit d1fefb4de3
1 changed files with 446 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

584
libssh/auth.c
View File

@@ -168,44 +168,77 @@ int ssh_userauth_list(SSH_SESSION *session, const char *username){
*/ */
int ssh_userauth_none(SSH_SESSION *session, const char *username){ int ssh_userauth_none(SSH_SESSION *session, const char *username){
STRING *user; STRING *user = NULL;
STRING *service; STRING *service = NULL;
STRING *method; STRING *method = NULL;
int ret; int rc = SSH_AUTH_ERROR;
enter_function(); enter_function();
#ifdef HAVE_SSH1 #ifdef HAVE_SSH1
if(session->version==1){ if(session->version==1){
ret = ssh_userauth1_none(session,username); err = ssh_userauth1_none(session,username);
leave_function(); leave_function();
return ret; return rc;
} }
#endif #endif
if(!username) if(!username)
if(!(username=session->options->username)){ if(!(username=session->options->username)){
if(ssh_options_default_username(session->options)){ if(ssh_options_default_username(session->options)){
leave_function(); leave_function();
return SSH_AUTH_ERROR; return rc;
} else } else
username=session->options->username; username=session->options->username;
} }
if (ask_userauth(session)) { if (ask_userauth(session)) {
leave_function(); leave_function();
return SSH_AUTH_ERROR; return rc;
} }
user = string_from_char(username); user = string_from_char(username);
if (user == NULL) {
goto error;
}
method = string_from_char("none"); method = string_from_char("none");
if (method == NULL) {
goto error;
}
service = string_from_char("ssh-connection"); service = string_from_char("ssh-connection");
buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST); if (service == NULL) {
buffer_add_ssh_string(session->out_buffer,user); goto error;
buffer_add_ssh_string(session->out_buffer,service); }
buffer_add_ssh_string(session->out_buffer,method);
free(service); if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) {
free(method); goto error;
free(user); }
packet_send(session); if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
ret = wait_auth_status(session,0); goto error;
}
if (buffer_add_ssh_string(session->out_buffer, service) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, method) < 0) {
goto error;
}
string_free(service);
string_free(method);
string_free(user);
if (packet_send(session) != SSH_OK) {
leave_function(); leave_function();
return ret; return rc;
}
rc = wait_auth_status(session, 0);
leave_function();
return rc;
error:
buffer_free(session->out_buffer);
string_free(service);
string_free(method);
string_free(user);
leave_function();
return rc;
} }
/** \brief Try to authenticate through public key /** \brief Try to authenticate through public key
@@ -224,51 +257,94 @@ int ssh_userauth_none(SSH_SESSION *session, const char *username){
*/ */
int ssh_userauth_offer_pubkey(SSH_SESSION *session, const char *username,int type, STRING *publickey){ int ssh_userauth_offer_pubkey(SSH_SESSION *session, const char *username,int type, STRING *publickey){
STRING *user; STRING *user = NULL;
STRING *service; STRING *service = NULL;
STRING *method; STRING *method = NULL;
STRING *algo; STRING *algo = NULL;
int err=SSH_AUTH_ERROR; int rc = SSH_AUTH_ERROR;
enter_function(); enter_function();
#ifdef HAVE_SSH1 #ifdef HAVE_SSH1
if(session->version==1){ if(session->version==1){
err= ssh_userauth1_offer_pubkey(session,username,type,publickey); err= ssh_userauth1_offer_pubkey(session,username,type,publickey);
leave_function(); leave_function();
return err; return rc;
} }
#endif #endif
if(!username) if(!username)
if(!(username=session->options->username)){ if(!(username=session->options->username)){
if(ssh_options_default_username(session->options)){ if(ssh_options_default_username(session->options)){
leave_function(); leave_function();
return SSH_AUTH_ERROR; return rc;
} else } else
username=session->options->username; username=session->options->username;
} }
if(ask_userauth(session)){ if(ask_userauth(session)){
leave_function(); leave_function();
return SSH_AUTH_ERROR; return rc;
} }
user=string_from_char(username);
service=string_from_char("ssh-connection");
