Adapt portable to legacy buffer API removal

author: Damien Miller <djm@mindrot.org> 2018-07-10 19:39:52 +1000
committer: Damien Miller <djm@mindrot.org> 2018-07-10 19:39:52 +1000
commit: 120a1ec74e8d9d29f4eb9a27972ddd22351ddef9 (patch)
tree: 52308557de781f1d8ffb083369e0c209bc305c02 /monitor.c
parent: 0f3958c1e6ffb8ea4ba27e2a97a00326fce23246 (diff)
1 files changed, 76 insertions, 51 deletions
diff --git a/monitor.c b/monitor.c
index de650da2f..8662d13e0 100644
--- a/monitor.c
+++ b/monitor.c
@@ -298,7 +298,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
        memset(authctxt, 0, sizeof(*authctxt));
        ssh->authctxt = authctxt;
-        authctxt->loginmsg = &loginmsg;
+        authctxt->loginmsg = loginmsg;
        mon_dispatch = mon_dispatch_proto20;
        /* Permit requests for moduli and signatures */
@@ -336,13 +336,16 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
 #ifdef USE_PAM
                        /* PAM needs to perform account checks after auth */
                        if (options.use_pam && authenticated) {
-                                Buffer m;
+                                struct sshbuf *m;
-                                buffer_init(&m);
+                                if ((m = sshbuf_new()) == NULL)
+                                        fatal("%s: sshbuf_new failed",
+                                            __func__);
                                mm_request_receive_expect(pmonitor->m_sendfd,
-                                    MONITOR_REQ_PAM_ACCOUNT, &m);
+                                    MONITOR_REQ_PAM_ACCOUNT, m);
-                                authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m);
+                                authenticated = mm_answer_pam_account(
-                                buffer_free(&m);
+                                    pmonitor->m_sendfd, m);
+                                sshbuf_free(m);
                        }
 #endif
                }
@@ -965,7 +968,7 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
 #ifdef SKEY
 int
-mm_answer_skeyquery(int sock, Buffer *m)
+mm_answer_skeyquery(int sock, struct sshbuf *m)
 {
        struct skey skey;
        char challenge[1024];
@@ -974,11 +977,13 @@ mm_answer_skeyquery(int sock, Buffer *m)
        success = _compat_skeychallenge(&skey, authctxt->user, challenge,
            sizeof(challenge)) < 0 ? 0 : 1;
-        buffer_clear(m);
+        sshbuf_reset(m);
-        buffer_put_int(m, success);
+        if ((r = sshbuf_put_u32(m, success)) != 0)
-        if (success)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-                buffer_put_cstring(m, challenge);
+        if (success) {
+                if ((r = sshbuf_put_cstring(m, challenge)) != 0)
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
+        }
        debug3("%s: sending challenge success: %u", __func__, success);
        mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m);
@@ -986,22 +991,25 @@ mm_answer_skeyquery(int sock, Buffer *m)
 }
 int
-mm_answer_skeyrespond(int sock, Buffer *m)
+mm_answer_skeyrespond(int sock, struct sshbuf *m)
 {
        char *response;
+        size_t rlen;
        int authok;
-        response = buffer_get_string(m, NULL);
+        if ((r = sshbuf_get_cstring(m, &response, &rlen)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        authok = (options.challenge_response_authentication &&
            authctxt->valid &&
            skey_haskey(authctxt->pw->pw_name) == 0 &&
            skey_passcheck(authctxt->pw->pw_name, response) != -1);
