1 files changed, 5 insertions, 230 deletions
diff --git a/monitor.c b/monitor.c
index 8ffea4f13..7c105e687 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.128 2013/11/04 11:51:16 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.131 2014/02/02 03:44:31 djm Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -95,7 +95,6 @@
 #include "misc.h"
 #include "compat.h"
 #include "ssh2.h"
-#include "jpake.h"
 #include "roaming.h"
 #include "authfd.h"
 #ifdef USE_CONSOLEKIT
@@ -165,11 +164,6 @@ int mm_answer_rsa_challenge(int, Buffer *);
 int mm_answer_rsa_response(int, Buffer *);
 int mm_answer_sesskey(int, Buffer *);
 int mm_answer_sessid(int, Buffer *);
-int mm_answer_jpake_get_pwdata(int, Buffer *);
-int mm_answer_jpake_step1(int, Buffer *);
-int mm_answer_jpake_step2(int, Buffer *);
-int mm_answer_jpake_key_confirm(int, Buffer *);
-int mm_answer_jpake_check_confirm(int, Buffer *);
 #ifdef USE_PAM
 int mm_answer_pam_start(int, Buffer *);
@@ -266,13 +260,6 @@ struct mon_table mon_dispatch_proto20[] = {
    {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
    {MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign},
 #endif
-#ifdef JPAKE
-    {MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},
-    {MONITOR_REQ_JPAKE_STEP1, MON_ISAUTH, mm_answer_jpake_step1},
-    {MONITOR_REQ_JPAKE_STEP2, MON_ONCE, mm_answer_jpake_step2},
-    {MONITOR_REQ_JPAKE_KEY_CONFIRM, MON_ONCE, mm_answer_jpake_key_confirm},
-    {MONITOR_REQ_JPAKE_CHECK_CONFIRM, MON_AUTH, mm_answer_jpake_check_confirm},
-#endif
    {0, 0, NULL}
 };
@@ -455,15 +442,6 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                        if (!authenticated)
                                authctxt->failures++;
                }
-#ifdef JPAKE
-                /* Cleanup JPAKE context after authentication */
-                if (ent->flags & MON_AUTHDECIDE) {
-                        if (authctxt->jpake_ctx != NULL) {
-                                jpake_free(authctxt->jpake_ctx);
-                                authctxt->jpake_ctx = NULL;
-                        }
-                }
-#endif
        }
        if (!authctxt->valid)
@@ -601,7 +579,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
        struct pollfd pfd[2];
        for (;;) {
-                bzero(&pfd, sizeof(pfd));
+                memset(&pfd, 0, sizeof(pfd));
                pfd[0].fd = pmonitor->m_sendfd;
                pfd[0].events = POLLIN;
                pfd[1].fd = pmonitor->m_log_recvfd;
@@ -939,7 +917,7 @@ mm_answer_authpassword(int sock, Buffer *m)
        /* Only authenticate if the context is valid */
        authenticated = options.password_authentication &&
            auth_password(authctxt, passwd);
-        memset(passwd, 0, strlen(passwd));
+        explicit_bzero(passwd, strlen(passwd));
        free(passwd);
        buffer_clear(m);
@@ -1881,13 +1859,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
        /* XXX inefficient for large buffers, need: buffer_init_from_string */
        buffer_clear(packet_get_input());
        buffer_append(packet_get_input(), child_state.input, child_state.ilen);
-        memset(child_state.input, 0, child_state.ilen);
+        explicit_bzero(child_state.input, child_state.ilen);
        free(child_state.input);
        buffer_clear(packet_get_output());
        buffer_append(packet_get_output(), child_state.output,
                      child_state.olen);
-        memset(child_state.output, 0, child_state.olen);
+        explicit_bzero(child_state.output, child_state.olen);
        free(child_state.output);
