| version 1.5, 2002/03/25 20:12:10 |
version 1.5.2.4, 2002/10/11 14:51:52 |
|
|
| extern Newkeys *newkeys[]; |
extern Newkeys *newkeys[]; |
| extern z_stream incoming_stream; |
extern z_stream incoming_stream; |
| extern z_stream outgoing_stream; |
extern z_stream outgoing_stream; |
| extern struct monitor *monitor; |
extern struct monitor *pmonitor; |
| extern Buffer input, output; |
extern Buffer input, output; |
| |
|
| void |
void |
| mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) |
mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) |
| { |
{ |
| u_char buf[5]; |
|
| u_int mlen = buffer_len(m); |
u_int mlen = buffer_len(m); |
| |
u_char buf[5]; |
| |
|
| debug3("%s entering: type %d", __FUNCTION__, type); |
debug3("%s entering: type %d", __func__, type); |
| |
|
| PUT_32BIT(buf, mlen + 1); |
PUT_32BIT(buf, mlen + 1); |
| buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ |
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ |
| if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf)) |
if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf)) |
| fatal("%s: write", __FUNCTION__); |
fatal("%s: write", __func__); |
| if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen) |
if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen) |
| fatal("%s: write", __FUNCTION__); |
fatal("%s: write", __func__); |
| } |
} |
| |
|
| void |
void |
| mm_request_receive(int socket, Buffer *m) |
mm_request_receive(int socket, Buffer *m) |
| { |
{ |
| u_char buf[4]; |
u_char buf[4]; |
| ssize_t res; |
|
| u_int msg_len; |
u_int msg_len; |
| |
ssize_t res; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| res = atomicio(read, socket, buf, sizeof(buf)); |
res = atomicio(read, socket, buf, sizeof(buf)); |
| if (res != sizeof(buf)) { |
if (res != sizeof(buf)) { |
| if (res == 0) |
if (res == 0) |
| fatal_cleanup(); |
fatal_cleanup(); |
| fatal("%s: read: %ld", __FUNCTION__, (long)res); |
fatal("%s: read: %ld", __func__, (long)res); |
| } |
} |
| msg_len = GET_32BIT(buf); |
msg_len = GET_32BIT(buf); |
| if (msg_len > 256 * 1024) |
if (msg_len > 256 * 1024) |
| fatal("%s: read: bad msg_len %d", __FUNCTION__, msg_len); |
fatal("%s: read: bad msg_len %d", __func__, msg_len); |
| buffer_clear(m); |
buffer_clear(m); |
| buffer_append_space(m, msg_len); |
buffer_append_space(m, msg_len); |
| res = atomicio(read, socket, buffer_ptr(m), msg_len); |
res = atomicio(read, socket, buffer_ptr(m), msg_len); |
| if (res != msg_len) |
if (res != msg_len) |
| fatal("%s: read: %ld != msg_len", __FUNCTION__, (long)res); |
fatal("%s: read: %ld != msg_len", __func__, (long)res); |
| } |
} |
| |
|
| void |
void |
|
|
| { |
{ |
| u_char rtype; |
u_char rtype; |
| |
|
| debug3("%s entering: type %d", __FUNCTION__, type); |
debug3("%s entering: type %d", __func__, type); |
| |
|
| mm_request_receive(socket, m); |
mm_request_receive(socket, m); |
| rtype = buffer_get_char(m); |
rtype = buffer_get_char(m); |
| if (rtype != type) |
if (rtype != type) |
| fatal("%s: read: rtype %d != type %d", __FUNCTION__, |
fatal("%s: read: rtype %d != type %d", __func__, |
| rtype, type); |
rtype, type); |
| } |
} |
| |
|
|
|
| buffer_put_int(&m, nbits); |
buffer_put_int(&m, nbits); |
| buffer_put_int(&m, max); |
buffer_put_int(&m, max); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_MODULI, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, &m); |
| |
|
