11305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* $OpenBSD: monitor.c,v 1.115 2011/06/23 23:35:42 djm Exp $ */ 21305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 31305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Copyright 2002 Niels Provos <provos@citi.umich.edu> 41305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Copyright 2002 Markus Friedl <markus@openbsd.org> 51305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * All rights reserved. 61305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 71305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Redistribution and use in source and binary forms, with or without 81305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * modification, are permitted provided that the following conditions 91305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * are met: 101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 1. Redistributions of source code must retain the above copyright 111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * notice, this list of conditions and the following disclaimer. 121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 2. Redistributions in binary form must reproduce the above copyright 131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * notice, this list of conditions and the following disclaimer in the 141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * documentation and/or other materials provided with the distribution. 151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "includes.h" 291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <sys/types.h> 311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <sys/param.h> 321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <sys/socket.h> 331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "openbsd-compat/sys-tree.h" 341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <sys/wait.h> 351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <errno.h> 371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <fcntl.h> 381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef HAVE_PATHS_H 391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <paths.h> 401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <pwd.h> 421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <signal.h> 431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <stdarg.h> 441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <stdlib.h> 451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <string.h> 461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <unistd.h> 471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef HAVE_POLL_H 481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <poll.h> 491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#else 501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifdef HAVE_SYS_POLL_H 511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# include <sys/poll.h> 521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SKEY 561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <skey.h> 571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <openssl/dh.h> 601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "openbsd-compat/sys-queue.h" 621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "atomicio.h" 631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "xmalloc.h" 641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "ssh.h" 651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "key.h" 661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "buffer.h" 671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "hostfile.h" 681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "auth.h" 691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "cipher.h" 701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "kex.h" 711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "dh.h" 721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ 731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#undef TARGET_OS_MAC 741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "zlib.h" 751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define TARGET_OS_MAC 1 761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#else 771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "zlib.h" 781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "packet.h" 801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "auth-options.h" 811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "sshpty.h" 821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "channels.h" 831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "session.h" 841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "sshlogin.h" 851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "canohost.h" 861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "log.h" 871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "servconf.h" 881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "monitor.h" 891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "monitor_mm.h" 901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef GSSAPI 911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "ssh-gss.h" 921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "monitor_wrap.h" 941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "monitor_fdpass.h" 951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "misc.h" 961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "compat.h" 971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "ssh2.h" 981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "jpake.h" 991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "roaming.h" 1001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef GSSAPI 1021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic Gssctxt *gsscontext = NULL; 1031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 1041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Imports */ 1061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern ServerOptions options; 1071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern u_int utmp_len; 1081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern Newkeys *current_keys[]; 1091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern z_stream incoming_stream; 1101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern z_stream outgoing_stream; 1111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern u_char session_id[]; 1121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern Buffer auth_debug; 1131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern int auth_debug_init; 1141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern Buffer loginmsg; 1151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* State exported from the child */ 1171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct { 1191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood z_stream incoming; 1201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood z_stream outgoing; 1211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *keyin; 1221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int keyinlen; 1231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *keyout; 1241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int keyoutlen; 1251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *ivin; 1261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int ivinlen; 1271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *ivout; 1281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int ivoutlen; 1291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *ssh1key; 1301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int ssh1keylen; 1311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int ssh1cipher; 1321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int ssh1protoflags; 1331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *input; 1341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int ilen; 1351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *output; 1361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int olen; 1371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int64_t sent_bytes; 1381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int64_t recv_bytes; 1391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} child_state; 1401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Functions on the monitor that answer unprivileged requests */ 1421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_moduli(int, Buffer *); 1441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_sign(int, Buffer *); 1451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pwnamallow(int, Buffer *); 1461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_auth2_read_banner(int, Buffer *); 1471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_authserv(int, Buffer *); 1481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_authpassword(int, Buffer *); 1491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_bsdauthquery(int, Buffer *); 1501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_bsdauthrespond(int, Buffer *); 1511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_skeyquery(int, Buffer *); 1521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_skeyrespond(int, Buffer *); 1531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_keyallowed(int, Buffer *); 1541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_keyverify(int, Buffer *); 1551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pty(int, Buffer *); 1561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pty_cleanup(int, Buffer *); 1571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_term(int, Buffer *); 1581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_rsa_keyallowed(int, Buffer *); 1591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_rsa_challenge(int, Buffer *); 1601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_rsa_response(int, Buffer *); 1611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_sesskey(int, Buffer *); 1621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_sessid(int, Buffer *); 1631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_jpake_get_pwdata(int, Buffer *); 1641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_jpake_step1(int, Buffer *); 1651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_jpake_step2(int, Buffer *); 1661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_jpake_key_confirm(int, Buffer *); 1671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_jpake_check_confirm(int, Buffer *); 1681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_PAM 1701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pam_start(int, Buffer *); 1711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pam_account(int, Buffer *); 1721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pam_init_ctx(int, Buffer *); 1731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pam_query(int, Buffer *); 1741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pam_respond(int, Buffer *); 1751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_pam_free_ctx(int, Buffer *); 1761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 1771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef GSSAPI 1791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_gss_setup_ctx(int, Buffer *); 1801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_gss_accept_ctx(int, Buffer *); 1811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_gss_userok(int, Buffer *); 1821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_gss_checkmic(int, Buffer *); 1831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 1841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SSH_AUDIT_EVENTS 1861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_audit_event(int, Buffer *); 1871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_audit_command(int, Buffer *); 1881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 1891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic int monitor_read_log(struct monitor *); 1911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic Authctxt *authctxt; 1931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ 1941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* local state for key verify */ 1961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic u_char *key_blob = NULL; 1971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic u_int key_bloblen = 0; 1981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic int key_blobtype = MM_NOKEY; 1991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic char *hostbased_cuser = NULL; 2001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic char *hostbased_chost = NULL; 2011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic char *auth_method = "unknown"; 2021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic u_int session_id2_len = 0; 2031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic u_char *session_id2 = NULL; 2041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic pid_t monitor_child_pid; 2051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct mon_table { 2071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood enum monitor_reqtype type; 2081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int flags; 2091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int (*f)(int, Buffer *); 2101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood}; 2111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define MON_ISAUTH 0x0004 /* Required for Authentication */ 2131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define MON_AUTHDECIDE 0x0008 /* Decides Authentication */ 2141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define MON_ONCE 0x0010 /* Disable after calling */ 2151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define MON_ALOG 0x0020 /* Log auth attempt without authenticating */ 2161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE) 2181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define MON_PERMIT 0x1000 /* Request is permitted */ 2201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct mon_table mon_dispatch_proto20[] = { 2221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, 2231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, 2241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, 2251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, 2261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, 2271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, 2281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_PAM 2291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, 2301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, 2311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx}, 2321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query}, 2331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, 2341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, 2351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SSH_AUDIT_EVENTS 2371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, 2381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef BSD_AUTH 2401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, 2411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, 2421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SKEY 2441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 2451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 2461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, 2481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, 2491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef GSSAPI 2501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx}, 2511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx}, 2521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok}, 2531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, 2541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef JPAKE 2561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata}, 2571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_JPAKE_STEP1, MON_ISAUTH, mm_answer_jpake_step1}, 2581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_JPAKE_STEP2, MON_ONCE, mm_answer_jpake_step2}, 2591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_JPAKE_KEY_CONFIRM, MON_ONCE, mm_answer_jpake_key_confirm}, 2601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_JPAKE_CHECK_CONFIRM, MON_AUTH, mm_answer_jpake_check_confirm}, 2611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {0, 0, NULL} 2631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood}; 2641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct mon_table mon_dispatch_postauth20[] = { 2661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, 2671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SIGN, 0, mm_answer_sign}, 2681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PTY, 0, mm_answer_pty}, 2691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup}, 2701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_TERM, 0, mm_answer_term}, 2711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SSH_AUDIT_EVENTS 2721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, 2731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, 2741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {0, 0, NULL} 2761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood}; 2771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 2781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct mon_table mon_dispatch_proto15[] = { 2791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, 2801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey}, 2811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid}, 2821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, 2831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_rsa_keyallowed}, 2841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_KEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_keyallowed}, 2851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge}, 2861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response}, 2871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef BSD_AUTH 2881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, 2891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, 2901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SKEY 2921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 2931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 2941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 2951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_PAM 2961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, 2971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, 2981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx}, 2991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query}, 3001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, 3011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, 3021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 3031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SSH_AUDIT_EVENTS 3041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, 3051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 3061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {0, 0, NULL} 3071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood}; 3081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct mon_table mon_dispatch_postauth15[] = { 3101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty}, 3111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup}, 3121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_TERM, 0, mm_answer_term}, 3131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SSH_AUDIT_EVENTS 3141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, 3151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command}, 3161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 3171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood {0, 0, NULL} 3181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood}; 3191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct mon_table *mon_dispatch; 3211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Specifies if a certain message is allowed at the moment */ 3231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 3251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit) 3261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 3271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (ent->f != NULL) { 3281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ent->type == type) { 3291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent->flags &= ~MON_PERMIT; 3301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent->flags |= permit ? MON_PERMIT : 0; 3311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return; 3321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent++; 3341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 3361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 3381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_permit_authentications(int permit) 3391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 3401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct mon_table *ent = mon_dispatch; 3411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (ent->f != NULL) { 3431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ent->flags & MON_AUTH) { 3441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent->flags &= ~MON_PERMIT; 3451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent->flags |= permit ? MON_PERMIT : 0; 3461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent++; 3481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 3501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 3521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) 3531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 3541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct mon_table *ent; 3551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int authenticated = 0; 3561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("preauth child monitor started"); 3581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(pmonitor->m_recvfd); 3601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(pmonitor->m_log_sendfd); 3611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; 3621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt = _authctxt; 3641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memset(authctxt, 0, sizeof(*authctxt)); 3651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->loginmsg = &loginmsg; 3671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (compat20) { 3691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon_dispatch = mon_dispatch_proto20; 3701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Permit requests for moduli and signatures */ 3721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); 3731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); 3741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 3751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon_dispatch = mon_dispatch_proto15; 3761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); 3781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 3791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* The first few requests do not require asynchronous access */ 3811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (!authenticated) { 3821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "unknown"; 3831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1); 3841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (authenticated) { 3851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!(ent->flags & MON_AUTHDECIDE)) 3861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: unexpected authentication from %d", 3871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, ent->type); 3881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (authctxt->pw->pw_uid == 0 && 3891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood !auth_root_allowed(auth_method)) 3901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authenticated = 0; 3911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_PAM 3921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* PAM needs to perform account checks after auth */ 3931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.use_pam && authenticated) { 3941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Buffer m; 3951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 3961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&m); 3971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_receive_expect(pmonitor->m_sendfd, 3981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood MONITOR_REQ_PAM_ACCOUNT, &m); 3991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); 4001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_free(&m); 4011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 4031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { 4061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_log(authctxt, authenticated, auth_method, 4071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood compat20 ? " ssh2" : ""); 4081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!authenticated) 4091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->failures++; 4101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef JPAKE 4121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Cleanup JPAKE context after authentication */ 4131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ent->flags & MON_AUTHDECIDE) { 4141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (authctxt->jpake_ctx != NULL) { 4151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood jpake_free(authctxt->jpake_ctx); 4161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->jpake_ctx = NULL; 4171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 4201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Drain any buffered messages from the child */ 4231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) 4241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ; 4251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!authctxt->valid) 4271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: authenticated invalid user", __func__); 4281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(auth_method, "unknown") == 0) 4291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: authentication method name unknown", __func__); 4301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug("%s: %s has been authenticated by privileged process", 4321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, authctxt->user); 4331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_get_keystate(pmonitor); 4351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(pmonitor->m_sendfd); 4371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(pmonitor->m_log_recvfd); 4381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1; 4391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 4401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 4421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_set_child_handler(pid_t pid) 4431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 4441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_child_pid = pid; 4451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 4461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 4481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_child_handler(int sig) 4491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 4501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kill(monitor_child_pid, sig); 4511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 4521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 4541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_child_postauth(struct monitor *pmonitor) 4551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 4561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(pmonitor->m_recvfd); 4571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pmonitor->m_recvfd = -1; 4581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_set_child_handler(pmonitor->m_pid); 4601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood signal(SIGHUP, &monitor_child_handler); 4611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood signal(SIGTERM, &monitor_child_handler); 4621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood signal(SIGINT, &monitor_child_handler); 4631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (compat20) { 4651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon_dispatch = mon_dispatch_postauth20; 4661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Permit requests for moduli and signatures */ 4681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); 4691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); 4701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); 4711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 4721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon_dispatch = mon_dispatch_postauth15; 4731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); 4741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!no_pty_flag) { 4761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); 4771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1); 4781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (;;) 4811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_read(pmonitor, mon_dispatch, NULL); 4821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(pmonitor->m_sendfd); 4841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pmonitor->m_sendfd = -1; 4851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 4861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 4881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_sync(struct monitor *pmonitor) 4891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 4901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.compression) { 4911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* The member allocation is not visible, so sync it */ 4921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_share_sync(&pmonitor->m_zlib, &pmonitor->m_zback); 4931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 4941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 4951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 4961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic int 4971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_read_log(struct monitor *pmonitor) 4981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 4991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Buffer logmsg; 5001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int len, level; 5011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *msg; 5021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&logmsg); 5041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Read length */ 5061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append_space(&logmsg, 4); 5071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (atomicio(read, pmonitor->m_log_recvfd, 5081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg)) { 5091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (errno == EPIPE) { 5101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug("%s: child log fd closed", __func__); 5111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(pmonitor->m_log_recvfd); 5121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pmonitor->m_log_recvfd = -1; 5131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return -1; 5141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: log fd read: %s", __func__, strerror(errno)); 5161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len = buffer_get_int(&logmsg); 5181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (len <= 4 || len > 8192) 5191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: invalid log message length %u", __func__, len); 5201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Read severity, message */ 5221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(&logmsg); 5231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append_space(&logmsg, len); 5241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (atomicio(read, pmonitor->m_log_recvfd, 5251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg)) 5261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: log fd read: %s", __func__, strerror(errno)); 5271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Log it */ 5291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood level = buffer_get_int(&logmsg); 5301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood msg = buffer_get_string(&logmsg, NULL); 5311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (log_level_name(level) == NULL) 5321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: invalid log level %u (corrupted message?)", 5331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, level); 5341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood do_log2(level, "%s [preauth]", msg); 5351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_free(&logmsg); 5371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(msg); 5381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 5401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 5411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 5431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_read(struct monitor *pmonitor, struct mon_table *ent, 5441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct mon_table **pent) 5451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 5461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Buffer m; 5471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int ret; 5481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char type; 5491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct pollfd pfd[2]; 5501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (;;) { 5521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(&pfd, sizeof(pfd)); 5531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pfd[0].fd = pmonitor->m_sendfd; 5541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pfd[0].events = POLLIN; 5551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pfd[1].fd = pmonitor->m_log_recvfd; 5561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pfd[1].events = pfd[1].fd == -1 ? 0 : POLLIN; 5571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (poll(pfd, pfd[1].fd == -1 ? 1 : 2, -1) == -1) { 5581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (errno == EINTR || errno == EAGAIN) 5591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood continue; 5601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: poll: %s", __func__, strerror(errno)); 5611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pfd[1].revents) { 5631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* 5641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Drain all log messages before processing next 5651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * monitor request. 5661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 5671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_read_log(pmonitor); 5681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood continue; 5691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pfd[0].revents) 5711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; /* Continues below */ 5721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&m); 5751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_receive(pmonitor->m_sendfd, &m); 5771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood type = buffer_get_char(&m); 5781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: checking request %d", __func__, type); 5801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (ent->f != NULL) { 5821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ent->type == type) 5831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 5841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent++; 5851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 5861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ent->f != NULL) { 5881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!