Blame - monitor.c - platform/external/openssh

blob: 95fd0cf64caf0a55ef4ade5c83c1f17367dbd467 [file] [log] [blame]

Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1	/*
				2	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
				3	* Copyright 2002 Markus Friedl <markus@openbsd.org>
				4	* All rights reserved.
				5	*
				6	* Redistribution and use in source and binary forms, with or without
				7	* modification, are permitted provided that the following conditions
				8	* are met:
				9	* 1. Redistributions of source code must retain the above copyright
				10	* notice, this list of conditions and the following disclaimer.
				11	* 2. Redistributions in binary form must reproduce the above copyright
				12	* notice, this list of conditions and the following disclaimer in the
				13	* documentation and/or other materials provided with the distribution.
				14	*
				15	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
				16	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
				17	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
				18	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
				19	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
				20	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
				21	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
				22	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
				23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
				24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
				25	*/
				26
				27	#include "includes.h"
Darren Tucker	6aaa58c	2003-08-02 22:24:49 +1000	[diff] [blame]	28	RCSID("$OpenBSD: monitor.c,v 1.45 2003/07/22 13:35:22 markus Exp $");
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	29
				30	#include <openssl/dh.h>
				31
				32	#ifdef SKEY
				33	#include <skey.h>
				34	#endif
				35
				36	#include "ssh.h"
				37	#include "auth.h"
				38	#include "kex.h"
				39	#include "dh.h"
				40	#include "zlib.h"
				41	#include "packet.h"
				42	#include "auth-options.h"
				43	#include "sshpty.h"
				44	#include "channels.h"
				45	#include "session.h"
				46	#include "sshlogin.h"
				47	#include "canohost.h"
				48	#include "log.h"
				49	#include "servconf.h"
				50	#include "monitor.h"
				51	#include "monitor_mm.h"
				52	#include "monitor_wrap.h"
				53	#include "monitor_fdpass.h"
				54	#include "xmalloc.h"
				55	#include "misc.h"
				56	#include "buffer.h"
				57	#include "bufaux.h"
				58	#include "compat.h"
				59	#include "ssh2.h"
				60	#include "mpaux.h"
				61
				62	/* Imports */
				63	extern ServerOptions options;
				64	extern u_int utmp_len;
				65	extern Newkeys *current_keys[];
				66	extern z_stream incoming_stream;
				67	extern z_stream outgoing_stream;
				68	extern u_char session_id[];
				69	extern Buffer input, output;
				70	extern Buffer auth_debug;
				71	extern int auth_debug_init;
				72
				73	/* State exported from the child */
				74
				75	struct {
				76	z_stream incoming;
				77	z_stream outgoing;
				78	u_char *keyin;
				79	u_int keyinlen;
				80	u_char *keyout;
				81	u_int keyoutlen;
				82	u_char *ivin;
				83	u_int ivinlen;
				84	u_char *ivout;
				85	u_int ivoutlen;
Ben Lindstrom	402c6cc	2002-06-21 00:43:42 +0000	[diff] [blame]	86	u_char *ssh1key;
				87	u_int ssh1keylen;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	88	int ssh1cipher;
				89	int ssh1protoflags;
				90	u_char *input;
				91	u_int ilen;
				92	u_char *output;
				93	u_int olen;
				94	} child_state;
				95
Damien Miller	469954d	2003-06-18 20:25:33 +1000	[diff] [blame]	96	/* Functions on the monitor that answer unprivileged requests */
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	97
				98	int mm_answer_moduli(int, Buffer *);
				99	int mm_answer_sign(int, Buffer *);
				100	int mm_answer_pwnamallow(int, Buffer *);
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	101	int mm_answer_auth2_read_banner(int, Buffer *);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	102	int mm_answer_authserv(int, Buffer *);
				103	int mm_answer_authpassword(int, Buffer *);
				104	int mm_answer_bsdauthquery(int, Buffer *);
				105	int mm_answer_bsdauthrespond(int, Buffer *);
				106	int mm_answer_skeyquery(int, Buffer *);
				107	int mm_answer_skeyrespond(int, Buffer *);
				108	int mm_answer_keyallowed(int, Buffer *);
				109	int mm_answer_keyverify(int, Buffer *);
				110	int mm_answer_pty(int, Buffer *);
				111	int mm_answer_pty_cleanup(int, Buffer *);
				112	int mm_answer_term(int, Buffer *);
				113	int mm_answer_rsa_keyallowed(int, Buffer *);
				114	int mm_answer_rsa_challenge(int, Buffer *);
				115	int mm_answer_rsa_response(int, Buffer *);
				116	int mm_answer_sesskey(int, Buffer *);
				117	int mm_answer_sessid(int, Buffer *);
				118
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	119	#ifdef USE_PAM
				120	int mm_answer_pam_start(int, Buffer *);
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	121	int mm_answer_pam_init_ctx(int, Buffer *);
				122	int mm_answer_pam_query(int, Buffer *);
				123	int mm_answer_pam_respond(int, Buffer *);
				124	int mm_answer_pam_free_ctx(int, Buffer *);
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	125	#endif
				126
Damien Miller	25162f2	2002-09-12 09:47:29 +1000	[diff] [blame]	127	#ifdef KRB5
				128	int mm_answer_krb5(int, Buffer *);
				129	#endif
				130
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	131	static Authctxt *authctxt;
				132	static BIGNUM ssh1_challenge = NULL; / used for ssh1 rsa auth */
				133
				134	/* local state for key verify */
				135	static u_char *key_blob = NULL;
				136	static u_int key_bloblen = 0;
				137	static int key_blobtype = MM_NOKEY;
Damien Miller	a10f561	2002-09-12 09:49:15 +1000	[diff] [blame]	138	static char *hostbased_cuser = NULL;
				139	static char *hostbased_chost = NULL;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	140	static char *auth_method = "unknown";
Darren Tucker	502d384	2003-06-28 12:38:01 +1000	[diff] [blame]	141	static u_int session_id2_len = 0;
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	142	static u_char *session_id2 = NULL;
Damien Miller	be64d43	2003-05-14 19:31:12 +1000	[diff] [blame]	143	static pid_t monitor_child_pid;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	144
				145	struct mon_table {
				146	enum monitor_reqtype type;
				147	int flags;
				148	int (f)(int, Buffer );
				149	};
				150
				151	#define MON_ISAUTH 0x0004 /* Required for Authentication */
				152	#define MON_AUTHDECIDE 0x0008 /* Decides Authentication */
				153	#define MON_ONCE 0x0010 /* Disable after calling */
				154
				155	#define MON_AUTH (MON_ISAUTH\|MON_AUTHDECIDE)
				156
				157	#define MON_PERMIT 0x1000 /* Request is permitted */
				158
				159	struct mon_table mon_dispatch_proto20[] = {
				160	{MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli},
				161	{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
				162	{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
				163	{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	164	{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	165	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	166	#ifdef USE_PAM
				167	{MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	168	{MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx},
				169	{MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query},
				170	{MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},
				171	{MONITOR_REQ_PAM_FREE_CTX, MON_ONCE\|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
Kevin Steves	bd1901b	2002-04-01 18:04:35 +0000	[diff] [blame]	172	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	173	#ifdef BSD_AUTH
				174	{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
				175	{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond},
				176	#endif
				177	#ifdef SKEY
				178	{MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
				179	{MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond},
				180	#endif
				181	{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
				182	{MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},
Damien Miller	3ab496b	2003-05-14 13:47:37 +1000	[diff] [blame]	183	#ifdef KRB5
				184	{MONITOR_REQ_KRB5, MON_ONCE\|MON_AUTH, mm_answer_krb5},
				185	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	186	{0, 0, NULL}
				187	};
				188
				189	struct mon_table mon_dispatch_postauth20[] = {
				190	{MONITOR_REQ_MODULI, 0, mm_answer_moduli},
				191	{MONITOR_REQ_SIGN, 0, mm_answer_sign},
				192	{MONITOR_REQ_PTY, 0, mm_answer_pty},
				193	{MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup},
				194	{MONITOR_REQ_TERM, 0, mm_answer_term},
				195	{0, 0, NULL}
				196	};
				197
				198	struct mon_table mon_dispatch_proto15[] = {
				199	{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
				200	{MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey},
				201	{MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid},
				202	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
				203	{MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH, mm_answer_rsa_keyallowed},