| debug3("%s: waiting for MONITOR_ANS_MODULI", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_MODULI", __func__); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_MODULI, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, &m); |
| |
|
| success = buffer_get_char(&m); |
success = buffer_get_char(&m); |
| if (success == 0) |
if (success == 0) |
| fatal("%s: MONITOR_ANS_MODULI failed", __FUNCTION__); |
fatal("%s: MONITOR_ANS_MODULI failed", __func__); |
| |
|
| if ((p = BN_new()) == NULL) |
if ((p = BN_new()) == NULL) |
| fatal("%s: BN_new failed", __FUNCTION__); |
fatal("%s: BN_new failed", __func__); |
| if ((g = BN_new()) == NULL) |
if ((g = BN_new()) == NULL) |
| fatal("%s: BN_new failed", __FUNCTION__); |
fatal("%s: BN_new failed", __func__); |
| buffer_get_bignum2(&m, p); |
buffer_get_bignum2(&m, p); |
| buffer_get_bignum2(&m, g); |
buffer_get_bignum2(&m, g); |
| |
|
| debug3("%s: remaining %d", __FUNCTION__, buffer_len(&m)); |
debug3("%s: remaining %d", __func__, buffer_len(&m)); |
| buffer_free(&m); |
buffer_free(&m); |
| |
|
| return (dh_new_group(g, p)); |
return (dh_new_group(g, p)); |
|
|
| int |
int |
| mm_key_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen) |
mm_key_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen) |
| { |
{ |
| Kex *kex = *monitor->m_pkex; |
Kex *kex = *pmonitor->m_pkex; |
| Buffer m; |
Buffer m; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_int(&m, kex->host_key_index(key)); |
buffer_put_int(&m, kex->host_key_index(key)); |
| buffer_put_string(&m, data, datalen); |
buffer_put_string(&m, data, datalen); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_SIGN, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m); |
| |
|
| debug3("%s: waiting for MONITOR_ANS_SIGN", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_SIGN", __func__); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_SIGN, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m); |
| *sigp = buffer_get_string(&m, lenp); |
*sigp = buffer_get_string(&m, lenp); |
| buffer_free(&m); |
buffer_free(&m); |
| |
|
|
|
| struct passwd *pw; |
struct passwd *pw; |
| u_int pwlen; |
u_int pwlen; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_cstring(&m, login); |
buffer_put_cstring(&m, login); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_PWNAM, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m); |
| |
|
| debug3("%s: waiting for MONITOR_ANS_PWNAM", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_PWNAM, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m); |
| |
|
| if (buffer_get_char(&m) == 0) { |
if (buffer_get_char(&m) == 0) { |
| buffer_free(&m); |
buffer_free(&m); |
|
|
| } |
} |
| pw = buffer_get_string(&m, &pwlen); |
pw = buffer_get_string(&m, &pwlen); |
| if (pwlen != sizeof(struct passwd)) |
if (pwlen != sizeof(struct passwd)) |
| fatal("%s: struct passwd size mismatch", __FUNCTION__); |
fatal("%s: struct passwd size mismatch", __func__); |
| pw->pw_name = buffer_get_string(&m, NULL); |
pw->pw_name = buffer_get_string(&m, NULL); |
| pw->pw_passwd = buffer_get_string(&m, NULL); |
pw->pw_passwd = buffer_get_string(&m, NULL); |
| pw->pw_gecos = buffer_get_string(&m, NULL); |
pw->pw_gecos = buffer_get_string(&m, NULL); |
|
|
| return (pw); |
return (pw); |
| } |
} |
| |
|
| |
char *mm_auth2_read_banner(void) |
| |
{ |
| |
Buffer m; |
| |
char *banner; |
| |
|
| |
debug3("%s entering", __func__); |
| |
|
| |
buffer_init(&m); |
| |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); |
| |
buffer_clear(&m); |
| |
|
| |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTH2_READ_BANNER, &m); |
