| monitor_wrap.c (99052) | monitor_wrap.c (106130) |
|---|---|
| 1/* 2 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 11 unchanged lines hidden (view full) --- 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27#include "includes.h" | 1/* 2 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 11 unchanged lines hidden (view full) --- 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27#include "includes.h" |
| 28RCSID("$OpenBSD: monitor_wrap.c,v 1.11 2002/06/19 18:01:00 markus Exp $"); 29RCSID("$FreeBSD: head/crypto/openssh/monitor_wrap.c 99052 2002-06-29 10:56:23Z des $"); | 28RCSID("$OpenBSD: monitor_wrap.c,v 1.19 2002/09/26 11:38:43 markus Exp $"); 29RCSID("$FreeBSD: head/crypto/openssh/monitor_wrap.c 106130 2002-10-29 10:16:02Z des $"); |
| 30 31#include <openssl/bn.h> 32#include <openssl/dh.h> 33 34#include "ssh.h" 35#include "dh.h" 36#include "kex.h" 37#include "auth.h" --- 20 unchanged lines hidden (view full) --- 58extern z_stream incoming_stream; 59extern z_stream outgoing_stream; 60extern struct monitor *pmonitor; 61extern Buffer input, output; 62 63void 64mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) 65{ | 30 31#include <openssl/bn.h> 32#include <openssl/dh.h> 33 34#include "ssh.h" 35#include "dh.h" 36#include "kex.h" 37#include "auth.h" --- 20 unchanged lines hidden (view full) --- 58extern z_stream incoming_stream; 59extern z_stream outgoing_stream; 60extern struct monitor *pmonitor; 61extern Buffer input, output; 62 63void 64mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) 65{ |
| 66 u_char buf[5]; | |
| 67 u_int mlen = buffer_len(m); | 66 u_int mlen = buffer_len(m); |
| 67 u_char buf[5]; |
|
| 68 69 debug3("%s entering: type %d", __func__, type); 70 71 PUT_32BIT(buf, mlen + 1); 72 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ 73 if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf)) 74 fatal("%s: write", __func__); 75 if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen) 76 fatal("%s: write", __func__); 77} 78 79void 80mm_request_receive(int socket, Buffer *m) 81{ 82 u_char buf[4]; | 68 69 debug3("%s entering: type %d", __func__, type); 70 71 PUT_32BIT(buf, mlen + 1); 72 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ 73 if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf)) 74 fatal("%s: write", __func__); 75 if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen) 76 fatal("%s: write", __func__); 77} 78 79void 80mm_request_receive(int socket, Buffer *m) 81{ 82 u_char buf[4]; |
| 83 ssize_t res; | |
| 84 u_int msg_len; | 83 u_int msg_len; |
| 84 ssize_t res; |
|
| 85 86 debug3("%s entering", __func__); 87 88 res = atomicio(read, socket, buf, sizeof(buf)); 89 if (res != sizeof(buf)) { 90 if (res == 0) 91 fatal_cleanup(); 92 fatal("%s: read: %ld", __func__, (long)res); --- 110 unchanged lines hidden (view full) --- 203#endif 204 pw->pw_dir = buffer_get_string(&m, NULL); 205 pw->pw_shell = buffer_get_string(&m, NULL); 206 buffer_free(&m); 207 208 return (pw); 209} 210 | 85 86 debug3("%s entering", __func__); 87 88 res = atomicio(read, socket, buf, sizeof(buf)); 89 if (res != sizeof(buf)) { 90 if (res == 0) 91 fatal_cleanup(); 92 fatal("%s: read: %ld", __func__, (long)res); --- 110 unchanged lines hidden (view full) --- 203#endif 204 pw->pw_dir = buffer_get_string(&m, NULL); 205 pw->pw_shell = buffer_get_string(&m, NULL); 206 buffer_free(&m); 207 208 return (pw); 209} 210 |
| 211char* mm_auth2_read_banner(void) | 211char *mm_auth2_read_banner(void) |
| 212{ 213 Buffer m; 214 char *banner; 215 216 debug3("%s entering", __func__); 217 218 buffer_init(&m); 219 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); --- 187 unchanged lines hidden (view full) --- 407 /* Enc structure */ 408 enc->name = buffer_get_string(&b, NULL); 409 buffer_get(&b, &enc->cipher, sizeof(enc->cipher)); 410 enc->enabled = buffer_get_int(&b); 411 enc->block_size = buffer_get_int(&b); 412 enc->key = buffer_get_string(&b, &enc->key_len); 413 enc->iv = buffer_get_string(&b, &len); 414 if (len != enc->block_size) | 212{ 213 Buffer m; 214 char *banner; 215 216 debug3("%s entering", __func__); 217 218 buffer_init(&m); 219 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); --- 187 unchanged lines hidden (view full) --- 407 /* Enc structure */ 408 enc->name = buffer_get_string(&b, NULL); 409 buffer_get(&b, &enc->cipher, sizeof(enc->cipher)); 410 enc->enabled = buffer_get_int(&b); 411 enc->block_size = buffer_get_int(&b); 412 enc->key = buffer_get_string(&b, &enc->key_len); 413 enc->iv = buffer_get_string(&b, &len); 414 if (len != enc->block_size) |
