- markus@cvs.openbsd.org 2002/05/13 20:44:58

[auth-options.c auth.c auth.h] move the packet_send_debug handling from auth-options.c to auth.c; ok provos@
author: Ben Lindstrom <mouring@eviladmin.org> 2002-05-15 16:16:14 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2002-05-15 16:16:14 +0000
commit: a574cda45b5d3c3363520ef9e4aa3aaa5888c078 (patch)
tree: e437d6e854db91fd3a9744d922ff942f465b249a /auth-options.c
parent: 58d4dafeb1159cebd03a2b32cb87a1970606a441 (diff)
1 files changed, 19 insertions, 57 deletions
diff --git a/auth-options.c b/auth-options.c
index 3408b3d8f..2787d2948 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth-options.c,v 1.23 2002/03/19 10:35:39 markus Exp $");
+RCSID("$OpenBSD: auth-options.c,v 1.24 2002/05/13 20:44:58 markus Exp $");
 #include "packet.h"
 #include "xmalloc.h"
@@ -23,10 +23,7 @@ RCSID("$OpenBSD: auth-options.c,v 1.23 2002/03/19 10:35:39 markus Exp $");
 #include "bufaux.h"
 #include "misc.h"
 #include "monitor_wrap.h"
+#include "auth.h"
-/* Debugging messages */
-Buffer auth_debug;
-int auth_debug_init;
 /* Flags set authorized_keys flags */
 int no_port_forwarding_flag = 0;
@@ -42,28 +39,9 @@ struct envstring *custom_environment = NULL;
 extern ServerOptions options;
-static void
-auth_send_debug(Buffer *m)
-{
-        char *msg;
-        while (buffer_len(m)) {
-                msg = buffer_get_string(m, NULL);
-                packet_send_debug("%s", msg);
-                xfree(msg);
-        }
-}
 void
 auth_clear_options(void)
 {
-        if (auth_debug_init)
-                buffer_clear(&auth_debug);
-        else {
-                buffer_init(&auth_debug);
-                auth_debug_init = 1;
-        }
        no_agent_forwarding_flag = 0;
        no_port_forwarding_flag = 0;
        no_pty_flag = 0;
@@ -79,6 +57,7 @@ auth_clear_options(void)
                forced_command = NULL;
        }
        channel_clear_permitted_opens();
+        auth_debug_reset();
 }
 /*
@@ -88,7 +67,6 @@ auth_clear_options(void)
 int
 auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
 {
-        char tmp[1024];
        const char *cp;
        int i;
@@ -101,32 +79,28 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
        while (*opts && *opts != ' ' && *opts != '\t') {
                cp = "no-port-forwarding";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                        snprintf(tmp, sizeof(tmp), "Port forwarding disabled.");
+                        auth_debug_add("Port forwarding disabled.");
-                        buffer_put_cstring(&auth_debug, tmp);
                        no_port_forwarding_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
                }
                cp = "no-agent-forwarding";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                        snprintf(tmp, sizeof(tmp), "Agent forwarding disabled.");
+                        auth_debug_add("Agent forwarding disabled.");
-                        buffer_put_cstring(&auth_debug, tmp);
                        no_agent_forwarding_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
                }
                cp = "no-X11-forwarding";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                        snprintf(tmp, sizeof(tmp), "X11 forwarding disabled.");
+                        auth_debug_add("X11 forwarding disabled.");
-                        buffer_put_cstring(&auth_debug, tmp);
                        no_x11_forwarding_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
                }
                cp = "no-pty";
                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
-                        snprintf(tmp, sizeof(tmp), "Pty allocation disabled.");
+                        auth_debug_add("Pty allocation disabled.");
-                        buffer_put_cstring(&auth_debug, tmp);
                        no_pty_flag = 1;
                        opts += strlen(cp);