				204	{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
				205	{MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge},
				206	{MONITOR_REQ_RSARESPONSE, MON_ONCE\|MON_AUTHDECIDE, mm_answer_rsa_response},
				207	#ifdef BSD_AUTH
				208	{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
				209	{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond},
				210	#endif
				211	#ifdef SKEY
				212	{MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
				213	{MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond},
				214	#endif
Damien Miller	a33501b	2002-05-08 12:24:42 +1000	[diff] [blame]	215	#ifdef USE_PAM
				216	{MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	217	{MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx},
				218	{MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query},
				219	{MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},
				220	{MONITOR_REQ_PAM_FREE_CTX, MON_ONCE\|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
Damien Miller	a33501b	2002-05-08 12:24:42 +1000	[diff] [blame]	221	#endif
Damien Miller	25162f2	2002-09-12 09:47:29 +1000	[diff] [blame]	222	#ifdef KRB5
				223	{MONITOR_REQ_KRB5, MON_ONCE\|MON_AUTH, mm_answer_krb5},
				224	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	225	{0, 0, NULL}
				226	};
				227
				228	struct mon_table mon_dispatch_postauth15[] = {
				229	{MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty},
				230	{MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup},
				231	{MONITOR_REQ_TERM, 0, mm_answer_term},
				232	{0, 0, NULL}
				233	};
				234
				235	struct mon_table *mon_dispatch;
				236
				237	/* Specifies if a certain message is allowed at the moment */
				238
				239	static void
				240	monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit)
				241	{
				242	while (ent->f != NULL) {
				243	if (ent->type == type) {
				244	ent->flags &= ~MON_PERMIT;
				245	ent->flags \|= permit ? MON_PERMIT : 0;
				246	return;
				247	}
				248	ent++;
				249	}
				250	}
				251
				252	static void
				253	monitor_permit_authentications(int permit)
				254	{
				255	struct mon_table *ent = mon_dispatch;
				256
				257	while (ent->f != NULL) {
				258	if (ent->flags & MON_AUTH) {
				259	ent->flags &= ~MON_PERMIT;
				260	ent->flags \|= permit ? MON_PERMIT : 0;
				261	}
				262	ent++;
				263	}
				264	}
				265
				266	Authctxt *
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	267	monitor_child_preauth(struct monitor *pmonitor)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	268	{
				269	struct mon_table *ent;
				270	int authenticated = 0;
				271
				272	debug3("preauth child monitor started");
				273
				274	if (compat20) {
				275	mon_dispatch = mon_dispatch_proto20;
				276
				277	/* Permit requests for moduli and signatures */
				278	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
				279	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
				280	} else {
				281	mon_dispatch = mon_dispatch_proto15;
				282
				283	monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1);
				284	}
				285
				286	authctxt = authctxt_new();
				287
				288	/* The first few requests do not require asynchronous access */
				289	while (!authenticated) {
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	290	authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	291	if (authenticated) {
				292	if (!(ent->flags & MON_AUTHDECIDE))
				293	fatal("%s: unexpected authentication from %d",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	294	__func__, ent->type);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	295	if (authctxt->pw->pw_uid == 0 &&
				296	!auth_root_allowed(auth_method))
				297	authenticated = 0;
				298	}
				299
				300	if (ent->flags & MON_AUTHDECIDE) {
				301	auth_log(authctxt, authenticated, auth_method,
				302	compat20 ? " ssh2" : "");
				303	if (!authenticated)
				304	authctxt->failures++;
				305	}
				306	}
				307
				308	if (!authctxt->valid)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	309	fatal("%s: authenticated invalid user", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	310
				311	debug("%s: %s has been authenticated by privileged process",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	312	__func__, authctxt->user);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	313
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	314	mm_get_keystate(pmonitor);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	315
				316	return (authctxt);
				317	}
				318
Damien Miller	be64d43	2003-05-14 19:31:12 +1000	[diff] [blame]	319	static void
				320	monitor_set_child_handler(pid_t pid)
				321	{
				322	monitor_child_pid = pid;
				323	}
				324
				325	static void
				326	monitor_child_handler(int signal)
				327	{
				328	kill(monitor_child_pid, signal);
				329	}
				330
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	331	void
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	332	monitor_child_postauth(struct monitor *pmonitor)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	333	{
Damien Miller	be64d43	2003-05-14 19:31:12 +1000	[diff] [blame]	334	monitor_set_child_handler(pmonitor->m_pid);
				335	signal(SIGHUP, &monitor_child_handler);
				336	signal(SIGTERM, &monitor_child_handler);
				337
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	338	if (compat20) {
				339	mon_dispatch = mon_dispatch_postauth20;
				340
				341	/* Permit requests for moduli and signatures */
				342	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
				343	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
				344	monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
				345
				346	} else {
				347	mon_dispatch = mon_dispatch_postauth15;
				348	monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
				349	}
				350	if (!no_pty_flag) {
				351	monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
				352	monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1);
				353	}
				354
				355	for (;;)
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	356	monitor_read(pmonitor, mon_dispatch, NULL);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	357	}
				358
				359	void
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	360	monitor_sync(struct monitor *pmonitor)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	361	{
Damien Miller	2d6b833	2002-06-21 15:59:49 +1000	[diff] [blame]	362	if (options.compression) {
				363	/* The member allocation is not visible, so sync it */
				364	mm_share_sync(&pmonitor->m_zlib, &pmonitor->m_zback);
				365	}
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	366	}
				367
				368	int
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	369	monitor_read(struct monitor pmonitor, struct mon_table ent,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	370	struct mon_table **pent)
				371	{
				372	Buffer m;
				373	int ret;
				374	u_char type;
				375
				376	buffer_init(&m);
				377
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	378	mm_request_receive(pmonitor->m_sendfd, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	379	type = buffer_get_char(&m);
				380
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	381	debug3("%s: checking request %d", __func__, type);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	382
				383	while (ent->f != NULL) {
				384	if (ent->type == type)
				385	break;
				386	ent++;
				387	}
				388
				389	if (ent->f != NULL) {
				390	if (!(ent->flags & MON_PERMIT))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	391	fatal("%s: unpermitted request %d", __func__,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	392	type);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	393	ret = (*ent->f)(pmonitor->m_sendfd, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	394	buffer_free(&m);
				395
				396	/* The child may use this request only once, disable it */
				397	if (ent->flags & MON_ONCE) {
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	398	debug2("%s: %d used once, disabling now", __func__,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	399	type);
				400	ent->flags &= ~MON_PERMIT;
				401	}
				402
				403	if (pent != NULL)
				404	*pent = ent;
				405
				406	return ret;
				407	}
				408
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	409	fatal("%s: unsupported request: %d", __func__, type);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	410
				411	/* NOTREACHED */
				412	return (-1);
				413	}
				414
				415	/* allowed key state */
				416	static int
				417	monitor_allowed_key(u_char *blob, u_int bloblen)
				418	{
				419	/* make sure key is allowed */
				420	if (key_blob == NULL \|\| key_bloblen != bloblen \|\|
				421	memcmp(key_blob, blob, key_bloblen))
				422	return (0);
				423	return (1);
				424	}
				425
				426	static void
				427	monitor_reset_key_state(void)
				428	{
				429	/* reset state */
				430	if (key_blob != NULL)
				431	xfree(key_blob);
				432	if (hostbased_cuser != NULL)
				433	xfree(hostbased_cuser);
				434	if (hostbased_chost != NULL)
				435	xfree(hostbased_chost);
				436	key_blob = NULL;
				437	key_bloblen = 0;
