Added password only flag or auth callback.

2008-08-08 17:28:33 +02:00 · 2008-08-08 17:28:33 +02:00 · ae304565af
--- a/client/csync_client.c
+++ b/client/csync_client.c
@ -157,9 +157,10 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state) {
  return 0;
 }

-static void csync_auth_fn(char *usr, size_t usrlen, char *pwd, size_t pwdlen) {
+static void csync_auth_fn(char *usr, size_t usrlen, char *pwd, size_t pwdlen, int pwonly) {
  char tmp[256] = {0};

+  if (!pwonly) {
    /* get username */
    snprintf(tmp, 255, "Username: [%s] ", usr);
    csync_text_prompt(tmp, tmp, 255);
@ -171,6 +172,7 @@ static void csync_auth_fn(char *usr, size_t usrlen, char *pwd, size_t pwdlen) {
    if (tmp[0] != '\0') {
      strncpy(usr, tmp, usrlen - 1);
    }
+  }

  /* get password */
  csync_password_prompt("Password: ", pwd, pwdlen, 0);
--- a/modules/csync_sftp.c
+++ b/modules/csync_sftp.c
@ -50,21 +50,35 @@ SFTP_SESSION *sftp_session;
 csync_auth_callback auth_cb;

 static int auth_kbdint(SSH_SESSION *session){
-  char *name, *instruction, *prompt, *ptr;
-  char buffer[128];
-  int err, i, n;
-  char echo;
+  char *name = NULL;
+  char *instruction = NULL;
+  char *prompt = NULL;
+  char *ptr;
+  char user[256] = {0};
+  char passwd[256] = {0};
+  char buffer[128] = {0};
+  int err = SSH_AUTH_ERROR;

  err = ssh_userauth_kbdint(session, NULL, NULL);
  while (err == SSH_AUTH_INFO) {
+    int n = 0;
+    int i = 0;
+
    name = ssh_userauth_kbdint_getname(session);
    instruction = ssh_userauth_kbdint_getinstruction(session);
    n = ssh_userauth_kbdint_getnprompts(session);
-    if(strlen(name)>0)
+
+    if (strlen(name) > 0) {
      printf("%s\n", name);
-    if(strlen(instruction)>0)
+    }
+
+    if (strlen(instruction) > 0) {
      printf("%s\n", instruction);
+    }
+
    for (i = 0; i < n; ++i) {
+      char echo;
+
      prompt = ssh_userauth_kbdint_getprompt(session, i, &echo);
      if (echo) {
        printf("%s", prompt);
@ -73,14 +87,17 @@ static int auth_kbdint(SSH_SESSION *session){
        if ((ptr = strchr(buffer, '\n')))
          *ptr = 0;
        ssh_userauth_kbdint_setanswer(session, i, buffer);
-        memset(buffer,0,strlen(buffer));
+        ZERO_STRUCT(buffer);
      } else {
-        ptr=getpass(prompt);
-        ssh_userauth_kbdint_setanswer(session,i,ptr);
+        (*auth_cb) (user, 255, passwd, 255, 1);
+        ssh_userauth_kbdint_setanswer(session, i, passwd);
      }
    }
    err = ssh_userauth_kbdint(session, NULL, NULL);
  }
+
+  ZERO_STRUCT(passwd);
+
  return err;
 }