method=string_from_char("publickey");
algo=string_from_char(ssh_type_to_char(type));
buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST); user = string_from_char(username);
buffer_add_ssh_string(session->out_buffer,user); if (user == NULL) {
buffer_add_ssh_string(session->out_buffer,service); goto error;
buffer_add_ssh_string(session->out_buffer,method); }
buffer_add_u8(session->out_buffer,0); service = string_from_char("ssh-connection");
buffer_add_ssh_string(session->out_buffer,algo); if (service == NULL) {
buffer_add_ssh_string(session->out_buffer,publickey); goto error;
packet_send(session); }
err=wait_auth_status(session,0); method = string_from_char("publickey");
free(user); if (method == NULL) {
free(method); goto error;
free(service); }
free(algo); algo = string_from_char(ssh_type_to_char(type));
if (algo == NULL) {
goto error;
}
if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, service) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, method) < 0) {
goto error;
}
if (buffer_add_u8(session->out_buffer, 0) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, algo) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, publickey) < 0) {
goto error;
}
string_free(user);
string_free(method);
string_free(service);
string_free(algo);
if (packet_send(session) != SSH_OK) {
leave_function(); leave_function();
return err; return rc;
}
rc = wait_auth_status(session,0);
leave_function();
return rc;
error:
buffer_free(session->out_buffer);
string_free(user);
string_free(method);
string_free(service);
string_free(algo);
leave_function();
return rc;
} }
@@ -289,12 +365,13 @@ int ssh_userauth_offer_pubkey(SSH_SESSION *session, const char *username,int typ
*/ */
int ssh_userauth_pubkey(SSH_SESSION *session, const char *username, STRING *publickey, PRIVATE_KEY *privatekey){ int ssh_userauth_pubkey(SSH_SESSION *session, const char *username, STRING *publickey, PRIVATE_KEY *privatekey){
STRING *user; STRING *user = NULL;
STRING *service; STRING *service = NULL;
STRING *method; STRING *method = NULL;
STRING *algo; STRING *algo = NULL;
STRING *sign; STRING *sign = NULL;
int err=SSH_AUTH_ERROR; int rc = SSH_AUTH_ERROR;
enter_function(); enter_function();
// if(session->version==1) // if(session->version==1)
// return ssh_userauth1_pubkey(session,username,publickey,privatekey); // return ssh_userauth1_pubkey(session,username,publickey,privatekey);
@@ -302,41 +379,84 @@ int ssh_userauth_pubkey(SSH_SESSION *session, const char *username, STRING *publ
if(!(username=session->options->username)){ if(!(username=session->options->username)){
if(ssh_options_default_username(session->options)){ if(ssh_options_default_username(session->options)){
leave_function(); leave_function();
return err; return rc;
} else } else
username=session->options->username; username=session->options->username;
} }
if(ask_userauth(session)){ if(ask_userauth(session)){
leave_function(); leave_function();
return err; return rc;
} }
user=string_from_char(username);
service=string_from_char("ssh-connection");
method=string_from_char("publickey");
algo=string_from_char(ssh_type_to_char(privatekey->type));
user = string_from_char(username);
if (user == NULL) {
goto error;
}
service = string_from_char("ssh-connection");
if (service == NULL) {
goto error;
}
method = string_from_char("publickey");
if (method == NULL) {
goto error;
}
algo = string_from_char(ssh_type_to_char(privatekey->type));
if (algo == NULL) {
goto error;
}
/* we said previously the public key was accepted */ /* we said previously the public key was accepted */
buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST); if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) {
buffer_add_ssh_string(session->out_buffer,user); goto error;
buffer_add_ssh_string(session->out_buffer,service); }
buffer_add_ssh_string(session->out_buffer,method); if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
buffer_add_u8(session->out_buffer,1); goto error;
buffer_add_ssh_string(session->out_buffer,algo); }
buffer_add_ssh_string(session->out_buffer,publickey); if (buffer_add_ssh_string(session->out_buffer, service) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, method) < 0) {