				438	key_blobtype = MM_NOKEY;
				439	hostbased_cuser = NULL;
				440	hostbased_chost = NULL;
				441	}
				442
				443	int
				444	mm_answer_moduli(int socket, Buffer *m)
				445	{
				446	DH *dh;
				447	int min, want, max;
				448
				449	min = buffer_get_int(m);
				450	want = buffer_get_int(m);
				451	max = buffer_get_int(m);
				452
				453	debug3("%s: got parameters: %d %d %d",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	454	__func__, min, want, max);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	455	/* We need to check here, too, in case the child got corrupted */
				456	if (max < min \|\| want < min \|\| max < want)
				457	fatal("%s: bad parameters: %d %d %d",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	458	__func__, min, want, max);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	459
				460	buffer_clear(m);
				461
				462	dh = choose_dh(min, want, max);
				463	if (dh == NULL) {
				464	buffer_put_char(m, 0);
				465	return (0);
				466	} else {
				467	/* Send first bignum */
				468	buffer_put_char(m, 1);
				469	buffer_put_bignum2(m, dh->p);
				470	buffer_put_bignum2(m, dh->g);
				471
				472	DH_free(dh);
				473	}
				474	mm_request_send(socket, MONITOR_ANS_MODULI, m);
				475	return (0);
				476	}
				477
				478	int
				479	mm_answer_sign(int socket, Buffer *m)
				480	{
				481	Key *key;
				482	u_char *p;
				483	u_char *signature;
				484	u_int siglen, datlen;
				485	int keyid;
				486
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	487	debug3("%s", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	488
				489	keyid = buffer_get_int(m);
				490	p = buffer_get_string(m, &datlen);
				491
				492	if (datlen != 20)
Ben Lindstrom	d550218	2002-06-27 00:12:57 +0000	[diff] [blame]	493	fatal("%s: data length incorrect: %u", __func__, datlen);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	494
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	495	/* save session id, it will be passed on the first call */
				496	if (session_id2_len == 0) {
				497	session_id2_len = datlen;
				498	session_id2 = xmalloc(session_id2_len);
				499	memcpy(session_id2, p, session_id2_len);
				500	}
				501
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	502	if ((key = get_hostkey_by_index(keyid)) == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	503	fatal("%s: no hostkey from index %d", __func__, keyid);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	504	if (key_sign(key, &signature, &siglen, p, datlen) < 0)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	505	fatal("%s: key_sign failed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	506
Ben Lindstrom	d550218	2002-06-27 00:12:57 +0000	[diff] [blame]	507	debug3("%s: signature %p(%u)", __func__, signature, siglen);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	508
				509	buffer_clear(m);
				510	buffer_put_string(m, signature, siglen);
				511
				512	xfree(p);
				513	xfree(signature);
				514
				515	mm_request_send(socket, MONITOR_ANS_SIGN, m);
				516
				517	/* Turn on permissions for getpwnam */
				518	monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
				519
				520	return (0);
				521	}
				522
				523	/* Retrieves the password entry and also checks if the user is permitted */
				524
				525	int
				526	mm_answer_pwnamallow(int socket, Buffer *m)
				527	{
				528	char *login;
				529	struct passwd *pwent;
				530	int allowed = 0;
				531
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	532	debug3("%s", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	533
				534	if (authctxt->attempt++ != 0)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	535	fatal("%s: multiple attempts for getpwnam", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	536
				537	login = buffer_get_string(m, NULL);
				538
				539	pwent = getpwnamallow(login);
				540
				541	authctxt->user = xstrdup(login);
				542	setproctitle("%s [priv]", pwent ? login : "unknown");
				543	xfree(login);
				544
				545	buffer_clear(m);
				546
				547	if (pwent == NULL) {
				548	buffer_put_char(m, 0);
				549	goto out;
				550	}
				551
				552	allowed = 1;
				553	authctxt->pw = pwent;
				554	authctxt->valid = 1;
				555
				556	buffer_put_char(m, 1);
				557	buffer_put_string(m, pwent, sizeof(struct passwd));
				558	buffer_put_cstring(m, pwent->pw_name);
				559	buffer_put_cstring(m, "*");
				560	buffer_put_cstring(m, pwent->pw_gecos);
Kevin Steves	7e14760	2002-03-22 18:07:17 +0000	[diff] [blame]	561	#ifdef HAVE_PW_CLASS_IN_PASSWD
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	562	buffer_put_cstring(m, pwent->pw_class);
Kevin Steves	7e14760	2002-03-22 18:07:17 +0000	[diff] [blame]	563	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	564	buffer_put_cstring(m, pwent->pw_dir);
				565	buffer_put_cstring(m, pwent->pw_shell);
				566
				567	out:
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	568	debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	569	mm_request_send(socket, MONITOR_ANS_PWNAM, m);
				570
				571	/* For SSHv1 allow authentication now */
				572	if (!compat20)
				573	monitor_permit_authentications(1);
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	574	else {
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	575	/* Allow service/style information on the auth context */
				576	monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	577	monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
				578	}
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	579
Damien Miller	a33501b	2002-05-08 12:24:42 +1000	[diff] [blame]	580	#ifdef USE_PAM
Damien Miller	4e448a3	2003-05-14 15:11:48 +1000	[diff] [blame]	581	if (options.use_pam)
				582	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1);
Damien Miller	a33501b	2002-05-08 12:24:42 +1000	[diff] [blame]	583	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	584
				585	return (0);
				586	}
				587
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	588	int mm_answer_auth2_read_banner(int socket, Buffer *m)
				589	{
				590	char *banner;
				591
				592	buffer_clear(m);
				593	banner = auth2_read_banner();
				594	buffer_put_cstring(m, banner != NULL ? banner : "");
				595	mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m);
				596
				597	if (banner != NULL)
Ben Lindstrom	eec16fc	2002-07-04 00:06:15 +0000	[diff] [blame]	598	xfree(banner);
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	599
				600	return (0);
				601	}
				602
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	603	int
				604	mm_answer_authserv(int socket, Buffer *m)
				605	{
				606	monitor_permit_authentications(1);
				607
				608	authctxt->service = buffer_get_string(m, NULL);
				609	authctxt->style = buffer_get_string(m, NULL);
				610	debug3("%s: service=%s, style=%s",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	611	__func__, authctxt->service, authctxt->style);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	612
				613	if (strlen(authctxt->style) == 0) {
				614	xfree(authctxt->style);
				615	authctxt->style = NULL;
				616	}
				617
				618	return (0);
				619	}
				620
				621	int
				622	mm_answer_authpassword(int socket, Buffer *m)
				623	{
				624	static int call_count;
				625	char *passwd;
Ben Lindstrom	7cea16b	2002-07-23 21:13:40 +0000	[diff] [blame]	626	int authenticated;
				627	u_int plen;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	628
				629	passwd = buffer_get_string(m, &plen);
				630	/* Only authenticate if the context is valid */
Ben Lindstrom	dcf6bfb	2002-06-06 20:57:17 +0000	[diff] [blame]	631	authenticated = options.password_authentication &&
Damien Miller	eab4bae	2003-04-29 23:22:40 +1000	[diff] [blame]	632	auth_password(authctxt, passwd) && authctxt->valid;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	633	memset(passwd, 0, strlen(passwd));
				634	xfree(passwd);
				635
				636	buffer_clear(m);
				637	buffer_put_int(m, authenticated);
				638
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	639	debug3("%s: sending result %d", __func__, authenticated);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	640	mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m);
				641
				642	call_count++;
				643	if (plen == 0 && call_count == 1)
				644	auth_method = "none";
				645	else
				646	auth_method = "password";
				647
				648	/* Causes monitor loop to terminate if authenticated */
				649	return (authenticated);
				650	}
				651
				652	#ifdef BSD_AUTH
				653	int
				654	mm_answer_bsdauthquery(int socket, Buffer *m)
				655	{
				656	char name, infotxt;
				657	u_int numprompts;
				658	u_int *echo_on;
				659	char **prompts;
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	660	u_int success;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	661
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	662	success = bsdauth_query(authctxt, &name, &infotxt, &numprompts,
				663	&prompts, &echo_on) < 0 ? 0 : 1;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	664
				665	buffer_clear(m);
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	666	buffer_put_int(m, success);
