| monitor.c (162360) | monitor.c (162856) |
|---|---|
| 1/* $OpenBSD: monitor.c,v 1.88 2006/08/12 20:46:46 miod Exp $ */ |
|
| 1/* 2 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 11 unchanged lines hidden (view full) --- 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27#include "includes.h" | 2/* 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: --- 11 unchanged lines hidden (view full) --- 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28#include "includes.h" |
| 28RCSID("$OpenBSD: monitor.c,v 1.64 2005/10/13 22:24:31 stevesk Exp $"); 29RCSID("$FreeBSD: head/crypto/openssh/monitor.c 162360 2006-09-16 15:12:58Z des $"); | 29__RCSID("$FreeBSD: head/crypto/openssh/monitor.c 162856 2006-09-30 13:38:06Z des $"); |
| 30 | 30 |
| 31#include <openssl/dh.h> | 31#include <sys/types.h> 32#include <sys/param.h> 33#include <sys/socket.h> 34#include "openbsd-compat/sys-tree.h" 35#include <sys/wait.h> |
| 32 | 36 |
| 37#include <errno.h> 38#include <fcntl.h> 39#ifdef HAVE_PATHS_H 40#include <paths.h> 41#endif 42#include <pwd.h> 43#include <signal.h> 44#include <stdarg.h> 45#include <stdlib.h> 46#include <string.h> 47#include <unistd.h> 48 |
|
| 33#ifdef SKEY 34#ifdef OPIE 35#include <opie.h> 36#define skey opie 37#define skeychallenge(k, u, c) opiechallenge((k), (u), (c)) 38#define skey_haskey(u) opie_haskey((u)) 39#define skey_passcheck(u, r) opie_passverify((u), (r)) 40#else 41#include <skey.h> 42#endif 43#endif 44 | 49#ifdef SKEY 50#ifdef OPIE 51#include <opie.h> 52#define skey opie 53#define skeychallenge(k, u, c) opiechallenge((k), (u), (c)) 54#define skey_haskey(u) opie_haskey((u)) 55#define skey_passcheck(u, r) opie_passverify((u), (r)) 56#else 57#include <skey.h> 58#endif 59#endif 60 |
| 61#include <openssl/dh.h> 62 63#include "xmalloc.h" |
|
| 45#include "ssh.h" | 64#include "ssh.h" |
| 65#include "key.h" 66#include "buffer.h" 67#include "hostfile.h" |
|
| 46#include "auth.h" | 68#include "auth.h" |
| 69#include "cipher.h" |
|
| 47#include "kex.h" 48#include "dh.h" 49#ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ 50#undef TARGET_OS_MAC 51#include "zlib.h" 52#define TARGET_OS_MAC 1 53#else 54#include "zlib.h" --- 4 unchanged lines hidden (view full) --- 59#include "channels.h" 60#include "session.h" 61#include "sshlogin.h" 62#include "canohost.h" 63#include "log.h" 64#include "servconf.h" 65#include "monitor.h" 66#include "monitor_mm.h" | 70#include "kex.h" 71#include "dh.h" 72#ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ 73#undef TARGET_OS_MAC 74#include "zlib.h" 75#define TARGET_OS_MAC 1 76#else 77#include "zlib.h" --- 4 unchanged lines hidden (view full) --- 82#include "channels.h" 83#include "session.h" 84#include "sshlogin.h" 85#include "canohost.h" 86#include "log.h" 87#include "servconf.h" 88#include "monitor.h" 89#include "monitor_mm.h" |
| 90#ifdef GSSAPI 91#include "ssh-gss.h" 92#endif |
|
| 67#include "monitor_wrap.h" 68#include "monitor_fdpass.h" | 93#include "monitor_wrap.h" 94#include "monitor_fdpass.h" |
| 69#include "xmalloc.h" | |
| 70#include "misc.h" | 95#include "misc.h" |
| 71#include "buffer.h" 72#include "bufaux.h" | |
| 73#include "compat.h" 74#include "ssh2.h" 75 76#ifdef GSSAPI | 96#include "compat.h" 97#include "ssh2.h" 98 99#ifdef GSSAPI |
| 77#include "ssh-gss.h" | |
