diff options
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 144 |
1 files changed, 72 insertions, 72 deletions
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: monitor.c,v 1.13 2002/06/04 19:53:40 markus Exp $"); | 28 | RCSID("$OpenBSD: monitor.c,v 1.14 2002/06/04 23:05:49 markus Exp $"); |
29 | 29 | ||
30 | #include <openssl/dh.h> | 30 | #include <openssl/dh.h> |
31 | 31 | ||
@@ -269,7 +269,7 @@ monitor_child_preauth(struct monitor *pmonitor) | |||
269 | if (authenticated) { | 269 | if (authenticated) { |
270 | if (!(ent->flags & MON_AUTHDECIDE)) | 270 | if (!(ent->flags & MON_AUTHDECIDE)) |
271 | fatal("%s: unexpected authentication from %d", | 271 | fatal("%s: unexpected authentication from %d", |
272 | __FUNCTION__, ent->type); | 272 | __func__, ent->type); |
273 | if (authctxt->pw->pw_uid == 0 && | 273 | if (authctxt->pw->pw_uid == 0 && |
274 | !auth_root_allowed(auth_method)) | 274 | !auth_root_allowed(auth_method)) |
275 | authenticated = 0; | 275 | authenticated = 0; |
@@ -288,10 +288,10 @@ monitor_child_preauth(struct monitor *pmonitor) | |||
288 | } | 288 | } |
289 | 289 | ||
290 | if (!authctxt->valid) | 290 | if (!authctxt->valid) |
291 | fatal("%s: authenticated invalid user", __FUNCTION__); | 291 | fatal("%s: authenticated invalid user", __func__); |
292 | 292 | ||
293 | debug("%s: %s has been authenticated by privileged process", | 293 | debug("%s: %s has been authenticated by privileged process", |
294 | __FUNCTION__, authctxt->user); | 294 | __func__, authctxt->user); |
295 | 295 | ||
296 | mm_get_keystate(pmonitor); | 296 | mm_get_keystate(pmonitor); |
297 | 297 | ||
@@ -342,7 +342,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent, | |||
342 | mm_request_receive(pmonitor->m_sendfd, &m); | 342 | mm_request_receive(pmonitor->m_sendfd, &m); |
343 | type = buffer_get_char(&m); | 343 | type = buffer_get_char(&m); |
344 | 344 | ||
345 | debug3("%s: checking request %d", __FUNCTION__, type); | 345 | debug3("%s: checking request %d", __func__, type); |
346 | 346 | ||
347 | while (ent->f != NULL) { | 347 | while (ent->f != NULL) { |
348 | if (ent->type == type) | 348 | if (ent->type == type) |
@@ -352,14 +352,14 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent, | |||
352 | 352 | ||
353 | if (ent->f != NULL) { | 353 | if (ent->f != NULL) { |
354 | if (!(ent->flags & MON_PERMIT)) | 354 | if (!(ent->flags & MON_PERMIT)) |
355 | fatal("%s: unpermitted request %d", __FUNCTION__, | 355 | fatal("%s: unpermitted request %d", __func__, |
356 | type); | 356 | type); |
357 | ret = (*ent->f)(pmonitor->m_sendfd, &m); | 357 | ret = (*ent->f)(pmonitor->m_sendfd, &m); |
358 | buffer_free(&m); | 358 | buffer_free(&m); |
359 | 359 | ||
360 | /* The child may use this request only once, disable it */ | 360 | /* The child may use this request only once, disable it */ |
361 | if (ent->flags & MON_ONCE) { | 361 | if (ent->flags & MON_ONCE) { |
362 | debug2("%s: %d used once, disabling now", __FUNCTION__, | 362 | debug2("%s: %d used once, disabling now", __func__, |
363 | type); | 363 | type); |
364 | ent->flags &= ~MON_PERMIT; | 364 | ent->flags &= ~MON_PERMIT; |
365 | } | 365 | } |
@@ -370,7 +370,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent, | |||
