version 1.5, 2002/03/25 20:12:10 |
version 1.5.2.4, 2002/10/11 14:51:52 |
|
|
extern Newkeys *newkeys[]; |
extern Newkeys *newkeys[]; |
extern z_stream incoming_stream; |
extern z_stream incoming_stream; |
extern z_stream outgoing_stream; |
extern z_stream outgoing_stream; |
extern struct monitor *monitor; |
extern struct monitor *pmonitor; |
extern Buffer input, output; |
extern Buffer input, output; |
|
|
void |
void |
mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) |
mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) |
{ |
{ |
u_char buf[5]; |
|
u_int mlen = buffer_len(m); |
u_int mlen = buffer_len(m); |
|
u_char buf[5]; |
|
|
debug3("%s entering: type %d", __FUNCTION__, type); |
debug3("%s entering: type %d", __func__, type); |
|
|
PUT_32BIT(buf, mlen + 1); |
PUT_32BIT(buf, mlen + 1); |
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ |
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ |
if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf)) |
if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf)) |
fatal("%s: write", __FUNCTION__); |
fatal("%s: write", __func__); |
if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen) |
if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen) |
fatal("%s: write", __FUNCTION__); |
fatal("%s: write", __func__); |
} |
} |
|
|
void |
void |
mm_request_receive(int socket, Buffer *m) |
mm_request_receive(int socket, Buffer *m) |
{ |
{ |
u_char buf[4]; |
u_char buf[4]; |
ssize_t res; |
|
u_int msg_len; |
u_int msg_len; |
|
ssize_t res; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
res = atomicio(read, socket, buf, sizeof(buf)); |
res = atomicio(read, socket, buf, sizeof(buf)); |
if (res != sizeof(buf)) { |
if (res != sizeof(buf)) { |
if (res == 0) |
if (res == 0) |
fatal_cleanup(); |
fatal_cleanup(); |
fatal("%s: read: %ld", __FUNCTION__, (long)res); |
fatal("%s: read: %ld", __func__, (long)res); |
} |
} |
msg_len = GET_32BIT(buf); |
msg_len = GET_32BIT(buf); |
if (msg_len > 256 * 1024) |
if (msg_len > 256 * 1024) |
fatal("%s: read: bad msg_len %d", __FUNCTION__, msg_len); |
fatal("%s: read: bad msg_len %d", __func__, msg_len); |
buffer_clear(m); |
buffer_clear(m); |
buffer_append_space(m, msg_len); |
buffer_append_space(m, msg_len); |
res = atomicio(read, socket, buffer_ptr(m), msg_len); |
res = atomicio(read, socket, buffer_ptr(m), msg_len); |
if (res != msg_len) |
if (res != msg_len) |
fatal("%s: read: %ld != msg_len", __FUNCTION__, (long)res); |
fatal("%s: read: %ld != msg_len", __func__, (long)res); |
} |
} |
|
|
void |
void |
|
|
{ |
{ |
u_char rtype; |
u_char rtype; |
|
|
debug3("%s entering: type %d", __FUNCTION__, type); |
debug3("%s entering: type %d", __func__, type); |
|
|
mm_request_receive(socket, m); |
mm_request_receive(socket, m); |
rtype = buffer_get_char(m); |
rtype = buffer_get_char(m); |
if (rtype != type) |
if (rtype != type) |
fatal("%s: read: rtype %d != type %d", __FUNCTION__, |
fatal("%s: read: rtype %d != type %d", __func__, |
rtype, type); |
rtype, type); |
} |
} |
|
|
|
|
buffer_put_int(&m, nbits); |
buffer_put_int(&m, nbits); |
buffer_put_int(&m, max); |
buffer_put_int(&m, max); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_MODULI, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, &m); |
|
|
debug3("%s: waiting for MONITOR_ANS_MODULI", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_MODULI", __func__); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_MODULI, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, &m); |
|
|
success = buffer_get_char(&m); |
success = buffer_get_char(&m); |
if (success == 0) |
if (success == 0) |
fatal("%s: MONITOR_ANS_MODULI failed", __FUNCTION__); |
fatal("%s: MONITOR_ANS_MODULI failed", __func__); |
|
|
if ((p = BN_new()) == NULL) |
if ((p = BN_new()) == NULL) |
fatal("%s: BN_new failed", __FUNCTION__); |
fatal("%s: BN_new failed", __func__); |
