[dumload.git] / src / com / jcraft / jsch / UserAuthPassword.java

/* -*-mode:java; c-basic-offset:2; indent-tabs-mode:nil -*- */
/*
Copyright (c) 2002-2010 ymnk, JCraft,Inc. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:

  1. Redistributions of source code must retain the above copyright notice,
     this list of conditions and the following disclaimer.

  2. Redistributions in binary form must reproduce the above copyright 
     notice, this list of conditions and the following disclaimer in 
     the documentation and/or other materials provided with the distribution.

  3. The names of the authors may not be used to endorse or promote products
     derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

package com.jcraft.jsch;

class UserAuthPassword extends UserAuth{
  private final int SSH_MSG_USERAUTH_PASSWD_CHANGEREQ=60;

  public boolean start(Session session) throws Exception{
    super.start(session);

    byte[] password=session.password;
    String dest=username+"@"+session.host;
    if(session.port!=22){
      dest+=(":"+session.port);
    }

    try{

    while(true){
      if(password==null){
	if(userinfo==null){
	  //throw new JSchException("USERAUTH fail");
	  return false;
	}
	if(!userinfo.promptPassword("Password for "+dest)){
	  throw new JSchAuthCancelException("password");
	  //break;
	}

	String _password=userinfo.getPassword();
	if(_password==null){
	  throw new JSchAuthCancelException("password");
	  //break;
	}
        password=Util.str2byte(_password);
      }

      byte[] _username=null;
      _username=Util.str2byte(username);

      // send
      // byte      SSH_MSG_USERAUTH_REQUEST(50)
      // string    user name
      // string    service name ("ssh-connection")
      // string    "password"
      // boolen    FALSE
      // string    plaintext password (ISO-10646 UTF-8)
      packet.reset();
      buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
      buf.putString(_username);
      buf.putString(Util.str2byte("ssh-connection"));
      buf.putString(Util.str2byte("password"));
      buf.putByte((byte)0);
      buf.putString(password);
      session.write(packet);

      loop:
      while(true){
	buf=session.read(buf);
        int command=buf.getCommand()&0xff;

	if(command==SSH_MSG_USERAUTH_SUCCESS){
	  return true;
	}
	if(command==SSH_MSG_USERAUTH_BANNER){
	  buf.getInt(); buf.getByte(); buf.getByte();
	  byte[] _message=buf.getString();
	  byte[] lang=buf.getString();
          String message=Util.byte2str(_message);
	  if(userinfo!=null){
	    userinfo.showMessage(message);
	  }
	  continue loop;
	}
	if(command==SSH_MSG_USERAUTH_PASSWD_CHANGEREQ){
	  buf.getInt(); buf.getByte(); buf.getByte(); 
	  byte[] instruction=buf.getString();
	  byte[] tag=buf.getString();
	  if(userinfo==null || 
             !(userinfo instanceof UIKeyboardInteractive)){
            if(userinfo!=null){
              userinfo.showMessage("Password must be changed.");
            }
            return false;
          }

          UIKeyboardInteractive kbi=(UIKeyboardInteractive)userinfo;
          String[] response;
          String name="Password Change Required";
          String[] prompt={"New Password: "};
          boolean[] echo={false};
          response=kbi.promptKeyboardInteractive(dest,
                                                 name,
                                                 Util.byte2str(instruction),
                                                 prompt,
                                                 echo);
          if(response==null){
            throw new JSchAuthCancelException("password");
          }

          byte[] newpassword=Util.str2byte(response[0]);

          // send
          // byte      SSH_MSG_USERAUTH_REQUEST(50)
          // string    user name
          // string    service name ("ssh-connection")
          // string    "password"
          // boolen    TRUE
          // string    plaintext old password (ISO-10646 UTF-8)
          // string    plaintext new password (ISO-10646 UTF-8)
          packet.reset();
          buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
          buf.putString(_username);
          buf.putString(Util.str2byte("ssh-connection"));
          buf.putString(Util.str2byte("password"));
          buf.putByte((byte)1);
          buf.putString(password);
          buf.putString(newpassword);
          Util.bzero(newpassword);
          response=null;
          session.write(packet);
	  continue loop;
        }
	if(command==SSH_MSG_USERAUTH_FAILURE){
	  buf.getInt(); buf.getByte(); buf.getByte(); 
	  byte[] foo=buf.getString();
	  int partial_success=buf.getByte();
	  //System.err.println(new String(foo)+
	  //		 " partial_success:"+(partial_success!=0));
	  if(partial_success!=0){
	    throw new JSchPartialAuthException(Util.byte2str(foo));
	  }
	  break;
	}
	else{
          //System.err.println("USERAUTH fail ("+buf.getCommand()+")");
//	  throw new JSchException("USERAUTH fail ("+buf.getCommand()+")");
	  return false;
	}
      }

      if(password!=null){
        Util.bzero(password);
        password=null;
      }

    }

    }
    finally{
      if(password!=null){
        Util.bzero(password);
        password=null;
      }
    }