(ent->flags & MON_PERMIT)) 5891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: unpermitted request %d", __func__, 5901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood type); 5911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ret = (*ent->f)(pmonitor->m_sendfd, &m); 5921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_free(&m); 5931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 5941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* The child may use this request only once, disable it */ 5951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ent->flags & MON_ONCE) { 5961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug2("%s: %d used once, disabling now", __func__, 5971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood type); 5981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ent->flags &= ~MON_PERMIT; 5991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 6001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pent != NULL) 6021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *pent = ent; 6031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return ret; 6051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 6061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: unsupported request: %d", __func__, type); 6081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* NOTREACHED */ 6101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (-1); 6111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 6121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* allowed key state */ 6141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic int 6151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_allowed_key(u_char *blob, u_int bloblen) 6161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 6171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* make sure key is allowed */ 6181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key_blob == NULL || key_bloblen != bloblen || 6191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood timingsafe_bcmp(key_blob, blob, key_bloblen)) 6201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 6211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (1); 6221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 6231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 6251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_reset_key_state(void) 6261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 6271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* reset state */ 6281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key_blob != NULL) 6291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(key_blob); 6301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (hostbased_cuser != NULL) 6311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(hostbased_cuser); 6321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (hostbased_chost != NULL) 6331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(hostbased_chost); 6341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_blob = NULL; 6351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_bloblen = 0; 6361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_blobtype = MM_NOKEY; 6371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood hostbased_cuser = NULL; 6381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood hostbased_chost = NULL; 6391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 6401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 6421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_moduli(int sock, Buffer *m) 6431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 6441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood DH *dh; 6451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int min, want, max; 6461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood min = buffer_get_int(m); 6481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood want = buffer_get_int(m); 6491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood max = buffer_get_int(m); 6501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: got parameters: %d %d %d", 6521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, min, want, max); 6531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* We need to check here, too, in case the child got corrupted */ 6541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (max < min || want < min || max < want) 6551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad parameters: %d %d %d", 6561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, min, want, max); 6571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 6591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood dh = choose_dh(min, want, max); 6611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (dh == NULL) { 6621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_char(m, 0); 6631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 6641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 6651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Send first bignum */ 6661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_char(m, 1); 6671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_bignum2(m, dh->p); 6681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_bignum2(m, dh->g); 6691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood DH_free(dh); 6711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 6721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_MODULI, m); 6731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 6741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 6751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 6771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_sign(int sock, Buffer *m) 6781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 6791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Key *key; 6801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *p; 6811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *signature; 6821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int siglen, datlen; 6831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int keyid; 6841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s", __func__); 6861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood keyid = buffer_get_int(m); 6881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(m, &datlen); 6891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* 6911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Supported KEX types use SHA1 (20 bytes), SHA256 (32 bytes), 6921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * SHA384 (48 bytes) and SHA512 (64 bytes). 6931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 6941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (datlen != 20 && datlen != 32 && datlen != 48 && datlen != 64) 6951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: data length incorrect: %u", __func__, datlen); 6961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 6971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* save session id, it will be passed on the first call */ 6981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (session_id2_len == 0) { 6991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_id2_len = datlen; 7001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_id2 = xmalloc(session_id2_len); 7011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memcpy(session_id2, p, session_id2_len); 7021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 7031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((key = get_hostkey_by_index(keyid)) == NULL) 7051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: no hostkey from index %d", __func__, keyid); 7061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key_sign(key, &signature, &siglen, p, datlen) < 0) 7071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: key_sign failed", __func__); 7081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: signature %p(%u)", __func__, signature, siglen); 7101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 7121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, signature, siglen); 7131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 7151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(signature); 7161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_SIGN, m); 7181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Turn on permissions for getpwnam */ 7201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); 7211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 7231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 7241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Retrieves the password entry and also checks if the user is permitted */ 7261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 7281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pwnamallow(int sock, Buffer *m) 7291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 7301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *username; 7311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct passwd *pwent; 7321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int allowed = 0; 7331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int i; 7341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s", __func__); 7361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (authctxt->attempt++ != 0) 7381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: multiple attempts for getpwnam", __func__); 7391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood username = buffer_get_string(m, NULL); 7411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pwent = getpwnamallow(username); 7431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->user = xstrdup(username); 7451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood setproctitle("%s [priv]", pwent ? username : "unknown"); 7461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(username); 7471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 7491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pwent == NULL) { 7511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_char(m, 0); 7521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->pw = fakepw(); 7531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto out; 7541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 7551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood allowed = 1; 7571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->pw = pwent; 7581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->valid = 1; 7591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_char(m, 1); 7611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, pwent, sizeof(struct passwd)); 7621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, pwent->pw_name); 7631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, "*"); 764d62cf1eb84c245692d63a45c9ef71583bd2bfda1Mike Lockwood#ifdef HAVE_PW_GECOS_IN_PASSWD 7651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, pwent->pw_gecos); 766d62cf1eb84c245692d63a45c9ef71583bd2bfda1Mike Lockwood#endif 7671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef HAVE_PW_CLASS_IN_PASSWD 7681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, pwent->pw_class); 7691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 7701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, pwent->pw_dir); 7711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, pwent->pw_shell); 7721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood out: 7741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, &options, sizeof(options)); 7751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define M_CP_STROPT(x) do { \ 7771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.x != NULL) \ 7781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, options.x); \ 7791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } while (0) 7801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define M_CP_STRARRAYOPT(x, nx) do { \ 7811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < options.nx; i++) \ 7821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, options.x[i]); \ 7831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } while (0) 7841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* See comment in servconf.h */ 7851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood COPY_MATCH_STRING_OPTS(); 7861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#undef M_CP_STROPT 7871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#undef M_CP_STRARRAYOPT 7881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); 7901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PWNAM, m); 7911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 7921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* For SSHv1 allow authentication now */ 7931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!compat20) 7941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit_authentications(1); 7951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else { 7961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Allow service/style information on the auth context */ 7971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); 7981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); 7991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 8001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_PAM 8011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.use_pam) 8021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1); 8031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 8041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 8061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 8071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint mm_answer_auth2_read_banner(int sock, Buffer *m) 8091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 8101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *banner; 8111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 8131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood banner = auth2_read_banner(); 8141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, banner != NULL ? banner : ""); 8151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m); 8161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (banner != NULL) 8181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(banner); 8191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 8211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 8221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 8241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_authserv(int sock, Buffer *m) 8251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 8261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit_authentications(1); 8271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->service = buffer_get_string(m, NULL); 8291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->style = buffer_get_string(m, NULL); 8301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: service=%s, style=%s", 8311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, authctxt->service, authctxt->style); 8321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strlen(authctxt->style) == 0) { 8341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(authctxt->style); 8351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->style = NULL; 8361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 8371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 8391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 8401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 8421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_authpassword(int sock, Buffer *m) 8431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 8441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood static int call_count; 8451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *passwd; 8461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int authenticated; 8471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int plen; 8481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood passwd = buffer_get_string(m, &plen); 8501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Only authenticate if the context is valid */ 8511b6cc98e30329f380546d5f22b1c9c975e3df4f8Mike Lockwood#ifndef ANDROID 8521b6cc98e30329f380546d5f22b1c9c975e3df4f8Mike Lockwood /* no password authentication in android */ 8531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authenticated = options.password_authentication && 8541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_password(authctxt, passwd); 8551b6cc98e30329f380546d5f22b1c9c975e3df4f8Mike Lockwood#else 8561b6cc98e30329f380546d5f22b1c9c975e3df4f8Mike Lockwood authenticated = 0; 8571b6cc98e30329f380546d5f22b1c9c975e3df4f8Mike Lockwood#endif 8581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memset(passwd, 0, strlen(passwd)); 8591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(passwd); 8601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 8621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, authenticated); 8631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending result %d", __func__, authenticated); 8651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m); 8661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood call_count++; 8681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (plen == 0 && call_count == 1) 8691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "none"; 8701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood else 8711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "password"; 8721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Causes monitor loop to terminate if authenticated */ 8741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (authenticated); 8751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 8761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef BSD_AUTH 8781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 8791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_bsdauthquery(int sock, Buffer *m) 8801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 8811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *name, *infotxt; 8821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int numprompts; 8831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int *echo_on; 8841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char **prompts; 8851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int success; 8861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood success = bsdauth_query(authctxt, &name, &infotxt, &numprompts, 8881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &prompts, &echo_on) < 0 ? 