        /* Roaming */
@@ -2307,209 +2285,6 @@ mm_answer_gss_updatecreds(int socket, Buffer *m) {
 #endif /* GSSAPI */
-#ifdef JPAKE
-int
-mm_answer_jpake_step1(int sock, Buffer *m)
-{
-        struct jpake_ctx *pctx;
-        u_char *x3_proof, *x4_proof;
-        u_int x3_proof_len, x4_proof_len;
-        if (!options.zero_knowledge_password_authentication)
-                fatal("zero_knowledge_password_authentication disabled");
-        if (authctxt->jpake_ctx != NULL)
-                fatal("%s: authctxt->jpake_ctx already set (%p)",
-                    __func__, authctxt->jpake_ctx);
-        authctxt->jpake_ctx = pctx = jpake_new();
-        jpake_step1(pctx->grp,
-            &pctx->server_id, &pctx->server_id_len,
-            &pctx->x3, &pctx->x4, &pctx->g_x3, &pctx->g_x4,
-            &x3_proof, &x3_proof_len,
-            &x4_proof, &x4_proof_len);
-        JPAKE_DEBUG_CTX((pctx, "step1 done in %s", __func__));
-        buffer_clear(m);
-        buffer_put_string(m, pctx->server_id, pctx->server_id_len);
-        buffer_put_bignum2(m, pctx->g_x3);
-        buffer_put_bignum2(m, pctx->g_x4);
-        buffer_put_string(m, x3_proof, x3_proof_len);
-        buffer_put_string(m, x4_proof, x4_proof_len);
-        debug3("%s: sending step1", __func__);
-        mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m);
-        bzero(x3_proof, x3_proof_len);
-        bzero(x4_proof, x4_proof_len);
-        free(x3_proof);
-        free(x4_proof);
-        monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_GET_PWDATA, 1);
-        monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 0);
-        return 0;
-}
-int
-mm_answer_jpake_get_pwdata(int sock, Buffer *m)
-{
-        struct jpake_ctx *pctx = authctxt->jpake_ctx;
-        char *hash_scheme, *salt;
-        if (pctx == NULL)
-                fatal("%s: pctx == NULL", __func__);
-        auth2_jpake_get_pwdata(authctxt, &pctx->s, &hash_scheme, &salt);
-        buffer_clear(m);
-        /* pctx->s is sensitive, not returned to slave */
-        buffer_put_cstring(m, hash_scheme);
-        buffer_put_cstring(m, salt);
-        debug3("%s: sending pwdata", __func__);
-        mm_request_send(sock, MONITOR_ANS_JPAKE_GET_PWDATA, m);
-        bzero(hash_scheme, strlen(hash_scheme));
-        bzero(salt, strlen(salt));
-        free(hash_scheme);
-        free(salt);
-        monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP2, 1);
-        return 0;
-}
-int
-mm_answer_jpake_step2(int sock, Buffer *m)
-{
-        struct jpake_ctx *pctx = authctxt->jpake_ctx;
-        u_char *x1_proof, *x2_proof, *x4_s_proof;
-        u_int x1_proof_len, x2_proof_len, x4_s_proof_len;
-        if (pctx == NULL)
-                fatal("%s: pctx == NULL", __func__);
-        if ((pctx->g_x1 = BN_new()) == NULL ||
-            (pctx->g_x2 = BN_new()) == NULL)
-                fatal("%s: BN_new", __func__);
-        buffer_get_bignum2(m, pctx->g_x1);
-        buffer_get_bignum2(m, pctx->g_x2);
-        pctx->client_id = buffer_get_string(m, &pctx->client_id_len);
-        x1_proof = buffer_get_string(m, &x1_proof_len);
-        x2_proof = buffer_get_string(m, &x2_proof_len);
-        jpake_step2(pctx->grp, pctx->s, pctx->g_x3,
-            pctx->g_x1, pctx->g_x2, pctx->x4,
-            pctx->client_id, pctx->client_id_len,
-            pctx->server_id, pctx->server_id_len,
-            x1_proof, x1_proof_len,
-            x2_proof, x2_proof_len,
-            &pctx->b,
-            &x4_s_proof, &x4_s_proof_len);
-        JPAKE_DEBUG_CTX((pctx, "step2 done in %s", __func__));
