upstream: convert monitor.c to new packet API

with & ok markus@

OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5

1 files changed, 80 insertions, 89 deletions

diff --git a/monitor.c b/monitor.c
index 39bf7705c..387b50026 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.190 2019/01/19 21:41:18 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.191 2019/01/19 21:43:07 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -96,9 +96,6 @@
 #include "match.h"
 #include "ssherr.h"
 
-#include "opacket.h" /* XXX */
-extern struct ssh *active_state; /* XXX */
-
 #ifdef GSSAPI
 static Gssctxt *gsscontext = NULL;
 #endif
@@ -115,48 +112,48 @@ static struct sshbuf *child_state;
 
 /* Functions on the monitor that answer unprivileged requests */
 
-int mm_answer_moduli(int, struct sshbuf *);
-int mm_answer_sign(int, struct sshbuf *);
-int mm_answer_pwnamallow(int, struct sshbuf *);
-int mm_answer_auth2_read_banner(int, struct sshbuf *);
-int mm_answer_authserv(int, struct sshbuf *);
-int mm_answer_authpassword(int, struct sshbuf *);
-int mm_answer_bsdauthquery(int, struct sshbuf *);
-int mm_answer_bsdauthrespond(int, struct sshbuf *);
-int mm_answer_keyallowed(int, struct sshbuf *);
-int mm_answer_keyverify(int, struct sshbuf *);
-int mm_answer_pty(int, struct sshbuf *);
-int mm_answer_pty_cleanup(int, struct sshbuf *);
-int mm_answer_term(int, struct sshbuf *);
-int mm_answer_rsa_keyallowed(int, struct sshbuf *);
-int mm_answer_rsa_challenge(int, struct sshbuf *);
-int mm_answer_rsa_response(int, struct sshbuf *);
-int mm_answer_sesskey(int, struct sshbuf *);
-int mm_answer_sessid(int, struct sshbuf *);
+int mm_answer_moduli(struct ssh *, int, struct sshbuf *);
+int mm_answer_sign(struct ssh *, int, struct sshbuf *);
+int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *);
+int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *);
+int mm_answer_authserv(struct ssh *, int, struct sshbuf *);
+int mm_answer_authpassword(struct ssh *, int, struct sshbuf *);
+int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *);
+int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *);
+int mm_answer_skeyquery(struct ssh *, int, struct sshbuf *);
+int mm_answer_skeyrespond(struct ssh *, int, struct sshbuf *);
+int mm_answer_keyallowed(struct ssh *, int, struct sshbuf *);
+int mm_answer_keyverify(struct ssh *, int, struct sshbuf *);
+int mm_answer_pty(struct ssh *, int, struct sshbuf *);
+int mm_answer_pty_cleanup(struct ssh *, int, struct sshbuf *);
+int mm_answer_term(struct ssh *, int, struct sshbuf *);
+int mm_answer_rsa_keyallowed(struct ssh *, int, struct sshbuf *);
+int mm_answer_rsa_challenge(struct ssh *, int, struct sshbuf *);
+int mm_answer_rsa_response(struct ssh *, int, struct sshbuf *);
+int mm_answer_sesskey(struct ssh *, int, struct sshbuf *);
+int mm_answer_sessid(struct ssh *, int, struct sshbuf *);
 
 #ifdef USE_PAM
-int mm_answer_pam_start(int, struct sshbuf *);
-int mm_answer_pam_account(int, struct sshbuf *);
-int mm_answer_pam_init_ctx(int, struct sshbuf *);
-int mm_answer_pam_query(int, struct sshbuf *);
-int mm_answer_pam_respond(int, struct sshbuf *);
-int mm_answer_pam_free_ctx(int, struct sshbuf *);
+int mm_answer_pam_start(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_account(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_init_ctx(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_query(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_respond(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_free_ctx(struct ssh *, int, struct sshbuf *);
 #endif
 
 #ifdef GSSAPI
-int mm_answer_gss_setup_ctx(int, struct sshbuf *);
-int mm_answer_gss_accept_ctx(int, struct sshbuf *);
-int mm_answer_gss_userok(int, struct sshbuf *);
-int mm_answer_gss_checkmic(int, struct sshbuf *);
+int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *);
 #endif
 
