summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2002-03-13 13:21:54 +1100
committerDamien Miller <djm@mindrot.org>2002-03-13 13:21:54 +1100
commitf831f761250f28ff5537f7bd66c2f6816d67503d (patch)
treec302b7c849777941a123681ee91ac92601cf8057
parent3a5b0233306a3db3a5db5b9ddc187c55e9b251f4 (diff)
revert more of my stupidity
-rw-r--r--monitor.c656
-rw-r--r--monitor.h57
-rw-r--r--monitor_fdpass.c89
-rw-r--r--monitor_fdpass.h32
-rw-r--r--monitor_mm.c329
-rw-r--r--monitor_mm.h64
-rw-r--r--monitor_wrap.c538
7 files changed, 0 insertions, 1765 deletions
diff --git a/monitor.c b/monitor.c
deleted file mode 100644
index b8579027..00000000
--- a/monitor.c
+++ /dev/null
@@ -1,656 +0,0 @@
-/*
- * Copyright 2001 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD$");
-
-#include <openssl/dh.h>
-
-#include "ssh.h"
-#include "auth.h"
-#include "kex.h"
-#include "dh.h"
-#include "zlib.h"
-#include "packet.h"
-#include "auth-options.h"
-#include "sshpty.h"
-#include "channels.h"
-#include "session.h"
-#include "log.h"
-#include "monitor.h"
-#include "monitor_mm.h"
-#include "monitor_wrap.h"
-#include "monitor_fdpass.h"
-#include "xmalloc.h"
-#include "misc.h"
-#include "buffer.h"
-#include "bufaux.h"
-
-/* Imports */
-extern Newkeys *current_keys[];
-extern z_stream incoming_stream;
-extern z_stream outgoing_stream;
-extern int compat20;
-extern int mm_sendfd;
-
-/* State exported from the child */
-
-struct {
- z_stream incoming;
- z_stream outgoing;
- u_char *keyin;
- u_int keyinlen;
- u_char *keyout;
- u_int keyoutlen;
-} child_state;
-
-/* Prototype for authentication functions */
-
-int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
-int user_key_allowed(struct passwd *, Key *);
-Key *get_hostkey_by_index(int);
-
-void session_pty_cleanup(void *);
-
-static Authctxt *authctxt;
-
-struct mon_table {
- enum monitor_reqtype type;
- int flags;
- int (*f)(int, Buffer *);
-};
-
-#define MON_PROTOONE 0x0001 /* Used in protocol 1 */
-#define MON_PROTOTWO 0x0002 /* Used in protocol 2 */
-#define MON_AUTH 0x0004 /* Authentication Request */
-
-#define MON_BOTH (MON_PROTOONE|MON_PROTOTWO)
-
-#define MON_PERMIT 0x1000 /* Request is permitted */
-
-struct mon_table mon_dispatch_proto20[] = {
- {MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli},
- {MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign},
- {MONITOR_REQ_PWNAM, MON_BOTH, mm_answer_pwnamallow},
- {MONITOR_REQ_AUTHSERV, MON_BOTH, mm_answer_authserv},
- {MONITOR_REQ_AUTHPASSWORD, MON_BOTH | MON_AUTH, mm_answer_authpassword},
- {MONITOR_REQ_KEYALLOWED, MON_BOTH | MON_AUTH, mm_answer_keyallowed},
- {MONITOR_REQ_KEYVERIFY, MON_BOTH | MON_AUTH, mm_answer_keyverify},
- {0, 0, NULL}
-};
-
-struct mon_table mon_dispatch_postauth20[] = {
- {MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli},
- {MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign},
- {MONITOR_REQ_PTY, MON_BOTH, mm_answer_pty},
- {MONITOR_REQ_TERM, MON_BOTH, mm_answer_term},
- {0, 0, NULL}
-};
-
-struct mon_table mon_dispatch_proto15[] = {
- {0, 0, NULL}
-};
-
-struct mon_table *mon_dispatch;
-
-/* Specifies if a certain message is allowed at the moment */
-
-void
-monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit)
-{
- while (ent->f != NULL) {
- if (ent->type == type) {
- ent->flags &= ~MON_PERMIT;
- ent->flags |= permit ? MON_PERMIT : 0;
- return;
- }
- ent++;
- }
-}
-
-void
-monitor_permit_authentications(int permit)
-{
- struct mon_table *ent = mon_dispatch;
-
- while (ent->f != NULL) {
- if (ent->flags & MON_AUTH) {
- ent->flags &= ~MON_PERMIT;
- ent->flags |= permit ? MON_PERMIT : 0;
- }
- ent++;
- }
-}
-
-#define FD_CLOSEONEXEC(x) do { \
- if (fcntl(x, F_SETFD, 1) == -1) \
- fatal("fcntl(%d, F_SETFD)", x); \
-} while (0)
-
-void
-monitor_socketpair(int *pair)
-{
- if (socketpair(PF_LOCAL, SOCK_STREAM, 0, pair) == -1)
- fatal("%s: socketpair", __FUNCTION__);
- FD_CLOSEONEXEC(pair[0]);
- FD_CLOSEONEXEC(pair[1]);
-}
-
-Authctxt *
-monitor_child_preauth(int socket)
-{
- debug3("preauth child monitor started");
-
- if (compat20) {
- mon_dispatch = mon_dispatch_proto20;
-
- /* Permit requests for moduli and signatures */
- monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
- monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
- } else
- mon_dispatch = mon_dispatch_proto15;
-
- authctxt = authctxt_new();
-
- /* The first few requests do not require asynchronous access */
- for (;;) {
- if (monitor_read(socket, mon_dispatch))
- break;
- }
-
- debug("%s: %s has been authenticated by privileged process",
- __FUNCTION__, authctxt->user);
-
- if (compat20) {
- mm_get_keystate(socket);
- } else {
- fatal("Use loose");
- }
-
- return (authctxt);
-}
-
-void
-monitor_child_postauth(int socket)
-{
- if (compat20) {
- mon_dispatch = mon_dispatch_postauth20;
-
- /* Permit requests for moduli and signatures */
- monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
- monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
- monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
