diff options
author | Colin Watson <cjwatson@debian.org> | 2010-01-01 17:15:23 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2010-01-01 17:15:23 +0000 |
commit | 99b402ea4c8457b0a3cafff37f5b3410a8dc6476 (patch) | |
tree | 1d24ce54c9981ea8cbb4c5a9309964a0e4c4b320 /monitor.c | |
parent | 87552344215a38d3a2b0d4d63dc151e05978bbe1 (diff) | |
parent | 54af7a4ae8d455791a631bdfaade4b64436ae16a (diff) |
import openssh-5.2p1-gsskex-all-20090726.patch
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 288 |
1 files changed, 281 insertions, 7 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.99 2008/07/10 18:08:11 markus Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.101 2009/02/12 03:26:22 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -87,6 +87,7 @@ | |||
87 | #include "misc.h" | 87 | #include "misc.h" |
88 | #include "compat.h" | 88 | #include "compat.h" |
89 | #include "ssh2.h" | 89 | #include "ssh2.h" |
90 | #include "jpake.h" | ||
90 | 91 | ||
91 | #ifdef GSSAPI | 92 | #ifdef GSSAPI |
92 | static Gssctxt *gsscontext = NULL; | 93 | static Gssctxt *gsscontext = NULL; |
@@ -149,6 +150,11 @@ int mm_answer_rsa_challenge(int, Buffer *); | |||
149 | int mm_answer_rsa_response(int, Buffer *); | 150 | int mm_answer_rsa_response(int, Buffer *); |
150 | int mm_answer_sesskey(int, Buffer *); | 151 | int mm_answer_sesskey(int, Buffer *); |
151 | int mm_answer_sessid(int, Buffer *); | 152 | int mm_answer_sessid(int, Buffer *); |
153 | int mm_answer_jpake_get_pwdata(int, Buffer *); | ||
154 | int mm_answer_jpake_step1(int, Buffer *); | ||
155 | int mm_answer_jpake_step2(int, Buffer *); | ||
156 | int mm_answer_jpake_key_confirm(int, Buffer *); | ||
157 | int mm_answer_jpake_check_confirm(int, Buffer *); | ||
152 | 158 | ||
153 | #ifdef USE_PAM | 159 | #ifdef USE_PAM |
154 | int mm_answer_pam_start(int, Buffer *); | 160 | int mm_answer_pam_start(int, Buffer *); |
@@ -165,6 +171,7 @@ int mm_answer_gss_accept_ctx(int, Buffer *); | |||
165 | int mm_answer_gss_userok(int, Buffer *); | 171 | int mm_answer_gss_userok(int, Buffer *); |
166 | int mm_answer_gss_checkmic(int, Buffer *); | 172 | int mm_answer_gss_checkmic(int, Buffer *); |
167 | int mm_answer_gss_sign(int, Buffer *); | 173 | int mm_answer_gss_sign(int, Buffer *); |
174 | int mm_answer_gss_updatecreds(int, Buffer *); | ||
168 | #endif | 175 | #endif |
169 | 176 | ||
170 | #ifdef SSH_AUDIT_EVENTS | 177 | #ifdef SSH_AUDIT_EVENTS |
@@ -236,6 +243,13 @@ struct mon_table mon_dispatch_proto20[] = { | |||
236 | {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, | 243 | {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, |
237 | {MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign}, | 244 | {MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign}, |
238 | #endif | 245 | #endif |
246 | #ifdef JPAKE | ||
247 | {MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata}, | ||
248 | {MONITOR_REQ_JPAKE_STEP1, MON_ISAUTH, mm_answer_jpake_step1}, | ||
249 | {MONITOR_REQ_JPAKE_STEP2, MON_ONCE, mm_answer_jpake_step2}, | ||
250 | {MONITOR_REQ_JPAKE_KEY_CONFIRM, MON_ONCE, mm_answer_jpake_key_confirm}, | ||
251 | {MONITOR_REQ_JPAKE_CHECK_CONFIRM, MON_AUTH, mm_answer_jpake_check_confirm}, | ||
252 | #endif | ||
239 | {0, 0, NULL} | 253 | {0, 0, NULL} |
240 | }; | 254 | }; |
241 | 255 | ||
@@ -244,6 +258,7 @@ struct mon_table mon_dispatch_postauth20[] = { | |||
244 | {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, | 258 | {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, |
245 | {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, | 259 | {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, |
246 | {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, | 260 | {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, |