-        bzero(x1_proof, x1_proof_len);
-        bzero(x2_proof, x2_proof_len);
-        free(x1_proof);
-        free(x2_proof);
-        buffer_clear(m);
-        buffer_put_bignum2(m, pctx->b);
-        buffer_put_string(m, x4_s_proof, x4_s_proof_len);
-        debug3("%s: sending step2", __func__);
-        mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m);
-        bzero(x4_s_proof, x4_s_proof_len);
-        free(x4_s_proof);
-        monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1);
-        return 0;
-}
-int
-mm_answer_jpake_key_confirm(int sock, Buffer *m)
-{
-        struct jpake_ctx *pctx = authctxt->jpake_ctx;
-        u_char *x2_s_proof;
-        u_int x2_s_proof_len;
-        if (pctx == NULL)
-                fatal("%s: pctx == NULL", __func__);
-        if ((pctx->a = BN_new()) == NULL)
-                fatal("%s: BN_new", __func__);
-        buffer_get_bignum2(m, pctx->a);
-        x2_s_proof = buffer_get_string(m, &x2_s_proof_len);
-        jpake_key_confirm(pctx->grp, pctx->s, pctx->a,
-            pctx->x4, pctx->g_x3, pctx->g_x4, pctx->g_x1, pctx->g_x2,
-            pctx->server_id, pctx->server_id_len,
-            pctx->client_id, pctx->client_id_len,
-            session_id2, session_id2_len,
-            x2_s_proof, x2_s_proof_len,
-            &pctx->k,
-            &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len);
-        JPAKE_DEBUG_CTX((pctx, "key_confirm done in %s", __func__));
-        bzero(x2_s_proof, x2_s_proof_len);
-        buffer_clear(m);
-        /* pctx->k is sensitive, not sent */
-        buffer_put_string(m, pctx->h_k_sid_sessid, pctx->h_k_sid_sessid_len);
-        debug3("%s: sending confirmation hash", __func__);
-        mm_request_send(sock, MONITOR_ANS_JPAKE_KEY_CONFIRM, m);
-        monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_CHECK_CONFIRM, 1);
-        return 0;
-}
-int
-mm_answer_jpake_check_confirm(int sock, Buffer *m)
-{
-        int authenticated = 0;
-        u_char *peer_confirm_hash;
-        u_int peer_confirm_hash_len;
-        struct jpake_ctx *pctx = authctxt->jpake_ctx;
-        if (pctx == NULL)
-                fatal("%s: pctx == NULL", __func__);
-        peer_confirm_hash = buffer_get_string(m, &peer_confirm_hash_len);
-        authenticated = jpake_check_confirm(pctx->k,
-            pctx->client_id, pctx->client_id_len,
-            session_id2, session_id2_len,
-            peer_confirm_hash, peer_confirm_hash_len) && authctxt->valid;
-        JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__));
-        bzero(peer_confirm_hash, peer_confirm_hash_len);
-        free(peer_confirm_hash);
-        buffer_clear(m);
-        buffer_put_int(m, authenticated);
-        debug3("%s: sending result %d", __func__, authenticated);
-        mm_request_send(sock, MONITOR_ANS_JPAKE_CHECK_CONFIRM, m);
-        monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 1);
-        auth_method = "jpake-01@openssh.com";
-        return authenticated;
-}
-#endif /* JPAKE */
 #ifdef USE_CONSOLEKIT
 int
 mm_answer_consolekit_register(int sock, Buffer *m)

diff --git a/monitor.c b/monitor.c index 8ffea4f13..7c105e687 100644 --- a/monitor.c +++ b/monitor.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor.c,v 1.128 2013/11/04 11:51:16 markus Exp $ */	1	/* $OpenBSD: monitor.c,v 1.131 2014/02/02 03:44:31 djm Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -95,7 +95,6 @@
95	#include "misc.h"	95	#include "misc.h"
96	#include "compat.h"	96	#include "compat.h"
97	#include "ssh2.h"	97	#include "ssh2.h"
