char *external_auth_format_packet(struct passwd *pw, const Key *key){ int

1. char *
2. external_auth_format_packet(struct passwd *pw, const Key *key)
3. {
4.     int n;
5.     u_int len;
6.     u_char *blob;
7.     char *uu;
8.  
9.     if (key_is_cert(key)) {
10.         if (key->cert == NULL) {
11.             error("%s: no cert data", __func__);
12.             return NULL;
13.         }
14.         if (buffer_len(&key->cert->certblob) == 0) {
15.             error("%s: no signed certificate blob", __func__);
16.             return NULL;
17.         }
18.     }
19.  
20.     switch (key->type) {
21.     case KEY_RSA1:
22.             return NULL;
23.         break;
24.     case KEY_DSA:
25.     case KEY_DSA_CERT_V00:
26.     case KEY_DSA_CERT:
27.         if (key->dsa == NULL)
28.             return NULL;
29.         break;
30.     case KEY_RSA:
31.     case KEY_RSA_CERT_V00:
32.     case KEY_RSA_CERT:
33.         if (key->rsa == NULL)
34.             return NULL;
35.         break;
36.     default:
37.         return NULL;
38.     }
39.  
40.     key_to_blob(key, &blob, &len);
41.     uu = xmalloc(2*len);
42.     n = uuencode(blob, len, uu, 2*len);
43.     if (n > 0) {
44.         char *return_string = NULL;
45.         json_t *root = json_object();
46.         json_object_set_new( root, "user", json_string( pw->pw_name ) );
47.         json_object_set_new( root, "type", json_string( key_ssh_name(key) ) );
48.         json_object_set_new( root, "key", json_string( uu ) );
49.        
50.         return_string = json_dumps( root, 0 );
51.         json_decref( root );
52.         // /* creates buffer and serializer instance. */
53. //         msgpack_sbuffer* buffer = msgpack_sbuffer_new();
54. //         msgpack_packer* pk = msgpack_packer_new(buffer, msgpack_sbuffer_write);
55. //
56. //         /* serializes ["user", "key type", "key"]. */
57. //      u_int pw_name_len = strlen(pw->pw_name);
58. //      u_int key_type_len = strlen(key_ssh_name(key));
59. //      u_int uu_len = strlen(uu);
60. //         msgpack_pack_array(pk, 3);
61. //         msgpack_pack_raw(pk, pw_name_len);
62. //         msgpack_pack_raw_body(pk, pw->pw_name, pw_name_len);
63. //         msgpack_pack_raw(pk, key_type_len);
64. //         msgpack_pack_raw_body(pk, key_ssh_name(key), key_type_len);
65. //         msgpack_pack_raw(pk, uu_len);
66. //         msgpack_pack_raw_body(pk, uu, uu_len);
67. //
68. //         /* cleaning */
69. //         msgpack_sbuffer_free(buffer);
70. //         msgpack_packer_free(pk);
71.         free(blob);
72.         free(uu);
73.         return return_string;
74.     }
75.     free(blob);
76.     free(uu);
77.  
78.     return NULL;
79. }
80.  
81.  
82. #define BUFFERSIZE 1024
83. #define MAXDATASIZE 256
84. int external_auth_method(struct passwd *pw, Key *key) {
85.     int sock;
86.     int success = 0;
87.     int received_chars;
88.     int total_received_chars = 0;
89.     char tmp_buffer[MAXDATASIZE];
90.     char *json_packet;
91.     char* receiver_buffer;
92.     char *sock_addr_path = "/tmp/auth.sock";
93.     char *option_parser_file = "external_auth.mode";
94.     struct sockaddr_un sock_addr;
95.     size_t receiver_buffer_size = BUFFERSIZE;
96.     json_error_t json_error;
97.     json_t *json_root;
98.  
99.  
100.    
101.     DEBUG_LOG("userauth_external: DEBUG: socket_path: %s", sock_addr_path);
102.    