goto error;
}
if (buffer_add_u8(session->out_buffer, 1) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, algo) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, publickey) < 0) {
goto error;
}
sign = ssh_do_sign(session,session->out_buffer, privatekey); sign = ssh_do_sign(session,session->out_buffer, privatekey);
if (sign) { if (sign) {
buffer_add_ssh_string(session->out_buffer,sign); if (buffer_add_ssh_string(session->out_buffer,sign) < 0) {
free(sign); goto error;
packet_send(session);
err=wait_auth_status(session,0);
} }
free(user); string_free(sign);
free(service);
free(method); if (packet_send(session) != SSH_OK) {
free(algo);
leave_function(); leave_function();
return err; return rc;
}
rc = wait_auth_status(session,0);
}
string_free(user);
string_free(service);
string_free(method);
string_free(algo);
leave_function();
return rc;
error:
buffer_free(session->out_buffer);
string_free(user);
string_free(service);
string_free(method);
string_free(algo);
leave_function();
return rc;
} }
#ifndef _WIN32 #ifndef _WIN32
@@ -357,24 +477,24 @@ int ssh_userauth_pubkey(SSH_SESSION *session, const char *username, STRING *publ
int ssh_userauth_agent_pubkey(SSH_SESSION *session, const char *username, int ssh_userauth_agent_pubkey(SSH_SESSION *session, const char *username,
PUBLIC_KEY *publickey) { PUBLIC_KEY *publickey) {
STRING *user; STRING *user = NULL;
STRING *service; STRING *service = NULL;
STRING *method; STRING *method = NULL;
STRING *algo; STRING *algo = NULL;
STRING *key; STRING *key = NULL;
STRING *sign; STRING *sign = NULL;
int err = SSH_AUTH_ERROR; int rc = SSH_AUTH_ERROR;
enter_function(); enter_function();
if (! agent_is_running(session)) { if (! agent_is_running(session)) {
return err; return rc;
} }
if(username == NULL) { if(username == NULL) {
if((username = session->options->username) == NULL) { if((username = session->options->username) == NULL) {
if (ssh_options_default_username(session->options)) { if (ssh_options_default_username(session->options)) {
leave_function(); leave_function();
return err; return rc;
} else { } else {
username=session->options->username; username=session->options->username;
} }
@@ -382,31 +502,65 @@ int ssh_userauth_agent_pubkey(SSH_SESSION *session, const char *username,
} }
if (ask_userauth(session)) { if (ask_userauth(session)) {
leave_function(); leave_function();
return err; return rc;
} }
user = string_from_char(username); user = string_from_char(username);
if (user == NULL) {
goto error;
}
service = string_from_char("ssh-connection"); service = string_from_char("ssh-connection");
if (service == NULL) {
goto error;
}
method = string_from_char("publickey"); method = string_from_char("publickey");
if (method == NULL) {
goto error;
}
algo = string_from_char(ssh_type_to_char(publickey->type)); algo = string_from_char(ssh_type_to_char(publickey->type));
if (algo == NULL) {
goto error;
}
key = publickey_to_string(publickey); key = publickey_to_string(publickey);
if (key == NULL) {
goto error;
}
/* we said previously the public key was accepted */ /* we said previously the public key was accepted */
buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST); if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) {
buffer_add_ssh_string(session->out_buffer, user); goto error;
buffer_add_ssh_string(session->out_buffer, service); }
buffer_add_ssh_string(session->out_buffer, method); if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
buffer_add_u8(session->out_buffer, 1); goto error;
buffer_add_ssh_string(session->out_buffer, algo); }
buffer_add_ssh_string(session->out_buffer, key); if (buffer_add_ssh_string(session->out_buffer, service) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, method) < 0) {
goto error;
}
if (buffer_add_u8(session->out_buffer, 1) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, algo) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, key) < 0) {
goto error;
}
sign = ssh_do_sign_with_agent(session, session->out_buffer, publickey); sign = ssh_do_sign_with_agent(session, session->out_buffer, publickey);
