*/
#include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.17 2002/06/22 23:09:51 stevesk Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.30 2002/11/05 19:45:20 markus Exp $");
#include <openssl/dh.h>
int mm_answer_pam_start(int, Buffer *);
#endif
+#ifdef KRB4
+int mm_answer_krb4(int, Buffer *);
+#endif
+#ifdef KRB5
+int mm_answer_krb5(int, Buffer *);
+#endif
+
static Authctxt *authctxt;
static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */
static u_char *key_blob = NULL;
static u_int key_bloblen = 0;
static int key_blobtype = MM_NOKEY;
-static u_char *hostbased_cuser = NULL;
-static u_char *hostbased_chost = NULL;
+static char *hostbased_cuser = NULL;
+static char *hostbased_chost = NULL;
static char *auth_method = "unknown";
static int session_id2_len = 0;
static u_char *session_id2 = NULL;
#endif
#ifdef USE_PAM
{MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
+#endif
+#ifdef KRB4
+ {MONITOR_REQ_KRB4, MON_ONCE|MON_AUTH, mm_answer_krb4},
+#endif
+#ifdef KRB5
+ {MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5},
#endif
{0, 0, NULL}
};
p = buffer_get_string(m, &datlen);
if (datlen != 20)
- fatal("%s: data length incorrect: %d", __func__, datlen);
+ fatal("%s: data length incorrect: %u", __func__, datlen);
/* save session id, it will be passed on the first call */
if (session_id2_len == 0) {
if (key_sign(key, &signature, &siglen, p, datlen) < 0)
fatal("%s: key_sign failed", __func__);
- debug3("%s: signature %p(%d)", __func__, signature, siglen);
+ debug3("%s: signature %p(%u)", __func__, signature, siglen);
buffer_clear(m);
buffer_put_string(m, signature, siglen);
mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m);
if (banner != NULL)
- free(banner);
+ xfree(banner);
return (0);
}
{
static int call_count;
char *passwd;
- int authenticated, plen;
+ int authenticated;
+ u_int plen;
passwd = buffer_get_string(m, &plen);
/* Only authenticate if the context is valid */
mm_answer_keyallowed(int socket, Buffer *m)
{
Key *key;
- u_char *cuser, *chost, *blob;
+ char *cuser, *chost;
+ u_char *blob;
u_int bloblen;
enum mm_keytype type = 0;
int allowed = 0;
monitor_valid_userblob(u_char *data, u_int datalen)
{
Buffer b;
- u_char *p;
+ char *p;
u_int len;
int fail = 0;
}
static int
-monitor_valid_hostbasedblob(u_char *data, u_int datalen, u_char *cuser,
- u_char *chost)
+monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
+ char *chost)
{
Buffer b;
- u_char *p;
+ char *p;
u_int len;
int fail = 0;
* the address be 0.0.0.0.
*/
memset(&from, 0, sizeof(from));
+ fromlen = sizeof(from);
if (packet_connection_is_on_socket()) {
- fromlen = sizeof(from);
if (getpeername(packet_get_connection_in(),
(struct sockaddr *) & from, &fromlen) < 0) {
debug("getpeername: %.100s", strerror(errno));
/* Record that there was a login on that tty from the remote host. */
record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid,
get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping),
- (struct sockaddr *)&from);
+ (struct sockaddr *)&from, fromlen);
}
static void
return (success);
}
+#ifdef KRB4
+int
+mm_answer_krb4(int socket, Buffer *m)
+{
+ KTEXT_ST auth, reply;
+ char *client, *p;
+ int success;
+ u_int alen;
+
+ reply.length = auth.length = 0;
+
+ p = buffer_get_string(m, &alen);
+ if (alen >= MAX_KTXT_LEN)
+ fatal("%s: auth too large", __func__);
+ memcpy(auth.dat, p, alen);
+ auth.length = alen;
+ memset(p, 0, alen);
+ xfree(p);
+
+ success = options.kerberos_authentication &&
+ authctxt->valid &&
+ auth_krb4(authctxt, &auth, &client, &reply);
+
+ memset(auth.dat, 0, alen);
+ buffer_clear(m);
+ buffer_put_int(m, success);
+
+ if (success) {
+ buffer_put_cstring(m, client);
+ buffer_put_string(m, reply.dat, reply.length);
+ if (client)
+ xfree(client);
+ if (reply.length)
+ memset(reply.dat, 0, reply.length);
+ }
+
+ debug3("%s: sending result %d", __func__, success);
+ mm_request_send(socket, MONITOR_ANS_KRB4, m);
+
+ auth_method = "kerberos";
+
+ /* Causes monitor loop to terminate if authenticated */
+ return (success);
+}
+#endif
+
+#ifdef KRB5
+int
+mm_answer_krb5(int socket, Buffer *m)
+{
+ krb5_data tkt, reply;
+ char *client_user;
+ u_int len;
+ int success;
+
+ /* use temporary var to avoid size issues on 64bit arch */
+ tkt.data = buffer_get_string(m, &len);
+ tkt.length = len;
+
+ success = options.kerberos_authentication &&
+ authctxt->valid &&
+ auth_krb5(authctxt, &tkt, &client_user, &reply);
+
+ if (tkt.length)
+ xfree(tkt.data);
+
+ buffer_clear(m);
+ buffer_put_int(m, success);
+
+ if (success) {
+ buffer_put_cstring(m, client_user);
+ buffer_put_string(m, reply.data, reply.length);
+ if (client_user)
+ xfree(client_user);
+ if (reply.length)
+ xfree(reply.data);
+ }
+ mm_request_send(socket, MONITOR_ANS_KRB5, m);
+
+ return success;
+}
+#endif
+
int
mm_answer_term(int socket, Buffer *req)
{
void *
mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
{
+ size_t len = (size_t) size * ncount;
void *address;
- address = mm_malloc(mm, size * ncount);
+ if (len == 0 || ncount > SIZE_T_MAX / size)
+ fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size);
+
+ address = mm_malloc(mm, len);
return (address);
}