diff options
author | Damien Miller <djm@mindrot.org> | 2018-07-10 19:39:52 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-07-10 19:39:52 +1000 |
commit | 120a1ec74e8d9d29f4eb9a27972ddd22351ddef9 (patch) | |
tree | 52308557de781f1d8ffb083369e0c209bc305c02 /monitor.c | |
parent | 0f3958c1e6ffb8ea4ba27e2a97a00326fce23246 (diff) |
Adapt portable to legacy buffer API removal
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 127 |
1 files changed, 76 insertions, 51 deletions
@@ -298,7 +298,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
298 | memset(authctxt, 0, sizeof(*authctxt)); | 298 | memset(authctxt, 0, sizeof(*authctxt)); |
299 | ssh->authctxt = authctxt; | 299 | ssh->authctxt = authctxt; |
300 | 300 | ||
301 | authctxt->loginmsg = &loginmsg; | 301 | authctxt->loginmsg = loginmsg; |
302 | 302 | ||
303 | mon_dispatch = mon_dispatch_proto20; | 303 | mon_dispatch = mon_dispatch_proto20; |
304 | /* Permit requests for moduli and signatures */ | 304 | /* Permit requests for moduli and signatures */ |
@@ -336,13 +336,16 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
336 | #ifdef USE_PAM | 336 | #ifdef USE_PAM |
337 | /* PAM needs to perform account checks after auth */ | 337 | /* PAM needs to perform account checks after auth */ |
338 | if (options.use_pam && authenticated) { | 338 | if (options.use_pam && authenticated) { |
339 | Buffer m; | 339 | struct sshbuf *m; |
340 | 340 | ||
341 | buffer_init(&m); | 341 | if ((m = sshbuf_new()) == NULL) |
342 | fatal("%s: sshbuf_new failed", | ||
343 | __func__); | ||
342 | mm_request_receive_expect(pmonitor->m_sendfd, | 344 | mm_request_receive_expect(pmonitor->m_sendfd, |
343 | MONITOR_REQ_PAM_ACCOUNT, &m); | 345 | MONITOR_REQ_PAM_ACCOUNT, m); |
344 | authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); | 346 | authenticated = mm_answer_pam_account( |
345 | buffer_free(&m); | 347 | pmonitor->m_sendfd, m); |
348 | sshbuf_free(m); | ||
346 | } | 349 | } |
347 | #endif | 350 | #endif |
348 | } | 351 | } |
@@ -965,7 +968,7 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m) | |||
965 | 968 | ||
966 | #ifdef SKEY | 969 | #ifdef SKEY |
967 | int | 970 | int |
968 | mm_answer_skeyquery(int sock, Buffer *m) | 971 | mm_answer_skeyquery(int sock, struct sshbuf *m) |
969 | { | 972 | { |
970 | struct skey skey; | 973 | struct skey skey; |
971 | char challenge[1024]; | 974 | char challenge[1024]; |
@@ -974,11 +977,13 @@ mm_answer_skeyquery(int sock, Buffer *m) | |||
974 | success = _compat_skeychallenge(&skey, authctxt->user, challenge, | 977 | success = _compat_skeychallenge(&skey, authctxt->user, challenge, |
975 | sizeof(challenge)) < 0 ? 0 : 1; | 978 | sizeof(challenge)) < 0 ? 0 : 1; |
976 | 979 | ||
977 | buffer_clear(m); | 980 | sshbuf_reset(m); |
978 | buffer_put_int(m, success); | 981 | if ((r = sshbuf_put_u32(m, success)) != 0) |
979 | if (success) | 982 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
980 | buffer_put_cstring(m, challenge); | 983 | if (success) { |
981 | 984 | if ((r = sshbuf_put_cstring(m, challenge)) != 0) | |
985 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
986 | } | ||
982 | debug3("%s: sending challenge success: %u", __func__, success); | 987 | debug3("%s: sending challenge success: %u", __func__, success); |
983 | mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m); | 988 | mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m); |
984 | 989 | ||
@@ -986,22 +991,25 @@ mm_answer_skeyquery(int sock, Buffer *m) | |||
986 | } | 991 | } |
987 | 992 | ||
988 | int | 993 | int |
989 | mm_answer_skeyrespond(int sock, Buffer *m) | 994 | mm_answer_skeyrespond(int sock, struct sshbuf *m) |
990 | { | 995 | { |
991 | char *response; | 996 | char *response; |
997 | size_t rlen; | ||
992 | int authok; | 998 | int authok; |
993 | 999 | ||
994 | response = buffer_get_string(m, NULL); | 1000 | if ((r = sshbuf_get_cstring(m, &response, &rlen)) != 0) |
1001 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