0 : 1; 8891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 8911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, success); 8921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (success) 8931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, prompts[0]); 8941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending challenge success: %u", __func__, success); 8961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m); 8971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 8981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (success) { 8991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(name); 9001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(infotxt); 9011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(prompts); 9021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(echo_on); 9031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 9041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 9061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 9071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 9091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_bsdauthrespond(int sock, Buffer *m) 9101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 9111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *response; 9121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int authok; 9131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (authctxt->as == 0) 9151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: no bsd auth session", __func__); 9161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood response = buffer_get_string(m, NULL); 9181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authok = options.challenge_response_authentication && 9191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_userresponse(authctxt->as, response, 0); 9201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->as = NULL; 9211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: <%s> = <%d>", __func__, response, authok); 9221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(response); 9231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 9251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, authok); 9261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending authenticated: %d", __func__, authok); 9281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m); 9291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "bsdauth"; 9311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (authok != 0); 9331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 9341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 9351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SKEY 9371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 9381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_skeyquery(int sock, Buffer *m) 9391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 9401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct skey skey; 9411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char challenge[1024]; 9421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int success; 9431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood success = _compat_skeychallenge(&skey, authctxt->user, challenge, 9451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sizeof(challenge)) < 0 ? 0 : 1; 9461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 9481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, success); 9491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (success) 9501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, challenge); 9511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending challenge success: %u", __func__, success); 9531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m); 9541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 9561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 9571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 9591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_skeyrespond(int sock, Buffer *m) 9601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 9611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *response; 9621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int authok; 9631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood response = buffer_get_string(m, NULL); 9651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authok = (options.challenge_response_authentication && 9671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->valid && 9681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood skey_haskey(authctxt->pw->pw_name) == 0 && 9691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood skey_passcheck(authctxt->pw->pw_name, response) != -1); 9701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(response); 9721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 9741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, authok); 9751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending authenticated: %d", __func__, authok); 9771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m); 9781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "skey"; 9801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (authok != 0); 9821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 9831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 9841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_PAM 9861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 9871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pam_start(int sock, Buffer *m) 9881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 9891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!options.use_pam) 9901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("UsePAM not set, but ended up in %s anyway", __func__); 9911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood start_pam(authctxt); 9931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1); 9951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 9971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 9981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 9991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 10001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pam_account(int sock, Buffer *m) 10011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 10021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int ret; 10031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!options.use_pam) 10051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("UsePAM not set, but ended up in %s anyway", __func__); 10061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ret = do_pam_account(); 10081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, ret); 10101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg)); 10111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); 10131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (ret); 10151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 10161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void *sshpam_ctxt, *sshpam_authok; 10181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern KbdintDevice sshpam_device; 10191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 10211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pam_init_ctx(int sock, Buffer *m) 10221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 10231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s", __func__); 10251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->user = buffer_get_string(m, NULL); 10261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); 10271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sshpam_authok = NULL; 10281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 10291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (sshpam_ctxt != NULL) { 10301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); 10311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, 1); 10321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 10331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, 0); 10341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 10351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m); 10361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 10371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 10381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 10401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pam_query(int sock, Buffer *m) 10411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 10421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *name = NULL, *info = NULL, **prompts = NULL; 10431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int i, num = 0, *echo_on = 0; 10441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int ret; 10451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s", __func__); 10471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sshpam_authok = NULL; 10481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ret = (sshpam_device.query)(sshpam_ctxt, &name, &info, &num, &prompts, &echo_on); 10491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ret == 0 && num == 0) 10501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sshpam_authok = sshpam_ctxt; 10511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (num > 1 || name == NULL || info == NULL) 10521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ret = -1; 10531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 10541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, ret); 10551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, name); 10561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(name); 10571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, info); 10581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(info); 10591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, num); 10601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < num; ++i) { 10611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, prompts[i]); 10621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(prompts[i]); 10631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, echo_on[i]); 10641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 10651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (prompts != NULL) 10661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(prompts); 10671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (echo_on != NULL) 10681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(echo_on); 10691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "keyboard-interactive/pam"; 10701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m); 10711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 10721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 10731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 10751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pam_respond(int sock, Buffer *m) 10761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 10771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char **resp; 10781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int i, num; 10791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int ret; 10801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 10811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s", __func__); 10821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sshpam_authok = NULL; 10831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood num = buffer_get_int(m); 10841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (num > 0) { 10851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood resp = xcalloc(num, sizeof(char *)); 10861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < num; ++i) 10871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood resp[i] = buffer_get_string(m, NULL); 10881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); 10891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < num; ++i) 10901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(resp[i]); 10911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(resp); 10921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 10931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); 10941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 10951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 10961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, ret); 10971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); 10981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "keyboard-interactive/pam"; 10991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ret == 0) 11001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sshpam_authok = sshpam_ctxt; 11011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 11021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 11031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 11051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pam_free_ctx(int sock, Buffer *m) 11061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 11071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s", __func__); 11091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (sshpam_device.free_ctx)(sshpam_ctxt); 11101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 11111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); 11121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "keyboard-interactive/pam"; 11131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (sshpam_authok == sshpam_ctxt); 11141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 11151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 11161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 11181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_keyallowed(int sock, Buffer *m) 11191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 11201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Key *key; 11211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *cuser, *chost; 11221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *blob; 11231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int bloblen; 11241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood enum mm_keytype type = 0; 11251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int allowed = 0; 11261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 11281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood type = buffer_get_int(m); 11301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cuser = buffer_get_string(m, NULL); 11311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood chost = buffer_get_string(m, NULL); 11321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(m, &bloblen); 11331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key = key_from_blob(blob, bloblen); 11351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((compat20 && type == MM_RSAHOSTKEY) || 11371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (!compat20 && type != MM_RSAHOSTKEY)) 11381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: key type and protocol mismatch", __func__); 11391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: key_from_blob: %p", __func__, key); 11411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key != NULL && authctxt->valid) { 11431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood switch (type) { 11441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case MM_USERKEY: 11451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood allowed = options.pubkey_authentication && 11461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood user_key_allowed(authctxt->pw, key); 11471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "publickey"; 11481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.pubkey_authentication && allowed != 1) 11491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_clear_options(); 11501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 11511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case MM_HOSTKEY: 11521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood allowed = options.hostbased_authentication && 11531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood hostbased_key_allowed(authctxt->pw, 11541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cuser, chost, key); 11551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "hostbased"; 11561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 11571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case MM_RSAHOSTKEY: 11581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key->type = KEY_RSA1; /* XXX */ 11591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood allowed = options.rhosts_rsa_authentication && 11601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_rhosts_rsa_key_allowed(authctxt->pw, 11611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cuser, chost, key); 11621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.rhosts_rsa_authentication && allowed != 1) 11631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_clear_options(); 11641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "rsa"; 11651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 11661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood default: 11671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: unknown key type %d", __func__, type); 11681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 11691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 11701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 11711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key != NULL) 11721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_free(key); 