98	#include "jpake.h"
99	#include "roaming.h"	98	#include "roaming.h"
100	#include "authfd.h"	99	#include "authfd.h"
101	#ifdef USE_CONSOLEKIT	100	#ifdef USE_CONSOLEKIT
@@ -165,11 +164,6 @@ int mm_answer_rsa_challenge(int, Buffer *);
165	int mm_answer_rsa_response(int, Buffer *);	164	int mm_answer_rsa_response(int, Buffer *);
166	int mm_answer_sesskey(int, Buffer *);	165	int mm_answer_sesskey(int, Buffer *);
167	int mm_answer_sessid(int, Buffer *);	166	int mm_answer_sessid(int, Buffer *);
168	int mm_answer_jpake_get_pwdata(int, Buffer *);
169	int mm_answer_jpake_step1(int, Buffer *);
170	int mm_answer_jpake_step2(int, Buffer *);
171	int mm_answer_jpake_key_confirm(int, Buffer *);
172	int mm_answer_jpake_check_confirm(int, Buffer *);
173		167
174	#ifdef USE_PAM	168	#ifdef USE_PAM
175	int mm_answer_pam_start(int, Buffer *);	169	int mm_answer_pam_start(int, Buffer *);
@@ -266,13 +260,6 @@ struct mon_table mon_dispatch_proto20[] = {
266	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},	260	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
267	{MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign},	261	{MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign},
268	#endif	262	#endif
269	#ifdef JPAKE
270	{MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},
271	{MONITOR_REQ_JPAKE_STEP1, MON_ISAUTH, mm_answer_jpake_step1},
272	{MONITOR_REQ_JPAKE_STEP2, MON_ONCE, mm_answer_jpake_step2},
273	{MONITOR_REQ_JPAKE_KEY_CONFIRM, MON_ONCE, mm_answer_jpake_key_confirm},
274	{MONITOR_REQ_JPAKE_CHECK_CONFIRM, MON_AUTH, mm_answer_jpake_check_confirm},
275	#endif
276	{0, 0, NULL}	263	{0, 0, NULL}
277	};	264	};
278		265
@@ -455,15 +442,6 @@ monitor_child_preauth(Authctxt _authctxt, struct monitor pmonitor)
455	if (!authenticated)	442	if (!authenticated)
456	authctxt->failures++;	443	authctxt->failures++;
457	}	444	}
458	#ifdef JPAKE
459	/* Cleanup JPAKE context after authentication */
460	if (ent->flags & MON_AUTHDECIDE) {
461	if (authctxt->jpake_ctx != NULL) {
462	jpake_free(authctxt->jpake_ctx);
463	authctxt->jpake_ctx = NULL;
464	}
465	}
466	#endif
467	}	445	}
468		446
469	if (!authctxt->valid)	447	if (!authctxt->valid)
@@ -601,7 +579,7 @@ monitor_read(struct monitor pmonitor, struct mon_table ent,
601	struct pollfd pfd[2];	579	struct pollfd pfd[2];
602		580
603	for (;;) {	581	for (;;) {
604	bzero(&pfd, sizeof(pfd));	582	memset(&pfd, 0, sizeof(pfd));
605	pfd[0].fd = pmonitor->m_sendfd;	583	pfd[0].fd = pmonitor->m_sendfd;
606	pfd[0].events = POLLIN;	584	pfd[0].events = POLLIN;
607	pfd[1].fd = pmonitor->m_log_recvfd;	585	pfd[1].fd = pmonitor->m_log_recvfd;
@@ -939,7 +917,7 @@ mm_answer_authpassword(int sock, Buffer *m)
939	/* Only authenticate if the context is valid */	917	/* Only authenticate if the context is valid */
940	authenticated = options.password_authentication &&	918	authenticated = options.password_authentication &&
941	auth_password(authctxt, passwd);	919	auth_password(authctxt, passwd);
942	memset(passwd, 0, strlen(passwd));	920	explicit_bzero(passwd, strlen(passwd));
943	free(passwd);	921	free(passwd);
944		922
945	buffer_clear(m);	923	buffer_clear(m);
@@ -1881,13 +1859,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
1881	/* XXX inefficient for large buffers, need: buffer_init_from_string */	1859	/* XXX inefficient for large buffers, need: buffer_init_from_string */
1882	buffer_clear(packet_get_input());	1860	buffer_clear(packet_get_input());
1883	buffer_append(packet_get_input(), child_state.input, child_state.ilen);	1861	buffer_append(packet_get_input(), child_state.input, child_state.ilen);
