Annotation of src/usr.bin/ssh/monitor.c, Revision 1.179
1.179 ! tb 1: /* $OpenBSD: monitor.c,v 1.178 2018/01/23 05:27:21 djm Exp $ */
1.1 provos 2: /*
3: * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4: * Copyright 2002 Markus Friedl <markus@openbsd.org>
5: * All rights reserved.
6: *
7: * Redistribution and use in source and binary forms, with or without
8: * modification, are permitted provided that the following conditions
9: * are met:
10: * 1. Redistributions of source code must retain the above copyright
11: * notice, this list of conditions and the following disclaimer.
12: * 2. Redistributions in binary form must reproduce the above copyright
13: * notice, this list of conditions and the following disclaimer in the
14: * documentation and/or other materials provided with the distribution.
15: *
16: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26: */
27:
1.67 stevesk 28: #include <sys/types.h>
29: #include <sys/wait.h>
1.79 stevesk 30: #include <sys/socket.h>
1.85 deraadt 31: #include <sys/tree.h>
1.95 djm 32: #include <sys/queue.h>
1.1 provos 33:
1.132 markus 34: #ifdef WITH_OPENSSL
1.78 stevesk 35: #include <openssl/dh.h>
1.132 markus 36: #endif
1.78 stevesk 37:
1.81 stevesk 38: #include <errno.h>
1.80 stevesk 39: #include <fcntl.h>
1.159 djm 40: #include <limits.h>
1.65 stevesk 41: #include <paths.h>
1.114 djm 42: #include <poll.h>
1.78 stevesk 43: #include <pwd.h>
1.68 stevesk 44: #include <signal.h>
1.134 djm 45: #include <stdarg.h>
1.142 millert 46: #include <stdint.h>
1.134 djm 47: #include <stdio.h>
1.84 stevesk 48: #include <stdlib.h>
1.82 stevesk 49: #include <string.h>
1.1 provos 50:
1.114 djm 51: #include "atomicio.h"
1.85 deraadt 52: #include "xmalloc.h"
1.1 provos 53: #include "ssh.h"
1.85 deraadt 54: #include "key.h"
55: #include "buffer.h"
56: #include "hostfile.h"
1.1 provos 57: #include "auth.h"
1.85 deraadt 58: #include "cipher.h"
1.1 provos 59: #include "kex.h"
60: #include "dh.h"
1.88 miod 61: #include <zlib.h>
1.1 provos 62: #include "packet.h"
63: #include "auth-options.h"
64: #include "sshpty.h"
65: #include "channels.h"
66: #include "session.h"
67: #include "sshlogin.h"
68: #include "canohost.h"
69: #include "log.h"
1.135 millert 70: #include "misc.h"
1.1 provos 71: #include "servconf.h"
72: #include "monitor.h"
1.85 deraadt 73: #ifdef GSSAPI
74: #include "ssh-gss.h"
75: #endif
1.1 provos 76: #include "monitor_wrap.h"
77: #include "monitor_fdpass.h"
78: #include "compat.h"
79: #include "ssh2.h"
1.127 markus 80: #include "authfd.h"
1.137 djm 81: #include "match.h"
1.138 djm 82: #include "ssherr.h"
1.1 provos 83:
1.46 markus 84: #ifdef GSSAPI
85: static Gssctxt *gsscontext = NULL;
86: #endif
87:
1.1 provos 88: /* Imports */
89: extern ServerOptions options;
90: extern u_int utmp_len;
91: extern u_char session_id[];
92: extern Buffer auth_debug;
93: extern int auth_debug_init;
1.61 dtucker 94: extern Buffer loginmsg;
1.1 provos 95:
96: /* State exported from the child */
1.139 markus 97: static struct sshbuf *child_state;
1.1 provos 98:
1.43 markus 99: /* Functions on the monitor that answer unprivileged requests */
1.1 provos 100:
101: int mm_answer_moduli(int, Buffer *);
102: int mm_answer_sign(int, Buffer *);
103: int mm_answer_pwnamallow(int, Buffer *);
1.10 djm 104: int mm_answer_auth2_read_banner(int, Buffer *);
1.1 provos 105: int mm_answer_authserv(int, Buffer *);
106: int mm_answer_authpassword(int, Buffer *);
107: int mm_answer_bsdauthquery(int, Buffer *);
108: int mm_answer_bsdauthrespond(int, Buffer *);
109: int mm_answer_skeyquery(int, Buffer *);
110: int mm_answer_skeyrespond(int, Buffer *);
111: int mm_answer_keyallowed(int, Buffer *);
112: int mm_answer_keyverify(int, Buffer *);
113: int mm_answer_pty(int, Buffer *);
114: int mm_answer_pty_cleanup(int, Buffer *);
115: int mm_answer_term(int, Buffer *);
116: int mm_answer_rsa_keyallowed(int, Buffer *);
117: int mm_answer_rsa_challenge(int, Buffer *);
118: int mm_answer_rsa_response(int, Buffer *);
119: int mm_answer_sesskey(int, Buffer *);
120: int mm_answer_sessid(int, Buffer *);
121:
1.46 markus 122: #ifdef GSSAPI
123: int mm_answer_gss_setup_ctx(int, Buffer *);
124: int mm_answer_gss_accept_ctx(int, Buffer *);
125: int mm_answer_gss_userok(int, Buffer *);
1.52 markus 126: int mm_answer_gss_checkmic(int, Buffer *);
1.46 markus 127: #endif
1.25 itojun 128:
1.114 djm 129: static int monitor_read_log(struct monitor *);
130:
1.1 provos 131: static Authctxt *authctxt;
1.132 markus 132:
1.1 provos 133: /* local state for key verify */
134: static u_char *key_blob = NULL;
135: static u_int key_bloblen = 0;
136: static int key_blobtype = MM_NOKEY;
1.26 markus 137: static char *hostbased_cuser = NULL;
138: static char *hostbased_chost = NULL;
1.1 provos 139: static char *auth_method = "unknown";
1.119 djm 140: static char *auth_submethod = NULL;
1.44 markus 141: static u_int session_id2_len = 0;
1.13 markus 142: static u_char *session_id2 = NULL;
1.40 markus 143: static pid_t monitor_child_pid;
1.1 provos 144:
145: struct mon_table {
146: enum monitor_reqtype type;
147: int flags;
148: int (*f)(int, Buffer *);
149: };
150:
151: #define MON_ISAUTH 0x0004 /* Required for Authentication */
152: #define MON_AUTHDECIDE 0x0008 /* Decides Authentication */
153: #define MON_ONCE 0x0010 /* Disable after calling */
1.77 dtucker 154: #define MON_ALOG 0x0020 /* Log auth attempt without authenticating */
1.1 provos 155:
156: #define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE)
157:
158: #define MON_PERMIT 0x1000 /* Request is permitted */
159:
160: struct mon_table mon_dispatch_proto20[] = {
1.132 markus 161: #ifdef WITH_OPENSSL
1.1 provos 162: {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli},
1.132 markus 163: #endif
1.1 provos 164: {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
165: {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
166: {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
1.10 djm 167: {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
1.1 provos 168: {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
169: {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
1.66 stevesk 170: {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond},
1.1 provos 171: {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
172: {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},
1.46 markus 173: #ifdef GSSAPI
174: {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx},
1.165 djm 175: {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
176: {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok},
177: {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic},
1.46 markus 178: #endif
1.1 provos 179: {0, 0, NULL}
180: };
181:
182: struct mon_table mon_dispatch_postauth20[] = {
1.132 markus 183: #ifdef WITH_OPENSSL
1.1 provos 184: {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
1.132 markus 185: #endif
1.1 provos 186: {MONITOR_REQ_SIGN, 0, mm_answer_sign},
187: {MONITOR_REQ_PTY, 0, mm_answer_pty},
188: {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup},
189: {MONITOR_REQ_TERM, 0, mm_answer_term},
190: {0, 0, NULL}
191: };
192:
193: struct mon_table *mon_dispatch;
194:
195: /* Specifies if a certain message is allowed at the moment */
196:
197: static void