370 | return ret; | 370 | return ret; |
371 | } | 371 | } |
372 | 372 | ||
373 | fatal("%s: unsupported request: %d", __FUNCTION__, type); | 373 | fatal("%s: unsupported request: %d", __func__, type); |
374 | 374 | ||
375 | /* NOTREACHED */ | 375 | /* NOTREACHED */ |
376 | return (-1); | 376 | return (-1); |
@@ -415,11 +415,11 @@ mm_answer_moduli(int socket, Buffer *m) | |||
415 | max = buffer_get_int(m); | 415 | max = buffer_get_int(m); |
416 | 416 | ||
417 | debug3("%s: got parameters: %d %d %d", | 417 | debug3("%s: got parameters: %d %d %d", |
418 | __FUNCTION__, min, want, max); | 418 | __func__, min, want, max); |
419 | /* We need to check here, too, in case the child got corrupted */ | 419 | /* We need to check here, too, in case the child got corrupted */ |
420 | if (max < min || want < min || max < want) | 420 | if (max < min || want < min || max < want) |
421 | fatal("%s: bad parameters: %d %d %d", | 421 | fatal("%s: bad parameters: %d %d %d", |
422 | __FUNCTION__, min, want, max); | 422 | __func__, min, want, max); |
423 | 423 | ||
424 | buffer_clear(m); | 424 | buffer_clear(m); |
425 | 425 | ||
@@ -448,13 +448,13 @@ mm_answer_sign(int socket, Buffer *m) | |||
448 | u_int siglen, datlen; | 448 | u_int siglen, datlen; |
449 | int keyid; | 449 | int keyid; |
450 | 450 | ||
451 | debug3("%s", __FUNCTION__); | 451 | debug3("%s", __func__); |
452 | 452 | ||
453 | keyid = buffer_get_int(m); | 453 | keyid = buffer_get_int(m); |
454 | p = buffer_get_string(m, &datlen); | 454 | p = buffer_get_string(m, &datlen); |
455 | 455 | ||
456 | if (datlen != 20) | 456 | if (datlen != 20) |
457 | fatal("%s: data length incorrect: %d", __FUNCTION__, datlen); | 457 | fatal("%s: data length incorrect: %d", __func__, datlen); |
458 | 458 | ||
459 | /* save session id, it will be passed on the first call */ | 459 | /* save session id, it will be passed on the first call */ |
460 | if (session_id2_len == 0) { | 460 | if (session_id2_len == 0) { |
@@ -464,11 +464,11 @@ mm_answer_sign(int socket, Buffer *m) | |||
464 | } | 464 | } |
465 | 465 | ||
466 | if ((key = get_hostkey_by_index(keyid)) == NULL) | 466 | if ((key = get_hostkey_by_index(keyid)) == NULL) |
467 | fatal("%s: no hostkey from index %d", __FUNCTION__, keyid); | 467 | fatal("%s: no hostkey from index %d", __func__, keyid); |
468 | if (key_sign(key, &signature, &siglen, p, datlen) < 0) | 468 | if (key_sign(key, &signature, &siglen, p, datlen) < 0) |
469 | fatal("%s: key_sign failed", __FUNCTION__); | 469 | fatal("%s: key_sign failed", __func__); |
470 | 470 | ||
471 | debug3("%s: signature %p(%d)", __FUNCTION__, signature, siglen); | 471 | debug3("%s: signature %p(%d)", __func__, signature, siglen); |
472 | 472 | ||
473 | buffer_clear(m); | 473 | buffer_clear(m); |
474 | buffer_put_string(m, signature, siglen); | 474 | buffer_put_string(m, signature, siglen); |
@@ -493,10 +493,10 @@ mm_answer_pwnamallow(int socket, Buffer *m) | |||
493 | struct passwd *pwent; | 493 | struct passwd *pwent; |
494 | int allowed = 0; | 494 | int allowed = 0; |
495 | 495 | ||
496 | debug3("%s", __FUNCTION__); | 496 | debug3("%s", __func__); |
497 | 497 | ||
498 | if (authctxt->attempt++ != 0) | 498 | if (authctxt->attempt++ != 0) |