if (sign) { if (sign) {
buffer_add_ssh_string(session->out_buffer, sign); if (buffer_add_ssh_string(session->out_buffer, sign) < 0) {
goto error;
}
string_free(sign); string_free(sign);
packet_send(session); if (packet_send(session) != SSH_OK) {
err = wait_auth_status(session,0); leave_function();
return rc;
}
rc = wait_auth_status(session,0);
} }
string_free(user); string_free(user);
string_free(service); string_free(service);
@@ -414,7 +568,17 @@ int ssh_userauth_agent_pubkey(SSH_SESSION *session, const char *username,
string_free(algo); string_free(algo);
leave_function(); leave_function();
return err; return rc;
error:
buffer_free(session->out_buffer);
string_free(sign);
string_free(user);
string_free(service);
string_free(method);
string_free(algo);
leave_function();
return rc;
} }
#endif /* _WIN32 */ #endif /* _WIN32 */
@@ -432,52 +596,93 @@ int ssh_userauth_agent_pubkey(SSH_SESSION *session, const char *username,
int ssh_userauth_password(SSH_SESSION *session, const char *username, const char *password){ int ssh_userauth_password(SSH_SESSION *session, const char *username, const char *password){
STRING *user; STRING *user = NULL;
STRING *service; STRING *service = NULL;
STRING *method; STRING *method = NULL;
STRING *password_s; STRING *pwd = NULL;
int err; int rc = SSH_AUTH_ERROR;
enter_function(); enter_function();
#ifdef HAVE_SSH1 #ifdef HAVE_SSH1
if(session->version==1){ if(session->version==1){
err = ssh_userauth1_password(session,username,password); rc = ssh_userauth1_password(session,username,password);
leave_function(); leave_function();
return err; return rc;
} }
#endif #endif
if(!username) if(!username)
if(!(username=session->options->username)){ if(!(username=session->options->username)){
if(ssh_options_default_username(session->options)){ if(ssh_options_default_username(session->options)){
err = SSH_AUTH_ERROR;
leave_function(); leave_function();
return err; return rc;
} else } else
username=session->options->username; username=session->options->username;
} }
if(ask_userauth(session)) { if(ask_userauth(session)) {
leave_function(); leave_function();
return SSH_AUTH_ERROR; return rc;
} }
user=string_from_char(username);
service=string_from_char("ssh-connection");
method=string_from_char("password");
password_s=string_from_char(password);
buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST); user = string_from_char(username);
buffer_add_ssh_string(session->out_buffer,user); if (user == NULL) {
buffer_add_ssh_string(session->out_buffer,service); goto error;
buffer_add_ssh_string(session->out_buffer,method); }
buffer_add_u8(session->out_buffer,0); service = string_from_char("ssh-connection");
buffer_add_ssh_string(session->out_buffer,password_s); if (service == NULL) {
free(user); goto error;
free(service); }
free(method); method = string_from_char("password");
memset(password_s,0,strlen(password)+4); if (method == NULL) {
free(password_s); goto error;
packet_send(session); }
err=wait_auth_status(session,0); pwd = string_from_char(password);
if (pwd == NULL) {
goto error;
}
if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, service) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, method) < 0) {
goto error;
}
if (buffer_add_u8(session->out_buffer, 0) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, pwd) < 0) {
goto error;
}
string_free(user);
string_free(service);
string_free(method);
string_burn(pwd);
string_free(pwd);
if (packet_send(session) != SSH_OK) {
leave_function(); leave_function();
return err; return rc;
}
rc = wait_auth_status(session, 0);
leave_function();
return rc;
error:
buffer_free(session->out_buffer);
string_free(user);
string_free(service);
string_free(method);
string_burn(pwd);
string_free(pwd);
leave_function();
return rc;
} }
static const char *keys_path[] = { static const char *keys_path[] = {
@@ -772,31 +977,74 @@ static void kbdint_clean(struct ssh_kbdint *kbd){
/* this function sends the first packet as explained in section 3.1 /* this function sends the first packet as explained in section 3.1
* of the draft */ * of the draft */