| 78static Gssctxt *gsscontext = NULL; 79#endif 80 81/* Imports */ 82extern ServerOptions options; 83extern u_int utmp_len; 84extern Newkeys *current_keys[]; 85extern z_stream incoming_stream; --- 89 unchanged lines hidden (view full) --- 175 enum monitor_reqtype type; 176 int flags; 177 int (*f)(int, Buffer *); 178}; 179 180#define MON_ISAUTH 0x0004 /* Required for Authentication */ 181#define MON_AUTHDECIDE 0x0008 /* Decides Authentication */ 182#define MON_ONCE 0x0010 /* Disable after calling */ | 100static Gssctxt *gsscontext = NULL; 101#endif 102 103/* Imports */ 104extern ServerOptions options; 105extern u_int utmp_len; 106extern Newkeys *current_keys[]; 107extern z_stream incoming_stream; --- 89 unchanged lines hidden (view full) --- 197 enum monitor_reqtype type; 198 int flags; 199 int (*f)(int, Buffer *); 200}; 201 202#define MON_ISAUTH 0x0004 /* Required for Authentication */ 203#define MON_AUTHDECIDE 0x0008 /* Decides Authentication */ 204#define MON_ONCE 0x0010 /* Disable after calling */ |
| 205#define MON_ALOG 0x0020 /* Log auth attempt without authenticating */ |
|
| 183 184#define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE) 185 186#define MON_PERMIT 0x1000 /* Request is permitted */ 187 188struct mon_table mon_dispatch_proto20[] = { 189 {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, 190 {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, --- 9 unchanged lines hidden (view full) --- 200 {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, 201 {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, 202#endif 203#ifdef SSH_AUDIT_EVENTS 204 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, 205#endif 206#ifdef BSD_AUTH 207 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, | 206 207#define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE) 208 209#define MON_PERMIT 0x1000 /* Request is permitted */ 210 211struct mon_table mon_dispatch_proto20[] = { 212 {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, 213 {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, --- 9 unchanged lines hidden (view full) --- 223 {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, 224 {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, 225#endif 226#ifdef SSH_AUDIT_EVENTS 227 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, 228#endif 229#ifdef BSD_AUTH 230 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, |
| 208 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, | 231 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, |
| 209#endif 210#ifdef SKEY 211 {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 212 {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 213#endif 214 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, 215 {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, 216#ifdef GSSAPI --- 18 unchanged lines hidden (view full) --- 235 {0, 0, NULL} 236}; 237 238struct mon_table mon_dispatch_proto15[] = { 239 {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, 240 {MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey}, 241 {MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid}, 242 {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, | 232#endif 233#ifdef SKEY 234 {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 235 {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 236#endif 237 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, 238 {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, 239#ifdef GSSAPI --- 18 unchanged lines hidden (view full) --- 258 {0, 0, NULL} 259}; 260 261struct mon_table mon_dispatch_proto15[] = { 262 {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, 263 {MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey}, 264 {MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid}, 265 {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, |