499 | fatal("%s: multiple attempts for getpwnam", __FUNCTION__); | 499 | fatal("%s: multiple attempts for getpwnam", __func__); |
500 | 500 | ||
501 | login = buffer_get_string(m, NULL); | 501 | login = buffer_get_string(m, NULL); |
502 | 502 | ||
@@ -529,7 +529,7 @@ mm_answer_pwnamallow(int socket, Buffer *m) | |||
529 | buffer_put_cstring(m, pwent->pw_shell); | 529 | buffer_put_cstring(m, pwent->pw_shell); |
530 | 530 | ||
531 | out: | 531 | out: |
532 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __FUNCTION__, allowed); | 532 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); |
533 | mm_request_send(socket, MONITOR_ANS_PWNAM, m); | 533 | mm_request_send(socket, MONITOR_ANS_PWNAM, m); |
534 | 534 | ||
535 | /* For SSHv1 allow authentication now */ | 535 | /* For SSHv1 allow authentication now */ |
@@ -571,7 +571,7 @@ mm_answer_authserv(int socket, Buffer *m) | |||
571 | authctxt->service = buffer_get_string(m, NULL); | 571 | authctxt->service = buffer_get_string(m, NULL); |
572 | authctxt->style = buffer_get_string(m, NULL); | 572 | authctxt->style = buffer_get_string(m, NULL); |
573 | debug3("%s: service=%s, style=%s", | 573 | debug3("%s: service=%s, style=%s", |
574 | __FUNCTION__, authctxt->service, authctxt->style); | 574 | __func__, authctxt->service, authctxt->style); |
575 | 575 | ||
576 | if (strlen(authctxt->style) == 0) { | 576 | if (strlen(authctxt->style) == 0) { |
577 | xfree(authctxt->style); | 577 | xfree(authctxt->style); |
@@ -598,7 +598,7 @@ mm_answer_authpassword(int socket, Buffer *m) | |||
598 | buffer_clear(m); | 598 | buffer_clear(m); |
599 | buffer_put_int(m, authenticated); | 599 | buffer_put_int(m, authenticated); |
600 | 600 | ||
601 | debug3("%s: sending result %d", __FUNCTION__, authenticated); | 601 | debug3("%s: sending result %d", __func__, authenticated); |
602 | mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m); | 602 | mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m); |
603 | 603 | ||
604 | call_count++; | 604 | call_count++; |
@@ -629,7 +629,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m) | |||
629 | if (res != -1) | 629 | if (res != -1) |
630 | buffer_put_cstring(m, prompts[0]); | 630 | buffer_put_cstring(m, prompts[0]); |
631 | 631 | ||
632 | debug3("%s: sending challenge res: %d", __FUNCTION__, res); | 632 | debug3("%s: sending challenge res: %d", __func__, res); |
633 | mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m); | 633 | mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m); |
634 | 634 | ||
635 | if (res != -1) { | 635 | if (res != -1) { |
@@ -649,19 +649,19 @@ mm_answer_bsdauthrespond(int socket, Buffer *m) | |||
649 | int authok; | 649 | int authok; |
650 | 650 | ||
651 | if (authctxt->as == 0) | 651 | if (authctxt->as == 0) |
652 | fatal("%s: no bsd auth session", __FUNCTION__); | 652 | fatal("%s: no bsd auth session", __func__); |
653 | 653 | ||
654 | response = buffer_get_string(m, NULL); | 654 | response = buffer_get_string(m, NULL); |
655 | authok = options.challenge_response_authentication && | 655 | authok = options.challenge_response_authentication && |
656 | auth_userresponse(authctxt->as, response, 0); | 656 | auth_userresponse(authctxt->as, response, 0); |
657 | authctxt->as = NULL; | 657 | authctxt->as = NULL; |