198: monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit)
199: {
200: while (ent->f != NULL) {
201: if (ent->type == type) {
202: ent->flags &= ~MON_PERMIT;
203: ent->flags |= permit ? MON_PERMIT : 0;
204: return;
205: }
206: ent++;
207: }
208: }
209:
210: static void
211: monitor_permit_authentications(int permit)
212: {
213: struct mon_table *ent = mon_dispatch;
214:
215: while (ent->f != NULL) {
216: if (ent->flags & MON_AUTH) {
217: ent->flags &= ~MON_PERMIT;
218: ent->flags |= permit ? MON_PERMIT : 0;
219: }
220: ent++;
221: }
222: }
223:
1.50 markus 224: void
225: monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
1.1 provos 226: {
1.167 djm 227: struct ssh *ssh = active_state; /* XXX */
1.1 provos 228: struct mon_table *ent;
1.119 djm 229: int authenticated = 0, partial = 0;
1.1 provos 230:
231: debug3("preauth child monitor started");
232:
1.179 ! tb 233: if (pmonitor->m_recvfd >= 0)
! 234: close(pmonitor->m_recvfd);
! 235: if (pmonitor->m_log_sendfd >= 0)
! 236: close(pmonitor->m_log_sendfd);
1.114 djm 237: pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
238:
1.50 markus 239: authctxt = _authctxt;
240: memset(authctxt, 0, sizeof(*authctxt));
241:
1.162 markus 242: mon_dispatch = mon_dispatch_proto20;
243: /* Permit requests for moduli and signatures */
244: monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
245: monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
1.1 provos 246:
247: /* The first few requests do not require asynchronous access */
248: while (!authenticated) {
1.119 djm 249: partial = 0;
1.77 dtucker 250: auth_method = "unknown";
1.119 djm 251: auth_submethod = NULL;
1.172 djm 252: auth2_authctxt_reset_info(authctxt);
253:
1.89 markus 254: authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
1.118 djm 255:
256: /* Special handling for multiple required authentications */
257: if (options.num_auth_methods != 0) {
258: if (authenticated &&
259: !auth2_update_methods_lists(authctxt,
1.122 markus 260: auth_method, auth_submethod)) {
1.118 djm 261: debug3("%s: method %s: partial", __func__,
262: auth_method);
263: authenticated = 0;
1.119 djm 264: partial = 1;
1.118 djm 265: }
266: }
267:
1.1 provos 268: if (authenticated) {
269: if (!(ent->flags & MON_AUTHDECIDE))
270: fatal("%s: unexpected authentication from %d",
1.14 markus 271: __func__, ent->type);
1.1 provos 272: if (authctxt->pw->pw_uid == 0 &&
273: !auth_root_allowed(auth_method))
274: authenticated = 0;
275: }
1.77 dtucker 276: if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) {
1.119 djm 277: auth_log(authctxt, authenticated, partial,
1.125 djm 278: auth_method, auth_submethod);
1.150 djm 279: if (!partial && !authenticated)
1.1 provos 280: authctxt->failures++;
1.172 djm 281: if (authenticated || partial) {
282: auth2_update_session_info(authctxt,
283: auth_method, auth_submethod);
284: }
1.1 provos 285: }
286: }
287:
288: if (!authctxt->valid)
1.14 markus 289: fatal("%s: authenticated invalid user", __func__);
1.77 dtucker 290: if (strcmp(auth_method, "unknown") == 0)
291: fatal("%s: authentication method name unknown", __func__);
1.1 provos 292:
293: debug("%s: %s has been authenticated by privileged process",
1.14 markus 294: __func__, authctxt->user);
1.167 djm 295: ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user);
1.1 provos 296:
1.11 mouring 297: mm_get_keystate(pmonitor);
1.120 markus 298:
299: /* Drain any buffered messages from the child */
300: while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
301: ;
1.114 djm 302:
1.179 ! tb 303: if (pmonitor->m_recvfd >= 0)
! 304: close(pmonitor->m_recvfd);
! 305: if (pmonitor->m_log_sendfd >= 0)
! 306: close(pmonitor->m_log_sendfd);
1.114 djm 307: pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1;
1.1 provos 308: }
309:
1.40 markus 310: static void
311: monitor_set_child_handler(pid_t pid)
312: {
313: monitor_child_pid = pid;
314: }
315:
316: static void
1.59 avsm 317: monitor_child_handler(int sig)
1.40 markus 318: {
1.59 avsm 319: kill(monitor_child_pid, sig);
1.40 markus 320: }
321:
1.1 provos 322: void
1.11 mouring 323: monitor_child_postauth(struct monitor *pmonitor)
1.1 provos 324: {
1.114 djm 325: close(pmonitor->m_recvfd);
326: pmonitor->m_recvfd = -1;
327:
1.40 markus 328: monitor_set_child_handler(pmonitor->m_pid);
329: signal(SIGHUP, &monitor_child_handler);
330: signal(SIGTERM, &monitor_child_handler);
1.91 djm 331: signal(SIGINT, &monitor_child_handler);
1.40 markus 332:
1.162 markus 333: mon_dispatch = mon_dispatch_postauth20;
334:
335: /* Permit requests for moduli and signatures */
336: monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
337: monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
338: monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
1.1 provos 339:
340: if (!no_pty_flag) {
341: monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
342: monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1);
343: }
344:
345: for (;;)
1.11 mouring 346: monitor_read(pmonitor, mon_dispatch, NULL);
1.1 provos 347: }
348:
1.114 djm 349: static int
350: monitor_read_log(struct monitor *pmonitor)
351: {
352: Buffer logmsg;
353: u_int len, level;
354: char *msg;
355:
356: buffer_init(&logmsg);
357:
358: /* Read length */
359: buffer_append_space(&logmsg, 4);
360: if (atomicio(read, pmonitor->m_log_recvfd,
361: buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg)) {
362: if (errno == EPIPE) {
1.116 djm 363: buffer_free(&logmsg);
1.114 djm 364: debug("%s: child log fd closed", __func__);
365: close(pmonitor->m_log_recvfd);
366: pmonitor->m_log_recvfd = -1;
367: return -1;
368: }
369: fatal("%s: log fd read: %s", __func__, strerror(errno));
370: }
371: len = buffer_get_int(&logmsg);
372: if (len <= 4 || len > 8192)
373: fatal("%s: invalid log message length %u", __func__, len);
374:
375: /* Read severity, message */
376: buffer_clear(&logmsg);
377: buffer_append_space(&logmsg, len);
378: if (atomicio(read, pmonitor->m_log_recvfd,
379: buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg))
380: fatal("%s: log fd read: %s", __func__, strerror(errno));
381:
382: /* Log it */
383: level = buffer_get_int(&logmsg);
384: msg = buffer_get_string(&logmsg, NULL);
385: if (log_level_name(level) == NULL)
386: fatal("%s: invalid log level %u (corrupted message?)",
387: __func__, level);
388: do_log2(level, "%s [preauth]", msg);
389:
390: buffer_free(&logmsg);
1.124 djm 391: free(msg);
1.114 djm 392:
393: return 0;
394: }
395:
1.1 provos 396: int
1.11 mouring 397: monitor_read(struct monitor *pmonitor, struct mon_table *ent,
1.1 provos 398: struct mon_table **pent)
399: {
400: Buffer m;
401: int ret;
402: u_char type;
1.114 djm 403: struct pollfd pfd[2];
404:
405: for (;;) {
1.130 tedu 406: memset(&pfd, 0, sizeof(pfd));
1.114 djm 407: pfd[0].fd = pmonitor->m_sendfd;
408: pfd[0].events = POLLIN;
409: pfd[1].fd = pmonitor->m_log_recvfd;
410: pfd[1].events = pfd[1].fd == -1 ? 0 : POLLIN;
1.115 djm 411: if (poll(pfd, pfd[1].fd == -1 ? 1 : 2, -1) == -1) {
412: if (errno == EINTR || errno == EAGAIN)
413: continue;
1.114 djm 414: fatal("%s: poll: %s", __func__, strerror(errno));
1.115 djm 415: }
1.114 djm 416: if (pfd[1].revents) {
417: /*
418: * Drain all log messages before processing next
419: * monitor request.