995 | 1002 | ||
996 | authok = (options.challenge_response_authentication && | 1003 | authok = (options.challenge_response_authentication && |
997 | authctxt->valid && | 1004 | authctxt->valid && |
998 | skey_haskey(authctxt->pw->pw_name) == 0 && | 1005 | skey_haskey(authctxt->pw->pw_name) == 0 && |
999 | skey_passcheck(authctxt->pw->pw_name, response) != -1); | 1006 | skey_passcheck(authctxt->pw->pw_name, response) != -1); |
1000 | 1007 | ||
1001 | free(response); | 1008 | freezero(response, rlen); |
1002 | 1009 | ||
1003 | buffer_clear(m); | 1010 | sshbuf_reset(m); |
1004 | buffer_put_int(m, authok); | 1011 | if ((r = sshbuf_put_u32(m, authok)) != 0) |
1012 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1005 | 1013 | ||
1006 | debug3("%s: sending authenticated: %d", __func__, authok); | 1014 | debug3("%s: sending authenticated: %d", __func__, authok); |
1007 | mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m); | 1015 | mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m); |
@@ -1015,7 +1023,7 @@ mm_answer_skeyrespond(int sock, Buffer *m) | |||
1015 | 1023 | ||
1016 | #ifdef USE_PAM | 1024 | #ifdef USE_PAM |
1017 | int | 1025 | int |
1018 | mm_answer_pam_start(int sock, Buffer *m) | 1026 | mm_answer_pam_start(int sock, struct sshbuf *m) |
1019 | { | 1027 | { |
1020 | if (!options.use_pam) | 1028 | if (!options.use_pam) |
1021 | fatal("UsePAM not set, but ended up in %s anyway", __func__); | 1029 | fatal("UsePAM not set, but ended up in %s anyway", __func__); |
@@ -1030,17 +1038,19 @@ mm_answer_pam_start(int sock, Buffer *m) | |||
1030 | } | 1038 | } |
1031 | 1039 | ||
1032 | int | 1040 | int |
1033 | mm_answer_pam_account(int sock, Buffer *m) | 1041 | mm_answer_pam_account(int sock, struct sshbuf *m) |
1034 | { | 1042 | { |
1035 | u_int ret; | 1043 | u_int ret; |
1044 | int r; | ||
1036 | 1045 | ||
1037 | if (!options.use_pam) | 1046 | if (!options.use_pam) |
1038 | fatal("%s: PAM not enabled", __func__); | 1047 | fatal("%s: PAM not enabled", __func__); |
1039 | 1048 | ||
1040 | ret = do_pam_account(); | 1049 | ret = do_pam_account(); |
1041 | 1050 | ||
1042 | buffer_put_int(m, ret); | 1051 | if ((r = sshbuf_put_u32(m, ret)) != 0 || |
1043 | buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg)); | 1052 | (r = sshbuf_put_stringb(m, loginmsg)) != 0) |
1053 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1044 | 1054 | ||
1045 | mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); | 1055 | mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); |
1046 | 1056 | ||
@@ -1051,8 +1061,11 @@ static void *sshpam_ctxt, *sshpam_authok; | |||
1051 | extern KbdintDevice sshpam_device; | 1061 | extern KbdintDevice sshpam_device; |
1052 | 1062 | ||
1053 | int | 1063 | int |
1054 | mm_answer_pam_init_ctx(int sock, Buffer *m) | 1064 | mm_answer_pam_init_ctx(int sock, struct sshbuf *m) |
1055 | { | 1065 | { |
1066 | u_int ok = 0; | ||
1067 | int r; | ||
1068 | |||
1056 | debug3("%s", __func__); | 1069 | debug3("%s", __func__); |
1057 | if (!options.kbd_interactive_authentication) | 1070 | if (!options.kbd_interactive_authentication) |
1058 | fatal("%s: kbd-int authentication not enabled", __func__); | 1071 | fatal("%s: kbd-int authentication not enabled", __func__); |
@@ -1060,24 +1073,24 @@ mm_answer_pam_init_ctx(int sock, Buffer *m) | |||
1060 | fatal("%s: already called", __func__); | 1073 | fatal("%s: already called", __func__); |
1061 | sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); | 1074 | sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); |
1062 | sshpam_authok = NULL; | 1075 | sshpam_authok = NULL; |
1063 | buffer_clear(m); | 1076 | sshbuf_reset(m); |
1064 | if (sshpam_ctxt != NULL) { | 1077 | if (sshpam_ctxt != NULL) { |
1065 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); | 1078 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); |
1066 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1); | 1079 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1); |
