*/
#include "includes.h"
-RCSID("$OpenBSD: monitor_wrap.c,v 1.14 2002/06/30 21:59:45 deraadt Exp $");
+RCSID("$OpenBSD: monitor_wrap.c,v 1.26 2003/04/07 08:29:57 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dh.h>
#include "dh.h"
#include "kex.h"
#include "auth.h"
+#include "auth-options.h"
#include "buffer.h"
#include "bufaux.h"
#include "packet.h"
Buffer m;
u_char *blob;
u_int len;
- int allowed = 0;
+ int allowed = 0, have_forced = 0;
debug3("%s entering", __func__);
allowed = buffer_get_int(&m);
+ /* fake forced command */
+ auth_clear_options();
+ have_forced = buffer_get_int(&m);
+ forced_command = have_forced ? xstrdup("true") : NULL;
+
/* Send potential debug messages */
mm_send_debug(&m);
{
Buffer b;
int len;
- u_char *buf;
Enc *enc;
Mac *mac;
Comp *comp;
buffer_put_cstring(&b, comp->name);
len = buffer_len(&b);
- buf = xmalloc(len);
- memcpy(buf, buffer_ptr(&b), len);
- memset(buffer_ptr(&b), 0, len);
- buffer_free(&b);
if (lenp != NULL)
*lenp = len;
- if (blobp != NULL)
- *blobp = buf;
+ if (blobp != NULL) {
+ *blobp = xmalloc(len);
+ memcpy(*blobp, buffer_ptr(&b), len);
+ }
+ memset(buffer_ptr(&b), 0, len);
+ buffer_free(&b);
return len;
}
Buffer m;
u_char *blob, *p;
u_int bloblen, plen;
+ u_int32_t seqnr, packets;
+ u_int64_t blocks;
buffer_init(&m);
buffer_put_string(&m, blob, bloblen);
xfree(blob);
- buffer_put_int(&m, packet_get_seqnr(MODE_OUT));
- buffer_put_int(&m, packet_get_seqnr(MODE_IN));
+ packet_get_state(MODE_OUT, &seqnr, &blocks, &packets);
+ buffer_put_int(&m, seqnr);
+ buffer_put_int64(&m, blocks);
+ buffer_put_int(&m, packets);
+ packet_get_state(MODE_IN, &seqnr, &blocks, &packets);
+ buffer_put_int(&m, seqnr);
+ buffer_put_int64(&m, blocks);
+ buffer_put_int(&m, packets);
debug3("%s: New keys have been sent", __func__);
skip:
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
{
Buffer m;
- u_char *p;
+ char *p;
int success = 0;
buffer_init(&m);
u_int *numprompts, char ***prompts, u_int **echo_on)
{
Buffer m;
- int res;
+ u_int success;
char *challenge;
debug3("%s: entering", __func__);
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY,
&m);
- res = buffer_get_int(&m);
- if (res == -1) {
+ success = buffer_get_int(&m);
+ if (success == 0) {
debug3("%s: no challenge", __func__);
buffer_free(&m);
return (-1);
u_int *numprompts, char ***prompts, u_int **echo_on)
{
Buffer m;
- int len, res;
+ int len;
+ u_int success;
char *p, *challenge;
debug3("%s: entering", __func__);
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY,
&m);
- res = buffer_get_int(&m);
- if (res == -1) {
+ success = buffer_get_int(&m);
+ if (success == 0) {
debug3("%s: no challenge", __func__);
buffer_free(&m);
return (-1);
Key *key;
u_char *blob;
u_int blen;
- int allowed = 0;
+ int allowed = 0, have_forced = 0;
debug3("%s entering", __func__);
allowed = buffer_get_int(&m);
+ /* fake forced command */
+ auth_clear_options();
+ have_forced = buffer_get_int(&m);
+ forced_command = have_forced ? xstrdup("true") : NULL;
+
if (allowed && rkey != NULL) {
blob = buffer_get_string(&m, &blen);
if ((key = key_from_blob(blob, blen)) == NULL)
return (success);
}
+
+#ifdef KRB4
+int
+mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply)
+{
+ KTEXT auth, reply;
+ Buffer m;
+ u_int rlen;
+ int success = 0;
+ char *p;
+
+ debug3("%s entering", __func__);
+ auth = _auth;
+ reply = _reply;
+
+ buffer_init(&m);
+ buffer_put_string(&m, auth->dat, auth->length);
+
+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB4, &m);
+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB4, &m);
+
+ success = buffer_get_int(&m);
+ if (success) {
+ *client = buffer_get_string(&m, NULL);
+ p = buffer_get_string(&m, &rlen);
+ if (rlen >= MAX_KTXT_LEN)
+ fatal("%s: reply from monitor too large", __func__);
+ reply->length = rlen;
+ memcpy(reply->dat, p, rlen);
+ memset(p, 0, rlen);
+ xfree(p);
+ }
+ buffer_free(&m);
+ return (success);
+}
+#endif
+
+#ifdef KRB5
+int
+mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp)
+{
+ krb5_data *tkt, *reply;
+ Buffer m;
+ int success;
+
+ debug3("%s entering", __func__);
+ tkt = (krb5_data *) argp;
+ reply = (krb5_data *) resp;
+
+ buffer_init(&m);
+ buffer_put_string(&m, tkt->data, tkt->length);
+
+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m);
+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m);
+
+ success = buffer_get_int(&m);
+ if (success) {
+ u_int len;
+
+ *userp = buffer_get_string(&m, NULL);
+ reply->data = buffer_get_string(&m, &len);
+ reply->length = len;
+ } else {
+ memset(reply, 0, sizeof(*reply));
+ *userp = NULL;
+ }
+
+ buffer_free(&m);
+ return (success);
+}
+#endif