1 /* $OpenBSD: monitor_wrap.c,v 1.62 2008/05/08 12:21:16 djm Exp $ */
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 #include <sys/types.h>
41 #include <openssl/bn.h>
42 #include <openssl/dh.h>
44 #include "openbsd-compat/sys-queue.h"
54 #include "auth-options.h"
58 #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */
61 #define TARGET_OS_MAC 1
69 #include "monitor_wrap.h"
71 #include "monitor_fdpass.h"
81 extern Newkeys
*newkeys
[];
82 extern z_stream incoming_stream
;
83 extern z_stream outgoing_stream
;
84 extern struct monitor
*pmonitor
;
85 extern Buffer input
, output
;
86 extern Buffer loginmsg
;
87 extern ServerOptions options
;
93 * m_pid is only set in the privileged part, and
94 * points to the unprivileged child.
96 return (pmonitor
&& pmonitor
->m_pid
> 0);
100 mm_request_send(int sock
, enum monitor_reqtype type
, Buffer
*m
)
102 u_int mlen
= buffer_len(m
);
105 debug3("%s entering: type %d", __func__
, type
);
107 put_u32(buf
, mlen
+ 1);
108 buf
[4] = (u_char
) type
; /* 1st byte of payload is mesg-type */
109 if (atomicio(vwrite
, sock
, buf
, sizeof(buf
)) != sizeof(buf
))
110 fatal("%s: write: %s", __func__
, strerror(errno
));
111 if (atomicio(vwrite
, sock
, buffer_ptr(m
), mlen
) != mlen
)
112 fatal("%s: write: %s", __func__
, strerror(errno
));
116 mm_request_receive(int sock
, Buffer
*m
)
121 debug3("%s entering", __func__
);
123 if (atomicio(read
, sock
, buf
, sizeof(buf
)) != sizeof(buf
)) {
126 fatal("%s: read: %s", __func__
, strerror(errno
));
128 msg_len
= get_u32(buf
);
129 if (msg_len
> 256 * 1024)
130 fatal("%s: read: bad msg_len %d", __func__
, msg_len
);
132 buffer_append_space(m
, msg_len
);
133 if (atomicio(read
, sock
, buffer_ptr(m
), msg_len
) != msg_len
)
134 fatal("%s: read: %s", __func__
, strerror(errno
));
138 mm_request_receive_expect(int sock
, enum monitor_reqtype type
, Buffer
*m
)
142 debug3("%s entering: type %d", __func__
, type
);
144 mm_request_receive(sock
, m
);
145 rtype
= buffer_get_char(m
);
147 fatal("%s: read: rtype %d != type %d", __func__
,
152 mm_choose_dh(int min
, int nbits
, int max
)
159 buffer_put_int(&m
, min
);
160 buffer_put_int(&m
, nbits
);
161 buffer_put_int(&m
, max
);
163 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_MODULI
, &m
);
165 debug3("%s: waiting for MONITOR_ANS_MODULI", __func__
);
166 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_MODULI
, &m
);
168 success
= buffer_get_char(&m
);
170 fatal("%s: MONITOR_ANS_MODULI failed", __func__
);
172 if ((p
= BN_new()) == NULL
)
173 fatal("%s: BN_new failed", __func__
);
174 if ((g
= BN_new()) == NULL
)
175 fatal("%s: BN_new failed", __func__
);
176 buffer_get_bignum2(&m
, p
);
177 buffer_get_bignum2(&m
, g
);
179 debug3("%s: remaining %d", __func__
, buffer_len(&m
));
182 return (dh_new_group(g
, p
));
186 mm_key_sign(Key
*key
, u_char
**sigp
, u_int
*lenp
, u_char
*data
, u_int datalen
)
188 Kex
*kex
= *pmonitor
->m_pkex
;
191 debug3("%s entering", __func__
);
194 buffer_put_int(&m
, kex
->host_key_index(key
));
195 buffer_put_string(&m
, data
, datalen
);
197 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_SIGN
, &m
);
199 debug3("%s: waiting for MONITOR_ANS_SIGN", __func__
);
200 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_SIGN
, &m
);
201 *sigp
= buffer_get_string(&m
, lenp
);
208 mm_getpwnamallow(const char *username
)
213 ServerOptions
*newopts
;
215 debug3("%s entering", __func__
);
218 buffer_put_cstring(&m
, username
);
220 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PWNAM
, &m
);
222 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__
);
223 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_PWNAM
, &m
);
225 if (buffer_get_char(&m
) == 0) {
229 pw
= buffer_get_string(&m
, &len
);
230 if (len
