Blame - monitor_wrap.c - platform/external/openssh

blob: 64ff928850c94373627dd3b749e34945dd40faa5 [file] [log] [blame]

markus@openbsd.org	6cb6dcf	2016-08-13 17:47:40 +0000	[diff] [blame]	1	/* $OpenBSD: monitor_wrap.c,v 1.89 2016/08/13 17:47:41 markus Exp $ */
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	2	/*
				3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
				4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
				5	* All rights reserved.
				6	*
				7	* Redistribution and use in source and binary forms, with or without
				8	* modification, are permitted provided that the following conditions
				9	* are met:
				10	* 1. Redistributions of source code must retain the above copyright
				11	* notice, this list of conditions and the following disclaimer.
				12	* 2. Redistributions in binary form must reproduce the above copyright
				13	* notice, this list of conditions and the following disclaimer in the
				14	* documentation and/or other materials provided with the distribution.
				15	*
				16	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
				17	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
				18	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
				19	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
				20	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
				21	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
				22	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
				23	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
				24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
				25	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
				26	*/
				27
				28	#include "includes.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	29
Damien Miller	9f2abc4	2006-07-10 20:53:08 +1000	[diff] [blame]	30	#include <sys/types.h>
Darren Tucker	1a3d6e7	2006-08-05 18:46:47 +1000	[diff] [blame]	31	#include <sys/uio.h>
Damien Miller	9f2abc4	2006-07-10 20:53:08 +1000	[diff] [blame]	32
Darren Tucker	3997249	2006-07-12 22:22:46 +1000	[diff] [blame]	33	#include <errno.h>
Damien Miller	9f2abc4	2006-07-10 20:53:08 +1000	[diff] [blame]	34	#include <pwd.h>
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	35	#include <signal.h>
Damien Miller	ded319c	2006-09-01 15:38:36 +1000	[diff] [blame]	36	#include <stdarg.h>
Damien Miller	a7a73ee	2006-08-05 11:37:59 +1000	[diff] [blame]	37	#include <stdio.h>
Damien Miller	e3476ed	2006-07-24 14:13:33 +1000	[diff] [blame]	38	#include <string.h>
Darren Tucker	1a3d6e7	2006-08-05 18:46:47 +1000	[diff] [blame]	39	#include <unistd.h>
Damien Miller	9f2abc4	2006-07-10 20:53:08 +1000	[diff] [blame]	40
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	41	#ifdef WITH_OPENSSL
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	42	#include <openssl/bn.h>
				43	#include <openssl/dh.h>
Damien Miller	01ed227	2008-11-05 16:20:46 +1100	[diff] [blame]	44	#include <openssl/evp.h>
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	45	#endif
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	46
Damien Miller	b84886b	2008-05-19 15:05:07 +1000	[diff] [blame]	47	#include "openbsd-compat/sys-queue.h"
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	48	#include "xmalloc.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	49	#include "ssh.h"
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	50	#ifdef WITH_OPENSSL
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	51	#include "dh.h"
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	52	#endif
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	53	#include "buffer.h"
				54	#include "key.h"
				55	#include "cipher.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	56	#include "kex.h"
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	57	#include "hostfile.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	58	#include "auth.h"
Damien Miller	06ebedf	2003-02-24 12:03:38 +1100	[diff] [blame]	59	#include "auth-options.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	60	#include "packet.h"
				61	#include "mac.h"
				62	#include "log.h"
Darren Tucker	01558b7	2016-07-18 09:33:25 +1000	[diff] [blame]	63	#include "auth-pam.h"
Ben Lindstrom	036768e	2004-04-08 16:12:30 +0000	[diff] [blame]	64	#ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */
				65	#undef TARGET_OS_MAC
Ben Lindstrom	1b9f2a6	2004-04-08 05:11:03 +0000	[diff] [blame]	66	#include "zlib.h"
Ben Lindstrom	036768e	2004-04-08 16:12:30 +0000	[diff] [blame]	67	#define TARGET_OS_MAC 1
				68	#else
				69	#include "zlib.h"
				70	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	71	#include "monitor.h"
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	72	#ifdef GSSAPI
				73	#include "ssh-gss.h"
				74	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	75	#include "monitor_wrap.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	76	#include "atomicio.h"
				77	#include "monitor_fdpass.h"
Damien Miller	3f94188	2006-03-31 23:13:02 +1100	[diff] [blame]	78	#include "misc.h"
Damien Miller	eb8b60e	2010-08-31 22:41:14 +1000	[diff] [blame]	79	#include "uuencode.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	80
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	81	#include "channels.h"
				82	#include "session.h"
Darren Tucker	1629c07	2007-02-19 22:25:37 +1100	[diff] [blame]	83	#include "servconf.h"
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	84
markus@openbsd.org	091c302	2015-01-19 19:52:16 +0000	[diff] [blame]	85	#include "ssherr.h"
				86
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	87	/* Imports */
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	88	extern z_stream incoming_stream;
				89	extern z_stream outgoing_stream;
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	90	extern struct monitor *pmonitor;
Darren Tucker	0999174	2004-07-17 17:05:14 +1000	[diff] [blame]	91	extern Buffer loginmsg;
Damien Miller	4e448a3	2003-05-14 15:11:48 +1000	[diff] [blame]	92	extern ServerOptions options;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	93
Damien Miller	8f0bf23	2011-06-20 14:42:23 +1000	[diff] [blame]	94	void
				95	mm_log_handler(LogLevel level, const char msg, void ctx)
				96	{
				97	Buffer log_msg;
				98	struct monitor mon = (struct monitor )ctx;
				99
				100	if (mon->m_log_sendfd == -1)
				101	fatal("%s: no log channel", __func__);
				102
				103	buffer_init(&log_msg);
				104	/*
				105	* Placeholder for packet length. Will be filled in with the actual
				106	* packet length once the packet has been constucted. This saves
				107	* fragile math.
