diff options
author | Julien Dessaux | 2018-08-26 18:54:19 +0200 |
---|---|---|
committer | Julien Dessaux | 2018-11-02 18:32:59 +0100 |
commit | fecf526ed334c8b987b37a3702e85a08bb7a9e68 (patch) | |
tree | b70f7ba78eb409f12a63c5ac69ef0ba97cf7b269 /src/session.c | |
parent | Added session recording with https://github.com/kilobyte/termrec (diff) | |
download | bastion-fecf526ed334c8b987b37a3702e85a08bb7a9e68.tar.gz bastion-fecf526ed334c8b987b37a3702e85a08bb7a9e68.tar.bz2 bastion-fecf526ed334c8b987b37a3702e85a08bb7a9e68.zip |
Began implementing configuration fetching from an sshportal mysql database
Diffstat (limited to '')
-rw-r--r-- | src/session.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/src/session.c b/src/session.c index f5827e8..2261242 100644 --- a/src/session.c +++ b/src/session.c @@ -9,13 +9,13 @@ #include <sys/wait.h> #include "../config.h" +#include "mysql.h" #include "proxy.h" #include "session.h" #include "state.h" -static int auth_pubkey(ssh_session session, const char *user, - struct ssh_key_struct *pubkey, - char signature_state, void *userdata) { +static int auth_pubkey(ssh_session session, const char *user, ssh_key pubkey, char signature_state, + void *userdata) { struct session_data_struct *sdata = (struct session_data_struct *) userdata; (void) session; @@ -31,20 +31,19 @@ static int auth_pubkey(ssh_session session, const char *user, // TODO check for an invite - ssh_key reference_key; - ssh_pki_import_pubkey_base64(USER_RSA_PUBKEY, SSH_KEYTYPE_RSA, &reference_key); // TODO fetch all pubkeys from db - if (!ssh_key_cmp(pubkey, reference_key, SSH_KEY_CMP_PUBLIC)) { + char * bastion_username = db_get_username_from_pubkey(pubkey); + if (bastion_username != NULL) { sdata->authenticated = 1; - ssh_key_free(reference_key); if (state_set_ssh_destination(user) != 0) return SSH_ERROR; // TODO check access rights and host configs - state_set_username(USER_TO_LOGIN_AS); + state_set_bastion_username(bastion_username); + free(bastion_username); // TODO log session creation in db state_set_session_id(1337); return SSH_AUTH_SUCCESS; } else { - ssh_key_free(reference_key); + free(bastion_username); sdata->auth_attempts++; return SSH_AUTH_DENIED; } |