summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c256
1 files changed, 132 insertions, 124 deletions
diff --git a/monitor.c b/monitor.c
index 037d6d333..5f84e880d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.197 2019/01/21 10:38:54 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -112,51 +112,51 @@ static struct sshbuf *child_state;
112 112
113/* Functions on the monitor that answer unprivileged requests */ 113/* Functions on the monitor that answer unprivileged requests */
114 114
115int mm_answer_moduli(int, struct sshbuf *); 115int mm_answer_moduli(struct ssh *, int, struct sshbuf *);
116int mm_answer_sign(int, struct sshbuf *); 116int mm_answer_sign(struct ssh *, int, struct sshbuf *);
117int mm_answer_pwnamallow(int, struct sshbuf *); 117int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *);
118int mm_answer_auth2_read_banner(int, struct sshbuf *); 118int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *);
119int mm_answer_authserv(int, struct sshbuf *); 119int mm_answer_authserv(struct ssh *, int, struct sshbuf *);
120int mm_answer_authrole(int, struct sshbuf *); 120int mm_answer_authrole(struct ssh *, int, struct sshbuf *);
121int mm_answer_authpassword(int, struct sshbuf *); 121int mm_answer_authpassword(struct ssh *, int, struct sshbuf *);
122int mm_answer_bsdauthquery(int, struct sshbuf *); 122int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *);
123int mm_answer_bsdauthrespond(int, struct sshbuf *); 123int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *);
124int mm_answer_keyallowed(int, struct sshbuf *); 124int mm_answer_skeyquery(struct ssh *, int, struct sshbuf *);
125int mm_answer_keyverify(int, struct sshbuf *); 125int mm_answer_skeyrespond(struct ssh *, int, struct sshbuf *);
126int mm_answer_pty(int, struct sshbuf *); 126int mm_answer_keyallowed(struct ssh *, int, struct sshbuf *);
127int mm_answer_pty_cleanup(int, struct sshbuf *); 127int mm_answer_keyverify(struct ssh *, int, struct sshbuf *);
128int mm_answer_term(int, struct sshbuf *); 128int mm_answer_pty(struct ssh *, int, struct sshbuf *);
129int mm_answer_rsa_keyallowed(int, struct sshbuf *); 129int mm_answer_pty_cleanup(struct ssh *, int, struct sshbuf *);
130int mm_answer_rsa_challenge(int, struct sshbuf *); 130int mm_answer_term(struct ssh *, int, struct sshbuf *);
131int mm_answer_rsa_response(int, struct sshbuf *); 131int mm_answer_rsa_keyallowed(struct ssh *, int, struct sshbuf *);
132int mm_answer_sesskey(int, struct sshbuf *); 132int mm_answer_rsa_challenge(struct ssh *, int, struct sshbuf *);
133int mm_answer_sessid(int, struct sshbuf *); 133int mm_answer_rsa_response(struct ssh *, int, struct sshbuf *);
134int mm_answer_sesskey(struct ssh *, int, struct sshbuf *);
135int mm_answer_sessid(struct ssh *, int, struct sshbuf *);
134 136
135#ifdef USE_PAM 137#ifdef USE_PAM
136int mm_answer_pam_start(int, struct sshbuf *); 138int mm_answer_pam_start(struct ssh *, int, struct sshbuf *);
137int mm_answer_pam_account(int, struct sshbuf *); 139int mm_answer_pam_account(struct ssh *, int, struct sshbuf *);
138int mm_answer_pam_init_ctx(int, struct sshbuf *); 140int mm_answer_pam_init_ctx(struct ssh *, int, struct sshbuf *);
139int mm_answer_pam_query(int, struct sshbuf *); 141int mm_answer_pam_query(struct ssh *, int, struct sshbuf *);
140int mm_answer_pam_respond(int, struct sshbuf *); 142int mm_answer_pam_respond(struct ssh *, int, struct sshbuf *);
141int mm_answer_pam_free_ctx(int, struct sshbuf *); 143int mm_answer_pam_free_ctx(struct ssh *, int, struct sshbuf *);
142#endif 144#endif
143 145
144#ifdef GSSAPI 146#ifdef GSSAPI
145int mm_answer_gss_setup_ctx(int, struct sshbuf *); 147int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *);
146int mm_answer_gss_accept_ctx(int, struct sshbuf *); 148int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *);
147int mm_answer_gss_userok(int, struct sshbuf *); 149int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *);
148int mm_answer_gss_checkmic(int, struct sshbuf *); 150int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *);
149int mm_answer_gss_sign(int, struct sshbuf *); 151int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *);
150int mm_answer_gss_updatecreds(int, struct sshbuf *); 152int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *);
