Skip to content

Commit

Permalink
Implement cli pubkey auth with Event
Browse files Browse the repository at this point in the history
  • Loading branch information
mkj committed Jun 2, 2024
1 parent fab8cca commit 9902847
Show file tree
Hide file tree
Showing 11 changed files with 345 additions and 226 deletions.
28 changes: 21 additions & 7 deletions async/src/cmdline_client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -257,21 +257,35 @@ impl CmdlineClient {
let ev = cli.progress(&mut ph).await?;
// Note that while ph is held, calls to cli will block.
match ev {
CliEvent::Hostkey(h) => {
let key = h.hostkey()?;
match knownhosts::check_known_hosts(&self.host, self.port, &key) {
Ok(()) => h.accept(),
Err(_e) => h.reject(),
}?;
}
CliEvent::Username(u) => {
u.respond(&self.username)?;
u.username(&self.username)?;
}
CliEvent::Password(p) => {
let pw = rpassword::prompt_password(format!(
"password for {}: ", self.username))?;
p.password(pw)?;
}
CliEvent::Hostkey(h) => {
let key = h.hostkey()?;
match knownhosts::check_known_hosts(&self.host, self.port, &key) {
Ok(()) => h.accept(),
Err(_e) => h.reject(),
CliEvent::Pubkey(p) => {
if let Some(k) = self.authkeys.pop_front() {
p.pubkey(k)
} else {
p.skip()
}?;
}
CliEvent::AgentSign(k) => {
let agent = self.agent.as_mut().expect("agent keys without agent?");
let key = k.key()?;
let msg = k.message()?;
let sig = agent.sign_auth(key, &msg).await?;
k.signed(&sig)?;
}
CliEvent::Authenticated => {
debug!("Authentication succeeded");
// drop it so we can use cli
Expand Down Expand Up @@ -302,7 +316,7 @@ impl CmdlineClient {

let prog_loop = async {
let e = prog_loop.await;
debug!("loop done, {e:?}");
debug!("loop done, {e:#?}");
e
};

Expand Down
8 changes: 4 additions & 4 deletions src/auth.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,23 +21,23 @@ use kex::SessId;
#[derive(Debug)]
pub struct AuthSigMsg<'a> {
pub(crate) sess_id: BinString<'a>,
pub(crate) u: &'a packets::UserauthRequest<'a>,
pub(crate) u: packets::UserauthRequest<'a>,
}

impl SSHEncode for &AuthSigMsg<'_> {
impl SSHEncode for AuthSigMsg<'_> {
fn enc(&self, s: &mut dyn sshwire::SSHSink) -> WireResult<()> {
self.sess_id.enc(s)?;

let m = packets::MessageNumber::SSH_MSG_USERAUTH_REQUEST as u8;
m.enc(s)?;

(*self.u).enc(s)?;
self.u.enc(s)?;
Ok(())
}
}

impl<'a> AuthSigMsg<'a> {
pub(crate) fn new(u: &'a packets::UserauthRequest<'a>, sess_id: &'a SessId) -> Self {
pub(crate) fn new(u: packets::UserauthRequest<'a>, sess_id: &'a SessId) -> Self {
auth::AuthSigMsg {
sess_id: BinString(sess_id.as_ref()),
u,
Expand Down
9 changes: 9 additions & 0 deletions src/channel.rs
Original file line number Diff line number Diff line change
Expand Up @@ -913,6 +913,15 @@ pub struct CliSessionOpener<'g, 'a> {
}

impl<'g, 'a> CliSessionOpener<'g, 'a> {

/// Returns the channel associated with this session.
///
/// This will match that previously returned from [`Runner::cli_session_opener`]
/// or `SSHClient::open_session_pty()` (or `_nopty()`)
pub fn channel(&self) -> ChanNum {
self.ch.num()
}

/// Requests a Pseudo-TTY for the channel.
///
/// This must be sent prior to requesting a shell or command.
Expand Down
Loading

0 comments on commit 9902847

Please sign in to comment.