| 68 |
static BOOL handle_SSH2_userauth_success(PTInstVar pvar); |
static BOOL handle_SSH2_userauth_success(PTInstVar pvar); |
| 69 |
static BOOL handle_SSH2_userauth_failure(PTInstVar pvar); |
static BOOL handle_SSH2_userauth_failure(PTInstVar pvar); |
| 70 |
static BOOL handle_SSH2_userauth_banner(PTInstVar pvar); |
static BOOL handle_SSH2_userauth_banner(PTInstVar pvar); |
| 71 |
|
static BOOL handle_SSH2_userauth_inforeq(PTInstVar pvar); |
| 72 |
static BOOL handle_SSH2_open_confirm(PTInstVar pvar); |
static BOOL handle_SSH2_open_confirm(PTInstVar pvar); |
| 73 |
static BOOL handle_SSH2_request_success(PTInstVar pvar); |
static BOOL handle_SSH2_request_success(PTInstVar pvar); |
| 74 |
static BOOL handle_SSH2_channel_success(PTInstVar pvar); |
static BOOL handle_SSH2_channel_success(PTInstVar pvar); |
| 958 |
enque_handler(pvar, SSH2_MSG_USERAUTH_SUCCESS, handle_SSH2_userauth_success); |
enque_handler(pvar, SSH2_MSG_USERAUTH_SUCCESS, handle_SSH2_userauth_success); |
| 959 |
enque_handler(pvar, SSH2_MSG_USERAUTH_FAILURE, handle_SSH2_userauth_failure); |
enque_handler(pvar, SSH2_MSG_USERAUTH_FAILURE, handle_SSH2_userauth_failure); |
| 960 |
enque_handler(pvar, SSH2_MSG_USERAUTH_BANNER, handle_SSH2_userauth_banner); |
enque_handler(pvar, SSH2_MSG_USERAUTH_BANNER, handle_SSH2_userauth_banner); |
| 961 |
|
enque_handler(pvar, SSH2_MSG_USERAUTH_INFO_REQUEST, handle_SSH2_userauth_inforeq); |
| 962 |
|
|
| 963 |
enque_handler(pvar, SSH2_MSG_UNIMPLEMENTED, handle_unimplemented); |
enque_handler(pvar, SSH2_MSG_UNIMPLEMENTED, handle_unimplemented); |
| 964 |
|
|
| 4229 |
pvar->ssh2_keys[mode].mac.enabled = 1; |
pvar->ssh2_keys[mode].mac.enabled = 1; |
| 4230 |
} |
} |
| 4231 |
|
|
| 4232 |
|
// SSH2 keyboard-interactive methodの初期化 (2005.1.22 yutaka) |
| 4233 |
|
pvar->keyboard_interactive_done = 0; |
| 4234 |
|
|
| 4235 |
// start user authentication |
// start user authentication |
| 4236 |
msg = buffer_init(); |
msg = buffer_init(); |
| 4237 |
if (msg == NULL) { |
if (msg == NULL) { |
| 4440 |
unsigned char *outmsg; |
unsigned char *outmsg; |
| 4441 |
int len; |
int len; |
| 4442 |
char *connect_id = "ssh-connection"; |
char *connect_id = "ssh-connection"; |
| 4443 |
|
int kbdint = 0; |
| 4444 |
|
|
|
// pvar->auth_state.cur_cred.password = password; |
|
|
// pvar->auth_state.user = |
|
| 4445 |
msg = buffer_init(); |
msg = buffer_init(); |
| 4446 |
if (msg == NULL) { |
if (msg == NULL) { |
| 4447 |
// TODO: error check |
// TODO: error check |
| 4457 |
buffer_put_string(msg, s, strlen(s)); |
buffer_put_string(msg, s, strlen(s)); |
| 4458 |
|
|
| 4459 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) { // パスワード認証 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) { // パスワード認証 |
| 4460 |
s = connect_id; |
// 初回は keyboard-interactive メソッドでトライする (2005.1.22 yutaka) |
| 4461 |
buffer_put_string(msg, s, strlen(s)); |
// cf. http://www.openssh.com/txt/draft-ietf-secsh-auth-kbdinteract-02.txt |
| 4462 |
s = "password"; |
|
| 4463 |
buffer_put_string(msg, s, strlen(s)); |
if (pvar->settings.ssh2_keyboard_interactive == 1 && |
| 4464 |
buffer_put_char(msg, 0); // 0 |
pvar->keyboard_interactive_done == 0) { // keyboard-interactive method |
| 4465 |
|
pvar->keyboard_interactive_done = 1; |