 #ifdef SSH_AUDIT_EVENTS
-int mm_answer_audit_event(int, struct sshbuf *);
-int mm_answer_audit_command(int, struct sshbuf *);
+int mm_answer_audit_event(struct ssh *, int, struct sshbuf *);
+int mm_answer_audit_command(struct ssh *, int, struct sshbuf *);
 #endif
 
-static int monitor_read_log(struct monitor *);
-
 static Authctxt *authctxt;
 
 /* local state for key verify */
@@ -175,7 +172,7 @@ static pid_t monitor_child_pid;
 struct mon_table {
         enum monitor_reqtype type;
         int flags;
-        int (*f)(int, struct sshbuf *);
+        int (*f)(struct ssh *, int, struct sshbuf *);
 };
 
 #define MON_ISAUTH      0x0004  /* Required for Authentication */
@@ -187,6 +184,10 @@ struct mon_table {
 
 #define MON_PERMIT      0x1000  /* Request is permitted */
 
+static int monitor_read(struct ssh *, struct monitor *, struct mon_table *,
+    struct mon_table **);
+static int monitor_read_log(struct monitor *);
+
 struct mon_table mon_dispatch_proto20[] = {
 #ifdef WITH_OPENSSL
     {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli},
@@ -268,9 +269,8 @@ monitor_permit_authentications(int permit)
 }
 
 void
-monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
+monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct mon_table *ent;
         int authenticated = 0, partial = 0;
 
@@ -282,7 +282,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                 close(pmonitor->m_log_sendfd);
         pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
 
-        authctxt = _authctxt;
+        authctxt = (Authctxt *)ssh->authctxt;
         memset(authctxt, 0, sizeof(*authctxt));
         ssh->authctxt = authctxt;
 
@@ -300,7 +300,8 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                 auth_submethod = NULL;
                 auth2_authctxt_reset_info(authctxt);
 
-                authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
+                authenticated = (monitor_read(ssh, pmonitor,
+                    mon_dispatch, &ent) == 1);
 
                 /* Special handling for multiple required authentications */
                 if (options.num_auth_methods != 0) {
@@ -332,7 +333,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                                 mm_request_receive_expect(pmonitor->m_sendfd,
                                     MONITOR_REQ_PAM_ACCOUNT, m);
                                 authenticated = mm_answer_pam_account(
-                                    pmonitor->m_sendfd, m);
+                                    ssh, pmonitor->m_sendfd, m);
                                 sshbuf_free(m);
                         }
 #endif
@@ -385,7 +386,7 @@ monitor_child_handler(int sig)
 }
 
 void
-monitor_child_postauth(struct monitor *pmonitor)
+monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor)
 {
         close(pmonitor->m_recvfd);
         pmonitor->m_recvfd = -1;
@@ -411,7 +412,7 @@ monitor_child_postauth(struct monitor *pmonitor)
         }
 
         for (;;)
-                monitor_read(pmonitor, mon_dispatch, NULL);
+                monitor_read(ssh, pmonitor, mon_dispatch, NULL);
 }
 
 static int
@@ -466,8 +467,8 @@ monitor_read_log(struct monitor *pmonitor)
         return 0;
 }
 
-int
-monitor_read(struct monitor *pmonitor, struct mon_table *ent,
+static int
+monitor_read(struct ssh *ssh, struct monitor *pmonitor, struct mon_table *ent,
     struct mon_table **pent)
 {
         struct sshbuf *m;
@@ -517,7 +518,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
                 if (!(ent->flags & MON_PERMIT))
                         fatal("%s: unpermitted request %d", __func__,
                             type);
-                ret = (*ent->f)(pmonitor->m_sendfd, m);
+                ret = (*ent->f)(ssh, pmonitor->m_sendfd, m);
                 sshbuf_free(m);
 
                 /* The child may use this request only once, disable it */
@@ -568,7 +569,7 @@ monitor_reset_key_state(void)
 