@ -250,8 +267,6 @@ static int _sftp_connect(const char *uri) {
  char *host = NULL;
  char *port = NULL;
  char *path = NULL;
-  char un[256] = {0};
-  char pw[256] = {0};
  unsigned char hash[MD5_DIGEST_LEN];
  int rc = -1;
  int auth = SSH_AUTH_ERROR;
@ -366,9 +381,11 @@ static int _sftp_connect(const char *uri) {
  /* authenticate with the server */
  if (*passwd) {
    DEBUG_SFTP(("csync_sftp - authenticating with user/password\n"));
-    DEBUG_SFTP(("csync_sftp - user = %s, password = %s\n", user, passwd));
+    /*
+     * This is tunneled cleartext password authentication and possibly needs
+     * to be allowed by the ssh server. Set 'PasswordAuthentication yes'
+     */
    auth = ssh_userauth_password(ssh_session, user, passwd);
-    DEBUG_SFTP(("csync_sftp - auth = %d\n", auth));
  } else {
    DEBUG_SFTP(("csync_sftp - authenticating with pubkey\n"));
    auth = ssh_userauth_autopubkey(ssh_session);
@ -385,6 +402,7 @@ static int _sftp_connect(const char *uri) {
  }

  if (auth != SSH_AUTH_SUCCESS) {
+    if (auth_cb != NULL) {
      auth = auth_kbdint(ssh_session);
      if (auth == SSH_AUTH_ERROR) {
        fprintf(stderr,"csync_sftp - authentication failed: %s\n",
@ -395,22 +413,7 @@ static int _sftp_connect(const char *uri) {
        rc = -1;
        goto out;
      }
-  }
-
-  if (auth != SSH_AUTH_SUCCESS) {
-    if (*user) {
-      strncpy(un, user, 256);
-    }
-
-    if (auth_cb != NULL) {
-      (*auth_cb) (un, 256, pw, 256);
-    }
-
-    auth = ssh_userauth_password(ssh_session, un, pw);
-
-    if (auth != SSH_AUTH_SUCCESS) {
-        fprintf(stderr,"csync_sftp - authentication failed: %s\n",
-            ssh_get_error(ssh_session));
+    } else {
      ssh_disconnect(ssh_session);
      ssh_session = NULL;
      ssh_finalize();
@ -778,6 +781,8 @@ static int _rename(const char *olduri, const char *newuri) {
    goto out;
  }

+  /* FIXME: workaround cause, sftp_rename can't overwrite */
+  sftp_rm(sftp_session, newpath);
  rc = sftp_rename(sftp_session, oldpath, newpath);

 out:
@ -842,7 +847,7 @@ static int _chmod(const char *uri, mode_t mode) {
  attrs.permissions = mode;
  attrs.flags |= SSH_FILEXFER_ATTR_PERMISSIONS;

-  sftp_setstat(sftp_session, path, &attrs);
+  rc = sftp_setstat(sftp_session, path, &attrs);

 out:
  SAFE_FREE(user);
@ -877,7 +882,7 @@ static int _chown(const char *uri, uid_t owner, gid_t group) {
  attrs.gid = group;
  attrs.flags |= SSH_FILEXFER_ATTR_OWNERGROUP;

-  sftp_setstat(sftp_session, path, &attrs);
+  rc = sftp_setstat(sftp_session, path, &attrs);

 out:
  SAFE_FREE(user);
--- a/modules/csync_smb.c
+++ b/modules/csync_smb.c
@ -76,7 +76,7 @@ static void get_auth_data_with_context_fn(SMBCCTX *c,
  /* Call the passwort prompt */
  if (auth_cb != NULL) {
    DEBUG_SMB(("csync_smb - execute authentication callback\n"));
-    (*auth_cb) (un, unlen, pw, pwlen);
+    (*auth_cb) (un, unlen, pw, pwlen, 0);
  }

  DEBUG_SMB(("csync_smb - user=%s, workgroup=%s, server=%s, share=%s\n",
--- a/src/csync.h
+++ b/src/csync.h
@ -54,7 +54,7 @@ extern "C" {
 #define CSYNC_EXCLUDE_FILE "csync_exclude.conf"
 #define CSYNC_LOCK_FILE "lock"

-typedef void (*csync_auth_callback) (char *usr, size_t usrlen, char *pwd, size_t pwlen);
+typedef void (*csync_auth_callback) (char *usr, size_t usrlen, char *pwd, size_t pwlen, int pwonly);

 /**
 * csync handle