New upstream release (7.4p1).

author: Colin Watson <cjwatson@debian.org> 2016-12-20 00:22:53 +0000
committer: Colin Watson <cjwatson@debian.org> 2016-12-23 19:08:35 +0000
commit: ee52365e713e546dbd878d73d9590dbaccd760ba (patch)
tree: 841d0d9ae73e83070bcc3b46218ebdd18142dda3 /monitor_wrap.c
parent: 8a4a5c22e363ad6a110ad9b787170297f5da8f04 (diff)
parent: 2103d3e5566c54e08a59be750579a249e46747d7 (diff)
1 files changed, 1 insertions, 150 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 11e3a6956..2ff8064a0 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.88 2016/03/07 19:02:43 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.89 2016/08/13 17:47:41 markus Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -85,7 +85,6 @@
 #include "ssherr.h"
 /* Imports */
-extern int compat20;
 extern z_stream incoming_stream;
 extern z_stream outgoing_stream;
 extern struct monitor *pmonitor;
@@ -407,18 +406,6 @@ mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host,
 }
 int
-mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, const char *user,
-    const char *host, Key *key)
-{
-        int ret;
-        key->type = KEY_RSA; /* XXX hack for key_to_blob */
-        ret = mm_key_allowed(MM_RSAHOSTKEY, user, host, key, 0);
-        key->type = KEY_RSA1;
-        return (ret);
-}
-int
 mm_key_allowed(enum mm_keytype type, const char *user, const char *host,
    Key *key, int pubkey_auth_attempt)
 {
@@ -728,28 +715,6 @@ mm_terminate(void)
        buffer_free(&m);
 }
-#ifdef WITH_SSH1
-int
-mm_ssh1_session_key(BIGNUM *num)
-{
-        int rsafail;
-        Buffer m;
-        buffer_init(&m);
-        buffer_put_bignum2(&m, num);
-        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSKEY, &m);
-        mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SESSKEY, &m);
-        rsafail = buffer_get_int(&m);
-        buffer_get_bignum2(&m, num);
-        buffer_free(&m);
-        return (rsafail);
-}
-#endif
 static void
 mm_chall_setup(char **name, char **infotxt, u_int *numprompts,
    char ***prompts, u_int **echo_on)
@@ -880,120 +845,6 @@ mm_skey_respond(void *ctx, u_int numresponses, char **responses)
 }
 #endif /* SKEY */
-void
-mm_ssh1_session_id(u_char session_id[16])
-{
-        Buffer m;
-        int i;
-        debug3("%s entering", __func__);
-        buffer_init(&m);
-        for (i = 0; i < 16; i++)
-                buffer_put_char(&m, session_id[i]);
-        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSID, &m);
-        buffer_free(&m);
-}
-#ifdef WITH_SSH1
-int
-mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
-{
-        Buffer m;
-        Key *key;
-        u_char *blob;
-        u_int blen;
-        int allowed = 0, have_forced = 0;
-        debug3("%s entering", __func__);
-        buffer_init(&m);
-        buffer_put_bignum2(&m, client_n);
-        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSAKEYALLOWED, &m);
-        mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSAKEYALLOWED, &m);
-        allowed = buffer_get_int(&m);
-        /* fake forced command */
-        auth_clear_options();
-        have_forced = buffer_get_int(&m);
-        forced_command = have_forced ? xstrdup("true") : NULL;
-        if (allowed && rkey != NULL) {
-                blob = buffer_get_string(&m, &blen);
-                if ((key = key_from_blob(blob, blen)) == NULL)
-                        fatal("%s: key_from_blob failed", __func__);
-                *rkey = key;
-                free(blob);
-        }
-        buffer_free(&m);
-        return (allowed);
-}
-BIGNUM *