151#endif 153#endif
152 154
153#ifdef SSH_AUDIT_EVENTS 155#ifdef SSH_AUDIT_EVENTS
154int mm_answer_audit_event(int, struct sshbuf *); 156int mm_answer_audit_event(struct ssh *, int, struct sshbuf *);
155int mm_answer_audit_command(int, struct sshbuf *); 157int mm_answer_audit_command(struct ssh *, int, struct sshbuf *);
156#endif 158#endif
157 159
158static int monitor_read_log(struct monitor *);
159
160static Authctxt *authctxt; 160static Authctxt *authctxt;
161 161
162/* local state for key verify */ 162/* local state for key verify */
@@ -175,7 +175,7 @@ static pid_t monitor_child_pid;
175struct mon_table { 175struct mon_table {
176 enum monitor_reqtype type; 176 enum monitor_reqtype type;
177 int flags; 177 int flags;
178 int (*f)(int, struct sshbuf *); 178 int (*f)(struct ssh *, int, struct sshbuf *);
179}; 179};
180 180
181#define MON_ISAUTH 0x0004 /* Required for Authentication */ 181#define MON_ISAUTH 0x0004 /* Required for Authentication */
@@ -187,6 +187,10 @@ struct mon_table {
187 187
188#define MON_PERMIT 0x1000 /* Request is permitted */ 188#define MON_PERMIT 0x1000 /* Request is permitted */
189 189
190static int monitor_read(struct ssh *, struct monitor *, struct mon_table *,
191 struct mon_table **);
192static int monitor_read_log(struct monitor *);
193
190struct mon_table mon_dispatch_proto20[] = { 194struct mon_table mon_dispatch_proto20[] = {
191#ifdef WITH_OPENSSL 195#ifdef WITH_OPENSSL
192 {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, 196 {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli},
@@ -276,9 +280,8 @@ monitor_permit_authentications(int permit)
276} 280}
277 281
278void 282void
279monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) 283monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor)
280{ 284{
281 struct ssh *ssh = active_state; /* XXX */
282 struct mon_table *ent; 285 struct mon_table *ent;
283 int authenticated = 0, partial = 0; 286 int authenticated = 0, partial = 0;
284 287
@@ -290,7 +293,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
290 close(pmonitor->m_log_sendfd); 293 close(pmonitor->m_log_sendfd);
291 pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; 294 pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
292 295
293 authctxt = _authctxt; 296 authctxt = (Authctxt *)ssh->authctxt;
294 memset(authctxt, 0, sizeof(*authctxt)); 297 memset(authctxt, 0, sizeof(*authctxt));
295 ssh->authctxt = authctxt; 298 ssh->authctxt = authctxt;
296 299
@@ -312,7 +315,8 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
312 auth_submethod = NULL; 315 auth_submethod = NULL;
313 auth2_authctxt_reset_info(authctxt); 316 auth2_authctxt_reset_info(authctxt);
314 317
315 authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1); 318 authenticated = (monitor_read(ssh, pmonitor,
319 mon_dispatch, &ent) == 1);
316 320
317 /* Special handling for multiple required authentications */ 321 /* Special handling for multiple required authentications */
318 if (options.num_auth_methods != 0) { 322 if (options.num_auth_methods != 0) {
@@ -344,13 +348,13 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
344 mm_request_receive_expect(pmonitor->m_sendfd, 348 mm_request_receive_expect(pmonitor->m_sendfd,
345 MONITOR_REQ_PAM_ACCOUNT, m); 349 MONITOR_REQ_PAM_ACCOUNT, m);
346 authenticated = mm_answer_pam_account( 350 authenticated = mm_answer_pam_account(
347 pmonitor->m_sendfd, m); 351 ssh, pmonitor->m_sendfd, m);
348 sshbuf_free(m); 352 sshbuf_free(m);
349 } 353 }
350#endif 354#endif
351 } 355 }
352 if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { 356 if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) {
353 auth_log(authctxt, authenticated, partial, 357 auth_log(ssh, authenticated, partial,
354 auth_method, auth_submethod); 358 auth_method, auth_submethod);
355 if (!partial && !authenticated) 359 if (!partial && !authenticated)
356 authctxt->failures++; 360 authctxt->failures++;
@@ -371,7 +375,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
371 ssh->authctxt = NULL; 375 ssh->authctxt = NULL;
372 ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); 376 ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user);
373 377
374 mm_get_keystate(pmonitor); 378 mm_get_keystate(ssh, pmonitor);
375 379
376 /* Drain any buffered messages from the child */ 380 /* Drain any buffered messages from the child */
