예제 #1
0
        private void authService_ChangePassword(object sender, ChangePasswordEventArgs e)
        {
            var authService = (SshAuthenticationService)sender;

            e.Result = PasswordChangeResult.Failure;

            // Write to event log.
            string resultText = "";

            switch (e.Result)
            {
                case PasswordChangeResult.Success:
                    resultText = "succeeded";
                    break;
                case PasswordChangeResult.FurtherAuthRequired:
                    resultText = "succeeded but further authentication is required";
                    break;
                case PasswordChangeResult.Failure:
                    resultText = "failed";
                    break;
                case PasswordChangeResult.NewPasswordUnacceptable:
                    resultText = "failed because the new password is unacceptable";
                    break;
            }

            LogClientEvent(authService.Client, string.Format("Password change {0}.", resultText),
                EventLogEntryType.Information);
        }
        protected void ProcessMsgUserAuthRequestPassword(SshStreamReader msgReader)
        {
            if (_isDisposed) throw new ObjectDisposedException(this.GetType().FullName);

            // Raise event to specify requested auth method.
            if (AuthenticationMethodRequested != null) AuthenticationMethodRequested(this,
                new AuthMethodRequestedEventArgs(AuthenticationMethod.Password));

            // Check whether client is changing password.
            bool changingPassword = msgReader.ReadBoolean();

            if (changingPassword)
            {
                // Read old and new passwords (in plaintext).
                string oldPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());
                string newPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());

                // Raise event to get result of password change request.
                var changePasswordEventArgs = new ChangePasswordEventArgs(oldPassword, newPassword);

                if (ChangePassword != null) ChangePassword(this, changePasswordEventArgs);

                // Check result of password change request.
                switch (changePasswordEventArgs.Result)
                {
                    case PasswordChangeResult.Success:
                        // Password change and auth have succeeded.
                        AuthenticateUser(_lastServiceName);

                        break;
                    case PasswordChangeResult.FurtherAuthRequired:
                        // Password change has succeeded, but further auth is required.
                        SendMsgUserAuthFailure(true);

                        break;
                    case PasswordChangeResult.Failure:
                        // Password change has failed.
                        SendMsgUserAuthFailure(false);

                        break;
                    case PasswordChangeResult.NewPasswordUnacceptable:
                        // Password was not changed.
                        SendMsgUserAuthPasswdChangeReq(changePasswordEventArgs.ReplyPrompt, "");

                        break;
                }
            }
            else
            {
                // Read password (in plaintext).
                string password = Encoding.UTF8.GetString(msgReader.ReadByteString());

                // Raise event to get result of auth attempt.
                var authUserEventArgs = new AuthUserPasswordEventArgs(_lastUserName, password);

                if (AuthenticateUserPassword != null) AuthenticateUserPassword(this, authUserEventArgs);

                // Check result of auth attempt.
                switch (authUserEventArgs.Result)
                {
                    case AuthenticationResult.Success:
                        // Auth has succeeded.
                        AuthenticateUser(_lastServiceName);

                        break;
                    case AuthenticationResult.FurtherAuthRequired:
                        // Auth has succeeded, but further auth is required.
                        SendMsgUserAuthFailure(true);

                        break;
                    case AuthenticationResult.Failure:
                        // Increment number of failed auth attempts.
                        _failedAuthAttempts++;

                        if (_failedAuthAttempts < this.MaximumAuthAttempts)
                        {
                            // Auth has failed, but allow client to reattempt auth.
                            SendMsgUserAuthFailure(false);
                        }
                        else
                        {
                            // Auth has failed too many times, disconnect.
                            _client.Disconnect(false);
                            throw new DisconnectedException();
                        }

                        break;
                    case AuthenticationResult.PasswordExpired:
                        // Password change is required.
                        SendMsgUserAuthPasswdChangeReq("The specified password has expired.", "");

                        break;
                }
            }
        }
        protected void ProcessMsgUserAuthRequestPassword(SshStreamReader msgReader)
        {
            if (_isDisposed)
            {
                throw new ObjectDisposedException(this.GetType().FullName);
            }

            // Raise event to specify requested auth method.
            if (AuthenticationMethodRequested != null)
            {
                AuthenticationMethodRequested(this,
                                              new AuthMethodRequestedEventArgs(AuthenticationMethod.Password));
            }

            // Check whether client is changing password.
            bool changingPassword = msgReader.ReadBoolean();

            if (changingPassword)
            {
                // Read old and new passwords (in plaintext).
                string oldPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());
                string newPassword = Encoding.UTF8.GetString(msgReader.ReadByteString());

                // Raise event to get result of password change request.
                var changePasswordEventArgs = new ChangePasswordEventArgs(oldPassword, newPassword);

                if (ChangePassword != null)
                {
                    ChangePassword(this, changePasswordEventArgs);
                }

                // Check result of password change request.
                switch (changePasswordEventArgs.Result)
                {
                case PasswordChangeResult.Success:
                    // Password change and auth have succeeded.
                    AuthenticateUser(_lastServiceName);

                    break;

                case PasswordChangeResult.FurtherAuthRequired:
                    // Password change has succeeded, but further auth is required.
                    SendMsgUserAuthFailure(true);

                    break;

                case PasswordChangeResult.Failure:
                    // Password change has failed.
                    SendMsgUserAuthFailure(false);

                    break;

                case PasswordChangeResult.NewPasswordUnacceptable:
                    // Password was not changed.
                    SendMsgUserAuthPasswdChangeReq(changePasswordEventArgs.ReplyPrompt, "");

                    break;
                }
            }
            else
            {
                // Read password (in plaintext).
                string password = Encoding.UTF8.GetString(msgReader.ReadByteString());

                // Raise event to get result of auth attempt.
                var authUserEventArgs = new AuthUserPasswordEventArgs(_lastUserName, password);

                if (AuthenticateUserPassword != null)
                {
                    AuthenticateUserPassword(this, authUserEventArgs);
                }

                // Check result of auth attempt.
                switch (authUserEventArgs.Result)
                {
                case AuthenticationResult.Success:
                    // Auth has succeeded.
                    AuthenticateUser(_lastServiceName);

                    break;

                case AuthenticationResult.FurtherAuthRequired:
                    // Auth has succeeded, but further auth is required.
                    SendMsgUserAuthFailure(true);

                    break;

                case AuthenticationResult.Failure:
                    // Increment number of failed auth attempts.
                    _failedAuthAttempts++;

                    if (_failedAuthAttempts < this.MaximumAuthAttempts)
                    {
                        // Auth has failed, but allow client to reattempt auth.
                        SendMsgUserAuthFailure(false);
                    }
                    else
                    {
                        // Auth has failed too many times, disconnect.
                        _client.Disconnect(false);
                        throw new DisconnectedException();
                    }

                    break;

                case AuthenticationResult.PasswordExpired:
                    // Password change is required.
                    SendMsgUserAuthPasswdChangeReq("The specified password has expired.", "");

                    break;
                }
            }
        }