ssh_terminal: address ambigouity of return values

Replace return values with appropiate bool and document two-staged publickey authentication. This fixes a bug where wrong authentication attempts are not properly denied. Issue #3590.
2025-04-08 03:45:24 +00:00 · 2020-01-06 11:02:18 +01:00 · 2020-01-06 11:02:18 +01:00 · 7ecabb25eb
commit 7ecabb25eb
parent 5b633a83df
1 changed files with 16 additions and 3 deletions
--- a/repos/gems/src/server/ssh_terminal/server.cc
+++ b/repos/gems/src/server/ssh_terminal/server.cc
@ -545,10 +545,23 @@ bool Ssh::Server::auth_pubkey(ssh_session s, char const *u,
 	}
 	Session &session = *p;

+	/*
+	 * In this first state the given pubkey is solely probed.
+	 * Ideally we would check here if the given pubkey is in fact to the
+	 * configured one, i.e., reading a 'authorized_keys' like file and
+	 * check its entries.
+	 *
+	 * For now we simple accept all keys and reject them in the later
+	 * state.
+	 */
 	if (signature_state == SSH_PUBLICKEY_STATE_NONE) {
-		return SSH_AUTH_PARTIAL;
+		return true;
 	}

+	/*
+	 * In this second state we check the provided pubkey and if it
+	 * matches allow authentication to proceed.
+	 */
 	if (signature_state == SSH_PUBLICKEY_STATE_VALID) {
 		Genode::Lock::Guard g(_logins.lock());
 		Login const *l = _logins.lookup(u);
@ -558,13 +571,13 @@ bool Ssh::Server::auth_pubkey(ssh_session s, char const *u,
 				session.auth_sucessful = true;
 				session.adopt(l->user);
 				_log_login(l->user, session, true);
-				return SSH_AUTH_SUCCESS;
+				return true;
 			}
 		}
 	}

 	_log_failed(u, session, true);
-	return SSH_AUTH_DENIED;
+	return false;
 }