| 415 fatal("%s: bad ivlen: expected %d != %d", __func__, | 415 fatal("%s: bad ivlen: expected %u != %u", __func__, |
| 416 enc->block_size, len); 417 418 if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) 419 fatal("%s: bad cipher name %s or pointer %p", __func__, 420 enc->name, enc->cipher); 421 422 /* Mac structure */ 423 mac->name = buffer_get_string(&b, NULL); 424 if (mac->name == NULL || mac_init(mac, mac->name) == -1) 425 fatal("%s: can not init mac %s", __func__, mac->name); 426 mac->enabled = buffer_get_int(&b); 427 mac->key = buffer_get_string(&b, &len); 428 if (len > mac->key_len) | 416 enc->block_size, len); 417 418 if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) 419 fatal("%s: bad cipher name %s or pointer %p", __func__, 420 enc->name, enc->cipher); 421 422 /* Mac structure */ 423 mac->name = buffer_get_string(&b, NULL); 424 if (mac->name == NULL || mac_init(mac, mac->name) == -1) 425 fatal("%s: can not init mac %s", __func__, mac->name); 426 mac->enabled = buffer_get_int(&b); 427 mac->key = buffer_get_string(&b, &len); 428 if (len > mac->key_len) |
| 429 fatal("%s: bad mac key length: %d > %d", __func__, len, | 429 fatal("%s: bad mac key length: %u > %d", __func__, len, |
| 430 mac->key_len); 431 mac->key_len = len; 432 433 /* Comp structure */ 434 comp->type = buffer_get_int(&b); 435 comp->enabled = buffer_get_int(&b); 436 comp->name = buffer_get_string(&b, NULL); 437 438 len = buffer_len(&b); 439 if (len != 0) | 430 mac->key_len); 431 mac->key_len = len; 432 433 /* Comp structure */ 434 comp->type = buffer_get_int(&b); 435 comp->enabled = buffer_get_int(&b); 436 comp->name = buffer_get_string(&b, NULL); 437 438 len = buffer_len(&b); 439 if (len != 0) |
| 440 error("newkeys_from_blob: remaining bytes in blob %d", len); | 440 error("newkeys_from_blob: remaining bytes in blob %u", len); |
| 441 buffer_free(&b); 442 return (newkey); 443} 444 445int 446mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp) 447{ 448 Buffer b; 449 int len; | 441 buffer_free(&b); 442 return (newkey); 443} 444 445int 446mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp) 447{ 448 Buffer b; 449 int len; |
| 450 u_char *buf; | |
| 451 Enc *enc; 452 Mac *mac; 453 Comp *comp; 454 Newkeys *newkey = newkeys[mode]; 455 456 debug3("%s: converting %p", __func__, newkey); 457 458 if (newkey == NULL) { --- 21 unchanged lines hidden (view full) --- 480 buffer_put_string(&b, mac->key, mac->key_len); 481 482 /* Comp structure */ 483 buffer_put_int(&b, comp->type); 484 buffer_put_int(&b, comp->enabled); 485 buffer_put_cstring(&b, comp->name); 486 487 len = buffer_len(&b); | 450 Enc *enc; 451 Mac *mac; 452 Comp *comp; 453 Newkeys *newkey = newkeys[mode]; 454 455 debug3("%s: converting %p", __func__, newkey); 456 457 if (newkey == NULL) { --- 21 unchanged lines hidden (view full) --- 479 buffer_put_string(&b, mac->key, mac->key_len); 480 481 /* Comp structure */ 482 buffer_put_int(&b, comp->type); 483 buffer_put_int(&b, comp->enabled); 484 buffer_put_cstring(&b, comp->name); 485 486 len = buffer_len(&b); |
| 488 buf = xmalloc(len); 489 memcpy(buf, buffer_ptr(&b), len); 490 memset(buffer_ptr(&b), 0, len); 491 buffer_free(&b); | |
| 492 if (lenp != NULL) 493 *lenp = len; | 487 if (lenp != NULL) 488 *lenp = len; |
| 494 if (blobp != NULL) 495 *blobp = buf; | 489 if (blobp != NULL) { 490 *blobp = xmalloc(len); 491 memcpy(*blobp, buffer_ptr(&b), len); 492 } 493 memset(buffer_ptr(&b), 0, len); 494 buffer_free(&b); |