-
- if (!no_pty_flag)
- monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
- } else
- mon_dispatch = mon_dispatch_proto15;
-
- for (;;) {
- if (monitor_read(socket, mon_dispatch))
- break;
- }
-}
-
-int
-monitor_read(int socket, struct mon_table *ent)
-{
- Buffer m;
- int ret;
- u_char type;
-
- buffer_init(&m);
-
- mm_request_receive(socket, &m);
- type = buffer_get_char(&m);
-
- debug3("%s: checking request %d", __FUNCTION__, type);
-
- while (ent->f != NULL) {
- if (ent->type == type)
- break;
- ent++;
- }
-
- if (ent->f != NULL) {
- if (!(ent->flags & MON_PERMIT))
- fatal("%s: unpermitted request %d", __FUNCTION__,
- type);
- ret = (*ent->f)(socket, &m);
- buffer_free(&m);
- return ret;
- }
-
- fatal("%s: unsupported request: %d\n", __FUNCTION__, type);
-
- /* NOTREACHED */
- return (-1);
-}
-
-int
-mm_answer_moduli(int socket, Buffer *m)
-{
- DH *dh;
- int min, want, max;
-
- /* Turn off requests for moduli */
- monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 0);
-
- min = buffer_get_int(m);
- want = buffer_get_int(m);
- max = buffer_get_int(m);
-
- debug3("%s: got parameters: %d %d %d",
- __FUNCTION__, min, want, max);
- /* We need to check here, too, in case the child got corrupted */
- if (max < min || want < min || max < want)
- fatal("%s: bad parameters: %d %d %d",
- __FUNCTION__, min, want, max);
-
- buffer_clear(m);
-
- dh = choose_dh(min, want, max);
- if (dh == NULL) {
- buffer_put_char(m, 0);
- return (0);
- } else {
- /* Send first bignum */
- buffer_put_char(m, 1);
- buffer_put_bignum2(m, dh->p);
- buffer_put_bignum2(m, dh->g);
-
- DH_free(dh);
- }
- mm_request_send(socket, MONITOR_ANS_MODULI, m);
- return (0);
-}
-
-int
-mm_answer_sign(int socket, Buffer *m)
-{
- Key *key;
- u_char *p;
- u_char *signature;
- u_int siglen, datlen;
- int keyid;
-
- debug3("%s", __FUNCTION__);
-
- keyid = buffer_get_int(m);
- p = buffer_get_string(m, &datlen);
-
- if ((key = get_hostkey_by_index(keyid)) == NULL)
- fatal("%s: no hostkey from index %d", __FUNCTION__, keyid);
- if (key_sign(key, &signature, &siglen, p, datlen) < 0)
- fatal("%s: key_sign failed", __FUNCTION__);
-
- debug3("%s: signature %p(%d)", __FUNCTION__, signature, siglen);
-
- buffer_clear(m);
- buffer_put_string(m, signature, siglen);
-
- xfree(p);
- xfree(signature);
-
- /* Turn on permissions for getpwnam */
- monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
-
- mm_request_send(socket, MONITOR_ANS_SIGN, m);
- return (0);
-}
-
-/* Retrieves the password entry and also checks if the user is permitted */
-
-int
-mm_answer_pwnamallow(int socket, Buffer *m)
-{
- char *login;
- struct passwd *pwent;
- int allowed;
-
- debug3("%s", __FUNCTION__);
-
- if (authctxt->attempt++ != 0)
- fatal("%s: multiple attempts for getpwnam", __FUNCTION__);
-
- login = buffer_get_string(m, NULL);
-
- /* XXX - probably latch the username here */
- pwent = getpwnam(login);
- authctxt->user = xstrdup(login);
- setproctitle("%s [priv]", pwent ? login : "unknown");
- xfree(login);
-
- /* Allow service/style information on the auth context */
- monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
-
- buffer_clear(m);
-
- if (pwent == NULL) {
- buffer_put_char(m, 0);
- mm_request_send(socket, MONITOR_ANS_PWNAM, m);
- return (0);
- }
-
- /* Check if we permit this user */
- allowed = allowed_user(pwent);
-
- if (allowed) {
- authctxt->pw = pwcopy(pwent);
- authctxt->valid = 1;
- }
- buffer_put_char(m, allowed);
- buffer_put_string(m, pwent, sizeof(struct passwd));
- buffer_put_cstring(m, pwent->pw_name);
- buffer_put_cstring(m, "*");
- buffer_put_cstring(m, pwent->pw_gecos);
- buffer_put_cstring(m, pwent->pw_class);
- buffer_put_cstring(m, pwent->pw_dir);
- buffer_put_cstring(m, pwent->pw_shell);
-
- debug3("%s: sending MONITOR_ANS_PWNAM: %d", __FUNCTION__, allowed);
- mm_request_send(socket, MONITOR_ANS_PWNAM, m);
-
- return (0);
-}
-
-int
-mm_answer_authserv(int socket, Buffer *m)
-{
- /* Disallow service/style information on the auth context */
- monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 0);
-
- monitor_permit_authentications(1);
-
- authctxt->service = buffer_get_string(m, NULL);
- authctxt->style = buffer_get_string(m, NULL);
- if (strlen(authctxt->style) == 0) {
- xfree(authctxt->style);
- authctxt->style = NULL;
- }
-
- debug3("%s: service=%s, style=%s",
- __FUNCTION__, authctxt->service, authctxt->style);
-
- return (0);
-}
-
-int
-mm_answer_authpassword(int socket, Buffer *m)
-{
- char *passwd;
- int authenticated;
-
- passwd = buffer_get_string(m, NULL);
- /* Only authenticate if the context is valid */
- authenticated = authctxt->valid && auth_password(authctxt, passwd);
- memset(passwd, 0, strlen(passwd));
- xfree(passwd);
-
- buffer_clear(m);
- buffer_put_int(m, authenticated);
-
- debug3("%s: sending result %d", __FUNCTION__, authenticated);
- mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m);
-
- /* Causes monitor loop to terminate if authenticated */
- return (authenticated);
-}
-
-int