| 243 {MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH, mm_answer_rsa_keyallowed}, 244 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, | 266 {MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_rsa_keyallowed}, 267 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_keyallowed}, |
| 245 {MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge}, 246 {MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response}, 247#ifdef BSD_AUTH 248 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, | 268 {MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge}, 269 {MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response}, 270#ifdef BSD_AUTH 271 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, |
| 249 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, | 272 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, |
| 250#endif 251#ifdef SKEY 252 {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 253 {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 254#endif 255#ifdef USE_PAM 256 {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, 257 {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, --- 72 unchanged lines hidden (view full) --- 330 } else { 331 mon_dispatch = mon_dispatch_proto15; 332 333 monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); 334 } 335 336 /* The first few requests do not require asynchronous access */ 337 while (!authenticated) { | 273#endif 274#ifdef SKEY 275 {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 276 {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 277#endif 278#ifdef USE_PAM 279 {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, 280 {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, --- 72 unchanged lines hidden (view full) --- 353 } else { 354 mon_dispatch = mon_dispatch_proto15; 355 356 monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); 357 } 358 359 /* The first few requests do not require asynchronous access */ 360 while (!authenticated) { |
| 361 auth_method = "unknown"; |
|
| 338 authenticated = monitor_read(pmonitor, mon_dispatch, &ent); 339 if (authenticated) { 340 if (!(ent->flags & MON_AUTHDECIDE)) 341 fatal("%s: unexpected authentication from %d", 342 __func__, ent->type); 343 if (authctxt->pw->pw_uid == 0 && 344 !auth_root_allowed(auth_method)) 345 authenticated = 0; --- 6 unchanged lines hidden (view full) --- 352 mm_request_receive_expect(pmonitor->m_sendfd, 353 MONITOR_REQ_PAM_ACCOUNT, &m); 354 authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); 355 buffer_free(&m); 356 } 357#endif 358 } 359 | 362 authenticated = monitor_read(pmonitor, mon_dispatch, &ent); 363 if (authenticated) { 364 if (!(ent->flags & MON_AUTHDECIDE)) 365 fatal("%s: unexpected authentication from %d", 366 __func__, ent->type); 367 if (authctxt->pw->pw_uid == 0 && 368 !auth_root_allowed(auth_method)) 369 authenticated = 0; --- 6 unchanged lines hidden (view full) --- 376 mm_request_receive_expect(pmonitor->m_sendfd, 377 MONITOR_REQ_PAM_ACCOUNT, &m); 378 authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); 379 buffer_free(&m); 380 } 381#endif 382 } 383 |
| 360 if (ent->flags & MON_AUTHDECIDE) { | 384 if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { |
| 361 auth_log(authctxt, authenticated, auth_method, 362 compat20 ? " ssh2" : ""); 363 if (!authenticated) 364 authctxt->failures++; 365 } 366 } 367 368 if (!authctxt->valid) 369 fatal("%s: authenticated invalid user", __func__); | 385 auth_log(authctxt, authenticated, auth_method, 386 compat20 ? " ssh2" : ""); 387 if (!authenticated) 388 authctxt->failures++; 389 } 390 } 391 392 if (!authctxt->valid) 393 fatal("%s: authenticated invalid user", __func__); |