-        free(response);
+        freezero(response, rlen);
-        buffer_clear(m);
+        sshbuf_reset(m);
-        buffer_put_int(m, authok);
+        if ((r = sshbuf_put_u32(m, authok)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        debug3("%s: sending authenticated: %d", __func__, authok);
        mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m);
@@ -1015,7 +1023,7 @@ mm_answer_skeyrespond(int sock, Buffer *m)
 #ifdef USE_PAM
 int
-mm_answer_pam_start(int sock, Buffer *m)
+mm_answer_pam_start(int sock, struct sshbuf *m)
 {
        if (!options.use_pam)
                fatal("UsePAM not set, but ended up in %s anyway", __func__);
@@ -1030,17 +1038,19 @@ mm_answer_pam_start(int sock, Buffer *m)
 }
 int
-mm_answer_pam_account(int sock, Buffer *m)
+mm_answer_pam_account(int sock, struct sshbuf *m)
 {
        u_int ret;
+        int r;
        if (!options.use_pam)
                fatal("%s: PAM not enabled", __func__);
        ret = do_pam_account();
-        buffer_put_int(m, ret);
+        if ((r = sshbuf_put_u32(m, ret)) != 0 ||
-        buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg));
+            (r = sshbuf_put_stringb(m, loginmsg)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);
@@ -1051,8 +1061,11 @@ static void *sshpam_ctxt, *sshpam_authok;
 extern KbdintDevice sshpam_device;
 int
-mm_answer_pam_init_ctx(int sock, Buffer *m)
+mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
 {
+        u_int ok = 0;
+        int r;
        debug3("%s", __func__);
        if (!options.kbd_interactive_authentication)
                fatal("%s: kbd-int authentication not enabled", __func__);
@@ -1060,24 +1073,24 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
                fatal("%s: already called", __func__);
        sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
        sshpam_authok = NULL;
-        buffer_clear(m);
+        sshbuf_reset(m);
        if (sshpam_ctxt != NULL) {
                monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1);
                monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1);
-                buffer_put_int(m, 1);
+                ok = 1;
-        } else {
-                buffer_put_int(m, 0);
        }
+        if ((r = sshbuf_put_u32(m, ok)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m);
        return (0);
 }
 int
-mm_answer_pam_query(int sock, Buffer *m)
+mm_answer_pam_query(int sock, struct sshbuf *m)
 {
        char *name = NULL, *info = NULL, **prompts = NULL;
        u_int i, num = 0, *echo_on = 0;
-        int ret;
+        int r, ret;
        debug3("%s", __func__);
        sshpam_authok = NULL;
@@ -1090,18 +1103,20 @@ mm_answer_pam_query(int sock, Buffer *m)
        if (num > 1 || name == NULL || info == NULL)
                fatal("sshpam_device.query failed");
        monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1);
-        buffer_clear(m);
+        sshbuf_reset(m);
-        buffer_put_int(m, ret);
+        if ((r = sshbuf_put_u32(m, ret)) != 0 ||
-        buffer_put_cstring(m, name);
+            (r = sshbuf_put_cstring(m, name)) != 0 ||
+            (r = sshbuf_put_cstring(m, info)) != 0 ||
+            (r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 ||
+            (r = sshbuf_put_u32(m, num)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        free(name);
-        buffer_put_cstring(m, info);
        free(info);
-        buffer_put_int(m, sshpam_get_maxtries_reached());
-        buffer_put_int(m, num);
        for (i = 0; i < num; ++i) {