1884	memset(child_state.input, 0, child_state.ilen);	1862	explicit_bzero(child_state.input, child_state.ilen);
1885	free(child_state.input);	1863	free(child_state.input);
1886		1864
1887	buffer_clear(packet_get_output());	1865	buffer_clear(packet_get_output());
1888	buffer_append(packet_get_output(), child_state.output,	1866	buffer_append(packet_get_output(), child_state.output,
1889	child_state.olen);	1867	child_state.olen);
1890	memset(child_state.output, 0, child_state.olen);	1868	explicit_bzero(child_state.output, child_state.olen);
1891	free(child_state.output);	1869	free(child_state.output);
1892		1870
1893	/* Roaming */	1871	/* Roaming */
@@ -2307,209 +2285,6 @@ mm_answer_gss_updatecreds(int socket, Buffer *m) {
2307		2285
2308	#endif /* GSSAPI */	2286	#endif /* GSSAPI */
2309		2287
2310	#ifdef JPAKE
2311	int
2312	mm_answer_jpake_step1(int sock, Buffer *m)
2313	{
2314	struct jpake_ctx *pctx;
2315	u_char x3_proof, x4_proof;
2316	u_int x3_proof_len, x4_proof_len;
2317
2318	if (!options.zero_knowledge_password_authentication)
2319	fatal("zero_knowledge_password_authentication disabled");
2320
2321	if (authctxt->jpake_ctx != NULL)
2322	fatal("%s: authctxt->jpake_ctx already set (%p)",
2323	__func__, authctxt->jpake_ctx);
2324	authctxt->jpake_ctx = pctx = jpake_new();
2325
2326	jpake_step1(pctx->grp,
2327	&pctx->server_id, &pctx->server_id_len,
2328	&pctx->x3, &pctx->x4, &pctx->g_x3, &pctx->g_x4,
2329	&x3_proof, &x3_proof_len,
2330	&x4_proof, &x4_proof_len);
2331
2332	JPAKE_DEBUG_CTX((pctx, "step1 done in %s", __func__));
2333
2334	buffer_clear(m);
2335
2336	buffer_put_string(m, pctx->server_id, pctx->server_id_len);
2337	buffer_put_bignum2(m, pctx->g_x3);
2338	buffer_put_bignum2(m, pctx->g_x4);
2339	buffer_put_string(m, x3_proof, x3_proof_len);
2340	buffer_put_string(m, x4_proof, x4_proof_len);
2341
2342	debug3("%s: sending step1", __func__);
2343	mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m);
2344
2345	bzero(x3_proof, x3_proof_len);
2346	bzero(x4_proof, x4_proof_len);
2347	free(x3_proof);
2348	free(x4_proof);
2349
2350	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_GET_PWDATA, 1);
2351	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 0);
2352
2353	return 0;
2354	}
2355
2356	int
2357	mm_answer_jpake_get_pwdata(int sock, Buffer *m)
2358	{
2359	struct jpake_ctx *pctx = authctxt->jpake_ctx;
2360	char hash_scheme, salt;
2361
2362	if (pctx == NULL)
2363	fatal("%s: pctx == NULL", __func__);
2364
2365	auth2_jpake_get_pwdata(authctxt, &pctx->s, &hash_scheme, &salt);
2366
2367	buffer_clear(m);
2368	/* pctx->s is sensitive, not returned to slave */
2369	buffer_put_cstring(m, hash_scheme);
2370	buffer_put_cstring(m, salt);
2371
2372	debug3("%s: sending pwdata", __func__);
2373	mm_request_send(sock, MONITOR_ANS_JPAKE_GET_PWDATA, m);
2374
2375	bzero(hash_scheme, strlen(hash_scheme));
2376	bzero(salt, strlen(salt));
2377	free(hash_scheme);
2378	free(salt);
2379
2380	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP2, 1);
2381
2382	return 0;
2383	}
2384
2385	int
2386	mm_answer_jpake_step2(int sock, Buffer *m)
2387	{
2388	struct jpake_ctx *pctx = authctxt->jpake_ctx;
2389	u_char x1_proof, x2_proof, *x4_s_proof;
2390	u_int x1_proof_len, x2_proof_len, x4_s_proof_len;
2391
2392	if (pctx == NULL)
2393	fatal("%s: pctx == NULL", __func__);
2394
2395	if ((pctx->g_x1 = BN_new()) == NULL \|\|
2396	(pctx->g_x2 = BN_new()) == NULL)
2397	fatal("%s: BN_new", __func__);
2398	buffer_get_bignum2(m, pctx->g_x1);
2399	buffer_get_bignum2(m, pctx->g_x2);
