version 1.31.2.2, 2004/08/19 22:37:31 |
version 1.32, 2003/09/23 20:17:11 |
|
|
extern z_stream outgoing_stream; |
extern z_stream outgoing_stream; |
extern struct monitor *pmonitor; |
extern struct monitor *pmonitor; |
extern Buffer input, output; |
extern Buffer input, output; |
extern Buffer loginmsg; |
|
|
|
int |
int |
mm_is_monitor(void) |
mm_is_monitor(void) |
|
|
* m_pid is only set in the privileged part, and |
* m_pid is only set in the privileged part, and |
* points to the unprivileged child. |
* points to the unprivileged child. |
*/ |
*/ |
return (pmonitor && pmonitor->m_pid > 0); |
return (pmonitor->m_pid > 0); |
} |
} |
|
|
void |
void |
mm_request_send(int sock, enum monitor_reqtype type, Buffer *m) |
mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) |
{ |
{ |
u_int mlen = buffer_len(m); |
u_int mlen = buffer_len(m); |
u_char buf[5]; |
u_char buf[5]; |
|
|
|
|
PUT_32BIT(buf, mlen + 1); |
PUT_32BIT(buf, mlen + 1); |
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ |
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ |
if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf)) |
if (atomicio(vwrite, socket, buf, sizeof(buf)) != sizeof(buf)) |
fatal("%s: write", __func__); |
fatal("%s: write", __func__); |
if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen) |
if (atomicio(vwrite, socket, buffer_ptr(m), mlen) != mlen) |
fatal("%s: write", __func__); |
fatal("%s: write", __func__); |
} |
} |
|
|
void |
void |
mm_request_receive(int sock, Buffer *m) |
mm_request_receive(int socket, Buffer *m) |
{ |
{ |
u_char buf[4]; |
u_char buf[4]; |
u_int msg_len; |
u_int msg_len; |
|
|
|
|
debug3("%s entering", __func__); |
debug3("%s entering", __func__); |
|
|
res = atomicio(read, sock, buf, sizeof(buf)); |
res = atomicio(read, socket, buf, sizeof(buf)); |
if (res != sizeof(buf)) { |
if (res != sizeof(buf)) { |
if (res == 0) |
if (res == 0) |
cleanup_exit(255); |
cleanup_exit(255); |
|
|
fatal("%s: read: bad msg_len %d", __func__, msg_len); |
fatal("%s: read: bad msg_len %d", __func__, msg_len); |
buffer_clear(m); |
buffer_clear(m); |
buffer_append_space(m, msg_len); |
buffer_append_space(m, msg_len); |
res = atomicio(read, sock, buffer_ptr(m), msg_len); |
res = atomicio(read, socket, buffer_ptr(m), msg_len); |
if (res != msg_len) |
if (res != msg_len) |
fatal("%s: read: %ld != msg_len", __func__, (long)res); |
fatal("%s: read: %ld != msg_len", __func__, (long)res); |
} |
} |
|
|
void |
void |
mm_request_receive_expect(int sock, enum monitor_reqtype type, Buffer *m) |
mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m) |
{ |
{ |
u_char rtype; |
u_char rtype; |
|
|
debug3("%s entering: type %d", __func__, type); |
debug3("%s entering: type %d", __func__, type); |
|
|
mm_request_receive(sock, m); |
mm_request_receive(socket, m); |
rtype = buffer_get_char(m); |
rtype = buffer_get_char(m); |
if (rtype != type) |
if (rtype != type) |
fatal("%s: read: rtype %d != type %d", __func__, |
fatal("%s: read: rtype %d != type %d", __func__, |
|
|
} |
} |
|
|
struct passwd * |
struct passwd * |
mm_getpwnamallow(const char *username) |
mm_getpwnamallow(const char *login) |
{ |
{ |
Buffer m; |
Buffer m; |
struct passwd *pw; |
struct passwd *pw; |
|
|
debug3("%s entering", __func__); |
debug3("%s entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_cstring(&m, username); |
buffer_put_cstring(&m, login); |
|
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m); |
|
|
|
|
return (pw); |
return (pw); |
} |
} |
|
|
char * |
char *mm_auth2_read_banner(void) |
mm_auth2_read_banner(void) |
|
{ |
{ |
Buffer m; |
Buffer m; |
char *banner; |
char *banner; |
|
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); |
buffer_clear(&m); |
buffer_clear(&m); |
|
|