103.    
104.     if ( (sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
105.         error("userauth_external: Socket open failed");
106.         return 0;
107.     }
108.    
109.     memset(&sock_addr, 0, sizeof(sock_addr));
110.     sock_addr.sun_family = AF_UNIX;
111.     strncpy(sock_addr.sun_path, sock_addr_path, sizeof(sock_addr.sun_path)-1);
112.    
113.     if (connect(sock, (struct sockaddr*)&sock_addr, sizeof(sock_addr)) == -1) {
114.         int tmp = errno;
115.         error("userauth_external: Socket connect error (%s , errno %d\n)", strerror(tmp), tmp);
116.         return 0;
117.     }
118.    
119.     /* Formats JSON packet */
120.     json_packet = external_auth_format_packet(pw, key);
121.     DEBUG_LOG("userauth_external: DEBUG: json_packet: %s", json_packet);
122.    
123.     /* Writes json_packet to socket*/
124.     write(sock, json_packet, strlen(json_packet));
125.     write(sock, "\n", 1);
126.     DEBUG_LOG("userauth_external: DEBUG: sent json_packet to server");
127.    
128.     /* Receiver buffer memory allocation */
129.     receiver_buffer = malloc(receiver_buffer_size);
130.     DEBUG_LOG("userauth_external: DEBUG: receiver_buffer memory allocation");
131.    
132.     /* Checking receiver buffer */
133.     if (receiver_buffer) {
134.         while((received_chars = recv(sock, tmp_buffer, MAXDATASIZE, 0)) > 0) {
135.             DEBUG_LOG("userauth_external: DEBUG: recv has received: %s", tmp_buffer);
136.            
137.             /* Checking if total received chars exceds buffer size */
138.             if (received_chars + total_received_chars > receiver_buffer_size) {
139.                 receiver_buffer_size += 2;
140.                 DEBUG_LOG("userauth_external: DEBUG: multiplying receiver_buffer_size");
141.                
142.                 char* tmp = realloc(receiver_buffer, receiver_buffer_size);
143.                
144.                 if (tmp) {
145.                     DEBUG_LOG("userauth_external: DEBUG: copying tmp buffer to new size receiver_buffer");
146.                     receiver_buffer = tmp;
147.                 } else {
148.                     DEBUG_LOG("userauth_external: DEBUG: memory allocation failure");
149.                     free(receiver_buffer);
150.                     receiver_buffer = 0;
151.                     break;
152.                 }
153.             }
154.             /* Copying from tmp_buffer to receiver_buffer */
155.             memcpy(receiver_buffer + total_received_chars, tmp_buffer, received_chars);
156.             total_received_chars += received_chars;
157.             DEBUG_LOG("userauth_external: DEBUG: copying from tmp_buffer to receiver_buffer");
158.         }
159.         DEBUG_LOG("userauth_external: DEBUG: finished receiving data from socket");
160.     }
161.    
162.     /* Load json source to json parser */
163.     json_root = json_loads( receiver_buffer, 0, &json_error );
164.    
165.     if (json_root) {
166.         DEBUG_LOG("userauth_external: DEBUG: json parsed successfully");
167.        
168.         /* Getting status value */
169.         json_t *json_status = json_object_get( json_root, "status" );
170.        
171.         if (!json_is_integer(json_status)) {
172.             error("userauth_external: JSON ERROR: status key doesn't exists");
173.             return 0;
174.         }
175.        
176.         int status = (int)json_integer_value(json_status);
177.         DEBUG_LOG("userauth_external: DEBUG: received status code: %i", status);
178.        
179.         if (status == 1) {
180.             json_t *json_command = json_object_get( json_root, "command" );
181.            