-                buffer_put_cstring(m, prompts[i]);
+                if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 ||
+                    (r = sshbuf_put_u32(m, echo_on[i])) != 0)
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
                free(prompts[i]);
-                buffer_put_int(m, echo_on[i]);
        }
        free(prompts);
        free(echo_on);
@@ -1112,21 +1127,25 @@ mm_answer_pam_query(int sock, Buffer *m)
 }
 int
-mm_answer_pam_respond(int sock, Buffer *m)
+mm_answer_pam_respond(int sock, struct sshbuf *m)
 {
        char **resp;
        u_int i, num;
-        int ret;
+        int r, ret;
        debug3("%s", __func__);
        if (sshpam_ctxt == NULL)
                fatal("%s: no context", __func__);
        sshpam_authok = NULL;
-        num = buffer_get_int(m);
+        if ((r = sshbuf_get_u32(m, &num)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        if (num > 0) {
                resp = xcalloc(num, sizeof(char *));
-                for (i = 0; i < num; ++i)
+                for (i = 0; i < num; ++i) {
-                        resp[i] = buffer_get_string(m, NULL);
+                        if ((r = sshbuf_get_cstring(m, &(resp[i]), NULL)) != 0)
+                                fatal("%s: buffer error: %s",
+                                    __func__, ssh_err(r));
+                }
                ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
                for (i = 0; i < num; ++i)
                        free(resp[i]);
@@ -1134,8 +1153,9 @@ mm_answer_pam_respond(int sock, Buffer *m)
        } else {
                ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL);
        }
-        buffer_clear(m);
+        sshbuf_reset(m);
-        buffer_put_int(m, ret);
+        if ((r = sshbuf_put_u32(m, ret)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
        auth_method = "keyboard-interactive";
        auth_submethod = "pam";
@@ -1145,7 +1165,7 @@ mm_answer_pam_respond(int sock, Buffer *m)
 }
 int
-mm_answer_pam_free_ctx(int sock, Buffer *m)
+mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
 {
        int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
@@ -1154,7 +1174,7 @@ mm_answer_pam_free_ctx(int sock, Buffer *m)
                fatal("%s: no context", __func__);
        (sshpam_device.free_ctx)(sshpam_ctxt);
        sshpam_ctxt = sshpam_authok = NULL;
-        buffer_clear(m);
+        sshbuf_reset(m);
        mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m);
        /* Allow another attempt */
        monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1);
@@ -1630,14 +1650,18 @@ mm_answer_term(int sock, struct sshbuf *req)
 #ifdef SSH_AUDIT_EVENTS
 /* Report that an audit event occurred */
 int
-mm_answer_audit_event(int socket, Buffer *m)
+mm_answer_audit_event(int socket, struct sshbuf *m)
 {
+        u_int n;
        ssh_audit_event_t event;
+        int r;
        debug3("%s entering", __func__);
-        event = buffer_get_int(m);
+        if ((r = sshbuf_get_u32(m, &n)) != 0)
-        switch(event) {
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
+        event = (ssh_audit_event_t)n;
+        switch (event) {
        case SSH_AUTH_FAIL_PUBKEY:
        case SSH_AUTH_FAIL_HOSTBASED:
        case SSH_AUTH_FAIL_GSSAPI:
@@ -1655,13 +1679,14 @@ mm_answer_audit_event(int socket, Buffer *m)
 }
 int
-mm_answer_audit_command(int socket, Buffer *m)
+mm_answer_audit_command(int socket, struct sshbuf *m)
 {
-        u_int len;
        char *cmd;
+        int r;
        debug3("%s entering", __func__);
-        cmd = buffer_get_string(m, &len);
