remove keyboard auth callback and use generic auth callback

Author: JacobBarthelmeh

examples/echoserver/echoserver.c

@@ -1709,14 +1709,17 @@ static void StrListFree(StrList* list)
 }
 
 
-/* Map user names to passwords */
+/* Map user names to passwords and keyboard auth prompts */
 /* Use arrays for username and p. The password or public key can
  * be hashed and the hash stored here. Then I won't need the type. */
 typedef struct PwMap {
     byte type;
     byte username[32];
     word32 usernameSz;
     byte p[WC_SHA256_DIGEST_SIZE];
+#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
+    WS_UserAuthData_Keyboard* keyboard;
+#endif
     struct PwMap* next;
 } PwMap;
 
@@ -1752,6 +1755,24 @@ static PwMap* PwMapNew(PwMapList* list, byte type, const byte* username,
 }
 
 
+#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
+/* Create new node for list of auths, adding keyboard auth prompts */
+static PwMap* PwMapKeyboardNew(PwMapList* list, byte type, const byte* username,
+                       word32 usernameSz, const byte* p, word32 pSz,
+                       WS_UserAuthData_Keyboard* keyboard)
+{
+    PwMap* map;
+
+    map = PwMapNew(list, type, username, usernameSz, p, pSz);
+    if (map) {
+        map->keyboard = keyboard;
+    }
+
+    return map;
+}
+#endif
+
+
 static void PwMapListDelete(PwMapList* list)
 {
     if (list != NULL) {
@@ -2013,7 +2034,8 @@ static int LoadPasswdList(StrList* strList, PwMapList* mapList)
     return count;
 }
 #ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-static int LoadKeyboardList(StrList* strList, PwMapList* mapList)
+static int LoadKeyboardList(StrList* strList, PwMapList* mapList,
+    WS_UserAuthData_Keyboard* kbAuthData)
 {
     char names[256];
     char* passwd;
@@ -2026,9 +2048,10 @@ static int LoadKeyboardList(StrList* strList, PwMapList* mapList)
             *passwd = 0;
             passwd++;
 
-            PwMapNew(mapList, WOLFSSH_USERAUTH_KEYBOARD,
+            PwMapKeyboardNew(mapList, WOLFSSH_USERAUTH_KEYBOARD,
                     (byte*)names, (word32)WSTRLEN(names),
-                    (byte*)passwd, (word32)WSTRLEN(passwd));
+                    (byte*)passwd, (word32)WSTRLEN(passwd),
+                    kbAuthData);
         }
         else {
             fprintf(stderr, "Ignoring password: %s\n", names);
@@ -2192,6 +2215,7 @@ static int wsUserAuth(byte authType,
 #endif
 #ifdef WOLFSSH_KEYBOARD_INTERACTIVE
         authType != WOLFSSH_USERAUTH_KEYBOARD &&
+        authType != WOLFSSH_USERAUTH_KEYBOARD_SETUP &&
 #endif
         authType != WOLFSSH_USERAUTH_PUBLICKEY) {
 
@@ -2315,6 +2339,14 @@ static int wsUserAuth(byte authType,
             }
             #ifdef WOLFSSH_KEYBOARD_INTERACTIVE
             else if (authData->type == WOLFSSH_USERAUTH_KEYBOARD) {
+                if (authType == WOLFSSH_USERAUTH_KEYBOARD_SETUP) {
+                    /* setup the keyboard auth prompts */
+                    WMEMCPY(&authData->sf.keyboard, map->keyboard,
+                    sizeof(WS_UserAuthData_Keyboard));
+                    return WS_SUCCESS;
+                }
+
+                /* do keyboard auth prompts */
                 if (WMEMCMP(map->p, authHash, WC_SHA256_DIGEST_SIZE) == 0) {
                     return WOLFSSH_USERAUTH_SUCCESS;
                 }
@@ -2338,15 +2370,6 @@ static int wsUserAuth(byte authType,
     return WOLFSSH_USERAUTH_INVALID_USER;
 }
 