				108	*/
				109	buffer_put_int(&log_msg, 0);
				110
				111	buffer_put_int(&log_msg, level);
				112	buffer_put_cstring(&log_msg, msg);
				113	put_u32(buffer_ptr(&log_msg), buffer_len(&log_msg) - 4);
				114	if (atomicio(vwrite, mon->m_log_sendfd, buffer_ptr(&log_msg),
				115	buffer_len(&log_msg)) != buffer_len(&log_msg))
				116	fatal("%s: write: %s", __func__, strerror(errno));
				117	buffer_free(&log_msg);
				118	}
				119
Darren Tucker	3e33cec	2003-10-02 16:12:36 +1000	[diff] [blame]	120	int
				121	mm_is_monitor(void)
				122	{
				123	/*
				124	* m_pid is only set in the privileged part, and
				125	* points to the unprivileged child.
				126	*/
Darren Tucker	a47c9bc	2003-11-03 20:03:25 +1100	[diff] [blame]	127	return (pmonitor && pmonitor->m_pid > 0);
Darren Tucker	3e33cec	2003-10-02 16:12:36 +1000	[diff] [blame]	128	}
				129
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	130	void
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	131	mm_request_send(int sock, enum monitor_reqtype type, Buffer *m)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	132	{
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	133	u_int mlen = buffer_len(m);
Ben Lindstrom	b1bdc5a	2002-07-04 00:09:26 +0000	[diff] [blame]	134	u_char buf[5];
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	135
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	136	debug3("%s entering: type %d", __func__, type);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	137
Damien Miller	3f94188	2006-03-31 23:13:02 +1100	[diff] [blame]	138	put_u32(buf, mlen + 1);
Ben Lindstrom	cb72e4f	2002-06-21 00:41:51 +0000	[diff] [blame]	139	buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	140	if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf))
Damien Miller	b253cc4	2005-05-26 12:23:44 +1000	[diff] [blame]	141	fatal("%s: write: %s", __func__, strerror(errno));
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	142	if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen)
Damien Miller	b253cc4	2005-05-26 12:23:44 +1000	[diff] [blame]	143	fatal("%s: write: %s", __func__, strerror(errno));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	144	}
				145
				146	void
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	147	mm_request_receive(int sock, Buffer *m)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	148	{
				149	u_char buf[4];
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	150	u_int msg_len;
				151
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	152	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	153
Damien Miller	b253cc4	2005-05-26 12:23:44 +1000	[diff] [blame]	154	if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) {
Damien Miller	4d24b3b	2015-03-20 09:11:59 +1100	[diff] [blame]	155	if (errno == EPIPE)
Darren Tucker	3e33cec	2003-10-02 16:12:36 +1000	[diff] [blame]	156	cleanup_exit(255);
Damien Miller	b253cc4	2005-05-26 12:23:44 +1000	[diff] [blame]	157	fatal("%s: read: %s", __func__, strerror(errno));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	158	}
Damien Miller	3f94188	2006-03-31 23:13:02 +1100	[diff] [blame]	159	msg_len = get_u32(buf);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	160	if (msg_len > 256 * 1024)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	161	fatal("%s: read: bad msg_len %d", __func__, msg_len);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	162	buffer_clear(m);
				163	buffer_append_space(m, msg_len);
Damien Miller	b253cc4	2005-05-26 12:23:44 +1000	[diff] [blame]	164	if (atomicio(read, sock, buffer_ptr(m), msg_len) != msg_len)
				165	fatal("%s: read: %s", __func__, strerror(errno));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	166	}
				167
				168	void
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	169	mm_request_receive_expect(int sock, enum monitor_reqtype type, Buffer *m)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	170	{
				171	u_char rtype;
				172
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	173	debug3("%s entering: type %d", __func__, type);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	174
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	175	mm_request_receive(sock, m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	176	rtype = buffer_get_char(m);
				177	if (rtype != type)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	178	fatal("%s: read: rtype %d != type %d", __func__,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	179	rtype, type);
				180	}
				181
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	182	#ifdef WITH_OPENSSL
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	183	DH *
				184	mm_choose_dh(int min, int nbits, int max)
				185	{
				186	BIGNUM p, g;
				187	int success = 0;
				188	Buffer m;
				189
				190	buffer_init(&m);
				191	buffer_put_int(&m, min);
				192	buffer_put_int(&m, nbits);
				193	buffer_put_int(&m, max);
				194
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	195	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	196
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	197	debug3("%s: waiting for MONITOR_ANS_MODULI", __func__);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	198	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	199
				200	success = buffer_get_char(&m);
				201	if (success == 0)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	202	fatal("%s: MONITOR_ANS_MODULI failed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	203
				204	if ((p = BN_new()) == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	205	fatal("%s: BN_new failed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	206	if ((g = BN_new()) == NULL)
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	207	fatal("%s: BN_new failed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	208	buffer_get_bignum2(&m, p);