658 | debug3("%s: <%s> = <%d>", __FUNCTION__, response, authok); | 658 | debug3("%s: <%s> = <%d>", __func__, response, authok); |
659 | xfree(response); | 659 | xfree(response); |
660 | 660 | ||
661 | buffer_clear(m); | 661 | buffer_clear(m); |
662 | buffer_put_int(m, authok); | 662 | buffer_put_int(m, authok); |
663 | 663 | ||
664 | debug3("%s: sending authenticated: %d", __FUNCTION__, authok); | 664 | debug3("%s: sending authenticated: %d", __func__, authok); |
665 | mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m); | 665 | mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m); |
666 | 666 | ||
667 | auth_method = "bsdauth"; | 667 | auth_method = "bsdauth"; |
@@ -685,7 +685,7 @@ mm_answer_skeyquery(int socket, Buffer *m) | |||
685 | if (res != -1) | 685 | if (res != -1) |
686 | buffer_put_cstring(m, challenge); | 686 | buffer_put_cstring(m, challenge); |
687 | 687 | ||
688 | debug3("%s: sending challenge res: %d", __FUNCTION__, res); | 688 | debug3("%s: sending challenge res: %d", __func__, res); |
689 | mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m); | 689 | mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m); |
690 | 690 | ||
691 | return (0); | 691 | return (0); |
@@ -709,7 +709,7 @@ mm_answer_skeyrespond(int socket, Buffer *m) | |||
709 | buffer_clear(m); | 709 | buffer_clear(m); |
710 | buffer_put_int(m, authok); | 710 | buffer_put_int(m, authok); |
711 | 711 | ||
712 | debug3("%s: sending authenticated: %d", __FUNCTION__, authok); | 712 | debug3("%s: sending authenticated: %d", __func__, authok); |
713 | mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m); | 713 | mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m); |
714 | 714 | ||
715 | auth_method = "skey"; | 715 | auth_method = "skey"; |
@@ -738,7 +738,7 @@ static void | |||
738 | mm_append_debug(Buffer *m) | 738 | mm_append_debug(Buffer *m) |
739 | { | 739 | { |
740 | if (auth_debug_init && buffer_len(&auth_debug)) { | 740 | if (auth_debug_init && buffer_len(&auth_debug)) { |
741 | debug3("%s: Appending debug messages for child", __FUNCTION__); | 741 | debug3("%s: Appending debug messages for child", __func__); |
742 | buffer_append(m, buffer_ptr(&auth_debug), | 742 | buffer_append(m, buffer_ptr(&auth_debug), |
743 | buffer_len(&auth_debug)); | 743 | buffer_len(&auth_debug)); |
744 | buffer_clear(&auth_debug); | 744 | buffer_clear(&auth_debug); |
@@ -754,7 +754,7 @@ mm_answer_keyallowed(int socket, Buffer *m) | |||
754 | enum mm_keytype type = 0; | 754 | enum mm_keytype type = 0; |
755 | int allowed = 0; | 755 | int allowed = 0; |
756 | 756 | ||
757 | debug3("%s entering", __FUNCTION__); | 757 | debug3("%s entering", __func__); |
758 | 758 | ||
759 | type = buffer_get_int(m); | 759 | type = buffer_get_int(m); |
760 | cuser = buffer_get_string(m, NULL); | 760 | cuser = buffer_get_string(m, NULL); |
@@ -765,9 +765,9 @@ mm_answer_keyallowed(int socket, Buffer *m) | |||
765 | 765 | ||
766 | if ((compat20 && type == MM_RSAHOSTKEY) || | 766 | if ((compat20 && type == MM_RSAHOSTKEY) || |
767 | (!compat20 && type != MM_RSAHOSTKEY)) | 767 | (!compat20 && type != MM_RSAHOSTKEY)) |
768 | fatal("%s: key type and protocol mismatch", __FUNCTION__); | 768 | fatal("%s: key type and protocol mismatch", __func__); |