-mm_answer_keyallowed(int socket, Buffer *m)
-{
- Key *key;
- u_char *cuser, *chost, *blob;
- u_int bloblen;
- enum mm_keytype type = 0;
- int allowed = 0;
-
- debug3("%s entering", __FUNCTION__);
-
- type = buffer_get_int(m);
- cuser = buffer_get_string(m, NULL);
- chost = buffer_get_string(m, NULL);
- blob = buffer_get_string(m, &bloblen);
-
- key = key_from_blob(blob, bloblen);
-
- debug3("%s: key_from_blob: %p", __FUNCTION__, key);
-
- if (key != NULL && authctxt->pw != NULL) {
- switch(type) {
- case MM_USERKEY:
- allowed = user_key_allowed(authctxt->pw, key);
- break;
- case MM_HOSTKEY:
- allowed = hostbased_key_allowed(authctxt->pw,
- cuser, chost, key);
- break;
- default:
- fatal("%s: unknown key type %d", __FUNCTION__,
- type);
- break;
- }
- key_free(key);
- }
- xfree(chost);
- xfree(cuser);
- xfree(blob);
-
- debug3("%s: key %p is %s",
- __FUNCTION__, key, allowed ? "allowed" : "disallowed");
-
- buffer_clear(m);
- buffer_put_int(m, allowed);
-
- mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m);
- return (0);
-}
-
-int
-mm_answer_keyverify(int socket, Buffer *m)
-{
- Key *key;
- u_char *signature, *data, *cuser, *chost, *blob;
- u_int signaturelen, datalen, bloblen;
- int type;
- int verified = 0;
-
- type = buffer_get_int(m);
- cuser = buffer_get_string(m, NULL);
- chost = buffer_get_string(m, NULL);
- blob = buffer_get_string(m, &bloblen);
- signature = buffer_get_string(m, &signaturelen);
- data = buffer_get_string(m, &datalen);
-
- key = key_from_blob(blob, bloblen);
- if (key == NULL)
- fatal("%s: bad public key blob", __FUNCTION__);
-
- if (authctxt->pw == NULL || !user_key_allowed(authctxt->pw, key))
- fatal("%s: user not allowed", __FUNCTION__);
- verified = key_verify(key, signature, signaturelen, data, datalen);
- debug3("%s: key %p signature %s",
- __FUNCTION__, key, verified ? "verified" : "unverified");
-
- key_free(key);
- xfree(chost);
- xfree(cuser);
- xfree(blob);
- xfree(signature);
- xfree(data);
-
- buffer_clear(m);
- buffer_put_int(m, verified);
- mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m);
-
- return (verified);
-}
-
-int
-mm_answer_pty(int socket, Buffer *m)
-{
- Session *s;
- int res;
-
- debug3("%s entering", __FUNCTION__);
-
- buffer_clear(m);
- s = session_new();
- if (s == NULL)
- goto error;
- s->authctxt = authctxt;
- s->pw = authctxt->pw;
- res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
- if (res == 0)
- goto error;
- fatal_add_cleanup(session_pty_cleanup, (void *)s);
- pty_setowner(authctxt->pw, s->tty);
-
- buffer_put_int(m, 1);
- buffer_put_cstring(m, s->tty);
- mm_request_send(socket, MONITOR_ANS_PTY, m);
-
- mm_send_fd(mm_sendfd, s->ptyfd);
- mm_send_fd(mm_sendfd, s->ttyfd);
- return (0);
-
- error:
- if (s != NULL)
- session_close(s);
- buffer_put_int(m, 0);
- mm_request_send(socket, MONITOR_ANS_PTY, m);
- return (0);
-}
-
-int
-mm_answer_term(int socket, Buffer *req)
-{
- debug3("%s: tearing down sessions", __FUNCTION__);
-
- /* The child is terminating */
- session_destroy_all();
-
- return (1);
-}
-
-void
-mm_apply_keystate(struct mm_master *mm)
-{
- /* XXX - delegate to child? */
- set_newkeys(MODE_IN);
- set_newkeys(MODE_OUT);
-
- packet_set_keycontext(MODE_OUT, child_state.keyout);
- xfree(child_state.keyout);
- packet_set_keycontext(MODE_IN, child_state.keyin);
- xfree(child_state.keyin);
-
- memcpy(&incoming_stream, &child_state.incoming,
- sizeof(incoming_stream));
- memcpy(&outgoing_stream, &child_state.outgoing,
- sizeof(outgoing_stream));
-
- /* Update with new address */
- mm_init_compression(mm);
-}
-
-/* This function requries careful sanity checking */
-
-void
-mm_get_keystate(int socket)
-{
- Buffer m;
- u_char *blob, *p;
- u_int bloblen, plen;
-
- debug3("%s: Waiting for new keys", __FUNCTION__);
-
- buffer_init(&m);
- mm_request_receive_expect(socket, MONITOR_REQ_KEYEXPORT, &m);
-
- blob = buffer_get_string(&m, &bloblen);
- current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);
- xfree(blob);
-
- debug3("%s: Waiting for second key", __FUNCTION__);
- blob = buffer_get_string(&m, &bloblen);
- current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);
- xfree(blob);
-
- /* Now get sequence numbers for the packets */
- packet_set_seqnr(MODE_OUT, buffer_get_int(&m));
- packet_set_seqnr(MODE_IN, buffer_get_int(&m));
-
- /* Get the key context */
- child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen);
- child_state.keyin = buffer_get_string(&m, &child_state.keyinlen);
-
- debug3("%s: Getting compression state", __FUNCTION__);
- /* Get compression state */
- p = buffer_get_string(&m, &plen);
- if (plen != sizeof(child_state.outgoing))
- fatal("%s: bad request size", __FUNCTION__);
- memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing));
- xfree(p);
-
- p = buffer_get_string(&m, &plen);
- if (plen != sizeof(child_state.incoming))
- fatal("%s: bad request size", __FUNCTION__);
- memcpy(&child_state.incoming, p, sizeof(child_state.incoming));
- xfree(p);
-
- buffer_free(&m);
-}
-
-
-/* Allocation functions for zlib */