                        goto next_option;
@@ -149,16 +123,14 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
+                                auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                buffer_put_cstring(&auth_debug, tmp);
                                xfree(forced_command);
                                forced_command = NULL;
                                goto bad_option;
                        }
                        forced_command[i] = 0;
-                        snprintf(tmp, sizeof(tmp), "Forced command: %.900s", forced_command);
+                        auth_debug_add("Forced command: %.900s", forced_command);
-                        buffer_put_cstring(&auth_debug, tmp);
                        opts++;
                        goto next_option;
                }
@@ -183,15 +155,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
+                                auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                buffer_put_cstring(&auth_debug, tmp);
                                xfree(s);
                                goto bad_option;
                        }
                        s[i] = 0;
-                        snprintf(tmp, sizeof(tmp), "Adding to environment: %.900s", s);
+                        auth_debug_add("Adding to environment: %.900s", s);
-                        buffer_put_cstring(&auth_debug, tmp);
                        debug("Adding to environment: %.900s", s);
                        opts++;
                        new_envstring = xmalloc(sizeof(struct envstring));
@@ -222,9 +192,8 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
+                                auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                buffer_put_cstring(&auth_debug, tmp);
                                xfree(patterns);
                                goto bad_option;
                        }
@@ -237,11 +206,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                    "correct key but not from a permitted "
                                    "host (host=%.200s, ip=%.200s).",
                                    pw->pw_name, remote_host, remote_ip);
-                                snprintf(tmp, sizeof(tmp),
+                                auth_debug_add("Your host '%.200s' is not "
-                                    "Your host '%.200s' is not "
                                    "permitted to use this key for login.",
                                    remote_host);
-                                buffer_put_cstring(&auth_debug, tmp);
                                /* deny access */
                                return 0;
                        }
@@ -270,9 +237,8 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        if (!*opts) {
                                debug("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
+                                auth_debug_add("%.100s, line %lu: missing end quote",
                                    file, linenum);
-                                buffer_put_cstring(&auth_debug, tmp);
                                xfree(patterns);
                                goto bad_option;
                        }
@@ -282,18 +248,16 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                            sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) {
                                debug("%.100s, line %lu: Bad permitopen specification "
                                    "<%.100s>", file, linenum, patterns);
-                                snprintf(tmp, sizeof(tmp), "%.100s, line %lu: "
+                                auth_debug_add("%.100s, line %lu: "
                                    "Bad permitopen specification", file, linenum);
-                                buffer_put_cstring(&auth_debug, tmp);
                                xfree(patterns);