769 | 769 | ||
770 | debug3("%s: key_from_blob: %p", __FUNCTION__, key); | 770 | debug3("%s: key_from_blob: %p", __func__, key); |
771 | 771 | ||
772 | if (key != NULL && authctxt->pw != NULL) { | 772 | if (key != NULL && authctxt->pw != NULL) { |
773 | switch(type) { | 773 | switch(type) { |
@@ -787,7 +787,7 @@ mm_answer_keyallowed(int socket, Buffer *m) | |||
787 | cuser, chost, key); | 787 | cuser, chost, key); |
788 | break; | 788 | break; |
789 | default: | 789 | default: |
790 | fatal("%s: unknown key type %d", __FUNCTION__, type); | 790 | fatal("%s: unknown key type %d", __func__, type); |
791 | break; | 791 | break; |
792 | } | 792 | } |
793 | key_free(key); | 793 | key_free(key); |
@@ -806,7 +806,7 @@ mm_answer_keyallowed(int socket, Buffer *m) | |||
806 | } | 806 | } |
807 | 807 | ||
808 | debug3("%s: key %p is %s", | 808 | debug3("%s: key %p is %s", |
809 | __FUNCTION__, key, allowed ? "allowed" : "disallowed"); | 809 | __func__, key, allowed ? "allowed" : "disallowed"); |
810 | 810 | ||
811 | buffer_clear(m); | 811 | buffer_clear(m); |
812 | buffer_put_int(m, allowed); | 812 | buffer_put_int(m, allowed); |
@@ -948,11 +948,11 @@ mm_answer_keyverify(int socket, Buffer *m) | |||
948 | 948 | ||
949 | if (hostbased_cuser == NULL || hostbased_chost == NULL || | 949 | if (hostbased_cuser == NULL || hostbased_chost == NULL || |
950 | !monitor_allowed_key(blob, bloblen)) | 950 | !monitor_allowed_key(blob, bloblen)) |
951 | fatal("%s: bad key, not previously allowed", __FUNCTION__); | 951 | fatal("%s: bad key, not previously allowed", __func__); |
952 | 952 | ||
953 | key = key_from_blob(blob, bloblen); | 953 | key = key_from_blob(blob, bloblen); |
954 | if (key == NULL) | 954 | if (key == NULL) |
955 | fatal("%s: bad public key blob", __FUNCTION__); | 955 | fatal("%s: bad public key blob", __func__); |
956 | 956 | ||
957 | switch (key_blobtype) { | 957 | switch (key_blobtype) { |
958 | case MM_USERKEY: | 958 | case MM_USERKEY: |
@@ -967,11 +967,11 @@ mm_answer_keyverify(int socket, Buffer *m) | |||
967 | break; | 967 | break; |
968 | } | 968 | } |
969 | if (!valid_data) | 969 | if (!valid_data) |
970 | fatal("%s: bad signature data blob", __FUNCTION__); | 970 | fatal("%s: bad signature data blob", __func__); |
971 | 971 | ||
972 | verified = key_verify(key, signature, signaturelen, data, datalen); | 972 | verified = key_verify(key, signature, signaturelen, data, datalen); |
973 | debug3("%s: key %p signature %s", | 973 | debug3("%s: key %p signature %s", |
974 | __FUNCTION__, key, verified ? "verified" : "unverified"); | 974 | __func__, key, verified ? "verified" : "unverified"); |
975 | 975 | ||
976 | key_free(key); | 976 | key_free(key); |
977 | xfree(blob); | 977 | xfree(blob); |
@@ -1017,9 +1017,9 @@ mm_record_login(Session *s, struct passwd *pw) | |||
1017 | static void | 1017 | static void |
1018 | mm_session_close(Session *s) | 1018 | mm_session_close(Session *s) |
1019 | { | 1019 | { |
1020 | debug3("%s: session %d pid %d", __FUNCTION__, s->self, s->pid); | 1020 | debug3("%s: session %d pid %d", __func__, s->self, s->pid); |
1021 | if (s->ttyfd != -1) { | 1021 | if (s->ttyfd != -1) { |