				209	buffer_get_bignum2(&m, g);
				210
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	211	debug3("%s: remaining %d", __func__, buffer_len(&m));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	212	buffer_free(&m);
				213
				214	return (dh_new_group(g, p));
				215	}
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	216	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	217
				218	int
djm@openbsd.org	523463a	2015-02-16 22:13:32 +0000	[diff] [blame]	219	mm_key_sign(Key key, u_char sigp, u_int lenp,
markus@openbsd.org	76c9fbb	2015-12-04 16:41:28 +0000	[diff] [blame]	220	const u_char data, u_int datalen, const char hostkey_alg)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	221	{
markus@openbsd.org	57d10cb	2015-01-19 20:16:15 +0000	[diff] [blame]	222	struct kex kex = pmonitor->m_pkex;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	223	Buffer m;
				224
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	225	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	226
				227	buffer_init(&m);
djm@openbsd.org	523463a	2015-02-16 22:13:32 +0000	[diff] [blame]	228	buffer_put_int(&m, kex->host_key_index(key, 0, active_state));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	229	buffer_put_string(&m, data, datalen);
markus@openbsd.org	76c9fbb	2015-12-04 16:41:28 +0000	[diff] [blame]	230	buffer_put_cstring(&m, hostkey_alg);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	231
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	232	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	233
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	234	debug3("%s: waiting for MONITOR_ANS_SIGN", __func__);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	235	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	236	*sigp = buffer_get_string(&m, lenp);
				237	buffer_free(&m);
				238
				239	return (0);
				240	}
				241
				242	struct passwd *
Darren Tucker	b09b677	2004-06-22 15:06:46 +1000	[diff] [blame]	243	mm_getpwnamallow(const char *username)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	244	{
				245	Buffer m;
				246	struct passwd *pw;
Damien Miller	d8478b6	2011-05-29 21:39:36 +1000	[diff] [blame]	247	u_int len, i;
Darren Tucker	1629c07	2007-02-19 22:25:37 +1100	[diff] [blame]	248	ServerOptions *newopts;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	249
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	250	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	251
				252	buffer_init(&m);
Darren Tucker	b09b677	2004-06-22 15:06:46 +1000	[diff] [blame]	253	buffer_put_cstring(&m, username);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	254
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	255	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	256
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	257	debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	258	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	259
				260	if (buffer_get_char(&m) == 0) {
Darren Tucker	2f8b3d9	2007-12-02 23:02:15 +1100	[diff] [blame]	261	pw = NULL;
				262	goto out;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	263	}
Darren Tucker	1629c07	2007-02-19 22:25:37 +1100	[diff] [blame]	264	pw = buffer_get_string(&m, &len);
				265	if (len != sizeof(struct passwd))
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	266	fatal("%s: struct passwd size mismatch", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	267	pw->pw_name = buffer_get_string(&m, NULL);
				268	pw->pw_passwd = buffer_get_string(&m, NULL);
Damien Miller	6332da2	2013-04-23 14:25:52 +1000	[diff] [blame]	269	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	270	pw->pw_gecos = buffer_get_string(&m, NULL);
Damien Miller	6332da2	2013-04-23 14:25:52 +1000	[diff] [blame]	271	#endif
				272	#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	273	pw->pw_class = buffer_get_string(&m, NULL);
Kevin Steves	7e14760	2002-03-22 18:07:17 +0000	[diff] [blame]	274	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	275	pw->pw_dir = buffer_get_string(&m, NULL);
				276	pw->pw_shell = buffer_get_string(&m, NULL);
Darren Tucker	1629c07	2007-02-19 22:25:37 +1100	[diff] [blame]	277
Darren Tucker	2f8b3d9	2007-12-02 23:02:15 +1100	[diff] [blame]	278	out:
Darren Tucker	1629c07	2007-02-19 22:25:37 +1100	[diff] [blame]	279	/* copy options block as a Match directive may have changed some */
				280	newopts = buffer_get_string(&m, &len);
				281	if (len != sizeof(*newopts))
				282	fatal("%s: option block size mismatch", __func__);
Damien Miller	f2e407e	2011-05-20 19:04:14 +1000	[diff] [blame]	283
				284	#define M_CP_STROPT(x) do { \
				285	if (newopts->x != NULL) \
				286	newopts->x = buffer_get_string(&m, NULL); \
				287	} while (0)
Damien Miller	d8478b6	2011-05-29 21:39:36 +1000	[diff] [blame]	288	#define M_CP_STRARRAYOPT(x, nx) do { \
				289	for (i = 0; i < newopts->nx; i++) \
				290	newopts->x[i] = buffer_get_string(&m, NULL); \
				291	} while (0)
Damien Miller	f2e407e	2011-05-20 19:04:14 +1000	[diff] [blame]	292	/* See comment in servconf.h */
				293	COPY_MATCH_STRING_OPTS();
				294	#undef M_CP_STROPT
Damien Miller	d8478b6	2011-05-29 21:39:36 +1000	[diff] [blame]	295	#undef M_CP_STRARRAYOPT
Damien Miller	f2e407e	2011-05-20 19:04:14 +1000	[diff] [blame]	296
Darren Tucker	1629c07	2007-02-19 22:25:37 +1100	[diff] [blame]	297	copy_set_server_options(&options, newopts, 1);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	298	free(newopts);
Darren Tucker	1629c07	2007-02-19 22:25:37 +1100	[diff] [blame]	299
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	300	buffer_free(&m);
				301
				302	return (pw);
				303	}
				304
Darren Tucker	7eb3de0	2003-10-15 15:56:58 +1000	[diff] [blame]	305	char *
				306	mm_auth2_read_banner(void)
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	307	{
				308	Buffer m;