-void *
-mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
-{
- void *address;
-
- address = mm_malloc(mm, size * ncount);
-
- return (address);
-}
-
-void
-mm_zfree(struct mm_master *mm, void *address)
-{
- mm_free(mm, address);
-}
-
-void
-mm_init_compression(struct mm_master *mm)
-{
- outgoing_stream.zalloc = (alloc_func)mm_zalloc;
- outgoing_stream.zfree = (free_func)mm_zfree;
- outgoing_stream.opaque = mm;
-
- incoming_stream.zalloc = (alloc_func)mm_zalloc;
- incoming_stream.zfree = (free_func)mm_zfree;
- incoming_stream.opaque = mm;
-}
diff --git a/monitor.h b/monitor.h
deleted file mode 100644
index 7568603f..00000000
--- a/monitor.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 2002 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef _MONITOR_H_
-#define _MONITOR_H_
-
-enum monitor_reqtype {
- MONITOR_REQ_MODULI, MONITOR_ANS_MODULI,
- MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,
- MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,
- MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,
- MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,
- MONITOR_REQ_KEYALLOWED, MONITOR_ANS_KEYALLOWED,
- MONITOR_REQ_KEYVERIFY, MONITOR_ANS_KEYVERIFY,
- MONITOR_REQ_KEYEXPORT,
- MONITOR_REQ_PTY, MONITOR_ANS_PTY,
- MONITOR_REQ_TERM
-};
-
-struct monitor_req {
- enum monitor_reqtype type;
- void *address;
- size_t size;
-};
-
-void monitor_socketpair(int *pair);
-
-struct Authctxt;
-struct Authctxt *monitor_child_preauth(int);
-void monitor_child_postauth(int);
-
-struct mon_table;
-int monitor_read(int, struct mon_table *);
-
-#endif /* _MONITOR_H_ */
diff --git a/monitor_fdpass.c b/monitor_fdpass.c
deleted file mode 100644
index 46087ae6..00000000
--- a/monitor_fdpass.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Copyright 2001 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD$");
-
-#include <sys/uio.h>
-
-#include "ssh.h"
-#include "log.h"
-#include "xmalloc.h"
-#include "misc.h"
-#include "monitor_fdpass.h"
-
-void
-mm_send_fd(int socket, int fd)
-{
- struct msghdr msg;
- char tmp[CMSG_SPACE(sizeof(int))];
- struct cmsghdr *cmsg;
- struct iovec vec;
- char ch;
-
- memset(&msg, 0, sizeof(msg));
- msg.msg_control = (caddr_t)tmp;
- msg.msg_controllen = CMSG_LEN(sizeof(int));
- cmsg = CMSG_FIRSTHDR(&msg);
- cmsg->cmsg_len = CMSG_LEN(sizeof(int));
- cmsg->cmsg_level = SOL_SOCKET;
- cmsg->cmsg_type = SCM_RIGHTS;
- *(int *)CMSG_DATA(cmsg) = fd;
-
- vec.iov_base = &ch;
- vec.iov_len = 1;
- msg.msg_iov = &vec;
- msg.msg_iovlen = 1;
-
- if (sendmsg(socket, &msg, 0) == -1)
- fatal("%s: sendmsg(%d)", __FUNCTION__, fd);
-}
-
-int
-mm_receive_fd(int socket)
-{
- struct msghdr msg;
- char tmp[CMSG_SPACE(sizeof(int))];
- struct cmsghdr *cmsg;
- struct iovec vec;
- char ch;
-
- memset(&msg, 0, sizeof(msg));
- vec.iov_base = &ch;
- vec.iov_len = 1;
- msg.msg_iov = &vec;
- msg.msg_iovlen = 1;
- msg.msg_control = tmp;
- msg.msg_controllen = sizeof(tmp);
-
- if (recvmsg(socket, &msg, 0) == -1)
- fatal("%s: recvmsg", __FUNCTION__);
-
- cmsg = CMSG_FIRSTHDR(&msg);
- if (cmsg->cmsg_type != SCM_RIGHTS)
- fatal("%s: expected type %d got %d", __FUNCTION__,
- SCM_RIGHTS, cmsg->cmsg_type);
- return (*(int *)CMSG_DATA(cmsg));
-}
diff --git a/monitor_fdpass.h b/monitor_fdpass.h
deleted file mode 100644
index cb6b71c9..00000000
--- a/monitor_fdpass.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright 2002 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef _MM_FDPASS_H_
-#define _MM_FDPASS_H_
-
-void mm_send_fd(int, int);
-int mm_receive_fd(int);
-
-#endif /* _MM_FDPASS_H_ */
diff --git a/monitor_mm.c b/monitor_mm.c
deleted file mode 100644
index 111c97d9..00000000
--- a/monitor_mm.c
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * Copyright 2001 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD$");
-
-#include <sys/mman.h>
-
-#include "ssh.h"
-#include "xmalloc.h"
-#include "log.h"
-#include "monitor_mm.h"
-
-static int
-mm_compare(struct mm_share *a, struct mm_share *b)
-{
- return (a->address - b->address);
-}
-
-RB_GENERATE(mmtree, mm_share, next, mm_compare);
-
-static struct mm_share *
-mm_make_entry(struct mm_master *mm, struct mmtree *head,
- void *address, size_t size)
-{
- struct mm_share *tmp, *tmp2;
-
- if (mm->mmalloc == NULL)
- tmp = xmalloc(sizeof(struct mm_share));
- else
- tmp = mm_xmalloc(mm->mmalloc, sizeof(struct mm_share));
- tmp->address = address;
- tmp->size = size;
-
- tmp2 = RB_INSERT(mmtree, head, tmp);
- if (tmp2 != NULL)
- fatal("mm_make_entry(%p): double address %p->%p(%d)",
- mm, tmp2, address, size);
-
- return (tmp);
-}
-
-/* Creates a shared memory area of a certain size */
-
-struct mm_master *
-mm_create(struct mm_master *mmalloc, size_t size)
-{
- void *address;
- struct mm_master *mm;
-
- if (mmalloc == NULL)
- mm = xmalloc(sizeof(struct mm_master));
- else
- mm = mm_xmalloc(mmalloc, sizeof(struct mm_master));
-
- /*
- * If the memory map has a mm_master it can be completely
- * shared including authentication between the child
- * and the client.