420: */
421: monitor_read_log(pmonitor);
422: continue;
423: }
424: if (pfd[0].revents)
425: break; /* Continues below */
426: }
1.1 provos 427:
428: buffer_init(&m);
429:
1.11 mouring 430: mm_request_receive(pmonitor->m_sendfd, &m);
1.1 provos 431: type = buffer_get_char(&m);
432:
1.14 markus 433: debug3("%s: checking request %d", __func__, type);
1.1 provos 434:
435: while (ent->f != NULL) {
436: if (ent->type == type)
437: break;
438: ent++;
439: }
440:
441: if (ent->f != NULL) {
442: if (!(ent->flags & MON_PERMIT))
1.14 markus 443: fatal("%s: unpermitted request %d", __func__,
1.1 provos 444: type);
1.11 mouring 445: ret = (*ent->f)(pmonitor->m_sendfd, &m);
1.1 provos 446: buffer_free(&m);
447:
448: /* The child may use this request only once, disable it */
449: if (ent->flags & MON_ONCE) {
1.14 markus 450: debug2("%s: %d used once, disabling now", __func__,
1.1 provos 451: type);
452: ent->flags &= ~MON_PERMIT;
453: }
454:
455: if (pent != NULL)
456: *pent = ent;
1.3 markus 457:
1.1 provos 458: return ret;
459: }
460:
1.14 markus 461: fatal("%s: unsupported request: %d", __func__, type);
1.1 provos 462:
463: /* NOTREACHED */
464: return (-1);
465: }
466:
467: /* allowed key state */
468: static int
469: monitor_allowed_key(u_char *blob, u_int bloblen)
470: {
471: /* make sure key is allowed */
472: if (key_blob == NULL || key_bloblen != bloblen ||
1.108 djm 473: timingsafe_bcmp(key_blob, blob, key_bloblen))
1.1 provos 474: return (0);
475: return (1);
476: }
477:
478: static void
479: monitor_reset_key_state(void)
480: {
481: /* reset state */
1.124 djm 482: free(key_blob);
483: free(hostbased_cuser);
484: free(hostbased_chost);
1.1 provos 485: key_blob = NULL;
486: key_bloblen = 0;
487: key_blobtype = MM_NOKEY;
488: hostbased_cuser = NULL;
489: hostbased_chost = NULL;
490: }
491:
1.132 markus 492: #ifdef WITH_OPENSSL
1.1 provos 493: int
1.59 avsm 494: mm_answer_moduli(int sock, Buffer *m)
1.1 provos 495: {
496: DH *dh;
497: int min, want, max;
498:
499: min = buffer_get_int(m);
500: want = buffer_get_int(m);
501: max = buffer_get_int(m);
502:
503: debug3("%s: got parameters: %d %d %d",
1.14 markus 504: __func__, min, want, max);
1.1 provos 505: /* We need to check here, too, in case the child got corrupted */
506: if (max < min || want < min || max < want)
507: fatal("%s: bad parameters: %d %d %d",
1.14 markus 508: __func__, min, want, max);
1.1 provos 509:
510: buffer_clear(m);
511:
512: dh = choose_dh(min, want, max);
513: if (dh == NULL) {
514: buffer_put_char(m, 0);
515: return (0);
516: } else {
517: /* Send first bignum */
518: buffer_put_char(m, 1);
519: buffer_put_bignum2(m, dh->p);
520: buffer_put_bignum2(m, dh->g);
1.3 markus 521:
1.1 provos 522: DH_free(dh);
523: }
1.59 avsm 524: mm_request_send(sock, MONITOR_ANS_MODULI, m);
1.1 provos 525: return (0);
526: }
1.132 markus 527: #endif
1.1 provos 528:
529: int
1.59 avsm 530: mm_answer_sign(int sock, Buffer *m)
1.1 provos 531: {
1.144 djm 532: struct ssh *ssh = active_state; /* XXX */
1.138 djm 533: extern int auth_sock; /* XXX move to state struct? */
534: struct sshkey *key;
1.157 djm 535: struct sshbuf *sigbuf = NULL;
536: u_char *p = NULL, *signature = NULL;
537: char *alg = NULL;
1.155 markus 538: size_t datlen, siglen, alglen;
1.159 djm 539: int r, is_proof = 0;
540: u_int keyid;
1.145 djm 541: const char proof_req[] = "hostkeys-prove-00@openssh.com";
1.3 markus 542:
1.14 markus 543: debug3("%s", __func__);
1.1 provos 544:
1.138 djm 545: if ((r = sshbuf_get_u32(m, &keyid)) != 0 ||
1.155 markus 546: (r = sshbuf_get_string(m, &p, &datlen)) != 0 ||
547: (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0)
1.138 djm 548: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.159 djm 549: if (keyid > INT_MAX)
550: fatal("%s: invalid key ID", __func__);
1.1 provos 551:
1.69 djm 552: /*
1.110 djm 553: * Supported KEX types use SHA1 (20 bytes), SHA256 (32 bytes),
554: * SHA384 (48 bytes) and SHA512 (64 bytes).
1.144 djm 555: *
556: * Otherwise, verify the signature request is for a hostkey
557: * proof.
558: *
559: * XXX perform similar check for KEX signature requests too?
560: * it's not trivial, since what is signed is the hash, rather
561: * than the full kex structure...
1.69 djm 562: */
1.144 djm 563: if (datlen != 20 && datlen != 32 && datlen != 48 && datlen != 64) {
564: /*
565: * Construct expected hostkey proof and compare it to what
566: * the client sent us.
