private void authService_ChangePassword(object sender, ChangePasswordEventArgs e)
{
var authService = (SshAuthenticationService)sender;
e.Result = PasswordChangeResult.Failure;
// Write to event log.
string resultText = "";
switch (e.Result)
{
case PasswordChangeResult.Success:
resultText = "succeeded";
break;
case PasswordChangeResult.FurtherAuthRequired:
resultText = "succeeded but further authentication is required";
break;
case PasswordChangeResult.Failure:
resultText = "failed";
break;
case PasswordChangeResult.NewPasswordUnacceptable:
resultText = "failed because the new password is unacceptable";
break;
}
LogClientEvent(authService.Client, string.Format("Password change {0}.", resultText),
EventLogEntryType.Information);
}
protected void ProcessMsgUserAuthRequestPassword(SshStreamReader msgReader)
{
if (_isDisposed) throw new ObjectDisposedException(this.GetType().FullName);
// Raise event to specify requested auth method.
if (AuthenticationMethodRequested != null) AuthenticationMethodRequested(this,
new AuthMethodRequestedEventArgs(AuthenticationMethod.Password));
// Check whether client is changing password.
bool changingPassword = msgReader.ReadBoolean();
if (changingPassword)
{
// Read old and new passwords (in plaintext).
string oldPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());
string newPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());
// Raise event to get result of password change request.
var changePasswordEventArgs = new ChangePasswordEventArgs(oldPassword, newPassword);
if (ChangePassword != null) ChangePassword(this, changePasswordEventArgs);
// Check result of password change request.
switch (changePasswordEventArgs.Result)
{
case PasswordChangeResult.Success:
// Password change and auth have succeeded.
AuthenticateUser(_lastServiceName);
break;
case PasswordChangeResult.FurtherAuthRequired:
// Password change has succeeded, but further auth is required.
SendMsgUserAuthFailure(true);
break;
case PasswordChangeResult.Failure:
// Password change has failed.
SendMsgUserAuthFailure(false);
break;
case PasswordChangeResult.NewPasswordUnacceptable:
// Password was not changed.
SendMsgUserAuthPasswdChangeReq(changePasswordEventArgs.ReplyPrompt, "");
break;
}
}
else
{
// Read password (in plaintext).
string password = Encoding.UTF8.GetString(msgReader.ReadByteString());
// Raise event to get result of auth attempt.
var authUserEventArgs = new AuthUserPasswordEventArgs(_lastUserName, password);
if (AuthenticateUserPassword != null) AuthenticateUserPassword(this, authUserEventArgs);
// Check result of auth attempt.
switch (authUserEventArgs.Result)
{
case AuthenticationResult.Success:
// Auth has succeeded.
AuthenticateUser(_lastServiceName);
break;
case AuthenticationResult.FurtherAuthRequired:
// Auth has succeeded, but further auth is required.
SendMsgUserAuthFailure(true);
break;
case AuthenticationResult.Failure:
// Increment number of failed auth attempts.
_failedAuthAttempts++;
if (_failedAuthAttempts < this.MaximumAuthAttempts)
{
// Auth has failed, but allow client to reattempt auth.
SendMsgUserAuthFailure(false);
}
else
{
// Auth has failed too many times, disconnect.
_client.Disconnect(false);
throw new DisconnectedException();
}
break;
case AuthenticationResult.PasswordExpired:
// Password change is required.
SendMsgUserAuthPasswdChangeReq("The specified password has expired.", "");
break;
}
}
}
protected void ProcessMsgUserAuthRequestPassword(SshStreamReader msgReader)
{
if (_isDisposed)
{
throw new ObjectDisposedException(this.GetType().FullName);
}
// Raise event to specify requested auth method.
if (AuthenticationMethodRequested != null)
{
AuthenticationMethodRequested(this,
new AuthMethodRequestedEventArgs(AuthenticationMethod.Password));
}
// Check whether client is changing password.
bool changingPassword = msgReader.ReadBoolean();
if (changingPassword)
{
// Read old and new passwords (in plaintext).
string oldPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());
string newPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());
// Raise event to get result of password change request.
var changePasswordEventArgs = new ChangePasswordEventArgs(oldPassword, newPassword);
if (ChangePassword != null)
{
ChangePassword(this, changePasswordEventArgs);
}
// Check result of password change request.
switch (changePasswordEventArgs.Result)
{
case PasswordChangeResult.Success:
// Password change and auth have succeeded.
AuthenticateUser(_lastServiceName);
break;
case PasswordChangeResult.FurtherAuthRequired:
// Password change has succeeded, but further auth is required.
SendMsgUserAuthFailure(true);
break;
case PasswordChangeResult.Failure:
// Password change has failed.
SendMsgUserAuthFailure(false);
break;
case PasswordChangeResult.NewPasswordUnacceptable:
// Password was not changed.
SendMsgUserAuthPasswdChangeReq(changePasswordEventArgs.ReplyPrompt, "");
break;
}
}
else
{
// Read password (in plaintext).
string password = Encoding.UTF8.GetString(msgReader.ReadByteString());
// Raise event to get result of auth attempt.
var authUserEventArgs = new AuthUserPasswordEventArgs(_lastUserName, password);
if (AuthenticateUserPassword != null)
{
AuthenticateUserPassword(this, authUserEventArgs);
}
// Check result of auth attempt.
switch (authUserEventArgs.Result)
{
case AuthenticationResult.Success:
// Auth has succeeded.
AuthenticateUser(_lastServiceName);
break;
case AuthenticationResult.FurtherAuthRequired:
// Auth has succeeded, but further auth is required.
SendMsgUserAuthFailure(true);
break;
case AuthenticationResult.Failure:
// Increment number of failed auth attempts.
_failedAuthAttempts++;
if (_failedAuthAttempts < this.MaximumAuthAttempts)
{
// Auth has failed, but allow client to reattempt auth.
SendMsgUserAuthFailure(false);
}
else
{
// Auth has failed too many times, disconnect.
_client.Disconnect(false);
throw new DisconnectedException();
}
break;
case AuthenticationResult.PasswordExpired:
// Password change is required.
SendMsgUserAuthPasswdChangeReq("The specified password has expired.", "");
break;
}
}
}