if ((g = BN_new()) == NULL) |
if ((g = BN_new()) == NULL) |
fatal("%s: BN_new failed", __FUNCTION__); |
fatal("%s: BN_new failed", __func__); |
buffer_get_bignum2(&m, p); |
buffer_get_bignum2(&m, p); |
buffer_get_bignum2(&m, g); |
buffer_get_bignum2(&m, g); |
|
|
debug3("%s: remaining %d", __FUNCTION__, buffer_len(&m)); |
debug3("%s: remaining %d", __func__, buffer_len(&m)); |
buffer_free(&m); |
buffer_free(&m); |
|
|
return (dh_new_group(g, p)); |
return (dh_new_group(g, p)); |
|
|
int |
int |
mm_key_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen) |
mm_key_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen) |
{ |
{ |
Kex *kex = *monitor->m_pkex; |
Kex *kex = *pmonitor->m_pkex; |
Buffer m; |
Buffer m; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_int(&m, kex->host_key_index(key)); |
buffer_put_int(&m, kex->host_key_index(key)); |
buffer_put_string(&m, data, datalen); |
buffer_put_string(&m, data, datalen); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_SIGN, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m); |
|
|
debug3("%s: waiting for MONITOR_ANS_SIGN", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_SIGN", __func__); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_SIGN, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m); |
*sigp = buffer_get_string(&m, lenp); |
*sigp = buffer_get_string(&m, lenp); |
buffer_free(&m); |
buffer_free(&m); |
|
|
|
|
struct passwd *pw; |
struct passwd *pw; |
u_int pwlen; |
u_int pwlen; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_cstring(&m, login); |
buffer_put_cstring(&m, login); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_PWNAM, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m); |
|
|
debug3("%s: waiting for MONITOR_ANS_PWNAM", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_PWNAM, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m); |
|
|
if (buffer_get_char(&m) == 0) { |
if (buffer_get_char(&m) == 0) { |
buffer_free(&m); |
buffer_free(&m); |
|
|
} |
} |
pw = buffer_get_string(&m, &pwlen); |
pw = buffer_get_string(&m, &pwlen); |
if (pwlen != sizeof(struct passwd)) |
if (pwlen != sizeof(struct passwd)) |
fatal("%s: struct passwd size mismatch", __FUNCTION__); |
fatal("%s: struct passwd size mismatch", __func__); |
pw->pw_name = buffer_get_string(&m, NULL); |
pw->pw_name = buffer_get_string(&m, NULL); |
pw->pw_passwd = buffer_get_string(&m, NULL); |
pw->pw_passwd = buffer_get_string(&m, NULL); |
pw->pw_gecos = buffer_get_string(&m, NULL); |
pw->pw_gecos = buffer_get_string(&m, NULL); |
|
|
return (pw); |
return (pw); |
} |
} |
|
|
|
char *mm_auth2_read_banner(void) |
|
{ |
|
Buffer m; |
|
char *banner; |
|
|
|
debug3("%s entering", __func__); |
|
|
|
buffer_init(&m); |
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); |
|
buffer_clear(&m); |
|
|
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTH2_READ_BANNER, &m); |
|
banner = buffer_get_string(&m, NULL); |
|
buffer_free(&m); |
|
|
|
return (banner); |
|
} |
|
|
/* Inform the privileged process about service and style */ |
/* Inform the privileged process about service and style */ |
|
|
void |
void |
|
|
{ |
{ |
Buffer m; |
Buffer m; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_cstring(&m, service); |
buffer_put_cstring(&m, service); |
buffer_put_cstring(&m, style ? style : ""); |
buffer_put_cstring(&m, style ? style : ""); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m); |
|
|
buffer_free(&m); |
buffer_free(&m); |
} |
} |
|
|
Buffer m; |
Buffer m; |
int authenticated = 0; |
int authenticated = 0; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_cstring(&m, password); |
buffer_put_cstring(&m, password); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m); |
|
|
debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); |
|
|
authenticated = buffer_get_int(&m); |
authenticated = buffer_get_int(&m); |
