# $Id: ChallengeResponse.pm,v 1.3 2003/12/03 15:35:21 autarch Exp $
package Net::SSH::Perl::Auth::ChallengeResponse;
use strict;
use warnings;
use Net::SSH::Perl::Constants qw(
SSH_CMSG_AUTH_TIS
SSH_SMSG_AUTH_TIS_CHALLENGE
SSH_CMSG_AUTH_TIS_RESPONSE
SSH_SMSG_SUCCESS
SSH_SMSG_FAILURE );
use Net::SSH::Perl::Packet;
use Net::SSH::Perl::Util qw( _read_passphrase );
use Net::SSH::Perl::Auth;
use base qw( Net::SSH::Perl::Auth );
use Scalar::Util qw(weaken);
sub new {
my $class = shift;
my $ssh = shift;
my $auth = bless { ssh => $ssh }, $class;
weaken $auth->{ssh};
$auth->enabled( $ssh->config->get('auth_ch_res') );
$auth;
}
sub enabled {
my $auth = shift;
$auth->{enabled} = shift if @_;
$auth->{enabled};
}
sub authenticate {
my $auth = shift;
my $ssh = $auth->{ssh};
$ssh->debug("Password authentication is disabled by the client."), return
unless $auth->enabled;
$ssh->debug("Doing challenge response authentication.");
for (1..$ssh->config->get('number_of_password_prompts')) {
my $packet = $ssh->packet_start(SSH_CMSG_AUTH_TIS);
$packet->send;
$packet = Net::SSH::Perl::Packet->read($ssh);
my $type = $packet->type;
$ssh->fatal_disconnect("Protocol error in AUTH_TIS")
unless $type == SSH_SMSG_FAILURE ||
$type == SSH_SMSG_AUTH_TIS_CHALLENGE;
$ssh->debug("No challenge presented."), return
unless $type == SSH_SMSG_AUTH_TIS_CHALLENGE;
my $challenge = $packet->get_str;
my $response = _read_passphrase($challenge);
$packet = $ssh->packet_start(SSH_CMSG_AUTH_TIS_RESPONSE);
$packet->put_str($response);
$packet->send;
$packet = Net::SSH::Perl::Packet->read($ssh);
return 1 if $packet->type == SSH_SMSG_SUCCESS;
$ssh->fatal_disconnect("Protocol error to AUTH_TIS response")
unless $packet->type == SSH_SMSG_FAILURE;
}
return 0;
}
1;