-mm_auth_rsa_generate_challenge(Key *key)
-{
-        Buffer m;
-        BIGNUM *challenge;
-        u_char *blob;
-        u_int blen;
-        debug3("%s entering", __func__);
-        if ((challenge = BN_new()) == NULL)
-                fatal("%s: BN_new failed", __func__);
-        key->type = KEY_RSA;    /* XXX cheat for key_to_blob */
-        if (key_to_blob(key, &blob, &blen) == 0)
-                fatal("%s: key_to_blob failed", __func__);
-        key->type = KEY_RSA1;
-        buffer_init(&m);
-        buffer_put_string(&m, blob, blen);
-        free(blob);
-        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m);
-        mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m);
-        buffer_get_bignum2(&m, challenge);
-        buffer_free(&m);
-        return (challenge);
-}
-int
-mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
-{
-        Buffer m;
-        u_char *blob;
-        u_int blen;
-        int success = 0;
-        debug3("%s entering", __func__);
-        key->type = KEY_RSA;    /* XXX cheat for key_to_blob */
-        if (key_to_blob(key, &blob, &blen) == 0)
-                fatal("%s: key_to_blob failed", __func__);
-        key->type = KEY_RSA1;
-        buffer_init(&m);
-        buffer_put_string(&m, blob, blen);
-        buffer_put_string(&m, response, 16);
-        free(blob);
-        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m);
-        mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m);
-        success = buffer_get_int(&m);
-        buffer_free(&m);
-        return (success);
-}
-#endif
 #ifdef SSH_AUDIT_EVENTS
 void
 mm_audit_event(ssh_audit_event_t event)
author	Colin Watson <cjwatson@debian.org>	2016-12-20 00:22:53 +0000
committer	Colin Watson <cjwatson@debian.org>	2016-12-23 19:08:35 +0000
commit	ee52365e713e546dbd878d73d9590dbaccd760ba (patch)
tree	841d0d9ae73e83070bcc3b46218ebdd18142dda3 /monitor_wrap.c
parent	8a4a5c22e363ad6a110ad9b787170297f5da8f04 (diff)
parent	2103d3e5566c54e08a59be750579a249e46747d7 (diff)

diff --git a/monitor_wrap.c b/monitor_wrap.c index 11e3a6956..2ff8064a0 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor_wrap.c,v 1.88 2016/03/07 19:02:43 djm Exp $ */	1	/* $OpenBSD: monitor_wrap.c,v 1.89 2016/08/13 17:47:41 markus Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -85,7 +85,6 @@
85	#include "ssherr.h"	85	#include "ssherr.h"
86		86
87	/* Imports */	87	/* Imports */
88	extern int compat20;
89	extern z_stream incoming_stream;	88	extern z_stream incoming_stream;
90	extern z_stream outgoing_stream;	89	extern z_stream outgoing_stream;
91	extern struct monitor *pmonitor;	90	extern struct monitor *pmonitor;
@@ -407,18 +406,6 @@ mm_hostbased_key_allowed(struct passwd pw, const char user, const char *host,
407	}	406	}
408		407
409	int	408	int
410	mm_auth_rhosts_rsa_key_allowed(struct passwd pw, const char user,
411	const char host, Key key)
412	{
413	int ret;
414
415	key->type = KEY_RSA; /* XXX hack for key_to_blob */
416	ret = mm_key_allowed(MM_RSAHOSTKEY, user, host, key, 0);
417	key->type = KEY_RSA1;
418	return (ret);
419	}
420
421	int
422	mm_key_allowed(enum mm_keytype type, const char user, const char host,	409	mm_key_allowed(enum mm_keytype type, const char user, const char host,
423	Key *key, int pubkey_auth_attempt)	410	Key *key, int pubkey_auth_attempt)
424	{	411	{
@@ -728,28 +715,6 @@ mm_terminate(void)
728	buffer_free(&m);	715	buffer_free(&m);
729	}	716	}
730		717
731	#ifdef WITH_SSH1
732	int
733	mm_ssh1_session_key(BIGNUM *num)
734	{
735	int rsafail;
736	Buffer m;
737
738	buffer_init(&m);