|
|
buffer_free(&m); |
buffer_free(&m); |
|
|
debug3("%s: user %sauthenticated", |
debug3("%s: user %sauthenticated", |
__FUNCTION__, authenticated ? "" : "not "); |
__func__, authenticated ? "" : "not "); |
return (authenticated); |
return (authenticated); |
} |
} |
|
|
|
|
|
|
while (buffer_len(m)) { |
while (buffer_len(m)) { |
msg = buffer_get_string(m, NULL); |
msg = buffer_get_string(m, NULL); |
debug3("%s: Sending debug: %s", __FUNCTION__, msg); |
debug3("%s: Sending debug: %s", __func__, msg); |
packet_send_debug("%s", msg); |
packet_send_debug("%s", msg); |
xfree(msg); |
xfree(msg); |
} |
} |
|
|
u_int len; |
u_int len; |
int allowed = 0; |
int allowed = 0; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
/* Convert the key to a blob and the pass it over */ |
/* Convert the key to a blob and the pass it over */ |
if (!key_to_blob(key, &blob, &len)) |
if (!key_to_blob(key, &blob, &len)) |
|
|
buffer_put_string(&m, blob, len); |
buffer_put_string(&m, blob, len); |
xfree(blob); |
xfree(blob); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); |
|
|
debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m); |
|
|
allowed = buffer_get_int(&m); |
allowed = buffer_get_int(&m); |
|
|
|
|
u_int len; |
u_int len; |
int verified = 0; |
int verified = 0; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
/* Convert the key to a blob and the pass it over */ |
/* Convert the key to a blob and the pass it over */ |
if (!key_to_blob(key, &blob, &len)) |
if (!key_to_blob(key, &blob, &len)) |
|
|
buffer_put_string(&m, data, datalen); |
buffer_put_string(&m, data, datalen); |
xfree(blob); |
xfree(blob); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); |
|
|
debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m); |
|
|
verified = buffer_get_int(&m); |
verified = buffer_get_int(&m); |
|
|
|
|
Mac *mac; |
Mac *mac; |
Comp *comp; |
Comp *comp; |
|
|
debug3("%s: %p(%d)", __FUNCTION__, blob, blen); |
debug3("%s: %p(%d)", __func__, blob, blen); |
#ifdef DEBUG_PK |
#ifdef DEBUG_PK |
dump_base64(stderr, blob, blen); |
dump_base64(stderr, blob, blen); |
#endif |
#endif |
|
|
enc->key = buffer_get_string(&b, &enc->key_len); |
enc->key = buffer_get_string(&b, &enc->key_len); |
enc->iv = buffer_get_string(&b, &len); |
enc->iv = buffer_get_string(&b, &len); |
if (len != enc->block_size) |
if (len != enc->block_size) |
fatal("%s: bad ivlen: expected %d != %d", __FUNCTION__, |
fatal("%s: bad ivlen: expected %u != %u", __func__, |
enc->block_size, len); |
enc->block_size, len); |
|
|
if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) |
if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) |
fatal("%s: bad cipher name %s or pointer %p", __FUNCTION__, |
fatal("%s: bad cipher name %s or pointer %p", __func__, |
enc->name, enc->cipher); |
enc->name, enc->cipher); |
|
|
/* Mac structure */ |
/* Mac structure */ |
mac->name = buffer_get_string(&b, NULL); |
mac->name = buffer_get_string(&b, NULL); |
if (mac->name == NULL || mac_init(mac, mac->name) == -1) |
if (mac->name == NULL || mac_init(mac, mac->name) == -1) |
fatal("%s: can not init mac %s", __FUNCTION__, mac->name); |
fatal("%s: can not init mac %s", __func__, mac->name); |
mac->enabled = buffer_get_int(&b); |
mac->enabled = buffer_get_int(&b); |
mac->key = buffer_get_string(&b, &len); |
mac->key = buffer_get_string(&b, &len); |
if (len > mac->key_len) |
if (len > mac->key_len) |
fatal("%s: bad mac key lenght: %d > %d", __FUNCTION__, len, |
fatal("%s: bad mac key length: %u > %d", __func__, len, |
mac->key_len); |
mac->key_len); |
mac->key_len = len; |
mac->key_len = len; |
|
|
|
|
|
|
len = buffer_len(&b); |
len = buffer_len(&b); |
if (len != 0) |
if (len != 0) |
error("newkeys_from_blob: remaining bytes in blob %d", len); |
error("newkeys_from_blob: remaining bytes in blob %u", len); |
buffer_free(&b); |
buffer_free(&b); |