+        if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        /* sanity check command, if so how? */
        audit_run_command(cmd);
        free(cmd);
author	Damien Miller <djm@mindrot.org>	2018-07-10 19:39:52 +1000
committer	Damien Miller <djm@mindrot.org>	2018-07-10 19:39:52 +1000
commit	120a1ec74e8d9d29f4eb9a27972ddd22351ddef9 (patch)
tree	52308557de781f1d8ffb083369e0c209bc305c02 /monitor.c
parent	0f3958c1e6ffb8ea4ba27e2a97a00326fce23246 (diff)

diff --git a/monitor.c b/monitor.c index de650da2f..8662d13e0 100644 --- a/monitor.c +++ b/monitor.c
@@ -298,7 +298,7 @@ monitor_child_preauth(Authctxt _authctxt, struct monitor pmonitor)
298	memset(authctxt, 0, sizeof(*authctxt));	298	memset(authctxt, 0, sizeof(*authctxt));
299	ssh->authctxt = authctxt;	299	ssh->authctxt = authctxt;
300		300
301	authctxt->loginmsg = &loginmsg;	301	authctxt->loginmsg = loginmsg;
302		302
303	mon_dispatch = mon_dispatch_proto20;	303	mon_dispatch = mon_dispatch_proto20;
304	/* Permit requests for moduli and signatures */	304	/* Permit requests for moduli and signatures */
@@ -336,13 +336,16 @@ monitor_child_preauth(Authctxt _authctxt, struct monitor pmonitor)
336	#ifdef USE_PAM	336	#ifdef USE_PAM
337	/* PAM needs to perform account checks after auth */	337	/* PAM needs to perform account checks after auth */
338	if (options.use_pam && authenticated) {	338	if (options.use_pam && authenticated) {
339	Buffer m;	339	struct sshbuf *m;
340		340
341	buffer_init(&m);	341	if ((m = sshbuf_new()) == NULL)
		342	fatal("%s: sshbuf_new failed",
		343	__func__);
342	mm_request_receive_expect(pmonitor->m_sendfd,	344	mm_request_receive_expect(pmonitor->m_sendfd,
343	MONITOR_REQ_PAM_ACCOUNT, &m);	345	MONITOR_REQ_PAM_ACCOUNT, m);
344	authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m);	346	authenticated = mm_answer_pam_account(
345	buffer_free(&m);	347	pmonitor->m_sendfd, m);
		348	sshbuf_free(m);
346	}	349	}
347	#endif	350	#endif
348	}	351	}
@@ -965,7 +968,7 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
965		968
966	#ifdef SKEY	969	#ifdef SKEY
967	int	970	int
968	mm_answer_skeyquery(int sock, Buffer *m)	971	mm_answer_skeyquery(int sock, struct sshbuf *m)
969	{	972	{
970	struct skey skey;	973	struct skey skey;
971	char challenge[1024];	974	char challenge[1024];
@@ -974,11 +977,13 @@ mm_answer_skeyquery(int sock, Buffer *m)
974	success = _compat_skeychallenge(&skey, authctxt->user, challenge,	977	success = _compat_skeychallenge(&skey, authctxt->user, challenge,
975	sizeof(challenge)) < 0 ? 0 : 1;	978	sizeof(challenge)) < 0 ? 0 : 1;
976		979
977	buffer_clear(m);	980	sshbuf_reset(m);
978	buffer_put_int(m, success);	981	if ((r = sshbuf_put_u32(m, success)) != 0)
979	if (success)	982	fatal("%s: buffer error: %s", __func__, ssh_err(r));
980	buffer_put_cstring(m, challenge);	983	if (success) {
981		984	if ((r = sshbuf_put_cstring(m, challenge)) != 0)
		985	fatal("%s: buffer error: %s", __func__, ssh_err(r));
		986	}
982	debug3("%s: sending challenge success: %u", __func__, success);	987	debug3("%s: sending challenge success: %u", __func__, success);
983	mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m);	988	mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m);
984		989
@@ -986,22 +991,25 @@ mm_answer_skeyquery(int sock, Buffer *m)
986	}	991	}
987		992
988	int	993	int
989	mm_answer_skeyrespond(int sock, Buffer *m)	994	mm_answer_skeyrespond(int sock, struct sshbuf *m)
990	{	995	{
991	char *response;	996	char *response;
		997	size_t rlen;
992	int authok;	998	int authok;
993		999