| |
banner = buffer_get_string(&m, NULL); |
| |
buffer_free(&m); |
| |
|
| |
return (banner); |
| |
} |
| |
|
| /* Inform the privileged process about service and style */ |
/* Inform the privileged process about service and style */ |
| |
|
| void |
void |
|
|
| { |
{ |
| Buffer m; |
Buffer m; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_cstring(&m, service); |
buffer_put_cstring(&m, service); |
| buffer_put_cstring(&m, style ? style : ""); |
buffer_put_cstring(&m, style ? style : ""); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m); |
| |
|
| buffer_free(&m); |
buffer_free(&m); |
| } |
} |
|
|
| Buffer m; |
Buffer m; |
| int authenticated = 0; |
int authenticated = 0; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_cstring(&m, password); |
buffer_put_cstring(&m, password); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m); |
| |
|
| debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); |
| |
|
| authenticated = buffer_get_int(&m); |
authenticated = buffer_get_int(&m); |
| |
|
| buffer_free(&m); |
buffer_free(&m); |
| |
|
| debug3("%s: user %sauthenticated", |
debug3("%s: user %sauthenticated", |
| __FUNCTION__, authenticated ? "" : "not "); |
__func__, authenticated ? "" : "not "); |
| return (authenticated); |
return (authenticated); |
| } |
} |
| |
|
|
|
| |
|
| while (buffer_len(m)) { |
while (buffer_len(m)) { |
| msg = buffer_get_string(m, NULL); |
msg = buffer_get_string(m, NULL); |
| debug3("%s: Sending debug: %s", __FUNCTION__, msg); |
debug3("%s: Sending debug: %s", __func__, msg); |
| packet_send_debug("%s", msg); |
packet_send_debug("%s", msg); |
| xfree(msg); |
xfree(msg); |
| } |
} |
|
|
| u_int len; |
u_int len; |
| int allowed = 0; |
int allowed = 0; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| /* Convert the key to a blob and the pass it over */ |
/* Convert the key to a blob and the pass it over */ |
| if (!key_to_blob(key, &blob, &len)) |
if (!key_to_blob(key, &blob, &len)) |
|
|
| buffer_put_string(&m, blob, len); |
buffer_put_string(&m, blob, len); |
| xfree(blob); |
xfree(blob); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); |
| |
|
| debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m); |
| |
|
| allowed = buffer_get_int(&m); |
allowed = buffer_get_int(&m); |
| |
|
|
|
| u_int len; |
u_int len; |
| int verified = 0; |
int verified = 0; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| /* Convert the key to a blob and the pass it over */ |
/* Convert the key to a blob and the pass it over */ |
| if (!key_to_blob(key, &blob, &len)) |
if (!key_to_blob(key, &blob, &len)) |
|
|
| buffer_put_string(&m, data, datalen); |
buffer_put_string(&m, data, datalen); |
| xfree(blob); |
xfree(blob); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); |
| |
|
| debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m); |
| |
|
| verified = buffer_get_int(&m); |
verified = buffer_get_int(&m); |
| |
|
|
|
| Mac *mac; |
Mac *mac; |
| Comp *comp; |
Comp *comp; |
| |
|
| debug3("%s: %p(%d)", __FUNCTION__, blob, blen); |
debug3("%s: %p(%d)", __func__, blob, blen); |
| #ifdef DEBUG_PK |
#ifdef DEBUG_PK |
| dump_base64(stderr, blob, blen); |
dump_base64(stderr, blob, blen); |
| #endif |
#endif |
|
|
| enc->key = buffer_get_string(&b, &enc->key_len); |
enc->key = buffer_get_string(&b, &enc->key_len); |
| enc->iv = buffer_get_string(&b, &len); |
enc->iv = buffer_get_string(&b, &len); |
| if (len != enc->block_size) |
if (len != enc->block_size) |