377 while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) 381 while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
@@ -397,7 +401,7 @@ monitor_child_handler(int sig)
397} 401}
398 402
399void 403void
400monitor_child_postauth(struct monitor *pmonitor) 404monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor)
401{ 405{
402 close(pmonitor->m_recvfd); 406 close(pmonitor->m_recvfd);
403 pmonitor->m_recvfd = -1; 407 pmonitor->m_recvfd = -1;
@@ -419,7 +423,7 @@ monitor_child_postauth(struct monitor *pmonitor)
419#ifdef GSSAPI 423#ifdef GSSAPI
420 /* and for the GSSAPI key exchange */ 424 /* and for the GSSAPI key exchange */
421 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); 425 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
422#endif 426#endif
423 427
424 if (auth_opts->permit_pty_flag) { 428 if (auth_opts->permit_pty_flag) {
425 monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); 429 monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
@@ -427,7 +431,7 @@ monitor_child_postauth(struct monitor *pmonitor)
427 } 431 }
428 432
429 for (;;) 433 for (;;)
430 monitor_read(pmonitor, mon_dispatch, NULL); 434 monitor_read(ssh, pmonitor, mon_dispatch, NULL);
431} 435}
432 436
433static int 437static int
@@ -482,8 +486,8 @@ monitor_read_log(struct monitor *pmonitor)
482 return 0; 486 return 0;
483} 487}
484 488
485int 489static int
486monitor_read(struct monitor *pmonitor, struct mon_table *ent, 490monitor_read(struct ssh *ssh, struct monitor *pmonitor, struct mon_table *ent,
487 struct mon_table **pent) 491 struct mon_table **pent)
488{ 492{
489 struct sshbuf *m; 493 struct sshbuf *m;
@@ -533,7 +537,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
533 if (!(ent->flags & MON_PERMIT)) 537 if (!(ent->flags & MON_PERMIT))
534 fatal("%s: unpermitted request %d", __func__, 538 fatal("%s: unpermitted request %d", __func__,
535 type); 539 type);
536 ret = (*ent->f)(pmonitor->m_sendfd, m); 540 ret = (*ent->f)(ssh, pmonitor->m_sendfd, m);
537 sshbuf_free(m); 541 sshbuf_free(m);
538 542
539 /* The child may use this request only once, disable it */ 543 /* The child may use this request only once, disable it */
@@ -584,7 +588,7 @@ monitor_reset_key_state(void)
584 588
585#ifdef WITH_OPENSSL 589#ifdef WITH_OPENSSL
586int 590int
587mm_answer_moduli(int sock, struct sshbuf *m) 591mm_answer_moduli(struct ssh *ssh, int sock, struct sshbuf *m)
588{ 592{
589 DH *dh; 593 DH *dh;
590 const BIGNUM *dh_p, *dh_g; 594 const BIGNUM *dh_p, *dh_g;
@@ -626,9 +630,8 @@ mm_answer_moduli(int sock, struct sshbuf *m)
626#endif 630#endif
627 631
628int 632int
629mm_answer_sign(int sock, struct sshbuf *m) 633mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m)
630{ 634{
631 struct ssh *ssh = active_state; /* XXX */
632 extern int auth_sock; /* XXX move to state struct? */ 635 extern int auth_sock; /* XXX move to state struct? */
633 struct sshkey *key; 636 struct sshkey *key;
634 struct sshbuf *sigbuf = NULL; 637 struct sshbuf *sigbuf = NULL;
@@ -729,9 +732,8 @@ mm_answer_sign(int sock, struct sshbuf *m)
729/* Retrieves the password entry and also checks if the user is permitted */ 732/* Retrieves the password entry and also checks if the user is permitted */
730 733
731int 734int
732mm_answer_pwnamallow(int sock, struct sshbuf *m) 735mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m)
733{ 736{
734 struct ssh *ssh = active_state; /* XXX */
735 char *username; 737 char *username;
736 struct passwd *pwent; 738 struct passwd *pwent;
737 int r, allowed = 0; 739 int r, allowed = 0;
@@ -745,7 +747,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m)
745 if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0) 747 if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0)
746 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 748 fatal("%s: buffer error: %s", __func__, ssh_err(r));
747 749
748 pwent = getpwnamallow(username); 750 pwent = getpwnamallow(ssh, username);
749 751
750 authctxt->user = xstrdup(username); 752 authctxt->user = xstrdup(username);
751 setproctitle("%s [priv]", pwent ? username : "unknown"); 753 setproctitle("%s [priv]", pwent ? username : "unknown");
@@ -830,7 +832,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m)
830 return (0); 832 return (0);