1022 | debug3("%s: tty %s ptyfd %d", __FUNCTION__, s->tty, s->ptyfd); | 1022 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); |
1023 | fatal_remove_cleanup(session_pty_cleanup2, (void *)s); | 1023 | fatal_remove_cleanup(session_pty_cleanup2, (void *)s); |
1024 | session_pty_cleanup2(s); | 1024 | session_pty_cleanup2(s); |
1025 | } | 1025 | } |
@@ -1033,7 +1033,7 @@ mm_answer_pty(int socket, Buffer *m) | |||
1033 | Session *s; | 1033 | Session *s; |
1034 | int res, fd0; | 1034 | int res, fd0; |
1035 | 1035 | ||
1036 | debug3("%s entering", __FUNCTION__); | 1036 | debug3("%s entering", __func__); |
1037 | 1037 | ||
1038 | buffer_clear(m); | 1038 | buffer_clear(m); |
1039 | s = session_new(); | 1039 | s = session_new(); |
@@ -1057,7 +1057,7 @@ mm_answer_pty(int socket, Buffer *m) | |||
1057 | 1057 | ||
1058 | /* We need to trick ttyslot */ | 1058 | /* We need to trick ttyslot */ |
1059 | if (dup2(s->ttyfd, 0) == -1) | 1059 | if (dup2(s->ttyfd, 0) == -1) |
1060 | fatal("%s: dup2", __FUNCTION__); | 1060 | fatal("%s: dup2", __func__); |
1061 | 1061 | ||
1062 | mm_record_login(s, authctxt->pw); | 1062 | mm_record_login(s, authctxt->pw); |
1063 | 1063 | ||
@@ -1066,9 +1066,9 @@ mm_answer_pty(int socket, Buffer *m) | |||
1066 | 1066 | ||
1067 | /* make sure nothing uses fd 0 */ | 1067 | /* make sure nothing uses fd 0 */ |
1068 | if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) | 1068 | if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) |
1069 | fatal("%s: open(/dev/null): %s", __FUNCTION__, strerror(errno)); | 1069 | fatal("%s: open(/dev/null): %s", __func__, strerror(errno)); |
1070 | if (fd0 != 0) | 1070 | if (fd0 != 0) |
1071 | error("%s: fd0 %d != 0", __FUNCTION__, fd0); | 1071 | error("%s: fd0 %d != 0", __func__, fd0); |
1072 | 1072 | ||
1073 | /* slave is not needed */ | 1073 | /* slave is not needed */ |
1074 | close(s->ttyfd); | 1074 | close(s->ttyfd); |
@@ -1076,7 +1076,7 @@ mm_answer_pty(int socket, Buffer *m) | |||
1076 | /* no need to dup() because nobody closes ptyfd */ | 1076 | /* no need to dup() because nobody closes ptyfd */ |
1077 | s->ptymaster = s->ptyfd; | 1077 | s->ptymaster = s->ptyfd; |
1078 | 1078 | ||
1079 | debug3("%s: tty %s ptyfd %d", __FUNCTION__, s->tty, s->ttyfd); | 1079 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd); |
1080 | 1080 | ||
1081 | return (0); | 1081 | return (0); |
1082 | 1082 | ||
@@ -1094,7 +1094,7 @@ mm_answer_pty_cleanup(int socket, Buffer *m) | |||
1094 | Session *s; | 1094 | Session *s; |
1095 | char *tty; | 1095 | char *tty; |
1096 | 1096 | ||
1097 | debug3("%s entering", __FUNCTION__); | 1097 | debug3("%s entering", __func__); |
1098 | 1098 | ||
1099 | tty = buffer_get_string(m, NULL); | 1099 | tty = buffer_get_string(m, NULL); |
1100 | if ((s = session_by_tty(tty)) != NULL) | 1100 | if ((s = session_by_tty(tty)) != NULL) |
@@ -1114,7 +1114,7 @@ mm_answer_sesskey(int socket, Buffer *m) | |||
1114 | monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); | 1114 | monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); |
1115 | 1115 | ||
1116 | if ((p = BN_new()) == NULL) | 1116 | if ((p = BN_new()) == NULL) |
1117 | fatal("%s: BN_new", __FUNCTION__); | 1117 | fatal("%s: BN_new", __func__); |
1118 | 1118 | ||