				309	char *banner;
				310
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	311	debug3("%s entering", __func__);
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	312
				313	buffer_init(&m);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	314	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m);
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	315	buffer_clear(&m);
				316
Darren Tucker	7eb3de0	2003-10-15 15:56:58 +1000	[diff] [blame]	317	mm_request_receive_expect(pmonitor->m_recvfd,
				318	MONITOR_ANS_AUTH2_READ_BANNER, &m);
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	319	banner = buffer_get_string(&m, NULL);
				320	buffer_free(&m);
Ben Lindstrom	cb72e4f	2002-06-21 00:41:51 +0000	[diff] [blame]	321
Darren Tucker	7eb3de0	2003-10-15 15:56:58 +1000	[diff] [blame]	322	/* treat empty banner as missing banner */
				323	if (strlen(banner) == 0) {
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	324	free(banner);
Darren Tucker	7eb3de0	2003-10-15 15:56:58 +1000	[diff] [blame]	325	banner = NULL;
				326	}
Damien Miller	5ad9fd9	2002-05-13 11:07:41 +1000	[diff] [blame]	327	return (banner);
				328	}
				329
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	330	/* Inform the privileged process about service and style */
				331
				332	void
				333	mm_inform_authserv(char service, char style)
				334	{
				335	Buffer m;
				336
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	337	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	338
				339	buffer_init(&m);
				340	buffer_put_cstring(&m, service);
				341	buffer_put_cstring(&m, style ? style : "");
				342
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	343	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	344
				345	buffer_free(&m);
				346	}
				347
				348	/* Do the password authentication */
				349	int
				350	mm_auth_password(Authctxt authctxt, char password)
				351	{
				352	Buffer m;
				353	int authenticated = 0;
				354
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	355	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	356
				357	buffer_init(&m);
				358	buffer_put_cstring(&m, password);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	359	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	360
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	361	debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	362	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	363
				364	authenticated = buffer_get_int(&m);
Darren Tucker	01558b7	2016-07-18 09:33:25 +1000	[diff] [blame]	365	#ifdef USE_PAM
				366	sshpam_set_maxtries_reached(buffer_get_int(&m));
				367	#endif
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	368
				369	buffer_free(&m);
				370
				371	debug3("%s: user %sauthenticated",
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	372	__func__, authenticated ? "" : "not ");
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	373	return (authenticated);
				374	}
				375
				376	int
djm@openbsd.org	179be0f	2015-05-01 03:23:51 +0000	[diff] [blame]	377	mm_user_key_allowed(struct passwd pw, Key key, int pubkey_auth_attempt)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	378	{
djm@openbsd.org	179be0f	2015-05-01 03:23:51 +0000	[diff] [blame]	379	return (mm_key_allowed(MM_USERKEY, NULL, NULL, key,
				380	pubkey_auth_attempt));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	381	}
				382
				383	int
djm@openbsd.org	9576726	2016-03-07 19:02:43 +0000	[diff] [blame]	384	mm_hostbased_key_allowed(struct passwd pw, const char user, const char *host,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	385	Key *key)
				386	{
djm@openbsd.org	179be0f	2015-05-01 03:23:51 +0000	[diff] [blame]	387	return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	388	}
				389
				390	int
djm@openbsd.org	9576726	2016-03-07 19:02:43 +0000	[diff] [blame]	391	mm_key_allowed(enum mm_keytype type, const char user, const char host,
				392	Key *key, int pubkey_auth_attempt)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	393	{
				394	Buffer m;
				395	u_char *blob;
				396	u_int len;
Damien Miller	06ebedf	2003-02-24 12:03:38 +1100	[diff] [blame]	397	int allowed = 0, have_forced = 0;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	398
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	399	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	400
				401	/* Convert the key to a blob and the pass it over */
				402	if (!key_to_blob(key, &blob, &len))
				403	return (0);
				404
				405	buffer_init(&m);
				406	buffer_put_int(&m, type);
				407	buffer_put_cstring(&m, user ? user : "");
				408	buffer_put_cstring(&m, host ? host : "");
				409	buffer_put_string(&m, blob, len);
djm@openbsd.org	179be0f	2015-05-01 03:23:51 +0000	[diff] [blame]	410	buffer_put_int(&m, pubkey_auth_attempt);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	411	free(blob);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	412
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	413	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	414
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	415	debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	416	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	417
				418	allowed = buffer_get_int(&m);
				419
Damien Miller	06ebedf	2003-02-24 12:03:38 +1100	[diff] [blame]	420	/* fake forced command */
				421	auth_clear_options();
				422	have_forced = buffer_get_int(&m);
				423	forced_command = have_forced ? xstrdup("true") : NULL;
				424
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	425	buffer_free(&m);
				426
				427	return (allowed);
				428	}
				429
				430	/*
				431	* This key verify needs to send the key type along, because the
				432	* privileged parent makes the decision if the key is allowed
				433	* for authentication.
