src/com/jcraft/jsch/UserAuthPassword.java

   1 /* -*-mode:java; c-basic-offset:2; indent-tabs-mode:nil -*- */
   2 /*
   3 Copyright (c) 2002-2010 ymnk, JCraft,Inc. All rights reserved.
   4
   5 Redistribution and use in source and binary forms, with or without
   6 modification, are permitted provided that the following conditions are met:
   7
   8   1. Redistributions of source code must retain the above copyright notice,
   9      this list of conditions and the following disclaimer.
  10
  11   2. Redistributions in binary form must reproduce the above copyright
  12      notice, this list of conditions and the following disclaimer in
  13      the documentation and/or other materials provided with the distribution.
  14
  15   3. The names of the authors may not be used to endorse or promote products
  16      derived from this software without specific prior written permission.
  17
  18 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
  19 INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
  20 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
  21 INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
  22 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  23 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
  24 OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  25 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  26 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
  27 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  28 */
  29
  30 package com.jcraft.jsch;
  31
  32 class UserAuthPassword extends UserAuth{
  33   private final int SSH_MSG_USERAUTH_PASSWD_CHANGEREQ=60;
  34
  35   public boolean start(Session session) throws Exception{
  36     super.start(session);
  37
  38     byte[] password=session.password;
  39     String dest=username+"@"+session.host;
  40     if(session.port!=22){
  41       dest+=(":"+session.port);
  42     }
  43
  44     try{
  45
  46     while(true){
  47       if(password==null){
  48         if(userinfo==null){
  49           //throw new JSchException("USERAUTH fail");
  50           return false;
  51         }
  52         if(!userinfo.promptPassword("Password for "+dest)){
  53           throw new JSchAuthCancelException("password");
  54           //break;
  55         }
  56
  57         String _password=userinfo.getPassword();
  58         if(_password==null){
  59           throw new JSchAuthCancelException("password");
  60           //break;
  61         }
  62         password=Util.str2byte(_password);
  63       }
  64
  65       byte[] _username=null;
  66       _username=Util.str2byte(username);
  67
  68       // send
  69       // byte      SSH_MSG_USERAUTH_REQUEST(50)
  70       // string    user name
  71       // string    service name ("ssh-connection")
  72       // string    "password"
  73       // boolen    FALSE
  74       // string    plaintext password (ISO-10646 UTF-8)
  75       packet.reset();
  76       buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
  77       buf.putString(_username);
  78       buf.putString(Util.str2byte("ssh-connection"));
  79       buf.putString(Util.str2byte("password"));
  80       buf.putByte((byte)0);
  81       buf.putString(password);
  82       session.write(packet);
  83
  84       loop:
  85       while(true){
  86         buf=session.read(buf);
  87         int command=buf.getCommand()&0xff;
  88
  89         if(command==SSH_MSG_USERAUTH_SUCCESS){
  90           return true;
  91         }
  92         if(command==SSH_MSG_USERAUTH_BANNER){
  93           buf.getInt(); buf.getByte(); buf.getByte();
  94           byte[] _message=buf.getString();
  95           byte[] lang=buf.getString();
  96           String message=Util.byte2str(_message);
  97           if(userinfo!=null){
  98             userinfo.showMessage(message);
  99           }
 100           continue loop;
 101         }
 102         if(command==SSH_MSG_USERAUTH_PASSWD_CHANGEREQ){
 103           buf.getInt(); buf.getByte(); buf.getByte();
 104           byte[] instruction=buf.getString();
 105           byte[] tag=buf.getString();
 106           if(userinfo==null ||
 107              !(userinfo instanceof UIKeyboardInteractive)){
 108             if(userinfo!=null){
 109               userinfo.showMessage("Password must be changed.");
 110             }
 111             return false;
 112           }
 113
 114           UIKeyboardInteractive kbi=(UIKeyboardInteractive)userinfo;
 115           String[] response;
 116           String name="Password Change Required";
 117           String[] prompt={"New Password: "};
 118           boolean[] echo={false};
 119           response=kbi.promptKeyboardInteractive(dest,
 120                                                  name,
 121                                                  Util.byte2str(instruction),
 122                                                  prompt,
 123                                                  echo);
 124           if(response==null){
 125             throw new JSchAuthCancelException("password");
 126           }
 127
 128           byte[] newpassword=Util.str2byte(response[0]);
 129
 130           // send
 131           // byte      SSH_MSG_USERAUTH_REQUEST(50)
 132           // string    user name
 133           // string    service name ("ssh-connection")
 134           // string    "password"
 135           // boolen    TRUE
 136           // string    plaintext old password (ISO-10646 UTF-8)
 137           // string    plaintext new password (ISO-10646 UTF-8)
 138           packet.reset();
 139           buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
 140           buf.putString(_username);
 141           buf.putString(Util.str2byte("ssh-connection"));
 142           buf.putString(Util.str2byte("password"));
 143           buf.putByte((byte)1);
 144           buf.putString(password);
 145           buf.putString(newpassword);
 146           Util.bzero(newpassword);
 147           response=null;
 148           session.write(packet);
 149           continue loop;
 150         }
 151         if(command==SSH_MSG_USERAUTH_FAILURE){
 152           buf.getInt(); buf.getByte(); buf.getByte();
 153           byte[] foo=buf.getString();
 154           int partial_success=buf.getByte();
 155           //System.err.println(new String(foo)+
 156           //             " partial_success:"+(partial_success!=0));
 157           if(partial_success!=0){
 158             throw new JSchPartialAuthException(Util.byte2str(foo));
 159           }
 160           break;
 161         }
 162         else{
 163           //System.err.println("USERAUTH fail ("+buf.getCommand()+")");
 164 //        throw new JSchException("USERAUTH fail ("+buf.getCommand()+")");
 165           return false;
 166         }
 167       }
 168
 169       if(password!=null){
 170         Util.bzero(password);
 171         password=null;
 172       }
 173
 174     }
 175
 176     }
 177     finally{
 178       if(password!=null){
 179         Util.bzero(password);
 180         password=null;
 181       }
 182     }
 183
 184     //throw new JSchException("USERAUTH fail");
 185     //return false;
 186   }
 187 }