                                goto bad_option;
                        }
                        if ((port = a2port(sport)) == 0) {
                                debug("%.100s, line %lu: Bad permitopen port <%.100s>",
                                    file, linenum, sport);
-                                snprintf(tmp, sizeof(tmp), "%.100s, line %lu: "
+                                auth_debug_add("%.100s, line %lu: "
                                    "Bad permitopen port", file, linenum);
-                                buffer_put_cstring(&auth_debug, tmp);
                                xfree(patterns);
                                goto bad_option;
                        }
@@ -318,7 +282,7 @@ next_option:
        }
        if (!use_privsep)
-                auth_send_debug(&auth_debug);
+                auth_debug_send();
        /* grant access */
        return 1;
@@ -326,13 +290,11 @@ next_option:
 bad_option:
        log("Bad options in %.100s file, line %lu: %.50s",
            file, linenum, opts);
-        snprintf(tmp, sizeof(tmp),
+        auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
-            "Bad options in %.100s file, line %lu: %.50s",
            file, linenum, opts);
-        buffer_put_cstring(&auth_debug, tmp);
        if (!use_privsep)
-                auth_send_debug(&auth_debug);
+                auth_debug_send();
        /* deny access */
        return 0;
author	Ben Lindstrom <mouring@eviladmin.org>	2002-05-15 16:16:14 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2002-05-15 16:16:14 +0000
commit	a574cda45b5d3c3363520ef9e4aa3aaa5888c078 (patch)
tree	e437d6e854db91fd3a9744d922ff942f465b249a /auth-options.c
parent	58d4dafeb1159cebd03a2b32cb87a1970606a441 (diff)

diff --git a/auth-options.c b/auth-options.c index 3408b3d8f..2787d2948 100644 --- a/auth-options.c +++ b/auth-options.c
@@ -10,7 +10,7 @@
10	*/	10	*/
11		11
12	#include "includes.h"	12	#include "includes.h"
13	RCSID("$OpenBSD: auth-options.c,v 1.23 2002/03/19 10:35:39 markus Exp $");	13	RCSID("$OpenBSD: auth-options.c,v 1.24 2002/05/13 20:44:58 markus Exp $");
14		14
15	#include "packet.h"	15	#include "packet.h"
16	#include "xmalloc.h"	16	#include "xmalloc.h"
@@ -23,10 +23,7 @@ RCSID("$OpenBSD: auth-options.c,v 1.23 2002/03/19 10:35:39 markus Exp $");
23	#include "bufaux.h"	23	#include "bufaux.h"
24	#include "misc.h"	24	#include "misc.h"
25	#include "monitor_wrap.h"	25	#include "monitor_wrap.h"
26		26	#include "auth.h"
27	/* Debugging messages */
28	Buffer auth_debug;
29	int auth_debug_init;
30		27
31	/* Flags set authorized_keys flags */	28	/* Flags set authorized_keys flags */
32	int no_port_forwarding_flag = 0;	29	int no_port_forwarding_flag = 0;
@@ -42,28 +39,9 @@ struct envstring *custom_environment = NULL;
42		39
43	extern ServerOptions options;	40	extern ServerOptions options;
44		41
45	static void
46	auth_send_debug(Buffer *m)
47	{
48	char *msg;
49
50	while (buffer_len(m)) {
51	msg = buffer_get_string(m, NULL);
52	packet_send_debug("%s", msg);
53	xfree(msg);
54	}
55	}
56
57	void	42	void
58	auth_clear_options(void)	43	auth_clear_options(void)
59	{	44	{
60	if (auth_debug_init)
61	buffer_clear(&auth_debug);
62	else {
63	buffer_init(&auth_debug);
64	auth_debug_init = 1;
65	}
66
67	no_agent_forwarding_flag = 0;	45	no_agent_forwarding_flag = 0;
68	no_port_forwarding_flag = 0;	46	no_port_forwarding_flag = 0;
69	no_pty_flag = 0;	47	no_pty_flag = 0;
@@ -79,6 +57,7 @@ auth_clear_options(void)
79	forced_command = NULL;	57	forced_command = NULL;
80	}	58	}
81	channel_clear_permitted_opens();	59	channel_clear_permitted_opens();
		60	auth_debug_reset();
82	}	61	}
83		62
84	/*	63	/*
@@ -88,7 +67,6 @@ auth_clear_options(void)
88	int	67	int
89	auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)	68	auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
90	{	69	{
91	char tmp[1024];
92	const char *cp;	70	const char *cp;
93	int i;	71	int i;
94		72