| fatal("%s: bad ivlen: expected %d != %d", __FUNCTION__, |
fatal("%s: bad ivlen: expected %u != %u", __func__, |
| enc->block_size, len); |
enc->block_size, len); |
| |
|
| if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) |
if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) |
| fatal("%s: bad cipher name %s or pointer %p", __FUNCTION__, |
fatal("%s: bad cipher name %s or pointer %p", __func__, |
| enc->name, enc->cipher); |
enc->name, enc->cipher); |
| |
|
| /* Mac structure */ |
/* Mac structure */ |
| mac->name = buffer_get_string(&b, NULL); |
mac->name = buffer_get_string(&b, NULL); |
| if (mac->name == NULL || mac_init(mac, mac->name) == -1) |
if (mac->name == NULL || mac_init(mac, mac->name) == -1) |
| fatal("%s: can not init mac %s", __FUNCTION__, mac->name); |
fatal("%s: can not init mac %s", __func__, mac->name); |
| mac->enabled = buffer_get_int(&b); |
mac->enabled = buffer_get_int(&b); |
| mac->key = buffer_get_string(&b, &len); |
mac->key = buffer_get_string(&b, &len); |
| if (len > mac->key_len) |
if (len > mac->key_len) |
| fatal("%s: bad mac key lenght: %d > %d", __FUNCTION__, len, |
fatal("%s: bad mac key length: %u > %d", __func__, len, |
| mac->key_len); |
mac->key_len); |
| mac->key_len = len; |
mac->key_len = len; |
| |
|
|
|
| |
|
| len = buffer_len(&b); |
len = buffer_len(&b); |
| if (len != 0) |
if (len != 0) |
| error("newkeys_from_blob: remaining bytes in blob %d", len); |
error("newkeys_from_blob: remaining bytes in blob %u", len); |
| buffer_free(&b); |
buffer_free(&b); |
| return (newkey); |
return (newkey); |
| } |
} |
|
|
| { |
{ |
| Buffer b; |
Buffer b; |
| int len; |
int len; |
| u_char *buf; |
|
| Enc *enc; |
Enc *enc; |
| Mac *mac; |
Mac *mac; |
| Comp *comp; |
Comp *comp; |
| Newkeys *newkey = newkeys[mode]; |
Newkeys *newkey = newkeys[mode]; |
| |
|
| debug3("%s: converting %p", __FUNCTION__, newkey); |
debug3("%s: converting %p", __func__, newkey); |
| |
|
| if (newkey == NULL) { |
if (newkey == NULL) { |
| error("%s: newkey == NULL", __FUNCTION__); |
error("%s: newkey == NULL", __func__); |
| return 0; |
return 0; |
| } |
} |
| enc = &newkey->enc; |
enc = &newkey->enc; |
|
|
| buffer_put_cstring(&b, comp->name); |
buffer_put_cstring(&b, comp->name); |
| |
|
| len = buffer_len(&b); |
len = buffer_len(&b); |
| buf = xmalloc(len); |
|
| memcpy(buf, buffer_ptr(&b), len); |
|
| memset(buffer_ptr(&b), 0, len); |
|
| buffer_free(&b); |
|
| if (lenp != NULL) |
if (lenp != NULL) |
| *lenp = len; |
*lenp = len; |
| if (blobp != NULL) |
if (blobp != NULL) { |
| *blobp = buf; |
*blobp = xmalloc(len); |
| |
memcpy(*blobp, buffer_ptr(&b), len); |
| |
} |
| |
memset(buffer_ptr(&b), 0, len); |
| |
buffer_free(&b); |
| return len; |
return len; |
| } |
} |
| |
|
|
|
| } |
} |
| |
|
| void |
void |
| mm_send_keystate(struct monitor *monitor) |
mm_send_keystate(struct monitor *pmonitor) |
| { |
{ |
| Buffer m; |
Buffer m; |
| u_char *blob, *p; |
u_char *blob, *p; |
|
|
| |
|
| if (!compat20) { |
if (!compat20) { |
| u_char iv[24]; |
u_char iv[24]; |
| int ivlen; |
u_char *key; |
| |
u_int ivlen, keylen; |
| |
|
| buffer_put_int(&m, packet_get_protocol_flags()); |
buffer_put_int(&m, packet_get_protocol_flags()); |
| |
|
| buffer_put_int(&m, packet_get_ssh1_cipher()); |
buffer_put_int(&m, packet_get_ssh1_cipher()); |
| |
|
| debug3("%s: Sending ssh1 IV", __FUNCTION__); |
debug3("%s: Sending ssh1 KEY+IV", __func__); |
| |
keylen = packet_get_encryption_key(NULL); |
| |
key = xmalloc(keylen+1); /* add 1 if keylen == 0 */ |