-#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-static int keyboardCallback(WS_UserAuthData_Keyboard *kbAuth, void *ctx)
-{
-    WS_UserAuthData_Keyboard *kbAuthData = (WS_UserAuthData_Keyboard*) ctx;
-    WMEMCPY(kbAuth, kbAuthData, sizeof(WS_UserAuthData_Keyboard));
-
-    return WS_SUCCESS;
-}
-#endif
 
 #ifdef WOLFSSH_SFTP
 /*
@@ -2800,9 +2823,6 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
 
 #ifdef WOLFSSH_KEYBOARD_INTERACTIVE
     if (keyboardList) {
-        LoadKeyboardList(keyboardList, &pwMapList);
-        StrListFree(keyboardList);
-        keyboardList = NULL;
         kbAuthData.promptCount = 1;
         kbAuthData.promptName = NULL;
         kbAuthData.promptNameSz = 0;
@@ -2825,7 +2845,9 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
             ES_ERROR("Error allocating promptEcho");
         }
         kbAuthData.promptEcho[0] = 0;
-        wolfSSH_SetKeyboardAuthPrompts(ctx, keyboardCallback);
+        LoadKeyboardList(keyboardList, &pwMapList, &kbAuthData);
+        StrListFree(keyboardList);
+        keyboardList = NULL;
     }
 #endif
 
@@ -3035,9 +3057,6 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
     #endif
         wolfSSH_SetUserAuthCtx(ssh, &pwMapList);
         wolfSSH_SetKeyingCompletionCbCtx(ssh, (void*)ssh);
-    #ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-        wolfSSH_SetKeyboardAuthCtx(ssh, &kbAuthData);
-    #endif
 
         /* Use the session object for its own highwater callback ctx */
         if (defaultHighwater > 0) {

src/internal.c

@@ -877,9 +877,6 @@ WOLFSSH_CTX* CtxInit(WOLFSSH_CTX* ctx, byte side, void* heap)
     ctx->algoListCipher = cannedEncAlgoNames;
     ctx->algoListMac = cannedMacAlgoNames;
     ctx->algoListKeyAccepted = cannedKeyAlgoNames;
-#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-    ctx->keyboardAuthCb = NULL;
-#endif
 
     count = (word32)(sizeof(ctx->privateKey)
             / sizeof(ctx->privateKey[0]));
@@ -13380,24 +13377,18 @@ int SendUserAuthKeyboardRequest(WOLFSSH* ssh, WS_UserAuthData* authData)
         return WS_BAD_ARGUMENT;
     }
 
-    if (ret == WS_SUCCESS){
-        if (ssh->ctx->keyboardAuthCb == NULL) {
-            WLOG(WS_LOG_DEBUG, "SendUserAuthKeyboardRequest called with no Cb set");
-            return WS_BAD_USAGE;
-        }
-        else {
-            ret = ssh->ctx->keyboardAuthCb(&authData->sf.keyboard,
-                                        ssh->keyboardAuthCtx);
-        }
+    if (ret == WS_SUCCESS && ssh->ctx->userAuthCb == NULL) {
+        WLOG(WS_LOG_DEBUG, "SendUserAuthKeyboardRequest called with no Cb set");
+        ret = WS_BAD_USAGE;
     }
 
     if (ret == WS_SUCCESS) {
-        if (authData->sf.keyboard.promptCount > 0 &&
-           (authData->sf.keyboard.prompts == NULL ||
-            authData->sf.keyboard.promptLengths == NULL ||
-            authData->sf.keyboard.promptEcho == NULL)) {
-                ret = WS_BAD_USAGE;
-            }
+        authData->type = WOLFSSH_USERAUTH_KEYBOARD;
+        ret = ssh->ctx->userAuthCb(WOLFSSH_USERAUTH_KEYBOARD_SETUP, authData,
+                               ssh->userAuthCtx);
+        if (ret == WOLFSSH_USERAUTH_SUCCESS) {
+            ret = WS_SUCCESS;
+        }
     }
 
