From af9e8cdf02180e9882924f107847bf3fd16dc6a9 Mon Sep 17 00:00:00 2001 From: djm Date: Wed, 13 Mar 2002 02:21:54 +0000 Subject: [PATCH] revert more of my stupidity --- monitor.c | 656 ----------------------------------------------- monitor.h | 57 ---- monitor_fdpass.c | 89 ------- monitor_fdpass.h | 32 --- monitor_mm.c | 329 ------------------------ monitor_mm.h | 64 ----- monitor_wrap.c | 538 -------------------------------------- 7 files changed, 1765 deletions(-) delete mode 100644 monitor.c delete mode 100644 monitor.h delete mode 100644 monitor_fdpass.c delete mode 100644 monitor_fdpass.h delete mode 100644 monitor_mm.c delete mode 100644 monitor_mm.h delete mode 100644 monitor_wrap.c diff --git a/monitor.c b/monitor.c deleted file mode 100644 index b8579027..00000000 --- a/monitor.c +++ /dev/null @@ -1,656 +0,0 @@ -/* - * Copyright 2001 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD$"); - -#include - -#include "ssh.h" -#include "auth.h" -#include "kex.h" -#include "dh.h" -#include "zlib.h" -#include "packet.h" -#include "auth-options.h" -#include "sshpty.h" -#include "channels.h" -#include "session.h" -#include "log.h" -#include "monitor.h" -#include "monitor_mm.h" -#include "monitor_wrap.h" -#include "monitor_fdpass.h" -#include "xmalloc.h" -#include "misc.h" -#include "buffer.h" -#include "bufaux.h" - -/* Imports */ -extern Newkeys *current_keys[]; -extern z_stream incoming_stream; -extern z_stream outgoing_stream; -extern int compat20; -extern int mm_sendfd; - -/* State exported from the child */ - -struct { - z_stream incoming; - z_stream outgoing; - u_char *keyin; - u_int keyinlen; - u_char *keyout; - u_int keyoutlen; -} child_state; - -/* Prototype for authentication functions */ - -int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); -int user_key_allowed(struct passwd *, Key *); -Key *get_hostkey_by_index(int); - -void session_pty_cleanup(void *); - -static Authctxt *authctxt; - -struct mon_table { - enum monitor_reqtype type; - int flags; - int (*f)(int, Buffer *); -}; - -#define MON_PROTOONE 0x0001 /* Used in protocol 1 */ -#define MON_PROTOTWO 0x0002 /* Used in protocol 2 */ -#define MON_AUTH 0x0004 /* Authentication Request */ - -#define MON_BOTH (MON_PROTOONE|MON_PROTOTWO) - -#define MON_PERMIT 0x1000 /* Request is permitted */ - -struct mon_table mon_dispatch_proto20[] = { - {MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli}, - {MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign}, - {MONITOR_REQ_PWNAM, MON_BOTH, mm_answer_pwnamallow}, - {MONITOR_REQ_AUTHSERV, MON_BOTH, mm_answer_authserv}, - {MONITOR_REQ_AUTHPASSWORD, MON_BOTH | MON_AUTH, mm_answer_authpassword}, - {MONITOR_REQ_KEYALLOWED, MON_BOTH | MON_AUTH, mm_answer_keyallowed}, - {MONITOR_REQ_KEYVERIFY, MON_BOTH | MON_AUTH, mm_answer_keyverify}, - {0, 0, NULL} -}; - -struct mon_table mon_dispatch_postauth20[] = { - {MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli}, - {MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign}, - {MONITOR_REQ_PTY, MON_BOTH, mm_answer_pty}, - {MONITOR_REQ_TERM, MON_BOTH, mm_answer_term}, - {0, 0, NULL} -}; - -struct mon_table mon_dispatch_proto15[] = { - {0, 0, NULL} -}; - -struct mon_table *mon_dispatch; - -/* Specifies if a certain message is allowed at the moment */ - -void -monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit) -{ - while (ent->f != NULL) { - if (ent->type == type) { - ent->flags &= ~MON_PERMIT; - ent->flags |= permit ? MON_PERMIT : 0; - return; - } - ent++; - } -} - -void -monitor_permit_authentications(int permit) -{ - struct mon_table *ent = mon_dispatch; - - while (ent->f != NULL) { - if (ent->flags & MON_AUTH) { - ent->flags &= ~MON_PERMIT; - ent->flags |= permit ? MON_PERMIT : 0; - } - ent++; - } -} - -#define FD_CLOSEONEXEC(x) do { \ - if (fcntl(x, F_SETFD, 1) == -1) \ - fatal("fcntl(%d, F_SETFD)", x); \ -} while (0) - -void -monitor_socketpair(int *pair) -{ - if (socketpair(PF_LOCAL, SOCK_STREAM, 0, pair) == -1) - fatal("%s: socketpair", __FUNCTION__); - FD_CLOSEONEXEC(pair[0]); - FD_CLOSEONEXEC(pair[1]); -} - -Authctxt * -monitor_child_preauth(int socket) -{ - debug3("preauth child monitor started"); - - if (compat20) { - mon_dispatch = mon_dispatch_proto20; - - /* Permit requests for moduli and signatures */ - monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); - monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); - } else - mon_dispatch = mon_dispatch_proto15; - - authctxt = authctxt_new(); - - /* The first few requests do not require asynchronous access */ - for (;;) { - if (monitor_read(socket, mon_dispatch)) - break; - } - - debug("%s: %s has been authenticated by privileged process", - __FUNCTION__, authctxt->user); - - if (compat20) { - mm_get_keystate(socket); - } else { - fatal("Use loose"); - } - - return (authctxt); -} - -void -monitor_child_postauth(int socket) -{ - if (compat20) { - mon_dispatch = mon_dispatch_postauth20; - - /* Permit requests for