| |
keylen = packet_get_encryption_key(key); |
| |
buffer_put_string(&m, key, keylen); |
| |
memset(key, 0, keylen); |
| |
xfree(key); |
| |
|
| ivlen = packet_get_keyiv_len(MODE_OUT); |
ivlen = packet_get_keyiv_len(MODE_OUT); |
| packet_get_keyiv(MODE_OUT, iv, ivlen); |
packet_get_keyiv(MODE_OUT, iv, ivlen); |
| buffer_put_string(&m, iv, ivlen); |
buffer_put_string(&m, iv, ivlen); |
|
|
| goto skip; |
goto skip; |
| } else { |
} else { |
| /* Kex for rekeying */ |
/* Kex for rekeying */ |
| mm_send_kex(&m, *monitor->m_pkex); |
mm_send_kex(&m, *pmonitor->m_pkex); |
| } |
} |
| |
|
| debug3("%s: Sending new keys: %p %p", |
debug3("%s: Sending new keys: %p %p", |
| __FUNCTION__, newkeys[MODE_OUT], newkeys[MODE_IN]); |
__func__, newkeys[MODE_OUT], newkeys[MODE_IN]); |
| |
|
| /* Keys from Kex */ |
/* Keys from Kex */ |
| if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) |
if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) |
| fatal("%s: conversion of newkeys failed", __FUNCTION__); |
fatal("%s: conversion of newkeys failed", __func__); |
| |
|
| buffer_put_string(&m, blob, bloblen); |
buffer_put_string(&m, blob, bloblen); |
| xfree(blob); |
xfree(blob); |
| |
|
| if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen)) |
if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen)) |
| fatal("%s: conversion of newkeys failed", __FUNCTION__); |
fatal("%s: conversion of newkeys failed", __func__); |
| |
|
| buffer_put_string(&m, blob, bloblen); |
buffer_put_string(&m, blob, bloblen); |
| xfree(blob); |
xfree(blob); |
|
|
| buffer_put_int(&m, packet_get_seqnr(MODE_OUT)); |
buffer_put_int(&m, packet_get_seqnr(MODE_OUT)); |
| buffer_put_int(&m, packet_get_seqnr(MODE_IN)); |
buffer_put_int(&m, packet_get_seqnr(MODE_IN)); |
| |
|
| debug3("%s: New keys have been sent", __FUNCTION__); |
debug3("%s: New keys have been sent", __func__); |
| skip: |
skip: |
| /* More key context */ |
/* More key context */ |
| plen = packet_get_keycontext(MODE_OUT, NULL); |
plen = packet_get_keycontext(MODE_OUT, NULL); |
|
|
| xfree(p); |
xfree(p); |
| |
|
| /* Compression state */ |
/* Compression state */ |
| debug3("%s: Sending compression state", __FUNCTION__); |
debug3("%s: Sending compression state", __func__); |
| buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); |
buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); |
| buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); |
buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); |
| |
|
|
|
| buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); |
buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); |
| buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); |
buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); |
| debug3("%s: Finished sending state", __FUNCTION__); |
debug3("%s: Finished sending state", __func__); |
| |
|
| buffer_free(&m); |
buffer_free(&m); |
| } |
} |
|
|
| mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) |
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) |
| { |
{ |
| Buffer m; |
Buffer m; |
| u_char *p; |
char *p; |
| int success = 0; |
int success = 0; |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_PTY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m); |
| |
|
| debug3("%s: waiting for MONITOR_ANS_PTY", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_PTY", __func__); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_PTY, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m); |