| 4466 |
|
kbdint = 1; |
| 4467 |
|
|
| 4468 |
|
//s = "ssh-userauth"; // service name |
| 4469 |
|
s = connect_id; |
| 4470 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4471 |
|
s = "keyboard-interactive"; // method name |
| 4472 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4473 |
|
s = ""; // language tag |
| 4474 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4475 |
|
s = ""; // submethods |
| 4476 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4477 |
|
|
| 4478 |
|
|
|
if (pvar->ssh2_autologin == 1) { // SSH2自動ログイン |
|
|
s = pvar->ssh2_password; |
|
| 4479 |
} else { |
} else { |
| 4480 |
s = pvar->auth_state.cur_cred.password; // パスワード |
// password authentication method |
| 4481 |
|
s = connect_id; |
| 4482 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4483 |
|
s = "password"; |
| 4484 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4485 |
|
buffer_put_char(msg, 0); // 0 |
| 4486 |
|
|
| 4487 |
|
if (pvar->ssh2_autologin == 1) { // SSH2自動ログイン |
| 4488 |
|
s = pvar->ssh2_password; |
| 4489 |
|
} else { |
| 4490 |
|
s = pvar->auth_state.cur_cred.password; // パスワード |
| 4491 |
|
} |
| 4492 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4493 |
|
|
| 4494 |
} |
} |
|
buffer_put_string(msg, s, strlen(s)); |
|
| 4495 |
|
|
| 4496 |
|
|
| 4497 |
} else if (pvar->auth_state.cur_cred.method == SSH_AUTH_RSA) { // 公開鍵認証 |
} else if (pvar->auth_state.cur_cred.method == SSH_AUTH_RSA) { // 公開鍵認証 |
| 4565 |
buffer_free(msg); |
buffer_free(msg); |
| 4566 |
|
|
| 4567 |
SSH2_dispatch_init(5); |
SSH2_dispatch_init(5); |
| 4568 |
|
if (kbdint == 1) { // keyboard-interactive method |
| 4569 |
|
SSH2_dispatch_add_message(SSH2_MSG_USERAUTH_INFO_REQUEST); |
| 4570 |
|
} |
| 4571 |
SSH2_dispatch_add_message(SSH2_MSG_USERAUTH_SUCCESS); |
SSH2_dispatch_add_message(SSH2_MSG_USERAUTH_SUCCESS); |
| 4572 |
SSH2_dispatch_add_message(SSH2_MSG_USERAUTH_FAILURE); |
SSH2_dispatch_add_message(SSH2_MSG_USERAUTH_FAILURE); |
| 4573 |
SSH2_dispatch_add_message(SSH2_MSG_USERAUTH_BANNER); |
SSH2_dispatch_add_message(SSH2_MSG_USERAUTH_BANNER); |
| 4721 |
// TCP connection closed |
// TCP connection closed |
| 4722 |
//notify_closed_connection(pvar); |
//notify_closed_connection(pvar); |
| 4723 |
|
|
| 4724 |
|
// keyboard-interactive methodでトライして失敗した場合、次にpassword authentication method |
| 4725 |
|
// で無条件にトライしてみる。(2005.1.22 yutaka) |
| 4726 |
|
if (pvar->keyboard_interactive_done == 1) { |
| 4727 |
|
handle_SSH2_authrequest(pvar); |
| 4728 |
|
pvar->keyboard_interactive_done = 0; // clear flag |
| 4729 |
|
return TRUE; |
| 4730 |
|
} |
| 4731 |
|
|
| 4732 |
if (pvar->ssh2_autologin == 1) { |
if (pvar->ssh2_autologin == 1) { |
| 4733 |
// SSH2自動ログインが有効の場合は、リトライは行わない。(2004.12.4 yutaka) |
// SSH2自動ログインが有効の場合は、リトライは行わない。(2004.12.4 yutaka) |
| 4734 |
notify_fatal_error(pvar, |
notify_fatal_error(pvar, |
| 4754 |
} |
} |
| 4755 |
|
|
| 4756 |
|
|
| 4757 |
|
// SSH2 keyboard-interactive methodの SSH2_MSG_USERAUTH_INFO_REQUEST 処理関数 |
| 4758 |
|
// |
| 4759 |
|
// ※メモ:OpenSSHでPAMを有効にする方法 |
| 4760 |
|
//・ビルド |
| 4761 |
|
//# ./configure --with-pam |
| 4762 |
|
//# make |
| 4763 |
|
// |
| 4764 |
|
//・/etc/ssh/sshd_config に下記のように書く。 |
| 4765 |
|