!= sizeof(struct passwd
))
231 fatal("%s: struct passwd size mismatch", __func__
);
232 pw
->pw_name
= buffer_get_string(&m
, NULL
);
233 pw
->pw_passwd
= buffer_get_string(&m
, NULL
);
234 pw
->pw_gecos
= buffer_get_string(&m
, NULL
);
235 #ifdef HAVE_PW_CLASS_IN_PASSWD
236 pw
->pw_class
= buffer_get_string(&m
, NULL
);
238 pw
->pw_dir
= buffer_get_string(&m
, NULL
);
239 pw
->pw_shell
= buffer_get_string(&m
, NULL
);
242 /* copy options block as a Match directive may have changed some */
243 newopts
= buffer_get_string(&m
, &len
);
244 if (len
!= sizeof(*newopts
))
245 fatal("%s: option block size mismatch", __func__
);
246 if (newopts
->banner
!= NULL
)
247 newopts
->banner
= buffer_get_string(&m
, NULL
);
248 copy_set_server_options(&options
, newopts
, 1);
257 mm_auth2_read_banner(void)
262 debug3("%s entering", __func__
);
265 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_AUTH2_READ_BANNER
, &m
);
268 mm_request_receive_expect(pmonitor
->m_recvfd
,
269 MONITOR_ANS_AUTH2_READ_BANNER
, &m
);
270 banner
= buffer_get_string(&m
, NULL
);
273 /* treat empty banner as missing banner */
274 if (strlen(banner
) == 0) {
281 /* Inform the privileged process about service and style */
284 mm_inform_authserv(char *service
, char *style
)
288 debug3("%s entering", __func__
);
291 buffer_put_cstring(&m
, service
);
292 buffer_put_cstring(&m
, style
? style
: "");
294 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_AUTHSERV
, &m
);
299 /* Do the password authentication */
301 mm_auth_password(Authctxt
*authctxt
, char *password
)
304 int authenticated
= 0;
306 debug3("%s entering", __func__
);
309 buffer_put_cstring(&m
, password
);
310 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_AUTHPASSWORD
, &m
);
312 debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__
);
313 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_AUTHPASSWORD
, &m
);
315 authenticated
= buffer_get_int(&m
);
319 debug3("%s: user %sauthenticated",
320 __func__
, authenticated
? "" : "not ");
321 return (authenticated
);
325 mm_user_key_allowed(struct passwd
*pw
, Key
*key
)
327 return (mm_key_allowed(MM_USERKEY
, NULL
, NULL
, key
));
331 mm_hostbased_key_allowed(struct passwd
*pw
, char *user
, char *host
,
334 return (mm_key_allowed(MM_HOSTKEY
, user
, host
, key
));
338 mm_auth_rhosts_rsa_key_allowed(struct passwd
*pw
, char *user
,
339 char *host
, Key
*key
)
343 key
->type
= KEY_RSA
; /* XXX hack for key_to_blob */
344 ret
= mm_key_allowed(MM_RSAHOSTKEY
, user
, host
, key
);
345 key
->type
= KEY_RSA1
;
350 mm_send_debug(Buffer
*m
)
354 while (buffer_len(m
)) {
355 msg
= buffer_get_string(m
, NULL
);
356 debug3("%s: Sending debug: %s", __func__
, msg
);
357 packet_send_debug("%s", msg
);
363 mm_key_allowed(enum mm_keytype type
, char *user
, char *host
, Key
*key
)
368 int allowed
= 0, have_forced
= 0;
370 debug3("%s entering", __func__
);
372 /* Convert the key to a blob and the pass it over */
373 if (!key_to_blob(key
, &blob
, &len
))
377 buffer_put_int(&m
, type
);
378 buffer_put_cstring(&m
, user
? user
: "");
379 buffer_put_cstring(&m
, host
? host
: "");
380 buffer_put_string(&m
, blob
, len
);
383 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_KEYALLOWED
, &m
);
385 debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__
);
386 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_KEYALLOWED
, &m
);
388 allowed
= buffer_get_int(&m
);
390 /* fake forced command */
391 auth_clear_options();
392 have_forced
= buffer_get_int(&m
);
393 forced_command
= have_forced
? xstrdup("true") : NULL
;
395 /* Send potential debug messages */
404 * This key verify needs to send the key type along, because the
405 * privileged parent makes the decision if the key is allowed
406 * for authentication.