261 | {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds}, | ||
247 | #endif | 262 | #endif |
248 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, | 263 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, |
249 | {MONITOR_REQ_SIGN, 0, mm_answer_sign}, | 264 | {MONITOR_REQ_SIGN, 0, mm_answer_sign}, |
@@ -390,6 +405,15 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
390 | if (!authenticated) | 405 | if (!authenticated) |
391 | authctxt->failures++; | 406 | authctxt->failures++; |
392 | } | 407 | } |
408 | #ifdef JPAKE | ||
409 | /* Cleanup JPAKE context after authentication */ | ||
410 | if (ent->flags & MON_AUTHDECIDE) { | ||
411 | if (authctxt->jpake_ctx != NULL) { | ||
412 | jpake_free(authctxt->jpake_ctx); | ||
413 | authctxt->jpake_ctx = NULL; | ||
414 | } | ||
415 | } | ||
416 | #endif | ||
393 | } | 417 | } |
394 | 418 | ||
395 | if (!authctxt->valid) | 419 | if (!authctxt->valid) |
@@ -1493,7 +1517,9 @@ mm_answer_rsa_challenge(int sock, Buffer *m) | |||
1493 | fatal("%s: key type mismatch", __func__); | 1517 | fatal("%s: key type mismatch", __func__); |
1494 | if ((key = key_from_blob(blob, blen)) == NULL) | 1518 | if ((key = key_from_blob(blob, blen)) == NULL) |
1495 | fatal("%s: received bad key", __func__); | 1519 | fatal("%s: received bad key", __func__); |
1496 | 1520 | if (key->type != KEY_RSA) | |
1521 | fatal("%s: received bad key type %d", __func__, key->type); | ||
1522 | key->type = KEY_RSA1; | ||
1497 | if (ssh1_challenge) | 1523 | if (ssh1_challenge) |
1498 | BN_clear_free(ssh1_challenge); | 1524 | BN_clear_free(ssh1_challenge); |
1499 | ssh1_challenge = auth_rsa_generate_challenge(key); | 1525 | ssh1_challenge = auth_rsa_generate_challenge(key); |
@@ -1691,9 +1717,11 @@ mm_get_kex(Buffer *m) | |||
1691 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 1717 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
1692 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 1718 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
1693 | #ifdef GSSAPI | 1719 | #ifdef GSSAPI |
1694 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 1720 | if (options.gss_keyex) { |
1695 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | 1721 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
1696 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | 1722 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; |
1723 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | ||
1724 | } | ||
1697 | #endif | 1725 | #endif |
1698 | kex->server = 1; | 1726 | kex->server = 1; |
1699 | kex->hostkey_type = buffer_get_int(m); | 1727 | kex->hostkey_type = buffer_get_int(m); |
@@ -1894,6 +1922,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m) | |||
1894 | OM_uint32 major; | 1922 | OM_uint32 major; |
1895 | u_int len; | 1923 | u_int len; |
1896 | 1924 | ||
1925 | if (!options.gss_authentication && !options.gss_keyex) | ||
1926 | fatal("In GSSAPI monitor when GSSAPI is disabled"); | ||
1927 | |||
1897 | goid.elements = buffer_get_string(m, &len); | 1928 | goid.elements = buffer_get_string(m, &len); |
1898 | goid.length = len; | 1929 | goid.length = len; |
1899 | 1930 | ||
@@ -1921,6 +1952,9 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) | |||
1921 | OM_uint32 flags = 0; /* GSI needs this */ | 1952 | OM_uint32 flags = 0; /* GSI needs this */ |
1922 | u_int len; | 1953 | u_int len; |
1923 | 1954 | ||
1955 | if (!options.gss_authentication && !options.gss_keyex) | ||
1956 | fatal("In GSSAPI monitor when GSSAPI is disabled"); | ||
1957 | |||
1924 | in.value = buffer_get_string(m, &len); | 1958 | in.value = buffer_get_string(m, &len); |
1925 | in.length = len; | 1959 | in.length = len; |