739	buffer_put_bignum2(&m, num);
740	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSKEY, &m);
741
742	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SESSKEY, &m);
743
744	rsafail = buffer_get_int(&m);
745	buffer_get_bignum2(&m, num);
746
747	buffer_free(&m);
748
749	return (rsafail);
750	}
751	#endif
752
753	static void	718	static void
754	mm_chall_setup(char name, char infotxt, u_int *numprompts,	719	mm_chall_setup(char name, char infotxt, u_int *numprompts,
755	char *prompts, u_int echo_on)	720	char *prompts, u_int echo_on)
@@ -880,120 +845,6 @@ mm_skey_respond(void ctx, u_int numresponses, char *responses)
880	}	845	}
881	#endif /* SKEY */	846	#endif /* SKEY */
882		847
883	void
884	mm_ssh1_session_id(u_char session_id[16])
885	{
886	Buffer m;
887	int i;
888
889	debug3("%s entering", __func__);
890
891	buffer_init(&m);
892	for (i = 0; i < 16; i++)
893	buffer_put_char(&m, session_id[i]);
894
895	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSID, &m);
896	buffer_free(&m);
897	}
898
899	#ifdef WITH_SSH1
900	int
901	mm_auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
902	{
903	Buffer m;
904	Key *key;
905	u_char *blob;
906	u_int blen;
907	int allowed = 0, have_forced = 0;
908
909	debug3("%s entering", __func__);
910
911	buffer_init(&m);
912	buffer_put_bignum2(&m, client_n);
913
914	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSAKEYALLOWED, &m);
915	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSAKEYALLOWED, &m);
916
917	allowed = buffer_get_int(&m);
918
919	/* fake forced command */
920	auth_clear_options();
921	have_forced = buffer_get_int(&m);
922	forced_command = have_forced ? xstrdup("true") : NULL;
923
924	if (allowed && rkey != NULL) {
925	blob = buffer_get_string(&m, &blen);
926	if ((key = key_from_blob(blob, blen)) == NULL)
927	fatal("%s: key_from_blob failed", __func__);
928	*rkey = key;
929	free(blob);
930	}
931	buffer_free(&m);
932
933	return (allowed);
934	}
935
936	BIGNUM *
937	mm_auth_rsa_generate_challenge(Key *key)
938	{
939	Buffer m;
940	BIGNUM *challenge;
941	u_char *blob;
942	u_int blen;
943
944	debug3("%s entering", __func__);
945
946	if ((challenge = BN_new()) == NULL)
947	fatal("%s: BN_new failed", __func__);
948
949	key->type = KEY_RSA; /* XXX cheat for key_to_blob */
950	if (key_to_blob(key, &blob, &blen) == 0)
951	fatal("%s: key_to_blob failed", __func__);
952	key->type = KEY_RSA1;
953
954	buffer_init(&m);
955	buffer_put_string(&m, blob, blen);
956	free(blob);
957
958	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m);
959	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m);
960
961	buffer_get_bignum2(&m, challenge);
962	buffer_free(&m);
963
964	return (challenge);
965	}
966
967	int
968	mm_auth_rsa_verify_response(Key key, BIGNUM p, u_char response[16])
969	{
970	Buffer m;
971	u_char *blob;
972	u_int blen;
973	int success = 0;
974
975	debug3("%s entering", __func__);
976
977	key->type = KEY_RSA; /* XXX cheat for key_to_blob */
978	if (key_to_blob(key, &blob, &blen) == 0)
979	fatal("%s: key_to_blob failed", __func__);
980	key->type = KEY_RSA1;
981
982	buffer_init(&m);
983	buffer_put_string(&m, blob, blen);
984	buffer_put_string(&m, response, 16);
985	free(blob);
986
987	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m);
988	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m);
989
990	success = buffer_get_int(&m);
991	buffer_free(&m);
992
993	return (success);
994	}
995	#endif
996
997	#ifdef SSH_AUDIT_EVENTS	848	#ifdef SSH_AUDIT_EVENTS
998	void	849	void
999	mm_audit_event(ssh_audit_event_t event)	850	mm_audit_event(ssh_audit_event_t event)