//PasswordAuthentication no |
| 4766 |
|
//PermitEmptyPasswords no |
| 4767 |
|
//ChallengeResponseAuthentication yes |
| 4768 |
|
//UsePAM yes |
| 4769 |
|
// |
| 4770 |
|
// (2005.1.23 yutaka) |
| 4771 |
|
static BOOL handle_SSH2_userauth_inforeq(PTInstVar pvar) |
| 4772 |
|
{ |
| 4773 |
|
int len; |
| 4774 |
|
char *data; |
| 4775 |
|
int slen, num, echo; |
| 4776 |
|
char *s, *prompt; |
| 4777 |
|
buffer_t *msg; |
| 4778 |
|
unsigned char *outmsg; |
| 4779 |
|
int i; |
| 4780 |
|
|
| 4781 |
|
|
| 4782 |
|
// 6byte(サイズ+パディング+タイプ)を取り除いた以降のペイロード |
| 4783 |
|
data = pvar->ssh_state.payload; |
| 4784 |
|
// パケットサイズ - (パディングサイズ+1);真のパケットサイズ |
| 4785 |
|
len = pvar->ssh_state.payloadlen; |
| 4786 |
|
|
| 4787 |
|
//debug_print(10, data, len); |
| 4788 |
|
|
| 4789 |
|
///////// step1 |
| 4790 |
|
// get string |
| 4791 |
|
slen = get_uint32_MSBfirst(data); |
| 4792 |
|
data += 4; |
| 4793 |
|
s = data; // name |
| 4794 |
|
data += slen; |
| 4795 |
|
|
| 4796 |
|
// get string |
| 4797 |
|
slen = get_uint32_MSBfirst(data); |
| 4798 |
|
data += 4; |
| 4799 |
|
s = data; // instruction |
| 4800 |
|
data += slen; |
| 4801 |
|
|
| 4802 |
|
// get string |
| 4803 |
|
slen = get_uint32_MSBfirst(data); |
| 4804 |
|
data += 4; |
| 4805 |
|
s = data; // language tag |
| 4806 |
|
data += slen; |
| 4807 |
|
|
| 4808 |
|
// num-prompts |
| 4809 |
|
num = get_uint32_MSBfirst(data); |
| 4810 |
|
data += 4; |
| 4811 |
|
|
| 4812 |
|
///////// step2 |
| 4813 |
|
// サーバへパスフレーズを送る |
| 4814 |
|
msg = buffer_init(); |
| 4815 |
|
if (msg == NULL) { |
| 4816 |
|
// TODO: error check |
| 4817 |
|
return FALSE; |
| 4818 |
|
} |
| 4819 |
|
buffer_put_int(msg, num); |
| 4820 |
|
|
| 4821 |
|
// プロンプトの数だけ prompt & echo が繰り返される。 |
| 4822 |
|
for (i = 0 ; i < num ; i++) { |
| 4823 |
|
// get string |
| 4824 |
|
slen = get_uint32_MSBfirst(data); |
| 4825 |
|
data += 4; |
| 4826 |
|
prompt = data; // prompt |
| 4827 |
|
data += slen; |
| 4828 |
|
|
| 4829 |
|
// get boolean |
| 4830 |
|
echo = data[0]; |
| 4831 |
|
data += 1; |
| 4832 |
|
|
| 4833 |
|
// TODO: ここでプロンプトを表示してユーザから入力させるのが正解。 |
| 4834 |
|
s = pvar->auth_state.cur_cred.password; |
| 4835 |
|
buffer_put_string(msg, s, strlen(s)); |
| 4836 |
|
} |
| 4837 |
|
|
| 4838 |
|
len = buffer_len(msg); |
| 4839 |
|
outmsg = begin_send_packet(pvar, SSH2_MSG_USERAUTH_INFO_RESPONSE, len); |
| 4840 |
|
memcpy(outmsg, buffer_ptr(msg), len); |
| 4841 |
|
finish_send_packet(pvar); |
| 4842 |
|
buffer_free(msg); |
| 4843 |
|
|
| 4844 |
|
return TRUE; |
| 4845 |
|
} |
| 4846 |
|
|
| 4847 |
|
|
| 4848 |
static BOOL handle_SSH2_open_confirm(PTInstVar pvar) |
static BOOL handle_SSH2_open_confirm(PTInstVar pvar) |
| 4849 |
{ |
{ |
| 4850 |
buffer_t *msg; |
buffer_t *msg; |
| 5136 |
|
|
| 5137 |
/* |
/* |
| 5138 |
* $Log: not supported by cvs2svn $ |
* $Log: not supported by cvs2svn $ |
| 5139 |
|
* Revision 1.14 2005/01/06 12:29:07 yutakakn |
| 5140 |
|
* telnet接続時にターミナルサイズ変更を行うと、アプリケーションエラーとなるバグを修正。 |
| 5141 |
|
* |
| 5142 |
* Revision 1.13 2005/01/04 16:09:45 yutakakn |
* Revision 1.13 2005/01/04 16:09:45 yutakakn |
| 5143 |
* キー再作成時にMAC corruptとなるバグを修正(メモリの二重フリーが原因)。 |
* キー再作成時にMAC corruptとなるバグを修正(メモリの二重フリーが原因)。 |
| 5144 |
* |
* |
Tera Term
Parent Directory
Revision Log
Patch