moduli and signatures */ - monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); - monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); - monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); - - if (!no_pty_flag) - monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); - } else - mon_dispatch = mon_dispatch_proto15; - - for (;;) { - if (monitor_read(socket, mon_dispatch)) - break; - } -} - -int -monitor_read(int socket, struct mon_table *ent) -{ - Buffer m; - int ret; - u_char type; - - buffer_init(&m); - - mm_request_receive(socket, &m); - type = buffer_get_char(&m); - - debug3("%s: checking request %d", __FUNCTION__, type); - - while (ent->f != NULL) { - if (ent->type == type) - break; - ent++; - } - - if (ent->f != NULL) { - if (!(ent->flags & MON_PERMIT)) - fatal("%s: unpermitted request %d", __FUNCTION__, - type); - ret = (*ent->f)(socket, &m); - buffer_free(&m); - return ret; - } - - fatal("%s: unsupported request: %d\n", __FUNCTION__, type); - - /* NOTREACHED */ - return (-1); -} - -int -mm_answer_moduli(int socket, Buffer *m) -{ - DH *dh; - int min, want, max; - - /* Turn off requests for moduli */ - monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 0); - - min = buffer_get_int(m); - want = buffer_get_int(m); - max = buffer_get_int(m); - - debug3("%s: got parameters: %d %d %d", - __FUNCTION__, min, want, max); - /* We need to check here, too, in case the child got corrupted */ - if (max < min || want < min || max < want) - fatal("%s: bad parameters: %d %d %d", - __FUNCTION__, min, want, max); - - buffer_clear(m); - - dh = choose_dh(min, want, max); - if (dh == NULL) { - buffer_put_char(m, 0); - return (0); - } else { - /* Send first bignum */ - buffer_put_char(m, 1); - buffer_put_bignum2(m, dh->p); - buffer_put_bignum2(m, dh->g); - - DH_free(dh); - } - mm_request_send(socket, MONITOR_ANS_MODULI, m); - return (0); -} - -int -mm_answer_sign(int socket, Buffer *m) -{ - Key *key; - u_char *p; - u_char *signature; - u_int siglen, datlen; - int keyid; - - debug3("%s", __FUNCTION__); - - keyid = buffer_get_int(m); - p = buffer_get_string(m, &datlen); - - if ((key = get_hostkey_by_index(keyid)) == NULL) - fatal("%s: no hostkey from index %d", __FUNCTION__, keyid); - if (key_sign(key, &signature, &siglen, p, datlen) < 0) - fatal("%s: key_sign failed", __FUNCTION__); - - debug3("%s: signature %p(%d)", __FUNCTION__, signature, siglen); - - buffer_clear(m); - buffer_put_string(m, signature, siglen); - - xfree(p); - xfree(signature); - - /* Turn on permissions for getpwnam */ - monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); - - mm_request_send(socket, MONITOR_ANS_SIGN, m); - return (0); -} - -/* Retrieves the password entry and also checks if the user is permitted */ - -int -mm_answer_pwnamallow(int socket, Buffer *m) -{ - char *login; - struct passwd *pwent; - int allowed; - - debug3("%s", __FUNCTION__); - - if (authctxt->attempt++ != 0) - fatal("%s: multiple attempts for getpwnam", __FUNCTION__); - - login = buffer_get_string(m, NULL); - - /* XXX - probably latch the username here */ - pwent = getpwnam(login); - authctxt->user = xstrdup(login); - setproctitle("%s [priv]", pwent ? login : "unknown"); - xfree(login); - - /* Allow service/style information on the auth context */ - monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); - - buffer_clear(m); - - if (pwent == NULL) { - buffer_put_char(m, 0); - mm_request_send(socket, MONITOR_ANS_PWNAM, m); - return (0); - } - - /* Check if we permit this user */ - allowed = allowed_user(pwent); - - if (allowed) { - authctxt->pw = pwcopy(pwent); - authctxt->valid = 1; - } - buffer_put_char(m, allowed); - buffer_put_string(m, pwent, sizeof(struct passwd)); - buffer_put_cstring(m, pwent->pw_name); - buffer_put_cstring(m, "*"); - buffer_put_cstring(m, pwent->pw_gecos); - buffer_put_cstring(m, pwent->pw_class); - buffer_put_cstring(m, pwent->pw_dir); - buffer_put_cstring(m, pwent->pw_shell); - - debug3("%s: sending MONITOR_ANS_PWNAM: %d", __FUNCTION__, allowed); - mm_request_send(socket, MONITOR_ANS_PWNAM, m); - - return (0); -} - -int -mm_answer_authserv(int socket, Buffer *m) -{ - /* Disallow service/style information on the auth context */ - monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 0); - - monitor_permit_authentications(1); - - authctxt->service = buffer_get_string(m, NULL); - authctxt->style = buffer_get_string(m, NULL); - if (strlen(authctxt->style) == 0) { - xfree(authctxt->style); - authctxt->style = NULL; - } - - debug3("%s: service=%s, style=%s", - __FUNCTION__, authctxt->service, authctxt->style); - - return (0); -} - -int -mm_answer_authpassword(int socket, Buffer *m) -{ - char *passwd; - int authenticated; - - passwd = buffer_get_string(m, NULL); - /* Only authenticate if the context is valid */ - authenticated = authctxt->valid && auth_password(authctxt, passwd); - memset(passwd, 0, strlen(passwd)); - xfree(passwd); - - buffer_clear(m); - buffer_put_int(m, authenticated); - - debug3("%s: sending result %d", __FUNCTION__, authenticated); - mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m); - - /* Causes monitor loop to terminate if authenticated */ - return (authenticated); -} - -int -mm_answer_keyallowed(int socket, Buffer *m) -{ - Key *key; - u_char *cuser, *chost, *blob; - u_int bloblen; - enum mm_keytype type = 0; - int allowed = 0; - - debug3("%s entering", __FUNCTION__); - - type = buffer_get_int(m); - cuser = buffer_get_string(m, NULL); - chost = buffer_get_string(m, NULL); - blob = buffer_get_string(m, &bloblen); - - key = key_from_blob(blob, bloblen); - - debug3("%s: key_from_blob: %p", __FUNCTION__, key); - - if (key != NULL && authctxt->pw != NULL) { - switch(type) { - case MM_USERKEY: - allowed = user_key_allowed(authctxt->pw, key); - break; - case MM_HOSTKEY: - allowed = hostbased_key_allowed(authctxt->pw, - cuser, chost, key); - break; - default: - fatal("%s: unknown key type %d", __FUNCTION__, - type); - break; - } - key_free(key); - } - xfree(chost); - xfree(cuser); - xfree(blob); - - debug3("%s: key %p is %s", - __FUNCTION__, key, allowed ? "allowed" : "disallowed"); - - buffer_clear(m); - buffer_put_int(m, allowed); - - mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m); - return (0); -} - -int -mm_answer_keyverify(int socket, Buffer *m) -{ - Key *key; - u_char *signature, *data, *cuser, *chost, *blob; - u_int signaturelen, datalen, bloblen; - int type; - int verified = 0; - - type = buffer_get_int(m); - cuser = buffer_get_string(m, NULL); - chost = buffer_get_string(m, NULL); - blob = buffer_get_string(m, &bloblen); - signature = buffer_get_string(m, &signaturelen); - data = buffer_get_string(m, &datalen); - - key = key_from_blob(blob, bloblen); - if (key == NULL) - fatal("%s: bad public key blob", __FUNCTION__); - - if (authctxt->pw == NULL || !user_key_allowed(authctxt->pw, key)) - fatal("%s: user not allowed", __FUNCTION__); - verified = key_verify(key, signature, signaturelen, data, datalen); - debug3("%s: key %p signature %s", - __FUNCTION__, key, verified ? "verified" : "unverified"); - - key_free(key); - xfree(chost); - xfree(cuser); - xfree(blob); - xfree(signature); - xfree(data); - - buffer_clear(m); - buffer_put_int(m, verified); - mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); - - return (verified); -} - -int -mm_answer_pty(int socket, Buffer *m) -{ - Session *s; - int res; - - debug3("%s entering", __FUNCTION__); - - buffer_clear(m); - s = session_new(); - if (s == NULL) - goto error; - s->authctxt = authctxt; - s->pw = authctxt->pw; - res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); - if (res == 0) - goto error; - fatal_add_cleanup(session_pty_cleanup, (void *)s); - pty_setowner(authctxt->pw, s->tty); - - buffer_put_int(m, 1); - buffer_put_cstring(m, s->tty); - mm_request_send(socket, MONITOR_ANS_PTY, m); - - mm_send_fd(mm_sendfd, s->ptyfd); - mm_send_fd(mm_sendfd, s->ttyfd); - return (0); - - error: - if (s != NULL) - session_close(s); - buffer_put_int(m, 0); - mm_request_send(socket, MONITOR_ANS_PTY, m); - return (0); -} - -int -mm_answer_term(int socket, Buffer *req) -{ - debug3("%s: tearing down sessions", __FUNCTION__); - - /* The child is terminating */ - session_destroy_all(); - - return (1); -} - -void -mm_apply_keystate(struct mm_master *mm) -{ - /* XXX - delegate to child? */ - set_newkeys(MODE_IN); - set_newkeys(MODE_OUT); - - packet_set_keycontext(MODE_OUT, child_state.keyout); - xfree(child_state.keyout); - packet_set_keycontext(MODE_IN, child_state.keyin); - xfree(child_state.keyin); - - memcpy(&incoming_stream, &child_state.incoming, - sizeof(incoming_stream)); - memcpy(&outgoing_stream, &child_state.outgoing, - sizeof(outgoing_stream)); - - /* Update with new address */ - mm_init_compression(mm); -} - -/* This function requries careful sanity checking */ - -void -mm_get_keystate(int socket) -{ - Buffer m; - u_char *blob, *p; - u_int bloblen, plen; - - debug3("%s: Waiting for new keys", __FUNCTION__); - - buffer_init(&m); - mm_request_receive_expect(socket, MONITOR_REQ_KEYEXPORT, &m); - - blob = buffer_get_string(&m, &bloblen); - current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); - xfree(blob); - - debug3("%s: Waiting for second key", __FUNCTION__); - blob = buffer_get_string(&m, &bloblen); - current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen); - xfree(blob); - - /* Now get sequence numbers for the packets */ - packet_set_seqnr(MODE_OUT, buffer_get_int(&m)); - packet_set_seqnr(MODE_IN, buffer_get_int(&m)); - - /* Get the key context */ - child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen); - child_state.keyin = buffer_get_string(&m, &child_state.keyinlen); - - debug3("%s: Getting compression state", __FUNCTION__); - /* Get compression state */ - p = buffer_get_string(&m, &plen); - if (plen != sizeof(child_state.outgoing)) - fatal("%s: bad request