 #ifdef WITH_OPENSSL
 int
-mm_answer_moduli(int sock, struct sshbuf *m)
+mm_answer_moduli(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         DH *dh;
         const BIGNUM *dh_p, *dh_g;
@@ -610,9 +611,8 @@ mm_answer_moduli(int sock, struct sshbuf *m)
 #endif
 
 int
-mm_answer_sign(int sock, struct sshbuf *m)
+mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state;         /* XXX */
         extern int auth_sock;                   /* XXX move to state struct? */
         struct sshkey *key;
         struct sshbuf *sigbuf = NULL;
@@ -713,9 +713,8 @@ mm_answer_sign(int sock, struct sshbuf *m)
 /* Retrieves the password entry and also checks if the user is permitted */
 
 int
-mm_answer_pwnamallow(int sock, struct sshbuf *m)
+mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         char *username;
         struct passwd *pwent;
         int r, allowed = 0;
@@ -813,7 +812,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m)
         return (0);
 }
 
-int mm_answer_auth2_read_banner(int sock, struct sshbuf *m)
+int mm_answer_auth2_read_banner(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *banner;
         int r;
@@ -829,7 +828,7 @@ int mm_answer_auth2_read_banner(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_authserv(int sock, struct sshbuf *m)
+mm_answer_authserv(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         int r;
 
@@ -879,9 +878,8 @@ key_base_type_match(const char *method, const struct sshkey *key,
 }
 
 int
-mm_answer_authpassword(int sock, struct sshbuf *m)
+mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         static int call_count;
         char *passwd;
         int r, authenticated;
@@ -920,7 +918,7 @@ mm_answer_authpassword(int sock, struct sshbuf *m)
 
 #ifdef BSD_AUTH
 int
-mm_answer_bsdauthquery(int sock, struct sshbuf *m)
+mm_answer_bsdauthquery(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *name, *infotxt;
         u_int numprompts, *echo_on, success;
@@ -954,7 +952,7 @@ mm_answer_bsdauthquery(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
+mm_answer_bsdauthrespond(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *response;
         int r, authok;
@@ -988,7 +986,7 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
 
 #ifdef USE_PAM
 int
-mm_answer_pam_start(int sock, struct sshbuf *m)
+mm_answer_pam_start(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         if (!options.use_pam)
                 fatal("UsePAM not set, but ended up in %s anyway", __func__);
@@ -1003,7 +1001,7 @@ mm_answer_pam_start(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_account(int sock, struct sshbuf *m)
+mm_answer_pam_account(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         u_int ret;
         int r;
@@ -1026,7 +1024,7 @@ static void *sshpam_ctxt, *sshpam_authok;
 extern KbdintDevice sshpam_device;
 
 int
-mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
+mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         u_int ok = 0;
         int r;
@@ -1051,7 +1049,7 @@ mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_query(int sock, struct sshbuf *m)
+mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *name = NULL, *info = NULL, **prompts = NULL;
         u_int i, num = 0, *echo_on = 0;
@@ -1092,7 +1090,7 @@ mm_answer_pam_query(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_respond(int sock, struct sshbuf *m)
+mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char **resp;
         u_int i, num;
@@ -1130,7 +1128,7 @@ mm_answer_pam_respond(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
+mm_answer_pam_free_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
 
@@ -1150,9 +1148,8 @@ mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
 #endif
 
 int
-mm_answer_keyallowed(int sock, struct sshbuf *m)
+mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct sshkey *key = NULL;
         char *cuser, *chost;
         u_int pubkey_auth_attempt;
@@ -1387,9 +1384,8 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
 }
 
 int
-mm_answer_keyverify(int sock, struct sshbuf *m)
+mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct sshkey *key;
         u_char *signature, *data, *blob;
         char *sigalg;
@@ -1434,7 +1430,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
                 fatal("%s: bad signature data blob", __func__);
 
         ret = sshkey_verify(key, signature, signaturelen, data, datalen,
-            sigalg, active_state->compat);
+            sigalg, ssh->compat);
         debug3("%s: %s %p signature %s", __func__, auth_method, key,
             (ret == 0) ? "verified" : "unverified");
         auth2_record_key(authctxt, ret == 0, key);
@@ -1461,9 +1457,8 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
 }
 
 static void
-mm_record_login(Session *s, struct passwd *pw)
+mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw)
 {
-        struct ssh *ssh = active_state; /* XXX */
         socklen_t fromlen;
         struct sockaddr_storage from;
 
