monitor_wrap.c (128460) | monitor_wrap.c (137019) |
---|---|
1/* 2 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 11 unchanged lines hidden (view full) --- 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27#include "includes.h" | 1/* 2 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 11 unchanged lines hidden (view full) --- 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27#include "includes.h" |
28RCSID("$OpenBSD: monitor_wrap.c,v 1.35 2003/11/17 11:06:07 markus Exp $"); 29RCSID("$FreeBSD: head/crypto/openssh/monitor_wrap.c 128460 2004-04-20 09:46:41Z des $"); | 28RCSID("$OpenBSD: monitor_wrap.c,v 1.39 2004/07/17 05:31:41 dtucker Exp $"); 29RCSID("$FreeBSD: head/crypto/openssh/monitor_wrap.c 137019 2004-10-28 16:11:31Z des $"); |
30 31#include <openssl/bn.h> 32#include <openssl/dh.h> 33 34#include "ssh.h" 35#include "dh.h" 36#include "kex.h" 37#include "auth.h" --- 28 unchanged lines hidden (view full) --- 66 67/* Imports */ 68extern int compat20; 69extern Newkeys *newkeys[]; 70extern z_stream incoming_stream; 71extern z_stream outgoing_stream; 72extern struct monitor *pmonitor; 73extern Buffer input, output; | 30 31#include <openssl/bn.h> 32#include <openssl/dh.h> 33 34#include "ssh.h" 35#include "dh.h" 36#include "kex.h" 37#include "auth.h" --- 28 unchanged lines hidden (view full) --- 66 67/* Imports */ 68extern int compat20; 69extern Newkeys *newkeys[]; 70extern z_stream incoming_stream; 71extern z_stream outgoing_stream; 72extern struct monitor *pmonitor; 73extern Buffer input, output; |
74extern Buffer loginmsg; |
|
74extern ServerOptions options; 75 76int 77mm_is_monitor(void) 78{ 79 /* 80 * m_pid is only set in the privileged part, and 81 * points to the unprivileged child. 82 */ 83 return (pmonitor && pmonitor->m_pid > 0); 84} 85 86void | 75extern ServerOptions options; 76 77int 78mm_is_monitor(void) 79{ 80 /* 81 * m_pid is only set in the privileged part, and 82 * points to the unprivileged child. 83 */ 84 return (pmonitor && pmonitor->m_pid > 0); 85} 86 87void |
87mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) | 88mm_request_send(int sock, enum monitor_reqtype type, Buffer *m) |
88{ 89 u_int mlen = buffer_len(m); 90 u_char buf[5]; 91 92 debug3("%s entering: type %d", __func__, type); 93 94 PUT_32BIT(buf, mlen + 1); 95 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ | 89{ 90 u_int mlen = buffer_len(m); 91 u_char buf[5]; 92 93 debug3("%s entering: type %d", __func__, type); 94 95 PUT_32BIT(buf, mlen + 1); 96 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ |
96 if (atomicio(vwrite, socket, buf, sizeof(buf)) != sizeof(buf)) | 97 if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf)) |
97 fatal("%s: write", __func__); | 98 fatal("%s: write", __func__); |
98 if (atomicio(vwrite, socket, buffer_ptr(m), mlen) != mlen) | 99 if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen) |
99 fatal("%s: write", __func__); 100} 101 102void | 100 fatal("%s: write", __func__); 101} 102 103void |
103mm_request_receive(int socket, Buffer *m) | 104mm_request_receive(int sock, Buffer *m) |
104{ 105 u_char buf[4]; 106 u_int msg_len; 107 ssize_t res; 108 109 debug3("%s entering", __func__); 110 | 105{ 106 u_char buf[4]; 107 u_int msg_len; 108 ssize_t res; 109 110 debug3("%s entering", __func__); 111 |
111 res = atomicio(read, socket, buf, sizeof(buf)); | 112 res = atomicio(read, sock, buf, sizeof(buf)); |
112 if (res != sizeof(buf)) { 113 if (res == 0) 114 cleanup_exit(255); 115 fatal("%s: read: %ld", __func__, (long)res); 116 } 117 msg_len = GET_32BIT(buf); 118 if (msg_len > 256 * 1024) 119 fatal("%s: read: bad msg_len %d", __func__, msg_len); 120 buffer_clear(m); 121 buffer_append_space(m, msg_len); | 113 if (res != sizeof(buf)) { 114 if (res == 0) 115 cleanup_exit(255); 116 fatal("%s: read: %ld", __func__, (long)res); 117 } 118 msg_len = GET_32BIT(buf); 119 if (msg_len > 256 * 1024) 120 fatal("%s: read: bad msg_len %d", __func__, msg_len); 121 buffer_clear(m); 122 buffer_append_space(m, msg_len); |
122 res = atomicio(read, socket, buffer_ptr(m), msg_len); | 123 res = atomicio(read, sock, buffer_ptr(m), msg_len); |
123 if (res != msg_len) 124 fatal("%s: read: %ld != msg_len", __func__, (long)res); 125} 126 127void | 124 if (res != msg_len) 125 fatal("%s: read: %ld != msg_len", __func__, (long)res); 126} 127 128void |
128mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m) | 129mm_request_receive_expect(int sock, enum monitor_reqtype type, Buffer *m) |