410 mm_key_verify(Key
*key
, u_char
*sig
, u_int siglen
, u_char
*data
, u_int datalen
)
417 debug3("%s entering", __func__
);
419 /* Convert the key to a blob and the pass it over */
420 if (!key_to_blob(key
, &blob
, &len
))
424 buffer_put_string(&m
, blob
, len
);
425 buffer_put_string(&m
, sig
, siglen
);
426 buffer_put_string(&m
, data
, datalen
);
429 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_KEYVERIFY
, &m
);
431 debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__
);
432 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_KEYVERIFY
, &m
);
434 verified
= buffer_get_int(&m
);
441 /* Export key state after authentication */
443 mm_newkeys_from_blob(u_char
*blob
, int blen
)
447 Newkeys
*newkey
= NULL
;
452 debug3("%s: %p(%d)", __func__
, blob
, blen
);
454 dump_base64(stderr
, blob
, blen
);
457 buffer_append(&b
, blob
, blen
);
459 newkey
= xmalloc(sizeof(*newkey
));
462 comp
= &newkey
->comp
;
465 enc
->name
= buffer_get_string(&b
, NULL
);
466 buffer_get(&b
, &enc
->cipher
, sizeof(enc
->cipher
));
467 enc
->enabled
= buffer_get_int(&b
);
468 enc
->block_size
= buffer_get_int(&b
);
469 enc
->key
= buffer_get_string(&b
, &enc
->key_len
);
470 enc
->iv
= buffer_get_string(&b
, &len
);
471 if (len
!= enc
->block_size
)
472 fatal("%s: bad ivlen: expected %u != %u", __func__
,
473 enc
->block_size
, len
);
475 if (enc
->name
== NULL
|| cipher_by_name(enc
->name
) != enc
->cipher
)
476 fatal("%s: bad cipher name %s or pointer %p", __func__
,
477 enc
->name
, enc
->cipher
);
480 mac
->name
= buffer_get_string(&b
, NULL
);
481 if (mac
->name
== NULL
|| mac_setup(mac
, mac
->name
) == -1)
482 fatal("%s: can not setup mac %s", __func__
, mac
->name
);
483 mac
->enabled
= buffer_get_int(&b
);
484 mac
->key
= buffer_get_string(&b
, &len
);
485 if (len
> mac
->key_len
)
486 fatal("%s: bad mac key length: %u > %d", __func__
, len
,
491 comp
->type
= buffer_get_int(&b
);
492 comp
->enabled
= buffer_get_int(&b
);
493 comp
->name
= buffer_get_string(&b
, NULL
);
495 len
= buffer_len(&b
);
497 error("newkeys_from_blob: remaining bytes in blob %u", len
);
503 mm_newkeys_to_blob(int mode
, u_char
**blobp
, u_int
*lenp
)
510 Newkeys
*newkey
= newkeys
[mode
];
512 debug3("%s: converting %p", __func__
, newkey
);
514 if (newkey
== NULL
) {
515 error("%s: newkey == NULL", __func__
);
520 comp
= &newkey
->comp
;
524 buffer_put_cstring(&b
, enc
->name
);
525 /* The cipher struct is constant and shared, you export pointer */
526 buffer_append(&b
, &enc
->cipher
, sizeof(enc
->cipher
));
527 buffer_put_int(&b
, enc
->enabled
);
528 buffer_put_int(&b
, enc
->block_size
);
529 buffer_put_string(&b
, enc
->key
, enc
->key_len
);
530 packet_get_keyiv(mode
, enc
->iv
, enc
->block_size
);
531 buffer_put_string(&b
, enc
->iv
, enc
->block_size
);
534 buffer_put_cstring(&b
, mac
->name
);
535 buffer_put_int(&b
, mac
->enabled
);
536 buffer_put_string(&b
, mac
->key
, mac
->key_len
);
539 buffer_put_int(&b
, comp
->type
);
540 buffer_put_int(&b
, comp
->enabled
);
541 buffer_put_cstring(&b
, comp
->name
);
543 len
= buffer_len(&b
);
547 *blobp
= xmalloc(len
);
548 memcpy(*blobp
, buffer_ptr(&b
), len
);
550 memset(buffer_ptr(&b
), 0, len
);
556 mm_send_kex(Buffer
*m
, Kex
*kex
)
558 buffer_put_string(m
, kex
->session_id
, kex
->session_id_len
);
559 buffer_put_int(m
, kex
->we_need
);
560 buffer_put_int(m
, kex
->hostkey_type
);
561 buffer_put_int(m
, kex
->kex_type
);
562 buffer_put_string(m
, buffer_ptr(&kex
->my
), buffer_len(&kex