567: */
568: if (session_id2_len == 0) /* hostkeys is never first */
569: fatal("%s: bad data length: %zu", __func__, datlen);
570: if ((key = get_hostkey_public_by_index(keyid, ssh)) == NULL)
571: fatal("%s: no hostkey for index %d", __func__, keyid);
572: if ((sigbuf = sshbuf_new()) == NULL)
573: fatal("%s: sshbuf_new", __func__);
1.145 djm 574: if ((r = sshbuf_put_cstring(sigbuf, proof_req)) != 0 ||
575: (r = sshbuf_put_string(sigbuf, session_id2,
1.152 jsg 576: session_id2_len)) != 0 ||
1.144 djm 577: (r = sshkey_puts(key, sigbuf)) != 0)
578: fatal("%s: couldn't prepare private key "
579: "proof buffer: %s", __func__, ssh_err(r));
580: if (datlen != sshbuf_len(sigbuf) ||
581: memcmp(p, sshbuf_ptr(sigbuf), sshbuf_len(sigbuf)) != 0)
582: fatal("%s: bad data length: %zu, hostkey proof len %zu",
583: __func__, datlen, sshbuf_len(sigbuf));
584: sshbuf_free(sigbuf);
585: is_proof = 1;
586: }
1.1 provos 587:
1.13 markus 588: /* save session id, it will be passed on the first call */
589: if (session_id2_len == 0) {
590: session_id2_len = datlen;
591: session_id2 = xmalloc(session_id2_len);
592: memcpy(session_id2, p, session_id2_len);
593: }
594:
1.127 markus 595: if ((key = get_hostkey_by_index(keyid)) != NULL) {
1.155 markus 596: if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg,
1.138 djm 597: datafellows)) != 0)
598: fatal("%s: sshkey_sign failed: %s",
599: __func__, ssh_err(r));
1.144 djm 600: } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL &&
1.138 djm 601: auth_sock > 0) {
602: if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen,
1.155 markus 603: p, datlen, alg, datafellows)) != 0) {
1.138 djm 604: fatal("%s: ssh_agent_sign failed: %s",
605: __func__, ssh_err(r));
606: }
1.127 markus 607: } else
1.14 markus 608: fatal("%s: no hostkey from index %d", __func__, keyid);
1.1 provos 609:
1.144 djm 610: debug3("%s: %s signature %p(%zu)", __func__,
611: is_proof ? "KEX" : "hostkey proof", signature, siglen);
1.1 provos 612:
1.138 djm 613: sshbuf_reset(m);
614: if ((r = sshbuf_put_string(m, signature, siglen)) != 0)
615: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.1 provos 616:
1.157 djm 617: free(alg);
1.124 djm 618: free(p);
619: free(signature);
1.1 provos 620:
1.59 avsm 621: mm_request_send(sock, MONITOR_ANS_SIGN, m);
1.1 provos 622:
623: /* Turn on permissions for getpwnam */
624: monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
625:
626: return (0);
627: }
628:
629: /* Retrieves the password entry and also checks if the user is permitted */
630:
631: int
1.59 avsm 632: mm_answer_pwnamallow(int sock, Buffer *m)
1.1 provos 633: {
1.167 djm 634: struct ssh *ssh = active_state; /* XXX */
1.60 dtucker 635: char *username;
1.1 provos 636: struct passwd *pwent;
637: int allowed = 0;
1.113 djm 638: u_int i;
1.3 markus 639:
1.14 markus 640: debug3("%s", __func__);
1.1 provos 641:
642: if (authctxt->attempt++ != 0)
1.14 markus 643: fatal("%s: multiple attempts for getpwnam", __func__);
1.1 provos 644:
1.60 dtucker 645: username = buffer_get_string(m, NULL);
1.1 provos 646:
1.60 dtucker 647: pwent = getpwnamallow(username);
1.1 provos 648:
1.60 dtucker 649: authctxt->user = xstrdup(username);
650: setproctitle("%s [priv]", pwent ? username : "unknown");
1.124 djm 651: free(username);
1.1 provos 652:
653: buffer_clear(m);
654:
655: if (pwent == NULL) {
656: buffer_put_char(m, 0);
1.53 djm 657: authctxt->pw = fakepw();
1.1 provos 658: goto out;
659: }
660:
661: allowed = 1;
1.4 markus 662: authctxt->pw = pwent;
1.1 provos 663: authctxt->valid = 1;
664:
665: buffer_put_char(m, 1);
666: buffer_put_string(m, pwent, sizeof(struct passwd));
667: buffer_put_cstring(m, pwent->pw_name);
668: buffer_put_cstring(m, "*");
669: buffer_put_cstring(m, pwent->pw_gecos);
670: buffer_put_cstring(m, pwent->pw_class);
671: buffer_put_cstring(m, pwent->pw_dir);
672: buffer_put_cstring(m, pwent->pw_shell);
1.94 dtucker 673:
674: out:
1.167 djm 675: ssh_packet_set_log_preamble(ssh, "%suser %s",
676: authctxt->valid ? "authenticating" : "invalid ", authctxt->user);
1.90 dtucker 677: buffer_put_string(m, &options, sizeof(options));
1.112 djm 678:
679: #define M_CP_STROPT(x) do { \
680: if (options.x != NULL) \
681: buffer_put_cstring(m, options.x); \
682: } while (0)
1.113 djm 683: #define M_CP_STRARRAYOPT(x, nx) do { \
684: for (i = 0; i < options.nx; i++) \
685: buffer_put_cstring(m, options.x[i]); \
686: } while (0)
1.112 djm 687: /* See comment in servconf.h */
688: COPY_MATCH_STRING_OPTS();
689: #undef M_CP_STROPT
1.113 djm 690: #undef M_CP_STRARRAYOPT
1.118 djm 691:
692: /* Create valid auth method lists */
1.162 markus 693: if (auth2_setup_methods_lists(authctxt) != 0) {
1.118 djm 694: /*
695: * The monitor will continue long enough to let the child
696: * run to it's packet_disconnect(), but it must not allow any
697: * authentication to succeed.