size", __FUNCTION__); - memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); - xfree(p); - - p = buffer_get_string(&m, &plen); - if (plen != sizeof(child_state.incoming)) - fatal("%s: bad request size", __FUNCTION__); - memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); - xfree(p); - - buffer_free(&m); -} - - -/* Allocation functions for zlib */ -void * -mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) -{ - void *address; - - address = mm_malloc(mm, size * ncount); - - return (address); -} - -void -mm_zfree(struct mm_master *mm, void *address) -{ - mm_free(mm, address); -} - -void -mm_init_compression(struct mm_master *mm) -{ - outgoing_stream.zalloc = (alloc_func)mm_zalloc; - outgoing_stream.zfree = (free_func)mm_zfree; - outgoing_stream.opaque = mm; - - incoming_stream.zalloc = (alloc_func)mm_zalloc; - incoming_stream.zfree = (free_func)mm_zfree; - incoming_stream.opaque = mm; -} diff --git a/monitor.h b/monitor.h deleted file mode 100644 index 7568603f..00000000 --- a/monitor.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright 2002 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _MONITOR_H_ -#define _MONITOR_H_ - -enum monitor_reqtype { - MONITOR_REQ_MODULI, MONITOR_ANS_MODULI, - MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV, - MONITOR_REQ_SIGN, MONITOR_ANS_SIGN, - MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM, - MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD, - MONITOR_REQ_KEYALLOWED, MONITOR_ANS_KEYALLOWED, - MONITOR_REQ_KEYVERIFY, MONITOR_ANS_KEYVERIFY, - MONITOR_REQ_KEYEXPORT, - MONITOR_REQ_PTY, MONITOR_ANS_PTY, - MONITOR_REQ_TERM -}; - -struct monitor_req { - enum monitor_reqtype type; - void *address; - size_t size; -}; - -void monitor_socketpair(int *pair); - -struct Authctxt; -struct Authctxt *monitor_child_preauth(int); -void monitor_child_postauth(int); - -struct mon_table; -int monitor_read(int, struct mon_table *); - -#endif /* _MONITOR_H_ */ diff --git a/monitor_fdpass.c b/monitor_fdpass.c deleted file mode 100644 index 46087ae6..00000000 --- a/monitor_fdpass.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright 2001 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD$"); - -#include - -#include "ssh.h" -#include "log.h" -#include "xmalloc.h" -#include "misc.h" -#include "monitor_fdpass.h" - -void -mm_send_fd(int socket, int fd) -{ - struct msghdr msg; - char tmp[CMSG_SPACE(sizeof(int))]; - struct cmsghdr *cmsg; - struct iovec vec; - char ch; - - memset(&msg, 0, sizeof(msg)); - msg.msg_control = (caddr_t)tmp; - msg.msg_controllen = CMSG_LEN(sizeof(int)); - cmsg = CMSG_FIRSTHDR(&msg); - cmsg->cmsg_len = CMSG_LEN(sizeof(int)); - cmsg->cmsg_level = SOL_SOCKET; - cmsg->cmsg_type = SCM_RIGHTS; - *(int *)CMSG_DATA(cmsg) = fd; - - vec.iov_base = &ch; - vec.iov_len = 1; - msg.msg_iov = &vec; - msg.msg_iovlen = 1; - - if (sendmsg(socket, &msg, 0) == -1) - fatal("%s: sendmsg(%d)", __FUNCTION__, fd); -} - -int -mm_receive_fd(int socket) -{ - struct msghdr msg; - char tmp[CMSG_SPACE(sizeof(int))]; - struct cmsghdr *cmsg; - struct iovec vec; - char ch; - - memset(&msg, 0, sizeof(msg)); - vec.iov_base = &ch; - vec.iov_len = 1; - msg.msg_iov = &vec; - msg.msg_iovlen = 1; - msg.msg_control = tmp; - msg.msg_controllen = sizeof(tmp); - - if (recvmsg(socket, &msg, 0) == -1) - fatal("%s: recvmsg", __FUNCTION__); - - cmsg = CMSG_FIRSTHDR(&msg); - if (cmsg->cmsg_type != SCM_RIGHTS) - fatal("%s: expected type %d got %d", __FUNCTION__, - SCM_RIGHTS, cmsg->cmsg_type); - return (*(int *)CMSG_DATA(cmsg)); -} diff --git a/monitor_fdpass.h b/monitor_fdpass.h deleted file mode 100644 index cb6b71c9..00000000 --- a/monitor_fdpass.h +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright 2002 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _MM_FDPASS_H_ -#define _MM_FDPASS_H_ - -void mm_send_fd(int, int); -int mm_receive_fd(int); - -#endif /* _MM_FDPASS_H_ */ diff --git a/monitor_mm.c b/monitor_mm.c deleted file mode 100644 index 111c97d9..00000000 --- a/monitor_mm.c +++ /dev/null @@ -1,329 +0,0 @@ -/* - * Copyright 2001 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD$"); - -#include - -#include "ssh.h" -#include "xmalloc.h" -#include "log.h" -#include "monitor_mm.h" - -static int -mm_compare(struct mm_share *a, struct mm_share *b) -{ - return (a->address - b->address); -} - -RB_GENERATE(mmtree, mm_share, next, mm_compare); - -static struct mm_share * -mm_make_entry(struct mm_master *mm, struct mmtree *head, - void *address, size_t size) -{ - struct mm_share *tmp, *tmp2; - - if (mm->mmalloc == NULL) - tmp = xmalloc(sizeof(struct mm_share)); - else - tmp = mm_xmalloc(mm->mmalloc, sizeof(struct mm_share)); - tmp->address = address; - tmp->size = size; - - tmp2 = RB_INSERT(mmtree, head, tmp); - if (tmp2 != NULL) - fatal("mm_make_entry(%p): double address %p->%p(%d)", - mm, tmp2, address, size); - - return (tmp); -} - -/* Creates a shared memory area of a certain size */ - -struct mm_master * -mm_create(struct mm_master *mmalloc, size_t