831} 833}
832 834
833int mm_answer_auth2_read_banner(int sock, struct sshbuf *m) 835int mm_answer_auth2_read_banner(struct ssh *ssh, int sock, struct sshbuf *m)
834{ 836{
835 char *banner; 837 char *banner;
836 int r; 838 int r;
@@ -846,7 +848,7 @@ int mm_answer_auth2_read_banner(int sock, struct sshbuf *m)
846} 848}
847 849
848int 850int
849mm_answer_authserv(int sock, struct sshbuf *m) 851mm_answer_authserv(struct ssh *ssh, int sock, struct sshbuf *m)
850{ 852{
851 int r; 853 int r;
852 854
@@ -873,7 +875,7 @@ mm_answer_authserv(int sock, struct sshbuf *m)
873} 875}
874 876
875int 877int
876mm_answer_authrole(int sock, struct sshbuf *m) 878mm_answer_authrole(struct ssh *ssh, int sock, struct sshbuf *m)
877{ 879{
878 int r; 880 int r;
879 881
@@ -922,9 +924,8 @@ key_base_type_match(const char *method, const struct sshkey *key,
922} 924}
923 925
924int 926int
925mm_answer_authpassword(int sock, struct sshbuf *m) 927mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m)
926{ 928{
927 struct ssh *ssh = active_state; /* XXX */
928 static int call_count; 929 static int call_count;
929 char *passwd; 930 char *passwd;
930 int r, authenticated; 931 int r, authenticated;
@@ -963,7 +964,7 @@ mm_answer_authpassword(int sock, struct sshbuf *m)
963 964
964#ifdef BSD_AUTH 965#ifdef BSD_AUTH
965int 966int
966mm_answer_bsdauthquery(int sock, struct sshbuf *m) 967mm_answer_bsdauthquery(struct ssh *ssh, int sock, struct sshbuf *m)
967{ 968{
968 char *name, *infotxt; 969 char *name, *infotxt;
969 u_int numprompts, *echo_on, success; 970 u_int numprompts, *echo_on, success;
@@ -997,7 +998,7 @@ mm_answer_bsdauthquery(int sock, struct sshbuf *m)
997} 998}
998 999
999int 1000int
1000mm_answer_bsdauthrespond(int sock, struct sshbuf *m) 1001mm_answer_bsdauthrespond(struct ssh *ssh, int sock, struct sshbuf *m)
1001{ 1002{
1002 char *response; 1003 char *response;
1003 int r, authok; 1004 int r, authok;
@@ -1031,12 +1032,12 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
1031 1032
1032#ifdef USE_PAM 1033#ifdef USE_PAM
1033int 1034int
1034mm_answer_pam_start(int sock, struct sshbuf *m) 1035mm_answer_pam_start(struct ssh *ssh, int sock, struct sshbuf *m)
1035{ 1036{
1036 if (!options.use_pam) 1037 if (!options.use_pam)
1037 fatal("UsePAM not set, but ended up in %s anyway", __func__); 1038 fatal("UsePAM not set, but ended up in %s anyway", __func__);
1038 1039
1039 start_pam(authctxt); 1040 start_pam(ssh);
1040 1041
1041 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1); 1042 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1);
1042 if (options.kbd_interactive_authentication) 1043 if (options.kbd_interactive_authentication)
@@ -1046,7 +1047,7 @@ mm_answer_pam_start(int sock, struct sshbuf *m)
1046} 1047}
1047 1048
1048int 1049int
1049mm_answer_pam_account(int sock, struct sshbuf *m) 1050mm_answer_pam_account(struct ssh *ssh, int sock, struct sshbuf *m)
1050{ 1051{
1051 u_int ret; 1052 u_int ret;
1052 int r; 1053 int r;
@@ -1069,7 +1070,7 @@ static void *sshpam_ctxt, *sshpam_authok;
1069extern KbdintDevice sshpam_device; 1070extern KbdintDevice sshpam_device;
1070 1071
1071int 1072int
1072mm_answer_pam_init_ctx(int sock, struct sshbuf *m) 1073mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
1073{ 1074{
1074 u_int ok = 0; 1075 u_int ok = 0;
1075 int r; 1076 int r;
@@ -1094,7 +1095,7 @@ mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
1094} 1095}
1095 1096
1096int 1097int
1097mm_answer_pam_query(int sock, struct sshbuf *m) 1098mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m)
1098{ 1099{
1099 char *name = NULL, *info = NULL, **prompts = NULL; 1100 char *name = NULL, *info = NULL, **prompts = NULL;
1100 u_int i, num = 0, *echo_on = 0; 1101 u_int i, num = 0, *echo_on = 0;
@@ -1135,7 +1136,7 @@ mm_answer_pam_query(int sock, struct sshbuf *m)
1135} 1136}
1136 1137
1137int 1138int
1138mm_answer_pam_respond(int sock, struct sshbuf *m) 1139mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m)
1139{ 1140{
1140 char **resp; 1141 char **resp;
1141 u_int i, num; 1142 u_int i, num;
@@ -1173,7 +1174,7 @@ mm_answer_pam_respond(int sock, struct sshbuf *m)
1173} 1174}
1174 1175
1175int 1176int
1176mm_answer_pam_free_ctx(int sock, struct sshbuf *m) 1177mm_answer_pam_free_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
1177{ 1178{