- */
- mm->mmalloc = mmalloc;
-
- address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
- -1, 0);
- if (address == MAP_FAILED)
- fatal("mmap(%d)", size);
-
- mm->address = address;
- mm->size = size;
-
- RB_INIT(&mm->rb_free);
- RB_INIT(&mm->rb_allocated);
-
- mm_make_entry(mm, &mm->rb_free, address, size);
-
- return (mm);
-}
-
-/* Frees either the allocated or the free list */
-
-void
-mm_freelist(struct mm_master *mmalloc, struct mmtree *head)
-{
- struct mm_share *mms, *next;
-
- for (mms = RB_ROOT(head); mms; mms = next) {
- next = RB_NEXT(mmtree, head, mms);
- RB_REMOVE(mmtree, head, mms);
- if (mmalloc == NULL)
- xfree(mms);
- else
- mm_free(mmalloc, mms);
- }
-}
-
-/* Destroys a memory mapped area */
-
-void
-mm_destroy(struct mm_master *mm)
-{
- mm_freelist(mm->mmalloc, &mm->rb_free);
- mm_freelist(mm->mmalloc, &mm->rb_allocated);
-
- if (munmap(mm->address, mm->size) == -1)
- fatal("munmap(%p, %d)", mm->address, mm->size);
- if (mm->mmalloc == NULL)
- xfree(mm);
- else
- mm_free(mm->mmalloc, mm);
-}
-
-void *
-mm_xmalloc(struct mm_master *mm, size_t size)
-{
- void *address;
-
- address = mm_malloc(mm, size);
- if (address == NULL)
- fatal("%s: mm_malloc(%d)", __FUNCTION__, size);
- return (address);
-}
-
-
-/* Allocates data from a memory mapped area */
-
-void *
-mm_malloc(struct mm_master *mm, size_t size)
-{
- struct mm_share *mms, *tmp;
-
- if (size == 0)
- fatal("mm_malloc: try to allocate 0 space");
-
- size = ((size + MM_MINSIZE - 1) / MM_MINSIZE) * MM_MINSIZE;
-
- RB_FOREACH(mms, mmtree, &mm->rb_free) {
- if (mms->size >= size)
- break;
- }
-
- if (mms == NULL)
- return (NULL);
-
- /* Debug */
- memset(mms->address, 0xd0, size);
-
- tmp = mm_make_entry(mm, &mm->rb_allocated, mms->address, size);
-
- /* Does not change order in RB tree */
- mms->size -= size;
- mms->address = (u_char *)mms->address + size;
-
- if (mms->size == 0) {
- RB_REMOVE(mmtree, &mm->rb_free, mms);
- if (mm->mmalloc == NULL)
- xfree(mms);
- else
- mm_free(mm->mmalloc, mms);
- }
-
- return (tmp->address);
-}
-
-/* Frees memory in a memory mapped area */
-
-void
-mm_free(struct mm_master *mm, void *address)
-{
- struct mm_share *mms, *prev, tmp;
-
- tmp.address = address;
- mms = RB_FIND(mmtree, &mm->rb_allocated, &tmp);
- if (mms == NULL)
- fatal("mm_free(%p): can not find %p", mm, address);
-
- /* Debug */
- memset(mms->address, 0xd0, mms->size);
-
- /* Remove from allocated list and insert in free list */
- RB_REMOVE(mmtree, &mm->rb_allocated, mms);
- if (RB_INSERT(mmtree, &mm->rb_free, mms) != NULL)
- fatal("mm_free(%p): double address %p", mm, address);
-
- /* Find previous entry */
- prev = mms;
- if (RB_LEFT(prev, next)) {
- prev = RB_LEFT(prev, next);
- while (RB_RIGHT(prev, next))
- prev = RB_RIGHT(prev, next);
- } else {
- if (RB_PARENT(prev, next) &&
- (prev == RB_RIGHT(RB_PARENT(prev, next), next)))
- prev = RB_PARENT(prev, next);
- else {
- while (RB_PARENT(prev, next) &&
- (prev == RB_LEFT(RB_PARENT(prev, next), next)))
- prev = RB_PARENT(prev, next);
- prev = RB_PARENT(prev, next);
- }
- }
-
- /* Check if range does not overlap */
- if (prev != NULL && MM_ADDRESS_END(prev) > address)
- fatal("mm_free: memory corruption: %p(%d) > %p",
- prev->address, prev->size, address);
-
- /* See if we can merge backwards */
- if (prev != NULL && MM_ADDRESS_END(prev) == address) {
- prev->size += mms->size;
- RB_REMOVE(mmtree, &mm->rb_free, mms);
- if (mm->mmalloc == NULL)
- xfree(mms);
- else
- mm_free(mm->mmalloc, mms);
- } else
- prev = mms;
-
- if (prev == NULL)
- return;
-
- /* Check if we can merge forwards */
- mms = RB_NEXT(mmtree, &mm->rb_free, prev);
- if (mms == NULL)
- return;
-
- if (MM_ADDRESS_END(prev) > mms->address)
- fatal("mm_free: memory corruption: %p < %p(%d)",
- mms->address, prev->address, prev->size);
- if (MM_ADDRESS_END(prev) != mms->address)
- return;
-
- prev->size += mms->size;
- RB_REMOVE(mmtree, &mm->rb_free, mms);
-
- if (mm->mmalloc == NULL)
- xfree(mms);
- else
- mm_free(mm->mmalloc, mms);
-}
-
-void
-mm_sync_list(struct mmtree *oldtree, struct mmtree *newtree,
- struct mm_master *mm, struct mm_master *mmold)
-{
- struct mm_master *mmalloc = mm->mmalloc;
- struct mm_share *mms, *new;
-
- /* Sync free list */
- RB_FOREACH(mms, mmtree, oldtree) {
- /* Check the values */
- mm_memvalid(mmold, mms, sizeof(struct mm_share));
- mm_memvalid(mm, mms->address, mms->size);
-
- new = mm_xmalloc(mmalloc, sizeof(struct mm_share));