698: */
699: debug("%s: no valid authentication method lists", __func__);
700: }
701:
1.14 markus 702: debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
1.59 avsm 703: mm_request_send(sock, MONITOR_ANS_PWNAM, m);
1.1 provos 704:
1.162 markus 705: /* Allow service/style information on the auth context */
706: monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
707: monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
1.10 djm 708:
709: return (0);
710: }
711:
1.59 avsm 712: int mm_answer_auth2_read_banner(int sock, Buffer *m)
1.10 djm 713: {
714: char *banner;
715:
716: buffer_clear(m);
717: banner = auth2_read_banner();
718: buffer_put_cstring(m, banner != NULL ? banner : "");
1.59 avsm 719: mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m);
1.124 djm 720: free(banner);
1.1 provos 721:
722: return (0);
723: }
724:
725: int
1.59 avsm 726: mm_answer_authserv(int sock, Buffer *m)
1.1 provos 727: {
728: monitor_permit_authentications(1);
729:
730: authctxt->service = buffer_get_string(m, NULL);
731: authctxt->style = buffer_get_string(m, NULL);
1.6 stevesk 732: debug3("%s: service=%s, style=%s",
1.14 markus 733: __func__, authctxt->service, authctxt->style);
1.6 stevesk 734:
1.1 provos 735: if (strlen(authctxt->style) == 0) {
1.124 djm 736: free(authctxt->style);
1.1 provos 737: authctxt->style = NULL;
738: }
739:
740: return (0);
741: }
742:
743: int
1.59 avsm 744: mm_answer_authpassword(int sock, Buffer *m)
1.1 provos 745: {
746: static int call_count;
747: char *passwd;
1.22 stevesk 748: int authenticated;
749: u_int plen;
1.1 provos 750:
1.164 djm 751: if (!options.password_authentication)
752: fatal("%s: password authentication not enabled", __func__);
1.1 provos 753: passwd = buffer_get_string(m, &plen);
754: /* Only authenticate if the context is valid */
1.12 markus 755: authenticated = options.password_authentication &&
1.48 markus 756: auth_password(authctxt, passwd);
1.131 djm 757: explicit_bzero(passwd, strlen(passwd));
1.124 djm 758: free(passwd);
1.1 provos 759:
760: buffer_clear(m);
761: buffer_put_int(m, authenticated);
762:
1.14 markus 763: debug3("%s: sending result %d", __func__, authenticated);
1.59 avsm 764: mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m);
1.1 provos 765:
766: call_count++;
767: if (plen == 0 && call_count == 1)
768: auth_method = "none";
769: else
770: auth_method = "password";
771:
772: /* Causes monitor loop to terminate if authenticated */
773: return (authenticated);
774: }
775:
776: int
1.59 avsm 777: mm_answer_bsdauthquery(int sock, Buffer *m)
1.1 provos 778: {
779: char *name, *infotxt;
780: u_int numprompts;
781: u_int *echo_on;
782: char **prompts;
1.31 markus 783: u_int success;
1.1 provos 784:
1.164 djm 785: if (!options.kbd_interactive_authentication)
786: fatal("%s: kbd-int authentication not enabled", __func__);
1.31 markus 787: success = bsdauth_query(authctxt, &name, &infotxt, &numprompts,
788: &prompts, &echo_on) < 0 ? 0 : 1;
1.1 provos 789:
790: buffer_clear(m);
1.31 markus 791: buffer_put_int(m, success);
792: if (success)
1.1 provos 793: buffer_put_cstring(m, prompts[0]);
794:
1.31 markus 795: debug3("%s: sending challenge success: %u", __func__, success);
1.59 avsm 796: mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m);
1.1 provos 797:
1.31 markus 798: if (success) {
1.124 djm 799: free(name);
800: free(infotxt);
801: free(prompts);
802: free(echo_on);
1.1 provos 803: }
804:
805: return (0);
806: }
807:
808: int
1.59 avsm 809: mm_answer_bsdauthrespond(int sock, Buffer *m)
1.1 provos 810: {
811: char *response;
812: int authok;
813:
1.164 djm 814: if (!options.kbd_interactive_authentication)
815: fatal("%s: kbd-int authentication not enabled", __func__);
1.154 mmcc 816: if (authctxt->as == NULL)
1.14 markus 817: fatal("%s: no bsd auth session", __func__);
1.1 provos 818:
819: response = buffer_get_string(m, NULL);
1.12 markus 820: authok = options.challenge_response_authentication &&
821: auth_userresponse(authctxt->as, response, 0);
1.1 provos 822: authctxt->as = NULL;
1.14 markus 823: debug3("%s: <%s> = <%d>", __func__, response, authok);
1.124 djm 824: free(response);
1.1 provos 825:
826: buffer_clear(m);
827: buffer_put_int(m, authok);
828:
1.14 markus 829: debug3("%s: sending authenticated: %d", __func__, authok);
1.59 avsm 830: mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m);
1.1 provos 831:
1.162 markus 832: auth_method = "keyboard-interactive";
833: auth_submethod = "bsdauth";
1.1 provos 834:
835: return (authok != 0);
836: }
837:
838: int
1.59 avsm 839: mm_answer_keyallowed(int sock, Buffer *m)
1.1 provos 840: {
1.168 markus 841: struct sshkey *key;
1.26 markus 842: char *cuser, *chost;
843: u_char *blob;
1.148 djm 844: u_int bloblen, pubkey_auth_attempt;
1.1 provos 845: enum mm_keytype type = 0;
846: int allowed = 0;
847:
1.14 markus 848: debug3("%s entering", __func__);
1.3 markus 849:
1.1 provos 850: type = buffer_get_int(m);
851: cuser = buffer_get_string(m, NULL);
852: chost = buffer_get_string(m, NULL);
853: blob = buffer_get_string(m, &bloblen);
1.148 djm 854: pubkey_auth_attempt = buffer_get_int(m);
1.1 provos 855:
856: key = key_from_blob(blob, bloblen);
857:
1.14 markus 858: debug3("%s: key_from_blob: %p", __func__, key);
1.1 provos 859:
1.51 djm 860: if (key != NULL && authctxt->valid) {
1.137 djm 861: /* These should not make it past the privsep child */
862: if (key_type_plain(key->type) == KEY_RSA &&
863: (datafellows & SSH_BUG_RSASIGMD5) != 0)
864: fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__);
865:
1.63 deraadt 866: switch (type) {
1.1 provos 867: case MM_USERKEY:
1.12 markus 868: allowed = options.pubkey_authentication &&
1.172 djm 869: !auth2_key_already_used(authctxt, key) &&
1.137 djm 870: match_pattern_list(sshkey_ssh_name(key),
1.149 djm 871: options.pubkey_key_types, 0) == 1 &&
1.148 djm 872: user_key_allowed(authctxt->pw, key,
873: pubkey_auth_attempt);
1.77 dtucker 874: auth_method = "publickey";
1.148 djm 875: if (options.pubkey_authentication &&
876: (!pubkey_auth_attempt || allowed != 1))
1.97 dtucker 877: auth_clear_options();
1.1 provos 878: break;
879: case MM_HOSTKEY:
1.12 markus 880: allowed = options.hostbased_authentication &&
1.172 djm 881: !auth2_key_already_used(authctxt, key) &&
1.137 djm 882: match_pattern_list(sshkey_ssh_name(key),
1.149 djm 883: options.hostbased_key_types, 0) == 1 &&
1.12 markus 884: hostbased_key_allowed(authctxt->pw,
1.1 provos 885: cuser, chost, key);
1.172 djm 886: auth2_record_info(authctxt,
1.126 djm 887: "client user \"%.100s\", client host \"%.100s\"",
888: cuser, chost);
1.77 dtucker 889: auth_method = "hostbased";
1.1 provos 890: break;
891: default:
1.14 markus 892: fatal("%s: unknown key type %d", __func__, type);
1.1 provos 893: break;
894: }
1.33 markus 895: }
1.161 djm 896:
1.172 djm 897: debug3("%s: key is %s", __func__, allowed ? "allowed" : "not allowed");
1.161 djm 898:
1.172 djm 899: auth2_record_key(authctxt, 0, key);
900: sshkey_free(key);
1.1 provos 901:
902: /* clear temporarily storage (used by verify) */
903: monitor_reset_key_state();
904:
905: if (allowed) {
906: /* Save temporarily for comparison in verify */
907: key_blob = blob;
908: key_bloblen = bloblen;
909: key_blobtype = type;