1178 int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; 1179 int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
1179 1180
@@ -1193,9 +1194,8 @@ mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
1193#endif 1194#endif
1194 1195
1195int 1196int
1196mm_answer_keyallowed(int sock, struct sshbuf *m) 1197mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
1197{ 1198{
1198 struct ssh *ssh = active_state; /* XXX */
1199 struct sshkey *key = NULL; 1199 struct sshkey *key = NULL;
1200 char *cuser, *chost; 1200 char *cuser, *chost;
1201 u_int pubkey_auth_attempt; 1201 u_int pubkey_auth_attempt;
@@ -1241,7 +1241,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
1241 if (!key_base_type_match(auth_method, key, 1241 if (!key_base_type_match(auth_method, key,
1242 options.hostbased_key_types)) 1242 options.hostbased_key_types))
1243 break; 1243 break;
1244 allowed = hostbased_key_allowed(authctxt->pw, 1244 allowed = hostbased_key_allowed(ssh, authctxt->pw,
1245 cuser, chost, key); 1245 cuser, chost, key);
1246 auth2_record_info(authctxt, 1246 auth2_record_info(authctxt,
1247 "client user \"%.100s\", client host \"%.100s\"", 1247 "client user \"%.100s\", client host \"%.100s\"",
@@ -1273,7 +1273,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
1273 hostbased_chost = chost; 1273 hostbased_chost = chost;
1274 } else { 1274 } else {
1275 /* Log failed attempt */ 1275 /* Log failed attempt */
1276 auth_log(authctxt, 0, 0, auth_method, NULL); 1276 auth_log(ssh, 0, 0, auth_method, NULL);
1277 free(cuser); 1277 free(cuser);
1278 free(chost); 1278 free(chost);
1279 } 1279 }
@@ -1430,9 +1430,8 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
1430} 1430}
1431 1431
1432int 1432int
1433mm_answer_keyverify(int sock, struct sshbuf *m) 1433mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
1434{ 1434{
1435 struct ssh *ssh = active_state; /* XXX */
1436 struct sshkey *key; 1435 struct sshkey *key;
1437 u_char *signature, *data, *blob; 1436 u_char *signature, *data, *blob;
1438 char *sigalg; 1437 char *sigalg;
@@ -1477,7 +1476,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
1477 fatal("%s: bad signature data blob", __func__); 1476 fatal("%s: bad signature data blob", __func__);
1478 1477
1479 ret = sshkey_verify(key, signature, signaturelen, data, datalen, 1478 ret = sshkey_verify(key, signature, signaturelen, data, datalen,
1480 sigalg, active_state->compat); 1479 sigalg, ssh->compat);
1481 debug3("%s: %s %p signature %s", __func__, auth_method, key, 1480 debug3("%s: %s %p signature %s", __func__, auth_method, key,
1482 (ret == 0) ? "verified" : "unverified"); 1481 (ret == 0) ? "verified" : "unverified");
1483 auth2_record_key(authctxt, ret == 0, key); 1482 auth2_record_key(authctxt, ret == 0, key);
@@ -1504,9 +1503,8 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
1504} 1503}
1505 1504
1506static void 1505static void
1507mm_record_login(Session *s, struct passwd *pw) 1506mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw)
1508{ 1507{
1509 struct ssh *ssh = active_state; /* XXX */
1510 socklen_t fromlen; 1508 socklen_t fromlen;
1511 struct sockaddr_storage from; 1509 struct sockaddr_storage from;
1512 1510
@@ -1516,8 +1514,8 @@ mm_record_login(Session *s, struct passwd *pw)
1516 */ 1514 */
1517 memset(&from, 0, sizeof(from)); 1515 memset(&from, 0, sizeof(from));
1518 fromlen = sizeof(from); 1516 fromlen = sizeof(from);
1519 if (packet_connection_is_on_socket()) { 1517 if (ssh_packet_connection_is_on_socket(ssh)) {
1520 if (getpeername(packet_get_connection_in(), 1518 if (getpeername(ssh_packet_get_connection_in(ssh),
1521 (struct sockaddr *)&from, &fromlen) < 0) { 1519 (struct sockaddr *)&from, &fromlen) < 0) {
1522 debug("getpeername: %.100s", strerror(errno)); 1520 debug("getpeername: %.100s", strerror(errno));
1523 cleanup_exit(255); 1521 cleanup_exit(255);
@@ -1541,7 +1539,7 @@ mm_session_close(Session *s)
1541} 1539}
1542 1540
1543int 1541int
1544mm_answer_pty(int sock, struct sshbuf *m) 1542mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
1545{ 1543{
1546 extern struct monitor *pmonitor; 1544 extern struct monitor *pmonitor;
1547 Session *s; 1545 Session *s;
@@ -1569,7 +1567,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
1569 if (dup2(s->ttyfd, 0) == -1) 1567 if (dup2(s->ttyfd, 0) == -1)