129{ 130 u_char rtype; 131 132 debug3("%s entering: type %d", __func__, type); 133 | 130{ 131 u_char rtype; 132 133 debug3("%s entering: type %d", __func__, type); 134 |
134 mm_request_receive(socket, m); | 135 mm_request_receive(sock, m); |
135 rtype = buffer_get_char(m); 136 if (rtype != type) 137 fatal("%s: read: rtype %d != type %d", __func__, 138 rtype, type); 139} 140 141DH * 142mm_choose_dh(int min, int nbits, int max) --- 47 unchanged lines hidden (view full) --- 190 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m); 191 *sigp = buffer_get_string(&m, lenp); 192 buffer_free(&m); 193 194 return (0); 195} 196 197struct passwd * | 136 rtype = buffer_get_char(m); 137 if (rtype != type) 138 fatal("%s: read: rtype %d != type %d", __func__, 139 rtype, type); 140} 141 142DH * 143mm_choose_dh(int min, int nbits, int max) --- 47 unchanged lines hidden (view full) --- 191 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m); 192 *sigp = buffer_get_string(&m, lenp); 193 buffer_free(&m); 194 195 return (0); 196} 197 198struct passwd * |
198mm_getpwnamallow(const char *login) | 199mm_getpwnamallow(const char *username) |
199{ 200 Buffer m; 201 struct passwd *pw; 202 u_int pwlen; 203 204 debug3("%s entering", __func__); 205 206 buffer_init(&m); | 200{ 201 Buffer m; 202 struct passwd *pw; 203 u_int pwlen; 204 205 debug3("%s entering", __func__); 206 207 buffer_init(&m); |
207 buffer_put_cstring(&m, login); | 208 buffer_put_cstring(&m, username); |
208 209 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m); 210 211 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__); 212 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m); 213 214 if (buffer_get_char(&m) == 0) { 215 buffer_free(&m); --- 324 unchanged lines hidden (view full) --- 540 buffer_put_string(m, buffer_ptr(&kex->my), buffer_len(&kex->my)); 541 buffer_put_string(m, buffer_ptr(&kex->peer), buffer_len(&kex->peer)); 542 buffer_put_int(m, kex->flags); 543 buffer_put_cstring(m, kex->client_version_string); 544 buffer_put_cstring(m, kex->server_version_string); 545} 546 547void | 209 210 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m); 211 212 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__); 213 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m); 214 215 if (buffer_get_char(&m) == 0) { 216 buffer_free(&m); --- 324 unchanged lines hidden (view full) --- 541 buffer_put_string(m, buffer_ptr(&kex->my), buffer_len(&kex->my)); 542 buffer_put_string(m, buffer_ptr(&kex->peer), buffer_len(&kex->peer)); 543 buffer_put_int(m, kex->flags); 544 buffer_put_cstring(m, kex->client_version_string); 545 buffer_put_cstring(m, kex->server_version_string); 546} 547 548void |
548mm_send_keystate(struct monitor *pmonitor) | 549mm_send_keystate(struct monitor *monitor) |
549{ 550 Buffer m; 551 u_char *blob, *p; 552 u_int bloblen, plen; 553 u_int32_t seqnr, packets; 554 u_int64_t blocks; 555 556 buffer_init(&m); --- 19 unchanged lines hidden (view full) --- 576 packet_get_keyiv(MODE_OUT, iv, ivlen); 577 buffer_put_string(&m, iv, ivlen); 578 ivlen = packet_get_keyiv_len(MODE_OUT); 579 packet_get_keyiv(MODE_IN, iv, ivlen); 580 buffer_put_string(&m, iv, ivlen); 581 goto skip; 582 } else { 583 /* Kex for rekeying */ | 550{ 551 Buffer m; 552 u_char *blob, *p; 553 u_int bloblen, plen; 554 u_int32_t seqnr, packets; 555 u_int64_t blocks; 556 557 buffer_init(&m); --- 19 unchanged lines hidden (view full) --- 577 packet_get_keyiv(MODE_OUT, iv, ivlen); 578 buffer_put_string(&m, iv, ivlen); 579 ivlen = packet_get_keyiv_len(MODE_OUT); 580 packet_get_keyiv(MODE_IN, iv, ivlen); 581 buffer_put_string(&m, iv, ivlen); 582 goto skip; 583 } else { 584 /* Kex for rekeying */ |
584 mm_send_kex(&m, *pmonitor->m_pkex); | 585 mm_send_kex(&m, *monitor->m_pkex); |
585 } 586 587 debug3("%s: Sending new keys: %p %p", 588 __func__, newkeys[MODE_OUT], newkeys[MODE_IN]); 589 590 /* Keys from Kex */ 591 if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) 592 fatal("%s: conversion of newkeys failed", __func__); --- 35 unchanged lines hidden (view full) --- 628 debug3("%s: Sending compression state", __func__); 629 buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); 630 buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); 631 632 /* Network I/O buffers */ 633 buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); 634 buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); 635 | 586 } 587 588 debug3("%s: Sending new keys: %p %p", 589 __func__, newkeys[MODE_OUT], newkeys[MODE_IN]); 590 591 /* Keys from Kex */ 592 if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) 593 fatal("%s: conversion of newkeys failed", __func__); --- 35 unchanged lines hidden (view full) --- 629 debug3("%s: Sending compression state", __func__); 630 buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); 631 buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); 632 633 /* Network I/O buffers */ 634 buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); 635 buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); 636 |