- memcpy(new, mms, sizeof(struct mm_share));
- RB_INSERT(mmtree, newtree, new);
- }
-}
-
-void
-mm_share_sync(struct mm_master **pmm, struct mm_master **pmmalloc)
-{
- struct mm_master *mm;
- struct mm_master *mmalloc;
- struct mm_master *mmold;
- struct mmtree rb_free, rb_allocated;
-
- debug3("%s: Share sync", __FUNCTION__);
-
- mm = *pmm;
- mmold = mm->mmalloc;
- mm_memvalid(mmold, mm, sizeof(*mm));
-
- mmalloc = mm_create(NULL, mm->size);
- mm = mm_xmalloc(mmalloc, sizeof(struct mm_master));
- memcpy(mm, *pmm, sizeof(struct mm_master));
- mm->mmalloc = mmalloc;
-
- rb_free = mm->rb_free;
- rb_allocated = mm->rb_allocated;
-
- RB_INIT(&mm->rb_free);
- RB_INIT(&mm->rb_allocated);
-
- mm_sync_list(&rb_free, &mm->rb_free, mm, mmold);
- mm_sync_list(&rb_allocated, &mm->rb_allocated, mm, mmold);
-
- mm_destroy(mmold);
-
- *pmm = mm;
- *pmmalloc = mmalloc;
-
- debug3("%s: Share sync end", __FUNCTION__);
-}
-
-void
-mm_memvalid(struct mm_master *mm, void *address, size_t size)
-{
- void *end = (u_char *)address + size;
-
- if (address < mm->address)
- fatal("mm_memvalid: address too small: %p", address);
- if (end < address)
- fatal("mm_memvalid: end < address: %p < %p", end, address);
- if (end > (void *)((u_char *)mm->address + mm->size))
- fatal("mm_memvalid: address too large: %p", address);
-}
diff --git a/monitor_mm.h b/monitor_mm.h
deleted file mode 100644
index 5b4b789c..00000000
--- a/monitor_mm.h
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright 2002 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef _MM_H_
-#define _MM_H_
-#include <sys/tree.h>
-
-struct mm_share {
- RB_ENTRY(mm_share) next;
- void *address;
- size_t size;
-};
-
-struct mm_master {
- RB_HEAD(mmtree, mm_share) rb_free;
- struct mmtree rb_allocated;
- void *address;
- size_t size;
-
- struct mm_master *mmalloc; /* Used to completely share */
-
- int write; /* used to writing to other party */
- int read; /* used for reading from other party */
-};
-
-RB_PROTOTYPE(mmtree, mm_share, next, mm_compare);
-
-#define MM_MINSIZE 128
-
-#define MM_ADDRESS_END(x) (void *)((u_char *)(x)->address + (x)->size)
-
-struct mm_master *mm_create(struct mm_master *, size_t);
-void mm_destroy(struct mm_master *);
-
-void mm_share_sync(struct mm_master **, struct mm_master **);
-
-void *mm_malloc(struct mm_master *, size_t);
-void *mm_xmalloc(struct mm_master *, size_t);
-void mm_free(struct mm_master *, void *);
-
-void mm_memvalid(struct mm_master *, void *, size_t);
-#endif /* _MM_H_ */
diff --git a/monitor_wrap.c b/monitor_wrap.c
deleted file mode 100644
index 798e9353..00000000
--- a/monitor_wrap.c
+++ /dev/null
@@ -1,538 +0,0 @@
-/*
- * Copyright 2002 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD$");
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-#include "ssh.h"
-#include "dh.h"
-#include "kex.h"
-#include "buffer.h"
-#include "bufaux.h"
-#include "packet.h"
-#include "mac.h"
-#include "log.h"
-#include "zlib.h"
-#include "monitor.h"
-#include "monitor_wrap.h"
-#include "xmalloc.h"
-#include "atomicio.h"
-#include "monitor_fdpass.h"
-#include "getput.h"
-
-/* Imports */
-extern Newkeys *newkeys[];
-extern z_stream incoming_stream;
-extern z_stream outgoing_stream;
-
-void
-mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
-{
- u_char buf[5];
- u_int mlen = buffer_len(m);
-
- debug3("%s entering: type %d", __FUNCTION__, type);
-
- PUT_32BIT(buf, mlen + 1);
- buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
- if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf))
- fatal("%s: write", __FUNCTION__);
- if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen)
- fatal("%s: write", __FUNCTION__);
-}
-
-void
-mm_request_receive(int socket, Buffer *m)
-{
- u_char buf[4];
- ssize_t res;
- u_int msg_len;
-
- debug3("%s entering", __FUNCTION__);
-
- res = atomicio(read, socket, buf, sizeof(buf));
- if (res != sizeof(buf))
- fatal("%s: read: %d", __FUNCTION__, res);
- msg_len = GET_32BIT(buf);
- if (msg_len > 256 * 1024)
- fatal("%s: read: bad msg_len %d", __FUNCTION__, msg_len);
- buffer_clear(m);
- buffer_append_space(m, msg_len);
- res = atomicio(read, socket, buffer_ptr(m), msg_len);
- if (res != msg_len)
- fatal("%s: read: %d != msg_len", __FUNCTION__, res);
-}
-
-void
-mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m)
-{
- u_char rtype;
-
- debug3("%s entering: type %d", __FUNCTION__, type);
-
- mm_request_receive(socket, m);
- rtype = buffer_get_char(m);
- if (rtype != type)