11731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* clear temporarily storage (used by verify) */ 11751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_reset_key_state(); 11761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (allowed) { 11781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Save temporarily for comparison in verify */ 11791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_blob = blob; 11801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_bloblen = bloblen; 11811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_blobtype = type; 11821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood hostbased_cuser = cuser; 11831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood hostbased_chost = chost; 11841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 11851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Log failed attempt */ 11861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_log(authctxt, 0, auth_method, compat20 ? " ssh2" : ""); 11871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 11881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(cuser); 11891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(chost); 11901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 11911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: key %p is %s", 11931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, key, allowed ? "allowed" : "not allowed"); 11941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 11961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, allowed); 11971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, forced_command != NULL); 11981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 11991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m); 12001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (type == MM_RSAHOSTKEY) 12021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); 12031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 12051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 12061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic int 12081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_valid_userblob(u_char *data, u_int datalen) 12091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 12101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Buffer b; 12111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *p; 12121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int len; 12131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int fail = 0; 12141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&b); 12161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append(&b, data, datalen); 12171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (datafellows & SSH_OLD_SESSIONID) { 12191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_ptr(&b); 12201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood len = buffer_len(&b); 12211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((session_id2 == NULL) || 12221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (len < session_id2_len) || 12231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) 12241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_consume(&b, session_id2_len); 12261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 12271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, &len); 12281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((session_id2 == NULL) || 12291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (len != session_id2_len) || 12301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) 12311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 12331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 12341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 12351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, NULL); 12371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(authctxt->user, p) != 0) { 12381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood logit("wrong user name passed to monitor: expected %s != %.100s", 12391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->user, p); 12401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 12421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 12431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_skip_string(&b); 12441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (datafellows & SSH_BUG_PKAUTH) { 12451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!buffer_get_char(&b)) 12461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 12481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, NULL); 12491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp("publickey", p) != 0) 12501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 12521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!buffer_get_char(&b)) 12531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_skip_string(&b); 12551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 12561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_skip_string(&b); 12571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (buffer_len(&b) != 0) 12581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_free(&b); 12601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (fail == 0); 12611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 12621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic int 12641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, 12651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *chost) 12661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 12671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Buffer b; 12681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *p; 12691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int len; 12701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int fail = 0; 12711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&b); 12731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append(&b, data, datalen); 12741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, &len); 12761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((session_id2 == NULL) || 12771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (len != session_id2_len) || 12781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) 12791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 12811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 12831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, NULL); 12851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(authctxt->user, p) != 0) { 12861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood logit("wrong user name passed to monitor: expected %s != %.100s", 12871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->user, p); 12881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 12901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 12911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_skip_string(&b); /* service */ 12921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, NULL); 12931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(p, "hostbased") != 0) 12941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 12951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 12961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_skip_string(&b); /* pkalg */ 12971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_skip_string(&b); /* pkblob */ 12981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 12991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* verify client host, strip trailing dot if necessary */ 13001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, NULL); 13011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (((len = strlen(p)) > 0) && p[len - 1] == '.') 13021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p[len - 1] = '\0'; 13031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(p, chost) != 0) 13041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 13051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 13061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* verify client user */ 13081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&b, NULL); 13091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (strcmp(p, cuser) != 0) 13101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 13111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 13121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (buffer_len(&b) != 0) 13141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fail++; 13151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_free(&b); 13161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (fail == 0); 13171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 13181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 13201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_keyverify(int sock, Buffer *m) 13211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 13221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Key *key; 13231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *signature, *data, *blob; 13241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int signaturelen, datalen, bloblen; 13251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int verified = 0; 13261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int valid_data = 0; 13271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(m, &bloblen); 13291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood signature = buffer_get_string(m, &signaturelen); 13301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood data = buffer_get_string(m, &datalen); 13311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (hostbased_cuser == NULL || hostbased_chost == NULL || 13331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood !monitor_allowed_key(blob, bloblen)) 13341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad key, not previously allowed", __func__); 13351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key = key_from_blob(blob, bloblen); 13371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key == NULL) 13381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad public key blob", __func__); 13391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood switch (key_blobtype) { 13411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case MM_USERKEY: 13421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood valid_data = monitor_valid_userblob(data, datalen); 13431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 13441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case MM_HOSTKEY: 13451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood valid_data = monitor_valid_hostbasedblob(data, datalen, 13461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood hostbased_cuser, hostbased_chost); 13471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 13481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood default: 13491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood valid_data = 0; 13501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 13511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!valid_data) 13531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad signature data blob", __func__); 13541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood verified = key_verify(key, signature, signaturelen, data, datalen); 13561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: key %p signature %s", 13571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, key, (verified == 1) ? "verified" : "unverified"); 13581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_free(key); 13601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 13611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(signature); 13621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(data); 13631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased"; 13651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_reset_key_state(); 13671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 13691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, verified); 13701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m); 13711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (verified == 1); 13731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 13741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 13761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_record_login(Session *s, struct passwd *pw) 13771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 13781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood socklen_t fromlen; 13791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct sockaddr_storage from; 13801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 13811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* 13821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Get IP address of client. If the connection is not a socket, let 13831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * the address be 0.0.0.0. 13841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 13851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memset(&from, 0, sizeof(from)); 13861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fromlen = sizeof(from); 13871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (packet_connection_is_on_socket()) { 13881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (getpeername(packet_get_connection_in(), 13891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (struct sockaddr *)&from, &fromlen) < 0) { 13901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug("getpeername: %.100s", strerror(errno)); 13911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cleanup_exit(255); 13921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 13941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Record that there was a login on that tty from the remote host. */ 13951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, 13961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood get_remote_name_or_ip(utmp_len, options.use_dns), 13971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (struct sockaddr *)&from, fromlen); 13981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 13991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 14011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_session_close(Session *s) 14021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 14031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid); 14041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (s->ttyfd != -1) { 14051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); 14061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_pty_cleanup2(s); 14071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 14081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_unused(s->self); 14091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 14101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 14121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pty(int sock, Buffer *m) 14131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 14141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood extern struct monitor *pmonitor; 14151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Session *s; 14161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int res, fd0; 14171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 14191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 14211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood s = session_new(); 14221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (s == NULL) 14231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto error; 14241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood s->authctxt = authctxt; 14251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood s->pw = authctxt->pw; 14261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood s->pid = pmonitor->m_pid; 14271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); 14281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (res == 0) 14291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto error; 14301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pty_setowner(authctxt->pw, s->tty); 14311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, 1); 14331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, s->tty); 14341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* We need to trick ttyslot */ 14361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (dup2(s->ttyfd, 0) == -1) 14371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: dup2", __func__); 14381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_record_login(s, authctxt->pw); 14401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Now we can close the file descriptor again */ 14421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(0); 14431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* send messages generated by record_login */ 14451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg)); 14461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(&loginmsg); 14471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PTY, m); 14491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (mm_send_fd(sock, s->ptyfd) == -1 || 14511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_send_fd(sock, s->ttyfd) == -1) 14521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: send fds failed", __func__); 14531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* make sure nothing uses fd 0 */ 14551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) 14561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: open(/dev/null): %s", __func__, strerror(errno)); 14571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fd0 != 0) 14581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood error("%s: fd0 %d != 0", __func__, fd0); 14591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* slave is not needed */ 14611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood close(s->ttyfd); 14621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood s->ttyfd = s->ptyfd; 14631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* no need to dup() because nobody closes ptyfd */ 