static int authenticate(ssh_session session) {
ssh_message message;
name = "\n\nKeyboard-Interactive Fancy Authentication\n";
instruction = "Please enter your real name and your password";
prompts[0] = "Real name: ";
prompts[1] = "Password: "******"User %s wants to auth with pass %s\n",
ssh_message_auth_user(message),
ssh_message_auth_password(message));
if(auth_password(ssh_message_auth_user(message),
ssh_message_auth_password(message))){
ssh_message_auth_reply_success(message,0);
ssh_message_free(message);
return 1;
}
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
// not authenticated, send default message
ssh_message_reply_default(message);
break;
case SSH_AUTH_METHOD_INTERACTIVE:
if(!ssh_message_auth_kbdint_is_response(message)) {
printf("User %s wants to auth with kbdint\n",
ssh_message_auth_user(message));
ssh_message_auth_interactive_request(message, name,
instruction, 2, prompts, echo);
} else {
if(kbdint_check_response(session)) {
ssh_message_auth_reply_success(message,0);
ssh_message_free(message);
return 1;
}
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
}
break;
case SSH_AUTH_METHOD_NONE:
default:
printf("User %s wants to auth with unknown auth %d\n",
ssh_message_auth_user(message),
ssh_message_subtype(message));
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
break;
}
break;
default:
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
}
ssh_message_free(message);
} while (1);
return 0;
}
static int
auth_interactive (ssh_session session,
ssh_message message,
gint *round)
{
static const char *prompts[2] = { "Password", "Token" };
static char echo[] = { 0, 1 };
static const char *again[1] = { "So Close" };
static char again_echo[] = { 0 };
const char *token;
int ret = FAILED;
gint count = 0;
gint spot = *round;
/* wait for a shell */
switch (spot)
{
case 0:
if (g_str_equal (ssh_message_auth_user (message), state.user))
{
ssh_message_auth_interactive_request (message, "Test Interactive",
state.multi_step ? "Password and Token" : "Password",
state.multi_step ? 2 : 1,
prompts, echo);
ret = MORE;
}
break;
case 1:
count = ssh_userauth_kbdint_getnanswers(session);
if (state.multi_step && count != 2)
goto out;
else if (!state.multi_step && count != 1)
goto out;
if (!g_str_equal (ssh_userauth_kbdint_getanswer(session, 0), state.password))
goto out;
if (state.multi_step)
{
token = ssh_userauth_kbdint_getanswer(session, 1);
if (g_str_equal (token, "5"))
{
ret = SUCCESS;
}
else if (g_str_equal (token, "6"))
{
ssh_message_auth_interactive_request (message, "Test Interactive",
"Again", 1, again, again_echo);
ret = MORE;
}
}
else
{
ret = SUCCESS;
}
break;
case 2:
count = ssh_userauth_kbdint_getnanswers(session);
if (count != 1)
goto out;
if (g_str_equal (ssh_userauth_kbdint_getanswer(session, 0), "5"))
ret = SUCCESS;
}
out:
if (ret == MORE)
*round = spot + 1;
return ret;
}