| 496 return len; 497} 498 499static void 500mm_send_kex(Buffer *m, Kex *kex) 501{ 502 buffer_put_string(m, kex->session_id, kex->session_id_len); 503 buffer_put_int(m, kex->we_need); --- 92 unchanged lines hidden (view full) --- 596 597 buffer_free(&m); 598} 599 600int 601mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) 602{ 603 Buffer m; | 495 return len; 496} 497 498static void 499mm_send_kex(Buffer *m, Kex *kex) 500{ 501 buffer_put_string(m, kex->session_id, kex->session_id_len); 502 buffer_put_int(m, kex->we_need); --- 92 unchanged lines hidden (view full) --- 595 596 buffer_free(&m); 597} 598 599int 600mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) 601{ 602 Buffer m; |
| 604 u_char *p; | 603 char *p; |
| 605 int success = 0; 606 607 buffer_init(&m); 608 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m); 609 610 debug3("%s: waiting for MONITOR_ANS_PTY", __func__); 611 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m); 612 --- 170 unchanged lines hidden (view full) --- 783 784static void 785mm_chall_setup(char **name, char **infotxt, u_int *numprompts, 786 char ***prompts, u_int **echo_on) 787{ 788 *name = xstrdup(""); 789 *infotxt = xstrdup(""); 790 *numprompts = 1; | 604 int success = 0; 605 606 buffer_init(&m); 607 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m); 608 609 debug3("%s: waiting for MONITOR_ANS_PTY", __func__); 610 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m); 611 --- 170 unchanged lines hidden (view full) --- 782 783static void 784mm_chall_setup(char **name, char **infotxt, u_int *numprompts, 785 char ***prompts, u_int **echo_on) 786{ 787 *name = xstrdup(""); 788 *infotxt = xstrdup(""); 789 *numprompts = 1; |
| 791 *prompts = xmalloc(*numprompts * sizeof(char*)); | 790 *prompts = xmalloc(*numprompts * sizeof(char *)); |
| 792 *echo_on = xmalloc(*numprompts * sizeof(u_int)); 793 (*echo_on)[0] = 0; 794} 795 796int 797mm_bsdauth_query(void *ctx, char **name, char **infotxt, 798 u_int *numprompts, char ***prompts, u_int **echo_on) 799{ --- 217 unchanged lines hidden (view full) --- 1017 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); 1018 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); 1019 1020 success = buffer_get_int(&m); 1021 buffer_free(&m); 1022 1023 return (success); 1024} | 791 *echo_on = xmalloc(*numprompts * sizeof(u_int)); 792 (*echo_on)[0] = 0; 793} 794 795int 796mm_bsdauth_query(void *ctx, char **name, char **infotxt, 797 u_int *numprompts, char ***prompts, u_int **echo_on) 798{ --- 217 unchanged lines hidden (view full) --- 1016 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); 1017 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); 1018 1019 success = buffer_get_int(&m); 1020 buffer_free(&m); 1021 1022 return (success); 1023} |
| 1024 1025#ifdef KRB4 1026int 1027mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply) 1028{ 1029 KTEXT auth, reply; 1030 Buffer m; 1031 u_int rlen; 1032 int success = 0; 1033 char *p; 1034 1035 debug3("%s entering", __func__); 1036 auth = _auth; 1037 reply = _reply; 1038 1039 buffer_init(&m); 1040 buffer_put_string(&m, auth->dat, auth->length); 1041 1042 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB4, &m); 1043 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB4, &m); 1044 1045 success = buffer_get_int(&m); 1046 if (success) { 1047 *client = buffer_get_string(&m, NULL); 1048 p = buffer_get_string(&m, &rlen); 1049 if (rlen >= MAX_KTXT_LEN) 1050 fatal("%s: reply from monitor too large", __func__); 1051 reply->length = rlen; 1052 memcpy(reply->dat, p, rlen); 1053 memset(p, 0, rlen); 1054 xfree(p); 1055 } 1056 buffer_free(&m); 1057 return (success); 1058} 1059#endif 1060 1061#ifdef KRB5 1062int 1063mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp) 1064{ 1065 krb5_data *tkt, *reply; 1066 Buffer m; 1067 int success; 1068 1069 debug3("%s entering", __func__); 1070 tkt = (krb5_data *) argp; 1071 reply = (krb5_data *) resp; 1072 1073 buffer_init(&m); 1074 buffer_put_string(&m, tkt->data, tkt->length); 1075 1076 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m); 1077 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m); 1078 1079 success = buffer_get_int(&m); 1080 if (success) { 1081 u_int len; 1082 1083 *userp = buffer_get_string(&m, NULL); 1084 reply->data = buffer_get_string(&m, &len); 1085 reply->length = len; 1086 } else { 1087 memset(reply, 0, sizeof(*reply)); 1088 *userp = NULL; 1089 } 1090 1091 buffer_free(&m); 1092 return (success); 1093} 1094#endif |
|