2400	pctx->client_id = buffer_get_string(m, &pctx->client_id_len);
2401	x1_proof = buffer_get_string(m, &x1_proof_len);
2402	x2_proof = buffer_get_string(m, &x2_proof_len);
2403
2404	jpake_step2(pctx->grp, pctx->s, pctx->g_x3,
2405	pctx->g_x1, pctx->g_x2, pctx->x4,
2406	pctx->client_id, pctx->client_id_len,
2407	pctx->server_id, pctx->server_id_len,
2408	x1_proof, x1_proof_len,
2409	x2_proof, x2_proof_len,
2410	&pctx->b,
2411	&x4_s_proof, &x4_s_proof_len);
2412
2413	JPAKE_DEBUG_CTX((pctx, "step2 done in %s", __func__));
2414
2415	bzero(x1_proof, x1_proof_len);
2416	bzero(x2_proof, x2_proof_len);
2417	free(x1_proof);
2418	free(x2_proof);
2419
2420	buffer_clear(m);
2421
2422	buffer_put_bignum2(m, pctx->b);
2423	buffer_put_string(m, x4_s_proof, x4_s_proof_len);
2424
2425	debug3("%s: sending step2", __func__);
2426	mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m);
2427
2428	bzero(x4_s_proof, x4_s_proof_len);
2429	free(x4_s_proof);
2430
2431	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1);
2432
2433	return 0;
2434	}
2435
2436	int
2437	mm_answer_jpake_key_confirm(int sock, Buffer *m)
2438	{
2439	struct jpake_ctx *pctx = authctxt->jpake_ctx;
2440	u_char *x2_s_proof;
2441	u_int x2_s_proof_len;
2442
2443	if (pctx == NULL)
2444	fatal("%s: pctx == NULL", __func__);
2445
2446	if ((pctx->a = BN_new()) == NULL)
2447	fatal("%s: BN_new", __func__);
2448	buffer_get_bignum2(m, pctx->a);
2449	x2_s_proof = buffer_get_string(m, &x2_s_proof_len);
2450
2451	jpake_key_confirm(pctx->grp, pctx->s, pctx->a,
2452	pctx->x4, pctx->g_x3, pctx->g_x4, pctx->g_x1, pctx->g_x2,
2453	pctx->server_id, pctx->server_id_len,
2454	pctx->client_id, pctx->client_id_len,
2455	session_id2, session_id2_len,
2456	x2_s_proof, x2_s_proof_len,
2457	&pctx->k,
2458	&pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len);
2459
2460	JPAKE_DEBUG_CTX((pctx, "key_confirm done in %s", __func__));
2461
2462	bzero(x2_s_proof, x2_s_proof_len);
2463	buffer_clear(m);
2464
2465	/* pctx->k is sensitive, not sent */
2466	buffer_put_string(m, pctx->h_k_sid_sessid, pctx->h_k_sid_sessid_len);
2467
2468	debug3("%s: sending confirmation hash", __func__);
2469	mm_request_send(sock, MONITOR_ANS_JPAKE_KEY_CONFIRM, m);
2470
2471	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_CHECK_CONFIRM, 1);
2472
2473	return 0;
2474	}
2475
2476	int
2477	mm_answer_jpake_check_confirm(int sock, Buffer *m)
2478	{
2479	int authenticated = 0;
2480	u_char *peer_confirm_hash;
2481	u_int peer_confirm_hash_len;
2482	struct jpake_ctx *pctx = authctxt->jpake_ctx;
2483
2484	if (pctx == NULL)
2485	fatal("%s: pctx == NULL", __func__);
2486
2487	peer_confirm_hash = buffer_get_string(m, &peer_confirm_hash_len);
2488
2489	authenticated = jpake_check_confirm(pctx->k,
2490	pctx->client_id, pctx->client_id_len,
2491	session_id2, session_id2_len,
2492	peer_confirm_hash, peer_confirm_hash_len) && authctxt->valid;
2493
2494	JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__));
2495
2496	bzero(peer_confirm_hash, peer_confirm_hash_len);
2497	free(peer_confirm_hash);
2498
2499	buffer_clear(m);
2500	buffer_put_int(m, authenticated);
2501
2502	debug3("%s: sending result %d", __func__, authenticated);
2503	mm_request_send(sock, MONITOR_ANS_JPAKE_CHECK_CONFIRM, m);
2504
2505	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 1);
2506
2507	auth_method = "jpake-01@openssh.com";
2508	return authenticated;
2509	}
2510
2511	#endif /* JPAKE */
2512
2513	#ifdef USE_CONSOLEKIT	2288	#ifdef USE_CONSOLEKIT
2514	int	2289	int
2515	mm_answer_consolekit_register(int sock, Buffer *m)	2290	mm_answer_consolekit_register(int sock, Buffer *m)