size) -{ - void *address; - struct mm_master *mm; - - if (mmalloc == NULL) - mm = xmalloc(sizeof(struct mm_master)); - else - mm = mm_xmalloc(mmalloc, sizeof(struct mm_master)); - - /* - * If the memory map has a mm_master it can be completely - * shared including authentication between the child - * and the client. - */ - mm->mmalloc = mmalloc; - - address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, - -1, 0); - if (address == MAP_FAILED) - fatal("mmap(%d)", size); - - mm->address = address; - mm->size = size; - - RB_INIT(&mm->rb_free); - RB_INIT(&mm->rb_allocated); - - mm_make_entry(mm, &mm->rb_free, address, size); - - return (mm); -} - -/* Frees either the allocated or the free list */ - -void -mm_freelist(struct mm_master *mmalloc, struct mmtree *head) -{ - struct mm_share *mms, *next; - - for (mms = RB_ROOT(head); mms; mms = next) { - next = RB_NEXT(mmtree, head, mms); - RB_REMOVE(mmtree, head, mms); - if (mmalloc == NULL) - xfree(mms); - else - mm_free(mmalloc, mms); - } -} - -/* Destroys a memory mapped area */ - -void -mm_destroy(struct mm_master *mm) -{ - mm_freelist(mm->mmalloc, &mm->rb_free); - mm_freelist(mm->mmalloc, &mm->rb_allocated); - - if (munmap(mm->address, mm->size) == -1) - fatal("munmap(%p, %d)", mm->address, mm->size); - if (mm->mmalloc == NULL) - xfree(mm); - else - mm_free(mm->mmalloc, mm); -} - -void * -mm_xmalloc(struct mm_master *mm, size_t size) -{ - void *address; - - address = mm_malloc(mm, size); - if (address == NULL) - fatal("%s: mm_malloc(%d)", __FUNCTION__, size); - return (address); -} - - -/* Allocates data from a memory mapped area */ - -void * -mm_malloc(struct mm_master *mm, size_t size) -{ - struct mm_share *mms, *tmp; - - if (size == 0) - fatal("mm_malloc: try to allocate 0 space"); - - size = ((size + MM_MINSIZE - 1) / MM_MINSIZE) * MM_MINSIZE; - - RB_FOREACH(mms, mmtree, &mm->rb_free) { - if (mms->size >= size) - break; - } - - if (mms == NULL) - return (NULL); - - /* Debug */ - memset(mms->address, 0xd0, size); - - tmp = mm_make_entry(mm, &mm->rb_allocated, mms->address, size); - - /* Does not change order in RB tree */ - mms->size -= size; - mms->address = (u_char *)mms->address + size; - - if (mms->size == 0) { - RB_REMOVE(mmtree, &mm->rb_free, mms); - if (mm->mmalloc == NULL) - xfree(mms); - else - mm_free(mm->mmalloc, mms); - } - - return (tmp->address); -} - -/* Frees memory in a memory mapped area */ - -void -mm_free(struct mm_master *mm, void *address) -{ - struct mm_share *mms, *prev, tmp; - - tmp.address = address; - mms = RB_FIND(mmtree, &mm->rb_allocated, &tmp); - if (mms == NULL) - fatal("mm_free(%p): can not find %p", mm, address); - - /* Debug */ - memset(mms->address, 0xd0, mms->size); - - /* Remove from allocated list and insert in free list */ - RB_REMOVE(mmtree, &mm->rb_allocated, mms); - if (RB_INSERT(mmtree, &mm->rb_free, mms) != NULL) - fatal("mm_free(%p): double address %p", mm, address); - - /* Find previous entry */ - prev = mms; - if (RB_LEFT(prev, next)) { - prev = RB_LEFT(prev, next); - while (RB_RIGHT(prev, next)) - prev = RB_RIGHT(prev, next); - } else { - if (RB_PARENT(prev, next) && - (prev == RB_RIGHT(RB_PARENT(prev, next), next))) - prev = RB_PARENT(prev, next); - else { - while (RB_PARENT(prev, next) && - (prev == RB_LEFT(RB_PARENT(prev, next), next))) - prev = RB_PARENT(prev, next); - prev = RB_PARENT(prev, next); - } - } - - /* Check if range does not overlap */ - if (prev != NULL && MM_ADDRESS_END(prev) > address) - fatal("mm_free: memory corruption: %p(%d) > %p", - prev->address, prev->size, address); - - /* See if we can merge backwards */ - if (prev != NULL && MM_ADDRESS_END(prev) == address) { - prev->size += mms->size; - RB_REMOVE(mmtree, &mm->rb_free, mms); - if (mm->mmalloc == NULL) - xfree(mms); - else - mm_free(mm->mmalloc, mms); - } else - prev = mms; - - if (prev == NULL) - return; - - /* Check if we can merge forwards */ - mms = RB_NEXT(mmtree, &mm->rb_free, prev); - if (mms == NULL) - return; - - if (MM_ADDRESS_END(prev) > mms->address) - fatal("mm_free: memory corruption: %p < %p(%d)", - mms->address, prev->address, prev->size); - if (MM_ADDRESS_END(prev) != mms->address) - return; - - prev->size += mms->size; - RB_REMOVE(mmtree, &mm->rb_free, mms); - - if (mm->mmalloc == NULL) - xfree(mms); - else - mm_free(mm->mmalloc, mms); -} - -void -mm_sync_list(struct mmtree *oldtree, struct mmtree *newtree, - struct mm_master *mm, struct mm_master *mmold) -{ - struct mm_master *mmalloc = mm->mmalloc; - struct mm_share *mms, *new; - - /* Sync free list */ - RB_FOREACH(mms, mmtree, oldtree) { - /* Check the values */ - mm_memvalid(mmold, mms, sizeof(struct mm_share)); - mm_memvalid(mm, mms->address, mms->size); - - new = mm_xmalloc(mmalloc, sizeof(struct mm_share)); - memcpy(new, mms, sizeof(struct mm_share)); - RB_INSERT(mmtree, newtree, new); - } -} - -void -mm_share_sync(struct mm_master **pmm, struct mm_master **pmmalloc) -{ - struct mm_master *mm; - struct