1/*
2 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
3 * Copyright 2002 Markus Friedl <markus@openbsd.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
--- 11 unchanged lines hidden (view full) ---
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27#include "includes.h"
28RCSID("$OpenBSD: monitor_wrap.c,v 1.35 2003/11/17 11:06:07 markus Exp $");
29RCSID("$FreeBSD: head/crypto/openssh/monitor_wrap.c 128460 2004-04-20 09:46:41Z des $");
30
31#include <openssl/bn.h>
32#include <openssl/dh.h>
33
34#include "ssh.h"
35#include "dh.h"
36#include "kex.h"
37#include "auth.h"
--- 28 unchanged lines hidden (view full) ---
66
67/* Imports */
68extern int compat20;
69extern Newkeys *newkeys[];
70extern z_stream incoming_stream;
71extern z_stream outgoing_stream;
72extern struct monitor *pmonitor;
73extern Buffer input, output;
74extern ServerOptions options;
75
76int
77mm_is_monitor(void)
78{
79 /*
80 * m_pid is only set in the privileged part, and
81 * points to the unprivileged child.
82 */
83 return (pmonitor && pmonitor->m_pid > 0);
84}
85
86void
87mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
88{
89 u_int mlen = buffer_len(m);
90 u_char buf[5];
91
92 debug3("%s entering: type %d", __func__, type);
93
94 PUT_32BIT(buf, mlen + 1);
95 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
96 if (atomicio(vwrite, socket, buf, sizeof(buf)) != sizeof(buf))
97 fatal("%s: write", __func__);
98 if (atomicio(vwrite, socket, buffer_ptr(m), mlen) != mlen)
99 fatal("%s: write", __func__);
100}
101
102void
103mm_request_receive(int socket, Buffer *m)
104{
105 u_char buf[4];
106 u_int msg_len;
107 ssize_t res;
108
109 debug3("%s entering", __func__);
110
111 res = atomicio(read, socket, buf, sizeof(buf));
112 if (res != sizeof(buf)) {
113 if (res == 0)
114 cleanup_exit(255);
115 fatal("%s: read: %ld", __func__, (long)res);
116 }
117 msg_len = GET_32BIT(buf);
118 if (msg_len > 256 * 1024)
119 fatal("%s: read: bad msg_len %d", __func__, msg_len);
120 buffer_clear(m);
121 buffer_append_space(m, msg_len);
122 res = atomicio(read, socket, buffer_ptr(m), msg_len);
123 if (res != msg_len)
124 fatal("%s: read: %ld != msg_len", __func__, (long)res);
125}
126
127void
128mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m)
129{
130 u_char rtype;
131
132 debug3("%s entering: type %d", __func__, type);
133
134 mm_request_receive(socket, m);
135 rtype = buffer_get_char(m);
136 if (rtype != type)
137 fatal("%s: read: rtype %d != type %d", __func__,
138 rtype, type);
139}
140
141DH *
142mm_choose_dh(int min, int nbits, int max)
--- 47 unchanged lines hidden (view full) ---
190 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m);
191 *sigp = buffer_get_string(&m, lenp);
192 buffer_free(&m);
193
194 return (0);
195}
196
197struct passwd *
198mm_getpwnamallow(const char *login)
199{
200 Buffer m;
201 struct passwd *pw;
202 u_int pwlen;
203
204 debug3("%s entering", __func__);
205
206 buffer_init(&m);
207 buffer_put_cstring(&m, login);
208
209 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m);
210
211 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__);
212 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m);
213
214 if (buffer_get_char(&m) == 0) {
215 buffer_free(&m);
--- 324 unchanged lines hidden (view full) ---
540 buffer_put_string(m, buffer_ptr(&kex->my), buffer_len(&kex->my));
541 buffer_put_string(m, buffer_ptr(&kex->peer), buffer_len(&kex->peer));
542 buffer_put_int(m, kex->flags);
543 buffer_put_cstring(m, kex->client_version_string);
544 buffer_put_cstring(m, kex->server_version_string);
545}
546
547void
548mm_send_keystate(struct monitor *pmonitor)
549{
550 Buffer m;
551 u_char *blob, *p;
552 u_int bloblen, plen;
553 u_int32_t seqnr, packets;
554 u_int64_t blocks;
555
556 buffer_init(&m);
--- 19 unchanged lines hidden (view full) ---
576 packet_get_keyiv(MODE_OUT, iv, ivlen);