1570 fatal("%s: dup2", __func__); 1568 fatal("%s: dup2", __func__);
1571 1569
1572 mm_record_login(s, authctxt->pw); 1570 mm_record_login(ssh, s, authctxt->pw);
1573 1571
1574 /* Now we can close the file descriptor again */ 1572 /* Now we can close the file descriptor again */
1575 close(0); 1573 close(0);
@@ -1611,7 +1609,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
1611} 1609}
1612 1610
1613int 1611int
1614mm_answer_pty_cleanup(int sock, struct sshbuf *m) 1612mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m)
1615{ 1613{
1616 Session *s; 1614 Session *s;
1617 char *tty; 1615 char *tty;
@@ -1629,9 +1627,8 @@ mm_answer_pty_cleanup(int sock, struct sshbuf *m)
1629} 1627}
1630 1628
1631int 1629int
1632mm_answer_term(int sock, struct sshbuf *req) 1630mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req)
1633{ 1631{
1634 struct ssh *ssh = active_state; /* XXX */
1635 extern struct monitor *pmonitor; 1632 extern struct monitor *pmonitor;
1636 int res, status; 1633 int res, status;
1637 1634
@@ -1658,7 +1655,7 @@ mm_answer_term(int sock, struct sshbuf *req)
1658#ifdef SSH_AUDIT_EVENTS 1655#ifdef SSH_AUDIT_EVENTS
1659/* Report that an audit event occurred */ 1656/* Report that an audit event occurred */
1660int 1657int
1661mm_answer_audit_event(int socket, struct sshbuf *m) 1658mm_answer_audit_event(struct ssh *ssh, int socket, struct sshbuf *m)
1662{ 1659{
1663 u_int n; 1660 u_int n;
1664 ssh_audit_event_t event; 1661 ssh_audit_event_t event;
@@ -1677,7 +1674,7 @@ mm_answer_audit_event(int socket, struct sshbuf *m)
1677 case SSH_LOGIN_ROOT_DENIED: 1674 case SSH_LOGIN_ROOT_DENIED:
1678 case SSH_CONNECTION_CLOSE: 1675 case SSH_CONNECTION_CLOSE:
1679 case SSH_INVALID_USER: 1676 case SSH_INVALID_USER:
1680 audit_event(event); 1677 audit_event(ssh, event);
1681 break; 1678 break;
1682 default: 1679 default:
1683 fatal("Audit event type %d not permitted", event); 1680 fatal("Audit event type %d not permitted", event);
@@ -1687,7 +1684,7 @@ mm_answer_audit_event(int socket, struct sshbuf *m)
1687} 1684}
1688 1685
1689int 1686int
1690mm_answer_audit_command(int socket, struct sshbuf *m) 1687mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m)
1691{ 1688{
1692 char *cmd; 1689 char *cmd;
1693 int r; 1690 int r;
@@ -1703,10 +1700,8 @@ mm_answer_audit_command(int socket, struct sshbuf *m)
1703#endif /* SSH_AUDIT_EVENTS */ 1700#endif /* SSH_AUDIT_EVENTS */
1704 1701
1705void 1702void
1706monitor_clear_keystate(struct monitor *pmonitor) 1703monitor_clear_keystate(struct ssh *ssh, struct monitor *pmonitor)
1707{ 1704{
1708 struct ssh *ssh = active_state; /* XXX */
1709
1710 ssh_clear_newkeys(ssh, MODE_IN); 1705 ssh_clear_newkeys(ssh, MODE_IN);
1711 ssh_clear_newkeys(ssh, MODE_OUT); 1706 ssh_clear_newkeys(ssh, MODE_OUT);
1712 sshbuf_free(child_state); 1707 sshbuf_free(child_state);
@@ -1714,9 +1709,8 @@ monitor_clear_keystate(struct monitor *pmonitor)
1714} 1709}
1715 1710
1716void 1711void
1717monitor_apply_keystate(struct monitor *pmonitor) 1712monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
1718{ 1713{
1719 struct ssh *ssh = active_state; /* XXX */
1720 struct kex *kex; 1714 struct kex *kex;
1721 int r; 1715 int r;
1722 1716
@@ -1729,25 +1723,30 @@ monitor_apply_keystate(struct monitor *pmonitor)
1729 if ((kex = ssh->kex) != NULL) { 1723 if ((kex = ssh->kex) != NULL) {
1730 /* XXX set callbacks */ 1724 /* XXX set callbacks */
1731#ifdef WITH_OPENSSL 1725#ifdef WITH_OPENSSL
1732 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1726 kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
1733 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; 1727 kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
1734 kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; 1728 kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server;
1735 kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; 1729 kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server;
1736 kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; 1730 kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server;
1737 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; 1731 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1738 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; 1732 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
