Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(369)

Unified Diff: ssh/client_auth.go

Issue 13352055: code review 13352055: go.crypto/ssh: separate kex algorithms into kexAlgorith... (Closed)
Patch Set: diff -r 3a49c11added https://code.google.com/p/go.crypto Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « ssh/client.go ('k') | ssh/common.go » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: ssh/client_auth.go
===================================================================
--- a/ssh/client_auth.go
+++ b/ssh/client_auth.go
@@ -81,7 +81,7 @@
// Returns true if authentication is successful.
// If authentication is not successful, a []string of alternative
// method names is returned.
- auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error)
+ auth(session []byte, user string, p packetConn, rand io.Reader) (bool, []string, error)
// method returns the RFC 4252 method name.
method() string
@@ -90,8 +90,8 @@
// "none" authentication, RFC 4252 section 5.2.
type noneAuth int
-func (n *noneAuth) auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error) {
- if err := t.writePacket(marshal(msgUserAuthRequest, userAuthRequestMsg{
+func (n *noneAuth) auth(session []byte, user string, c packetConn, rand io.Reader) (bool, []string, error) {
+ if err := c.writePacket(marshal(msgUserAuthRequest, userAuthRequestMsg{
User: user,
Service: serviceSSH,
Method: "none",
@@ -99,7 +99,7 @@
return false, nil, err
}
- return handleAuthResponse(t)
+ return handleAuthResponse(c)
}
func (n *noneAuth) method() string {
@@ -111,7 +111,7 @@
ClientPassword
}
-func (p *passwordAuth) auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error) {
+func (p *passwordAuth) auth(session []byte, user string, c packetConn, rand io.Reader) (bool, []string, error) {
type passwordAuthMsg struct {
User string
Service string
@@ -125,7 +125,7 @@
return false, nil, err
}
- if err := t.writePacket(marshal(msgUserAuthRequest, passwordAuthMsg{
+ if err := c.writePacket(marshal(msgUserAuthRequest, passwordAuthMsg{
User: user,
Service: serviceSSH,
Method: "password",
@@ -135,7 +135,7 @@
return false, nil, err
}
- return handleAuthResponse(t)
+ return handleAuthResponse(c)
}
func (p *passwordAuth) method() string {
@@ -181,7 +181,7 @@
Sig []byte `ssh:"rest"`
}
-func (p *publickeyAuth) auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error) {
+func (p *publickeyAuth) auth(session []byte, user string, c packetConn, rand io.Reader) (bool, []string, error) {
// Authentication is performed in two stages. The first stage sends an
// enquiry to test if each key is acceptable to the remote. The second
// stage attempts to authenticate with the valid keys obtained in the
@@ -200,7 +200,7 @@
break
}
- if ok, err := p.validateKey(key, user, t); ok {
+ if ok, err := p.validateKey(key, user, c); ok {
validKeys[index] = key
} else {
if err != nil {
@@ -237,10 +237,10 @@
Sig: sig,
}
p := marshal(msgUserAuthRequest, msg)
- if err := t.writePacket(p); err != nil {
+ if err := c.writePacket(p); err != nil {
return false, nil, err
}
- success, methods, err := handleAuthResponse(t)
+ success, methods, err := handleAuthResponse(c)
if err != nil {
return false, nil, err
}
@@ -252,7 +252,7 @@
}
// validateKey validates the key provided it is acceptable to the server.
-func (p *publickeyAuth) validateKey(key PublicKey, user string, t *transport) (bool, error) {
+func (p *publickeyAuth) validateKey(key PublicKey, user string, c packetConn) (bool, error) {
pubkey := MarshalPublicKey(key)
algoname := key.PublicKeyAlgo()
msg := publickeyAuthMsg{
@@ -263,19 +263,19 @@
Algoname: algoname,
Pubkey: string(pubkey),
}
- if err := t.writePacket(marshal(msgUserAuthRequest, msg)); err != nil {
+ if err := c.writePacket(marshal(msgUserAuthRequest, msg)); err != nil {
return false, err
}
- return p.confirmKeyAck(key, t)
+ return p.confirmKeyAck(key, c)
}
-func (p *publickeyAuth) confirmKeyAck(key PublicKey, t *transport) (bool, error) {
+func (p *publickeyAuth) confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
pubkey := MarshalPublicKey(key)
algoname := key.PublicKeyAlgo()
for {
- packet, err := t.readPacket()
+ packet, err := c.readPacket()
if err != nil {
return false, err
}
@@ -312,9 +312,9 @@
// handleAuthResponse returns whether the preceding authentication request succeeded
// along with a list of remaining authentication methods to try next and
// an error if an unexpected response was received.
-func handleAuthResponse(t *transport) (bool, []string, error) {
+func handleAuthResponse(c packetConn) (bool, []string, error) {
for {
- packet, err := t.readPacket()
+ packet, err := c.readPacket()
if err != nil {
return false, nil, err
}
@@ -411,11 +411,11 @@
ClientKeyboardInteractive
}
-func (c *keyboardInteractiveAuth) method() string {
+func (k *keyboardInteractiveAuth) method() string {
return "keyboard-interactive"
}
-func (c *keyboardInteractiveAuth) auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error) {
+func (k *keyboardInteractiveAuth) auth(session []byte, user string, c packetConn, rand io.Reader) (bool, []string, error) {
type initiateMsg struct {
User string
Service string
@@ -424,7 +424,7 @@
Submethods string
}
- if err := t.writePacket(marshal(msgUserAuthRequest, initiateMsg{
+ if err := c.writePacket(marshal(msgUserAuthRequest, initiateMsg{
User: user,
Service: serviceSSH,
Method: "keyboard-interactive",
@@ -433,7 +433,7 @@
}
for {
- packet, err := t.readPacket()
+ packet, err := c.readPacket()
if err != nil {
return false, nil, err
}
@@ -480,7 +480,7 @@
return false, nil, fmt.Errorf("ssh: junk following message %q", rest)
}
- answers, err := c.Challenge(msg.User, msg.Instruction, prompts, echos)
+ answers, err := k.Challenge(msg.User, msg.Instruction, prompts, echos)
if err != nil {
return false, nil, err
}
@@ -501,7 +501,7 @@
p = marshalString(p, []byte(a))
}
- if err := t.writePacket(serialized); err != nil {
+ if err := c.writePacket(serialized); err != nil {
return false, nil, err
}
}
« no previous file with comments | « ssh/client.go ('k') | ssh/common.go » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b