| 394 if (strcmp(auth_method, "unknown") == 0) 395 fatal("%s: authentication method name unknown", __func__); |
|
| 370 371 debug("%s: %s has been authenticated by privileged process", 372 __func__, authctxt->user); 373 374 mm_get_keystate(pmonitor); 375} 376 377static void --- 163 unchanged lines hidden (view full) --- 541 u_int siglen, datlen; 542 int keyid; 543 544 debug3("%s", __func__); 545 546 keyid = buffer_get_int(m); 547 p = buffer_get_string(m, &datlen); 548 | 396 397 debug("%s: %s has been authenticated by privileged process", 398 __func__, authctxt->user); 399 400 mm_get_keystate(pmonitor); 401} 402 403static void --- 163 unchanged lines hidden (view full) --- 567 u_int siglen, datlen; 568 int keyid; 569 570 debug3("%s", __func__); 571 572 keyid = buffer_get_int(m); 573 p = buffer_get_string(m, &datlen); 574 |
| 549 if (datlen != 20) | 575 /* 576 * Supported KEX types will only return SHA1 (20 byte) or 577 * SHA256 (32 byte) hashes 578 */ 579 if (datlen != 20 && datlen != 32) |
| 550 fatal("%s: data length incorrect: %u", __func__, datlen); 551 552 /* save session id, it will be passed on the first call */ 553 if (session_id2_len == 0) { 554 session_id2_len = datlen; 555 session_id2 = xmalloc(session_id2_len); 556 memcpy(session_id2, p, session_id2_len); 557 } --- 336 unchanged lines hidden (view full) --- 894 buffer_put_cstring(m, prompts[i]); 895 xfree(prompts[i]); 896 buffer_put_int(m, echo_on[i]); 897 } 898 if (prompts != NULL) 899 xfree(prompts); 900 if (echo_on != NULL) 901 xfree(echo_on); | 580 fatal("%s: data length incorrect: %u", __func__, datlen); 581 582 /* save session id, it will be passed on the first call */ 583 if (session_id2_len == 0) { 584 session_id2_len = datlen; 585 session_id2 = xmalloc(session_id2_len); 586 memcpy(session_id2, p, session_id2_len); 587 } --- 336 unchanged lines hidden (view full) --- 924 buffer_put_cstring(m, prompts[i]); 925 xfree(prompts[i]); 926 buffer_put_int(m, echo_on[i]); 927 } 928 if (prompts != NULL) 929 xfree(prompts); 930 if (echo_on != NULL) 931 xfree(echo_on); |
| 932 auth_method = "keyboard-interactive/pam"; |
|
| 902 mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m); 903 return (0); 904} 905 906int 907mm_answer_pam_respond(int sock, Buffer *m) 908{ 909 char **resp; 910 u_int i, num; 911 int ret; 912 913 debug3("%s", __func__); 914 sshpam_authok = NULL; 915 num = buffer_get_int(m); 916 if (num > 0) { | 933 mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m); 934 return (0); 935} 936 937int 938mm_answer_pam_respond(int sock, Buffer *m) 939{ 940 char **resp; 941 u_int i, num; 942 int ret; 943 944 debug3("%s", __func__); 945 sshpam_authok = NULL; 946 num = buffer_get_int(m); 947 if (num > 0) { |
| 917 resp = xmalloc(num * sizeof(char *)); | 948 resp = xcalloc(num, sizeof(char *)); |
| 918 for (i = 0; i < num; ++i) 919 resp[i] = buffer_get_string(m, NULL); 920 ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); 921 for (i = 0; i < num; ++i) 922 xfree(resp[i]); 923 xfree(resp); 924 } else { 925 ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); --- 10 unchanged lines hidden (view full) --- 936int 937mm_answer_pam_free_ctx(int sock, Buffer *m) 938{ 939 940 debug3("%s", __func__); 941 (sshpam_device.free_ctx)(sshpam_ctxt); 942 buffer_clear(m); 943 mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); | 949 for (i = 0; i < num; ++i) 950 resp[i] = buffer_get_string(m, NULL); 951 ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); 952 for (i = 0; i < num; ++i) 953 xfree(resp[i]); 954 xfree(resp); 955 } else { 956 ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); --- 10 unchanged lines hidden (view full) --- 967int 968mm_answer_pam_free_ctx(int sock, Buffer *m) 969{ 970 971 debug3("%s", __func__); 972 (sshpam_device.free_ctx)(sshpam_ctxt); 973 buffer_clear(m); 974 mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); |