				667	if (success)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	668	buffer_put_cstring(m, prompts[0]);
				669
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	670	debug3("%s: sending challenge success: %u", __func__, success);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	671	mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m);
				672
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	673	if (success) {
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	674	xfree(name);
				675	xfree(infotxt);
				676	xfree(prompts);
				677	xfree(echo_on);
				678	}
				679
				680	return (0);
				681	}
				682
				683	int
				684	mm_answer_bsdauthrespond(int socket, Buffer *m)
				685	{
				686	char *response;
				687	int authok;
				688
				689	if (authctxt->as == 0)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	690	fatal("%s: no bsd auth session", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	691
				692	response = buffer_get_string(m, NULL);
Ben Lindstrom	dcf6bfb	2002-06-06 20:57:17 +0000	[diff] [blame]	693	authok = options.challenge_response_authentication &&
				694	auth_userresponse(authctxt->as, response, 0);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	695	authctxt->as = NULL;
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	696	debug3("%s: <%s> = <%d>", __func__, response, authok);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	697	xfree(response);
				698
				699	buffer_clear(m);
				700	buffer_put_int(m, authok);
				701
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	702	debug3("%s: sending authenticated: %d", __func__, authok);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	703	mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m);
				704
				705	auth_method = "bsdauth";
				706
				707	return (authok != 0);
				708	}
				709	#endif
				710
				711	#ifdef SKEY
				712	int
				713	mm_answer_skeyquery(int socket, Buffer *m)
				714	{
				715	struct skey skey;
				716	char challenge[1024];
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	717	u_int success;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	718
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	719	success = skeychallenge(&skey, authctxt->user, challenge) < 0 ? 0 : 1;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	720
				721	buffer_clear(m);
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	722	buffer_put_int(m, success);
				723	if (success)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	724	buffer_put_cstring(m, challenge);
				725
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	726	debug3("%s: sending challenge success: %u", __func__, success);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	727	mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m);
				728
				729	return (0);
				730	}
				731
				732	int
				733	mm_answer_skeyrespond(int socket, Buffer *m)
				734	{
				735	char *response;
				736	int authok;
				737
				738	response = buffer_get_string(m, NULL);
				739
Ben Lindstrom	dcf6bfb	2002-06-06 20:57:17 +0000	[diff] [blame]	740	authok = (options.challenge_response_authentication &&
				741	authctxt->valid &&
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	742	skey_haskey(authctxt->pw->pw_name) == 0 &&
				743	skey_passcheck(authctxt->pw->pw_name, response) != -1);
				744
				745	xfree(response);
				746
				747	buffer_clear(m);
				748	buffer_put_int(m, authok);
				749
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	750	debug3("%s: sending authenticated: %d", __func__, authok);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	751	mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m);
				752
				753	auth_method = "skey";
				754
				755	return (authok != 0);
				756	}
				757	#endif
				758
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	759	#ifdef USE_PAM
				760	int
				761	mm_answer_pam_start(int socket, Buffer *m)
				762	{
				763	char *user;
				764
Damien Miller	4e448a3	2003-05-14 15:11:48 +1000	[diff] [blame]	765	if (!options.use_pam)
				766	fatal("UsePAM not set, but ended up in %s anyway", __func__);
				767
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	768	user = buffer_get_string(m, NULL);
				769
				770	start_pam(user);
				771
				772	xfree(user);
				773
				774	return (0);
				775	}
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	776
				777	static void sshpam_ctxt, sshpam_authok;
				778	extern KbdintDevice sshpam_device;
				779
				780	int
				781	mm_answer_pam_init_ctx(int socket, Buffer *m)
				782	{
				783
				784	debug3("%s", __func__);
				785	authctxt->user = buffer_get_string(m, NULL);
				786	sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
				787	sshpam_authok = NULL;
				788	buffer_clear(m);
				789	if (sshpam_ctxt != NULL) {
				790	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1);
				791	buffer_put_int(m, 1);
				792	} else {
				793	buffer_put_int(m, 0);
				794	}
				795	mm_request_send(socket, MONITOR_ANS_PAM_INIT_CTX, m);
				796	return (0);
				797	}
				798
				799	int
				800	mm_answer_pam_query(int socket, Buffer *m)
				801	{
				802	char name, info, **prompts;
				803	u_int num, *echo_on;
				804	int i, ret;
				805
				806	debug3("%s", __func__);
				807	sshpam_authok = NULL;
				808	ret = (sshpam_device.query)(sshpam_ctxt, &name, &info, &num, &prompts, &echo_on);
				809	if (ret == 0 && num == 0)
				810	sshpam_authok = sshpam_ctxt;
				811	if (num > 1 \|\| name == NULL \|\| info == NULL)
				812	ret = -1;
				813	buffer_clear(m);
				814	buffer_put_int(m, ret);
				815	buffer_put_cstring(m, name);
				816	xfree(name);
				817	buffer_put_cstring(m, info);
				818	xfree(info);
				819	buffer_put_int(m, num);
				820	for (i = 0; i < num; ++i) {
				821	buffer_put_cstring(m, prompts[i]);
				822	xfree(prompts[i]);
				823	buffer_put_int(m, echo_on[i]);
				824	}
				825	if (prompts != NULL)
				826	xfree(prompts);
				827	if (echo_on != NULL)
				828	xfree(echo_on);
				829	mm_request_send(socket, MONITOR_ANS_PAM_QUERY, m);
				830	return (0);
				831	}
				832
				833	int
				834	mm_answer_pam_respond(int socket, Buffer *m)
				835	{
				836	char **resp;
				837	u_int num;
				838	int i, ret;
				839
				840	debug3("%s", __func__);
				841	sshpam_authok = NULL;
				842	num = buffer_get_int(m);
				843	if (num > 0) {
				844	resp = xmalloc(num * sizeof(char *));
				845	for (i = 0; i < num; ++i)
				846	resp[i] = buffer_get_string(m, NULL);
				847	ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
				848	for (i = 0; i < num; ++i)
				849	xfree(resp[i]);
				850	xfree(resp);
				851	} else {
				852	ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL);
				853	}
				854	buffer_clear(m);
				855	buffer_put_int(m, ret);
				856	mm_request_send(socket, MONITOR_ANS_PAM_RESPOND, m);
				857	auth_method = "keyboard-interactive/pam";
				858	if (ret == 0)
				859	sshpam_authok = sshpam_ctxt;
				860	return (0);
				861	}
				862
				863	int
				864	mm_answer_pam_free_ctx(int socket, Buffer *m)
				865	{
				866
				867	debug3("%s", __func__);
				868	(sshpam_device.free_ctx)(sshpam_ctxt);
				869	buffer_clear(m);
				870	mm_request_send(socket, MONITOR_ANS_PAM_FREE_CTX, m);
				871	return (sshpam_authok == sshpam_ctxt);
				872	}
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	873	#endif
				874
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	875	static void
				876	mm_append_debug(Buffer *m)
				877	{
				878	if (auth_debug_init && buffer_len(&auth_debug)) {
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	879	debug3("%s: Appending debug messages for child", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	880	buffer_append(m, buffer_ptr(&auth_debug),
				881	buffer_len(&auth_debug));
				882	buffer_clear(&auth_debug);
				883	}
				884	}
				885
				886	int
				887	mm_answer_keyallowed(int socket, Buffer *m)
				888	{
				889	Key *key;
Damien Miller	a10f561	2002-09-12 09:49:15 +1000	[diff] [blame]	890	char cuser, chost;
				891	u_char *blob;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	892	u_int bloblen;
				893	enum mm_keytype type = 0;
				894	int allowed = 0;
				895
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	896	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	897
				898	type = buffer_get_int(m);
				899	cuser = buffer_get_string(m, NULL);
				900	chost = buffer_get_string(m, NULL);
				901	blob = buffer_get_string(m, &bloblen);
				902
				903	key = key_from_blob(blob, bloblen);
				904
				905	if ((compat20 && type == MM_RSAHOSTKEY) \|\|
				906	(!compat20 && type != MM_RSAHOSTKEY))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	907	fatal("%s: key type and protocol mismatch", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	908
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	909	debug3("%s: key_from_blob: %p", __func__, key);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	910
				911	if (key != NULL && authctxt->pw != NULL) {
				912	switch(type) {
				913	case MM_USERKEY:
Ben Lindstrom	dcf6bfb	2002-06-06 20:57:17 +0000	[diff] [blame]	914	allowed = options.pubkey_authentication &&
				915	user_key_allowed(authctxt->pw, key);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	916	break;