994	response = buffer_get_string(m, NULL);	1000	if ((r = sshbuf_get_cstring(m, &response, &rlen)) != 0)
		1001	fatal("%s: buffer error: %s", __func__, ssh_err(r));
995		1002
996	authok = (options.challenge_response_authentication &&	1003	authok = (options.challenge_response_authentication &&
997	authctxt->valid &&	1004	authctxt->valid &&
998	skey_haskey(authctxt->pw->pw_name) == 0 &&	1005	skey_haskey(authctxt->pw->pw_name) == 0 &&
999	skey_passcheck(authctxt->pw->pw_name, response) != -1);	1006	skey_passcheck(authctxt->pw->pw_name, response) != -1);
1000		1007
1001	free(response);	1008	freezero(response, rlen);
1002		1009
1003	buffer_clear(m);	1010	sshbuf_reset(m);
1004	buffer_put_int(m, authok);	1011	if ((r = sshbuf_put_u32(m, authok)) != 0)
		1012	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1005		1013
1006	debug3("%s: sending authenticated: %d", __func__, authok);	1014	debug3("%s: sending authenticated: %d", __func__, authok);
1007	mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m);	1015	mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m);
@@ -1015,7 +1023,7 @@ mm_answer_skeyrespond(int sock, Buffer *m)
1015		1023
1016	#ifdef USE_PAM	1024	#ifdef USE_PAM
1017	int	1025	int
1018	mm_answer_pam_start(int sock, Buffer *m)	1026	mm_answer_pam_start(int sock, struct sshbuf *m)
1019	{	1027	{
1020	if (!options.use_pam)	1028	if (!options.use_pam)
1021	fatal("UsePAM not set, but ended up in %s anyway", __func__);	1029	fatal("UsePAM not set, but ended up in %s anyway", __func__);
@@ -1030,17 +1038,19 @@ mm_answer_pam_start(int sock, Buffer *m)
1030	}	1038	}
1031		1039
1032	int	1040	int
1033	mm_answer_pam_account(int sock, Buffer *m)	1041	mm_answer_pam_account(int sock, struct sshbuf *m)
1034	{	1042	{
1035	u_int ret;	1043	u_int ret;
		1044	int r;
1036		1045
1037	if (!options.use_pam)	1046	if (!options.use_pam)
1038	fatal("%s: PAM not enabled", __func__);	1047	fatal("%s: PAM not enabled", __func__);
1039		1048
1040	ret = do_pam_account();	1049	ret = do_pam_account();
1041		1050
1042	buffer_put_int(m, ret);	1051	if ((r = sshbuf_put_u32(m, ret)) != 0 \|\|
1043	buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg));	1052	(r = sshbuf_put_stringb(m, loginmsg)) != 0)
		1053	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1044		1054
1045	mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);	1055	mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);
1046		1056
@@ -1051,8 +1061,11 @@ static void sshpam_ctxt, sshpam_authok;
1051	extern KbdintDevice sshpam_device;	1061	extern KbdintDevice sshpam_device;
1052		1062
1053	int	1063	int
1054	mm_answer_pam_init_ctx(int sock, Buffer *m)	1064	mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
1055	{	1065	{
		1066	u_int ok = 0;
		1067	int r;
		1068
1056	debug3("%s", __func__);	1069	debug3("%s", __func__);
1057	if (!options.kbd_interactive_authentication)	1070	if (!options.kbd_interactive_authentication)
1058	fatal("%s: kbd-int authentication not enabled", __func__);	1071	fatal("%s: kbd-int authentication not enabled", __func__);
@@ -1060,24 +1073,24 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
1060	fatal("%s: already called", __func__);	1073	fatal("%s: already called", __func__);
1061	sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);	1074	sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
1062	sshpam_authok = NULL;	1075	sshpam_authok = NULL;
1063	buffer_clear(m);	1076	sshbuf_reset(m);
1064	if (sshpam_ctxt != NULL) {	1077	if (sshpam_ctxt != NULL) {
1065	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1);	1078	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1);
