auth: Add KbdintResult definition to define result values explicitly

kbdint result vfunc may return various values, so use an enum to make it clearer what each result means without having to dig into the struct documentation. Origin: https://github.com/openssh/openssh-portable/pull/452 Gbp-Pq: Name auth-Add-KbdintResult-definition-to-define-result-values-.patch
2023-10-17 04:04:13 +02:00 · 2023-10-17 04:04:13 +02:00 · 8c8f600dbe
parent 9f8c803a09
commit 8c8f600dbe
4 changed files with 13 additions and 8 deletions
--- a/auth-bsdauth.c
+++ b/auth-bsdauth.c
@ -111,7 +111,7 @@ bsdauth_respond(void *ctx, u_int numresponses, char **responses)
 	authctxt->as = NULL;
 	debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);

-	return (authok == 0) ? -1 : 0;
+	return (authok == 0) ? KbdintResultFailure : KbdintResultSuccess;
 }

 static void
--- a/auth-pam.c
+++ b/auth-pam.c
@ -990,15 +990,15 @@ sshpam_respond(void *ctx, u_int num, char **resp)
 	switch (ctxt->pam_done) {
 	case 1:
 		sshpam_authenticated = 1;
-		return (0);
+		return KbdintResultSuccess;
 	case 0:
 		break;
 	default:
-		return (-1);
+		return KbdintResultFailure;
 	}
 	if (num != 1) {
 		error("PAM: expected one response, got %u", num);
-		return (-1);
+		return KbdintResultFailure;
 	}
 	if ((buffer = sshbuf_new()) == NULL)
 		fatal("%s: sshbuf_new failed", __func__);
@ -1015,10 +1015,10 @@ sshpam_respond(void *ctx, u_int num, char **resp)
 	}
 	if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) {
 		sshbuf_free(buffer);
-		return (-1);
+		return KbdintResultFailure;
 	}
 	sshbuf_free(buffer);
-	return (1);
+	return KbdintResultAgain;
 }

 static void
--- a/auth.h
+++ b/auth.h
@ -51,6 +51,7 @@ struct sshauthopt;
 typedef struct Authctxt Authctxt;
 typedef struct Authmethod Authmethod;
 typedef struct KbdintDevice KbdintDevice;
+typedef int KbdintResult;

 struct Authctxt {
 	sig_atomic_t	 success;
@ -112,6 +113,10 @@ struct Authmethod {
 	int	*enabled;
 };

+#define KbdintResultFailure -1
+#define KbdintResultSuccess 0
+#define KbdintResultAgain 1
+
 /*
 * Keyboard interactive device:
 * init_ctx	returns: non NULL upon success
--- a/auth2-chall.c
+++ b/auth2-chall.c
@ -331,11 +331,11 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)
 	free(response);

 	switch (res) {
-	case 0:
+	case KbdintResultSuccess:
 		/* Success! */
 		authenticated = authctxt->valid ? 1 : 0;
 		break;
-	case 1:
+	case KbdintResultAgain:
 		/* Authentication needs further interaction */
 		if (send_userauth_info_request(ssh) == 1)
 			authctxt->postponed = 1;