    //throw new JSchException("USERAUTH fail");
    //return false;
  }
}
Commit	Line	Data
0763e16d JW	1	/* --mode:java; c-basic-offset:2; indent-tabs-mode:nil -- */
	2	/*
	3	Copyright (c) 2002-2010 ymnk, JCraft,Inc. All rights reserved.
	4
	5	Redistribution and use in source and binary forms, with or without
	6	modification, are permitted provided that the following conditions are met:
	7
	8	1. Redistributions of source code must retain the above copyright notice,
	9	this list of conditions and the following disclaimer.
	10
	11	2. Redistributions in binary form must reproduce the above copyright
	12	notice, this list of conditions and the following disclaimer in
	13	the documentation and/or other materials provided with the distribution.
	14
	15	3. The names of the authors may not be used to endorse or promote products
	16	derived from this software without specific prior written permission.
	17
	18	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
	19	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
	20	FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
	21	INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
	22	INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	23	LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
	24	OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
	25	LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	26	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	27	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	28	*/
	29
	30	package com.jcraft.jsch;
	31
	32	class UserAuthPassword extends UserAuth{
	33	private final int SSH_MSG_USERAUTH_PASSWD_CHANGEREQ=60;
	34
	35	public boolean start(Session session) throws Exception{
	36	super.start(session);
	37
	38	byte[] password=session.password;
	39	String dest=username+"@"+session.host;
	40	if(session.port!=22){
	41	dest+=(":"+session.port);
	42	}
	43
	44	try{
	45
	46	while(true){
	47	if(password==null){
	48	if(userinfo==null){
	49	//throw new JSchException("USERAUTH fail");
	50	return false;
	51	}
	52	if(!userinfo.promptPassword("Password for "+dest)){
	53	throw new JSchAuthCancelException("password");
	54	//break;
	55	}
	56
	57	String _password=userinfo.getPassword();
	58	if(_password==null){
	59	throw new JSchAuthCancelException("password");
	60	//break;
	61	}
	62	password=Util.str2byte(_password);
	63	}
	64
65	byte[] _username=null;
66	_username=Util.str2byte(username);
67
68	// send
69	// byte SSH_MSG_USERAUTH_REQUEST(50)
70	// string user name
71	// string service name ("ssh-connection")
72	// string "password"
73	// boolen FALSE
74	// string plaintext password (ISO-10646 UTF-8)
75	packet.reset();
76	buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
77	buf.putString(_username);
78	buf.putString(Util.str2byte("ssh-connection"));
79	buf.putString(Util.str2byte("password"));
80	buf.putByte((byte)0);
81	buf.putString(password);
82	session.write(packet);
83
84	loop:
85	while(true){
86	buf=session.read(buf);
87	int command=buf.getCommand()&0xff;
88
89	if(command==SSH_MSG_USERAUTH_SUCCESS){
90	return true;
91	}
92	if(command==SSH_MSG_USERAUTH_BANNER){
93	buf.getInt(); buf.getByte(); buf.getByte();
94	byte[] _message=buf.getString();
95	byte[] lang=buf.getString();
96	String message=Util.byte2str(_message);
97	if(userinfo!=null){
98	userinfo.showMessage(message);
99	}
100	continue loop;
101	}
102	if(command==SSH_MSG_USERAUTH_PASSWD_CHANGEREQ){
103	buf.getInt(); buf.getByte(); buf.getByte();
104	byte[] instruction=buf.getString();
105	byte[] tag=buf.getString();
106	if(userinfo==null \|\|
107	!(userinfo instanceof UIKeyboardInteractive)){
108	if(userinfo!=null){
109	userinfo.showMessage("Password must be changed.");
110	}
111	return false;
112	}
113
114	UIKeyboardInteractive kbi=(UIKeyboardInteractive)userinfo;
115	String[] response;
116	String name="Password Change Required";
117	String[] prompt={"New Password: "};
118	boolean[] echo={false};
119	response=kbi.promptKeyboardInteractive(dest,
120	name,
121	Util.byte2str(instruction),
122	prompt,
123	echo);
124	if(response==null){
125	throw new JSchAuthCancelException("password");
126	}
127
128	byte[] newpassword=Util.str2byte(response[0]);
129
130	// send
131	// byte SSH_MSG_USERAUTH_REQUEST(50)
132	// string user name
133	// string service name ("ssh-connection")
134	// string "password"
135	// boolen TRUE
136	// string plaintext old password (ISO-10646 UTF-8)
137	// string plaintext new password (ISO-10646 UTF-8)
138	packet.reset();
139	buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
140	buf.putString(_username);
141	buf.putString(Util.str2byte("ssh-connection"));
142	buf.putString(Util.str2byte("password"));
143	buf.putByte((byte)1);
144	buf.putString(password);
145	buf.putString(newpassword);
146	Util.bzero(newpassword);
147	response=null;
148	session.write(packet);
149	continue loop;
150	}
151	if(command==SSH_MSG_USERAUTH_FAILURE){
152	buf.getInt(); buf.getByte(); buf.getByte();
153	byte[] foo=buf.getString();
154	int partial_success=buf.getByte();
155	//System.err.println(new String(foo)+
156	// " partial_success:"+(partial_success!=0));
157	if(partial_success!=0){
158	throw new JSchPartialAuthException(Util.byte2str(foo));
159	}
160	break;
161	}
162	else{
163	//System.err.println("USERAUTH fail ("+buf.getCommand()+")");
164	// throw new JSchException("USERAUTH fail ("+buf.getCommand()+")");
165	return false;
166	}
167	}
168
169	if(password!=null){
170	Util.bzero(password);
171	password=null;
172	}
173
174	}
175
176	}
177	finally{
178	if(password!=null){
179	Util.bzero(password);
180	password=null;
181	}
182	}
183
184	//throw new JSchException("USERAUTH fail");
185	//return false;
186	}
187	}