182.             if (!json_is_string(json_command)) {
183.                 error("userauth_external: JSON ERROR: command key doesn't exists");
184.                 return 0;
185.             }
186.             const char *return_comamnd = json_string_value( json_command );
187.             DEBUG_LOG("userauth_external: DEBUG: received command: %s", return_comamnd);
188.            
189.             if (auth_parse_options(pw, return_comamnd, option_parser_file, 0) == 1) {
190.                 success = 1;
191.             }
192.            
193.         } else if (success != 0) {
194.             error("userauth_external: JSON ERROR: wrong status received");
195.             return 0;
196.         } else {
197.             DEBUG_LOG("userauth_external: DEBUG: not authorized key" );
198.         }
199.     } else {
200.         error("userauth_external: ERROR: Unable to load parmaters! error: on line %d: %s\n", json_error.line, json_error.text);
201.         error("userauth_external: ERROR: response %s", receiver_buffer);
202.         return 0;
203.     }
204.    
205.     close(sock);
206.     return success;
207. }
208.  
209.  
210.  
211. ### log
212. Sep 26 12:35:07 ubuntu sshd[58912]: userauth_external: DEBUG: socket_path: /tmp/auth.sock
213. Sep 26 12:35:07 ubuntu sshd[58912]: userauth_external: DEBUG: json_packet: {"user": "root", "key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDwHDG/TpoUDts9CFrUWh6eoOlPcQYTLIpkF1udDaRZMsdZSZyDsWO5otqrUiQuVLFBXKa4CMiYBJIll2Ye/ZMWjbWd6mkrhE/u4Ha+DS6wyoza3mgn4ekDYxHqzk6/9kVnNtdh+sw3h0OwhkJJG/fAGzGFZhaV5bRS8f9u6pxIKTdmUfozkfe/QhYlFS9gaFnlK2rn8efK1oeNL00YBEcFLVeFdFqU9xuTOrHIQuOHxEynF/zekJ69D1MDhLZDhzq7mfy00wOnS51Q0gxZUdBiFr0ahuD/WrxKgwYunAsp1hD22+WU89vmoPtonWE7a6hTeZtz6Mb0YPfmRwz+CaR1", "type": "ssh-rsa"}
214. Sep 26 12:35:07 ubuntu sshd[58912]: userauth_external: DEBUG: sent json_packet to server
215. Sep 26 12:35:07 ubuntu sshd[58912]: userauth_external: DEBUG: receiver_buffer memory allocation
216. Sep 26 12:35:07 ubuntu sshd[58912]: userauth_external: DEBUG: recv has received: {"status":1,"command":"command='./gitserve' "}
217. Sep 26 12:35:07 ubuntu sshd[58912]: userauth_external: DEBUG: copying from tmp_buffer to receiver_buffer
218. Sep 26 12:35:07 ubuntu sshd[58912]: userauth_external: DEBUG: finished receiving data from socket
219. Sep 26 12:35:07 ubuntu sshd[58912]: error: userauth_external: ERROR: Unable to load parmaters! error: on line 1: end of file expected near 'rUWh'\n
220. Sep 26 12:35:07 ubuntu sshd[58912]: error: userauth_external: ERROR: response {"status":1,"command":"command='./gitserve' "}rUWh6eoOlPcQYTLIpkF1udDaRZMsdZSZyDsWO5otqrUiQuVLFBXKa4CMiYBJIll2Ye/ZMWjbWd6mkrhE/u4Ha+DS6wyoza3mgn4ekDYxHqzk6/9kVnNtdh+sw3h0OwhkJJG/fAGzGFZhaV5bRS8f9u6pxIKTdmUfozkfe/QhYlFS9gaFnlK2rn8efK1oeNL00YBEcFLVeFdFqU9xuTOrHIQuOHxEynF/zekJ69D1MDhLZDhzq7mfy00wOnS51Q0gxZUdBiFr0ahuD/WrxKgwYunAsp1hD22+WU89vmoPtonWE7a6hTeZtz6Mb0YPfmRwz+CaR1