mm_request_receive_expect(pmonitor->m_recvfd, |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTH2_READ_BANNER, &m); |
MONITOR_ANS_AUTH2_READ_BANNER, &m); |
|
banner = buffer_get_string(&m, NULL); |
banner = buffer_get_string(&m, NULL); |
buffer_free(&m); |
buffer_free(&m); |
|
|
/* treat empty banner as missing banner */ |
|
if (strlen(banner) == 0) { |
|
xfree(banner); |
|
banner = NULL; |
|
} |
|
return (banner); |
return (banner); |
} |
} |
|
|
|
|
} |
} |
|
|
void |
void |
mm_send_keystate(struct monitor *monitor) |
mm_send_keystate(struct monitor *pmonitor) |
{ |
{ |
Buffer m; |
Buffer m; |
u_char *blob, *p; |
u_char *blob, *p; |
|
|
goto skip; |
goto skip; |
} else { |
} else { |
/* Kex for rekeying */ |
/* Kex for rekeying */ |
mm_send_kex(&m, *monitor->m_pkex); |
mm_send_kex(&m, *pmonitor->m_pkex); |
} |
} |
|
|
debug3("%s: Sending new keys: %p %p", |
debug3("%s: Sending new keys: %p %p", |
|
|
buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); |
buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); |
buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); |
buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); |
debug3("%s: Finished sending state", __func__); |
debug3("%s: Finished sending state", __func__); |
|
|
buffer_free(&m); |
buffer_free(&m); |
|
|
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) |
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) |
{ |
{ |
Buffer m; |
Buffer m; |
char *p, *msg; |
char *p; |
int success = 0; |
int success = 0; |
|
|
buffer_init(&m); |
buffer_init(&m); |
|
|
return (0); |
return (0); |
} |
} |
p = buffer_get_string(&m, NULL); |
p = buffer_get_string(&m, NULL); |
msg = buffer_get_string(&m, NULL); |
|
buffer_free(&m); |
buffer_free(&m); |
|
|
strlcpy(namebuf, p, namebuflen); /* Possible truncation */ |
strlcpy(namebuf, p, namebuflen); /* Possible truncation */ |
xfree(p); |
xfree(p); |
|
|
buffer_append(&loginmsg, msg, strlen(msg)); |
|
xfree(msg); |
|
|
|
*ptyfd = mm_receive_fd(pmonitor->m_recvfd); |
*ptyfd = mm_receive_fd(pmonitor->m_recvfd); |
*ttyfd = mm_receive_fd(pmonitor->m_recvfd); |
*ttyfd = mm_receive_fd(pmonitor->m_recvfd); |
|
|
|
|
return ((authok == 0) ? -1 : 0); |
return ((authok == 0) ? -1 : 0); |
} |
} |
|
|
#ifdef SKEY |
|
int |
int |
mm_skey_query(void *ctx, char **name, char **infotxt, |
mm_skey_query(void *ctx, char **name, char **infotxt, |
u_int *numprompts, char ***prompts, u_int **echo_on) |
u_int *numprompts, char ***prompts, u_int **echo_on) |
|
|
|
|
return ((authok == 0) ? -1 : 0); |
return ((authok == 0) ? -1 : 0); |
} |
} |
#endif /* SKEY */ |
|
|
|
void |
void |
mm_ssh1_session_id(u_char session_id[16]) |
mm_ssh1_session_id(u_char session_id[16]) |
|
|
|
|
#ifdef GSSAPI |
#ifdef GSSAPI |
OM_uint32 |
OM_uint32 |
mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid) |
mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) |
{ |
{ |
Buffer m; |
Buffer m; |
OM_uint32 major; |
OM_uint32 major; |
|
|
*ctx = NULL; |
*ctx = NULL; |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_string(&m, goid->elements, goid->length); |
buffer_put_string(&m, oid->elements, oid->length); |
|
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m); |
|
|
buffer_free(&m); |
buffer_free(&m); |
|
|
return (major); |
return (major); |
} |
|
|
|
OM_uint32 |
|
mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) |
|
{ |
|
Buffer m; |
|
OM_uint32 major; |
|
|
|
buffer_init(&m); |
|
buffer_put_string(&m, gssbuf->value, gssbuf->length); |
|
buffer_put_string(&m, gssmic->value, gssmic->length); |
|
|
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSCHECKMIC, &m); |
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSCHECKMIC, |
|
&m); |
|
|
|
major = buffer_get_int(&m); |
|
buffer_free(&m); |
|
return(major); |
|
} |
} |
|
|
int |
int |