				917	case MM_HOSTKEY:
Ben Lindstrom	dcf6bfb	2002-06-06 20:57:17 +0000	[diff] [blame]	918	allowed = options.hostbased_authentication &&
				919	hostbased_key_allowed(authctxt->pw,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	920	cuser, chost, key);
				921	break;
				922	case MM_RSAHOSTKEY:
				923	key->type = KEY_RSA1; /* XXX */
Ben Lindstrom	dcf6bfb	2002-06-06 20:57:17 +0000	[diff] [blame]	924	allowed = options.rhosts_rsa_authentication &&
				925	auth_rhosts_rsa_key_allowed(authctxt->pw,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	926	cuser, chost, key);
				927	break;
				928	default:
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	929	fatal("%s: unknown key type %d", __func__, type);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	930	break;
				931	}
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	932	}
Damien Miller	0011138	2003-03-10 11:21:17 +1100	[diff] [blame]	933	if (key != NULL)
				934	key_free(key);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	935
				936	/* clear temporarily storage (used by verify) */
				937	monitor_reset_key_state();
				938
				939	if (allowed) {
				940	/* Save temporarily for comparison in verify */
				941	key_blob = blob;
				942	key_bloblen = bloblen;
				943	key_blobtype = type;
				944	hostbased_cuser = cuser;
				945	hostbased_chost = chost;
				946	}
				947
				948	debug3("%s: key %p is %s",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	949	__func__, key, allowed ? "allowed" : "disallowed");
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	950
				951	buffer_clear(m);
				952	buffer_put_int(m, allowed);
Damien Miller	06ebedf	2003-02-24 12:03:38 +1100	[diff] [blame]	953	buffer_put_int(m, forced_command != NULL);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	954
				955	mm_append_debug(m);
				956
				957	mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m);
				958
				959	if (type == MM_RSAHOSTKEY)
				960	monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
				961
				962	return (0);
				963	}
				964
				965	static int
				966	monitor_valid_userblob(u_char *data, u_int datalen)
				967	{
				968	Buffer b;
Damien Miller	a10f561	2002-09-12 09:49:15 +1000	[diff] [blame]	969	char *p;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	970	u_int len;
				971	int fail = 0;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	972
				973	buffer_init(&b);
				974	buffer_append(&b, data, datalen);
				975
				976	if (datafellows & SSH_OLD_SESSIONID) {
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	977	p = buffer_ptr(&b);
				978	len = buffer_len(&b);
				979	if ((session_id2 == NULL) \|\|
				980	(len < session_id2_len) \|\|
				981	(memcmp(p, session_id2, session_id2_len) != 0))
				982	fail++;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	983	buffer_consume(&b, session_id2_len);
				984	} else {
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	985	p = buffer_get_string(&b, &len);
				986	if ((session_id2 == NULL) \|\|
				987	(len != session_id2_len) \|\|
				988	(memcmp(p, session_id2, session_id2_len) != 0))
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	989	fail++;
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	990	xfree(p);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	991	}
				992	if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
				993	fail++;
				994	p = buffer_get_string(&b, NULL);
				995	if (strcmp(authctxt->user, p) != 0) {
Damien Miller	996acd2	2003-04-09 20:59:48 +1000	[diff] [blame]	996	logit("wrong user name passed to monitor: expected %s != %.100s",
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	997	authctxt->user, p);
				998	fail++;
				999	}
				1000	xfree(p);
				1001	buffer_skip_string(&b);
				1002	if (datafellows & SSH_BUG_PKAUTH) {
				1003	if (!buffer_get_char(&b))
				1004	fail++;
				1005	} else {
				1006	p = buffer_get_string(&b, NULL);
				1007	if (strcmp("publickey", p) != 0)
				1008	fail++;
				1009	xfree(p);
				1010	if (!buffer_get_char(&b))
				1011	fail++;
				1012	buffer_skip_string(&b);
				1013	}
				1014	buffer_skip_string(&b);
				1015	if (buffer_len(&b) != 0)
				1016	fail++;
				1017	buffer_free(&b);
				1018	return (fail == 0);
				1019	}
				1020
				1021	static int
Damien Miller	a10f561	2002-09-12 09:49:15 +1000	[diff] [blame]	1022	monitor_valid_hostbasedblob(u_char data, u_int datalen, char cuser,
				1023	char *chost)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1024	{
				1025	Buffer b;
Damien Miller	a10f561	2002-09-12 09:49:15 +1000	[diff] [blame]	1026	char *p;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1027	u_int len;
				1028	int fail = 0;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1029
				1030	buffer_init(&b);
				1031	buffer_append(&b, data, datalen);
				1032
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	1033	p = buffer_get_string(&b, &len);
				1034	if ((session_id2 == NULL) \|\|
				1035	(len != session_id2_len) \|\|
				1036	(memcmp(p, session_id2, session_id2_len) != 0))
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1037	fail++;
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	1038	xfree(p);
				1039
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1040	if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
				1041	fail++;
				1042	p = buffer_get_string(&b, NULL);
				1043	if (strcmp(authctxt->user, p) != 0) {
Damien Miller	996acd2	2003-04-09 20:59:48 +1000	[diff] [blame]	1044	logit("wrong user name passed to monitor: expected %s != %.100s",
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1045	authctxt->user, p);
				1046	fail++;
				1047	}
				1048	xfree(p);
				1049	buffer_skip_string(&b); /* service */
				1050	p = buffer_get_string(&b, NULL);
				1051	if (strcmp(p, "hostbased") != 0)
				1052	fail++;
				1053	xfree(p);
				1054	buffer_skip_string(&b); /* pkalg */
				1055	buffer_skip_string(&b); /* pkblob */
				1056
				1057	/* verify client host, strip trailing dot if necessary */
				1058	p = buffer_get_string(&b, NULL);
				1059	if (((len = strlen(p)) > 0) && p[len - 1] == '.')
				1060	p[len - 1] = '\0';
				1061	if (strcmp(p, chost) != 0)
				1062	fail++;
				1063	xfree(p);
				1064
				1065	/* verify client user */
				1066	p = buffer_get_string(&b, NULL);
				1067	if (strcmp(p, cuser) != 0)
				1068	fail++;
				1069	xfree(p);
				1070
				1071	if (buffer_len(&b) != 0)
				1072	fail++;
				1073	buffer_free(&b);
				1074	return (fail == 0);
				1075	}
				1076
				1077	int
				1078	mm_answer_keyverify(int socket, Buffer *m)
				1079	{
				1080	Key *key;
				1081	u_char signature, data, *blob;
				1082	u_int signaturelen, datalen, bloblen;
				1083	int verified = 0;
				1084	int valid_data = 0;
				1085
				1086	blob = buffer_get_string(m, &bloblen);
				1087	signature = buffer_get_string(m, &signaturelen);
				1088	data = buffer_get_string(m, &datalen);
				1089
				1090	if (hostbased_cuser == NULL \|\| hostbased_chost == NULL \|\|
Ben Lindstrom	b57a4bf	2002-03-27 18:00:59 +0000	[diff] [blame]	1091	!monitor_allowed_key(blob, bloblen))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1092	fatal("%s: bad key, not previously allowed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1093
				1094	key = key_from_blob(blob, bloblen);
				1095	if (key == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1096	fatal("%s: bad public key blob", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1097
				1098	switch (key_blobtype) {
				1099	case MM_USERKEY:
				1100	valid_data = monitor_valid_userblob(data, datalen);
				1101	break;
				1102	case MM_HOSTKEY:
				1103	valid_data = monitor_valid_hostbasedblob(data, datalen,
				1104	hostbased_cuser, hostbased_chost);
				1105	break;
				1106	default:
				1107	valid_data = 0;
				1108	break;
				1109	}
				1110	if (!valid_data)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1111	fatal("%s: bad signature data blob", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1112
				1113	verified = key_verify(key, signature, signaturelen, data, datalen);
				1114	debug3("%s: key %p signature %s",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1115	__func__, key, verified ? "verified" : "unverified");
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1116
				1117	key_free(key);
				1118	xfree(blob);
				1119	xfree(signature);
				1120	xfree(data);
				1121
Ben Lindstrom	e1c0912	2002-06-23 00:38:24 +0000	[diff] [blame]	1122	auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased";
				1123
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1124	monitor_reset_key_state();
				1125
				1126	buffer_clear(m);
				1127	buffer_put_int(m, verified);
				1128	mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m);
				1129
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1130	return (verified);
				1131	}
				1132
				1133	static void
				1134	mm_record_login(Session s, struct passwd pw)
				1135	{
				1136	socklen_t fromlen;
				1137	struct sockaddr_storage from;
				1138
				1139	/*
				1140	* Get IP address of client. If the connection is not a socket, let
				1141	* the address be 0.0.0.0.