1926 | major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); | 1960 | major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); |
@@ -1950,6 +1984,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m) | |||
1950 | OM_uint32 ret; | 1984 | OM_uint32 ret; |
1951 | u_int len; | 1985 | u_int len; |
1952 | 1986 | ||
1987 | if (!options.gss_authentication && !options.gss_keyex) | ||
1988 | fatal("In GSSAPI monitor when GSSAPI is disabled"); | ||
1989 | |||
1953 | gssbuf.value = buffer_get_string(m, &len); | 1990 | gssbuf.value = buffer_get_string(m, &len); |
1954 | gssbuf.length = len; | 1991 | gssbuf.length = len; |
1955 | mic.value = buffer_get_string(m, &len); | 1992 | mic.value = buffer_get_string(m, &len); |
@@ -1976,7 +2013,11 @@ mm_answer_gss_userok(int sock, Buffer *m) | |||
1976 | { | 2013 | { |
1977 | int authenticated; | 2014 | int authenticated; |
1978 | 2015 | ||
1979 | authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); | 2016 | if (!options.gss_authentication && !options.gss_keyex) |
2017 | fatal("In GSSAPI monitor when GSSAPI is disabled"); | ||
2018 | |||
2019 | authenticated = authctxt->valid && | ||
2020 | ssh_gssapi_userok(authctxt->user, authctxt->pw); | ||
1980 | 2021 | ||
1981 | buffer_clear(m); | 2022 | buffer_clear(m); |
1982 | buffer_put_int(m, authenticated); | 2023 | buffer_put_int(m, authenticated); |
@@ -1998,10 +2039,14 @@ mm_answer_gss_sign(int socket, Buffer *m) | |||
1998 | OM_uint32 major, minor; | 2039 | OM_uint32 major, minor; |
1999 | u_int len; | 2040 | u_int len; |
2000 | 2041 | ||
2042 | if (!options.gss_authentication && !options.gss_keyex) | ||
2043 | fatal("In GSSAPI monitor when GSSAPI is disabled"); | ||
2044 | |||
2001 | data.value = buffer_get_string(m, &len); | 2045 | data.value = buffer_get_string(m, &len); |
2002 | data.length = len; | 2046 | data.length = len; |
2003 | if (data.length != 20) | 2047 | if (data.length != 20) |
2004 | fatal("%s: data length incorrect: %d", __func__, data.length); | 2048 | fatal("%s: data length incorrect: %d", __func__, |
2049 | (int) data.length); | ||
2005 | 2050 | ||
2006 | /* Save the session ID on the first time around */ | 2051 | /* Save the session ID on the first time around */ |
2007 | if (session_id2_len == 0) { | 2052 | if (session_id2_len == 0) { |
@@ -2023,8 +2068,237 @@ mm_answer_gss_sign(int socket, Buffer *m) | |||
2023 | 2068 | ||
2024 | /* Turn on getpwnam permissions */ | 2069 | /* Turn on getpwnam permissions */ |
2025 | monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); | 2070 | monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); |
2071 | |||
2072 | /* And credential updating, for when rekeying */ | ||
2073 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1); | ||
2026 | 2074 | ||
2027 | return (0); | 2075 | return (0); |
2028 | } | 2076 | } |
2029 | 2077 | ||
2078 | int | ||
2079 | mm_answer_gss_updatecreds(int socket, Buffer *m) { | ||
2080 | ssh_gssapi_ccache store; | ||
2081 | int ok; | ||
2082 | |||
2083 | store.filename = buffer_get_string(m, NULL); | ||
2084 | store.envvar = buffer_get_string(m, NULL); | ||
2085 | store.envval = buffer_get_string(m, NULL); | ||
2086 | |||
2087 | ok = ssh_gssapi_update_creds(&store); | ||
2088 | |||
2089 | xfree(store.filename); | ||
2090 | xfree(store.envvar); | ||
2091 | xfree(store.envval); | ||
2092 | |||
2093 | buffer_clear(m); | ||
2094 | buffer_put_int(m, ok); | ||
2095 | |||
2096 | mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m); | ||
2097 | |||
2098 | return(0); | ||
2099 | } | ||
2100 | |||
2030 | #endif /* GSSAPI */ | 2101 | #endif /* GSSAPI */ |
2102 | |||
2103 | #ifdef JPAKE | ||
2104 | int | ||
2105 | mm_answer_jpake_step1(int sock, Buffer *m) | ||