->my
));
563 buffer_put_string(m
, buffer_ptr(&kex
->peer
), buffer_len(&kex
->peer
));
564 buffer_put_int(m
, kex
->flags
);
565 buffer_put_cstring(m
, kex
->client_version_string
);
566 buffer_put_cstring(m
, kex
->server_version_string
);
570 mm_send_keystate(struct monitor
*monitor
)
575 u_int32_t seqnr
, packets
;
585 buffer_put_int(&m
, packet_get_protocol_flags());
587 buffer_put_int(&m
, packet_get_ssh1_cipher());
589 debug3("%s: Sending ssh1 KEY+IV", __func__
);
590 keylen
= packet_get_encryption_key(NULL
);
591 key
= xmalloc(keylen
+1); /* add 1 if keylen == 0 */
592 keylen
= packet_get_encryption_key(key
);
593 buffer_put_string(&m
, key
, keylen
);
594 memset(key
, 0, keylen
);
597 ivlen
= packet_get_keyiv_len(MODE_OUT
);
598 packet_get_keyiv(MODE_OUT
, iv
, ivlen
);
599 buffer_put_string(&m
, iv
, ivlen
);
600 ivlen
= packet_get_keyiv_len(MODE_OUT
);
601 packet_get_keyiv(MODE_IN
, iv
, ivlen
);
602 buffer_put_string(&m
, iv
, ivlen
);
605 /* Kex for rekeying */
606 mm_send_kex(&m
, *monitor
->m_pkex
);
609 debug3("%s: Sending new keys: %p %p",
610 __func__
, newkeys
[MODE_OUT
], newkeys
[MODE_IN
]);
613 if (!mm_newkeys_to_blob(MODE_OUT
, &blob
, &bloblen
))
614 fatal("%s: conversion of newkeys failed", __func__
);
616 buffer_put_string(&m
, blob
, bloblen
);
619 if (!mm_newkeys_to_blob(MODE_IN
, &blob
, &bloblen
))
620 fatal("%s: conversion of newkeys failed", __func__
);
622 buffer_put_string(&m
, blob
, bloblen
);
625 packet_get_state(MODE_OUT
, &seqnr
, &blocks
, &packets
);
626 buffer_put_int(&m
, seqnr
);
627 buffer_put_int64(&m
, blocks
);
628 buffer_put_int(&m
, packets
);
629 packet_get_state(MODE_IN
, &seqnr
, &blocks
, &packets
);
630 buffer_put_int(&m
, seqnr
);
631 buffer_put_int64(&m
, blocks
);
632 buffer_put_int(&m
, packets
);
634 debug3("%s: New keys have been sent", __func__
);
636 /* More key context */
637 plen
= packet_get_keycontext(MODE_OUT
, NULL
);
639 packet_get_keycontext(MODE_OUT
, p
);
640 buffer_put_string(&m
, p
, plen
);
643 plen
= packet_get_keycontext(MODE_IN
, NULL
);
645 packet_get_keycontext(MODE_IN
, p
);
646 buffer_put_string(&m
, p
, plen
);
649 /* Compression state */
650 debug3("%s: Sending compression state", __func__
);
651 buffer_put_string(&m
, &outgoing_stream
, sizeof(outgoing_stream
));
652 buffer_put_string(&m
, &incoming_stream
, sizeof(incoming_stream
));
654 /* Network I/O buffers */
655 buffer_put_string(&m
, buffer_ptr(&input
), buffer_len(&input
));
656 buffer_put_string(&m
, buffer_ptr(&output
), buffer_len(&output
));
658 mm_request_send(monitor
->m_recvfd
, MONITOR_REQ_KEYEXPORT
, &m
);
659 debug3("%s: Finished sending state", __func__
);
665 mm_pty_allocate(int *ptyfd
, int *ttyfd
, char *namebuf
, size_t namebuflen
)
669 int success
= 0, tmp1
= -1, tmp2
= -1;
671 /* Kludge: ensure there are fds free to receive the pty/tty */
672 if ((tmp1
= dup(pmonitor
->m_recvfd
)) == -1 ||
673 (tmp2
= dup(pmonitor
->m_recvfd
)) == -1) {
674 error("%s: cannot allocate fds for pty", __func__
);
685 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PTY
, &m
);
687 debug3("%s: waiting for MONITOR_ANS_PTY", __func__
);
688 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_PTY
, &m
);
690 success
= buffer_get_int(&m
);
692 debug3("%s: pty alloc failed", __func__
);
696 p
= buffer_get_string(&m
, NULL
);
697 msg
= buffer_get_string(&m
, NULL
);
700 strlcpy(namebuf
, p
, namebuflen
); /* Possible truncation */
703 buffer_append(&loginmsg
, msg
, strlen(msg
));
706 if ((*ptyfd