577 buffer_put_string(&m, iv, ivlen);
578 ivlen = packet_get_keyiv_len(MODE_OUT);
579 packet_get_keyiv(MODE_IN, iv, ivlen);
580 buffer_put_string(&m, iv, ivlen);
581 goto skip;
582 } else {
583 /* Kex for rekeying */
584 mm_send_kex(&m, *pmonitor->m_pkex);
585 }
586
587 debug3("%s: Sending new keys: %p %p",
588 __func__, newkeys[MODE_OUT], newkeys[MODE_IN]);
589
590 /* Keys from Kex */
591 if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
592 fatal("%s: conversion of newkeys failed", __func__);
--- 35 unchanged lines hidden (view full) ---
628 debug3("%s: Sending compression state", __func__);
629 buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
630 buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
631
632 /* Network I/O buffers */
633 buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input));
634 buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output));
635
636 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m);
637 debug3("%s: Finished sending state", __func__);
638
639 buffer_free(&m);
640}
641
642int
643mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
644{
645 Buffer m;
646 char *p;
647 int success = 0;
648
649 buffer_init(&m);
650 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m);
651
652 debug3("%s: waiting for MONITOR_ANS_PTY", __func__);
653 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m);
654
655 success = buffer_get_int(&m);
656 if (success == 0) {
657 debug3("%s: pty alloc failed", __func__);
658 buffer_free(&m);
659 return (0);
660 }
661 p = buffer_get_string(&m, NULL);
662 buffer_free(&m);
663
664 strlcpy(namebuf, p, namebuflen); /* Possible truncation */
665 xfree(p);
666
667 *ptyfd = mm_receive_fd(pmonitor->m_recvfd);
668 *ttyfd = mm_receive_fd(pmonitor->m_recvfd);
669
670 /* Success */
671 return (1);
672}
673
674void
--- 299 unchanged lines hidden (view full) ---
974 mm_request_receive_expect(pmonitor->m_recvfd,
975 MONITOR_ANS_SKEYRESPOND, &m);
976
977 authok = buffer_get_int(&m);
978 buffer_free(&m);
979
980 return ((authok == 0) ? -1 : 0);
981}
982#endif
983
984void
985mm_ssh1_session_id(u_char session_id[16])
986{
987 Buffer m;
988 int i;
989
990 debug3("%s entering", __func__);
--- 100 unchanged lines hidden (view full) ---
1091 success = buffer_get_int(&m);
1092 buffer_free(&m);
1093
1094 return (success);
1095}
1096
1097#ifdef GSSAPI
1098OM_uint32
1099mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
1100{
1101 Buffer m;
1102 OM_uint32 major;
1103
1104 /* Client doesn't get to see the context */
1105 *ctx = NULL;
1106
1107 buffer_init(&m);
1108 buffer_put_string(&m, oid->elements, oid->length);
1109
1110 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m);
1111 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m);
1112
1113 major = buffer_get_int(&m);
1114
1115 buffer_free(&m);
1116 return (major);
--- 65 unchanged lines hidden ---
2 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
3 * Copyright 2002 Markus Friedl <markus@openbsd.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
--- 11 unchanged lines hidden (view full) ---
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27#include "includes.h"
28RCSID("$OpenBSD: monitor_wrap.c,v 1.35 2003/11/17 11:06:07 markus Exp $");
29RCSID("$FreeBSD: head/crypto/openssh/monitor_wrap.c 128460 2004-04-20 09:46:41Z des $");
30
31#include <openssl/bn.h>
32#include <openssl/dh.h>
33
34#include "ssh.h"
35#include "dh.h"
36#include "kex.h"
37#include "auth.h"
--- 28 unchanged lines hidden (view full) ---
66
67/* Imports */
68extern int compat20;
69extern Newkeys *newkeys[];
70extern z_stream incoming_stream;
71extern z_stream outgoing_stream;
72extern struct monitor *pmonitor;
73extern Buffer input, output;
74extern ServerOptions options;
75
76int
77mm_is_monitor(void)
78{
79 /*
80 * m_pid is only set in the privileged part, and
81 * points to the unprivileged child.