2106 | { | ||
2107 | struct jpake_ctx *pctx; | ||
2108 | u_char *x3_proof, *x4_proof; | ||
2109 | u_int x3_proof_len, x4_proof_len; | ||
2110 | |||
2111 | if (!options.zero_knowledge_password_authentication) | ||
2112 | fatal("zero_knowledge_password_authentication disabled"); | ||
2113 | |||
2114 | if (authctxt->jpake_ctx != NULL) | ||
2115 | fatal("%s: authctxt->jpake_ctx already set (%p)", | ||
2116 | __func__, authctxt->jpake_ctx); | ||
2117 | authctxt->jpake_ctx = pctx = jpake_new(); | ||
2118 | |||
2119 | jpake_step1(pctx->grp, | ||
2120 | &pctx->server_id, &pctx->server_id_len, | ||
2121 | &pctx->x3, &pctx->x4, &pctx->g_x3, &pctx->g_x4, | ||
2122 | &x3_proof, &x3_proof_len, | ||
2123 | &x4_proof, &x4_proof_len); | ||
2124 | |||
2125 | JPAKE_DEBUG_CTX((pctx, "step1 done in %s", __func__)); | ||
2126 | |||
2127 | buffer_clear(m); | ||
2128 | |||
2129 | buffer_put_string(m, pctx->server_id, pctx->server_id_len); | ||
2130 | buffer_put_bignum2(m, pctx->g_x3); | ||
2131 | buffer_put_bignum2(m, pctx->g_x4); | ||
2132 | buffer_put_string(m, x3_proof, x3_proof_len); | ||
2133 | buffer_put_string(m, x4_proof, x4_proof_len); | ||
2134 | |||
2135 | debug3("%s: sending step1", __func__); | ||
2136 | mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m); | ||
2137 | |||
2138 | bzero(x3_proof, x3_proof_len); | ||
2139 | bzero(x4_proof, x4_proof_len); | ||
2140 | xfree(x3_proof); | ||
2141 | xfree(x4_proof); | ||
2142 | |||
2143 | monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_GET_PWDATA, 1); | ||
2144 | monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 0); | ||
2145 | |||
2146 | return 0; | ||
2147 | } | ||
2148 | |||
2149 | int | ||
2150 | mm_answer_jpake_get_pwdata(int sock, Buffer *m) | ||
2151 | { | ||
2152 | struct jpake_ctx *pctx = authctxt->jpake_ctx; | ||
2153 | char *hash_scheme, *salt; | ||
2154 | |||
2155 | if (pctx == NULL) | ||
2156 | fatal("%s: pctx == NULL", __func__); | ||
2157 | |||
2158 | auth2_jpake_get_pwdata(authctxt, &pctx->s, &hash_scheme, &salt); | ||
2159 | |||
2160 | buffer_clear(m); | ||
2161 | /* pctx->s is sensitive, not returned to slave */ | ||
2162 | buffer_put_cstring(m, hash_scheme); | ||
2163 | buffer_put_cstring(m, salt); | ||
2164 | |||
2165 | debug3("%s: sending pwdata", __func__); | ||
2166 | mm_request_send(sock, MONITOR_ANS_JPAKE_GET_PWDATA, m); | ||
2167 | |||
2168 | bzero(hash_scheme, strlen(hash_scheme)); | ||
2169 | bzero(salt, strlen(salt)); | ||
2170 | xfree(hash_scheme); | ||
2171 | xfree(salt); | ||
2172 | |||
2173 | monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP2, 1); | ||
2174 | |||
2175 | return 0; | ||
2176 | } | ||
2177 | |||
2178 | int | ||
2179 | mm_answer_jpake_step2(int sock, Buffer *m) | ||
2180 | { | ||
2181 | struct jpake_ctx *pctx = authctxt->jpake_ctx; | ||
2182 | u_char *x1_proof, *x2_proof, *x4_s_proof; | ||
2183 | u_int x1_proof_len, x2_proof_len, x4_s_proof_len; | ||
2184 | |||
2185 | if (pctx == NULL) | ||
2186 | fatal("%s: pctx == NULL", __func__); | ||
2187 | |||
2188 | if ((pctx->g_x1 = BN_new()) == NULL || | ||
2189 | (pctx->g_x2 = BN_new()) == NULL) | ||
2190 | fatal("%s: BN_new", __func__); | ||
2191 | buffer_get_bignum2(m, pctx->g_x1); | ||
2192 | buffer_get_bignum2(m, pctx->g_x2); | ||
2193 | pctx->client_id = buffer_get_string(m, &pctx->client_id_len); | ||
2194 | x1_proof = buffer_get_string(m, &x1_proof_len); | ||
2195 | x2_proof = buffer_get_string(m, &x2_proof_len); | ||
2196 | |||
2197 | jpake_step2(pctx->grp, pctx->s, pctx->g_x3, | ||
2198 | pctx->g_x1, pctx->g_x2, pctx->x4, | ||
2199 | pctx->client_id, pctx->client_id_len, | ||
2200 | pctx->server_id, pctx->server_id_len, | ||
2201 | x1_proof, x1_proof_len, | ||
2202 | x2_proof, x2_proof_len, | ||