1066	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1);	1079	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1);
1067	buffer_put_int(m, 1);	1080	ok = 1;
1068	} else {
1069	buffer_put_int(m, 0);
1070	}	1081	}
		1082	if ((r = sshbuf_put_u32(m, ok)) != 0)
		1083	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1071	mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m);	1084	mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m);
1072	return (0);	1085	return (0);
1073	}	1086	}
1074		1087
1075	int	1088	int
1076	mm_answer_pam_query(int sock, Buffer *m)	1089	mm_answer_pam_query(int sock, struct sshbuf *m)
1077	{	1090	{
1078	char name = NULL, info = NULL, **prompts = NULL;	1091	char name = NULL, info = NULL, **prompts = NULL;
1079	u_int i, num = 0, *echo_on = 0;	1092	u_int i, num = 0, *echo_on = 0;
1080	int ret;	1093	int r, ret;
1081		1094
1082	debug3("%s", __func__);	1095	debug3("%s", __func__);
1083	sshpam_authok = NULL;	1096	sshpam_authok = NULL;
@@ -1090,18 +1103,20 @@ mm_answer_pam_query(int sock, Buffer *m)
1090	if (num > 1 \|\| name == NULL \|\| info == NULL)	1103	if (num > 1 \|\| name == NULL \|\| info == NULL)
1091	fatal("sshpam_device.query failed");	1104	fatal("sshpam_device.query failed");
1092	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1);	1105	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1);
1093	buffer_clear(m);	1106	sshbuf_reset(m);
1094	buffer_put_int(m, ret);	1107	if ((r = sshbuf_put_u32(m, ret)) != 0 \|\|
1095	buffer_put_cstring(m, name);	1108	(r = sshbuf_put_cstring(m, name)) != 0 \|\|
		1109	(r = sshbuf_put_cstring(m, info)) != 0 \|\|
		1110	(r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 \|\|
		1111	(r = sshbuf_put_u32(m, num)) != 0)
		1112	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1096	free(name);	1113	free(name);
1097	buffer_put_cstring(m, info);
1098	free(info);	1114	free(info);
1099	buffer_put_int(m, sshpam_get_maxtries_reached());
1100	buffer_put_int(m, num);
1101	for (i = 0; i < num; ++i) {	1115	for (i = 0; i < num; ++i) {
1102	buffer_put_cstring(m, prompts[i]);	1116	if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 \|\|
		1117	(r = sshbuf_put_u32(m, echo_on[i])) != 0)
		1118	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1103	free(prompts[i]);	1119	free(prompts[i]);
1104	buffer_put_int(m, echo_on[i]);
1105	}	1120	}
1106	free(prompts);	1121	free(prompts);
1107	free(echo_on);	1122	free(echo_on);
@@ -1112,21 +1127,25 @@ mm_answer_pam_query(int sock, Buffer *m)
1112	}	1127	}
1113		1128
1114	int	1129	int
1115	mm_answer_pam_respond(int sock, Buffer *m)	1130	mm_answer_pam_respond(int sock, struct sshbuf *m)
1116	{	1131	{
1117	char **resp;	1132	char **resp;
1118	u_int i, num;	1133	u_int i, num;
1119	int ret;	1134	int r, ret;
1120		1135
1121	debug3("%s", __func__);	1136	debug3("%s", __func__);
1122	if (sshpam_ctxt == NULL)	1137	if (sshpam_ctxt == NULL)
1123	fatal("%s: no context", __func__);	1138	fatal("%s: no context", __func__);
1124	sshpam_authok = NULL;	1139	sshpam_authok = NULL;
1125	num = buffer_get_int(m);	1140	if ((r = sshbuf_get_u32(m, &num)) != 0)
		1141	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1126	if (num > 0) {	1142	if (num > 0) {
1127	resp = xcalloc(num, sizeof(char *));	1143	resp = xcalloc(num, sizeof(char *));
1128	for (i = 0; i < num; ++i)	1144	for (i = 0; i < num; ++i) {
1129	resp[i] = buffer_get_string(m, NULL);	1145	if ((r = sshbuf_get_cstring(m, &(resp[i]), NULL)) != 0)
		1146	fatal("%s: buffer error: %s",
		1147	__func__, ssh_err(r));
		1148	}
