Uppity: add stunt options for trivial authentication.

This allows the 'no trivial auth' option introduced by the previous commit to be tested. Uppity has grown three new options to make it accept "none" authentication, keyboard-interactive involving no prompts, and the perverse sending of USERAUTH_SUCCESS after a signatureless public-key offer. The first of those options also enables the analogue in SSH-1; the other two have no SSH-1 analogues in the first place. (SSH-1 public key authentication has a challenge-response structure that doesn't contain any way to terminate the exchange early with success. And the TIS and CryptoCard methods, which are its closest analogue of k-i, have a fixed number of prompts, which is not 0.)
2025-06-30 19:12:48 -05:00 · 2021-06-19 15:41:18 +01:00
parent 5f5c710cf3
commit ff941299cf
4 changed files with 62 additions and 26 deletions
--- a/ssh/login1-server.c
+++ b/ssh/login1-server.c
@ -39,7 +39,6 @@ struct ssh1_login_server_state {
    unsigned ap_methods, current_method;
    unsigned char auth_rsa_expected_response[16];
    RSAKey *authkey;
-    bool auth_successful;

    PacketProtocolLayer ppl;
 };
@ -267,7 +266,9 @@ static void ssh1_login_server_process_queue(PacketProtocolLayer *ppl)
    s->username.ptr = s->username_str = mkstr(s->username);
    ppl_logevent("Received username '%.*s'", PTRLEN_PRINTF(s->username));

-    s->auth_successful = auth_none(s->authpolicy, s->username);
+    if (auth_none(s->authpolicy, s->username))
+        goto auth_success;
+
    while (1) {
        /* Signal failed authentication */
        pktout = ssh_bpp_new_pktout(s->ppl.bpp, SSH1_SMSG_FAILURE);
--- a/ssh/server.h
+++ b/ssh/server.h
@ -21,6 +21,9 @@ struct SshServerConfig {

    bool stunt_pretend_to_accept_any_pubkey;
    bool stunt_open_unconditional_agent_socket;
+    bool stunt_allow_none_auth;
+    bool stunt_allow_trivial_ki_auth;
+    bool stunt_return_success_to_pubkey_offer;
 };

 Plug *ssh_server_plug(
--- a/ssh/userauth2-server.c
+++ b/ssh/userauth2-server.c
@ -209,7 +209,8 @@ static void ssh2_userauth_server_process_queue(PacketProtocolLayer *ppl)
            if (!(s->methods & s->this_method))
                goto failure;

-            has_signature = get_bool(pktin);
+            has_signature = get_bool(pktin) ||
+                s->ssc->stunt_return_success_to_pubkey_offer;
            algorithm = get_string(pktin);
            blob = get_string(pktin);

@ -251,7 +252,8 @@ static void ssh2_userauth_server_process_queue(PacketProtocolLayer *ppl)

            signature = get_string(pktin);
            success = ssh_key_verify(key, signature,
-                                     ptrlen_from_strbuf(sigdata));
+                                     ptrlen_from_strbuf(sigdata)) ||
+                s->ssc->stunt_return_success_to_pubkey_offer;
            ssh_key_free(key);
            strbuf_free(sigdata);