				1142	*/
				1143	memset(&from, 0, sizeof(from));
Damien Miller	ebc2306	2002-09-04 16:45:09 +1000	[diff] [blame]	1144	fromlen = sizeof(from);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1145	if (packet_connection_is_on_socket()) {
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1146	if (getpeername(packet_get_connection_in(),
				1147	(struct sockaddr *) & from, &fromlen) < 0) {
				1148	debug("getpeername: %.100s", strerror(errno));
				1149	fatal_cleanup();
				1150	}
				1151	}
				1152	/* Record that there was a login on that tty from the remote host. */
				1153	record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid,
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	1154	get_remote_name_or_ip(utmp_len, options.use_dns),
Damien Miller	ebc2306	2002-09-04 16:45:09 +1000	[diff] [blame]	1155	(struct sockaddr *)&from, fromlen);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1156	}
				1157
				1158	static void
				1159	mm_session_close(Session *s)
				1160	{
Damien Miller	04bd8b0	2003-05-25 14:38:33 +1000	[diff] [blame]	1161	debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1162	if (s->ttyfd != -1) {
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1163	debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1164	fatal_remove_cleanup(session_pty_cleanup2, (void *)s);
				1165	session_pty_cleanup2(s);
				1166	}
				1167	s->used = 0;
				1168	}
				1169
				1170	int
				1171	mm_answer_pty(int socket, Buffer *m)
				1172	{
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1173	extern struct monitor *pmonitor;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1174	Session *s;
				1175	int res, fd0;
				1176
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1177	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1178
				1179	buffer_clear(m);
				1180	s = session_new();
				1181	if (s == NULL)
				1182	goto error;
				1183	s->authctxt = authctxt;
				1184	s->pw = authctxt->pw;
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1185	s->pid = pmonitor->m_pid;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1186	res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
				1187	if (res == 0)
				1188	goto error;
				1189	fatal_add_cleanup(session_pty_cleanup2, (void *)s);
				1190	pty_setowner(authctxt->pw, s->tty);
				1191
				1192	buffer_put_int(m, 1);
				1193	buffer_put_cstring(m, s->tty);
				1194	mm_request_send(socket, MONITOR_ANS_PTY, m);
				1195
				1196	mm_send_fd(socket, s->ptyfd);
				1197	mm_send_fd(socket, s->ttyfd);
				1198
				1199	/* We need to trick ttyslot */
				1200	if (dup2(s->ttyfd, 0) == -1)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1201	fatal("%s: dup2", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1202
				1203	mm_record_login(s, authctxt->pw);
				1204
				1205	/* Now we can close the file descriptor again */
				1206	close(0);
				1207
				1208	/* make sure nothing uses fd 0 */
				1209	if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1210	fatal("%s: open(/dev/null): %s", __func__, strerror(errno));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1211	if (fd0 != 0)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1212	error("%s: fd0 %d != 0", __func__, fd0);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1213
				1214	/* slave is not needed */
				1215	close(s->ttyfd);
				1216	s->ttyfd = s->ptyfd;
				1217	/* no need to dup() because nobody closes ptyfd */
				1218	s->ptymaster = s->ptyfd;
				1219
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1220	debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1221
				1222	return (0);
				1223
				1224	error:
				1225	if (s != NULL)
				1226	mm_session_close(s);
				1227	buffer_put_int(m, 0);
				1228	mm_request_send(socket, MONITOR_ANS_PTY, m);
				1229	return (0);
				1230	}
				1231
				1232	int
				1233	mm_answer_pty_cleanup(int socket, Buffer *m)
				1234	{
				1235	Session *s;
				1236	char *tty;
				1237
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1238	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1239
				1240	tty = buffer_get_string(m, NULL);
				1241	if ((s = session_by_tty(tty)) != NULL)
				1242	mm_session_close(s);
				1243	buffer_clear(m);
				1244	xfree(tty);
				1245	return (0);
				1246	}
				1247
				1248	int
				1249	mm_answer_sesskey(int socket, Buffer *m)
				1250	{
				1251	BIGNUM *p;
				1252	int rsafail;
				1253
				1254	/* Turn off permissions */
				1255	monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1);
				1256
				1257	if ((p = BN_new()) == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1258	fatal("%s: BN_new", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1259
				1260	buffer_get_bignum2(m, p);
				1261
				1262	rsafail = ssh1_session_key(p);
				1263
				1264	buffer_clear(m);
				1265	buffer_put_int(m, rsafail);
				1266	buffer_put_bignum2(m, p);
				1267
				1268	BN_clear_free(p);
				1269
				1270	mm_request_send(socket, MONITOR_ANS_SESSKEY, m);
				1271
				1272	/* Turn on permissions for sessid passing */
				1273	monitor_permit(mon_dispatch, MONITOR_REQ_SESSID, 1);
				1274
				1275	return (0);
				1276	}
				1277
				1278	int
				1279	mm_answer_sessid(int socket, Buffer *m)
				1280	{
				1281	int i;
				1282
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1283	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1284
				1285	if (buffer_len(m) != 16)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1286	fatal("%s: bad ssh1 session id", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1287	for (i = 0; i < 16; i++)
				1288	session_id[i] = buffer_get_char(m);
				1289
				1290	/* Turn on permissions for getpwnam */
				1291	monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
				1292
				1293	return (0);
				1294	}
				1295
				1296	int
				1297	mm_answer_rsa_keyallowed(int socket, Buffer *m)
				1298	{
				1299	BIGNUM *client_n;
				1300	Key *key = NULL;
				1301	u_char *blob = NULL;
				1302	u_int blen = 0;
				1303	int allowed = 0;
				1304
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1305	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1306
Ben Lindstrom	dcf6bfb	2002-06-06 20:57:17 +0000	[diff] [blame]	1307	if (options.rsa_authentication && authctxt->valid) {
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1308	if ((client_n = BN_new()) == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1309	fatal("%s: BN_new", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1310	buffer_get_bignum2(m, client_n);
				1311	allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key);
				1312	BN_clear_free(client_n);
				1313	}
				1314	buffer_clear(m);
				1315	buffer_put_int(m, allowed);
Damien Miller	06ebedf	2003-02-24 12:03:38 +1100	[diff] [blame]	1316	buffer_put_int(m, forced_command != NULL);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1317
				1318	/* clear temporarily storage (used by generate challenge) */
				1319	monitor_reset_key_state();
				1320
				1321	if (allowed && key != NULL) {
				1322	key->type = KEY_RSA; /* cheat for key_to_blob */
				1323	if (key_to_blob(key, &blob, &blen) == 0)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1324	fatal("%s: key_to_blob failed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1325	buffer_put_string(m, blob, blen);
				1326
				1327	/* Save temporarily for comparison in verify */
				1328	key_blob = blob;
				1329	key_bloblen = blen;
				1330	key_blobtype = MM_RSAUSERKEY;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1331	}
Damien Miller	0011138	2003-03-10 11:21:17 +1100	[diff] [blame]	1332	if (key != NULL)
				1333	key_free(key);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1334
				1335	mm_append_debug(m);
				1336
				1337	mm_request_send(socket, MONITOR_ANS_RSAKEYALLOWED, m);
				1338
				1339	monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
				1340	monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 0);
				1341	return (0);
				1342	}
				1343
				1344	int
				1345	mm_answer_rsa_challenge(int socket, Buffer *m)
				1346	{
				1347	Key *key = NULL;
				1348	u_char *blob;
				1349	u_int blen;
				1350
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1351	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1352
				1353	if (!authctxt->valid)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1354	fatal("%s: authctxt not valid", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1355	blob = buffer_get_string(m, &blen);