1739# ifdef OPENSSL_HAS_ECC 1733# ifdef OPENSSL_HAS_ECC
1740 kex->kex[KEX_ECDH_SHA2] = kexecdh_server; 1734 kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
1741# endif 1735# endif
1742#endif /* WITH_OPENSSL */ 1736# ifdef GSSAPI
1743 kex->kex[KEX_C25519_SHA256] = kexc25519_server;
1744#ifdef GSSAPI
1745 if (options.gss_keyex) { 1737 if (options.gss_keyex) {
1746 kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; 1738 kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
1747 kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; 1739 kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
1748 kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; 1740 kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server;
1741 kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server;
1742 kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server;
1743 kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server;
1744 kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server;
1749 } 1745 }
1750#endif 1746# endif
1747#endif /* WITH_OPENSSL */
1748 kex->kex[KEX_C25519_SHA256] = kex_gen_server;
1749 kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
1751 kex->load_host_public_key=&get_hostkey_public_by_type; 1750 kex->load_host_public_key=&get_hostkey_public_by_type;
1752 kex->load_host_private_key=&get_hostkey_private_by_type; 1751 kex->load_host_private_key=&get_hostkey_private_by_type;
1753 kex->host_key_index=&get_hostkey_index; 1752 kex->host_key_index=&get_hostkey_index;
@@ -1758,7 +1757,7 @@ monitor_apply_keystate(struct monitor *pmonitor)
1758/* This function requries careful sanity checking */ 1757/* This function requries careful sanity checking */
1759 1758
1760void 1759void
1761mm_get_keystate(struct monitor *pmonitor) 1760mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor)
1762{ 1761{
1763 debug3("%s: Waiting for new keys", __func__); 1762 debug3("%s: Waiting for new keys", __func__);
1764 1763
@@ -1830,7 +1829,7 @@ monitor_reinit(struct monitor *mon)
1830 1829
1831#ifdef GSSAPI 1830#ifdef GSSAPI
1832int 1831int
1833mm_answer_gss_setup_ctx(int sock, struct sshbuf *m) 1832mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
1834{ 1833{
1835 gss_OID_desc goid; 1834 gss_OID_desc goid;
1836 OM_uint32 major; 1835 OM_uint32 major;
@@ -1863,7 +1862,7 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
1863} 1862}
1864 1863
1865int 1864int
1866mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) 1865mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
1867{ 1866{
1868 gss_buffer_desc in; 1867 gss_buffer_desc in;
1869 gss_buffer_desc out = GSS_C_EMPTY_BUFFER; 1868 gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
@@ -1898,7 +1897,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
1898} 1897}
1899 1898
1900int 1899int
1901mm_answer_gss_checkmic(int sock, struct sshbuf *m) 1900mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
1902{ 1901{
1903 gss_buffer_desc gssbuf, mic; 1902 gss_buffer_desc gssbuf, mic;
1904 OM_uint32 ret; 1903 OM_uint32 ret;
@@ -1929,16 +1928,19 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
1929} 1928}
1930 1929
1931int 1930int
1932mm_answer_gss_userok(int sock, struct sshbuf *m) 1931mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
1933{ 1932{
1934 int r, authenticated; 1933 int r, authenticated, kex;
1935 const char *displayname; 1934 const char *displayname;
1936 1935
1937 if (!options.gss_authentication && !options.gss_keyex) 1936 if (!options.gss_authentication && !options.gss_keyex)
1938 fatal("%s: GSSAPI not enabled", __func__); 1937 fatal("%s: GSSAPI not enabled", __func__);
1939 1938
1940 authenticated = authctxt->valid && 1939 if ((r = sshbuf_get_u32(m, &kex)) != 0)
1941 ssh_gssapi_userok(authctxt->user, authctxt->pw); 1940 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1941
1942 authenticated = authctxt->valid &&
1943 ssh_gssapi_userok(authctxt->user, authctxt->pw, kex);
1942 1944
1943 sshbuf_reset(m); 1945 sshbuf_reset(m);
1944 if ((r = sshbuf_put_u32(m, authenticated)) != 0) 1946 if ((r = sshbuf_put_u32(m, authenticated)) != 0)
@@ -1947,7 +1949,11 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
1947 debug3("%s: sending result %d", __func__, authenticated); 1949 debug3("%s: sending result %d", __func__, authenticated);