| |
|
| success = buffer_get_int(&m); |
success = buffer_get_int(&m); |
| if (success == 0) { |
if (success == 0) { |
| debug3("%s: pty alloc failed", __FUNCTION__); |
debug3("%s: pty alloc failed", __func__); |
| buffer_free(&m); |
buffer_free(&m); |
| return (0); |
return (0); |
| } |
} |
|
|
| strlcpy(namebuf, p, namebuflen); /* Possible truncation */ |
strlcpy(namebuf, p, namebuflen); /* Possible truncation */ |
| xfree(p); |
xfree(p); |
| |
|
| *ptyfd = mm_receive_fd(monitor->m_recvfd); |
*ptyfd = mm_receive_fd(pmonitor->m_recvfd); |
| *ttyfd = mm_receive_fd(monitor->m_recvfd); |
*ttyfd = mm_receive_fd(pmonitor->m_recvfd); |
| |
|
| /* Success */ |
/* Success */ |
| return (1); |
return (1); |
|
|
| return; |
return; |
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_cstring(&m, s->tty); |
buffer_put_cstring(&m, s->tty); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, &m); |
| buffer_free(&m); |
buffer_free(&m); |
| |
|
| /* closed dup'ed master */ |
/* closed dup'ed master */ |
|
|
| Buffer m; |
Buffer m; |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_TERM, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, &m); |
| buffer_free(&m); |
buffer_free(&m); |
| } |
} |
| |
|
|
|
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_bignum2(&m, num); |
buffer_put_bignum2(&m, num); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_SESSKEY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSKEY, &m); |
| |
|
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_SESSKEY, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SESSKEY, &m); |
| |
|
| rsafail = buffer_get_int(&m); |
rsafail = buffer_get_int(&m); |
| buffer_get_bignum2(&m, num); |
buffer_get_bignum2(&m, num); |
|
|
| mm_chall_setup(char **name, char **infotxt, u_int *numprompts, |
mm_chall_setup(char **name, char **infotxt, u_int *numprompts, |
| char ***prompts, u_int **echo_on) |
char ***prompts, u_int **echo_on) |
| { |
{ |
| *name = xstrdup(""); |
*name = xstrdup(""); |
| *infotxt = xstrdup(""); |
*infotxt = xstrdup(""); |
| *numprompts = 1; |
*numprompts = 1; |
| *prompts = xmalloc(*numprompts * sizeof(char*)); |
*prompts = xmalloc(*numprompts * sizeof(char *)); |
| *echo_on = xmalloc(*numprompts * sizeof(u_int)); |
*echo_on = xmalloc(*numprompts * sizeof(u_int)); |
| (*echo_on)[0] = 0; |
(*echo_on)[0] = 0; |
| } |
} |
|
|
| int res; |
int res; |
| char *challenge; |
char *challenge; |
| |
|
| debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m); |
| |
|
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY, |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY, |
| &m); |
&m); |
| res = buffer_get_int(&m); |
res = buffer_get_int(&m); |
| if (res == -1) { |
if (res == -1) { |
| debug3("%s: no challenge", __FUNCTION__); |
debug3("%s: no challenge", __func__); |
| buffer_free(&m); |
buffer_free(&m); |
| return (-1); |
return (-1); |
| } |
} |
|
|
| mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
| (*prompts)[0] = challenge; |
(*prompts)[0] = challenge; |
| |
|
| debug3("%s: received challenge: %s", __FUNCTION__, challenge); |
debug3("%s: received challenge: %s", __func__, challenge); |
| |
|
| return (0); |
return (0); |
| } |
} |
|
|
| Buffer m; |
Buffer m; |
| int authok; |
int authok; |
| |
|
| debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
| if (numresponses != 1) |
if (numresponses != 1) |
| return (-1); |
return (-1); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_cstring(&m, responses[0]); |