910: hostbased_cuser = cuser;
911: hostbased_chost = chost;
1.72 djm 912: } else {
1.77 dtucker 913: /* Log failed attempt */
1.125 djm 914: auth_log(authctxt, 0, 0, auth_method, NULL);
1.124 djm 915: free(blob);
916: free(cuser);
917: free(chost);
1.1 provos 918: }
919:
920: buffer_clear(m);
921: buffer_put_int(m, allowed);
1.32 markus 922: buffer_put_int(m, forced_command != NULL);
1.1 provos 923:
1.59 avsm 924: mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
1.1 provos 925:
926: return (0);
927: }
928:
929: static int
930: monitor_valid_userblob(u_char *data, u_int datalen)
931: {
932: Buffer b;
1.159 djm 933: u_char *p;
934: char *userstyle, *cp;
1.1 provos 935: u_int len;
936: int fail = 0;
937:
938: buffer_init(&b);
939: buffer_append(&b, data, datalen);
1.3 markus 940:
1.1 provos 941: if (datafellows & SSH_OLD_SESSIONID) {
1.13 markus 942: p = buffer_ptr(&b);
943: len = buffer_len(&b);
944: if ((session_id2 == NULL) ||
945: (len < session_id2_len) ||
1.108 djm 946: (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1.13 markus 947: fail++;
1.1 provos 948: buffer_consume(&b, session_id2_len);
949: } else {
1.13 markus 950: p = buffer_get_string(&b, &len);
951: if ((session_id2 == NULL) ||
952: (len != session_id2_len) ||
1.108 djm 953: (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1.1 provos 954: fail++;
1.124 djm 955: free(p);
1.1 provos 956: }
957: if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
958: fail++;
1.159 djm 959: cp = buffer_get_cstring(&b, NULL);
1.121 djm 960: xasprintf(&userstyle, "%s%s%s", authctxt->user,
961: authctxt->style ? ":" : "",
962: authctxt->style ? authctxt->style : "");
1.159 djm 963: if (strcmp(userstyle, cp) != 0) {
964: logit("wrong user name passed to monitor: "
965: "expected %s != %.100s", userstyle, cp);
1.1 provos 966: fail++;
967: }
1.124 djm 968: free(userstyle);
1.159 djm 969: free(cp);
1.1 provos 970: buffer_skip_string(&b);
1.178 djm 971: cp = buffer_get_cstring(&b, NULL);
972: if (strcmp("publickey", cp) != 0)
973: fail++;
974: free(cp);
975: if (!buffer_get_char(&b))
976: fail++;
977: buffer_skip_string(&b);
1.1 provos 978: buffer_skip_string(&b);
979: if (buffer_len(&b) != 0)
980: fail++;
981: buffer_free(&b);
982: return (fail == 0);
983: }
984:
985: static int
1.26 markus 986: monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
987: char *chost)
1.1 provos 988: {
989: Buffer b;
1.121 djm 990: char *p, *userstyle;
1.1 provos 991: u_int len;
992: int fail = 0;
993:
994: buffer_init(&b);
995: buffer_append(&b, data, datalen);
1.3 markus 996:
1.13 markus 997: p = buffer_get_string(&b, &len);
998: if ((session_id2 == NULL) ||
999: (len != session_id2_len) ||
1.108 djm 1000: (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1.1 provos 1001: fail++;
1.124 djm 1002: free(p);
1.13 markus 1003:
1.1 provos 1004: if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
1005: fail++;
1.121 djm 1006: p = buffer_get_cstring(&b, NULL);
1007: xasprintf(&userstyle, "%s%s%s", authctxt->user,
1008: authctxt->style ? ":" : "",
1009: authctxt->style ? authctxt->style : "");
1010: if (strcmp(userstyle, p) != 0) {
1.38 itojun 1011: logit("wrong user name passed to monitor: expected %s != %.100s",
1.121 djm 1012: userstyle, p);
1.1 provos 1013: fail++;
1014: }
1.121 djm 1015: free(userstyle);
1.124 djm 1016: free(p);
1.1 provos 1017: buffer_skip_string(&b); /* service */
1.121 djm 1018: p = buffer_get_cstring(&b, NULL);
1.1 provos 1019: if (strcmp(p, "hostbased") != 0)
1020: fail++;
1.124 djm 1021: free(p);
1.1 provos 1022: buffer_skip_string(&b); /* pkalg */
1023: buffer_skip_string(&b); /* pkblob */
1024:
1025: /* verify client host, strip trailing dot if necessary */
1026: p = buffer_get_string(&b, NULL);
1027: if (((len = strlen(p)) > 0) && p[len - 1] == '.')
1028: p[len - 1] = '\0';
1029: if (strcmp(p, chost) != 0)
1030: fail++;
1.124 djm 1031: free(p);
1.1 provos 1032:
1033: /* verify client user */
1034: p = buffer_get_string(&b, NULL);
1035: if (strcmp(p, cuser) != 0)
1036: fail++;
1.124 djm 1037: free(p);
1.1 provos 1038:
1039: if (buffer_len(&b) != 0)
1040: fail++;
1041: buffer_free(&b);
1042: return (fail == 0);
1043: }
1044:
1045: int
1.169 markus 1046: mm_answer_keyverify(int sock, struct sshbuf *m)
1.1 provos 1047: {
1.168 markus 1048: struct sshkey *key;
1.1 provos 1049: u_char *signature, *data, *blob;
1.176 djm 1050: char *sigalg;
1.169 markus 1051: size_t signaturelen, datalen, bloblen;
1052: int r, ret, valid_data = 0, encoded_ret;
1.1 provos 1053:
1.169 markus 1054: if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
1055: (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
1.176 djm 1056: (r = sshbuf_get_string(m, &data, &datalen)) != 0 ||
1057: (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0)
1.169 markus 1058: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.1 provos 1059:
1060: if (hostbased_cuser == NULL || hostbased_chost == NULL ||
1.8 mouring 1061: !monitor_allowed_key(blob, bloblen))
1.14 markus 1062: fatal("%s: bad key, not previously allowed", __func__);
1.1 provos 1063:
1.177 djm 1064: /* Empty signature algorithm means NULL. */
1065: if (*sigalg == '\0') {
1066: free(sigalg);
1067: sigalg = NULL;
1068: }
1069:
1.169 markus 1070: /* XXX use sshkey_froms here; need to change key_blob, etc. */
1071: if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)
1072: fatal("%s: bad public key blob: %s", __func__, ssh_err(r));
1.1 provos 1073:
1074: switch (key_blobtype) {
1075: case MM_USERKEY:
1076: valid_data = monitor_valid_userblob(data, datalen);
1.172 djm 1077: auth_method = "publickey";
1.1 provos 1078: break;
1079: case MM_HOSTKEY:
1080: valid_data = monitor_valid_hostbasedblob(data, datalen,
1081: hostbased_cuser, hostbased_chost);
1.172 djm 1082: auth_method = "hostbased";
1.1 provos 1083: break;
1084: default:
1085: valid_data = 0;
1086: break;
1087: }
1088: if (!valid_data)
1.14 markus 1089: fatal("%s: bad signature data blob", __func__);
1.1 provos 1090:
1.169 markus 1091: ret = sshkey_verify(key, signature, signaturelen, data, datalen,
1.176 djm 1092: sigalg, active_state->compat);
1.172 djm 1093: debug3("%s: %s %p signature %s", __func__, auth_method, key,
1094: (ret == 0) ? "verified" : "unverified");
1095: auth2_record_key(authctxt, ret == 0, key);
1.136 djm 1096:
1.124 djm 1097: free(blob);
1098: free(signature);
1099: free(data);
1.177 djm 1100: free(sigalg);
1.1 provos 1101:
1102: monitor_reset_key_state();
1.3 markus 1103:
1.172 djm 1104: sshkey_free(key);
1.169 markus 1105: sshbuf_reset(m);
1106:
1107: /* encode ret != 0 as positive integer, since we're sending u32 */
1108: encoded_ret = (ret != 0);
1109: if ((r = sshbuf_put_u32(m, encoded_ret)) != 0)
1110: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.59 avsm 1111: mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
1.1 provos 1112:
1.169 markus 1113: return ret == 0;
1.1 provos 1114: }
1115:
1.2 markus 1116: static void
1.1 provos 1117: mm_record_login(Session *s, struct passwd *pw)
1118: {
1.158 djm 1119: struct ssh *ssh = active_state; /* XXX */
1.1 provos 1120: socklen_t fromlen;
1121: struct sockaddr_storage from;
1122:
1123: /*
1124: * Get IP address of client. If the connection is not a socket, let
1125: * the address be 0.0.0.0.