1119 | buffer_get_bignum2(m, p); | 1119 | buffer_get_bignum2(m, p); |
1120 | 1120 | ||
@@ -1139,10 +1139,10 @@ mm_answer_sessid(int socket, Buffer *m) | |||
1139 | { | 1139 | { |
1140 | int i; | 1140 | int i; |
1141 | 1141 | ||
1142 | debug3("%s entering", __FUNCTION__); | 1142 | debug3("%s entering", __func__); |
1143 | 1143 | ||
1144 | if (buffer_len(m) != 16) | 1144 | if (buffer_len(m) != 16) |
1145 | fatal("%s: bad ssh1 session id", __FUNCTION__); | 1145 | fatal("%s: bad ssh1 session id", __func__); |
1146 | for (i = 0; i < 16; i++) | 1146 | for (i = 0; i < 16; i++) |
1147 | session_id[i] = buffer_get_char(m); | 1147 | session_id[i] = buffer_get_char(m); |
1148 | 1148 | ||
@@ -1161,11 +1161,11 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m) | |||
1161 | u_int blen = 0; | 1161 | u_int blen = 0; |
1162 | int allowed = 0; | 1162 | int allowed = 0; |
1163 | 1163 | ||
1164 | debug3("%s entering", __FUNCTION__); | 1164 | debug3("%s entering", __func__); |
1165 | 1165 | ||
1166 | if (options.rsa_authentication && authctxt->valid) { | 1166 | if (options.rsa_authentication && authctxt->valid) { |
1167 | if ((client_n = BN_new()) == NULL) | 1167 | if ((client_n = BN_new()) == NULL) |
1168 | fatal("%s: BN_new", __FUNCTION__); | 1168 | fatal("%s: BN_new", __func__); |
1169 | buffer_get_bignum2(m, client_n); | 1169 | buffer_get_bignum2(m, client_n); |
1170 | allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key); | 1170 | allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key); |
1171 | BN_clear_free(client_n); | 1171 | BN_clear_free(client_n); |
@@ -1179,7 +1179,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m) | |||
1179 | if (allowed && key != NULL) { | 1179 | if (allowed && key != NULL) { |
1180 | key->type = KEY_RSA; /* cheat for key_to_blob */ | 1180 | key->type = KEY_RSA; /* cheat for key_to_blob */ |
1181 | if (key_to_blob(key, &blob, &blen) == 0) | 1181 | if (key_to_blob(key, &blob, &blen) == 0) |
1182 | fatal("%s: key_to_blob failed", __FUNCTION__); | 1182 | fatal("%s: key_to_blob failed", __func__); |
1183 | buffer_put_string(m, blob, blen); | 1183 | buffer_put_string(m, blob, blen); |
1184 | 1184 | ||
1185 | /* Save temporarily for comparison in verify */ | 1185 | /* Save temporarily for comparison in verify */ |
@@ -1205,17 +1205,17 @@ mm_answer_rsa_challenge(int socket, Buffer *m) | |||
1205 | u_char *blob; | 1205 | u_char *blob; |
1206 | u_int blen; | 1206 | u_int blen; |
1207 | 1207 | ||
1208 | debug3("%s entering", __FUNCTION__); | 1208 | debug3("%s entering", __func__); |
1209 | 1209 | ||
1210 | if (!authctxt->valid) | 1210 | if (!authctxt->valid) |
1211 | fatal("%s: authctxt not valid", __FUNCTION__); | 1211 | fatal("%s: authctxt not valid", __func__); |
1212 | blob = buffer_get_string(m, &blen); | 1212 | blob = buffer_get_string(m, &blen); |
1213 | if (!monitor_allowed_key(blob, blen)) | 1213 | if (!monitor_allowed_key(blob, blen)) |
1214 | fatal("%s: bad key, not previously allowed", __FUNCTION__); | 1214 | fatal("%s: bad key, not previously allowed", __func__); |
1215 | if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) | 1215 | if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) |
1216 | fatal("%s: key type mismatch", __FUNCTION__); | 1216 | fatal("%s: key type mismatch", __func__); |