buffer_put_cstring(&m, responses[0]); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, &m); |
| |
|
| mm_request_receive_expect(monitor->m_recvfd, |
mm_request_receive_expect(pmonitor->m_recvfd, |
| MONITOR_ANS_BSDAUTHRESPOND, &m); |
MONITOR_ANS_BSDAUTHRESPOND, &m); |
| |
|
| authok = buffer_get_int(&m); |
authok = buffer_get_int(&m); |
|
|
| int len, res; |
int len, res; |
| char *p, *challenge; |
char *p, *challenge; |
| |
|
| debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m); |
| |
|
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_SKEYQUERY, |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY, |
| &m); |
&m); |
| res = buffer_get_int(&m); |
res = buffer_get_int(&m); |
| if (res == -1) { |
if (res == -1) { |
| debug3("%s: no challenge", __FUNCTION__); |
debug3("%s: no challenge", __func__); |
| buffer_free(&m); |
buffer_free(&m); |
| return (-1); |
return (-1); |
| } |
} |
|
|
| challenge = buffer_get_string(&m, NULL); |
challenge = buffer_get_string(&m, NULL); |
| buffer_free(&m); |
buffer_free(&m); |
| |
|
| debug3("%s: received challenge: %s", __FUNCTION__, challenge); |
debug3("%s: received challenge: %s", __func__, challenge); |
| |
|
| mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
| |
|
|
|
| Buffer m; |
Buffer m; |
| int authok; |
int authok; |
| |
|
| debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
| if (numresponses != 1) |
if (numresponses != 1) |
| return (-1); |
return (-1); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_cstring(&m, responses[0]); |
buffer_put_cstring(&m, responses[0]); |
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, &m); |
| |
|
| mm_request_receive_expect(monitor->m_recvfd, |
mm_request_receive_expect(pmonitor->m_recvfd, |
| MONITOR_ANS_SKEYRESPOND, &m); |
MONITOR_ANS_SKEYRESPOND, &m); |
| |
|
| authok = buffer_get_int(&m); |
authok = buffer_get_int(&m); |
|
|
| Buffer m; |
Buffer m; |
| int i; |
int i; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| for (i = 0; i < 16; i++) |
for (i = 0; i < 16; i++) |
| buffer_put_char(&m, session_id[i]); |
buffer_put_char(&m, session_id[i]); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_SESSID, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSID, &m); |
| buffer_free(&m); |
buffer_free(&m); |
| } |
} |
| |
|
|
|
| u_int blen; |
u_int blen; |
| int allowed = 0; |
int allowed = 0; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_bignum2(&m, client_n); |
buffer_put_bignum2(&m, client_n); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_RSAKEYALLOWED, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSAKEYALLOWED, &m); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_RSAKEYALLOWED, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSAKEYALLOWED, &m); |
| |
|
| allowed = buffer_get_int(&m); |
allowed = buffer_get_int(&m); |
| |
|
| if (allowed && rkey != NULL) { |
if (allowed && rkey != NULL) { |
| blob = buffer_get_string(&m, &blen); |
blob = buffer_get_string(&m, &blen); |
| if ((key = key_from_blob(blob, blen)) == NULL) |
if ((key = key_from_blob(blob, blen)) == NULL) |
| fatal("%s: key_from_blob failed", __FUNCTION__); |
fatal("%s: key_from_blob failed", __func__); |
| *rkey = key; |
*rkey = key; |
| xfree(blob); |
xfree(blob); |
| } |
} |
|
|
| u_char *blob; |
u_char *blob; |
| u_int blen; |
u_int blen; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| if ((challenge = BN_new()) == NULL) |
if ((challenge = BN_new()) == NULL) |
| fatal("%s: BN_new failed", __FUNCTION__); |