@@ -1473,8 +1468,8 @@ mm_record_login(Session *s, struct passwd *pw)
          */
         memset(&from, 0, sizeof(from));
         fromlen = sizeof(from);
-        if (packet_connection_is_on_socket()) {
-                if (getpeername(packet_get_connection_in(),
+        if (ssh_packet_connection_is_on_socket(ssh)) {
+                if (getpeername(ssh_packet_get_connection_in(ssh),
                     (struct sockaddr *)&from, &fromlen) < 0) {
                         debug("getpeername: %.100s", strerror(errno));
                         cleanup_exit(255);
@@ -1498,7 +1493,7 @@ mm_session_close(Session *s)
 }
 
 int
-mm_answer_pty(int sock, struct sshbuf *m)
+mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         extern struct monitor *pmonitor;
         Session *s;
@@ -1526,7 +1521,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
         if (dup2(s->ttyfd, 0) == -1)
                 fatal("%s: dup2", __func__);
 
-        mm_record_login(s, authctxt->pw);
+        mm_record_login(ssh, s, authctxt->pw);
 
         /* Now we can close the file descriptor again */
         close(0);
@@ -1568,7 +1563,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pty_cleanup(int sock, struct sshbuf *m)
+mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         Session *s;
         char *tty;
@@ -1586,9 +1581,8 @@ mm_answer_pty_cleanup(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_term(int sock, struct sshbuf *req)
+mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req)
 {
-        struct ssh *ssh = active_state; /* XXX */
         extern struct monitor *pmonitor;
         int res, status;
 
@@ -1615,7 +1609,7 @@ mm_answer_term(int sock, struct sshbuf *req)
 #ifdef SSH_AUDIT_EVENTS
 /* Report that an audit event occurred */
 int
-mm_answer_audit_event(int socket, struct sshbuf *m)
+mm_answer_audit_event(struct ssh *ssh, int socket, struct sshbuf *m)
 {
         u_int n;
         ssh_audit_event_t event;
@@ -1644,7 +1638,7 @@ mm_answer_audit_event(int socket, struct sshbuf *m)
 }
 
 int
-mm_answer_audit_command(int socket, struct sshbuf *m)
+mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m)
 {
         char *cmd;
         int r;
@@ -1660,10 +1654,8 @@ mm_answer_audit_command(int socket, struct sshbuf *m)
 #endif /* SSH_AUDIT_EVENTS */
 
 void
-monitor_clear_keystate(struct monitor *pmonitor)
+monitor_clear_keystate(struct ssh *ssh, struct monitor *pmonitor)
 {
-        struct ssh *ssh = active_state; /* XXX */
-
         ssh_clear_newkeys(ssh, MODE_IN);
         ssh_clear_newkeys(ssh, MODE_OUT);
         sshbuf_free(child_state);
@@ -1671,9 +1663,8 @@ monitor_clear_keystate(struct monitor *pmonitor)
 }
 
 void
-monitor_apply_keystate(struct monitor *pmonitor)
+monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct kex *kex;
         int r;
 
@@ -1780,7 +1771,7 @@ monitor_reinit(struct monitor *mon)
 
 #ifdef GSSAPI
 int
-mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
+mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         gss_OID_desc goid;
         OM_uint32 major;
@@ -1813,7 +1804,7 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
+mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         gss_buffer_desc in;
         gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
@@ -1847,7 +1838,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_gss_checkmic(int sock, struct sshbuf *m)
+mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         gss_buffer_desc gssbuf, mic;
         OM_uint32 ret;
@@ -1878,7 +1869,7 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_gss_userok(int sock, struct sshbuf *m)
+mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         int r, authenticated;
         const char *displayname;