1067 | buffer_put_int(m, 1); | 1080 | ok = 1; |
1068 | } else { | ||
1069 | buffer_put_int(m, 0); | ||
1070 | } | 1081 | } |
1082 | if ((r = sshbuf_put_u32(m, ok)) != 0) | ||
1083 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1071 | mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m); | 1084 | mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m); |
1072 | return (0); | 1085 | return (0); |
1073 | } | 1086 | } |
1074 | 1087 | ||
1075 | int | 1088 | int |
1076 | mm_answer_pam_query(int sock, Buffer *m) | 1089 | mm_answer_pam_query(int sock, struct sshbuf *m) |
1077 | { | 1090 | { |
1078 | char *name = NULL, *info = NULL, **prompts = NULL; | 1091 | char *name = NULL, *info = NULL, **prompts = NULL; |
1079 | u_int i, num = 0, *echo_on = 0; | 1092 | u_int i, num = 0, *echo_on = 0; |
1080 | int ret; | 1093 | int r, ret; |
1081 | 1094 | ||
1082 | debug3("%s", __func__); | 1095 | debug3("%s", __func__); |
1083 | sshpam_authok = NULL; | 1096 | sshpam_authok = NULL; |
@@ -1090,18 +1103,20 @@ mm_answer_pam_query(int sock, Buffer *m) | |||
1090 | if (num > 1 || name == NULL || info == NULL) | 1103 | if (num > 1 || name == NULL || info == NULL) |
1091 | fatal("sshpam_device.query failed"); | 1104 | fatal("sshpam_device.query failed"); |
1092 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1); | 1105 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1); |
1093 | buffer_clear(m); | 1106 | sshbuf_reset(m); |
1094 | buffer_put_int(m, ret); | 1107 | if ((r = sshbuf_put_u32(m, ret)) != 0 || |
1095 | buffer_put_cstring(m, name); | 1108 | (r = sshbuf_put_cstring(m, name)) != 0 || |
1109 | (r = sshbuf_put_cstring(m, info)) != 0 || | ||
1110 | (r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 || | ||
1111 | (r = sshbuf_put_u32(m, num)) != 0) | ||
1112 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1096 | free(name); | 1113 | free(name); |
1097 | buffer_put_cstring(m, info); | ||
1098 | free(info); | 1114 | free(info); |
1099 | buffer_put_int(m, sshpam_get_maxtries_reached()); | ||
1100 | buffer_put_int(m, num); | ||
1101 | for (i = 0; i < num; ++i) { | 1115 | for (i = 0; i < num; ++i) { |
1102 | buffer_put_cstring(m, prompts[i]); | 1116 | if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 || |
1117 | (r = sshbuf_put_u32(m, echo_on[i])) != 0) | ||
1118 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1103 | free(prompts[i]); | 1119 | free(prompts[i]); |
1104 | buffer_put_int(m, echo_on[i]); | ||
1105 | } | 1120 | } |
1106 | free(prompts); | 1121 | free(prompts); |
1107 | free(echo_on); | 1122 | free(echo_on); |
@@ -1112,21 +1127,25 @@ mm_answer_pam_query(int sock, Buffer *m) | |||
1112 | } | 1127 | } |
1113 | 1128 | ||
1114 | int | 1129 | int |
1115 | mm_answer_pam_respond(int sock, Buffer *m) | 1130 | mm_answer_pam_respond(int sock, struct sshbuf *m) |
1116 | { | 1131 | { |
1117 | char **resp; | 1132 | char **resp; |
1118 | u_int i, num; | 1133 | u_int i, num; |
1119 | int ret; | 1134 | int r, ret; |
1120 | 1135 | ||
1121 | debug3("%s", __func__); | 1136 | debug3("%s", __func__); |
1122 | if (sshpam_ctxt == NULL) | 1137 | if (sshpam_ctxt == NULL) |
1123 | fatal("%s: no context", __func__); | 1138 | fatal("%s: no context", __func__); |
1124 | sshpam_authok = NULL; | 1139 | sshpam_authok = NULL; |
1125 | num = buffer_get_int(m); | 1140 | if ((r = sshbuf_get_u32(m, &num)) != 0) |
1141 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1126 | if (num > 0) { | 1142 | if (num > 0) { |
1127 | resp = xcalloc(num, sizeof(char *)); | 1143 | resp = xcalloc(num, sizeof(char *)); |
1128 | for (i = 0; i < num; ++i) | 1144 | for (i = 0; i < num; ++i) { |
1129 | resp[i] = buffer_get_string(m, NULL); | 1145 | if ((r = sshbuf_get_cstring(m, &(resp[i]), NULL)) != 0) |
1146 | fatal("%s: buffer error: %s", | ||
1147 | __func__, ssh_err(r)); | ||
1148 | } | ||
1130 | ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); | 1149 | ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); |