2203 | &pctx->b, | ||
2204 | &x4_s_proof, &x4_s_proof_len); | ||
2205 | |||
2206 | JPAKE_DEBUG_CTX((pctx, "step2 done in %s", __func__)); | ||
2207 | |||
2208 | bzero(x1_proof, x1_proof_len); | ||
2209 | bzero(x2_proof, x2_proof_len); | ||
2210 | xfree(x1_proof); | ||
2211 | xfree(x2_proof); | ||
2212 | |||
2213 | buffer_clear(m); | ||
2214 | |||
2215 | buffer_put_bignum2(m, pctx->b); | ||
2216 | buffer_put_string(m, x4_s_proof, x4_s_proof_len); | ||
2217 | |||
2218 | debug3("%s: sending step2", __func__); | ||
2219 | mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m); | ||
2220 | |||
2221 | bzero(x4_s_proof, x4_s_proof_len); | ||
2222 | xfree(x4_s_proof); | ||
2223 | |||
2224 | monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1); | ||
2225 | |||
2226 | return 0; | ||
2227 | } | ||
2228 | |||
2229 | int | ||
2230 | mm_answer_jpake_key_confirm(int sock, Buffer *m) | ||
2231 | { | ||
2232 | struct jpake_ctx *pctx = authctxt->jpake_ctx; | ||
2233 | u_char *x2_s_proof; | ||
2234 | u_int x2_s_proof_len; | ||
2235 | |||
2236 | if (pctx == NULL) | ||
2237 | fatal("%s: pctx == NULL", __func__); | ||
2238 | |||
2239 | if ((pctx->a = BN_new()) == NULL) | ||
2240 | fatal("%s: BN_new", __func__); | ||
2241 | buffer_get_bignum2(m, pctx->a); | ||
2242 | x2_s_proof = buffer_get_string(m, &x2_s_proof_len); | ||
2243 | |||
2244 | jpake_key_confirm(pctx->grp, pctx->s, pctx->a, | ||
2245 | pctx->x4, pctx->g_x3, pctx->g_x4, pctx->g_x1, pctx->g_x2, | ||
2246 | pctx->server_id, pctx->server_id_len, | ||
2247 | pctx->client_id, pctx->client_id_len, | ||
2248 | session_id2, session_id2_len, | ||
2249 | x2_s_proof, x2_s_proof_len, | ||
2250 | &pctx->k, | ||
2251 | &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len); | ||
2252 | |||
2253 | JPAKE_DEBUG_CTX((pctx, "key_confirm done in %s", __func__)); | ||
2254 | |||
2255 | bzero(x2_s_proof, x2_s_proof_len); | ||
2256 | buffer_clear(m); | ||
2257 | |||
2258 | /* pctx->k is sensitive, not sent */ | ||
2259 | buffer_put_string(m, pctx->h_k_sid_sessid, pctx->h_k_sid_sessid_len); | ||
2260 | |||
2261 | debug3("%s: sending confirmation hash", __func__); | ||
2262 | mm_request_send(sock, MONITOR_ANS_JPAKE_KEY_CONFIRM, m); | ||
2263 | |||
2264 | monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_CHECK_CONFIRM, 1); | ||
2265 | |||
2266 | return 0; | ||
2267 | } | ||
2268 | |||
2269 | int | ||
2270 | mm_answer_jpake_check_confirm(int sock, Buffer *m) | ||
2271 | { | ||
2272 | int authenticated = 0; | ||
2273 | u_char *peer_confirm_hash; | ||
2274 | u_int peer_confirm_hash_len; | ||
2275 | struct jpake_ctx *pctx = authctxt->jpake_ctx; | ||
2276 | |||
2277 | if (pctx == NULL) | ||
2278 | fatal("%s: pctx == NULL", __func__); | ||
2279 | |||
2280 | peer_confirm_hash = buffer_get_string(m, &peer_confirm_hash_len); | ||
2281 | |||
2282 | authenticated = jpake_check_confirm(pctx->k, | ||
2283 | pctx->client_id, pctx->client_id_len, | ||
2284 | session_id2, session_id2_len, | ||
2285 | peer_confirm_hash, peer_confirm_hash_len) && authctxt->valid; | ||
2286 | |||
2287 | JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__)); | ||
2288 | |||
2289 | bzero(peer_confirm_hash, peer_confirm_hash_len); | ||
2290 | xfree(peer_confirm_hash); | ||
2291 | |||
2292 | buffer_clear(m); | ||
2293 | buffer_put_int(m, authenticated); | ||
2294 | |||
2295 | debug3("%s: sending result %d", __func__, authenticated); | ||
2296 | mm_request_send(sock, MONITOR_ANS_JPAKE_CHECK_CONFIRM, m); | ||
2297 | |||
2298 | monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 1); | ||
2299 | |||
2300 | auth_method = "jpake-01@openssh.com"; | ||
2301 | return authenticated; | ||
2302 | } | ||
2303 | |||
2304 | #endif /* JPAKE */ | ||