				434	*/
				435
				436	int
				437	mm_key_verify(Key key, u_char sig, u_int siglen, u_char *data, u_int datalen)
				438	{
				439	Buffer m;
				440	u_char *blob;
				441	u_int len;
				442	int verified = 0;
				443
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	444	debug3("%s entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	445
				446	/* Convert the key to a blob and the pass it over */
				447	if (!key_to_blob(key, &blob, &len))
				448	return (0);
				449
				450	buffer_init(&m);
				451	buffer_put_string(&m, blob, len);
				452	buffer_put_string(&m, sig, siglen);
				453	buffer_put_string(&m, data, datalen);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	454	free(blob);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	455
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	456	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	457
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	458	debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	459	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	460
				461	verified = buffer_get_int(&m);
				462
				463	buffer_free(&m);
				464
				465	return (verified);
				466	}
				467
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	468	void
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	469	mm_send_keystate(struct monitor *monitor)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	470	{
markus@openbsd.org	091c302	2015-01-19 19:52:16 +0000	[diff] [blame]	471	struct ssh ssh = active_state; / XXX */
				472	struct sshbuf *m;
				473	int r;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	474
markus@openbsd.org	091c302	2015-01-19 19:52:16 +0000	[diff] [blame]	475	if ((m = sshbuf_new()) == NULL)
				476	fatal("%s: sshbuf_new failed", __func__);
				477	if ((r = ssh_packet_get_state(ssh, m)) != 0)
				478	fatal("%s: get_state failed: %s",
				479	__func__, ssh_err(r));
				480	mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, m);
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	481	debug3("%s: Finished sending state", __func__);
markus@openbsd.org	091c302	2015-01-19 19:52:16 +0000	[diff] [blame]	482	sshbuf_free(m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	483	}
				484
				485	int
Damien Miller	71a7367	2006-03-26 14:04:36 +1100	[diff] [blame]	486	mm_pty_allocate(int ptyfd, int ttyfd, char *namebuf, size_t namebuflen)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	487	{
				488	Buffer m;
Darren Tucker	0999174	2004-07-17 17:05:14 +1000	[diff] [blame]	489	char p, msg;
Damien Miller	7207f64	2008-05-19 15:34:50 +1000	[diff] [blame]	490	int success = 0, tmp1 = -1, tmp2 = -1;
				491
				492	/* Kludge: ensure there are fds free to receive the pty/tty */
				493	if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 \|\|
				494	(tmp2 = dup(pmonitor->m_recvfd)) == -1) {
				495	error("%s: cannot allocate fds for pty", __func__);
				496	if (tmp1 > 0)
				497	close(tmp1);
				498	if (tmp2 > 0)
				499	close(tmp2);
				500	return 0;
				501	}
				502	close(tmp1);
				503	close(tmp2);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	504
				505	buffer_init(&m);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	506	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	507
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	508	debug3("%s: waiting for MONITOR_ANS_PTY", __func__);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	509	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	510
				511	success = buffer_get_int(&m);
				512	if (success == 0) {
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	513	debug3("%s: pty alloc failed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	514	buffer_free(&m);
				515	return (0);
				516	}
				517	p = buffer_get_string(&m, NULL);
Darren Tucker	0999174	2004-07-17 17:05:14 +1000	[diff] [blame]	518	msg = buffer_get_string(&m, NULL);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	519	buffer_free(&m);
				520
				521	strlcpy(namebuf, p, namebuflen); /* Possible truncation */
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	522	free(p);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	523
Darren Tucker	0999174	2004-07-17 17:05:14 +1000	[diff] [blame]	524	buffer_append(&loginmsg, msg, strlen(msg));
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	525	free(msg);
Darren Tucker	0999174	2004-07-17 17:05:14 +1000	[diff] [blame]	526
Damien Miller	54fd7cf	2007-09-17 12:04:08 +1000	[diff] [blame]	527	if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 \|\|
				528	(*ttyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1)
				529	fatal("%s: receive fds failed", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	530
				531	/* Success */
				532	return (1);
				533	}
				534
				535	void
Darren Tucker	3e33cec	2003-10-02 16:12:36 +1000	[diff] [blame]	536	mm_session_pty_cleanup2(Session *s)
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	537	{
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	538	Buffer m;
				539
				540	if (s->ttyfd == -1)
				541	return;
				542	buffer_init(&m);
				543	buffer_put_cstring(&m, s->tty);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	544	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	545	buffer_free(&m);
				546
				547	/* closed dup'ed master */
Damien Miller	7207f64	2008-05-19 15:34:50 +1000	[diff] [blame]	548	if (s->ptymaster != -1 && close(s->ptymaster) < 0)