| 975 auth_method = "keyboard-interactive/pam"; |
|
| 944 return (sshpam_authok == sshpam_ctxt); 945} 946#endif 947 948static void 949mm_append_debug(Buffer *m) 950{ 951 if (auth_debug_init && buffer_len(&auth_debug)) { --- 29 unchanged lines hidden (view full) --- 981 982 debug3("%s: key_from_blob: %p", __func__, key); 983 984 if (key != NULL && authctxt->valid) { 985 switch (type) { 986 case MM_USERKEY: 987 allowed = options.pubkey_authentication && 988 user_key_allowed(authctxt->pw, key); | 976 return (sshpam_authok == sshpam_ctxt); 977} 978#endif 979 980static void 981mm_append_debug(Buffer *m) 982{ 983 if (auth_debug_init && buffer_len(&auth_debug)) { --- 29 unchanged lines hidden (view full) --- 1013 1014 debug3("%s: key_from_blob: %p", __func__, key); 1015 1016 if (key != NULL && authctxt->valid) { 1017 switch (type) { 1018 case MM_USERKEY: 1019 allowed = options.pubkey_authentication && 1020 user_key_allowed(authctxt->pw, key); |
| 1021 auth_method = "publickey"; |
|
| 989 break; 990 case MM_HOSTKEY: 991 allowed = options.hostbased_authentication && 992 hostbased_key_allowed(authctxt->pw, 993 cuser, chost, key); | 1022 break; 1023 case MM_HOSTKEY: 1024 allowed = options.hostbased_authentication && 1025 hostbased_key_allowed(authctxt->pw, 1026 cuser, chost, key); |
| 1027 auth_method = "hostbased"; |
|
| 994 break; 995 case MM_RSAHOSTKEY: 996 key->type = KEY_RSA1; /* XXX */ 997 allowed = options.rhosts_rsa_authentication && 998 auth_rhosts_rsa_key_allowed(authctxt->pw, 999 cuser, chost, key); | 1028 break; 1029 case MM_RSAHOSTKEY: 1030 key->type = KEY_RSA1; /* XXX */ 1031 allowed = options.rhosts_rsa_authentication && 1032 auth_rhosts_rsa_key_allowed(authctxt->pw, 1033 cuser, chost, key); |
| 1034 auth_method = "rsa"; |
|
| 1000 break; 1001 default: 1002 fatal("%s: unknown key type %d", __func__, type); 1003 break; 1004 } 1005 } 1006 if (key != NULL) 1007 key_free(key); 1008 1009 /* clear temporarily storage (used by verify) */ 1010 monitor_reset_key_state(); 1011 1012 if (allowed) { 1013 /* Save temporarily for comparison in verify */ 1014 key_blob = blob; 1015 key_bloblen = bloblen; 1016 key_blobtype = type; 1017 hostbased_cuser = cuser; 1018 hostbased_chost = chost; | 1035 break; 1036 default: 1037 fatal("%s: unknown key type %d", __func__, type); 1038 break; 1039 } 1040 } 1041 if (key != NULL) 1042 key_free(key); 1043 1044 /* clear temporarily storage (used by verify) */ 1045 monitor_reset_key_state(); 1046 1047 if (allowed) { 1048 /* Save temporarily for comparison in verify */ 1049 key_blob = blob; 1050 key_bloblen = bloblen; 1051 key_blobtype = type; 1052 hostbased_cuser = cuser; 1053 hostbased_chost = chost; |
| 1054 } else { 1055 /* Log failed attempt */ 1056 auth_log(authctxt, 0, auth_method, compat20 ? " ssh2" : ""); 1057 xfree(blob); 1058 xfree(cuser); 1059 xfree(chost); |
|