@@ -101,32 +79,28 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
101	while (opts && opts != ' ' && *opts != '\t') {	79	while (opts && opts != ' ' && *opts != '\t') {
102	cp = "no-port-forwarding";	80	cp = "no-port-forwarding";
103	if (strncasecmp(opts, cp, strlen(cp)) == 0) {	81	if (strncasecmp(opts, cp, strlen(cp)) == 0) {
104	snprintf(tmp, sizeof(tmp), "Port forwarding disabled.");	82	auth_debug_add("Port forwarding disabled.");
105	buffer_put_cstring(&auth_debug, tmp);
106	no_port_forwarding_flag = 1;	83	no_port_forwarding_flag = 1;
107	opts += strlen(cp);	84	opts += strlen(cp);
108	goto next_option;	85	goto next_option;
109	}	86	}
110	cp = "no-agent-forwarding";	87	cp = "no-agent-forwarding";
111	if (strncasecmp(opts, cp, strlen(cp)) == 0) {	88	if (strncasecmp(opts, cp, strlen(cp)) == 0) {
112	snprintf(tmp, sizeof(tmp), "Agent forwarding disabled.");	89	auth_debug_add("Agent forwarding disabled.");
113	buffer_put_cstring(&auth_debug, tmp);
114	no_agent_forwarding_flag = 1;	90	no_agent_forwarding_flag = 1;
115	opts += strlen(cp);	91	opts += strlen(cp);
116	goto next_option;	92	goto next_option;
117	}	93	}
118	cp = "no-X11-forwarding";	94	cp = "no-X11-forwarding";
119	if (strncasecmp(opts, cp, strlen(cp)) == 0) {	95	if (strncasecmp(opts, cp, strlen(cp)) == 0) {
120	snprintf(tmp, sizeof(tmp), "X11 forwarding disabled.");	96	auth_debug_add("X11 forwarding disabled.");
121	buffer_put_cstring(&auth_debug, tmp);
122	no_x11_forwarding_flag = 1;	97	no_x11_forwarding_flag = 1;
123	opts += strlen(cp);	98	opts += strlen(cp);
124	goto next_option;	99	goto next_option;
125	}	100	}
126	cp = "no-pty";	101	cp = "no-pty";
127	if (strncasecmp(opts, cp, strlen(cp)) == 0) {	102	if (strncasecmp(opts, cp, strlen(cp)) == 0) {
128	snprintf(tmp, sizeof(tmp), "Pty allocation disabled.");	103	auth_debug_add("Pty allocation disabled.");
129	buffer_put_cstring(&auth_debug, tmp);
130	no_pty_flag = 1;	104	no_pty_flag = 1;
131	opts += strlen(cp);	105	opts += strlen(cp);
132	goto next_option;	106	goto next_option;
@@ -149,16 +123,14 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
149	if (!*opts) {	123	if (!*opts) {
150	debug("%.100s, line %lu: missing end quote",	124	debug("%.100s, line %lu: missing end quote",
151	file, linenum);	125	file, linenum);
152	snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",	126	auth_debug_add("%.100s, line %lu: missing end quote",
153	file, linenum);	127	file, linenum);
154	buffer_put_cstring(&auth_debug, tmp);
155	xfree(forced_command);	128	xfree(forced_command);
156	forced_command = NULL;	129	forced_command = NULL;
157	goto bad_option;	130	goto bad_option;
158	}	131	}
159	forced_command[i] = 0;	132	forced_command[i] = 0;
160	snprintf(tmp, sizeof(tmp), "Forced command: %.900s", forced_command);	133	auth_debug_add("Forced command: %.900s", forced_command);
161	buffer_put_cstring(&auth_debug, tmp);
162	opts++;	134	opts++;
163	goto next_option;	135	goto next_option;
164	}	136	}
@@ -183,15 +155,13 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
183	if (!*opts) {	155	if (!*opts) {
184	debug("%.100s, line %lu: missing end quote",	156	debug("%.100s, line %lu: missing end quote",
185	file, linenum);	157	file, linenum);
186	snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",	158	auth_debug_add("%.100s, line %lu: missing end quote",
187	file, linenum);	159	file, linenum);
188	buffer_put_cstring(&auth_debug, tmp);
189	xfree(s);	160	xfree(s);
190	goto bad_option;	161	goto bad_option;
191	}	162	}
192	s[i] = 0;	163	s[i] = 0;
193	snprintf(tmp, sizeof(tmp), "Adding to environment: %.900s", s);	164	auth_debug_add("Adding to environment: %.900s", s);
194	buffer_put_cstring(&auth_debug, tmp);
195	debug("Adding to environment: %.900s", s);	165	debug("Adding to environment: %.900s", s);
196	opts++;	166	opts++;
197	new_envstring = xmalloc(sizeof(struct envstring));	167	new_envstring = xmalloc(sizeof(struct envstring));
@@ -222,9 +192,8 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