				549	error("close(s->ptymaster/%d): %s",
				550	s->ptymaster, strerror(errno));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	551
				552	/* unlink pty from session */
				553	s->ttyfd = -1;
				554	}
				555
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	556	#ifdef USE_PAM
				557	void
Darren Tucker	dbf7a74	2004-03-08 23:04:06 +1100	[diff] [blame]	558	mm_start_pam(Authctxt *authctxt)
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	559	{
				560	Buffer m;
				561
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	562	debug3("%s entering", __func__);
Damien Miller	4e448a3	2003-05-14 15:11:48 +1000	[diff] [blame]	563	if (!options.use_pam)
				564	fatal("UsePAM=no, but ended up in %s anyway", __func__);
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	565
				566	buffer_init(&m);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	567	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, &m);
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	568
				569	buffer_free(&m);
				570	}
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	571
Damien Miller	1f499fd	2003-08-25 13:08:49 +1000	[diff] [blame]	572	u_int
				573	mm_do_pam_account(void)
				574	{
				575	Buffer m;
				576	u_int ret;
Darren Tucker	77fc29e	2004-09-11 23:07:03 +1000	[diff] [blame]	577	char *msg;
Damien Miller	1f499fd	2003-08-25 13:08:49 +1000	[diff] [blame]	578
				579	debug3("%s entering", __func__);
				580	if (!options.use_pam)
				581	fatal("UsePAM=no, but ended up in %s anyway", __func__);
				582
				583	buffer_init(&m);
				584	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, &m);
				585
Damien Miller	a8e06ce	2003-11-21 23:48:55 +1100	[diff] [blame]	586	mm_request_receive_expect(pmonitor->m_recvfd,
Damien Miller	1f499fd	2003-08-25 13:08:49 +1000	[diff] [blame]	587	MONITOR_ANS_PAM_ACCOUNT, &m);
				588	ret = buffer_get_int(&m);
Darren Tucker	77fc29e	2004-09-11 23:07:03 +1000	[diff] [blame]	589	msg = buffer_get_string(&m, NULL);
				590	buffer_append(&loginmsg, msg, strlen(msg));
Darren Tucker	f60845f	2013-06-02 08:07:31 +1000	[diff] [blame]	591	free(msg);
Damien Miller	1f499fd	2003-08-25 13:08:49 +1000	[diff] [blame]	592
				593	buffer_free(&m);
Damien Miller	787b2ec	2003-11-21 23:56:47 +1100	[diff] [blame]	594
Damien Miller	1f499fd	2003-08-25 13:08:49 +1000	[diff] [blame]	595	debug3("%s returning %d", __func__, ret);
				596
				597	return (ret);
				598	}
				599
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	600	void *
				601	mm_sshpam_init_ctx(Authctxt *authctxt)
				602	{
				603	Buffer m;
				604	int success;
				605
				606	debug3("%s", __func__);
				607	buffer_init(&m);
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	608	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, &m);
				609	debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__);
				610	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, &m);
				611	success = buffer_get_int(&m);
				612	if (success == 0) {
				613	debug3("%s: pam_init_ctx failed", __func__);
				614	buffer_free(&m);
				615	return (NULL);
				616	}
				617	buffer_free(&m);
				618	return (authctxt);
				619	}
				620
				621	int
				622	mm_sshpam_query(void ctx, char name, char *info,
				623	u_int num, char prompts, u_int echo_on)
				624	{
				625	Buffer m;
Damien Miller	04b6533	2005-07-17 17:53:31 +1000	[diff] [blame]	626	u_int i;
				627	int ret;
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	628
				629	debug3("%s", __func__);
				630	buffer_init(&m);
				631	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, &m);
				632	debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__);
				633	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, &m);
				634	ret = buffer_get_int(&m);
				635	debug3("%s: pam_query returned %d", __func__, ret);
				636	*name = buffer_get_string(&m, NULL);
				637	*info = buffer_get_string(&m, NULL);
Darren Tucker	01558b7	2016-07-18 09:33:25 +1000	[diff] [blame]	638	sshpam_set_maxtries_reached(buffer_get_int(&m));
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	639	*num = buffer_get_int(&m);
Darren Tucker	d8093e4	2006-05-04 16:24:34 +1000	[diff] [blame]	640	if (*num > PAM_MAX_NUM_MSG)
				641	fatal("%s: recieved %u PAM messages, expected <= %u",
				642	__func__, *num, PAM_MAX_NUM_MSG);
				643	prompts = xcalloc((num + 1), sizeof(char *));
				644	echo_on = xcalloc((num + 1), sizeof(u_int));
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	645	for (i = 0; i < *num; ++i) {
				646	(*prompts)[i] = buffer_get_string(&m, NULL);
				647	(*echo_on)[i] = buffer_get_int(&m);
				648	}
				649	buffer_free(&m);
				650	return (ret);
				651	}
				652
				653	int
				654	mm_sshpam_respond(void ctx, u_int num, char *resp)
				655	{
				656	Buffer m;
Damien Miller	04b6533	2005-07-17 17:53:31 +1000	[diff] [blame]	657	u_int i;
				658	int ret;
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	659
				660	debug3("%s", __func__);
				661	buffer_init(&m);
				662	buffer_put_int(&m, num);
				663	for (i = 0; i < num; ++i)
				664	buffer_put_cstring(&m, resp[i]);
				665	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, &m);
				666	debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__);
				667	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_RESPOND, &m);
				668	ret = buffer_get_int(&m);
				669	debug3("%s: pam_respond returned %d", __func__, ret);
				670	buffer_free(&m);