14641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood s->ptymaster = s->ptyfd; 14651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd); 14671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 14691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood error: 14711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (s != NULL) 14721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_session_close(s); 14731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, 0); 14741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_PTY, m); 14751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 14761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 14771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 14791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_pty_cleanup(int sock, Buffer *m) 14801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 14811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Session *s; 14821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *tty; 14831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 14851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood tty = buffer_get_string(m, NULL); 14871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((s = session_by_tty(tty)) != NULL) 14881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_session_close(s); 14891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 14901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(tty); 14911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 14921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 14931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 14941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 14951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_sesskey(int sock, Buffer *m) 14961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 14971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood BIGNUM *p; 14981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int rsafail; 14991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Turn off permissions */ 15011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 0); 15021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((p = BN_new()) == NULL) 15041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: BN_new", __func__); 15051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_get_bignum2(m, p); 15071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood rsafail = ssh1_session_key(p); 15091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 15111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, rsafail); 15121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_bignum2(m, p); 15131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood BN_clear_free(p); 15151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_SESSKEY, m); 15171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Turn on permissions for sessid passing */ 15191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_SESSID, 1); 15201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 15221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 15231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 15251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_sessid(int sock, Buffer *m) 15261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 15271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int i; 15281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 15301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (buffer_len(m) != 16) 15321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad ssh1 session id", __func__); 15331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood for (i = 0; i < 16; i++) 15341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_id[i] = buffer_get_char(m); 15351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Turn on permissions for getpwnam */ 15371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); 15381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 15401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 15411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 15431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_rsa_keyallowed(int sock, Buffer *m) 15441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 15451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood BIGNUM *client_n; 15461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Key *key = NULL; 15471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *blob = NULL; 15481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int blen = 0; 15491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int allowed = 0; 15501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 15521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "rsa"; 15541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.rsa_authentication && authctxt->valid) { 15551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((client_n = BN_new()) == NULL) 15561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: BN_new", __func__); 15571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_get_bignum2(m, client_n); 15581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key); 15591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood BN_clear_free(client_n); 15601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 15611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 15621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, allowed); 15631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, forced_command != NULL); 15641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* clear temporarily storage (used by generate challenge) */ 15661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_reset_key_state(); 15671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (allowed && key != NULL) { 15691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key->type = KEY_RSA; /* cheat for key_to_blob */ 15701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key_to_blob(key, &blob, &blen) == 0) 15711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: key_to_blob failed", __func__); 15721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, blob, blen); 15731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Save temporarily for comparison in verify */ 15751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_blob = blob; 15761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_bloblen = blen; 15771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_blobtype = MM_RSAUSERKEY; 15781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 15791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key != NULL) 15801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_free(key); 15811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m); 15831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); 15851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 0); 15861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 15871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 15881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 15901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_rsa_challenge(int sock, Buffer *m) 15911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 15921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Key *key = NULL; 15931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *blob; 15941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int blen; 15951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 15971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 15981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!authctxt->valid) 15991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: authctxt not valid", __func__); 16001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(m, &blen); 16011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!monitor_allowed_key(blob, blen)) 16021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad key, not previously allowed", __func__); 16031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) 16041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: key type mismatch", __func__); 16051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((key = key_from_blob(blob, blen)) == NULL) 16061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: received bad key", __func__); 16071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key->type != KEY_RSA) 16081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: received bad key type %d", __func__, key->type); 16091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key->type = KEY_RSA1; 16101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ssh1_challenge) 16111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood BN_clear_free(ssh1_challenge); 16121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ssh1_challenge = auth_rsa_generate_challenge(key); 16131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 16151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_bignum2(m, ssh1_challenge); 16161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s sending reply", __func__); 16181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_RSACHALLENGE, m); 16191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); 16211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 16231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_free(key); 16241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 16251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 16261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 16281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_rsa_response(int sock, Buffer *m) 16291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 16301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Key *key = NULL; 16311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *blob, *response; 16321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int blen, len; 16331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int success; 16341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 16361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!authctxt->valid) 16381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: authctxt not valid", __func__); 16391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (ssh1_challenge == NULL) 16401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: no ssh1_challenge", __func__); 16411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(m, &blen); 16431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!monitor_allowed_key(blob, blen)) 16441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad key, not previously allowed", __func__); 16451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) 16461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: key type mismatch: %d", __func__, key_blobtype); 16471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((key = key_from_blob(blob, blen)) == NULL) 16481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: received bad key", __func__); 16491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood response = buffer_get_string(m, &len); 16501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (len != 16) 16511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: received bad response to challenge", __func__); 16521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood success = auth_rsa_verify_response(key, ssh1_challenge, response); 16531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 16551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood key_free(key); 16561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(response); 16571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = key_blobtype == MM_RSAUSERKEY ? "rsa" : "rhosts-rsa"; 16591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* reset state */ 16611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood BN_clear_free(ssh1_challenge); 16621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ssh1_challenge = NULL; 16631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_reset_key_state(); 16641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 16661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, success); 16671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_RSARESPONSE, m); 16681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (success); 16701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 16711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 16731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_term(int sock, Buffer *req) 16741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 16751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood extern struct monitor *pmonitor; 16761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int res, status; 16771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: tearing down sessions", __func__); 16791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* The child is terminating */ 16811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_destroy_all(&mm_session_close); 16821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_PAM 16841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.use_pam) 16851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sshpam_cleanup(); 16861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 16871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood while (waitpid(pmonitor->m_pid, &status, 0) == -1) 16891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (errno != EINTR) 16901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood exit(1); 16911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood res = WIFEXITED(status) ? WEXITSTATUS(status) : 1; 16931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Terminate process */ 16951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood exit(res); 16961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 16971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 16981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef SSH_AUDIT_EVENTS 16991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Report that an audit event occurred */ 17001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 17011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_audit_event(int socket, Buffer *m) 17021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 17031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ssh_audit_event_t event; 17041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 17061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood event = buffer_get_int(m); 17081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood switch(event) { 17091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case SSH_AUTH_FAIL_PUBKEY: 17101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case SSH_AUTH_FAIL_HOSTBASED: 17111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case SSH_AUTH_FAIL_GSSAPI: 17121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case SSH_LOGIN_EXCEED_MAXTRIES: 17131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case SSH_LOGIN_ROOT_DENIED: 17141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case SSH_CONNECTION_CLOSE: 17151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood case SSH_INVALID_USER: 17161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood audit_event(event); 17171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood break; 17181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood default: 17191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("Audit event type %d not permitted", event); 17201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 17211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 17231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 17241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 17261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_audit_command(int socket, Buffer *m) 17271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 17281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int len; 17291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *cmd; 17301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s entering", __func__); 17321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood cmd = buffer_get_string(m, &len); 17331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* sanity check command, if so how? */ 17341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood audit_run_command(cmd); 17351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(cmd); 17361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 17371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 17381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif /* SSH_AUDIT_EVENTS */ 17391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 17411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_apply_keystate(struct monitor *pmonitor) 17421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 17431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (compat20) { 17441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood set_newkeys(MODE_IN); 17451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood set_newkeys(MODE_OUT); 17461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 17471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_protocol_flags(child_state.ssh1protoflags); 17481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_encryption_key(child_state.ssh1key, 17491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.ssh1keylen, child_state.ssh1cipher); 17501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(child_state.ssh1key); 17511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 17521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* for rc4 and other stateful ciphers */ 17541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_keycontext(MODE_OUT, child_state.keyout); 17551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(child_state.keyout); 17561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_keycontext(MODE_IN, child_state.keyin); 17571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(child_state.keyin); 