= mm_receive_fd(pmonitor
->m_recvfd
)) == -1 ||
707 (*ttyfd
= mm_receive_fd(pmonitor
->m_recvfd
)) == -1)
708 fatal("%s: receive fds failed", __func__
);
715 mm_session_pty_cleanup2(Session
*s
)
722 buffer_put_cstring(&m
, s
->tty
);
723 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PTYCLEANUP
, &m
);
726 /* closed dup'ed master */
727 if (s
->ptymaster
!= -1 && close(s
->ptymaster
) < 0)
728 error("close(s->ptymaster/%d): %s",
729 s
->ptymaster
, strerror(errno
));
731 /* unlink pty from session */
737 mm_start_pam(Authctxt
*authctxt
)
741 debug3("%s entering", __func__
);
742 if (!options
.use_pam
)
743 fatal("UsePAM=no, but ended up in %s anyway", __func__
);
746 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PAM_START
, &m
);
752 mm_do_pam_account(void)
758 debug3("%s entering", __func__
);
759 if (!options
.use_pam
)
760 fatal("UsePAM=no, but ended up in %s anyway", __func__
);
763 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PAM_ACCOUNT
, &m
);
765 mm_request_receive_expect(pmonitor
->m_recvfd
,
766 MONITOR_ANS_PAM_ACCOUNT
, &m
);
767 ret
= buffer_get_int(&m
);
768 msg
= buffer_get_string(&m
, NULL
);
769 buffer_append(&loginmsg
, msg
, strlen(msg
));
774 debug3("%s returning %d", __func__
, ret
);
780 mm_sshpam_init_ctx(Authctxt
*authctxt
)
785 debug3("%s", __func__
);
787 buffer_put_cstring(&m
, authctxt
->user
);
788 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PAM_INIT_CTX
, &m
);
789 debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__
);
790 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_PAM_INIT_CTX
, &m
);
791 success
= buffer_get_int(&m
);
793 debug3("%s: pam_init_ctx failed", __func__
);
802 mm_sshpam_query(void *ctx
, char **name
, char **info
,
803 u_int
*num
, char ***prompts
, u_int
**echo_on
)
809 debug3("%s", __func__
);
811 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PAM_QUERY
, &m
);
812 debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__
);
813 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_PAM_QUERY
, &m
);
814 ret
= buffer_get_int(&m
);
815 debug3("%s: pam_query returned %d", __func__
, ret
);
816 *name
= buffer_get_string(&m
, NULL
);
817 *info
= buffer_get_string(&m
, NULL
);
818 *num
= buffer_get_int(&m
);
819 if (*num
> PAM_MAX_NUM_MSG
)
820 fatal("%s: recieved %u PAM messages, expected <= %u",
821 __func__
, *num
, PAM_MAX_NUM_MSG
);
822 *prompts
= xcalloc((*num
+ 1), sizeof(char *));
823 *echo_on
= xcalloc((*num
+ 1), sizeof(u_int
));
824 for (i
= 0; i
< *num
; ++i
) {
825 (*prompts
)[i
] = buffer_get_string(&m
, NULL
);
826 (*echo_on
)[i
] = buffer_get_int(&m
);
833 mm_sshpam_respond(void *ctx
, u_int num
, char **resp
)
839 debug3("%s", __func__
);
841 buffer_put_int(&m
, num
);
842 for (i
= 0; i
< num
; ++i
)
843 buffer_put_cstring(&m
, resp
[i
]);
844 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PAM_RESPOND
, &m
);
845 debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__
);
846 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_PAM_RESPOND
, &m
);
847 ret
= buffer_get_int(&m
);
848 debug3("%s: pam_respond returned %d", __func__
, ret
);
854 mm_sshpam_free_ctx(void *ctxtp
)
858 debug3("%s", __func__
);
860 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_PAM_FREE_CTX
, &m
);
861 debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__
);
862 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_PAM_FREE_CTX
, &m
);
867 /* Request process termination */
875 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_TERM