				671	return (ret);
				672	}
				673
				674	void
				675	mm_sshpam_free_ctx(void *ctxtp)
				676	{
				677	Buffer m;
				678
				679	debug3("%s", __func__);
				680	buffer_init(&m);
				681	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, &m);
				682	debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__);
				683	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_FREE_CTX, &m);
				684	buffer_free(&m);
				685	}
Damien Miller	7941855	2002-04-23 20:28:48 +1000	[diff] [blame]	686	#endif /* USE_PAM */
				687
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	688	/* Request process termination */
				689
				690	void
				691	mm_terminate(void)
				692	{
				693	Buffer m;
				694
				695	buffer_init(&m);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	696	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	697	buffer_free(&m);
				698	}
				699
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	700	static void
				701	mm_chall_setup(char name, char infotxt, u_int *numprompts,
				702	char *prompts, u_int echo_on)
				703	{
Ben Lindstrom	cb72e4f	2002-06-21 00:41:51 +0000	[diff] [blame]	704	*name = xstrdup("");
				705	*infotxt = xstrdup("");
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	706	*numprompts = 1;
Damien Miller	07d86be	2006-03-26 14:19:21 +1100	[diff] [blame]	707	prompts = xcalloc(numprompts, sizeof(char *));
				708	echo_on = xcalloc(numprompts, sizeof(u_int));
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	709	(*echo_on)[0] = 0;
				710	}
				711
				712	int
				713	mm_bsdauth_query(void ctx, char name, char *infotxt,
				714	u_int numprompts, char prompts, u_int echo_on)
				715	{
				716	Buffer m;
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	717	u_int success;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	718	char *challenge;
				719
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	720	debug3("%s: entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	721
				722	buffer_init(&m);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	723	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	724
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	725	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	726	&m);
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	727	success = buffer_get_int(&m);
				728	if (success == 0) {
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	729	debug3("%s: no challenge", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	730	buffer_free(&m);
				731	return (-1);
				732	}
				733
				734	/* Get the challenge, and format the response */
				735	challenge = buffer_get_string(&m, NULL);
				736	buffer_free(&m);
				737
				738	mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
				739	(*prompts)[0] = challenge;
				740
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	741	debug3("%s: received challenge: %s", __func__, challenge);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	742
				743	return (0);
				744	}
				745
				746	int
				747	mm_bsdauth_respond(void ctx, u_int numresponses, char *responses)
				748	{
				749	Buffer m;
				750	int authok;
				751
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	752	debug3("%s: entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	753	if (numresponses != 1)
				754	return (-1);
				755
				756	buffer_init(&m);
				757	buffer_put_cstring(&m, responses[0]);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	758	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	759
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	760	mm_request_receive_expect(pmonitor->m_recvfd,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	761	MONITOR_ANS_BSDAUTHRESPOND, &m);
				762
				763	authok = buffer_get_int(&m);
				764	buffer_free(&m);
				765
				766	return ((authok == 0) ? -1 : 0);
				767	}
				768
Darren Tucker	042e2e8	2004-07-08 23:09:42 +1000	[diff] [blame]	769	#ifdef SKEY
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	770	int
				771	mm_skey_query(void ctx, char name, char *infotxt,
				772	u_int numprompts, char prompts, u_int echo_on)
				773	{
				774	Buffer m;
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	775	u_int success;
Darren Tucker	d6a23f2	2006-08-05 18:50:35 +1000	[diff] [blame]	776	char *challenge;
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	777
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	778	debug3("%s: entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	779
				780	buffer_init(&m);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	781	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	782
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	783	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	784	&m);
Damien Miller	b7df3af	2003-02-24 11:55:46 +1100	[diff] [blame]	785	success = buffer_get_int(&m);
				786	if (success == 0) {
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	787	debug3("%s: no challenge", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	788	buffer_free(&m);
				789	return (-1);
				790	}
				791
				792	/* Get the challenge, and format the response */
				793	challenge = buffer_get_string(&m, NULL);
				794	buffer_free(&m);
				795
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	796	debug3("%s: received challenge: %s", __func__, challenge);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	797
				798	mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