82 */
83 return (pmonitor && pmonitor->m_pid > 0);
84}
85
86void
87mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
88{
89 u_int mlen = buffer_len(m);
90 u_char buf[5];
91
92 debug3("%s entering: type %d", __func__, type);
93
94 PUT_32BIT(buf, mlen + 1);
95 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
96 if (atomicio(vwrite, socket, buf, sizeof(buf)) != sizeof(buf))
97 fatal("%s: write", __func__);
98 if (atomicio(vwrite, socket, buffer_ptr(m), mlen) != mlen)
99 fatal("%s: write", __func__);
100}
101
102void
103mm_request_receive(int socket, Buffer *m)
104{
105 u_char buf[4];
106 u_int msg_len;
107 ssize_t res;
108
109 debug3("%s entering", __func__);
110
111 res = atomicio(read, socket, buf, sizeof(buf));
112 if (res != sizeof(buf)) {
113 if (res == 0)
114 cleanup_exit(255);
115 fatal("%s: read: %ld", __func__, (long)res);
116 }
117 msg_len = GET_32BIT(buf);
118 if (msg_len > 256 * 1024)
119 fatal("%s: read: bad msg_len %d", __func__, msg_len);
120 buffer_clear(m);
121 buffer_append_space(m, msg_len);
122 res = atomicio(read, socket, buffer_ptr(m), msg_len);
123 if (res != msg_len)
124 fatal("%s: read: %ld != msg_len", __func__, (long)res);
125}
126
127void
128mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m)
129{
130 u_char rtype;
131
132 debug3("%s entering: type %d", __func__, type);
133
134 mm_request_receive(socket, m);
135 rtype = buffer_get_char(m);
136 if (rtype != type)
137 fatal("%s: read: rtype %d != type %d", __func__,
138 rtype, type);
139}
140
141DH *
142mm_choose_dh(int min, int nbits, int max)
--- 47 unchanged lines hidden (view full) ---
190 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m);
191 *sigp = buffer_get_string(&m, lenp);
192 buffer_free(&m);
193
194 return (0);
195}
196
197struct passwd *
198mm_getpwnamallow(const char *login)
199{
200 Buffer m;
201 struct passwd *pw;
202 u_int pwlen;
203
204 debug3("%s entering", __func__);
205
206 buffer_init(&m);
207 buffer_put_cstring(&m, login);
208
209 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m);
210
211 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__);
212 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m);
213
214 if (buffer_get_char(&m) == 0) {
215 buffer_free(&m);
--- 324 unchanged lines hidden (view full) ---
540 buffer_put_string(m, buffer_ptr(&kex->my), buffer_len(&kex->my));
541 buffer_put_string(m, buffer_ptr(&kex->peer), buffer_len(&kex->peer));
542 buffer_put_int(m, kex->flags);
543 buffer_put_cstring(m, kex->client_version_string);
544 buffer_put_cstring(m, kex->server_version_string);
545}
546
547void
548mm_send_keystate(struct monitor *pmonitor)
549{
550 Buffer m;
551 u_char *blob, *p;
552 u_int bloblen, plen;
553 u_int32_t seqnr, packets;
554 u_int64_t blocks;
555
556 buffer_init(&m);
--- 19 unchanged lines hidden (view full) ---
576 packet_get_keyiv(MODE_OUT, iv, ivlen);
577 buffer_put_string(&m, iv, ivlen);
578 ivlen = packet_get_keyiv_len(MODE_OUT);
579 packet_get_keyiv(MODE_IN, iv, ivlen);
580 buffer_put_string(&m, iv, ivlen);
581 goto skip;
582 } else {
583 /* Kex for rekeying */
584 mm_send_kex(&m, *pmonitor->m_pkex);
585 }
586
587 debug3("%s: Sending new keys: %p %p",
588 __func__, newkeys[MODE_OUT], newkeys[MODE_IN]);
589
590 /* Keys from Kex */
591 if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
592 fatal("%s: conversion of newkeys failed", __func__);
--- 35 unchanged lines hidden (view full) ---
628 debug3("%s: Sending compression state", __func__);
629 buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
630 buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
631
632 /* Network I/O buffers */
633 buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input));
634 buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output));
635
636 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m);
637 debug3("%s: Finished sending state", __func__);
638
639 buffer_free(&m);
640}
641
642int
643mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
644{
645 Buffer m;
646 char *p;
647 int success = 0;
648
649 buffer_init(&m);
650 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m);
651
652 debug3("%s: waiting for MONITOR_ANS_PTY", __func__);
653 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m);
654
655 success = buffer_get_int(&m);
656 if (success == 0) {
657 debug3("%s: pty alloc failed", __func__);
658 buffer_free(&m);
659 return (0);
660 }
661 p = buffer_get_string(&m, NULL);
662 buffer_free(&m);
663
664 strlcpy(namebuf, p, namebuflen); /* Possible truncation */
665 xfree(p);
666
667 *ptyfd = mm_receive_fd(pmonitor->m_recvfd);
668 *ttyfd = mm_receive_fd(pmonitor->m_recvfd);
669
670 /* Success */
671 return (1);
672}
673
674void
--- 299 unchanged lines hidden (view full) ---
974 mm_request_receive_expect(pmonitor->m_recvfd,
975 MONITOR_ANS_SKEYRESPOND, &m);
976
977 authok = buffer_get_int(&m);
978 buffer_free(&m);
979
980 return ((authok == 0) ? -1 : 0);
981}
982#endif
983
984void
985mm_ssh1_session_id(u_char session_id[16])
986{
987 Buffer m;
988 int i;
989
990 debug3("%s entering", __func__);
--- 100 unchanged lines hidden (view full) ---
1091 success = buffer_get_int(&m);
1092 buffer_free(&m);
1093
1094 return (success);
1095}
1096
1097#ifdef GSSAPI
1098OM_uint32
1099mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
1100{
1101 Buffer m;
1102 OM_uint32 major;
1103
1104 /* Client doesn't get to see the context */
1105 *ctx = NULL;
1106
1107 buffer_init(&m);
1108 buffer_put_string(&m, oid->elements, oid->length);
1109
1110 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m);
1111 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m);
1112
1113 major = buffer_get_int(&m);
1114
1115 buffer_free(&m);
1116 return (major);
--- 65 unchanged lines hidden ---