1948 mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); 1950 mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
1949 1951
1950 auth_method = "gssapi-with-mic"; 1952 if (kex) {
1953 auth_method = "gssapi-keyex";
1954 } else {
1955 auth_method = "gssapi-with-mic";
1956 }
1951 1957
1952 if ((displayname = ssh_gssapi_displayname()) != NULL) 1958 if ((displayname = ssh_gssapi_displayname()) != NULL)
1953 auth2_record_info(authctxt, "%s", displayname); 1959 auth2_record_info(authctxt, "%s", displayname);
@@ -1956,14 +1962,14 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
1956 return (authenticated); 1962 return (authenticated);
1957} 1963}
1958 1964
1959int 1965int
1960mm_answer_gss_sign(int socket, struct sshbuf *m) 1966mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m)
1961{ 1967{
1962 gss_buffer_desc data; 1968 gss_buffer_desc data;
1963 gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; 1969 gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
1964 OM_uint32 major, minor; 1970 OM_uint32 major, minor;
1965 size_t len; 1971 size_t len;
1966 u_char *p; 1972 u_char *p = NULL;
1967 int r; 1973 int r;
1968 1974
1969 if (!options.gss_authentication && !options.gss_keyex) 1975 if (!options.gss_authentication && !options.gss_keyex)
@@ -1973,8 +1979,9 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
1973 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 1979 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1974 data.value = p; 1980 data.value = p;
1975 data.length = len; 1981 data.length = len;
1976 if (data.length != 20) 1982 /* Lengths of SHA-1, SHA-256 and SHA-512 hashes that are used */
1977 fatal("%s: data length incorrect: %d", __func__, 1983 if (data.length != 20 && data.length != 32 && data.length != 64)
1984 fatal("%s: data length incorrect: %d", __func__,
1978 (int) data.length); 1985 (int) data.length);
1979 1986
1980 /* Save the session ID on the first time around */ 1987 /* Save the session ID on the first time around */
@@ -1988,6 +1995,7 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
1988 free(data.value); 1995 free(data.value);
1989 1996
1990 sshbuf_reset(m); 1997 sshbuf_reset(m);
1998
1991 if ((r = sshbuf_put_u32(m, major)) != 0 || 1999 if ((r = sshbuf_put_u32(m, major)) != 0 ||
1992 (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) 2000 (r = sshbuf_put_string(m, hash.value, hash.length)) != 0)
1993 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 2001 fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -1998,7 +2006,7 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
1998 2006
1999 /* Turn on getpwnam permissions */ 2007 /* Turn on getpwnam permissions */
2000 monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); 2008 monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
2001 2009
2002 /* And credential updating, for when rekeying */ 2010 /* And credential updating, for when rekeying */
2003 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1); 2011 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1);
2004 2012
@@ -2006,16 +2014,16 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
2006} 2014}
2007 2015
2008int 2016int
2009mm_answer_gss_updatecreds(int socket, struct sshbuf *m) { 2017mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) {
2010 ssh_gssapi_ccache store; 2018 ssh_gssapi_ccache store;
2011 int r, ok; 2019 int r, ok;
2012 2020
2013 if (!options.gss_authentication && !options.gss_keyex) 2021 if (!options.gss_authentication && !options.gss_keyex)
2014 fatal("%s: GSSAPI not enabled", __func__); 2022 fatal("%s: GSSAPI not enabled", __func__);
2015 2023
2016 if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 || 2024 if ((r = sshbuf_get_string(m, (u_char **)&store.filename, NULL)) != 0 ||
2017 (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 || 2025 (r = sshbuf_get_string(m, (u_char **)&store.envvar, NULL)) != 0 ||
2018 (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0) 2026 (r = sshbuf_get_string(m, (u_char **)&store.envval, NULL)) != 0)
2019 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 2027 fatal("%s: buffer error: %s", __func__, ssh_err(r));
2020 2028
2021 ok = ssh_gssapi_update_creds(&store); 2029 ok = ssh_gssapi_update_creds(&store);
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-22 05:44:24 +0000