auth: adapt libssh to gssapi-with-mic server

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
author: Aris Adamantiadis <aris@0xbadc0de.be> 2013-02-20 23:20:44 +0100
committer: Andreas Schneider <asn@cryptomilk.org> 2013-07-13 14:21:36 +0200
commit: 3b52e38a333cb204673b9401b0e895d96d9fb02f (patch)
tree: ff395dc6a182153cde6b2a33cdb40d4982505652 /src/messages.c
parent: 6bb50630462cf20b5d7fa42ef1cc99c8f80ccac9 (diff)
download: libssh-3b52e38a333cb204673b9401b0e895d96d9fb02f.tar.gz
libssh-3b52e38a333cb204673b9401b0e895d96d9fb02f.tar.xz
libssh-3b52e38a333cb204673b9401b0e895d96d9fb02f.zip
1 files changed, 53 insertions, 0 deletions
diff --git a/src/messages.c b/src/messages.c
index 147ab16..a82cb5c 100644
--- a/src/messages.c
+++ b/src/messages.c
@@ -44,6 +44,7 @@
 #include "libssh/messages.h"
 #ifdef WITH_SERVER
 #include "libssh/server.h"
+#include "libssh/gssapi.h"
 #endif
 
 /**
@@ -740,6 +741,54 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
     }
     goto end;
   }
+  if (strncmp(method, "gssapi-with-mic", method_size) == 0) {
+     uint32_t n_oid;
+     ssh_string *oids;
+     ssh_string oid;
+     char *hexa;
+     int i;
+     buffer_get_u32(packet, &n_oid);
+     n_oid=ntohl(n_oid);
+     if(n_oid > 100){
+    	 ssh_set_error(session, SSH_FATAL, "USERAUTH_REQUEST: gssapi-with-mic OID count too big (%d)",n_oid);
+    	 goto error;
+     }
+     ssh_log(session, SSH_LOG_PACKET, "gssapi: %d OIDs", n_oid);
+     oids = calloc(n_oid, sizeof(ssh_string));
+     if (oids == NULL){
+    	 ssh_set_error_oom(session);
+    	 goto error;
+     }
+     for (i=0;i<(int) n_oid;++i){
+    	 oid=buffer_get_ssh_string(packet);
+    	 if(oid == NULL){
+    		 for(i=i-1;i>=0;--i){
+    			 SAFE_FREE(oids[i]);
+    		 }
+    		 SAFE_FREE(oids);
+    		 ssh_set_error(session, SSH_LOG_PACKET, "USERAUTH_REQUEST: gssapi-with-mic missing OID");
+    		 goto error;
+    	 }
+    	 oids[i] = oid;
+    	 if(session->common.log_verbosity >= SSH_LOG_PACKET){
+    		 hexa = ssh_get_hexa(ssh_string_data(oid), ssh_string_len(oid));
+    		 ssh_log(session, SSH_LOG_PACKET,"gssapi: OID %d: %s",i, hexa);
+    		 SAFE_FREE(hexa);
+    	 }
+     }
+     ssh_gssapi_handle_userauth(session, msg->auth_request.username, n_oid, oids);
+
+     for(i=0;i<(int)n_oid;++i){
+    	 SAFE_FREE(oids[i]);
+     }
+     SAFE_FREE(oids);
+     /* bypass the message queue thing */
+     SAFE_FREE(service);
+     SAFE_FREE(method);
+     ssh_message_free(msg);
+     leave_function();
+     return SSH_PACKET_USED;
+  }
 
   msg->auth_request.method = SSH_AUTH_METHOD_UNKNOWN;
   SAFE_FREE(method);
@@ -783,6 +832,10 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){
 
   ssh_message msg = NULL;
 
+  /* GSSAPI_TOKEN has same packed number. XXX fix this */
+  if (session->gssapi != NULL)
+	  return ssh_packet_userauth_gssapi_token(session, type, packet, user);
+
   enter_function();
 
   (void)user;
author	Aris Adamantiadis <aris@0xbadc0de.be>	2013-02-20 23:20:44 +0100
committer	Andreas Schneider <asn@cryptomilk.org>	2013-07-13 14:21:36 +0200
commit	3b52e38a333cb204673b9401b0e895d96d9fb02f (patch)
tree	ff395dc6a182153cde6b2a33cdb40d4982505652 /src/messages.c
parent	6bb50630462cf20b5d7fa42ef1cc99c8f80ccac9 (diff)
download	libssh-3b52e38a333cb204673b9401b0e895d96d9fb02f.tar.gz libssh-3b52e38a333cb204673b9401b0e895d96d9fb02f.tar.xz libssh-3b52e38a333cb204673b9401b0e895d96d9fb02f.zip