tcl-extensions

Check-in [f199fc11a7]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:keyfile, pubkeyfile as separate args
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | tclssh
Files: files | file ages | folders
SHA1:f199fc11a7a53940e0cf3f66404b74ba6cae91b5
User & Date: aspect 2015-11-12 12:17:12
Context
2015-11-12
12:23
printf error! Leaf check-in: 900a6cd0d8 user: aspect tags: tclssh
12:17
keyfile, pubkeyfile as separate args check-in: f199fc11a7 user: aspect tags: tclssh
11:58
name tclssh2: tests run check-in: ce06857fd9 user: aspect tags: tclssh
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to generic/tclssh2.c.

300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319

320
321
322
323
324
325
326
327
328
329
330
331
332
333
...
344
345
346
347
348
349
350


351
352
353
354
355
356
357



358
359
360
361
362
363
364
...
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
    state->self = Tcl_StackChannel(interp, &sshChannelType, (ClientData)state, (TCL_READABLE | TCL_WRITABLE), chan);

    Tcl_SetResult(interp, (char *) Tcl_GetChannelName(state->self), TCL_VOLATILE);
    return TCL_OK;
}

/*
 * -username xxx -password xxx -keyfile xxx -authcmd xxx
 */
int
SshAuthenticateObjCmd(
        ClientData clientData,
        Tcl_Interp *interp,
        int objc,
        Tcl_Obj *CONST objv[]
) {
    Tcl_Channel chan;
    State *state;
    const char *username;
    const char *password = NULL;

    const char *keyfile = NULL;
    const char *authcmd = NULL;
    int auth_methods = 0;
    
    /** parse arguments */
    if(objc < 5) {
        Tcl_WrongNumArgs(interp, 1, objv, "channel username ?-password xxx? ?-keyfile foo.key? ?-authcmd cmd?");
        return TCL_ERROR;
    }

dprint("Parsing %d args ...\n", objc);

    chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], NULL), NULL); 
    if (chan == (Tcl_Channel) NULL) {
................................................................................
        int len;
        const char* option = Tcl_GetStringFromObj(objv[i], &len);

        if( (len>4) && (strncmp(option, "-password", len)==0) ) {
            password = Tcl_GetStringFromObj(objv[++i], NULL);
        } else if( (len>5) && (strncmp(option, "-authcmd", len)==0) ) {
            authcmd = Tcl_GetStringFromObj(objv[++i], NULL);


        } else if( (len>4) && (strncmp(option, "-keyfile", len)==0) ) {
            keyfile = Tcl_GetStringFromObj(objv[++i], NULL);
        } else {
            Tcl_AppendResult(interp, "Invalid argument", option);
            return TCL_ERROR;
        }
    }




    /** check available authentication methods */
    char* userauthlist = strdup(libssh2_userauth_list(state->session, username, strlen(username))); // FIXME: ckalloc()?
dprint("Checking auth methods against %s\n", userauthlist);

    if (strstr(userauthlist, "password") != NULL) {
        if(password) auth_methods |= 1;
................................................................................
    }

    /** attempt authentication */
    char *errMsg;
    int err;

    if (auth_methods & 4) {
dprint("Attempting key auth using %s\n", keyfile);
        if ((err = libssh2_userauth_publickey_fromfile(state->session, username, NULL, keyfile, password))) {
            libssh2_session_last_error(state->session, &errMsg, NULL, 0);
            Tcl_AppendResult(interp, "Authentication by publickey failed", errMsg, NULL);
            return TCL_ERROR;
        }
    } else if (auth_methods & 2) {
dprint("Attempting interactive auth using %s\n", keyfile);
        Tcl_AppendResult(interp, "Authentication by keyboard-interactive not supported", errMsg, NULL);







|












>






|







 







>
>







>
>
>







 







|
|







300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
...
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
...
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
    state->self = Tcl_StackChannel(interp, &sshChannelType, (ClientData)state, (TCL_READABLE | TCL_WRITABLE), chan);

    Tcl_SetResult(interp, (char *) Tcl_GetChannelName(state->self), TCL_VOLATILE);
    return TCL_OK;
}

/*
 * -username xxx -password xxx -pubkeyfile xxx -keyfile xxx -authcmd xxx
 */
int
SshAuthenticateObjCmd(
        ClientData clientData,
        Tcl_Interp *interp,
        int objc,
        Tcl_Obj *CONST objv[]
) {
    Tcl_Channel chan;
    State *state;
    const char *username;
    const char *password = NULL;
    const char *pubkeyfile = NULL;
    const char *keyfile = NULL;
    const char *authcmd = NULL;
    int auth_methods = 0;
    
    /** parse arguments */
    if(objc < 5) {
        Tcl_WrongNumArgs(interp, 1, objv, "channel username ?-password xxx? ?-pubkeyfile xxx? ?-keyfile foo.key? ?-authcmd cmd?");
        return TCL_ERROR;
    }

dprint("Parsing %d args ...\n", objc);

    chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], NULL), NULL); 
    if (chan == (Tcl_Channel) NULL) {
................................................................................
        int len;
        const char* option = Tcl_GetStringFromObj(objv[i], &len);

        if( (len>4) && (strncmp(option, "-password", len)==0) ) {
            password = Tcl_GetStringFromObj(objv[++i], NULL);
        } else if( (len>5) && (strncmp(option, "-authcmd", len)==0) ) {
            authcmd = Tcl_GetStringFromObj(objv[++i], NULL);
        } else if( (len>4) && (strncmp(option, "-pubkeyfile", len)==0) ) {
            pubkeyfile = Tcl_GetStringFromObj(objv[++i], NULL);
        } else if( (len>4) && (strncmp(option, "-keyfile", len)==0) ) {
            keyfile = Tcl_GetStringFromObj(objv[++i], NULL);
        } else {
            Tcl_AppendResult(interp, "Invalid argument", option);
            return TCL_ERROR;
        }
    }
    if(pubkeyfile == NULL) {
        pubkeyfile = keyfile;
    }

    /** check available authentication methods */
    char* userauthlist = strdup(libssh2_userauth_list(state->session, username, strlen(username))); // FIXME: ckalloc()?
dprint("Checking auth methods against %s\n", userauthlist);

    if (strstr(userauthlist, "password") != NULL) {
        if(password) auth_methods |= 1;
................................................................................
    }

    /** attempt authentication */
    char *errMsg;
    int err;

    if (auth_methods & 4) {
dprint("Attempting key auth using %s, %s\n", keyfile);
        if ((err = libssh2_userauth_publickey_fromfile(state->session, username, pubkeyfile, keyfile, password))) {
            libssh2_session_last_error(state->session, &errMsg, NULL, 0);
            Tcl_AppendResult(interp, "Authentication by publickey failed", errMsg, NULL);
            return TCL_ERROR;
        }
    } else if (auth_methods & 2) {
dprint("Attempting interactive auth using %s\n", keyfile);
        Tcl_AppendResult(interp, "Authentication by keyboard-interactive not supported", errMsg, NULL);