				1356	if (!monitor_allowed_key(blob, blen))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1357	fatal("%s: bad key, not previously allowed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1358	if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1359	fatal("%s: key type mismatch", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1360	if ((key = key_from_blob(blob, blen)) == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1361	fatal("%s: received bad key", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1362
				1363	if (ssh1_challenge)
				1364	BN_clear_free(ssh1_challenge);
				1365	ssh1_challenge = auth_rsa_generate_challenge(key);
				1366
				1367	buffer_clear(m);
				1368	buffer_put_bignum2(m, ssh1_challenge);
				1369
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1370	debug3("%s sending reply", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1371	mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m);
				1372
				1373	monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
Damien Miller	0011138	2003-03-10 11:21:17 +1100	[diff] [blame]	1374
				1375	xfree(blob);
				1376	key_free(key);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1377	return (0);
				1378	}
				1379
				1380	int
				1381	mm_answer_rsa_response(int socket, Buffer *m)
				1382	{
				1383	Key *key = NULL;
				1384	u_char blob, response;
				1385	u_int blen, len;
				1386	int success;
				1387
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1388	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1389
				1390	if (!authctxt->valid)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1391	fatal("%s: authctxt not valid", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1392	if (ssh1_challenge == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1393	fatal("%s: no ssh1_challenge", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1394
				1395	blob = buffer_get_string(m, &blen);
				1396	if (!monitor_allowed_key(blob, blen))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1397	fatal("%s: bad key, not previously allowed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1398	if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1399	fatal("%s: key type mismatch: %d", __func__, key_blobtype);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1400	if ((key = key_from_blob(blob, blen)) == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1401	fatal("%s: received bad key", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1402	response = buffer_get_string(m, &len);
				1403	if (len != 16)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1404	fatal("%s: received bad response to challenge", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1405	success = auth_rsa_verify_response(key, ssh1_challenge, response);
				1406
Damien Miller	0011138	2003-03-10 11:21:17 +1100	[diff] [blame]	1407	xfree(blob);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1408	key_free(key);
				1409	xfree(response);
				1410
				1411	auth_method = key_blobtype == MM_RSAUSERKEY ? "rsa" : "rhosts-rsa";
				1412
				1413	/* reset state */
				1414	BN_clear_free(ssh1_challenge);
				1415	ssh1_challenge = NULL;
				1416	monitor_reset_key_state();
				1417
				1418	buffer_clear(m);
				1419	buffer_put_int(m, success);
				1420	mm_request_send(socket, MONITOR_ANS_RSARESPONSE, m);
				1421
				1422	return (success);
				1423	}
				1424
Damien Miller	25162f2	2002-09-12 09:47:29 +1000	[diff] [blame]	1425	#ifdef KRB5
				1426	int
				1427	mm_answer_krb5(int socket, Buffer *m)
				1428	{
				1429	krb5_data tkt, reply;
				1430	char *client_user;
				1431	u_int len;
				1432	int success;
				1433
				1434	/* use temporary var to avoid size issues on 64bit arch */
				1435	tkt.data = buffer_get_string(m, &len);
				1436	tkt.length = len;
				1437
Damien Miller	ef73f50	2002-09-25 12:20:17 +1000	[diff] [blame]	1438	success = options.kerberos_authentication &&
				1439	authctxt->valid &&
Damien Miller	7db40c9	2002-09-25 12:19:39 +1000	[diff] [blame]	1440	auth_krb5(authctxt, &tkt, &client_user, &reply);
Damien Miller	25162f2	2002-09-12 09:47:29 +1000	[diff] [blame]	1441
				1442	if (tkt.length)
				1443	xfree(tkt.data);
				1444
				1445	buffer_clear(m);
				1446	buffer_put_int(m, success);
				1447
				1448	if (success) {
				1449	buffer_put_cstring(m, client_user);
				1450	buffer_put_string(m, reply.data, reply.length);
				1451	if (client_user)
				1452	xfree(client_user);
				1453	if (reply.length)
				1454	xfree(reply.data);
				1455	}
				1456	mm_request_send(socket, MONITOR_ANS_KRB5, m);
				1457
Damien Miller	3ab496b	2003-05-14 13:47:37 +1000	[diff] [blame]	1458	auth_method = "kerberos";
				1459
Damien Miller	25162f2	2002-09-12 09:47:29 +1000	[diff] [blame]	1460	return success;
				1461	}
				1462	#endif
				1463
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1464	int
				1465	mm_answer_term(int socket, Buffer *req)
				1466	{
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1467	extern struct monitor *pmonitor;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1468	int res, status;
				1469
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1470	debug3("%s: tearing down sessions", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1471
				1472	/* The child is terminating */
				1473	session_destroy_all(&mm_session_close);
				1474
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1475	while (waitpid(pmonitor->m_pid, &status, 0) == -1)
Ben Lindstrom	47fd811	2002-04-02 20:48:19 +0000	[diff] [blame]	1476	if (errno != EINTR)
				1477	exit(1);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1478
				1479	res = WIFEXITED(status) ? WEXITSTATUS(status) : 1;
				1480
				1481	/* Terminate process */
				1482	exit (res);
				1483	}
				1484
				1485	void
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1486	monitor_apply_keystate(struct monitor *pmonitor)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1487	{
				1488	if (compat20) {
				1489	set_newkeys(MODE_IN);
				1490	set_newkeys(MODE_OUT);
				1491	} else {
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1492	packet_set_protocol_flags(child_state.ssh1protoflags);
Ben Lindstrom	402c6cc	2002-06-21 00:43:42 +0000	[diff] [blame]	1493	packet_set_encryption_key(child_state.ssh1key,
				1494	child_state.ssh1keylen, child_state.ssh1cipher);
				1495	xfree(child_state.ssh1key);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1496	}
				1497
Ben Lindstrom	402c6cc	2002-06-21 00:43:42 +0000	[diff] [blame]	1498	/* for rc4 and other stateful ciphers */
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1499	packet_set_keycontext(MODE_OUT, child_state.keyout);
				1500	xfree(child_state.keyout);
				1501	packet_set_keycontext(MODE_IN, child_state.keyin);
				1502	xfree(child_state.keyin);
				1503
				1504	if (!compat20) {
				1505	packet_set_iv(MODE_OUT, child_state.ivout);
				1506	xfree(child_state.ivout);
				1507	packet_set_iv(MODE_IN, child_state.ivin);
				1508	xfree(child_state.ivin);
				1509	}
				1510
				1511	memcpy(&incoming_stream, &child_state.incoming,
				1512	sizeof(incoming_stream));
				1513	memcpy(&outgoing_stream, &child_state.outgoing,
				1514	sizeof(outgoing_stream));
				1515
				1516	/* Update with new address */
Damien Miller	2d6b833	2002-06-21 15:59:49 +1000	[diff] [blame]	1517	if (options.compression)
				1518	mm_init_compression(pmonitor->m_zlib);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1519
				1520	/* Network I/O buffers */
				1521	/* XXX inefficient for large buffers, need: buffer_init_from_string */
				1522	buffer_clear(&input);
				1523	buffer_append(&input, child_state.input, child_state.ilen);
				1524	memset(child_state.input, 0, child_state.ilen);
				1525	xfree(child_state.input);
				1526
				1527	buffer_clear(&output);
				1528	buffer_append(&output, child_state.output, child_state.olen);
				1529	memset(child_state.output, 0, child_state.olen);
				1530	xfree(child_state.output);
				1531	}
				1532
				1533	static Kex *
				1534	mm_get_kex(Buffer *m)
				1535	{
				1536	Kex *kex;
				1537	void *blob;
				1538	u_int bloblen;
				1539
				1540	kex = xmalloc(sizeof(*kex));
				1541	memset(kex, 0, sizeof(*kex));
				1542	kex->session_id = buffer_get_string(m, &kex->session_id_len);
Ben Lindstrom	f67e077	2002-06-06 20:58:19 +0000	[diff] [blame]	1543	if ((session_id2 == NULL) \|\|
				1544	(kex->session_id_len != session_id2_len) \|\|