1131 | for (i = 0; i < num; ++i) | 1150 | for (i = 0; i < num; ++i) |
1132 | free(resp[i]); | 1151 | free(resp[i]); |
@@ -1134,8 +1153,9 @@ mm_answer_pam_respond(int sock, Buffer *m) | |||
1134 | } else { | 1153 | } else { |
1135 | ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); | 1154 | ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); |
1136 | } | 1155 | } |
1137 | buffer_clear(m); | 1156 | sshbuf_reset(m); |
1138 | buffer_put_int(m, ret); | 1157 | if ((r = sshbuf_put_u32(m, ret)) != 0) |
1158 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1139 | mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); | 1159 | mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); |
1140 | auth_method = "keyboard-interactive"; | 1160 | auth_method = "keyboard-interactive"; |
1141 | auth_submethod = "pam"; | 1161 | auth_submethod = "pam"; |
@@ -1145,7 +1165,7 @@ mm_answer_pam_respond(int sock, Buffer *m) | |||
1145 | } | 1165 | } |
1146 | 1166 | ||
1147 | int | 1167 | int |
1148 | mm_answer_pam_free_ctx(int sock, Buffer *m) | 1168 | mm_answer_pam_free_ctx(int sock, struct sshbuf *m) |
1149 | { | 1169 | { |
1150 | int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; | 1170 | int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; |
1151 | 1171 | ||
@@ -1154,7 +1174,7 @@ mm_answer_pam_free_ctx(int sock, Buffer *m) | |||
1154 | fatal("%s: no context", __func__); | 1174 | fatal("%s: no context", __func__); |
1155 | (sshpam_device.free_ctx)(sshpam_ctxt); | 1175 | (sshpam_device.free_ctx)(sshpam_ctxt); |
1156 | sshpam_ctxt = sshpam_authok = NULL; | 1176 | sshpam_ctxt = sshpam_authok = NULL; |
1157 | buffer_clear(m); | 1177 | sshbuf_reset(m); |
1158 | mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); | 1178 | mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); |
1159 | /* Allow another attempt */ | 1179 | /* Allow another attempt */ |
1160 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1); | 1180 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1); |
@@ -1630,14 +1650,18 @@ mm_answer_term(int sock, struct sshbuf *req) | |||
1630 | #ifdef SSH_AUDIT_EVENTS | 1650 | #ifdef SSH_AUDIT_EVENTS |
1631 | /* Report that an audit event occurred */ | 1651 | /* Report that an audit event occurred */ |
1632 | int | 1652 | int |
1633 | mm_answer_audit_event(int socket, Buffer *m) | 1653 | mm_answer_audit_event(int socket, struct sshbuf *m) |
1634 | { | 1654 | { |
1655 | u_int n; | ||
1635 | ssh_audit_event_t event; | 1656 | ssh_audit_event_t event; |
1657 | int r; | ||
1636 | 1658 | ||
1637 | debug3("%s entering", __func__); | 1659 | debug3("%s entering", __func__); |
1638 | 1660 | ||
1639 | event = buffer_get_int(m); | 1661 | if ((r = sshbuf_get_u32(m, &n)) != 0) |
1640 | switch(event) { | 1662 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
1663 | event = (ssh_audit_event_t)n; | ||
1664 | switch (event) { | ||
1641 | case SSH_AUTH_FAIL_PUBKEY: | 1665 | case SSH_AUTH_FAIL_PUBKEY: |
1642 | case SSH_AUTH_FAIL_HOSTBASED: | 1666 | case SSH_AUTH_FAIL_HOSTBASED: |
1643 | case SSH_AUTH_FAIL_GSSAPI: | 1667 | case SSH_AUTH_FAIL_GSSAPI: |
@@ -1655,13 +1679,14 @@ mm_answer_audit_event(int socket, Buffer *m) | |||
1655 | } | 1679 | } |
1656 | 1680 | ||
1657 | int | 1681 | int |
1658 | mm_answer_audit_command(int socket, Buffer *m) | 1682 | mm_answer_audit_command(int socket, struct sshbuf *m) |
1659 | { | 1683 | { |
1660 | u_int len; | ||
1661 | char *cmd; | 1684 | char *cmd; |
1685 | int r; | ||
1662 | 1686 | ||
1663 | debug3("%s entering", __func__); | 1687 | debug3("%s entering", __func__); |
1664 | cmd = buffer_get_string(m, &len); | 1688 | if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0) |
1689 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1665 | /* sanity check command, if so how? */ | 1690 | /* sanity check command, if so how? */ |
1666 | audit_run_command(cmd); | 1691 | audit_run_command(cmd); |
1667 | free(cmd); | 1692 | free(cmd); |