17581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!compat20) { 17601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_iv(MODE_OUT, child_state.ivout); 17611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(child_state.ivout); 17621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_iv(MODE_IN, child_state.ivin); 17631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(child_state.ivin); 17641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 17651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memcpy(&incoming_stream, &child_state.incoming, 17671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sizeof(incoming_stream)); 17681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memcpy(&outgoing_stream, &child_state.outgoing, 17691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood sizeof(outgoing_stream)); 17701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Update with new address */ 17721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.compression) 17731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_init_compression(pmonitor->m_zlib); 17741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Network I/O buffers */ 17761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* XXX inefficient for large buffers, need: buffer_init_from_string */ 17771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(packet_get_input()); 17781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append(packet_get_input(), child_state.input, child_state.ilen); 17791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memset(child_state.input, 0, child_state.ilen); 17801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(child_state.input); 17811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(packet_get_output()); 17831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append(packet_get_output(), child_state.output, 17841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.olen); 17851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memset(child_state.output, 0, child_state.olen); 17861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(child_state.output); 17871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Roaming */ 17891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (compat20) 17901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood roam_set_bytes(child_state.sent_bytes, child_state.recv_bytes); 17911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 17921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 17931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic Kex * 17941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_get_kex(Buffer *m) 17951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 17961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Kex *kex; 17971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood void *blob; 17981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int bloblen; 17991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex = xcalloc(1, sizeof(*kex)); 18011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->session_id = buffer_get_string(m, &kex->session_id_len); 18021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (session_id2 == NULL || 18031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->session_id_len != session_id2_len || 18041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0) 18051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("mm_get_get: internal error: bad session id"); 18061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->we_need = buffer_get_int(m); 18071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 18081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; 18091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; 18101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; 18111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->kex[KEX_ECDH_SHA2] = kexecdh_server; 18121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->server = 1; 18131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->hostkey_type = buffer_get_int(m); 18141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->kex_type = buffer_get_int(m); 18151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(m, &bloblen); 18161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&kex->my); 18171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append(&kex->my, blob, bloblen); 18181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 18191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(m, &bloblen); 18201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&kex->peer); 18211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_append(&kex->peer, blob, bloblen); 18221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 18231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->done = 1; 18241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->flags = buffer_get_int(m); 18251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->client_version_string = buffer_get_string(m, NULL); 18261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->server_version_string = buffer_get_string(m, NULL); 18271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->load_host_public_key=&get_hostkey_public_by_type; 18281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->load_host_private_key=&get_hostkey_private_by_type; 18291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood kex->host_key_index=&get_hostkey_index; 18301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (kex); 18321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 18331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* This function requries careful sanity checking */ 18351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 18371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_get_keystate(struct monitor *pmonitor) 18381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 18391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood Buffer m; 18401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *blob, *p; 18411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int bloblen, plen; 18421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int32_t seqnr, packets; 18431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int64_t blocks, bytes; 18441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: Waiting for new keys", __func__); 18461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_init(&m); 18481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, &m); 18491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!compat20) { 18501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.ssh1protoflags = buffer_get_int(&m); 18511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.ssh1cipher = buffer_get_int(&m); 18521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.ssh1key = buffer_get_string(&m, 18531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &child_state.ssh1keylen); 18541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.ivout = buffer_get_string(&m, 18551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &child_state.ivoutlen); 18561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.ivin = buffer_get_string(&m, &child_state.ivinlen); 18571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goto skip; 18581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else { 18591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Get the Kex for rekeying */ 18601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood *pmonitor->m_pkex = mm_get_kex(&m); 18611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 18621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(&m, &bloblen); 18641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); 18651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 18661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: Waiting for second key", __func__); 18681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blob = buffer_get_string(&m, &bloblen); 18691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen); 18701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(blob); 18711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Now get sequence numbers for the packets */ 18731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood seqnr = buffer_get_int(&m); 18741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blocks = buffer_get_int64(&m); 18751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packets = buffer_get_int(&m); 18761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bytes = buffer_get_int64(&m); 18771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_state(MODE_OUT, seqnr, blocks, packets, bytes); 18781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood seqnr = buffer_get_int(&m); 18791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood blocks = buffer_get_int64(&m); 18801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packets = buffer_get_int(&m); 18811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bytes = buffer_get_int64(&m); 18821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood packet_set_state(MODE_IN, seqnr, blocks, packets, bytes); 18831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood skip: 18851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Get the key context */ 18861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen); 18871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.keyin = buffer_get_string(&m, &child_state.keyinlen); 18881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: Getting compression state", __func__); 18901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Get compression state */ 18911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&m, &plen); 18921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (plen != sizeof(child_state.outgoing)) 18931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad request size", __func__); 18941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); 18951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 18961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 18971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood p = buffer_get_string(&m, &plen); 18981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (plen != sizeof(child_state.incoming)) 18991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: bad request size", __func__); 19001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); 19011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(p); 19021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Network I/O buffers */ 19041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: Getting Network I/O buffers", __func__); 19051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.input = buffer_get_string(&m, &child_state.ilen); 19061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.output = buffer_get_string(&m, &child_state.olen); 19071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Roaming */ 19091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (compat20) { 19101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.sent_bytes = buffer_get_int64(&m); 19111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood child_state.recv_bytes = buffer_get_int64(&m); 19121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 19131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_free(&m); 19151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 19161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Allocation functions for zlib */ 19191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid * 19201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_zalloc(struct mm_master *mm, u_int ncount, u_int size) 19211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 19221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood size_t len = (size_t) size * ncount; 19231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood void *address; 19241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (len == 0 || ncount > SIZE_T_MAX / size) 19261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size); 19271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood address = mm_malloc(mm, len); 19291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (address); 19311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 19321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 19341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_zfree(struct mm_master *mm, void *address) 19351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 19361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_free(mm, address); 19371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 19381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 19401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_init_compression(struct mm_master *mm) 19411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 19421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood outgoing_stream.zalloc = (alloc_func)mm_zalloc; 19431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood outgoing_stream.zfree = (free_func)mm_zfree; 19441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood outgoing_stream.opaque = mm; 19451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood incoming_stream.zalloc = (alloc_func)mm_zalloc; 19471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood incoming_stream.zfree = (free_func)mm_zfree; 19481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood incoming_stream.opaque = mm; 19491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 19501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* XXX */ 19521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define FD_CLOSEONEXEC(x) do { \ 19541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (fcntl(x, F_SETFD, FD_CLOEXEC) == -1) \ 19551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("fcntl(%d, F_SETFD)", x); \ 19561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} while (0) 19571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstatic void 19591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_openfds(struct monitor *mon, int do_logfds) 19601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 19611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int pair[2]; 19621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) 19641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: socketpair: %s", __func__, strerror(errno)); 19651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood FD_CLOSEONEXEC(pair[0]); 19661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood FD_CLOSEONEXEC(pair[1]); 19671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon->m_recvfd = pair[0]; 19681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon->m_sendfd = pair[1]; 19691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (do_logfds) { 19711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pipe(pair) == -1) 19721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: pipe: %s", __func__, strerror(errno)); 19731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood FD_CLOSEONEXEC(pair[0]); 19741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood FD_CLOSEONEXEC(pair[1]); 19751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon->m_log_recvfd = pair[0]; 19761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon->m_log_sendfd = pair[1]; 19771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } else 19781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon->m_log_recvfd = mon->m_log_sendfd = -1; 19791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 19801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#define MM_MEMSIZE 65536 19821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstruct monitor * 19841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_init(void) 19851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 19861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct monitor *mon; 19871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon = xcalloc(1, sizeof(*mon)); 19891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_openfds(mon, 1); 19911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Used to share zlib space across processes */ 19931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (options.compression) { 19941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon->m_zback = mm_create(NULL, MM_MEMSIZE); 19951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mon->m_zlib = mm_create(mon->m_zback, 20 * MM_MEMSIZE); 19961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 19971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Compression needs to share state across borders */ 19981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_init_compression(mon->m_zlib); 19991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 20001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return mon; 20021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 20031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid 20051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmonitor_reinit(struct monitor *mon) 20061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 20071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_openfds(mon, 0); 20081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 20091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef GSSAPI 20111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 20121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_gss_setup_ctx(int sock, Buffer *m) 20131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 20141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood gss_OID_desc goid; 20151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood OM_uint32 major; 20161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int len; 20171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goid.elements = buffer_get_string(m, &len); 20191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood goid.length = len; 20201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood major = ssh_gssapi_server_ctx(&gsscontext, &goid); 20221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(goid.elements); 