				1545	(memcmp(kex->session_id, session_id2, session_id2_len) != 0))
				1546	fatal("mm_get_get: internal error: bad session id");
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1547	kex->we_need = buffer_get_int(m);
Damien Miller	b062c29	2003-03-24 09:12:09 +1100	[diff] [blame]	1548	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
				1549	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1550	kex->server = 1;
				1551	kex->hostkey_type = buffer_get_int(m);
				1552	kex->kex_type = buffer_get_int(m);
				1553	blob = buffer_get_string(m, &bloblen);
				1554	buffer_init(&kex->my);
				1555	buffer_append(&kex->my, blob, bloblen);
				1556	xfree(blob);
				1557	blob = buffer_get_string(m, &bloblen);
				1558	buffer_init(&kex->peer);
				1559	buffer_append(&kex->peer, blob, bloblen);
				1560	xfree(blob);
				1561	kex->done = 1;
				1562	kex->flags = buffer_get_int(m);
				1563	kex->client_version_string = buffer_get_string(m, NULL);
				1564	kex->server_version_string = buffer_get_string(m, NULL);
				1565	kex->load_host_key=&get_hostkey_by_type;
				1566	kex->host_key_index=&get_hostkey_index;
				1567
				1568	return (kex);
				1569	}
				1570
				1571	/* This function requries careful sanity checking */
				1572
				1573	void
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1574	mm_get_keystate(struct monitor *pmonitor)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1575	{
				1576	Buffer m;
				1577	u_char blob, p;
				1578	u_int bloblen, plen;
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	1579	u_int32_t seqnr, packets;
				1580	u_int64_t blocks;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1581
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1582	debug3("%s: Waiting for new keys", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1583
				1584	buffer_init(&m);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1585	mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1586	if (!compat20) {
				1587	child_state.ssh1protoflags = buffer_get_int(&m);
				1588	child_state.ssh1cipher = buffer_get_int(&m);
Ben Lindstrom	402c6cc	2002-06-21 00:43:42 +0000	[diff] [blame]	1589	child_state.ssh1key = buffer_get_string(&m,
				1590	&child_state.ssh1keylen);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1591	child_state.ivout = buffer_get_string(&m,
				1592	&child_state.ivoutlen);
				1593	child_state.ivin = buffer_get_string(&m, &child_state.ivinlen);
				1594	goto skip;
				1595	} else {
				1596	/* Get the Kex for rekeying */
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	1597	*pmonitor->m_pkex = mm_get_kex(&m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1598	}
				1599
				1600	blob = buffer_get_string(&m, &bloblen);
				1601	current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);
				1602	xfree(blob);
				1603
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1604	debug3("%s: Waiting for second key", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1605	blob = buffer_get_string(&m, &bloblen);
				1606	current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);
				1607	xfree(blob);
				1608
				1609	/* Now get sequence numbers for the packets */
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	1610	seqnr = buffer_get_int(&m);
				1611	blocks = buffer_get_int64(&m);
				1612	packets = buffer_get_int(&m);
				1613	packet_set_state(MODE_OUT, seqnr, blocks, packets);
				1614	seqnr = buffer_get_int(&m);
				1615	blocks = buffer_get_int64(&m);
				1616	packets = buffer_get_int(&m);
				1617	packet_set_state(MODE_IN, seqnr, blocks, packets);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1618
				1619	skip:
				1620	/* Get the key context */
				1621	child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen);
				1622	child_state.keyin = buffer_get_string(&m, &child_state.keyinlen);
				1623
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1624	debug3("%s: Getting compression state", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1625	/* Get compression state */
				1626	p = buffer_get_string(&m, &plen);
				1627	if (plen != sizeof(child_state.outgoing))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1628	fatal("%s: bad request size", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1629	memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing));
				1630	xfree(p);
				1631
				1632	p = buffer_get_string(&m, &plen);
				1633	if (plen != sizeof(child_state.incoming))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1634	fatal("%s: bad request size", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1635	memcpy(&child_state.incoming, p, sizeof(child_state.incoming));
				1636	xfree(p);
				1637
				1638	/* Network I/O buffers */
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1639	debug3("%s: Getting Network I/O buffers", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1640	child_state.input = buffer_get_string(&m, &child_state.ilen);
				1641	child_state.output = buffer_get_string(&m, &child_state.olen);
				1642
				1643	buffer_free(&m);
				1644	}
				1645
				1646
				1647	/* Allocation functions for zlib */
				1648	void *
				1649	mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
				1650	{
Ben Lindstrom	41ee2b0	2002-11-09 15:47:47 +0000	[diff] [blame]	1651	size_t len = (size_t) size * ncount;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1652	void *address;
				1653
Ben Lindstrom	0a4f754	2002-08-20 18:36:25 +0000	[diff] [blame]	1654	if (len == 0 \|\| ncount > SIZE_T_MAX / size)
Damien Miller	530a754	2002-06-26 23:27:11 +1000	[diff] [blame]	1655	fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size);
				1656
				1657	address = mm_malloc(mm, len);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1658
				1659	return (address);
				1660	}
				1661
				1662	void
				1663	mm_zfree(struct mm_master mm, void address)
				1664	{
				1665	mm_free(mm, address);
				1666	}
				1667
				1668	void
				1669	mm_init_compression(struct mm_master *mm)
				1670	{
				1671	outgoing_stream.zalloc = (alloc_func)mm_zalloc;
				1672	outgoing_stream.zfree = (free_func)mm_zfree;
				1673	outgoing_stream.opaque = mm;
				1674
				1675	incoming_stream.zalloc = (alloc_func)mm_zalloc;
				1676	incoming_stream.zfree = (free_func)mm_zfree;
				1677	incoming_stream.opaque = mm;
				1678	}
				1679
				1680	/* XXX */
				1681
				1682	#define FD_CLOSEONEXEC(x) do { \
				1683	if (fcntl(x, F_SETFD, 1) == -1) \
				1684	fatal("fcntl(%d, F_SETFD)", x); \
				1685	} while (0)
				1686
				1687	static void
				1688	monitor_socketpair(int *pair)
				1689	{
Kevin Steves	fe6ca54	2002-04-10 22:04:54 +0000	[diff] [blame]	1690	#ifdef HAVE_SOCKETPAIR
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1691	if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1692	fatal("%s: socketpair", __func__);
Kevin Steves	fe6ca54	2002-04-10 22:04:54 +0000	[diff] [blame]	1693	#else
				1694	fatal("%s: UsePrivilegeSeparation=yes not supported",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	1695	__func__);
Kevin Steves	fe6ca54	2002-04-10 22:04:54 +0000	[diff] [blame]	1696	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1697	FD_CLOSEONEXEC(pair[0]);
				1698	FD_CLOSEONEXEC(pair[1]);
				1699	}
				1700
				1701	#define MM_MEMSIZE 65536
				1702
				1703	struct monitor *
				1704	monitor_init(void)
				1705	{
				1706	struct monitor *mon;
				1707	int pair[2];
				1708
				1709	mon = xmalloc(sizeof(*mon));
				1710
				1711	monitor_socketpair(pair);
				1712
				1713	mon->m_recvfd = pair[0];
				1714	mon->m_sendfd = pair[1];
				1715
				1716	/* Used to share zlib space across processes */
Damien Miller	2d6b833	2002-06-21 15:59:49 +1000	[diff] [blame]	1717	if (options.compression) {
				1718	mon->m_zback = mm_create(NULL, MM_MEMSIZE);
				1719	mon->m_zlib = mm_create(mon->m_zback, 20 * MM_MEMSIZE);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1720
Damien Miller	2d6b833	2002-06-21 15:59:49 +1000	[diff] [blame]	1721	/* Compression needs to share state across borders */
				1722	mm_init_compression(mon->m_zlib);
				1723	}
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	1724
				1725	return mon;
				1726	}
				1727
				1728	void
				1729	monitor_reinit(struct monitor *mon)
				1730	{
				1731	int pair[2];
				1732
				1733	monitor_socketpair(pair);
				1734
				1735	mon->m_recvfd = pair[0];
				1736	mon->m_sendfd = pair[1];
				1737	}