| 1019 } 1020 1021 debug3("%s: key %p is %s", 1022 __func__, key, allowed ? "allowed" : "disallowed"); 1023 1024 buffer_clear(m); 1025 buffer_put_int(m, allowed); 1026 buffer_put_int(m, forced_command != NULL); --- 185 unchanged lines hidden (view full) --- 1212 /* 1213 * Get IP address of client. If the connection is not a socket, let 1214 * the address be 0.0.0.0. 1215 */ 1216 memset(&from, 0, sizeof(from)); 1217 fromlen = sizeof(from); 1218 if (packet_connection_is_on_socket()) { 1219 if (getpeername(packet_get_connection_in(), | 1060 } 1061 1062 debug3("%s: key %p is %s", 1063 __func__, key, allowed ? "allowed" : "disallowed"); 1064 1065 buffer_clear(m); 1066 buffer_put_int(m, allowed); 1067 buffer_put_int(m, forced_command != NULL); --- 185 unchanged lines hidden (view full) --- 1253 /* 1254 * Get IP address of client. If the connection is not a socket, let 1255 * the address be 0.0.0.0. 1256 */ 1257 memset(&from, 0, sizeof(from)); 1258 fromlen = sizeof(from); 1259 if (packet_connection_is_on_socket()) { 1260 if (getpeername(packet_get_connection_in(), |
| 1220 (struct sockaddr *) & from, &fromlen) < 0) { | 1261 (struct sockaddr *)&from, &fromlen) < 0) { |
| 1221 debug("getpeername: %.100s", strerror(errno)); 1222 cleanup_exit(255); 1223 } 1224 } 1225 /* Record that there was a login on that tty from the remote host. */ 1226 record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, 1227 get_remote_name_or_ip(utmp_len, options.use_dns), 1228 (struct sockaddr *)&from, fromlen); 1229} 1230 1231static void 1232mm_session_close(Session *s) 1233{ 1234 debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid); 1235 if (s->ttyfd != -1) { | 1262 debug("getpeername: %.100s", strerror(errno)); 1263 cleanup_exit(255); 1264 } 1265 } 1266 /* Record that there was a login on that tty from the remote host. */ 1267 record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, 1268 get_remote_name_or_ip(utmp_len, options.use_dns), 1269 (struct sockaddr *)&from, fromlen); 1270} 1271 1272static void 1273mm_session_close(Session *s) 1274{ 1275 debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid); 1276 if (s->ttyfd != -1) { |
| 1236 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); | 1277 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); |
| 1237 session_pty_cleanup2(s); 1238 } 1239 s->used = 0; 1240} 1241 1242int 1243mm_answer_pty(int sock, Buffer *m) 1244{ --- 43 unchanged lines hidden (view full) --- 1288 error("%s: fd0 %d != 0", __func__, fd0); 1289 1290 /* slave is not needed */ 1291 close(s->ttyfd); 1292 s->ttyfd = s->ptyfd; 1293 /* no need to dup() because nobody closes ptyfd */ 1294 s->ptymaster = s->ptyfd; 1295 | 1278 session_pty_cleanup2(s); 1279 } 1280 s->used = 0; 1281} 1282 1283int 1284mm_answer_pty(int sock, Buffer *m) 1285{ --- 43 unchanged lines hidden (view full) --- 1329 error("%s: fd0 %d != 0", __func__, fd0); 1330 1331 /* slave is not needed */ 1332 close(s->ttyfd); 1333 s->ttyfd = s->ptyfd; 1334 /* no need to dup() because nobody closes ptyfd */ 1335 s->ptymaster = s->ptyfd; 1336 |
| 1296 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd); | 1337 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd); |
| 1297 1298 return (0); 1299 1300 error: 1301 if (s != NULL) 1302 mm_session_close(s); 1303 buffer_put_int(m, 0); 1304 mm_request_send(sock, MONITOR_ANS_PTY, m); --- 70 unchanged lines hidden (view full) --- 1375 BIGNUM *client_n; 1376 Key *key = NULL; 1377 u_char *blob = NULL; 1378 u_int blen = 0; 1379 int allowed = 0; 1380 1381 debug3("%s entering", __func__); 1382 | 1338 1339 return (0); 1340 1341 error: 1342 if (s != NULL) 1343 mm_session_close(s); 1344 buffer_put_int(m, 0); 1345 mm_request_send(sock, MONITOR_ANS_PTY, m); --- 70 unchanged lines hidden (view full) --- 1416 BIGNUM *client_n; 1417 Key *key = NULL; 1418 u_char *blob = NULL; 1419 u_int blen = 0; 1420 int allowed = 0; 1421 1422 debug3("%s entering", __func__); 1423 |
| 1424 auth_method = "rsa"; |
|