mm_master *mmalloc; - struct mm_master *mmold; - struct mmtree rb_free, rb_allocated; - - debug3("%s: Share sync", __FUNCTION__); - - mm = *pmm; - mmold = mm->mmalloc; - mm_memvalid(mmold, mm, sizeof(*mm)); - - mmalloc = mm_create(NULL, mm->size); - mm = mm_xmalloc(mmalloc, sizeof(struct mm_master)); - memcpy(mm, *pmm, sizeof(struct mm_master)); - mm->mmalloc = mmalloc; - - rb_free = mm->rb_free; - rb_allocated = mm->rb_allocated; - - RB_INIT(&mm->rb_free); - RB_INIT(&mm->rb_allocated); - - mm_sync_list(&rb_free, &mm->rb_free, mm, mmold); - mm_sync_list(&rb_allocated, &mm->rb_allocated, mm, mmold); - - mm_destroy(mmold); - - *pmm = mm; - *pmmalloc = mmalloc; - - debug3("%s: Share sync end", __FUNCTION__); -} - -void -mm_memvalid(struct mm_master *mm, void *address, size_t size) -{ - void *end = (u_char *)address + size; - - if (address < mm->address) - fatal("mm_memvalid: address too small: %p", address); - if (end < address) - fatal("mm_memvalid: end < address: %p < %p", end, address); - if (end > (void *)((u_char *)mm->address + mm->size)) - fatal("mm_memvalid: address too large: %p", address); -} diff --git a/monitor_mm.h b/monitor_mm.h deleted file mode 100644 index 5b4b789c..00000000 --- a/monitor_mm.h +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright 2002 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _MM_H_ -#define _MM_H_ -#include - -struct mm_share { - RB_ENTRY(mm_share) next; - void *address; - size_t size; -}; - -struct mm_master { - RB_HEAD(mmtree, mm_share) rb_free; - struct mmtree rb_allocated; - void *address; - size_t size; - - struct mm_master *mmalloc; /* Used to completely share */ - - int write; /* used to writing to other party */ - int read; /* used for reading from other party */ -}; - -RB_PROTOTYPE(mmtree, mm_share, next, mm_compare); - -#define MM_MINSIZE 128 - -#define MM_ADDRESS_END(x) (void *)((u_char *)(x)->address + (x)->size) - -struct mm_master *mm_create(struct mm_master *, size_t); -void mm_destroy(struct mm_master *); - -void mm_share_sync(struct mm_master **, struct mm_master **); - -void *mm_malloc(struct mm_master *, size_t); -void *mm_xmalloc(struct mm_master *, size_t); -void mm_free(struct mm_master *, void *); - -void mm_memvalid(struct mm_master *, void *, size_t); -#endif /* _MM_H_ */ diff --git a/monitor_wrap.c b/monitor_wrap.c deleted file mode 100644 index 798e9353..00000000 --- a/monitor_wrap.c +++ /dev/null @@ -1,538 +0,0 @@ -/* - * Copyright 2002 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD$"); - -#include -#include - -#include "ssh.h" -#include "dh.h" -#include "kex.h" -#include "buffer.h" -#include "bufaux.h" -#include "packet.h" -#include "mac.h" -#include "log.h" -#include "zlib.h" -#include "monitor.h" -#include "monitor_wrap.h" -#include "xmalloc.h" -#include "atomicio.h" -#include "monitor_fdpass.h" -#include "getput.h" - -/* Imports */ -extern Newkeys *newkeys[]; -extern z_stream incoming_stream; -extern z_stream outgoing_stream; - -void -mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) -{ - u_char buf[5]; - u_int mlen = buffer_len(m); - - debug3("%s entering: type %d", __FUNCTION__, type); - - PUT_32BIT(buf, mlen + 1); - buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ - if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf)) - fatal("%s: write", __FUNCTION__); - if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen) - fatal("%s: write", __FUNCTION__); -} - -void -mm_request_receive(int socket, Buffer *m) -{ - u_char buf[4]; - ssize_t res; - u_int msg_len; - - debug3("%s entering", __FUNCTION__); - - res = atomicio(read, socket, buf, sizeof(buf)); - if (res != sizeof(buf)) - fatal("%s: read: %d", __FUNCTION__, res); - msg_len = GET_32BIT(buf); - if (msg_len > 256 * 1024) - fatal("%s: read: bad msg_len %d", __FUNCTION__, msg_len); - buffer_clear(m); - buffer_append_space(m, msg_len); - res = atomicio(read, socket, buffer_ptr(m), msg_len); - if (res != msg_len) - fatal("%s: read: %d != msg_len", __FUNCTION__, res); -} - -void -mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m) -{ - u_char rtype; - - debug3("%s entering: type %d", __FUNCTION__, type); - - mm_request_receive(socket, m); - rtype = buffer_get_char(m); - if (rtype != type) - fatal("%s: read: rtype %d != type %d", __FUNCTION__, - rtype, type); -} - -DH * -mm_choose_dh(int socket, int min, int nbits, int max) -{ - BIGNUM *p, *g; - int success = 0; - Buffer m; - - buffer_init(&m); - buffer_put_int(&m, min); - buffer_put_int(&m, nbits); - buffer_put_int(&m, max); - - mm_request_send(socket, MONITOR_REQ_MODULI, &m); - - debug3("%s: waiting for MONITOR_ANS_MODULI", __FUNCTION__); - mm_request_receive_expect(socket, MONITOR_ANS_MODULI, &m); - - success = buffer_get_char(&m); - if (success == 0) - fatal("%s: MONITOR_ANS_MODULI failed", __FUNCTION__); - - if ((p = BN_new()) == NULL) - fatal("%s: BN_new failed", __FUNCTION__); - if ((g = BN_new()) == NULL) - fatal("%s: BN_new