return (newkey); |
return (newkey); |
} |
} |
|
|
{ |
{ |
Buffer b; |
Buffer b; |
int len; |
int len; |
u_char *buf; |
|
Enc *enc; |
Enc *enc; |
Mac *mac; |
Mac *mac; |
Comp *comp; |
Comp *comp; |
Newkeys *newkey = newkeys[mode]; |
Newkeys *newkey = newkeys[mode]; |
|
|
debug3("%s: converting %p", __FUNCTION__, newkey); |
debug3("%s: converting %p", __func__, newkey); |
|
|
if (newkey == NULL) { |
if (newkey == NULL) { |
error("%s: newkey == NULL", __FUNCTION__); |
error("%s: newkey == NULL", __func__); |
return 0; |
return 0; |
} |
} |
enc = &newkey->enc; |
enc = &newkey->enc; |
|
|
buffer_put_cstring(&b, comp->name); |
buffer_put_cstring(&b, comp->name); |
|
|
len = buffer_len(&b); |
len = buffer_len(&b); |
buf = xmalloc(len); |
|
memcpy(buf, buffer_ptr(&b), len); |
|
memset(buffer_ptr(&b), 0, len); |
|
buffer_free(&b); |
|
if (lenp != NULL) |
if (lenp != NULL) |
*lenp = len; |
*lenp = len; |
if (blobp != NULL) |
if (blobp != NULL) { |
*blobp = buf; |
*blobp = xmalloc(len); |
|
memcpy(*blobp, buffer_ptr(&b), len); |
|
} |
|
memset(buffer_ptr(&b), 0, len); |
|
buffer_free(&b); |
return len; |
return len; |
} |
} |
|
|
|
|
} |
} |
|
|
void |
void |
mm_send_keystate(struct monitor *monitor) |
mm_send_keystate(struct monitor *pmonitor) |
{ |
{ |
Buffer m; |
Buffer m; |
u_char *blob, *p; |
u_char *blob, *p; |
|
|
|
|
if (!compat20) { |
if (!compat20) { |
u_char iv[24]; |
u_char iv[24]; |
int ivlen; |
u_char *key; |
|
u_int ivlen, keylen; |
|
|
buffer_put_int(&m, packet_get_protocol_flags()); |
buffer_put_int(&m, packet_get_protocol_flags()); |
|
|
buffer_put_int(&m, packet_get_ssh1_cipher()); |
buffer_put_int(&m, packet_get_ssh1_cipher()); |
|
|
debug3("%s: Sending ssh1 IV", __FUNCTION__); |
debug3("%s: Sending ssh1 KEY+IV", __func__); |
|
keylen = packet_get_encryption_key(NULL); |
|
key = xmalloc(keylen+1); /* add 1 if keylen == 0 */ |
|
keylen = packet_get_encryption_key(key); |
|
buffer_put_string(&m, key, keylen); |
|
memset(key, 0, keylen); |
|
xfree(key); |
|
|
ivlen = packet_get_keyiv_len(MODE_OUT); |
ivlen = packet_get_keyiv_len(MODE_OUT); |
packet_get_keyiv(MODE_OUT, iv, ivlen); |
packet_get_keyiv(MODE_OUT, iv, ivlen); |
buffer_put_string(&m, iv, ivlen); |
buffer_put_string(&m, iv, ivlen); |
|
|
goto skip; |
goto skip; |
} else { |
} else { |
/* Kex for rekeying */ |
/* Kex for rekeying */ |
mm_send_kex(&m, *monitor->m_pkex); |
mm_send_kex(&m, *pmonitor->m_pkex); |
} |
} |
|
|
debug3("%s: Sending new keys: %p %p", |
debug3("%s: Sending new keys: %p %p", |
__FUNCTION__, newkeys[MODE_OUT], newkeys[MODE_IN]); |
__func__, newkeys[MODE_OUT], newkeys[MODE_IN]); |
|
|
/* Keys from Kex */ |
/* Keys from Kex */ |
if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) |
if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) |
fatal("%s: conversion of newkeys failed", __FUNCTION__); |
fatal("%s: conversion of newkeys failed", __func__); |
|
|
buffer_put_string(&m, blob, bloblen); |
buffer_put_string(&m, blob, bloblen); |
xfree(blob); |
xfree(blob); |
|
|
if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen)) |
if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen)) |
fatal("%s: conversion of newkeys failed", __FUNCTION__); |
fatal("%s: conversion of newkeys failed", __func__); |
|
|
buffer_put_string(&m, blob, bloblen); |
buffer_put_string(&m, blob, bloblen); |
xfree(blob); |
xfree(blob); |
|
|
buffer_put_int(&m, packet_get_seqnr(MODE_OUT)); |
buffer_put_int(&m, packet_get_seqnr(MODE_OUT)); |
buffer_put_int(&m, packet_get_seqnr(MODE_IN)); |
buffer_put_int(&m, packet_get_seqnr(MODE_IN)); |
|
|
debug3("%s: New keys have been sent", __FUNCTION__); |
debug3("%s: New keys have been sent", __func__); |
skip: |
skip: |
/* More key context */ |
/* More key context */ |
plen = packet_get_keycontext(MODE_OUT, NULL); |
plen = packet_get_keycontext(MODE_OUT, NULL); |
|
|
xfree(p); |
xfree(p); |
|
|
/* Compression state */ |
/* Compression state */ |
debug3("%s: Sending compression state", __FUNCTION__); |
debug3("%s: Sending compression state", __func__); |
buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); |
buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); |
buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); |
buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); |
|
|
|
|
buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); |
buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); |
buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); |
buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); |
debug3("%s: Finished sending state", __FUNCTION__); |
debug3("%s: Finished sending state", __func__); |
|
|
buffer_free(&m); |
buffer_free(&m); |
} |
} |
|
|
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) |
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) |
{ |
{ |
Buffer m; |
Buffer m; |
u_char *p; |
char *p; |
int success = 0; |
int success = 0; |
|
|
buffer_init(&m); |
buffer_init(&m); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_PTY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m); |
|
|
debug3("%s: waiting for MONITOR_ANS_PTY", __FUNCTION__); |
debug3("%s: waiting for MONITOR_ANS_PTY", __func__); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_PTY, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m); |
|
|
success = buffer_get_int(&m); |
success = buffer_get_int(&m); |
if (success == 0) { |
if (success == 0) { |
debug3("%s: pty alloc failed", __FUNCTION__); |
debug3("%s: pty alloc failed", __func__); |
buffer_free(&m); |
buffer_free(&m); |
return (0); |
return (0); |
} |
} |
|
|
strlcpy(namebuf, p, namebuflen); /* Possible truncation */ |
strlcpy(namebuf, p, namebuflen); /* Possible truncation */ |
xfree(p); |
xfree(p); |
|
|
*ptyfd = mm_receive_fd(monitor->m_recvfd); |
*ptyfd = mm_receive_fd(pmonitor->m_recvfd); |
*ttyfd = mm_receive_fd(monitor->m_recvfd); |
*ttyfd = mm_receive_fd(pmonitor->m_recvfd); |
|
|
/* Success */ |
/* Success */ |
return (1); |
return (1); |
|
|
return; |
return; |
buffer_init(&m); |
buffer_init(&m); |
buffer_put_cstring(&m, s->tty); |
buffer_put_cstring(&m, s->tty); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, &m); |
buffer_free(&m); |
buffer_free(&m); |
|
|
/* closed dup'ed master */ |
/* closed dup'ed master */ |
|
|
Buffer m; |
Buffer m; |
|
|
buffer_init(&m); |
buffer_init(&m); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_TERM, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, &m); |
buffer_free(&m); |
buffer_free(&m); |
} |
} |
|
|
|
|
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_bignum2(&m, num); |
buffer_put_bignum2(&m, num); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_SESSKEY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSKEY, &m); |
|
|
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_SESSKEY, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SESSKEY, &m); |
|
|
rsafail = buffer_get_int(&m); |
rsafail = buffer_get_int(&m); |
buffer_get_bignum2(&m, num); |
buffer_get_bignum2(&m, num); |
|
|
mm_chall_setup(char **name, char **infotxt, u_int *numprompts, |
mm_chall_setup(char **name, char **infotxt, u_int *numprompts, |
char ***prompts, u_int **echo_on) |
char ***prompts, u_int **echo_on) |
{ |
{ |
*name = xstrdup(""); |
*name = xstrdup(""); |
*infotxt = xstrdup(""); |
*infotxt = xstrdup(""); |
*numprompts = 1; |
*numprompts = 1; |
*prompts = xmalloc(*numprompts * sizeof(char*)); |
*prompts = xmalloc(*numprompts * sizeof(char *)); |
*echo_on = xmalloc(*numprompts * sizeof(u_int)); |
*echo_on = xmalloc(*numprompts * sizeof(u_int)); |
(*echo_on)[0] = 0; |
(*echo_on)[0] = 0; |
} |
} |
|
|
int res; |
int res; |
char *challenge; |
char *challenge; |
|
|
debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m); |
|
|
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY, |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY, |
&m); |
&m); |
res = buffer_get_int(&m); |
res = buffer_get_int(&m); |
if (res == -1) { |
if (res == -1) { |
debug3("%s: no challenge", __FUNCTION__); |
debug3("%s: no challenge", __func__); |
buffer_free(&m); |
buffer_free(&m); |
return (-1); |
return (-1); |
} |
} |
|
|
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
(*prompts)[0] = challenge; |
(*prompts)[0] = challenge; |
|
|
debug3("%s: received challenge: %s", __FUNCTION__, challenge); |
debug3("%s: received challenge: %s", __func__, challenge); |
|
|
return (0); |
return (0); |
} |
} |
|
|
Buffer m; |
Buffer m; |
int authok; |
int authok; |
|
|
debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
if (numresponses != 1) |
if (numresponses != 1) |
return (-1); |
return (-1); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_cstring(&m, responses[0]); |
buffer_put_cstring(&m, responses[0]); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, &m); |
|
|
mm_request_receive_expect(monitor->m_recvfd, |
mm_request_receive_expect(pmonitor->m_recvfd, |
MONITOR_ANS_BSDAUTHRESPOND, &m); |
MONITOR_ANS_BSDAUTHRESPOND, &m); |
|
|
authok = buffer_get_int(&m); |
authok = buffer_get_int(&m); |
|
|
int len, res; |
int len, res; |
char *p, *challenge; |
char *p, *challenge; |
|
|
debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m); |
|
|
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_SKEYQUERY, |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY, |
&m); |
&m); |
res = buffer_get_int(&m); |
res = buffer_get_int(&m); |
if (res == -1) { |
if (res == -1) { |
debug3("%s: no challenge", __FUNCTION__); |
debug3("%s: no challenge", __func__); |
buffer_free(&m); |
buffer_free(&m); |
return (-1); |
return (-1); |
} |
} |
|
|
challenge = buffer_get_string(&m, NULL); |
challenge = buffer_get_string(&m, NULL); |
buffer_free(&m); |
buffer_free(&m); |
|
|
debug3("%s: received challenge: %s", __FUNCTION__, challenge); |
debug3("%s: received challenge: %s", __func__, challenge); |
|
|
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); |
|
|
|
|
Buffer m; |
Buffer m; |
int authok; |
int authok; |
|
|
debug3("%s: entering", __FUNCTION__); |
debug3("%s: entering", __func__); |
if (numresponses != 1) |
if (numresponses != 1) |
return (-1); |
return (-1); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_cstring(&m, responses[0]); |
buffer_put_cstring(&m, responses[0]); |
mm_request_send(monitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, &m); |
|
|
mm_request_receive_expect(monitor->m_recvfd, |
mm_request_receive_expect(pmonitor->m_recvfd, |
MONITOR_ANS_SKEYRESPOND, &m); |
MONITOR_ANS_SKEYRESPOND, &m); |
|
|
authok = buffer_get_int(&m); |
authok = buffer_get_int(&m); |
|
|
Buffer m; |
Buffer m; |
int i; |
int i; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
for (i = 0; i < 16; i++) |
for (i = 0; i < 16; i++) |
buffer_put_char(&m, session_id[i]); |
buffer_put_char(&m, session_id[i]); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_SESSID, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSID, &m); |
buffer_free(&m); |
buffer_free(&m); |
} |
} |
|
|
|
|
u_int blen; |
u_int blen; |
int allowed = 0; |
int allowed = 0; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_bignum2(&m, client_n); |
buffer_put_bignum2(&m, client_n); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_RSAKEYALLOWED, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSAKEYALLOWED, &m); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_RSAKEYALLOWED, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSAKEYALLOWED, &m); |
|
|
allowed = buffer_get_int(&m); |
allowed = buffer_get_int(&m); |
|
|
if (allowed && rkey != NULL) { |
if (allowed && rkey != NULL) { |
blob = buffer_get_string(&m, &blen); |
blob = buffer_get_string(&m, &blen); |
if ((key = key_from_blob(blob, blen)) == NULL) |
if ((key = key_from_blob(blob, blen)) == NULL) |
fatal("%s: key_from_blob failed", __FUNCTION__); |
fatal("%s: key_from_blob failed", __func__); |
*rkey = key; |
*rkey = key; |
xfree(blob); |
xfree(blob); |
} |
} |
|
|
u_char *blob; |
u_char *blob; |
u_int blen; |
u_int blen; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
if ((challenge = BN_new()) == NULL) |
if ((challenge = BN_new()) == NULL) |
fatal("%s: BN_new failed", __FUNCTION__); |
fatal("%s: BN_new failed", __func__); |
|
|
key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
if (key_to_blob(key, &blob, &blen) == 0) |
if (key_to_blob(key, &blob, &blen) == 0) |
fatal("%s: key_to_blob failed", __FUNCTION__); |
fatal("%s: key_to_blob failed", __func__); |
key->type = KEY_RSA1; |
key->type = KEY_RSA1; |
|
|
buffer_init(&m); |
buffer_init(&m); |
buffer_put_string(&m, blob, blen); |
buffer_put_string(&m, blob, blen); |
xfree(blob); |
xfree(blob); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m); |
|
|
buffer_get_bignum2(&m, challenge); |
buffer_get_bignum2(&m, challenge); |
buffer_free(&m); |
buffer_free(&m); |
|
|
u_int blen; |
u_int blen; |
int success = 0; |
int success = 0; |
|
|
debug3("%s entering", __FUNCTION__); |
debug3("%s entering", __func__); |
|
|
key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
key->type = KEY_RSA; /* XXX cheat for key_to_blob */ |
if (key_to_blob(key, &blob, &blen) == 0) |
if (key_to_blob(key, &blob, &blen) == 0) |
fatal("%s: key_to_blob failed", __FUNCTION__); |
fatal("%s: key_to_blob failed", __func__); |
key->type = KEY_RSA1; |
key->type = KEY_RSA1; |
|
|
buffer_init(&m); |
buffer_init(&m); |
|
|
buffer_put_string(&m, response, 16); |
buffer_put_string(&m, response, 16); |
xfree(blob); |
xfree(blob); |
|
|
mm_request_send(monitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); |
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); |
mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); |
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); |
|
|
success = buffer_get_int(&m); |
success = buffer_get_int(&m); |
buffer_free(&m); |
buffer_free(&m); |
|
|
return (success); |
return (success); |
} |
} |
|
|
|
#ifdef KRB4 |
|
int |
|
mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply) |
|
{ |
|
KTEXT auth, reply; |
|
Buffer m; |
|
u_int rlen; |
|
int success = 0; |
|
char *p; |
|
|
|
debug3("%s entering", __func__); |
|
auth = _auth; |
|
reply = _reply; |
|
|
|
buffer_init(&m); |
|
buffer_put_string(&m, auth->dat, auth->length); |
|
|
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB4, &m); |
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB4, &m); |
|
|
|
success = buffer_get_int(&m); |
|
if (success) { |
|
*client = buffer_get_string(&m, NULL); |
|
p = buffer_get_string(&m, &rlen); |
|
if (rlen >= MAX_KTXT_LEN) |
|
fatal("%s: reply from monitor too large", __func__); |
|
reply->length = rlen; |
|
memcpy(reply->dat, p, rlen); |
|
memset(p, 0, rlen); |
|
xfree(p); |
|
} |
|
buffer_free(&m); |
|
return (success); |
|
} |
|
#endif |
|
|
|
#ifdef KRB5 |
|
int |
|
mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp) |
|
{ |
|
krb5_data *tkt, *reply; |
|
Buffer m; |
|
int success; |
|
|
|
debug3("%s entering", __func__); |
|
tkt = (krb5_data *) argp; |
|
reply = (krb5_data *) resp; |
|
|
|
buffer_init(&m); |
|
buffer_put_string(&m, tkt->data, tkt->length); |
|
|
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m); |
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m); |
|
|
|
success = buffer_get_int(&m); |
|
if (success) { |
|
u_int len; |
|
|
|
*userp = buffer_get_string(&m, NULL); |
|
reply->data = buffer_get_string(&m, &len); |
|
reply->length = len; |
|
} else { |
|
memset(reply, 0, sizeof(*reply)); |
|
*userp = NULL; |
|
} |
|
|
|
buffer_free(&m); |
|
return (success); |
|
} |
|
#endif |