1126: */
1127: memset(&from, 0, sizeof(from));
1.24 stevesk 1128: fromlen = sizeof(from);
1.1 provos 1129: if (packet_connection_is_on_socket()) {
1130: if (getpeername(packet_get_connection_in(),
1.74 deraadt 1131: (struct sockaddr *)&from, &fromlen) < 0) {
1.1 provos 1132: debug("getpeername: %.100s", strerror(errno));
1.50 markus 1133: cleanup_exit(255);
1.1 provos 1134: }
1135: }
1136: /* Record that there was a login on that tty from the remote host. */
1137: record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid,
1.158 djm 1138: session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns),
1.24 stevesk 1139: (struct sockaddr *)&from, fromlen);
1.1 provos 1140: }
1141:
1142: static void
1143: mm_session_close(Session *s)
1144: {
1.41 djm 1145: debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid);
1.1 provos 1146: if (s->ttyfd != -1) {
1.86 stevesk 1147: debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
1.1 provos 1148: session_pty_cleanup2(s);
1149: }
1.96 djm 1150: session_unused(s->self);
1.1 provos 1151: }
1152:
1153: int
1.59 avsm 1154: mm_answer_pty(int sock, Buffer *m)
1.1 provos 1155: {
1.11 mouring 1156: extern struct monitor *pmonitor;
1.1 provos 1157: Session *s;
1158: int res, fd0;
1159:
1.14 markus 1160: debug3("%s entering", __func__);
1.1 provos 1161:
1162: buffer_clear(m);
1163: s = session_new();
1164: if (s == NULL)
1165: goto error;
1166: s->authctxt = authctxt;
1167: s->pw = authctxt->pw;
1.11 mouring 1168: s->pid = pmonitor->m_pid;
1.1 provos 1169: res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
1170: if (res == 0)
1171: goto error;
1172: pty_setowner(authctxt->pw, s->tty);
1173:
1174: buffer_put_int(m, 1);
1175: buffer_put_cstring(m, s->tty);
1176:
1177: /* We need to trick ttyslot */
1178: if (dup2(s->ttyfd, 0) == -1)
1.14 markus 1179: fatal("%s: dup2", __func__);
1.1 provos 1180:
1181: mm_record_login(s, authctxt->pw);
1182:
1183: /* Now we can close the file descriptor again */
1184: close(0);
1.61 dtucker 1185:
1186: /* send messages generated by record_login */
1187: buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg));
1188: buffer_clear(&loginmsg);
1189:
1190: mm_request_send(sock, MONITOR_ANS_PTY, m);
1191:
1.92 djm 1192: if (mm_send_fd(sock, s->ptyfd) == -1 ||
1193: mm_send_fd(sock, s->ttyfd) == -1)
1194: fatal("%s: send fds failed", __func__);
1.1 provos 1195:
1196: /* make sure nothing uses fd 0 */
1197: if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
1.14 markus 1198: fatal("%s: open(/dev/null): %s", __func__, strerror(errno));
1.1 provos 1199: if (fd0 != 0)
1.14 markus 1200: error("%s: fd0 %d != 0", __func__, fd0);
1.1 provos 1201:
1202: /* slave is not needed */
1203: close(s->ttyfd);
1204: s->ttyfd = s->ptyfd;
1205: /* no need to dup() because nobody closes ptyfd */
1206: s->ptymaster = s->ptyfd;
1207:
1.86 stevesk 1208: debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd);
1.1 provos 1209:
1210: return (0);
1211:
1212: error:
1213: if (s != NULL)
1214: mm_session_close(s);
1215: buffer_put_int(m, 0);
1.59 avsm 1216: mm_request_send(sock, MONITOR_ANS_PTY, m);
1.1 provos 1217: return (0);
1218: }
1219:
1220: int
1.59 avsm 1221: mm_answer_pty_cleanup(int sock, Buffer *m)
1.1 provos 1222: {
1223: Session *s;
1224: char *tty;
1225:
1.14 markus 1226: debug3("%s entering", __func__);
1.1 provos 1227:
1228: tty = buffer_get_string(m, NULL);
1229: if ((s = session_by_tty(tty)) != NULL)
1230: mm_session_close(s);
1231: buffer_clear(m);
1.124 djm 1232: free(tty);
1.1 provos 1233: return (0);
1234: }
1235:
1236: int
1.59 avsm 1237: mm_answer_term(int sock, Buffer *req)
1.1 provos 1238: {
1.173 djm 1239: struct ssh *ssh = active_state; /* XXX */
1.11 mouring 1240: extern struct monitor *pmonitor;
1.1 provos 1241: int res, status;
1242:
1.14 markus 1243: debug3("%s: tearing down sessions", __func__);
1.1 provos 1244:
1245: /* The child is terminating */
1.173 djm 1246: session_destroy_all(ssh, &mm_session_close);
1.1 provos 1247:
1.11 mouring 1248: while (waitpid(pmonitor->m_pid, &status, 0) == -1)
1.9 markus 1249: if (errno != EINTR)
1250: exit(1);
1.1 provos 1251:
1252: res = WIFEXITED(status) ? WEXITSTATUS(status) : 1;
1253:
1254: /* Terminate process */
1.57 deraadt 1255: exit(res);
1.170 markus 1256: }
1257:
1258: void
1259: monitor_clear_keystate(struct monitor *pmonitor)
1260: {
1261: struct ssh *ssh = active_state; /* XXX */
1262:
1263: ssh_clear_newkeys(ssh, MODE_IN);
1264: ssh_clear_newkeys(ssh, MODE_OUT);
1265: sshbuf_free(child_state);
1266: child_state = NULL;
1.1 provos 1267: }
1268:
1269: void
1.11 mouring 1270: monitor_apply_keystate(struct monitor *pmonitor)
1.1 provos 1271: {
1.139 markus 1272: struct ssh *ssh = active_state; /* XXX */
1273: struct kex *kex;
1274: int r;
1275:
1276: debug3("%s: packet_set_state", __func__);
1277: if ((r = ssh_packet_set_state(ssh, child_state)) != 0)
1278: fatal("%s: packet_set_state: %s", __func__, ssh_err(r));
1279: sshbuf_free(child_state);
1280: child_state = NULL;
1281:
1.154 mmcc 1282: if ((kex = ssh->kex) != NULL) {
1.139 markus 1283: /* XXX set callbacks */
1.147 djm 1284: #ifdef WITH_OPENSSL
1.139 markus 1285: kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
1286: kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
1.160 djm 1287: kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
1288: kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server;
1289: kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server;
1.139 markus 1290: kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1291: kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
1292: kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
1.147 djm 1293: #endif
1.139 markus 1294: kex->kex[KEX_C25519_SHA256] = kexc25519_server;
1295: kex->load_host_public_key=&get_hostkey_public_by_type;
1296: kex->load_host_private_key=&get_hostkey_private_by_type;
1297: kex->host_key_index=&get_hostkey_index;
1298: kex->sign = sshd_hostkey_sign;
1299: }
1.1 provos 1300: }
1301:
1302: /* This function requries careful sanity checking */
1303:
1304: void
1.11 mouring 1305: mm_get_keystate(struct monitor *pmonitor)