, &m
);
880 mm_ssh1_session_key(BIGNUM
*num
)
886 buffer_put_bignum2(&m
, num
);
887 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_SESSKEY
, &m
);
889 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_SESSKEY
, &m
);
891 rsafail
= buffer_get_int(&m
);
892 buffer_get_bignum2(&m
, num
);
900 mm_chall_setup(char **name
, char **infotxt
, u_int
*numprompts
,
901 char ***prompts
, u_int
**echo_on
)
904 *infotxt
= xstrdup("");
906 *prompts
= xcalloc(*numprompts
, sizeof(char *));
907 *echo_on
= xcalloc(*numprompts
, sizeof(u_int
));
912 mm_bsdauth_query(void *ctx
, char **name
, char **infotxt
,
913 u_int
*numprompts
, char ***prompts
, u_int
**echo_on
)
919 debug3("%s: entering", __func__
);
922 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_BSDAUTHQUERY
, &m
);
924 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_BSDAUTHQUERY
,
926 success
= buffer_get_int(&m
);
928 debug3("%s: no challenge", __func__
);
933 /* Get the challenge, and format the response */
934 challenge
= buffer_get_string(&m
, NULL
);
937 mm_chall_setup(name
, infotxt
, numprompts
, prompts
, echo_on
);
938 (*prompts
)[0] = challenge
;
940 debug3("%s: received challenge: %s", __func__
, challenge
);
946 mm_bsdauth_respond(void *ctx
, u_int numresponses
, char **responses
)
951 debug3("%s: entering", __func__
);
952 if (numresponses
!= 1)
956 buffer_put_cstring(&m
, responses
[0]);
957 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_BSDAUTHRESPOND
, &m
);
959 mm_request_receive_expect(pmonitor
->m_recvfd
,
960 MONITOR_ANS_BSDAUTHRESPOND
, &m
);
962 authok
= buffer_get_int(&m
);
965 return ((authok
== 0) ? -1 : 0);
970 mm_skey_query(void *ctx
, char **name
, char **infotxt
,
971 u_int
*numprompts
, char ***prompts
, u_int
**echo_on
)
977 debug3("%s: entering", __func__
);
980 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_SKEYQUERY
, &m
);
982 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_SKEYQUERY
,
984 success
= buffer_get_int(&m
);
986 debug3("%s: no challenge", __func__
);
991 /* Get the challenge, and format the response */
992 challenge
= buffer_get_string(&m
, NULL
);
995 debug3("%s: received challenge: %s", __func__
, challenge
);
997 mm_chall_setup(name
, infotxt
, numprompts
, prompts
, echo_on
);
999 xasprintf(*prompts
, "%s%s", challenge
, SKEY_PROMPT
);
1006 mm_skey_respond(void *ctx
, u_int numresponses
, char **responses
)
1011 debug3("%s: entering", __func__
);
1012 if (numresponses
!= 1)
1016 buffer_put_cstring(&m
, responses
[0]);
1017 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_SKEYRESPOND
, &m
);
1019 mm_request_receive_expect(pmonitor
->m_recvfd
,
1020 MONITOR_ANS_SKEYRESPOND
, &m
);
1022 authok
= buffer_get_int(&m
);
1025 return ((authok
== 0) ? -1 : 0);
1030 mm_ssh1_session_id(u_char session_id
[16])
1035 debug3("%s entering", __func__
);
1038 for (i
= 0; i
< 16; i
++)
1039 buffer_put_char(&m
, session_id
[i
]);
1041 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_SESSID
, &m
);
1046 mm_auth_rsa_key_allowed(struct passwd
*pw
, BIGNUM
*client_n
, Key
**rkey
)
1052 int allowed
= 0, have_forced
= 0;
1054 debug3("%s entering", __func__
);
1057 buffer_put_bignum2(&m
, client_n
);
1059 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_RSAKEYALLOWED
, &m
);
1060 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_RSAKEYALLOWED
, &m
);
1062 allowed
= buffer_get_int(&m
);
1064 /* fake forced command */
1065 auth_clear_options();
1066 have_forced
= buffer_get_int(&m
);