20241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 20261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, major); 20271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_GSSSETUP, m); 20291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Now we have a context, enable the step */ 20311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1); 20321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 20341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 20351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 20371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_gss_accept_ctx(int sock, Buffer *m) 20381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 20391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood gss_buffer_desc in; 20401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood gss_buffer_desc out = GSS_C_EMPTY_BUFFER; 20411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood OM_uint32 major, minor; 20421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood OM_uint32 flags = 0; /* GSI needs this */ 20431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int len; 20441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood in.value = buffer_get_string(m, &len); 20461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood in.length = len; 20471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); 20481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(in.value); 20491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 20511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, major); 20521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, out.value, out.length); 20531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, flags); 20541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_GSSSTEP, m); 20551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood gss_release_buffer(&minor, &out); 20571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (major == GSS_S_COMPLETE) { 20591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); 20601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); 20611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); 20621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood } 20631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 20641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 20651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 20671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_gss_checkmic(int sock, Buffer *m) 20681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 20691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood gss_buffer_desc gssbuf, mic; 20701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood OM_uint32 ret; 20711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int len; 20721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood gssbuf.value = buffer_get_string(m, &len); 20741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood gssbuf.length = len; 20751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mic.value = buffer_get_string(m, &len); 20761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mic.length = len; 20771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); 20791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(gssbuf.value); 20811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(mic.value); 20821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 20841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, ret); 20851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m); 20871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!GSS_ERROR(ret)) 20891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); 20901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (0); 20921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 20931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 20951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_gss_userok(int sock, Buffer *m) 20961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 20971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int authenticated; 20981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 20991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); 21001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 21021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, authenticated); 21031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending result %d", __func__, authenticated); 21051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); 21061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "gssapi-with-mic"; 21081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* Monitor loop will terminate if authenticated */ 21101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return (authenticated); 21111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 21121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif /* GSSAPI */ 21131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef JPAKE 21151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 21161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_jpake_step1(int sock, Buffer *m) 21171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 21181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct jpake_ctx *pctx; 21191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *x3_proof, *x4_proof; 21201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int x3_proof_len, x4_proof_len; 21211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (!options.zero_knowledge_password_authentication) 21231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("zero_knowledge_password_authentication disabled"); 21241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (authctxt->jpake_ctx != NULL) 21261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: authctxt->jpake_ctx already set (%p)", 21271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood __func__, authctxt->jpake_ctx); 21281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authctxt->jpake_ctx = pctx = jpake_new(); 21291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood jpake_step1(pctx->grp, 21311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &pctx->server_id, &pctx->server_id_len, 21321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &pctx->x3, &pctx->x4, &pctx->g_x3, &pctx->g_x4, 21331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &x3_proof, &x3_proof_len, 21341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &x4_proof, &x4_proof_len); 21351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood JPAKE_DEBUG_CTX((pctx, "step1 done in %s", __func__)); 21371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 21391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, pctx->server_id, pctx->server_id_len); 21411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_bignum2(m, pctx->g_x3); 21421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_bignum2(m, pctx->g_x4); 21431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, x3_proof, x3_proof_len); 21441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, x4_proof, x4_proof_len); 21451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending step1", __func__); 21471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m); 21481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(x3_proof, x3_proof_len); 21501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(x4_proof, x4_proof_len); 21511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(x3_proof); 21521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(x4_proof); 21531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_GET_PWDATA, 1); 21551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 0); 21561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 21581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 21591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 21611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_jpake_get_pwdata(int sock, Buffer *m) 21621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 21631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct jpake_ctx *pctx = authctxt->jpake_ctx; 21641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood char *hash_scheme, *salt; 21651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pctx == NULL) 21671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: pctx == NULL", __func__); 21681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth2_jpake_get_pwdata(authctxt, &pctx->s, &hash_scheme, &salt); 21701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 21721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* pctx->s is sensitive, not returned to slave */ 21731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, hash_scheme); 21741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_cstring(m, salt); 21751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending pwdata", __func__); 21771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_JPAKE_GET_PWDATA, m); 21781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(hash_scheme, strlen(hash_scheme)); 21801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(salt, strlen(salt)); 21811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(hash_scheme); 21821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(salt); 21831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP2, 1); 21851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 21871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 21881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 21901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_jpake_step2(int sock, Buffer *m) 21911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 21921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct jpake_ctx *pctx = authctxt->jpake_ctx; 21931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *x1_proof, *x2_proof, *x4_s_proof; 21941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int x1_proof_len, x2_proof_len, x4_s_proof_len; 21951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pctx == NULL) 21971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: pctx == NULL", __func__); 21981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 21991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((pctx->g_x1 = BN_new()) == NULL || 22001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood (pctx->g_x2 = BN_new()) == NULL) 22011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: BN_new", __func__); 22021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_get_bignum2(m, pctx->g_x1); 22031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_get_bignum2(m, pctx->g_x2); 22041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->client_id = buffer_get_string(m, &pctx->client_id_len); 22051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood x1_proof = buffer_get_string(m, &x1_proof_len); 22061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood x2_proof = buffer_get_string(m, &x2_proof_len); 22071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood jpake_step2(pctx->grp, pctx->s, pctx->g_x3, 22091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->g_x1, pctx->g_x2, pctx->x4, 22101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->client_id, pctx->client_id_len, 22111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->server_id, pctx->server_id_len, 22121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood x1_proof, x1_proof_len, 22131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood x2_proof, x2_proof_len, 22141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &pctx->b, 22151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &x4_s_proof, &x4_s_proof_len); 22161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood JPAKE_DEBUG_CTX((pctx, "step2 done in %s", __func__)); 22181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(x1_proof, x1_proof_len); 22201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(x2_proof, x2_proof_len); 22211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(x1_proof); 22221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(x2_proof); 22231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 22251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_bignum2(m, pctx->b); 22271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, x4_s_proof, x4_s_proof_len); 22281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending step2", __func__); 22301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m); 22311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(x4_s_proof, x4_s_proof_len); 22331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(x4_s_proof); 22341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1); 22361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 22381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 22391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 22411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_jpake_key_confirm(int sock, Buffer *m) 22421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 22431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct jpake_ctx *pctx = authctxt->jpake_ctx; 22441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *x2_s_proof; 22451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int x2_s_proof_len; 22461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pctx == NULL) 22481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: pctx == NULL", __func__); 22491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if ((pctx->a = BN_new()) == NULL) 22511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: BN_new", __func__); 22521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_get_bignum2(m, pctx->a); 22531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood x2_s_proof = buffer_get_string(m, &x2_s_proof_len); 22541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood jpake_key_confirm(pctx->grp, pctx->s, pctx->a, 22561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->x4, pctx->g_x3, pctx->g_x4, pctx->g_x1, pctx->g_x2, 22571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->server_id, pctx->server_id_len, 22581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->client_id, pctx->client_id_len, 22591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_id2, session_id2_len, 22601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood x2_s_proof, x2_s_proof_len, 22611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &pctx->k, 22621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len); 22631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood JPAKE_DEBUG_CTX((pctx, "key_confirm done in %s", __func__)); 22651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(x2_s_proof, x2_s_proof_len); 22671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 22681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood /* pctx->k is sensitive, not sent */ 22701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_string(m, pctx->h_k_sid_sessid, pctx->h_k_sid_sessid_len); 22711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending confirmation hash", __func__); 22731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_JPAKE_KEY_CONFIRM, m); 22741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_CHECK_CONFIRM, 1); 22761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return 0; 22781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 22791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint 22811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodmm_answer_jpake_check_confirm(int sock, Buffer *m) 22821305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood{ 22831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood int authenticated = 0; 22841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_char *peer_confirm_hash; 22851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood u_int peer_confirm_hash_len; 22861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood struct jpake_ctx *pctx = authctxt->jpake_ctx; 22871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood if (pctx == NULL) 22891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood fatal("%s: pctx == NULL", __func__); 22901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood peer_confirm_hash = buffer_get_string(m, &peer_confirm_hash_len); 22921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood authenticated = jpake_check_confirm(pctx->k, 22941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood pctx->client_id, pctx->client_id_len, 22951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood session_id2, session_id2_len, 22961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood peer_confirm_hash, peer_confirm_hash_len) && authctxt->valid; 22971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 22981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__)); 22991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 23001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood bzero(peer_confirm_hash, peer_confirm_hash_len); 23011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood xfree(peer_confirm_hash); 23021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 23031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_clear(m); 23041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood buffer_put_int(m, authenticated); 23051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 23061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood debug3("%s: sending result %d", __func__, authenticated); 23071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood mm_request_send(sock, MONITOR_ANS_JPAKE_CHECK_CONFIRM, m); 23081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 23091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 1); 23101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 23111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood auth_method = "jpake-01@openssh.com"; 23121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood return authenticated; 23131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood} 23141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 23151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif /* JPAKE */ 2316