636 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); | 637 mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); |
637 debug3("%s: Finished sending state", __func__); 638 639 buffer_free(&m); 640} 641 642int 643mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) 644{ 645 Buffer m; | 638 debug3("%s: Finished sending state", __func__); 639 640 buffer_free(&m); 641} 642 643int 644mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) 645{ 646 Buffer m; |
646 char *p; | 647 char *p, *msg; |
647 int success = 0; 648 649 buffer_init(&m); 650 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m); 651 652 debug3("%s: waiting for MONITOR_ANS_PTY", __func__); 653 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m); 654 655 success = buffer_get_int(&m); 656 if (success == 0) { 657 debug3("%s: pty alloc failed", __func__); 658 buffer_free(&m); 659 return (0); 660 } 661 p = buffer_get_string(&m, NULL); | 648 int success = 0; 649 650 buffer_init(&m); 651 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m); 652 653 debug3("%s: waiting for MONITOR_ANS_PTY", __func__); 654 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m); 655 656 success = buffer_get_int(&m); 657 if (success == 0) { 658 debug3("%s: pty alloc failed", __func__); 659 buffer_free(&m); 660 return (0); 661 } 662 p = buffer_get_string(&m, NULL); |
663 msg = buffer_get_string(&m, NULL); |
|
662 buffer_free(&m); 663 664 strlcpy(namebuf, p, namebuflen); /* Possible truncation */ 665 xfree(p); 666 | 664 buffer_free(&m); 665 666 strlcpy(namebuf, p, namebuflen); /* Possible truncation */ 667 xfree(p); 668 |
669 buffer_append(&loginmsg, msg, strlen(msg)); 670 xfree(msg); 671 |
|
667 *ptyfd = mm_receive_fd(pmonitor->m_recvfd); 668 *ttyfd = mm_receive_fd(pmonitor->m_recvfd); 669 670 /* Success */ 671 return (1); 672} 673 674void --- 299 unchanged lines hidden (view full) --- 974 mm_request_receive_expect(pmonitor->m_recvfd, 975 MONITOR_ANS_SKEYRESPOND, &m); 976 977 authok = buffer_get_int(&m); 978 buffer_free(&m); 979 980 return ((authok == 0) ? -1 : 0); 981} | 672 *ptyfd = mm_receive_fd(pmonitor->m_recvfd); 673 *ttyfd = mm_receive_fd(pmonitor->m_recvfd); 674 675 /* Success */ 676 return (1); 677} 678 679void --- 299 unchanged lines hidden (view full) --- 979 mm_request_receive_expect(pmonitor->m_recvfd, 980 MONITOR_ANS_SKEYRESPOND, &m); 981 982 authok = buffer_get_int(&m); 983 buffer_free(&m); 984 985 return ((authok == 0) ? -1 : 0); 986} |
982#endif | 987#endif /* SKEY */ |
983 984void 985mm_ssh1_session_id(u_char session_id[16]) 986{ 987 Buffer m; 988 int i; 989 990 debug3("%s entering", __func__); --- 100 unchanged lines hidden (view full) --- 1091 success = buffer_get_int(&m); 1092 buffer_free(&m); 1093 1094 return (success); 1095} 1096 1097#ifdef GSSAPI 1098OM_uint32 | 988 989void 990mm_ssh1_session_id(u_char session_id[16]) 991{ 992 Buffer m; 993 int i; 994 995 debug3("%s entering", __func__); --- 100 unchanged lines hidden (view full) --- 1096 success = buffer_get_int(&m); 1097 buffer_free(&m); 1098 1099 return (success); 1100} 1101 1102#ifdef GSSAPI 1103OM_uint32 |
1099mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) | 1104mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid) |
1100{ 1101 Buffer m; 1102 OM_uint32 major; 1103 1104 /* Client doesn't get to see the context */ 1105 *ctx = NULL; 1106 1107 buffer_init(&m); | 1105{ 1106 Buffer m; 1107 OM_uint32 major; 1108 1109 /* Client doesn't get to see the context */ 1110 *ctx = NULL; 1111 1112 buffer_init(&m); |
1108 buffer_put_string(&m, oid->elements, oid->length); | 1113 buffer_put_string(&m, goid->elements, goid->length); |
1109 1110 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m); 1111 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m); 1112 1113 major = buffer_get_int(&m); 1114 1115 buffer_free(&m); 1116 return (major); --- 65 unchanged lines hidden --- | 1114 1115 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m); 1116 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m); 1117 1118 major = buffer_get_int(&m); 1119 1120 buffer_free(&m); 1121 return (major); --- 65 unchanged lines hidden --- |