| 1383 if (options.rsa_authentication && authctxt->valid) { 1384 if ((client_n = BN_new()) == NULL) 1385 fatal("%s: BN_new", __func__); 1386 buffer_get_bignum2(m, client_n); 1387 allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key); 1388 BN_clear_free(client_n); 1389 } 1390 buffer_clear(m); --- 220 unchanged lines hidden (view full) --- 1611 1612static Kex * 1613mm_get_kex(Buffer *m) 1614{ 1615 Kex *kex; 1616 void *blob; 1617 u_int bloblen; 1618 | 1425 if (options.rsa_authentication && authctxt->valid) { 1426 if ((client_n = BN_new()) == NULL) 1427 fatal("%s: BN_new", __func__); 1428 buffer_get_bignum2(m, client_n); 1429 allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key); 1430 BN_clear_free(client_n); 1431 } 1432 buffer_clear(m); --- 220 unchanged lines hidden (view full) --- 1653 1654static Kex * 1655mm_get_kex(Buffer *m) 1656{ 1657 Kex *kex; 1658 void *blob; 1659 u_int bloblen; 1660 |
| 1619 kex = xmalloc(sizeof(*kex)); 1620 memset(kex, 0, sizeof(*kex)); | 1661 kex = xcalloc(1, sizeof(*kex)); |
| 1621 kex->session_id = buffer_get_string(m, &kex->session_id_len); 1622 if ((session_id2 == NULL) || 1623 (kex->session_id_len != session_id2_len) || 1624 (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) 1625 fatal("mm_get_get: internal error: bad session id"); 1626 kex->we_need = buffer_get_int(m); 1627 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1628 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; 1629 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 1662 kex->session_id = buffer_get_string(m, &kex->session_id_len); 1663 if ((session_id2 == NULL) || 1664 (kex->session_id_len != session_id2_len) || 1665 (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) 1666 fatal("mm_get_get: internal error: bad session id"); 1667 kex->we_need = buffer_get_int(m); 1668 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1669 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; 1670 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
| 1671 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
|
| 1630 kex->server = 1; 1631 kex->hostkey_type = buffer_get_int(m); 1632 kex->kex_type = buffer_get_int(m); 1633 blob = buffer_get_string(m, &bloblen); 1634 buffer_init(&kex->my); 1635 buffer_append(&kex->my, blob, bloblen); 1636 xfree(blob); 1637 blob = buffer_get_string(m, &bloblen); --- 143 unchanged lines hidden (view full) --- 1781#define MM_MEMSIZE 65536 1782 1783struct monitor * 1784monitor_init(void) 1785{ 1786 struct monitor *mon; 1787 int pair[2]; 1788 | 1672 kex->server = 1; 1673 kex->hostkey_type = buffer_get_int(m); 1674 kex->kex_type = buffer_get_int(m); 1675 blob = buffer_get_string(m, &bloblen); 1676 buffer_init(&kex->my); 1677 buffer_append(&kex->my, blob, bloblen); 1678 xfree(blob); 1679 blob = buffer_get_string(m, &bloblen); --- 143 unchanged lines hidden (view full) --- 1823#define MM_MEMSIZE 65536 1824 1825struct monitor * 1826monitor_init(void) 1827{ 1828 struct monitor *mon; 1829 int pair[2]; 1830 |
| 1789 mon = xmalloc(sizeof(*mon)); | 1831 mon = xcalloc(1, sizeof(*mon)); |
| 1790 | 1832 |
| 1791 mon->m_pid = 0; | |
| 1792 monitor_socketpair(pair); 1793 1794 mon->m_recvfd = pair[0]; 1795 mon->m_sendfd = pair[1]; 1796 1797 /* Used to share zlib space across processes */ 1798 if (options.compression) { 1799 mon->m_zback = mm_create(NULL, MM_MEMSIZE); --- 123 unchanged lines hidden --- | 1833 monitor_socketpair(pair); 1834 1835 mon->m_recvfd = pair[0]; 1836 mon->m_sendfd = pair[1]; 1837 1838 /* Used to share zlib space across processes */ 1839 if (options.compression) { 1840 mon->m_zback = mm_create(NULL, MM_MEMSIZE); --- 123 unchanged lines hidden --- |