1f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* 2f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Dropbear SSH 3f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 4f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Copyright (c) 2002,2003 Matt Johnston 5f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * All rights reserved. 6f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 7f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Permission is hereby granted, free of charge, to any person obtaining a copy 8f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * of this software and associated documentation files (the "Software"), to deal 9f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * in the Software without restriction, including without limitation the rights 10f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * copies of the Software, and to permit persons to whom the Software is 12f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * furnished to do so, subject to the following conditions: 13f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 14f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * The above copyright notice and this permission notice shall be included in 15f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * all copies or substantial portions of the Software. 16f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 17f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * SOFTWARE. */ 24f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 25f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#include "includes.h" 26f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#include "buffer.h" 27f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#include "dbutil.h" 28f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#include "session.h" 29f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#include "ssh.h" 30f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#include "runopts.h" 31f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 32f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifdef ENABLE_CLI_PASSWORD_AUTH 33f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 34f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifdef ENABLE_CLI_ASKPASS_HELPER 35f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Returns 1 if we want to use the askpass program, 0 otherwise */ 36f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Projectstatic int want_askpass() 37f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project{ 38f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project char* askpass_prog = NULL; 39f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 40f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project askpass_prog = getenv("SSH_ASKPASS"); 41f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return askpass_prog && !isatty(STDIN_FILENO) && getenv("DISPLAY"); 42f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project} 43f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 44f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* returns a statically allocated password from a helper app, or NULL 45f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * on failure */ 46f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Projectstatic char *gui_getpass(const char *prompt) { 47f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 48f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project pid_t pid; 49f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project int p[2], maxlen, len, status; 50f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project static char buf[DROPBEAR_MAX_CLI_PASS + 1]; 51f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project char* helper = NULL; 52f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 53f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("enter gui_getpass")) 54f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 55f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project helper = getenv("SSH_ASKPASS"); 56f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (!helper) 57f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project { 58f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("leave gui_getpass: no askpass program")) 59f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return NULL; 60f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 61f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 62f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (pipe(p) < 0) { 63f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("error creating child pipe")) 64f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return NULL; 65f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 66f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 67f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project pid = fork(); 68f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 69f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (pid < 0) { 70f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("fork error")) 71f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return NULL; 72f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 73f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 74f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (!pid) { 75f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* child */ 76f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project close(p[0]); 77f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (dup2(p[1], STDOUT_FILENO) < 0) { 78f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("error redirecting stdout")) 79f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project exit(1); 80f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 81f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project close(p[1]); 82f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project execlp(helper, helper, prompt, (char *)0); 83f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("execlp error")) 84f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project exit(1); 85f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 86f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 87f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project close(p[1]); 88f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project maxlen = sizeof(buf); 89f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project while (maxlen > 0) { 90f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project len = read(p[0], buf + sizeof(buf) - maxlen, maxlen); 91f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (len > 0) { 92f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project maxlen -= len; 93f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } else { 94f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (errno != EINTR) 95f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project break; 96f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 97f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 98f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 99f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project close(p[0]); 100f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 101f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project while (waitpid(pid, &status, 0) < 0 && errno == EINTR) 102f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project ; 103f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) 104f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return(NULL); 105f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 106f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project len = sizeof(buf) - maxlen; 107f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf[len] = '\0'; 108f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (len > 0 && buf[len - 1] == '\n') 109f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf[len - 1] = '\0'; 110f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 111f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("leave gui_getpass")) 112f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return(buf); 113f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project} 114f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif /* ENABLE_CLI_ASKPASS_HELPER */ 115f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 116f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Projectvoid cli_auth_password() { 117f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 118f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project char* password = NULL; 119f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project char prompt[80]; 120f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 121f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("enter cli_auth_password")) 122f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project CHECKCLEARTOWRITE(); 123f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 124f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project snprintf(prompt, sizeof(prompt), "%s@%s's password: ", 125f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project cli_opts.username, cli_opts.remotehost); 126f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifdef ENABLE_CLI_ASKPASS_HELPER 127f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (want_askpass()) 128f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project password = gui_getpass(prompt); 129f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project else 130f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 131f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project password = getpass_or_cancel(prompt); 132f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 133f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); 134f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 135f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf_putstring(ses.writepayload, cli_opts.username, 136f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project strlen(cli_opts.username)); 137f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 138f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, 139f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project SSH_SERVICE_CONNECTION_LEN); 140f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 141f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD, 142f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project AUTH_METHOD_PASSWORD_LEN); 143f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 144f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf_putbyte(ses.writepayload, 0); /* FALSE - so says the spec */ 145f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 146f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project buf_putstring(ses.writepayload, password, strlen(password)); 147f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 148f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project encrypt_packet(); 149f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project m_burn(password, strlen(password)); 150f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 151f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project TRACE(("leave cli_auth_password")) 152f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project} 153f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif /* ENABLE_CLI_PASSWORD_AUTH */ 154