int handleoutput( int fd,char*result,int len) { // We are looking for the string int prevmatch=0; // If the "password" prompt is repeated, we have the wrong password. int state1 =0, state2=0,state3=0; const char compare1[]="assword:"; // Asking for a password const char compare2[]="The authenticity of host "; // Asks to authenticate host const char compare3[]="\n"; // Asks to authenticate host // static const char compare3[]="WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"; // Warns about man in the middle attack // The remote identification changed error is sent to stderr, not the tty, so we do not handle it. // This is not a problem, as ssh exists immediately in such a case char buffer[1024]; int ret=0; memset(buffer,0,1024); int numread=read(fd, buffer, sizeof(buffer) ); // Are we at a password prompt? state1=match( compare1, buffer, numread, state1 ); if( compare1[state1]=='\0' ) { if( !prevmatch ) { write_pass( fd ); state1=0; prevmatch=1; return ret; } else { // Wrong password - terminate with proper error code return RETURN_INCORRECT_PASSWORD; } } state2=match( compare2, buffer, numread, state2 ); // Are we being prompted to authenticate the host? if( compare2[state2]=='\0' ) { write( fd, "yes", strlen( "yes" ) ); write( fd, "\n", 1 ); return ret; } if(numread ==2){ state3=match(compare3,buffer,numread, state3 ); if(compare3[state3]=='\0'){ return ret; } } if((numread >0)&&(result != NULL)) { memset(result,0,len); int length = (numread <len)? numread:len; sprintf(result,buffer,length); } return ret; }
int handleoutput( int fd ) { // We are looking for the string static int prevmatch=0; // If the "password" prompt is repeated, we have the wrong password. static int state1, state2; static const char compare1[]="assword:"; // Asking for a password static const char compare2[]="The authenticity of host "; // Asks to authenticate host // static const char compare3[]="WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"; // Warns about man in the middle attack // The remote identification changed error is sent to stderr, not the tty, so we do not handle it. // This is not a problem, as ssh exists immediately in such a case char buffer[40]; int ret=0; int numread=read(fd, buffer, sizeof(buffer) ); state1=match( compare1, buffer, numread, state1 ); // Are we at a password prompt? if( compare1[state1]=='\0' ) { if( !prevmatch ) { write_pass( fd ); state1=0; prevmatch=1; } else { // Wrong password - terminate with proper error code ret=RETURN_INCORRECT_PASSWORD; } } if( ret==0 ) { state2=match( compare2, buffer, numread, state2 ); // Are we being prompted to authenticate the host? if( compare2[state2]=='\0' ) { ret=RETURN_HOST_KEY_UNKNOWN; } } return ret; }
/* * enable privileged mode */ int enable(int argc, char **argv) { char *p, *cpass; char salt[_PASSWORD_LEN]; char pass[_PASSWORD_LEN + 1]; switch (argc) { case 1: if (priv == 1) return 0; /* try to read pass */ if (!(read_pass(pass, sizeof(pass)))) { if (errno == ENOENT) { /* no password file, so enable */ priv = 1; return 1; } else { /* cant read password file */ printf("%% Unable to read password: %s\n", strerror(errno)); return 0; } } p = getpass("Password:"******"%% Password incorrect\n"); return 0; } case 2: if (argv[1][0] == '?') { /* print help */ printf("%% enable\t\t\t\tenable privileged mode\n"); printf("%% enable ?\t\t\t\tShow Options\n"); printf("%% enable secret <password>\t\tSet password" "(plaintext)\n"); printf("%% enable secret <cipher> <hash>\t\tSet" " password(ciphertext)\n"); return 1; } else { printf("%% Invalid argument: %s\n", argv[1]); return 0; } case 3: if (!isprefix(argv[1], "secret")) { printf("%% Invalid argument: %s\n", argv[1]); return 0; } if (priv != 1) { printf("%% Privilege required\n"); return 0; } /* crypt plaintext and save as pass */ strlcpy(pass, argv[2], sizeof(pass)); gen_salt(salt, sizeof(salt)); cpass = strdup(crypt(pass, salt)); return (write_pass(cpass)); case 4: if (!isprefix(argv[1], "secret")) { printf("%% Invalid argument: %s\n", argv[2]); return 0; } if (!isprefix(argv[2], "blowfish")) { printf("%% Invalid cipher: %s\n", argv[3]); return 0; } /* privileged? */ if (priv != 1) { printf("%% Privilege required\n"); return 0; } /* set crypted pass */ strlcpy(pass, argv[3], sizeof(pass)); return (write_pass(pass)); default: printf("%% Too many arguments\n"); return 0; } }