- fatal("%s: read: rtype %d != type %d", __FUNCTION__,
- rtype, type);
-}
-
-DH *
-mm_choose_dh(int socket, int min, int nbits, int max)
-{
- BIGNUM *p, *g;
- int success = 0;
- Buffer m;
-
- buffer_init(&m);
- buffer_put_int(&m, min);
- buffer_put_int(&m, nbits);
- buffer_put_int(&m, max);
-
- mm_request_send(socket, MONITOR_REQ_MODULI, &m);
-
- debug3("%s: waiting for MONITOR_ANS_MODULI", __FUNCTION__);
- mm_request_receive_expect(socket, MONITOR_ANS_MODULI, &m);
-
- success = buffer_get_char(&m);
- if (success == 0)
- fatal("%s: MONITOR_ANS_MODULI failed", __FUNCTION__);
-
- if ((p = BN_new()) == NULL)
- fatal("%s: BN_new failed", __FUNCTION__);
- if ((g = BN_new()) == NULL)
- fatal("%s: BN_new failed", __FUNCTION__);
- buffer_get_bignum2(&m, p);
- buffer_get_bignum2(&m, g);
-
- debug3("%s: remaining %d", __FUNCTION__, buffer_len(&m));
- buffer_free(&m);
-
- return (dh_new_group(g, p));
-}
-
-int
-mm_key_sign(int socket, int keyind, u_char **sigp, u_int *lenp,
- u_char *data, u_int datalen)
-{
- Buffer m;
-
- debug3("%s entering", __FUNCTION__);
-
- buffer_init(&m);
- buffer_put_int(&m, keyind);
- buffer_put_string(&m, data, datalen);
-
- mm_request_send(socket, MONITOR_REQ_SIGN, &m);
-
- debug3("%s: waiting for MONITOR_ANS_SIGN", __FUNCTION__);
- mm_request_receive_expect(socket, MONITOR_ANS_SIGN, &m);
- *sigp = buffer_get_string(&m, lenp);
- buffer_free(&m);
-
- return (0);
-}
-
-struct passwd *
-mm_getpwnamallow(int socket, const char *login, int *allowed)
-{
- Buffer m;
- struct passwd *pw;
- u_int pwlen;
-
- debug3("%s entering", __FUNCTION__);
-
- buffer_init(&m);
- buffer_put_cstring(&m, login);
-
- mm_request_send(socket, MONITOR_REQ_PWNAM, &m);
-
- debug3("%s: waiting for MONITOR_ANS_PWNAM", __FUNCTION__);
- mm_request_receive_expect(socket, MONITOR_ANS_PWNAM, &m);
-
- *allowed = buffer_get_char(&m);
- if (*allowed == 0) {
- buffer_free(&m);
- return (NULL);
- }
- pw = buffer_get_string(&m, &pwlen);
- if (pwlen != sizeof(struct passwd))
- fatal("%s: struct passwd size mismatch", __FUNCTION__);
- pw->pw_name = buffer_get_string(&m, NULL);
- pw->pw_passwd = buffer_get_string(&m, NULL);
- pw->pw_gecos = buffer_get_string(&m, NULL);
- pw->pw_class = buffer_get_string(&m, NULL);
- pw->pw_dir = buffer_get_string(&m, NULL);
- pw->pw_shell = buffer_get_string(&m, NULL);
- buffer_free(&m);
-
- return (pw);
-}
-
-void
-pwfree(struct passwd *pw)
-{
- xfree(pw->pw_name);
- xfree(pw->pw_passwd);
- xfree(pw->pw_gecos);
- xfree(pw->pw_class);
- xfree(pw->pw_dir);
- xfree(pw->pw_shell);
- xfree(pw);
-}
-
-/* Inform the privileged process about service and style */
-
-void
-mm_inform_authserv(int socket, char *service, char *style)
-{
- Buffer m;
-
- debug3("%s entering", __FUNCTION__);
-
- buffer_init(&m);
- buffer_put_cstring(&m, service);
- buffer_put_cstring(&m, style ? style : "");
-
- mm_request_send(socket, MONITOR_REQ_AUTHSERV, &m);
-
- buffer_free(&m);
-}
-
-/* Do the password authentication */
-int
-mm_auth_password(int socket, char *password)
-{
- Buffer m;
- int authenticated = 0;
-
- debug3("%s entering", __FUNCTION__);
-
- buffer_init(&m);
- buffer_put_cstring(&m, password);
- mm_request_send(socket, MONITOR_REQ_AUTHPASSWORD, &m);
-
- debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __FUNCTION__);
- mm_request_receive_expect(socket, MONITOR_ANS_AUTHPASSWORD, &m);
-
- authenticated = buffer_get_int(&m);
-
- buffer_free(&m);
-
- debug3("%s: user %sauthenticated",
- __FUNCTION__, authenticated ? "" : "not ");
- return (authenticated);
-}
-
-int
-mm_key_allowed(int socket, enum mm_keytype type, char *user, char *host,
- Key *key)
-{
- Buffer m;
- u_char *blob;
- u_int len;
- int allowed = 0;
-
- debug3("%s entering", __FUNCTION__);
-
- /* Convert the key to a blob and the pass it over */
- if (!key_to_blob(key, &blob, &len))
- return (0);
-
- buffer_init(&m);
- buffer_put_int(&m, type);
- buffer_put_cstring(&m, user ? user : "");
- buffer_put_cstring(&m, host ? host : "");
- buffer_put_string(&m, blob, len);
- xfree(blob);
-
- mm_request_send(socket, MONITOR_REQ_KEYALLOWED, &m);
-
- debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __FUNCTION__);
- mm_request_receive_expect(socket, MONITOR_ANS_KEYALLOWED, &m);
-
- allowed = buffer_get_int(&m);
-
- buffer_free(&m);
-
- return (allowed);
-}
-
-/*
- * This key verify needs to send the key type along, because the
- * privileged parent makes the decision if the key is allowed
- * for authentication.