static int kbdauth_init(SSH_SESSION *session, static int kbdauth_init(SSH_SESSION *session, const char *user,
const char *user, const char *submethods){ const char *submethods) {
STRING *user_s=string_from_char(user); STRING *usr = NULL;
STRING *submethods_s=(submethods ? string_from_char(submethods): string_from_char("")); STRING *sub = NULL;
STRING *service=string_from_char("ssh-connection"); STRING *service = NULL;
STRING *method=string_from_char("keyboard-interactive"); STRING *method = NULL;
int err; int rc = SSH_AUTH_ERROR;
enter_function(); enter_function();
buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST);
buffer_add_ssh_string(session->out_buffer,user_s); usr = string_from_char(user);
buffer_add_ssh_string(session->out_buffer,service); if (usr == NULL) {
buffer_add_ssh_string(session->out_buffer,method); goto error;
buffer_add_u32(session->out_buffer,0); // language tag
buffer_add_ssh_string(session->out_buffer,submethods_s);
free(user_s);
free(service);
free(method);
free(submethods_s);
if(packet_send(session)){
leave_function();
return SSH_AUTH_ERROR;
} }
err=wait_auth_status(session,1); sub = (submethods ? string_from_char(submethods) : string_from_char(""));
if (sub == NULL) {
goto error;
}
service = string_from_char("ssh-connection");
if (service == NULL) {
goto error;
}
method = string_from_char("keyboard-interactive");
if (method == NULL) {
goto error;
}
if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_REQUEST) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, usr) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, service) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, method) < 0) {
goto error;
}
if (buffer_add_u32(session->out_buffer, 0) < 0) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, sub) < 0) {
goto error;
}
string_free(usr);
string_free(service);
string_free(method);
string_free(sub);
if (packet_send(session) != SSH_OK) {
leave_function(); leave_function();
return err; return rc;
}
rc = wait_auth_status(session,1);
leave_function();
return rc;
error:
buffer_free(session->out_buffer);
string_free(usr);
string_free(service);
string_free(method);
string_free(sub);
leave_function();
return rc;
} }
static int kbdauth_info_get(SSH_SESSION *session){ static int kbdauth_info_get(SSH_SESSION *session){
@@ -879,28 +1127,52 @@ static int kbdauth_info_get(SSH_SESSION *session){
/* sends challenge back to the server */ /* sends challenge back to the server */
static int kbdauth_send(SSH_SESSION *session) { static int kbdauth_send(SSH_SESSION *session) {
STRING *answer; STRING *answer = NULL;
int rc = SSH_AUTH_ERROR;
u32 i; u32 i;
int err;
enter_function(); enter_function();
buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_INFO_RESPONSE);
buffer_add_u32(session->out_buffer,htonl(session->kbdint->nprompts)); if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_INFO_RESPONSE) < 0) {
for(i=0;i<session->kbdint->nprompts;++i){ goto error;
if(session->kbdint->answers[i]) }
if (buffer_add_u32(session->out_buffer, htonl(session->kbdint->nprompts)) < 0) {
goto error;
}
for (i = 0; i < session->kbdint->nprompts; i++) {
if (session->kbdint->answers[i]) {
answer = string_from_char(session->kbdint->answers[i]); answer = string_from_char(session->kbdint->answers[i]);
else } else {
answer = string_from_char(""); answer = string_from_char("");
buffer_add_ssh_string(session->out_buffer,answer); }
if (answer == NULL) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer, answer) < 0) {
goto error;
}
string_burn(answer); string_burn(answer);
free(answer); string_free(answer);
} }
if(packet_send(session)){
if (packet_send(session) != SSH_OK) {
leave_function(); leave_function();
return SSH_AUTH_ERROR; return rc;
} }
err = wait_auth_status(session,1); rc = wait_auth_status(session,1);
leave_function(); leave_function();
return err; return rc;
error:
buffer_free(session->out_buffer);
string_burn(answer);
string_free(answer);
leave_function();
return rc;
} }
/** \brief Try to authenticate through the "keyboard-interactive" method /** \brief Try to authenticate through the "keyboard-interactive" method