				799
Damien Miller	07d86be	2006-03-26 14:19:21 +1100	[diff] [blame]	800	xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
Darren Tucker	f60845f	2013-06-02 08:07:31 +1000	[diff] [blame]	801	free(challenge);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	802
				803	return (0);
				804	}
				805
				806	int
				807	mm_skey_respond(void ctx, u_int numresponses, char *responses)
				808	{
				809	Buffer m;
				810	int authok;
				811
Ben Lindstrom	7d9c38f	2002-06-06 21:40:51 +0000	[diff] [blame]	812	debug3("%s: entering", __func__);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	813	if (numresponses != 1)
				814	return (-1);
				815
				816	buffer_init(&m);
				817	buffer_put_cstring(&m, responses[0]);
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	818	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, &m);
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	819
Ben Lindstrom	7339b2a	2002-05-15 16:25:01 +0000	[diff] [blame]	820	mm_request_receive_expect(pmonitor->m_recvfd,
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	821	MONITOR_ANS_SKEYRESPOND, &m);
				822
				823	authok = buffer_get_int(&m);
				824	buffer_free(&m);
				825
				826	return ((authok == 0) ? -1 : 0);
				827	}
Darren Tucker	042e2e8	2004-07-08 23:09:42 +1000	[diff] [blame]	828	#endif /* SKEY */
Ben Lindstrom	7a2073c	2002-03-22 02:30:41 +0000	[diff] [blame]	829
Darren Tucker	2e0cf0d	2005-02-08 21:52:47 +1100	[diff] [blame]	830	#ifdef SSH_AUDIT_EVENTS
Darren Tucker	269a1ea	2005-02-03 00:20:53 +1100	[diff] [blame]	831	void
				832	mm_audit_event(ssh_audit_event_t event)
				833	{
				834	Buffer m;
				835
				836	debug3("%s entering", __func__);
				837
				838	buffer_init(&m);
				839	buffer_put_int(&m, event);
				840
				841	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, &m);
				842	buffer_free(&m);
				843	}
				844
				845	void
				846	mm_audit_run_command(const char *command)
				847	{
				848	Buffer m;
				849
				850	debug3("%s entering command %s", __func__, command);
				851
				852	buffer_init(&m);
				853	buffer_put_cstring(&m, command);
				854
				855	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m);
				856	buffer_free(&m);
				857	}
Darren Tucker	2e0cf0d	2005-02-08 21:52:47 +1100	[diff] [blame]	858	#endif /* SSH_AUDIT_EVENTS */
Darren Tucker	269a1ea	2005-02-03 00:20:53 +1100	[diff] [blame]	859
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	860	#ifdef GSSAPI
				861	OM_uint32
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	862	mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid)
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	863	{
				864	Buffer m;
				865	OM_uint32 major;
				866
				867	/* Client doesn't get to see the context */
				868	*ctx = NULL;
				869
				870	buffer_init(&m);
Darren Tucker	3f9fdc7	2004-06-22 12:56:01 +1000	[diff] [blame]	871	buffer_put_string(&m, goid->elements, goid->length);
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	872
				873	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m);
				874	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m);
				875
				876	major = buffer_get_int(&m);
				877
				878	buffer_free(&m);
				879	return (major);
				880	}
				881
				882	OM_uint32
				883	mm_ssh_gssapi_accept_ctx(Gssctxt ctx, gss_buffer_desc in,
				884	gss_buffer_desc out, OM_uint32 flags)
				885	{
				886	Buffer m;
				887	OM_uint32 major;
Darren Tucker	600ad8d	2003-08-26 12:10:48 +1000	[diff] [blame]	888	u_int len;
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	889
				890	buffer_init(&m);
				891	buffer_put_string(&m, in->value, in->length);
				892
				893	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSTEP, &m);
				894	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, &m);
				895
				896	major = buffer_get_int(&m);
Darren Tucker	600ad8d	2003-08-26 12:10:48 +1000	[diff] [blame]	897	out->value = buffer_get_string(&m, &len);
				898	out->length = len;
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	899	if (flags)
				900	*flags = buffer_get_int(&m);
				901
				902	buffer_free(&m);
				903
				904	return (major);
				905	}
				906
Damien Miller	0425d40	2003-11-17 22:18:21 +1100	[diff] [blame]	907	OM_uint32
				908	mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
				909	{
				910	Buffer m;
				911	OM_uint32 major;
				912
				913	buffer_init(&m);
				914	buffer_put_string(&m, gssbuf->value, gssbuf->length);
				915	buffer_put_string(&m, gssmic->value, gssmic->length);
				916
				917	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSCHECKMIC, &m);
				918	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSCHECKMIC,
				919	&m);
				920
				921	major = buffer_get_int(&m);
				922	buffer_free(&m);
				923	return(major);
				924	}
				925
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	926	int
				927	mm_ssh_gssapi_userok(char *user)
				928	{
				929	Buffer m;
				930	int authenticated = 0;
				931
				932	buffer_init(&m);
				933
				934	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, &m);
				935	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUSEROK,
				936	&m);
				937
				938	authenticated = buffer_get_int(&m);
				939
				940	buffer_free(&m);
				941	debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
				942	return (authenticated);
				943	}
				944	#endif /* GSSAPI */
Damien Miller	01ed227	2008-11-05 16:20:46 +1100	[diff] [blame]	945