1067 forced_command
= have_forced
? xstrdup("true") : NULL
;
1069 if (allowed
&& rkey
!= NULL
) {
1070 blob
= buffer_get_string(&m
, &blen
);
1071 if ((key
= key_from_blob(blob
, blen
)) == NULL
)
1072 fatal("%s: key_from_blob failed", __func__
);
1083 mm_auth_rsa_generate_challenge(Key
*key
)
1090 debug3("%s entering", __func__
);
1092 if ((challenge
= BN_new()) == NULL
)
1093 fatal("%s: BN_new failed", __func__
);
1095 key
->type
= KEY_RSA
; /* XXX cheat for key_to_blob */
1096 if (key_to_blob(key
, &blob
, &blen
) == 0)
1097 fatal("%s: key_to_blob failed", __func__
);
1098 key
->type
= KEY_RSA1
;
1101 buffer_put_string(&m
, blob
, blen
);
1104 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_RSACHALLENGE
, &m
);
1105 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_RSACHALLENGE
, &m
);
1107 buffer_get_bignum2(&m
, challenge
);
1114 mm_auth_rsa_verify_response(Key
*key
, BIGNUM
*p
, u_char response
[16])
1121 debug3("%s entering", __func__
);
1123 key
->type
= KEY_RSA
; /* XXX cheat for key_to_blob */
1124 if (key_to_blob(key
, &blob
, &blen
) == 0)
1125 fatal("%s: key_to_blob failed", __func__
);
1126 key
->type
= KEY_RSA1
;
1129 buffer_put_string(&m
, blob
, blen
);
1130 buffer_put_string(&m
, response
, 16);
1133 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_RSARESPONSE
, &m
);
1134 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_RSARESPONSE
, &m
);
1136 success
= buffer_get_int(&m
);
1142 #ifdef SSH_AUDIT_EVENTS
1144 mm_audit_event(ssh_audit_event_t event
)
1148 debug3("%s entering", __func__
);
1151 buffer_put_int(&m
, event
);
1153 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_AUDIT_EVENT
, &m
);
1158 mm_audit_run_command(const char *command
)
1162 debug3("%s entering command %s", __func__
, command
);
1165 buffer_put_cstring(&m
, command
);
1167 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_AUDIT_COMMAND
, &m
);
1170 #endif /* SSH_AUDIT_EVENTS */
1174 mm_ssh_gssapi_server_ctx(Gssctxt
**ctx
, gss_OID goid
)
1179 /* Client doesn't get to see the context */
1183 buffer_put_string(&m
, goid
->elements
, goid
->length
);
1185 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_GSSSETUP
, &m
);
1186 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_GSSSETUP
, &m
);
1188 major
= buffer_get_int(&m
);
1195 mm_ssh_gssapi_accept_ctx(Gssctxt
*ctx
, gss_buffer_desc
*in
,
1196 gss_buffer_desc
*out
, OM_uint32
*flags
)
1203 buffer_put_string(&m
, in
->value
, in
->length
);
1205 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_GSSSTEP
, &m
);
1206 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_GSSSTEP
, &m
);
1208 major
= buffer_get_int(&m
);
1209 out
->value
= buffer_get_string(&m
, &len
);
1212 *flags
= buffer_get_int(&m
);
1220 mm_ssh_gssapi_checkmic(Gssctxt
*ctx
, gss_buffer_t gssbuf
, gss_buffer_t gssmic
)
1226 buffer_put_string(&m
, gssbuf
->value
, gssbuf
->length
);
1227 buffer_put_string(&m
, gssmic
->value
, gssmic
->length
);
1229 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_GSSCHECKMIC
, &m
);
1230 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_GSSCHECKMIC
,
1233 major
= buffer_get_int(&m
);
1239 mm_ssh_gssapi_userok(char *user
)
1242 int authenticated
= 0;
1246 mm_request_send(pmonitor
->m_recvfd
, MONITOR_REQ_GSSUSEROK
, &m
);
1247 mm_request_receive_expect(pmonitor
->m_recvfd
, MONITOR_ANS_GSSUSEROK
,
1250 authenticated
= buffer_get_int(&m
);
1253 debug3("%s: user %sauthenticated",__func__
, authenticated
? "" : "not ");
1254 return (authenticated
);