1130	ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);	1149	ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
1131	for (i = 0; i < num; ++i)	1150	for (i = 0; i < num; ++i)
1132	free(resp[i]);	1151	free(resp[i]);
@@ -1134,8 +1153,9 @@ mm_answer_pam_respond(int sock, Buffer *m)
1134	} else {	1153	} else {
1135	ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL);	1154	ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL);
1136	}	1155	}
1137	buffer_clear(m);	1156	sshbuf_reset(m);
1138	buffer_put_int(m, ret);	1157	if ((r = sshbuf_put_u32(m, ret)) != 0)
		1158	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1139	mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);	1159	mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
1140	auth_method = "keyboard-interactive";	1160	auth_method = "keyboard-interactive";
1141	auth_submethod = "pam";	1161	auth_submethod = "pam";
@@ -1145,7 +1165,7 @@ mm_answer_pam_respond(int sock, Buffer *m)
1145	}	1165	}
1146		1166
1147	int	1167	int
1148	mm_answer_pam_free_ctx(int sock, Buffer *m)	1168	mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
1149	{	1169	{
1150	int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;	1170	int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
1151		1171
@@ -1154,7 +1174,7 @@ mm_answer_pam_free_ctx(int sock, Buffer *m)
1154	fatal("%s: no context", __func__);	1174	fatal("%s: no context", __func__);
1155	(sshpam_device.free_ctx)(sshpam_ctxt);	1175	(sshpam_device.free_ctx)(sshpam_ctxt);
1156	sshpam_ctxt = sshpam_authok = NULL;	1176	sshpam_ctxt = sshpam_authok = NULL;
1157	buffer_clear(m);	1177	sshbuf_reset(m);
1158	mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m);	1178	mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m);
1159	/* Allow another attempt */	1179	/* Allow another attempt */
1160	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1);	1180	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1);
@@ -1630,14 +1650,18 @@ mm_answer_term(int sock, struct sshbuf *req)
1630	#ifdef SSH_AUDIT_EVENTS	1650	#ifdef SSH_AUDIT_EVENTS
1631	/* Report that an audit event occurred */	1651	/* Report that an audit event occurred */
1632	int	1652	int
1633	mm_answer_audit_event(int socket, Buffer *m)	1653	mm_answer_audit_event(int socket, struct sshbuf *m)
1634	{	1654	{
		1655	u_int n;
1635	ssh_audit_event_t event;	1656	ssh_audit_event_t event;
		1657	int r;
1636		1658
1637	debug3("%s entering", __func__);	1659	debug3("%s entering", __func__);
1638		1660
1639	event = buffer_get_int(m);	1661	if ((r = sshbuf_get_u32(m, &n)) != 0)
1640	switch(event) {	1662	fatal("%s: buffer error: %s", __func__, ssh_err(r));
		1663	event = (ssh_audit_event_t)n;
		1664	switch (event) {
1641	case SSH_AUTH_FAIL_PUBKEY:	1665	case SSH_AUTH_FAIL_PUBKEY:
1642	case SSH_AUTH_FAIL_HOSTBASED:	1666	case SSH_AUTH_FAIL_HOSTBASED:
1643	case SSH_AUTH_FAIL_GSSAPI:	1667	case SSH_AUTH_FAIL_GSSAPI:
@@ -1655,13 +1679,14 @@ mm_answer_audit_event(int socket, Buffer *m)
1655	}	1679	}
1656		1680
1657	int	1681	int
1658	mm_answer_audit_command(int socket, Buffer *m)	1682	mm_answer_audit_command(int socket, struct sshbuf *m)
1659	{	1683	{
1660	u_int len;
1661	char *cmd;	1684	char *cmd;
		1685	int r;
1662		1686
1663	debug3("%s entering", __func__);	1687	debug3("%s entering", __func__);
1664	cmd = buffer_get_string(m, &len);	1688	if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0)
		1689	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1665	/* sanity check command, if so how? */	1690	/* sanity check command, if so how? */
1666	audit_run_command(cmd);	1691	audit_run_command(cmd);
1667	free(cmd);	1692	free(cmd);