     if (ret == WS_SUCCESS) {
@@ -14957,6 +14948,7 @@ int SendUserAuthRequest(WOLFSSH* ssh, byte authType, int addSig)
         WMEMSET(keySig_ptr, 0, sizeof(WS_KeySignature));
         keySig_ptr->keySigId = ID_NONE;
         keySig_ptr->heap = ssh->ctx->heap;
+
 #ifdef WOLFSSH_KEYBOARD_INTERACTIVE
         /* Callback happens later for keyboard auth */
         if (authType & WOLFSSH_USERAUTH_KEYBOARD) {
@@ -15128,9 +15120,7 @@ static int GetAllowedAuth(WOLFSSH* ssh, char* authStr)
 
     typeAllowed |= WOLFSSH_USERAUTH_PASSWORD;
 #ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-    if (ssh->ctx && ssh->ctx->keyboardAuthCb) {
-        typeAllowed |= WOLFSSH_USERAUTH_KEYBOARD;
-    }
+    typeAllowed |= WOLFSSH_USERAUTH_KEYBOARD;
 #endif
 #if !defined(WOLFSSH_NO_RSA) || !defined(WOLFSSH_NO_ECDSA)
     typeAllowed |= WOLFSSH_USERAUTH_PUBLICKEY;

src/ssh.c

@@ -1338,23 +1338,6 @@ int wolfSSH_SendDisconnect(WOLFSSH *ssh, word32 reason)
     return SendDisconnect(ssh, reason);
 }
 
-#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-void wolfSSH_SetKeyboardAuthPrompts(WOLFSSH_CTX* ctx,
-                                    WS_CallbackKeyboardAuthPrompts cb)
-{
-    if (ctx != NULL) {
-        ctx->keyboardAuthCb = cb;
-    }
-}
-
-void wolfSSH_SetKeyboardAuthCtx(WOLFSSH* ssh, void* keyboardAuthCtx)
-{
-    if (ssh != NULL) {
-        ssh->keyboardAuthCtx = keyboardAuthCtx;
-    }
-}
-#endif
-
 void wolfSSH_SetUserAuth(WOLFSSH_CTX* ctx, WS_CallbackUserAuth cb)
 {
     if (ctx != NULL) {

wolfssh/internal.h

@@ -529,9 +529,6 @@ struct WOLFSSH_CTX {
     WS_CallbackUserAuth userAuthCb;   /* User Authentication Callback */
     WS_CallbackUserAuthTypes userAuthTypesCb; /* Authentication Types Allowed */
     WS_CallbackUserAuthResult userAuthResultCb; /* User Authentication Result */
-#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-    WS_CallbackKeyboardAuthPrompts keyboardAuthCb; /* Keyboard auth prompts */
-#endif
     WS_CallbackHighwater highwaterCb; /* Data Highwater Mark Callback */
     WS_CallbackGlobalReq globalReqCb; /* Global Request Callback */
     WS_CallbackReqSuccess reqSuccessCb; /* Global Request Success Callback */

wolfssh/ssh.h

@@ -368,13 +368,6 @@ WOLFSSH_API void wolfSSH_SetUserAuthTypes(WOLFSSH_CTX*,
 WOLFSSH_API void wolfSSH_SetUserAuthCtx(WOLFSSH*, void*);
 WOLFSSH_API void* wolfSSH_GetUserAuthCtx(WOLFSSH*);
 
-#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
-typedef int (*WS_CallbackKeyboardAuthPrompts)(WS_UserAuthData_Keyboard*, void*);
-WOLFSSH_API void wolfSSH_SetKeyboardAuthPrompts(WOLFSSH_CTX*,
-                                                WS_CallbackKeyboardAuthPrompts);
-WOLFSSH_API void wolfSSH_SetKeyboardAuthCtx(WOLFSSH*, void*);
-#endif
-
 typedef int (*WS_CallbackUserAuthResult)(byte result,
         WS_UserAuthData* authData, void* userAuthResultCtx);
 WOLFSSH_API void wolfSSH_SetUserAuthResult(WOLFSSH_CTX* ctx,
@@ -474,6 +467,7 @@ enum WS_FormatTypes {
 #define WOLFSSH_USERAUTH_PUBLICKEY 0x02
 #define WOLFSSH_USERAUTH_KEYBOARD  0x04
 #define WOLFSSH_USERAUTH_NONE      0x08
+#define WOLFSSH_USERAUTH_KEYBOARD_SETUP 0x10
 
 enum WS_UserAuthResults
 {