1.1 provos 1306: {
1.14 markus 1307: debug3("%s: Waiting for new keys", __func__);
1.1 provos 1308:
1.139 markus 1309: if ((child_state = sshbuf_new()) == NULL)
1310: fatal("%s: sshbuf_new failed", __func__);
1311: mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT,
1312: child_state);
1313: debug3("%s: GOT new keys", __func__);
1.1 provos 1314: }
1315:
1316:
1317: /* XXX */
1318:
1319: #define FD_CLOSEONEXEC(x) do { \
1.111 djm 1320: if (fcntl(x, F_SETFD, FD_CLOEXEC) == -1) \
1.1 provos 1321: fatal("fcntl(%d, F_SETFD)", x); \
1322: } while (0)
1323:
1.2 markus 1324: static void
1.114 djm 1325: monitor_openfds(struct monitor *mon, int do_logfds)
1.3 markus 1326: {
1.114 djm 1327: int pair[2];
1.171 markus 1328: #ifdef SO_ZEROIZE
1329: int on = 1;
1330: #endif
1.114 djm 1331:
1.1 provos 1332: if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)
1.114 djm 1333: fatal("%s: socketpair: %s", __func__, strerror(errno));
1.171 markus 1334: #ifdef SO_ZEROIZE
1335: if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0)
1336: error("setsockopt SO_ZEROIZE(0): %.100s", strerror(errno));
1337: if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0)
1338: error("setsockopt SO_ZEROIZE(1): %.100s", strerror(errno));
1339: #endif
1.1 provos 1340: FD_CLOSEONEXEC(pair[0]);
1341: FD_CLOSEONEXEC(pair[1]);
1.114 djm 1342: mon->m_recvfd = pair[0];
1343: mon->m_sendfd = pair[1];
1344:
1345: if (do_logfds) {
1346: if (pipe(pair) == -1)
1347: fatal("%s: pipe: %s", __func__, strerror(errno));
1348: FD_CLOSEONEXEC(pair[0]);
1349: FD_CLOSEONEXEC(pair[1]);
1350: mon->m_log_recvfd = pair[0];
1351: mon->m_log_sendfd = pair[1];
1352: } else
1353: mon->m_log_recvfd = mon->m_log_sendfd = -1;
1.1 provos 1354: }
1355:
1356: #define MM_MEMSIZE 65536
1357:
1358: struct monitor *
1359: monitor_init(void)
1360: {
1361: struct monitor *mon;
1362:
1.75 djm 1363: mon = xcalloc(1, sizeof(*mon));
1.114 djm 1364: monitor_openfds(mon, 1);
1.1 provos 1365:
1366: return mon;
1367: }
1368:
1369: void
1370: monitor_reinit(struct monitor *mon)
1371: {
1.114 djm 1372: monitor_openfds(mon, 0);
1.1 provos 1373: }
1.46 markus 1374:
1375: #ifdef GSSAPI
1376: int
1.59 avsm 1377: mm_answer_gss_setup_ctx(int sock, Buffer *m)
1.46 markus 1378: {
1.59 avsm 1379: gss_OID_desc goid;
1.46 markus 1380: OM_uint32 major;
1381: u_int len;
1382:
1.164 djm 1383: if (!options.gss_authentication)
1384: fatal("%s: GSSAPI authentication not enabled", __func__);
1385:
1.59 avsm 1386: goid.elements = buffer_get_string(m, &len);
1387: goid.length = len;
1.46 markus 1388:
1.59 avsm 1389: major = ssh_gssapi_server_ctx(&gsscontext, &goid);
1.46 markus 1390:
1.124 djm 1391: free(goid.elements);
1.46 markus 1392:
1393: buffer_clear(m);
1394: buffer_put_int(m, major);
1395:
1.64 stevesk 1396: mm_request_send(sock, MONITOR_ANS_GSSSETUP, m);
1.46 markus 1397:
1398: /* Now we have a context, enable the step */
1399: monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1);
1400:
1401: return (0);
1402: }
1403:
1404: int
1.59 avsm 1405: mm_answer_gss_accept_ctx(int sock, Buffer *m)
1.46 markus 1406: {
1407: gss_buffer_desc in;
1408: gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
1.64 stevesk 1409: OM_uint32 major, minor;
1.46 markus 1410: OM_uint32 flags = 0; /* GSI needs this */
1.47 deraadt 1411: u_int len;
1.46 markus 1412:
1.164 djm 1413: if (!options.gss_authentication)
1414: fatal("%s: GSSAPI authentication not enabled", __func__);
1415:
1.47 deraadt 1416: in.value = buffer_get_string(m, &len);
1417: in.length = len;
1.46 markus 1418: major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
1.124 djm 1419: free(in.value);
1.46 markus 1420:
1421: buffer_clear(m);
1422: buffer_put_int(m, major);
1423: buffer_put_string(m, out.value, out.length);
1424: buffer_put_int(m, flags);
1.59 avsm 1425: mm_request_send(sock, MONITOR_ANS_GSSSTEP, m);
1.46 markus 1426:
1427: gss_release_buffer(&minor, &out);
1428:
1.64 stevesk 1429: if (major == GSS_S_COMPLETE) {
1.46 markus 1430: monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
1431: monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
1.52 markus 1432: monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
1.46 markus 1433: }
1434: return (0);
1435: }
1436:
1437: int
1.59 avsm 1438: mm_answer_gss_checkmic(int sock, Buffer *m)
1.52 markus 1439: {
1440: gss_buffer_desc gssbuf, mic;
1441: OM_uint32 ret;
1442: u_int len;
1.54 djm 1443:
1.164 djm 1444: if (!options.gss_authentication)
1445: fatal("%s: GSSAPI authentication not enabled", __func__);
1446:
1.52 markus 1447: gssbuf.value = buffer_get_string(m, &len);
1448: gssbuf.length = len;
1449: mic.value = buffer_get_string(m, &len);
1450: mic.length = len;
1.54 djm 1451:
1.52 markus 1452: ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic);
1.54 djm 1453:
1.124 djm 1454: free(gssbuf.value);
1455: free(mic.value);
1.54 djm 1456:
1.52 markus 1457: buffer_clear(m);
1458: buffer_put_int(m, ret);
1.54 djm 1459:
1.59 avsm 1460: mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m);
1.54 djm 1461:
1.52 markus 1462: if (!GSS_ERROR(ret))
1463: monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
1.54 djm 1464:
1.52 markus 1465: return (0);
1466: }
1467:
1468: int
1.59 avsm 1469: mm_answer_gss_userok(int sock, Buffer *m)
1.46 markus 1470: {
1471: int authenticated;
1.172 djm 1472: const char *displayname;
1.164 djm 1473:
1474: if (!options.gss_authentication)
1475: fatal("%s: GSSAPI authentication not enabled", __func__);
1.46 markus 1476:
1477: authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user);
1478:
1479: buffer_clear(m);
1480: buffer_put_int(m, authenticated);
1481:
1482: debug3("%s: sending result %d", __func__, authenticated);
1.59 avsm 1483: mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
1.46 markus 1484:
1.64 stevesk 1485: auth_method = "gssapi-with-mic";
1.172 djm 1486:
1487: if ((displayname = ssh_gssapi_displayname()) != NULL)
1488: auth2_record_info(authctxt, "%s", displayname);
1.46 markus 1489:
1490: /* Monitor loop will terminate if authenticated */
1491: return (authenticated);
1492: }
1493: #endif /* GSSAPI */
1.100 djm 1494: