Cross Reference: /freebsd-10.2-release/crypto/openssh/monitor

Deleted Added

sdiff udiff text old ( 128460 ) new ( 137019 )

full compact

1/*
2 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
3 * Copyright 2002 Markus Friedl <markus@openbsd.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:

--- 11 unchanged lines hidden (view full) ---

20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27#include "includes.h"
28RCSID("$OpenBSD: monitor_wrap.c,v 1.39 2004/07/17 05:31:41 dtucker Exp $");
29RCSID("$FreeBSD: head/crypto/openssh/monitor_wrap.c 137019 2004-10-28 16:11:31Z des $");
30
31#include <openssl/bn.h>
32#include <openssl/dh.h>
33
34#include "ssh.h"
35#include "dh.h"
36#include "kex.h"
37#include "auth.h"

--- 28 unchanged lines hidden (view full) ---

66
67/* Imports */
68extern int compat20;
69extern Newkeys *newkeys[];
70extern z_stream incoming_stream;
71extern z_stream outgoing_stream;
72extern struct monitor *pmonitor;
73extern Buffer input, output;
74extern Buffer loginmsg;
75extern ServerOptions options;
76
77int
78mm_is_monitor(void)
79{
80 /*
81 * m_pid is only set in the privileged part, and
82 * points to the unprivileged child.
83 */
84 return (pmonitor && pmonitor->m_pid > 0);
85}
86
87void
88mm_request_send(int sock, enum monitor_reqtype type, Buffer *m)
89{
90 u_int mlen = buffer_len(m);
91 u_char buf[5];
92
93 debug3("%s entering: type %d", __func__, type);
94
95 PUT_32BIT(buf, mlen + 1);
96 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
97 if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf))
98 fatal("%s: write", __func__);
99 if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen)
100 fatal("%s: write", __func__);
101}
102
103void
104mm_request_receive(int sock, Buffer *m)
105{
106 u_char buf[4];
107 u_int msg_len;
108 ssize_t res;
109
110 debug3("%s entering", __func__);
111
112 res = atomicio(read, sock, buf, sizeof(buf));
113 if (res != sizeof(buf)) {
114 if (res == 0)
115 cleanup_exit(255);
116 fatal("%s: read: %ld", __func__, (long)res);
117 }
118 msg_len = GET_32BIT(buf);
119 if (msg_len > 256 * 1024)
120 fatal("%s: read: bad msg_len %d", __func__, msg_len);
121 buffer_clear(m);
122 buffer_append_space(m, msg_len);
123 res = atomicio(read, sock, buffer_ptr(m), msg_len);
124 if (res != msg_len)
125 fatal("%s: read: %ld != msg_len", __func__, (long)res);
126}
127
128void
129mm_request_receive_expect(int sock, enum monitor_reqtype type, Buffer *m)
130{
131 u_char rtype;
132
133 debug3("%s entering: type %d", __func__, type);
134
135 mm_request_receive(sock, m);
136 rtype = buffer_get_char(m);
137 if (rtype != type)
138 fatal("%s: read: rtype %d != type %d", __func__,
139 rtype, type);
140}
141
142DH *
143mm_choose_dh(int min, int nbits, int max)

--- 47 unchanged lines hidden (view full) ---

191 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m);
192 *sigp = buffer_get_string(&m, lenp);
193 buffer_free(&m);
194
195 return (0);
196}
197
198struct passwd *
199mm_getpwnamallow(const char *username)
200{
201 Buffer m;
202 struct passwd *pw;
203 u_int pwlen;
204
205 debug3("%s entering", __func__);
206
207 buffer_init(&m);
208 buffer_put_cstring(&m, username);
209
210 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m);
211
212 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__);
213 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m);
214
215 if (buffer_get_char(&m) == 0) {
216 buffer_free(&m);

--- 324 unchanged lines hidden (view full) ---

541 buffer_put_string(m, buffer_ptr(&kex->my), buffer_len(&kex->my));
542 buffer_put_string(m, buffer_ptr(&kex->peer), buffer_len(&kex->peer));
543 buffer_put_int(m, kex->flags);
544 buffer_put_cstring(m, kex->client_version_string);
545 buffer_put_cstring(m, kex->server_version_string);
546}
547
548void
549mm_send_keystate(struct monitor *monitor)
550{
551 Buffer m;
552 u_char *blob, *p;
553 u_int bloblen, plen;
554 u_int32_t seqnr, packets;
555 u_int64_t blocks;
556
557 buffer_init(&m);

--- 19 unchanged lines hidden (view full) ---

577 packet_get_keyiv(MODE_OUT, iv, ivlen);
578 buffer_put_string(&m, iv, ivlen);
579 ivlen = packet_get_keyiv_len(MODE_OUT);
580 packet_get_keyiv(MODE_IN, iv, ivlen);
581 buffer_put_string(&m, iv, ivlen);
582 goto skip;
583 } else {
584 /* Kex for rekeying */
585 mm_send_kex(&m, *monitor->m_pkex);
586 }
587
588 debug3("%s: Sending new keys: %p %p",
589 __func__, newkeys[MODE_OUT], newkeys[MODE_IN]);
590
591 /* Keys from Kex */
592 if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
593 fatal("%s: conversion of newkeys failed", __func__);

--- 35 unchanged lines hidden (view full) ---

629 debug3("%s: Sending compression state", __func__);
630 buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
631 buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
632
633 /* Network I/O buffers */
634 buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input));
635 buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output));
636
637 mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m);
638 debug3("%s: Finished sending state", __func__);
639
640 buffer_free(&m);
641}
642
643int
644mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
645{
646 Buffer m;
647 char *p, *msg;
648 int success = 0;
649
650 buffer_init(&m);
651 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m);
652
653 debug3("%s: waiting for MONITOR_ANS_PTY", __func__);
654 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m);
655
656 success = buffer_get_int(&m);
657 if (success == 0) {
658 debug3("%s: pty alloc failed", __func__);
659 buffer_free(&m);
660 return (0);
661 }
662 p = buffer_get_string(&m, NULL);
663 msg = buffer_get_string(&m, NULL);
664 buffer_free(&m);
665
666 strlcpy(namebuf, p, namebuflen); /* Possible truncation */
667 xfree(p);
668
669 buffer_append(&loginmsg, msg, strlen(msg));
670 xfree(msg);
671
672 *ptyfd = mm_receive_fd(pmonitor->m_recvfd);
673 *ttyfd = mm_receive_fd(pmonitor->m_recvfd);
674
675 /* Success */
676 return (1);
677}
678
679void

--- 299 unchanged lines hidden (view full) ---

979 mm_request_receive_expect(pmonitor->m_recvfd,
980 MONITOR_ANS_SKEYRESPOND, &m);
981
982 authok = buffer_get_int(&m);
983 buffer_free(&m);
984
985 return ((authok == 0) ? -1 : 0);
986}
987#endif /* SKEY */
988
989void
990mm_ssh1_session_id(u_char session_id[16])
991{
992 Buffer m;
993 int i;
994
995 debug3("%s entering", __func__);

--- 100 unchanged lines hidden (view full) ---

1096 success = buffer_get_int(&m);
1097 buffer_free(&m);
1098
1099 return (success);
1100}
1101
1102#ifdef GSSAPI
1103OM_uint32
1104mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid)
1105{
1106 Buffer m;
1107 OM_uint32 major;
1108
1109 /* Client doesn't get to see the context */
1110 *ctx = NULL;
1111
1112 buffer_init(&m);
1113 buffer_put_string(&m, goid->elements, goid->length);
1114
1115 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m);
1116 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m);
1117
1118 major = buffer_get_int(&m);
1119
1120 buffer_free(&m);
1121 return (major);

--- 65 unchanged lines hidden ---