- */
-
-int
-mm_key_verify(int socket, enum mm_keytype type, char *user, char *host,
- Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
-{
- Buffer m;
- u_char *blob;
- u_int len;
- int verified = 0;
-
- debug3("%s entering", __FUNCTION__);
-
- /* Convert the key to a blob and the pass it over */
- if (!key_to_blob(key, &blob, &len))
- return (0);
-
- buffer_init(&m);
- buffer_put_int(&m, type);
- buffer_put_cstring(&m, user ? user : "");
- buffer_put_cstring(&m, host ? host : "");
- buffer_put_string(&m, blob, len);
- buffer_put_string(&m, sig, siglen);
- buffer_put_string(&m, data, datalen);
- xfree(blob);
-
- mm_request_send(socket, MONITOR_REQ_KEYVERIFY, &m);
-
- debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __FUNCTION__);
- mm_request_receive_expect(socket, MONITOR_ANS_KEYVERIFY, &m);
-
- verified = buffer_get_int(&m);
-
- buffer_free(&m);
-
- return (verified);
-}
-
-/* Export key state after authentication */
-Newkeys *
-mm_newkeys_from_blob(u_char *blob, int blen)
-{
- Buffer b;
- int rlen;
- Newkeys *newkey = NULL;
- Enc *enc;
- Mac *mac;
- Comp *comp;
-
- debug3("%s: %p(%d)", __FUNCTION__, blob, blen);
-#ifdef DEBUG_PK
- dump_base64(stderr, blob, blen);
-#endif
- buffer_init(&b);
- buffer_append(&b, blob, blen);
-
- newkey = xmalloc(sizeof(*newkey));
- enc = &newkey->enc;
- mac = &newkey->mac;
- comp = &newkey->comp;
-
- /* Enc structure */
- enc->name = buffer_get_string(&b, NULL);
- buffer_get(&b, &enc->cipher, sizeof(enc->cipher));
- enc->enabled = buffer_get_int(&b);
- enc->key_len = buffer_get_int(&b);
- enc->block_size = buffer_get_int(&b);
- enc->key = xmalloc(enc->key_len);
- buffer_get(&b, enc->key, enc->key_len);
- enc->iv = xmalloc(enc->block_size);
- buffer_get(&b, enc->iv, enc->block_size);
-
- if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher)
- fatal("%s: bad cipher name %s or pointer %p", __FUNCTION__,
- enc->name, enc->cipher);
-
- /* Mac structure */
- mac->name = buffer_get_string(&b, NULL);
- if (mac->name == NULL || mac_init(mac, mac->name) == -1)
- fatal("%s: can not init mac %s", __FUNCTION__, mac->name);
- mac->enabled = buffer_get_int(&b);
- mac->key = xmalloc(mac->key_len);
- buffer_get(&b, mac->key, mac->key_len);
-
- /* Comp structure */
- comp->type = buffer_get_int(&b);
- comp->enabled = buffer_get_int(&b);
- comp->name = buffer_get_string(&b, NULL);
-
- rlen = buffer_len(&b);
- if (rlen != 0)
- error("newkeys_from_blob: remaining bytes in blob %d", rlen);
- buffer_free(&b);
- return (newkey);
-}
-
-int
-mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
-{
- Buffer b;
- int len;
- u_char *buf;
- Enc *enc;
- Mac *mac;
- Comp *comp;
- Newkeys *newkey = newkeys[mode];
-
- debug3("%s: converting %p", __FUNCTION__, newkey);
-
- if (newkey == NULL) {
- error("%s: newkey == NULL", __FUNCTION__);
- return 0;
- }
- enc = &newkey->enc;
- mac = &newkey->mac;
- comp = &newkey->comp;
-
- buffer_init(&b);
- /* Enc structure */
- buffer_put_cstring(&b, enc->name);
- /* The cipher struct is constant and shared, you export pointer */
- buffer_append(&b, &enc->cipher, sizeof(enc->cipher));
- buffer_put_int(&b, enc->enabled);
- buffer_put_int(&b, enc->key_len);
- buffer_put_int(&b, enc->block_size);
- buffer_append(&b, enc->key, enc->key_len);
- packet_get_keyiv(mode, enc->iv, enc->block_size);
- buffer_append(&b, enc->iv, enc->block_size);
-
- /* Mac structure */
- buffer_put_cstring(&b, mac->name);
- buffer_put_int(&b, mac->enabled);
- buffer_append(&b, mac->key, mac->key_len);
-
- /* Comp structure */
- buffer_put_int(&b, comp->type);
- buffer_put_int(&b, comp->enabled);
- buffer_put_cstring(&b, comp->name);
-
- len = buffer_len(&b);
- buf = xmalloc(len);
- memcpy(buf, buffer_ptr(&b), len);
- memset(buffer_ptr(&b), 0, len);
- buffer_free(&b);
- if (lenp != NULL)
- *lenp = len;
- if (blobp != NULL)
- *blobp = buf;
- return len;
-}
-
-void
-mm_send_keystate(int socket)
-{
- Buffer m;
- u_char *blob, *p;
- u_int bloblen, plen;
-
- debug3("%s: Sending new keys: %p %p",
- __FUNCTION__, newkeys[MODE_OUT], newkeys[MODE_IN]);
-
- buffer_init(&m);
-
- /* Keys from Kex */
- if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
- fatal("%s: conversion of newkeys failed", __FUNCTION__);
-
- buffer_put_string(&m, blob, bloblen);
- xfree(blob);
-
- if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))
- fatal("%s: conversion of newkeys failed", __FUNCTION__);
-
- buffer_put_string(&m, blob, bloblen);
- xfree(blob);
-
- buffer_put_int(&m, packet_get_seqnr(MODE_OUT));
- buffer_put_int(&m, packet_get_seqnr(MODE_IN));
-
- debug3("%s: New keys have been sent", __FUNCTION__);
-
- /* More key context */
- plen = packet_get_keycontext(MODE_OUT, NULL);
- p = xmalloc(plen+1);
- packet_get_keycontext(MODE_OUT, p);
- buffer_put_string(&m, p, plen);
- xfree(p);
-
- plen = packet_get_keycontext(MODE_IN, NULL);
- p = xmalloc(plen+1);
- packet_get_keycontext(MODE_IN, p);
- buffer_put_string(&m, p, plen);
- xfree(p);
-
- /* Compression state */
- debug3("%s: Sending compression state", __FUNCTION__);
- buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
- buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
-
- mm_request_send(socket, MONITOR_REQ_KEYEXPORT, &m);
- debug3("%s: Finished sending state", __FUNCTION__);
-
- buffer_free(&m);
-}
-
-int
-mm_pty_allocown(int socket, int *ptyfd, int *ttyfd,
- char *namebuf, int namebuflen)
-{
- Buffer m;
- u_char *p;
- int success = 0;
-
- buffer_init(&m);
- mm_request_send(socket, MONITOR_REQ_PTY, &m);
-
- debug3("%s: waiting for MONITOR_ANS_PTY", __FUNCTION__);
- mm_request_receive_expect(socket, MONITOR_ANS_PTY, &m);
-
- success = buffer_get_int(&m);
- if (success == 0) {
- debug3("%s: pty alloc failed", __FUNCTION__);
- buffer_free(&m);
- return (0);
- }
- p = buffer_get_string(&m, NULL);
- buffer_free(&m);
-
- strlcpy(namebuf, p, namebuflen); /* Possible truncation */
- xfree(p);
-
- *ptyfd = mm_receive_fd(socket);
- *ttyfd = mm_receive_fd(socket);
-
- /* Success */
- return (1);
-}
-
-/* Request process termination */
-
-void
-mm_terminate(int socket)
-{
- Buffer m;
-
- buffer_init(&m);
- mm_request_send(socket, MONITOR_REQ_TERM, &m);
- buffer_free(&m);
-}