fatal("%s: BN_new failed", __func__); |
| |
|
| key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
| if (key_to_blob(key, &blob, &blen) == 0) |
if (key_to_blob(key, &blob, &blen) == 0) |
| fatal("%s: key_to_blob failed", __FUNCTION__); |
fatal("%s: key_to_blob failed", __func__); |
| key->type = KEY_RSA1; |
key->type = KEY_RSA1; |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
| buffer_put_string(&m, blob, blen); |
buffer_put_string(&m, blob, blen); |
| xfree(blob); |
xfree(blob); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m); |
| |
|
| buffer_get_bignum2(&m, challenge); |
buffer_get_bignum2(&m, challenge); |
| buffer_free(&m); |
buffer_free(&m); |
|
|
| u_int blen; |
u_int blen; |
| int success = 0; |
int success = 0; |
| |
|
| debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
| |
|
| key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
| if (key_to_blob(key, &blob, &blen) == 0) |
if (key_to_blob(key, &blob, &blen) == 0) |
| fatal("%s: key_to_blob failed", __FUNCTION__); |
fatal("%s: key_to_blob failed", __func__); |
| key->type = KEY_RSA1; |
key->type = KEY_RSA1; |
| |
|
| buffer_init(&m); |
buffer_init(&m); |
|
|
| buffer_put_string(&m, response, 16); |
buffer_put_string(&m, response, 16); |
| xfree(blob); |
xfree(blob); |
| |
|
| mm_request_send(monitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); |
| mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); |
| |
|
| success = buffer_get_int(&m); |
success = buffer_get_int(&m); |
| buffer_free(&m); |
buffer_free(&m); |
| |
|
| return (success); |
return (success); |
| } |
} |
| |
|
| |
#ifdef KRB4 |
| |
int |
| |
mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply) |
| |
{ |
| |
KTEXT auth, reply; |
| |
Buffer m; |
| |
u_int rlen; |
| |
int success = 0; |
| |
char *p; |
| |
|
| |
debug3("%s entering", __func__); |
| |
auth = _auth; |
| |
reply = _reply; |
| |
|
| |
buffer_init(&m); |
| |
buffer_put_string(&m, auth->dat, auth->length); |
| |
|
| |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB4, &m); |
| |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB4, &m); |
| |
|
| |
success = buffer_get_int(&m); |
| |
if (success) { |
| |
*client = buffer_get_string(&m, NULL); |
| |
p = buffer_get_string(&m, &rlen); |
| |
if (rlen >= MAX_KTXT_LEN) |
| |
fatal("%s: reply from monitor too large", __func__); |
| |
reply->length = rlen; |
| |
memcpy(reply->dat, p, rlen); |
| |
memset(p, 0, rlen); |
| |
xfree(p); |
| |
} |
| |
buffer_free(&m); |
| |
return (success); |
| |
} |
| |
#endif |
| |
|
| |
#ifdef KRB5 |
| |
int |
| |
mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp) |
| |
{ |
| |
krb5_data *tkt, *reply; |
| |
Buffer m; |
| |
int success; |
| |
|
| |
debug3("%s entering", __func__); |
| |
tkt = (krb5_data *) argp; |
| |
reply = (krb5_data *) resp; |
| |
|
| |
buffer_init(&m); |
| |
buffer_put_string(&m, tkt->data, tkt->length); |
| |
|
| |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m); |
| |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m); |
| |
|
| |
success = buffer_get_int(&m); |
| |
if (success) { |
| |
u_int len; |
| |
|
| |
*userp = buffer_get_string(&m, NULL); |
| |
reply->data = buffer_get_string(&m, &len); |
| |
reply->length = len; |
| |
} else { |
| |
memset(reply, 0, sizeof(*reply)); |
| |
*userp = NULL; |
| |
} |
| |
|
| |
buffer_free(&m); |
| |
return (success); |
| |
} |
| |
#endif |
![[BACK]](/icons/back.gif){kind=icon}
Return to monitor_wrap.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh