Azure
/
sonic-openssh
зеркало из https://github.com/Azure/sonic-openssh.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

revert more of my stupidity

This commit is contained in:
Damien Miller 2002-03-13 13:21:54 +11:00
Родитель 3a5b023330
Коммит f831f76125
7 изменённых файлов: 0 добавлений и 1765 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

656
monitor.c
Просмотреть файл

@ -1,656 +0,0 @@
/*
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD$");
#include <openssl/dh.h>
#include "ssh.h"
#include "auth.h"
#include "kex.h"
#include "dh.h"
#include "zlib.h"
#include "packet.h"
#include "auth-options.h"
#include "sshpty.h"
#include "channels.h"
#include "session.h"
#include "log.h"
#include "monitor.h"
#include "monitor_mm.h"
#include "monitor_wrap.h"
#include "monitor_fdpass.h"
#include "xmalloc.h"
#include "misc.h"
#include "buffer.h"
#include "bufaux.h"
/* Imports */
extern Newkeys *current_keys[];
extern z_stream incoming_stream;
extern z_stream outgoing_stream;
extern int compat20;
extern int mm_sendfd;
/* State exported from the child */
struct {
z_stream incoming;
z_stream outgoing;
u_char *keyin;
u_int keyinlen;
u_char *keyout;
u_int keyoutlen;
} child_state;
/* Prototype for authentication functions */
int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
int user_key_allowed(struct passwd *, Key *);
Key *get_hostkey_by_index(int);
void session_pty_cleanup(void *);
static Authctxt *authctxt;
struct mon_table {
enum monitor_reqtype type;
int flags;
int (*f)(int, Buffer *);
};
#define MON_PROTOONE 0x0001 /* Used in protocol 1 */
#define MON_PROTOTWO 0x0002 /* Used in protocol 2 */
#define MON_AUTH 0x0004 /* Authentication Request */
#define MON_BOTH (MON_PROTOONE|MON_PROTOTWO)
#define MON_PERMIT 0x1000 /* Request is permitted */
struct mon_table mon_dispatch_proto20[] = {
{MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli},
{MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign},
{MONITOR_REQ_PWNAM, MON_BOTH, mm_answer_pwnamallow},
{MONITOR_REQ_AUTHSERV, MON_BOTH, mm_answer_authserv},
{MONITOR_REQ_AUTHPASSWORD, MON_BOTH | MON_AUTH, mm_answer_authpassword},
{MONITOR_REQ_KEYALLOWED, MON_BOTH | MON_AUTH, mm_answer_keyallowed},
{MONITOR_REQ_KEYVERIFY, MON_BOTH | MON_AUTH, mm_answer_keyverify},
{0, 0, NULL}
};
struct mon_table mon_dispatch_postauth20[] = {
{MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli},
{MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign},
{MONITOR_REQ_PTY, MON_BOTH, mm_answer_pty},
{MONITOR_REQ_TERM, MON_BOTH, mm_answer_term},
{0, 0, NULL}
};
struct mon_table mon_dispatch_proto15[] = {
{0, 0, NULL}
};
struct mon_table *mon_dispatch;
/* Specifies if a certain message is allowed at the moment */
void
monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit)
{
while (ent->f != NULL) {
if (ent->type == type) {
ent->flags &= ~MON_PERMIT;
ent->flags |= permit ? MON_PERMIT : 0;
return;
}
ent++;
}
}
void
monitor_permit_authentications(int permit)
{
struct mon_table *ent = mon_dispatch;
while (ent->f != NULL) {
if (ent->flags & MON_AUTH) {
ent->flags &= ~MON_PERMIT;
ent->flags |= permit ? MON_PERMIT : 0;
}
ent++;
}
}
#define FD_CLOSEONEXEC(x) do { \
if (fcntl(x, F_SETFD, 1) == -1) \
fatal("fcntl(%d, F_SETFD)", x); \
} while (0)
void
monitor_socketpair(int *pair)
{
if (socketpair(PF_LOCAL, SOCK_STREAM, 0, pair) == -1)
fatal("%s: socketpair", __FUNCTION__);
FD_CLOSEONEXEC(pair[0]);
FD_CLOSEONEXEC(pair[1]);
}
Authctxt *
monitor_child_preauth(int socket)
{
debug3("preauth child monitor started");
if (compat20) {
mon_dispatch = mon_dispatch_proto20;
/* Permit requests for moduli and signatures */
monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
} else
mon_dispatch = mon_dispatch_proto15;
authctxt = authctxt_new();
/* The first few requests do not require asynchronous access */
for (;;) {
if (monitor_read(socket, mon_dispatch))
break;
}
debug("%s: %s has been authenticated by privileged process",
__FUNCTION__, authctxt->user);
if (compat20) {
mm_get_keystate(socket);
} else {
fatal("Use loose");
}
return (authctxt);
}
void
monitor_child_postauth(int socket)
{
if (compat20) {
mon_dispatch = mon_dispatch_postauth20;
/* Permit requests for moduli and signatures */
monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
if (!no_pty_flag)
monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
} else
mon_dispatch = mon_dispatch_proto15;
for (;;) {
if (monitor_read(socket, mon_dispatch))
break;
}
}
int
monitor_read(int socket, struct mon_table *ent)
{
Buffer m;
int ret;
u_char type;
buffer_init(&m);
mm_request_receive(socket, &m);
type = buffer_get_char(&m);
debug3("%s: checking request %d", __FUNCTION__, type);
while (ent->f != NULL) {
if (ent->type == type)
break;
ent++;
}
if (ent->f != NULL) {
if (!(ent->flags & MON_PERMIT))
fatal("%s: unpermitted request %d", __FUNCTION__,
type);
ret = (*ent->f)(socket, &m);
buffer_free(&m);
return ret;
}
fatal("%s: unsupported request: %d\n", __FUNCTION__, type);
/* NOTREACHED */
return (-1);
}
int
mm_answer_moduli(int socket, Buffer *m)
{
DH *dh;
int min, want, max;
/* Turn off requests for moduli */
monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 0);
min = buffer_get_int(m);
want = buffer_get_int(m);
max = buffer_get_int(m);
debug3("%s: got parameters: %d %d %d",
__FUNCTION__, min, want, max);
/* We need to check here, too, in case the child got corrupted */
if (max < min || want < min || max < want)
fatal("%s: bad parameters: %d %d %d",
__FUNCTION__, min, want, max);
buffer_clear(m);
dh = choose_dh(min, want, max);
if (dh == NULL) {
buffer_put_char(m, 0);
return (0);
} else {
/* Send first bignum */
buffer_put_char(m, 1);
buffer_put_bignum2(m, dh->p);
buffer_put_bignum2(m, dh->g);
DH_free(dh);
}
mm_request_send(socket, MONITOR_ANS_MODULI, m);
return (0);
}
int
mm_answer_sign(int socket, Buffer *m)
{
Key *key;
u_char *p;
u_char *signature;
u_int siglen, datlen;
int keyid;
debug3("%s", __FUNCTION__);
keyid = buffer_get_int(m);
p = buffer_get_string(m, &datlen);
if ((key = get_hostkey_by_index(keyid)) == NULL)
fatal("%s: no hostkey from index %d", __FUNCTION__, keyid);
if (key_sign(key, &signature, &siglen, p, datlen) < 0)
fatal("%s: key_sign failed", __FUNCTION__);
debug3("%s: signature %p(%d)", __FUNCTION__, signature, siglen);
buffer_clear(m);
buffer_put_string(m, signature, siglen);
xfree(p);
xfree(signature);
/* Turn on permissions for getpwnam */
monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
mm_request_send(socket, MONITOR_ANS_SIGN, m);
return (0);
}
/* Retrieves the password entry and also checks if the user is permitted */
int
mm_answer_pwnamallow(int socket, Buffer *m)
{
char *login;
struct passwd *pwent;
int allowed;
debug3("%s", __FUNCTION__);
if (authctxt->attempt++ != 0)
fatal("%s: multiple attempts for getpwnam", __FUNCTION__);
login = buffer_get_string(m, NULL);
/* XXX - probably latch the username here */
pwent = getpwnam(login);
authctxt->user = xstrdup(login);
setproctitle("%s [priv]", pwent ? login : "unknown");
xfree(login);
/* Allow service/style information on the auth context */
monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
buffer_clear(m);
if (pwent == NULL) {
buffer_put_char(m, 0);
mm_request_send(socket, MONITOR_ANS_PWNAM, m);
return (0);
}
/* Check if we permit this user */
allowed = allowed_user(pwent);
if (allowed) {
authctxt->pw = pwcopy(pwent);
authctxt->valid = 1;
}
buffer_put_char(m, allowed);
buffer_put_string(m, pwent, sizeof(struct passwd));
buffer_put_cstring(m, pwent->pw_name);
buffer_put_cstring(m, "*");
buffer_put_cstring(m, pwent->pw_gecos);
buffer_put_cstring(m, pwent->pw_class);
buffer_put_cstring(m, pwent->pw_dir);
buffer_put_cstring(m, pwent->pw_shell);
debug3("%s: sending MONITOR_ANS_PWNAM: %d", __FUNCTION__, allowed);
mm_request_send(socket, MONITOR_ANS_PWNAM, m);
return (0);
}
int
mm_answer_authserv(int socket, Buffer *m)
{
/* Disallow service/style information on the auth context */
monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 0);
monitor_permit_authentications(1);
authctxt->service = buffer_get_string(m, NULL);
authctxt->style = buffer_get_string(m, NULL);
if (strlen(authctxt->style) == 0) {
xfree(authctxt->style);
authctxt->style = NULL;
}
debug3("%s: service=%s, style=%s",
__FUNCTION__, authctxt->service, authctxt->style);
return (0);
}
int
mm_answer_authpassword(int socket, Buffer *m)
{
char *passwd;
int authenticated;
passwd = buffer_get_string(m, NULL);
/* Only authenticate if the context is valid */
authenticated = authctxt->valid && auth_password(authctxt, passwd);
memset(passwd, 0, strlen(passwd));
xfree(passwd);
buffer_clear(m);
buffer_put_int(m, authenticated);
debug3("%s: sending result %d", __FUNCTION__, authenticated);
mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m);
/* Causes monitor loop to terminate if authenticated */
return (authenticated);
}
int
mm_answer_keyallowed(int socket, Buffer *m)
{
Key *key;
u_char *cuser, *chost, *blob;
u_int bloblen;
enum mm_keytype type = 0;
int allowed = 0;
debug3("%s entering", __FUNCTION__);
type = buffer_get_int(m);
cuser = buffer_get_string(m, NULL);
chost = buffer_get_string(m, NULL);
blob = buffer_get_string(m, &bloblen);
key = key_from_blob(blob, bloblen);
debug3("%s: key_from_blob: %p", __FUNCTION__, key);
if (key != NULL && authctxt->pw != NULL) {
switch(type) {
case MM_USERKEY:
allowed = user_key_allowed(authctxt->pw, key);
break;
case MM_HOSTKEY:
allowed = hostbased_key_allowed(authctxt->pw,
cuser, chost, key);
break;
default:
fatal("%s: unknown key type %d", __FUNCTION__,
type);
break;
}
key_free(key);
}
xfree(chost);
xfree(cuser);
xfree(blob);
debug3("%s: key %p is %s",
__FUNCTION__, key, allowed ? "allowed" : "disallowed");
buffer_clear(m);
buffer_put_int(m, allowed);
mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m);
return (0);
}
int
mm_answer_keyverify(int socket, Buffer *m)
{
Key *key;
u_char *signature, *data, *cuser, *chost, *blob;
u_int signaturelen, datalen, bloblen;
int type;
int verified = 0;
type = buffer_get_int(m);
cuser = buffer_get_string(m, NULL);
chost = buffer_get_string(m, NULL);
blob = buffer_get_string(m, &bloblen);
signature = buffer_get_string(m, &signaturelen);
data = buffer_get_string(m, &datalen);
key = key_from_blob(blob, bloblen);
if (key == NULL)
fatal("%s: bad public key blob", __FUNCTION__);
if (authctxt->pw == NULL || !user_key_allowed(authctxt->pw, key))
fatal("%s: user not allowed", __FUNCTION__);
verified = key_verify(key, signature, signaturelen, data, datalen);
debug3("%s: key %p signature %s",
__FUNCTION__, key, verified ? "verified" : "unverified");
key_free(key);
xfree(chost);
xfree(cuser);
xfree(blob);
xfree(signature);
xfree(data);
buffer_clear(m);
buffer_put_int(m, verified);
mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m);
return (verified);
}
int
mm_answer_pty(int socket, Buffer *m)
{
Session *s;
int res;
debug3("%s entering", __FUNCTION__);
buffer_clear(m);
s = session_new();
if (s == NULL)
goto error;
s->authctxt = authctxt;
s->pw = authctxt->pw;
res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
if (res == 0)
goto error;
fatal_add_cleanup(session_pty_cleanup, (void *)s);
pty_setowner(authctxt->pw, s->tty);
buffer_put_int(m, 1);
buffer_put_cstring(m, s->tty);
mm_request_send(socket, MONITOR_ANS_PTY, m);
mm_send_fd(mm_sendfd, s->ptyfd);
mm_send_fd(mm_sendfd, s->ttyfd);
return (0);
error:
if (s != NULL)
session_close(s);
buffer_put_int(m, 0);
mm_request_send(socket, MONITOR_ANS_PTY, m);
return (0);
}
int
mm_answer_term(int socket, Buffer *req)
{
debug3("%s: tearing down sessions", __FUNCTION__);
/* The child is terminating */
session_destroy_all();
return (1);
}
void
mm_apply_keystate(struct mm_master *mm)
{
/* XXX - delegate to child? */
set_newkeys(MODE_IN);
set_newkeys(MODE_OUT);
packet_set_keycontext(MODE_OUT, child_state.keyout);
xfree(child_state.keyout);
packet_set_keycontext(MODE_IN, child_state.keyin);
xfree(child_state.keyin);
memcpy(&incoming_stream, &child_state.incoming,
sizeof(incoming_stream));
memcpy(&outgoing_stream, &child_state.outgoing,
sizeof(outgoing_stream));
/* Update with new address */
mm_init_compression(mm);
}
/* This function requries careful sanity checking */
void
mm_get_keystate(int socket)
{
Buffer m;
u_char *blob, *p;
u_int bloblen, plen;
debug3("%s: Waiting for new keys", __FUNCTION__);
buffer_init(&m);
mm_request_receive_expect(socket, MONITOR_REQ_KEYEXPORT, &m);
blob = buffer_get_string(&m, &bloblen);
current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);
xfree(blob);
debug3("%s: Waiting for second key", __FUNCTION__);
blob = buffer_get_string(&m, &bloblen);
current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);
xfree(blob);
/* Now get sequence numbers for the packets */
packet_set_seqnr(MODE_OUT, buffer_get_int(&m));
packet_set_seqnr(MODE_IN, buffer_get_int(&m));
/* Get the key context */
child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen);
child_state.keyin = buffer_get_string(&m, &child_state.keyinlen);
debug3("%s: Getting compression state", __FUNCTION__);
/* Get compression state */
p = buffer_get_string(&m, &plen);
if (plen != sizeof(child_state.outgoing))
fatal("%s: bad request size", __FUNCTION__);
memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing));
xfree(p);
p = buffer_get_string(&m, &plen);
if (plen != sizeof(child_state.incoming))
fatal("%s: bad request size", __FUNCTION__);
memcpy(&child_state.incoming, p, sizeof(child_state.incoming));
xfree(p);
buffer_free(&m);
}
/* Allocation functions for zlib */
void *
mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
{
void *address;
address = mm_malloc(mm, size * ncount);
return (address);
}
void
mm_zfree(struct mm_master *mm, void *address)
{
mm_free(mm, address);
}
void
mm_init_compression(struct mm_master *mm)
{
outgoing_stream.zalloc = (alloc_func)mm_zalloc;
outgoing_stream.zfree = (free_func)mm_zfree;
outgoing_stream.opaque = mm;
incoming_stream.zalloc = (alloc_func)mm_zalloc;
incoming_stream.zfree = (free_func)mm_zfree;
incoming_stream.opaque = mm;
}

57
monitor.h
Просмотреть файл

@ -1,57 +0,0 @@
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _MONITOR_H_
#define _MONITOR_H_
enum monitor_reqtype {
MONITOR_REQ_MODULI, MONITOR_ANS_MODULI,
MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,
MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,
MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,
MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,
MONITOR_REQ_KEYALLOWED, MONITOR_ANS_KEYALLOWED,
MONITOR_REQ_KEYVERIFY, MONITOR_ANS_KEYVERIFY,
MONITOR_REQ_KEYEXPORT,
MONITOR_REQ_PTY, MONITOR_ANS_PTY,
MONITOR_REQ_TERM
};
struct monitor_req {
enum monitor_reqtype type;
void *address;
size_t size;
};
void monitor_socketpair(int *pair);
struct Authctxt;
struct Authctxt *monitor_child_preauth(int);
void monitor_child_postauth(int);
struct mon_table;
int monitor_read(int, struct mon_table *);
#endif /* _MONITOR_H_ */

89
monitor_fdpass.c
Просмотреть файл

@ -1,89 +0,0 @@
/*
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD$");
#include <sys/uio.h>
#include "ssh.h"
#include "log.h"
#include "xmalloc.h"
#include "misc.h"
#include "monitor_fdpass.h"
void
mm_send_fd(int socket, int fd)
{
struct msghdr msg;
char tmp[CMSG_SPACE(sizeof(int))];
struct cmsghdr *cmsg;
struct iovec vec;
char ch;
memset(&msg, 0, sizeof(msg));
msg.msg_control = (caddr_t)tmp;
msg.msg_controllen = CMSG_LEN(sizeof(int));
cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_len = CMSG_LEN(sizeof(int));
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_RIGHTS;
*(int *)CMSG_DATA(cmsg) = fd;
vec.iov_base = &ch;
vec.iov_len = 1;
msg.msg_iov = &vec;
msg.msg_iovlen = 1;
if (sendmsg(socket, &msg, 0) == -1)
fatal("%s: sendmsg(%d)", __FUNCTION__, fd);
}
int
mm_receive_fd(int socket)
{
struct msghdr msg;
char tmp[CMSG_SPACE(sizeof(int))];
struct cmsghdr *cmsg;
struct iovec vec;
char ch;
memset(&msg, 0, sizeof(msg));
vec.iov_base = &ch;
vec.iov_len = 1;
msg.msg_iov = &vec;
msg.msg_iovlen = 1;
msg.msg_control = tmp;
msg.msg_controllen = sizeof(tmp);
if (recvmsg(socket, &msg, 0) == -1)
fatal("%s: recvmsg", __FUNCTION__);
cmsg = CMSG_FIRSTHDR(&msg);
if (cmsg->cmsg_type != SCM_RIGHTS)
fatal("%s: expected type %d got %d", __FUNCTION__,
SCM_RIGHTS, cmsg->cmsg_type);
return (*(int *)CMSG_DATA(cmsg));
}

32
monitor_fdpass.h
Просмотреть файл

@ -1,32 +0,0 @@
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _MM_FDPASS_H_
#define _MM_FDPASS_H_
void mm_send_fd(int, int);
int mm_receive_fd(int);
#endif /* _MM_FDPASS_H_ */

329
monitor_mm.c
Просмотреть файл

@ -1,329 +0,0 @@
/*
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD$");
#include <sys/mman.h>
#include "ssh.h"
#include "xmalloc.h"
#include "log.h"
#include "monitor_mm.h"
static int
mm_compare(struct mm_share *a, struct mm_share *b)
{
return (a->address - b->address);
}
RB_GENERATE(mmtree, mm_share, next, mm_compare);
static struct mm_share *
mm_make_entry(struct mm_master *mm, struct mmtree *head,
void *address, size_t size)
{
struct mm_share *tmp, *tmp2;
if (mm->mmalloc == NULL)
tmp = xmalloc(sizeof(struct mm_share));
else
tmp = mm_xmalloc(mm->mmalloc, sizeof(struct mm_share));
tmp->address = address;
tmp->size = size;
tmp2 = RB_INSERT(mmtree, head, tmp);
if (tmp2 != NULL)
fatal("mm_make_entry(%p): double address %p->%p(%d)",
mm, tmp2, address, size);
return (tmp);
}
/* Creates a shared memory area of a certain size */
struct mm_master *
mm_create(struct mm_master *mmalloc, size_t size)
{
void *address;
struct mm_master *mm;
if (mmalloc == NULL)
mm = xmalloc(sizeof(struct mm_master));
else
mm = mm_xmalloc(mmalloc, sizeof(struct mm_master));
/*
* If the memory map has a mm_master it can be completely
* shared including authentication between the child
* and the client.
*/
mm->mmalloc = mmalloc;
address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
-1, 0);
if (address == MAP_FAILED)
fatal("mmap(%d)", size);
mm->address = address;
mm->size = size;
RB_INIT(&mm->rb_free);
RB_INIT(&mm->rb_allocated);
mm_make_entry(mm, &mm->rb_free, address, size);
return (mm);
}
/* Frees either the allocated or the free list */
void
mm_freelist(struct mm_master *mmalloc, struct mmtree *head)
{
struct mm_share *mms, *next;
for (mms = RB_ROOT(head); mms; mms = next) {
next = RB_NEXT(mmtree, head, mms);
RB_REMOVE(mmtree, head, mms);
if (mmalloc == NULL)
xfree(mms);
else
mm_free(mmalloc, mms);
}
}
/* Destroys a memory mapped area */
void
mm_destroy(struct mm_master *mm)
{
mm_freelist(mm->mmalloc, &mm->rb_free);
mm_freelist(mm->mmalloc, &mm->rb_allocated);
if (munmap(mm->address, mm->size) == -1)
fatal("munmap(%p, %d)", mm->address, mm->size);
if (mm->mmalloc == NULL)
xfree(mm);
else
mm_free(mm->mmalloc, mm);
}
void *
mm_xmalloc(struct mm_master *mm, size_t size)
{
void *address;
address = mm_malloc(mm, size);
if (address == NULL)
fatal("%s: mm_malloc(%d)", __FUNCTION__, size);
return (address);
}
/* Allocates data from a memory mapped area */
void *
mm_malloc(struct mm_master *mm, size_t size)
{
struct mm_share *mms, *tmp;
if (size == 0)
fatal("mm_malloc: try to allocate 0 space");
size = ((size + MM_MINSIZE - 1) / MM_MINSIZE) * MM_MINSIZE;
RB_FOREACH(mms, mmtree, &mm->rb_free) {
if (mms->size >= size)
break;
}
if (mms == NULL)
return (NULL);
/* Debug */
memset(mms->address, 0xd0, size);
tmp = mm_make_entry(mm, &mm->rb_allocated, mms->address, size);
/* Does not change order in RB tree */
mms->size -= size;
mms->address = (u_char *)mms->address + size;
if (mms->size == 0) {
RB_REMOVE(mmtree, &mm->rb_free, mms);
if (mm->mmalloc == NULL)
xfree(mms);
else
mm_free(mm->mmalloc, mms);
}
return (tmp->address);
}
/* Frees memory in a memory mapped area */
void
mm_free(struct mm_master *mm, void *address)
{
struct mm_share *mms, *prev, tmp;
tmp.address = address;
mms = RB_FIND(mmtree, &mm->rb_allocated, &tmp);
if (mms == NULL)
fatal("mm_free(%p): can not find %p", mm, address);
/* Debug */
memset(mms->address, 0xd0, mms->size);
/* Remove from allocated list and insert in free list */
RB_REMOVE(mmtree, &mm->rb_allocated, mms);
if (RB_INSERT(mmtree, &mm->rb_free, mms) != NULL)
fatal("mm_free(%p): double address %p", mm, address);
/* Find previous entry */
prev = mms;
if (RB_LEFT(prev, next)) {
prev = RB_LEFT(prev, next);
while (RB_RIGHT(prev, next))
prev = RB_RIGHT(prev, next);
} else {
if (RB_PARENT(prev, next) &&
(prev == RB_RIGHT(RB_PARENT(prev, next), next)))
prev = RB_PARENT(prev, next);
else {
while (RB_PARENT(prev, next) &&
(prev == RB_LEFT(RB_PARENT(prev, next), next)))
prev = RB_PARENT(prev, next);
prev = RB_PARENT(prev, next);
}
}
/* Check if range does not overlap */
if (prev != NULL && MM_ADDRESS_END(prev) > address)
fatal("mm_free: memory corruption: %p(%d) > %p",
prev->address, prev->size, address);
/* See if we can merge backwards */
if (prev != NULL && MM_ADDRESS_END(prev) == address) {
prev->size += mms->size;
RB_REMOVE(mmtree, &mm->rb_free, mms);
if (mm->mmalloc == NULL)
xfree(mms);
else
mm_free(mm->mmalloc, mms);
} else
prev = mms;
if (prev == NULL)
return;
/* Check if we can merge forwards */
mms = RB_NEXT(mmtree, &mm->rb_free, prev);
if (mms == NULL)
return;
if (MM_ADDRESS_END(prev) > mms->address)
fatal("mm_free: memory corruption: %p < %p(%d)",
mms->address, prev->address, prev->size);
if (MM_ADDRESS_END(prev) != mms->address)
return;
prev->size += mms->size;
RB_REMOVE(mmtree, &mm->rb_free, mms);
if (mm->mmalloc == NULL)
xfree(mms);
else
mm_free(mm->mmalloc, mms);
}
void
mm_sync_list(struct mmtree *oldtree, struct mmtree *newtree,
struct mm_master *mm, struct mm_master *mmold)
{
struct mm_master *mmalloc = mm->mmalloc;
struct mm_share *mms, *new;
/* Sync free list */
RB_FOREACH(mms, mmtree, oldtree) {
/* Check the values */
mm_memvalid(mmold, mms, sizeof(struct mm_share));
mm_memvalid(mm, mms->address, mms->size);
new = mm_xmalloc(mmalloc, sizeof(struct mm_share));
memcpy(new, mms, sizeof(struct mm_share));
RB_INSERT(mmtree, newtree, new);
}
}
void
mm_share_sync(struct mm_master **pmm, struct mm_master **pmmalloc)
{
struct mm_master *mm;
struct mm_master *mmalloc;
struct mm_master *mmold;
struct mmtree rb_free, rb_allocated;
debug3("%s: Share sync", __FUNCTION__);
mm = *pmm;
mmold = mm->mmalloc;
mm_memvalid(mmold, mm, sizeof(*mm));
mmalloc = mm_create(NULL, mm->size);
mm = mm_xmalloc(mmalloc, sizeof(struct mm_master));
memcpy(mm, *pmm, sizeof(struct mm_master));
mm->mmalloc = mmalloc;
rb_free = mm->rb_free;
rb_allocated = mm->rb_allocated;
RB_INIT(&mm->rb_free);
RB_INIT(&mm->rb_allocated);
mm_sync_list(&rb_free, &mm->rb_free, mm, mmold);
mm_sync_list(&rb_allocated, &mm->rb_allocated, mm, mmold);
mm_destroy(mmold);
*pmm = mm;
*pmmalloc = mmalloc;
debug3("%s: Share sync end", __FUNCTION__);
}
void
mm_memvalid(struct mm_master *mm, void *address, size_t size)
{
void *end = (u_char *)address + size;
if (address < mm->address)
fatal("mm_memvalid: address too small: %p", address);
if (end < address)
fatal("mm_memvalid: end < address: %p < %p", end, address);
if (end > (void *)((u_char *)mm->address + mm->size))
fatal("mm_memvalid: address too large: %p", address);
}

64
monitor_mm.h
Просмотреть файл

@ -1,64 +0,0 @@
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _MM_H_
#define _MM_H_
#include <sys/tree.h>
struct mm_share {
RB_ENTRY(mm_share) next;
void *address;
size_t size;
};
struct mm_master {
RB_HEAD(mmtree, mm_share) rb_free;
struct mmtree rb_allocated;
void *address;
size_t size;
struct mm_master *mmalloc; /* Used to completely share */
int write; /* used to writing to other party */
int read; /* used for reading from other party */
};
RB_PROTOTYPE(mmtree, mm_share, next, mm_compare);
#define MM_MINSIZE 128
#define MM_ADDRESS_END(x) (void *)((u_char *)(x)->address + (x)->size)
struct mm_master *mm_create(struct mm_master *, size_t);
void mm_destroy(struct mm_master *);
void mm_share_sync(struct mm_master **, struct mm_master **);
void *mm_malloc(struct mm_master *, size_t);
void *mm_xmalloc(struct mm_master *, size_t);
void mm_free(struct mm_master *, void *);
void mm_memvalid(struct mm_master *, void *, size_t);
#endif /* _MM_H_ */

538
monitor_wrap.c
Просмотреть файл

@ -1,538 +0,0 @@
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD$");
#include <openssl/bn.h>
#include <openssl/dh.h>
#include "ssh.h"
#include "dh.h"
#include "kex.h"
#include "buffer.h"
#include "bufaux.h"
#include "packet.h"
#include "mac.h"
#include "log.h"
#include "zlib.h"
#include "monitor.h"
#include "monitor_wrap.h"
#include "xmalloc.h"
#include "atomicio.h"
#include "monitor_fdpass.h"
#include "getput.h"
/* Imports */
extern Newkeys *newkeys[];
extern z_stream incoming_stream;
extern z_stream outgoing_stream;
void
mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
{
u_char buf[5];
u_int mlen = buffer_len(m);
debug3("%s entering: type %d", __FUNCTION__, type);
PUT_32BIT(buf, mlen + 1);
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf))
fatal("%s: write", __FUNCTION__);
if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen)
fatal("%s: write", __FUNCTION__);
}
void
mm_request_receive(int socket, Buffer *m)
{
u_char buf[4];
ssize_t res;
u_int msg_len;
debug3("%s entering", __FUNCTION__);
res = atomicio(read, socket, buf, sizeof(buf));
if (res != sizeof(buf))
fatal("%s: read: %d", __FUNCTION__, res);
msg_len = GET_32BIT(buf);
if (msg_len > 256 * 1024)
fatal("%s: read: bad msg_len %d", __FUNCTION__, msg_len);
buffer_clear(m);
buffer_append_space(m, msg_len);
res = atomicio(read, socket, buffer_ptr(m), msg_len);
if (res != msg_len)
fatal("%s: read: %d != msg_len", __FUNCTION__, res);
}
void
mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m)
{
u_char rtype;
debug3("%s entering: type %d", __FUNCTION__, type);
mm_request_receive(socket, m);
rtype = buffer_get_char(m);
if (rtype != type)
fatal("%s: read: rtype %d != type %d", __FUNCTION__,
rtype, type);
}
DH *
mm_choose_dh(int socket, int min, int nbits, int max)
{
BIGNUM *p, *g;
int success = 0;
Buffer m;
buffer_init(&m);
buffer_put_int(&m, min);
buffer_put_int(&m, nbits);
buffer_put_int(&m, max);
mm_request_send(socket, MONITOR_REQ_MODULI, &m);
debug3("%s: waiting for MONITOR_ANS_MODULI", __FUNCTION__);
mm_request_receive_expect(socket, MONITOR_ANS_MODULI, &m);
success = buffer_get_char(&m);
if (success == 0)
fatal("%s: MONITOR_ANS_MODULI failed", __FUNCTION__);
if ((p = BN_new()) == NULL)
fatal("%s: BN_new failed", __FUNCTION__);
if ((g = BN_new()) == NULL)
fatal("%s: BN_new failed", __FUNCTION__);
buffer_get_bignum2(&m, p);
buffer_get_bignum2(&m, g);
debug3("%s: remaining %d", __FUNCTION__, buffer_len(&m));
buffer_free(&m);
return (dh_new_group(g, p));
}
int
mm_key_sign(int socket, int keyind, u_char **sigp, u_int *lenp,
u_char *data, u_int datalen)
{
Buffer m;
debug3("%s entering", __FUNCTION__);
buffer_init(&m);
buffer_put_int(&m, keyind);
buffer_put_string(&m, data, datalen);
mm_request_send(socket, MONITOR_REQ_SIGN, &m);
debug3("%s: waiting for MONITOR_ANS_SIGN", __FUNCTION__);
mm_request_receive_expect(socket, MONITOR_ANS_SIGN, &m);
*sigp = buffer_get_string(&m, lenp);
buffer_free(&m);
return (0);
}
struct passwd *
mm_getpwnamallow(int socket, const char *login, int *allowed)
{
Buffer m;
struct passwd *pw;
u_int pwlen;
debug3("%s entering", __FUNCTION__);
buffer_init(&m);
buffer_put_cstring(&m, login);
mm_request_send(socket, MONITOR_REQ_PWNAM, &m);
debug3("%s: waiting for MONITOR_ANS_PWNAM", __FUNCTION__);
mm_request_receive_expect(socket, MONITOR_ANS_PWNAM, &m);
*allowed = buffer_get_char(&m);
if (*allowed == 0) {
buffer_free(&m);
return (NULL);
}
pw = buffer_get_string(&m, &pwlen);
if (pwlen != sizeof(struct passwd))
fatal("%s: struct passwd size mismatch", __FUNCTION__);
pw->pw_name = buffer_get_string(&m, NULL);
pw->pw_passwd = buffer_get_string(&m, NULL);
pw->pw_gecos = buffer_get_string(&m, NULL);
pw->pw_class = buffer_get_string(&m, NULL);
pw->pw_dir = buffer_get_string(&m, NULL);
pw->pw_shell = buffer_get_string(&m, NULL);
buffer_free(&m);
return (pw);
}
void
pwfree(struct passwd *pw)
{
xfree(pw->pw_name);
xfree(pw->pw_passwd);
xfree(pw->pw_gecos);
xfree(pw->pw_class);
xfree(pw->pw_dir);
xfree(pw->pw_shell);
xfree(pw);
}
/* Inform the privileged process about service and style */
void
mm_inform_authserv(int socket, char *service, char *style)
{
Buffer m;
debug3("%s entering", __FUNCTION__);
buffer_init(&m);
buffer_put_cstring(&m, service);
buffer_put_cstring(&m, style ? style : "");
mm_request_send(socket, MONITOR_REQ_AUTHSERV, &m);
buffer_free(&m);
}
/* Do the password authentication */
int
mm_auth_password(int socket, char *password)
{
Buffer m;
int authenticated = 0;
debug3("%s entering", __FUNCTION__);
buffer_init(&m);
buffer_put_cstring(&m, password);
mm_request_send(socket, MONITOR_REQ_AUTHPASSWORD, &m);
debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __FUNCTION__);
mm_request_receive_expect(socket, MONITOR_ANS_AUTHPASSWORD, &m);
authenticated = buffer_get_int(&m);
buffer_free(&m);
debug3("%s: user %sauthenticated",
__FUNCTION__, authenticated ? "" : "not ");
return (authenticated);
}
int
mm_key_allowed(int socket, enum mm_keytype type, char *user, char *host,
Key *key)
{
Buffer m;
u_char *blob;
u_int len;
int allowed = 0;
debug3("%s entering", __FUNCTION__);
/* Convert the key to a blob and the pass it over */
if (!key_to_blob(key, &blob, &len))
return (0);
buffer_init(&m);
buffer_put_int(&m, type);
buffer_put_cstring(&m, user ? user : "");
buffer_put_cstring(&m, host ? host : "");
buffer_put_string(&m, blob, len);
xfree(blob);
mm_request_send(socket, MONITOR_REQ_KEYALLOWED, &m);
debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __FUNCTION__);
mm_request_receive_expect(socket, MONITOR_ANS_KEYALLOWED, &m);
allowed = buffer_get_int(&m);
buffer_free(&m);
return (allowed);
}
/*
* This key verify needs to send the key type along, because the
* privileged parent makes the decision if the key is allowed
* for authentication.
*/
int
mm_key_verify(int socket, enum mm_keytype type, char *user, char *host,
Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
{
Buffer m;
u_char *blob;
u_int len;
int verified = 0;
debug3("%s entering", __FUNCTION__);
/* Convert the key to a blob and the pass it over */
if (!key_to_blob(key, &blob, &len))
return (0);
buffer_init(&m);
buffer_put_int(&m, type);
buffer_put_cstring(&m, user ? user : "");
buffer_put_cstring(&m, host ? host : "");
buffer_put_string(&m, blob, len);
buffer_put_string(&m, sig, siglen);
buffer_put_string(&m, data, datalen);
xfree(blob);
mm_request_send(socket, MONITOR_REQ_KEYVERIFY, &m);
debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __FUNCTION__);
mm_request_receive_expect(socket, MONITOR_ANS_KEYVERIFY, &m);
verified = buffer_get_int(&m);
buffer_free(&m);
return (verified);
}
/* Export key state after authentication */
Newkeys *
mm_newkeys_from_blob(u_char *blob, int blen)
{
Buffer b;
int rlen;
Newkeys *newkey = NULL;
Enc *enc;
Mac *mac;
Comp *comp;
debug3("%s: %p(%d)", __FUNCTION__, blob, blen);
#ifdef DEBUG_PK
dump_base64(stderr, blob, blen);
#endif
buffer_init(&b);
buffer_append(&b, blob, blen);
newkey = xmalloc(sizeof(*newkey));
enc = &newkey->enc;
mac = &newkey->mac;
comp = &newkey->comp;
/* Enc structure */
enc->name = buffer_get_string(&b, NULL);
buffer_get(&b, &enc->cipher, sizeof(enc->cipher));
enc->enabled = buffer_get_int(&b);
enc->key_len = buffer_get_int(&b);
enc->block_size = buffer_get_int(&b);
enc->key = xmalloc(enc->key_len);
buffer_get(&b, enc->key, enc->key_len);
enc->iv = xmalloc(enc->block_size);
buffer_get(&b, enc->iv, enc->block_size);
if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher)
fatal("%s: bad cipher name %s or pointer %p", __FUNCTION__,
enc->name, enc->cipher);
/* Mac structure */
mac->name = buffer_get_string(&b, NULL);
if (mac->name == NULL || mac_init(mac, mac->name) == -1)
fatal("%s: can not init mac %s", __FUNCTION__, mac->name);
mac->enabled = buffer_get_int(&b);
mac->key = xmalloc(mac->key_len);
buffer_get(&b, mac->key, mac->key_len);
/* Comp structure */
comp->type = buffer_get_int(&b);
comp->enabled = buffer_get_int(&b);
comp->name = buffer_get_string(&b, NULL);
rlen = buffer_len(&b);
if (rlen != 0)
error("newkeys_from_blob: remaining bytes in blob %d", rlen);
buffer_free(&b);
return (newkey);
}
int
mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
{
Buffer b;
int len;
u_char *buf;
Enc *enc;
Mac *mac;
Comp *comp;
Newkeys *newkey = newkeys[mode];
debug3("%s: converting %p", __FUNCTION__, newkey);
if (newkey == NULL) {
error("%s: newkey == NULL", __FUNCTION__);
return 0;
}
enc = &newkey->enc;
mac = &newkey->mac;
comp = &newkey->comp;
buffer_init(&b);
/* Enc structure */
buffer_put_cstring(&b, enc->name);
/* The cipher struct is constant and shared, you export pointer */
buffer_append(&b, &enc->cipher, sizeof(enc->cipher));
buffer_put_int(&b, enc->enabled);
buffer_put_int(&b, enc->key_len);
buffer_put_int(&b, enc->block_size);
buffer_append(&b, enc->key, enc->key_len);
packet_get_keyiv(mode, enc->iv, enc->block_size);
buffer_append(&b, enc->iv, enc->block_size);
/* Mac structure */
buffer_put_cstring(&b, mac->name);
buffer_put_int(&b, mac->enabled);
buffer_append(&b, mac->key, mac->key_len);
/* Comp structure */
buffer_put_int(&b, comp->type);
buffer_put_int(&b, comp->enabled);
buffer_put_cstring(&b, comp->name);
len = buffer_len(&b);
buf = xmalloc(len);
memcpy(buf, buffer_ptr(&b), len);
memset(buffer_ptr(&b), 0, len);
buffer_free(&b);
if (lenp != NULL)
*lenp = len;
if (blobp != NULL)
*blobp = buf;
return len;
}
void
mm_send_keystate(int socket)
{
Buffer m;
u_char *blob, *p;
u_int bloblen, plen;
debug3("%s: Sending new keys: %p %p",
__FUNCTION__, newkeys[MODE_OUT], newkeys[MODE_IN]);
buffer_init(&m);
/* Keys from Kex */
if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
fatal("%s: conversion of newkeys failed", __FUNCTION__);
buffer_put_string(&m, blob, bloblen);
xfree(blob);
if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))
fatal("%s: conversion of newkeys failed", __FUNCTION__);
buffer_put_string(&m, blob, bloblen);
xfree(blob);
buffer_put_int(&m, packet_get_seqnr(MODE_OUT));
buffer_put_int(&m, packet_get_seqnr(MODE_IN));
debug3("%s: New keys have been sent", __FUNCTION__);
/* More key context */
plen = packet_get_keycontext(MODE_OUT, NULL);
p = xmalloc(plen+1);
packet_get_keycontext(MODE_OUT, p);
buffer_put_string(&m, p, plen);
xfree(p);
plen = packet_get_keycontext(MODE_IN, NULL);
p = xmalloc(plen+1);
packet_get_keycontext(MODE_IN, p);
buffer_put_string(&m, p, plen);
xfree(p);
/* Compression state */
debug3("%s: Sending compression state", __FUNCTION__);
buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
mm_request_send(socket, MONITOR_REQ_KEYEXPORT, &m);
debug3("%s: Finished sending state", __FUNCTION__);
buffer_free(&m);
}
int
mm_pty_allocown(int socket, int *ptyfd, int *ttyfd,
char *namebuf, int namebuflen)
{
Buffer m;
u_char *p;
int success = 0;
buffer_init(&m);
mm_request_send(socket, MONITOR_REQ_PTY, &m);
debug3("%s: waiting for MONITOR_ANS_PTY", __FUNCTION__);
mm_request_receive_expect(socket, MONITOR_ANS_PTY, &m);
success = buffer_get_int(&m);
if (success == 0) {
debug3("%s: pty alloc failed", __FUNCTION__);
buffer_free(&m);
return (0);
}
p = buffer_get_string(&m, NULL);
buffer_free(&m);
strlcpy(namebuf, p, namebuflen); /* Possible truncation */
xfree(p);
*ptyfd = mm_receive_fd(socket);
*ttyfd = mm_receive_fd(socket);
/* Success */
return (1);
}
/* Request process termination */
void
mm_terminate(int socket)
{
Buffer m;
buffer_init(&m);
mm_request_send(socket, MONITOR_REQ_TERM, &m);
buffer_free(&m);
}