failed", __FUNCTION__); - buffer_get_bignum2(&m, p); - buffer_get_bignum2(&m, g); - - debug3("%s: remaining %d", __FUNCTION__, buffer_len(&m)); - buffer_free(&m); - - return (dh_new_group(g, p)); -} - -int -mm_key_sign(int socket, int keyind, u_char **sigp, u_int *lenp, - u_char *data, u_int datalen) -{ - Buffer m; - - debug3("%s entering", __FUNCTION__); - - buffer_init(&m); - buffer_put_int(&m, keyind); - buffer_put_string(&m, data, datalen); - - mm_request_send(socket, MONITOR_REQ_SIGN, &m); - - debug3("%s: waiting for MONITOR_ANS_SIGN", __FUNCTION__); - mm_request_receive_expect(socket, MONITOR_ANS_SIGN, &m); - *sigp = buffer_get_string(&m, lenp); - buffer_free(&m); - - return (0); -} - -struct passwd * -mm_getpwnamallow(int socket, const char *login, int *allowed) -{ - Buffer m; - struct passwd *pw; - u_int pwlen; - - debug3("%s entering", __FUNCTION__); - - buffer_init(&m); - buffer_put_cstring(&m, login); - - mm_request_send(socket, MONITOR_REQ_PWNAM, &m); - - debug3("%s: waiting for MONITOR_ANS_PWNAM", __FUNCTION__); - mm_request_receive_expect(socket, MONITOR_ANS_PWNAM, &m); - - *allowed = buffer_get_char(&m); - if (*allowed == 0) { - buffer_free(&m); - return (NULL); - } - pw = buffer_get_string(&m, &pwlen); - if (pwlen != sizeof(struct passwd)) - fatal("%s: struct passwd size mismatch", __FUNCTION__); - pw->pw_name = buffer_get_string(&m, NULL); - pw->pw_passwd = buffer_get_string(&m, NULL); - pw->pw_gecos = buffer_get_string(&m, NULL); - pw->pw_class = buffer_get_string(&m, NULL); - pw->pw_dir = buffer_get_string(&m, NULL); - pw->pw_shell = buffer_get_string(&m, NULL); - buffer_free(&m); - - return (pw); -} - -void -pwfree(struct passwd *pw) -{ - xfree(pw->pw_name); - xfree(pw->pw_passwd); - xfree(pw->pw_gecos); - xfree(pw->pw_class); - xfree(pw->pw_dir); - xfree(pw->pw_shell); - xfree(pw); -} - -/* Inform the privileged process about service and style */ - -void -mm_inform_authserv(int socket, char *service, char *style) -{ - Buffer m; - - debug3("%s entering", __FUNCTION__); - - buffer_init(&m); - buffer_put_cstring(&m, service); - buffer_put_cstring(&m, style ? style : ""); - - mm_request_send(socket, MONITOR_REQ_AUTHSERV, &m); - - buffer_free(&m); -} - -/* Do the password authentication */ -int -mm_auth_password(int socket, char *password) -{ - Buffer m; - int authenticated = 0; - - debug3("%s entering", __FUNCTION__); - - buffer_init(&m); - buffer_put_cstring(&m, password); - mm_request_send(socket, MONITOR_REQ_AUTHPASSWORD, &m); - - debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __FUNCTION__); - mm_request_receive_expect(socket, MONITOR_ANS_AUTHPASSWORD, &m); - - authenticated = buffer_get_int(&m); - - buffer_free(&m); - - debug3("%s: user %sauthenticated", - __FUNCTION__, authenticated ? "" : "not "); - return (authenticated); -} - -int -mm_key_allowed(int socket, enum mm_keytype type, char *user, char *host, - Key *key) -{ - Buffer m; - u_char *blob; - u_int len; - int allowed = 0; - - debug3("%s entering", __FUNCTION__); - - /* Convert the key to a blob and the pass it over */ - if (!key_to_blob(key, &blob, &len)) - return (0); - - buffer_init(&m); - buffer_put_int(&m, type); - buffer_put_cstring(&m, user ? user : ""); - buffer_put_cstring(&m, host ? host : ""); - buffer_put_string(&m, blob, len); - xfree(blob); - - mm_request_send(socket, MONITOR_REQ_KEYALLOWED, &m); - - debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __FUNCTION__); - mm_request_receive_expect(socket, MONITOR_ANS_KEYALLOWED, &m); - - allowed = buffer_get_int(&m); - - buffer_free(&m); - - return (allowed); -} - -/* - * This key verify needs to send the key type along, because the - * privileged parent makes the decision if the key is allowed - * for authentication. - */ - -int -mm_key_verify(int socket, enum mm_keytype type, char *user, char *host, - Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen) -{ - Buffer m; - u_char *blob; - u_int len; - int verified = 0; - - debug3("%s entering", __FUNCTION__); - - /* Convert the key to a blob and the pass it over */ - if (!key_to_blob(key, &blob, &len)) - return (0); - - buffer_init(&m); - buffer_put_int(&m, type); - buffer_put_cstring(&m, user ? user : ""); - buffer_put_cstring(&m, host ? host : ""); - buffer_put_string(&m, blob, len); - buffer_put_string(&m, sig, siglen); - buffer_put_string(&m, data, datalen); - xfree(blob); - - mm_request_send(socket, MONITOR_REQ_KEYVERIFY, &m); - - debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __FUNCTION__); - mm_request_receive_expect(socket, MONITOR_ANS_KEYVERIFY, &m); - - verified = buffer_get_int(&m); - - buffer_free(&m); - - return (verified); -} - -/* Export key state after authentication */ -Newkeys * -mm_newkeys_from_blob(u_char *blob, int blen) -{ - Buffer b; - int rlen; - Newkeys *newkey = NULL; - Enc *enc; - Mac *mac; - Comp *comp; - - debug3("%s: %p(%d)", __FUNCTION__, blob, blen); -#ifdef DEBUG_PK - dump_base64(stderr, blob, blen); -#endif - buffer_init(&b); - buffer_append(&b, blob, blen); - - newkey = xmalloc(sizeof(*newkey)); - enc = &newkey->enc; - mac = &newkey->mac; - comp = &newkey->comp; - - /* Enc structure */ - enc->name = buffer_get_string(&b, NULL); - buffer_get(&b, &enc->cipher, sizeof(enc->cipher)); - enc->enabled = buffer_get_int(&b); - enc->key_len = buffer_get_int(&b); - enc->block_size = buffer_get_int(&b); - enc->key = xmalloc(enc->key_len); - buffer_get(&b, enc->key, enc->key_len); - enc->iv = xmalloc(enc->block_size); - buffer_get(&b, enc->iv, enc->block_size); - - if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) - fatal("%s: bad cipher name %s or pointer %p", __FUNCTION__, - enc->name, enc->cipher); - - /* Mac structure */ - mac->name = buffer_get_string(&b, NULL); - if (mac->name == NULL || mac_init(mac, mac->name) == -1) - fatal("%s: can not init mac %s", __FUNCTION__, mac->name); - mac->enabled = buffer_get_int(&b); - mac->key = xmalloc(mac->key_len); - buffer_get(&b, mac->key, mac->key_len); - - /* Comp structure */ - comp->type = buffer_get_int(&b); - comp->enabled = buffer_get_int(&b); - comp->name = buffer_get_string(&b, NULL); - - rlen = buffer_len(&b); - if (rlen != 0) - error("newkeys_from_blob: remaining bytes in blob %d", rlen); - buffer_free(&b); - return (newkey); -} - -int -mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp) -{ - Buffer b; - int len; - u_char *buf; - Enc *enc; - Mac *mac; - Comp *comp; - Newkeys *newkey = newkeys[mode]; - - debug3("%s: converting %p", __FUNCTION__, newkey); - - if (newkey == NULL) { - error("%s: newkey == NULL", __FUNCTION__); - return 0; - } - enc = &newkey->enc; - mac = &newkey->mac; - comp = &newkey->comp; - - buffer_init(&b); - /* Enc structure */ - buffer_put_cstring(&b, enc->name); - /* The cipher struct is constant and shared, you export pointer */ - buffer_append(&b, &enc->cipher, sizeof(enc->cipher)); - buffer_put_int(&b, enc->enabled); - buffer_put_int(&b, enc->key_len); - buffer_put_int(&b, enc->block_size); - buffer_append(&b, enc->key, enc->key_len); - packet_get_keyiv(mode, enc->iv, enc->block_size); - buffer_append(&b, enc->iv, enc->block_size); - - /* Mac structure */ - buffer_put_cstring(&b, mac->name); - buffer_put_int(&b, mac->enabled); - buffer_append(&b, mac->key, mac->key_len); - - /* Comp structure */ - buffer_put_int(&b, comp->type); - buffer_put_int(&b, comp->enabled); - buffer_put_cstring(&b, comp->name); - - len = buffer_len(&b); - buf = xmalloc(len); - memcpy(buf, buffer_ptr(&b), len); - memset(buffer_ptr(&b), 0, len); - buffer_free(&b); - if (lenp != NULL) - *lenp = len; - if (blobp != NULL) - *blobp = buf; - return len; -} - -void -mm_send_keystate(int socket) -{ - Buffer m; - u_char *blob, *p; - u_int bloblen, plen; - - debug3("%s: Sending new keys: %p %p", - __FUNCTION__, newkeys[MODE_OUT], newkeys[MODE_IN]); - - buffer_init(&m); - - /* Keys from Kex */ - if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) - fatal("%s: conversion of newkeys failed", __FUNCTION__); - - buffer_put_string(&m, blob, bloblen); - xfree(blob); - - if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen)) - fatal("%s: conversion of newkeys failed", __FUNCTION__); - - buffer_put_string(&m, blob, bloblen); - xfree(blob); - - buffer_put_int(&m, packet_get_seqnr(MODE_OUT)); - buffer_put_int(&m, packet_get_seqnr(MODE_IN)); - - debug3("%s: New keys have been sent", __FUNCTION__); - - /* More key context */ - plen = packet_get_keycontext(MODE_OUT, NULL); - p = xmalloc(plen+1); - packet_get_keycontext(MODE_OUT, p); - buffer_put_string(&m, p, plen); - xfree(p); - - plen = packet_get_keycontext(MODE_IN, NULL); - p = xmalloc(plen+1); - packet_get_keycontext(MODE_IN, p); - buffer_put_string(&m, p, plen); - xfree(p); - - /* Compression state */ - debug3("%s: Sending compression state", __FUNCTION__); - buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); - buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); - - mm_request_send(socket, MONITOR_REQ_KEYEXPORT, &m); - debug3("%s: Finished sending state", __FUNCTION__); - - buffer_free(&m); -} - -int -mm_pty_allocown(int socket, int *ptyfd, int *ttyfd, - char *namebuf, int namebuflen) -{ - Buffer m; - u_char *p; - int success = 0; - - buffer_init(&m); - mm_request_send(socket, MONITOR_REQ_PTY, &m); - - debug3("%s: waiting for MONITOR_ANS_PTY", __FUNCTION__); - mm_request_receive_expect(socket, MONITOR_ANS_PTY, &m); - - success = buffer_get_int(&m); - if (success == 0) { - debug3("%s: pty alloc failed", __FUNCTION__); - buffer_free(&m); - return (0); - } - p = buffer_get_string(&m, NULL); - buffer_free(&m); - - strlcpy(namebuf, p, namebuflen); /* Possible truncation */ - xfree(p); - - *ptyfd = mm_receive_fd(socket); - *ttyfd = mm_receive_fd(socket); - - /* Success */ - return (1); -} - -/* Request process termination */ - -void -mm_terminate(int socket) -{ - Buffer m; - - buffer_init(&m); - mm_request_send(socket, MONITOR_REQ_TERM, &m); - buffer_free(&m); -} -- 2.45.2