222	if (!*opts) {	192	if (!*opts) {
223	debug("%.100s, line %lu: missing end quote",	193	debug("%.100s, line %lu: missing end quote",
224	file, linenum);	194	file, linenum);
225	snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",	195	auth_debug_add("%.100s, line %lu: missing end quote",
226	file, linenum);	196	file, linenum);
227	buffer_put_cstring(&auth_debug, tmp);
228	xfree(patterns);	197	xfree(patterns);
229	goto bad_option;	198	goto bad_option;
230	}	199	}
@@ -237,11 +206,9 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
237	"correct key but not from a permitted "	206	"correct key but not from a permitted "
238	"host (host=%.200s, ip=%.200s).",	207	"host (host=%.200s, ip=%.200s).",
239	pw->pw_name, remote_host, remote_ip);	208	pw->pw_name, remote_host, remote_ip);
240	snprintf(tmp, sizeof(tmp),	209	auth_debug_add("Your host '%.200s' is not "
241	"Your host '%.200s' is not "
242	"permitted to use this key for login.",	210	"permitted to use this key for login.",
243	remote_host);	211	remote_host);
244	buffer_put_cstring(&auth_debug, tmp);
245	/* deny access */	212	/* deny access */
246	return 0;	213	return 0;
247	}	214	}
@@ -270,9 +237,8 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
270	if (!*opts) {	237	if (!*opts) {
271	debug("%.100s, line %lu: missing end quote",	238	debug("%.100s, line %lu: missing end quote",
272	file, linenum);	239	file, linenum);
273	snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",	240	auth_debug_add("%.100s, line %lu: missing end quote",
274	file, linenum);	241	file, linenum);
275	buffer_put_cstring(&auth_debug, tmp);
276	xfree(patterns);	242	xfree(patterns);
277	goto bad_option;	243	goto bad_option;
278	}	244	}
@@ -282,18 +248,16 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
282	sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) {	248	sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) {
283	debug("%.100s, line %lu: Bad permitopen specification "	249	debug("%.100s, line %lu: Bad permitopen specification "
284	"<%.100s>", file, linenum, patterns);	250	"<%.100s>", file, linenum, patterns);
285	snprintf(tmp, sizeof(tmp), "%.100s, line %lu: "	251	auth_debug_add("%.100s, line %lu: "
286	"Bad permitopen specification", file, linenum);	252	"Bad permitopen specification", file, linenum);
287	buffer_put_cstring(&auth_debug, tmp);
288	xfree(patterns);	253	xfree(patterns);
289	goto bad_option;	254	goto bad_option;
290	}	255	}
291	if ((port = a2port(sport)) == 0) {	256	if ((port = a2port(sport)) == 0) {
292	debug("%.100s, line %lu: Bad permitopen port <%.100s>",	257	debug("%.100s, line %lu: Bad permitopen port <%.100s>",
293	file, linenum, sport);	258	file, linenum, sport);
294	snprintf(tmp, sizeof(tmp), "%.100s, line %lu: "	259	auth_debug_add("%.100s, line %lu: "
295	"Bad permitopen port", file, linenum);	260	"Bad permitopen port", file, linenum);
296	buffer_put_cstring(&auth_debug, tmp);
297	xfree(patterns);	261	xfree(patterns);
298	goto bad_option;	262	goto bad_option;
299	}	263	}
@@ -318,7 +282,7 @@ next_option:
318	}	282	}
319		283
320	if (!use_privsep)	284	if (!use_privsep)
321	auth_send_debug(&auth_debug);	285	auth_debug_send();
322		286
323	/* grant access */	287	/* grant access */
324	return 1;	288	return 1;
@@ -326,13 +290,11 @@ next_option:
326	bad_option:	290	bad_option:
327	log("Bad options in %.100s file, line %lu: %.50s",	291	log("Bad options in %.100s file, line %lu: %.50s",
328	file, linenum, opts);	292	file, linenum, opts);
329	snprintf(tmp, sizeof(tmp),	293	auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
330	"Bad options in %.100s file, line %lu: %.50s",
331	file, linenum, opts);	294	file, linenum, opts);
332	buffer_put_cstring(&auth_debug, tmp);
333		295
334	if (!use_privsep)	296	if (!use_privsep)
335	auth_send_debug(&auth_debug);	297	auth_debug_send();
336		298
337	/* deny access */	299	/* deny access */
338	return 0;	300	return 0;