1217 | if ((key = key_from_blob(blob, blen)) == NULL) | 1217 | if ((key = key_from_blob(blob, blen)) == NULL) |
1218 | fatal("%s: received bad key", __FUNCTION__); | 1218 | fatal("%s: received bad key", __func__); |
1219 | 1219 | ||
1220 | if (ssh1_challenge) | 1220 | if (ssh1_challenge) |
1221 | BN_clear_free(ssh1_challenge); | 1221 | BN_clear_free(ssh1_challenge); |
@@ -1224,7 +1224,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m) | |||
1224 | buffer_clear(m); | 1224 | buffer_clear(m); |
1225 | buffer_put_bignum2(m, ssh1_challenge); | 1225 | buffer_put_bignum2(m, ssh1_challenge); |
1226 | 1226 | ||
1227 | debug3("%s sending reply", __FUNCTION__); | 1227 | debug3("%s sending reply", __func__); |
1228 | mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m); | 1228 | mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m); |
1229 | 1229 | ||
1230 | monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); | 1230 | monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); |
@@ -1239,23 +1239,23 @@ mm_answer_rsa_response(int socket, Buffer *m) | |||
1239 | u_int blen, len; | 1239 | u_int blen, len; |
1240 | int success; | 1240 | int success; |
1241 | 1241 | ||
1242 | debug3("%s entering", __FUNCTION__); | 1242 | debug3("%s entering", __func__); |
1243 | 1243 | ||
1244 | if (!authctxt->valid) | 1244 | if (!authctxt->valid) |
1245 | fatal("%s: authctxt not valid", __FUNCTION__); | 1245 | fatal("%s: authctxt not valid", __func__); |
1246 | if (ssh1_challenge == NULL) | 1246 | if (ssh1_challenge == NULL) |
1247 | fatal("%s: no ssh1_challenge", __FUNCTION__); | 1247 | fatal("%s: no ssh1_challenge", __func__); |
1248 | 1248 | ||
1249 | blob = buffer_get_string(m, &blen); | 1249 | blob = buffer_get_string(m, &blen); |
1250 | if (!monitor_allowed_key(blob, blen)) | 1250 | if (!monitor_allowed_key(blob, blen)) |
1251 | fatal("%s: bad key, not previously allowed", __FUNCTION__); | 1251 | fatal("%s: bad key, not previously allowed", __func__); |
1252 | if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) | 1252 | if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) |
1253 | fatal("%s: key type mismatch: %d", __FUNCTION__, key_blobtype); | 1253 | fatal("%s: key type mismatch: %d", __func__, key_blobtype); |
1254 | if ((key = key_from_blob(blob, blen)) == NULL) | 1254 | if ((key = key_from_blob(blob, blen)) == NULL) |
1255 | fatal("%s: received bad key", __FUNCTION__); | 1255 | fatal("%s: received bad key", __func__); |
1256 | response = buffer_get_string(m, &len); | 1256 | response = buffer_get_string(m, &len); |
1257 | if (len != 16) | 1257 | if (len != 16) |
1258 | fatal("%s: received bad response to challenge", __FUNCTION__); | 1258 | fatal("%s: received bad response to challenge", __func__); |
1259 | success = auth_rsa_verify_response(key, ssh1_challenge, response); | 1259 | success = auth_rsa_verify_response(key, ssh1_challenge, response); |
1260 | 1260 | ||
1261 | key_free(key); | 1261 | key_free(key); |
@@ -1281,7 +1281,7 @@ mm_answer_term(int socket, Buffer *req) | |||
1281 | extern struct monitor *pmonitor; | 1281 | extern struct monitor *pmonitor; |
1282 | int res, status; | 1282 | int res, status; |
1283 | 1283 | ||
1284 | debug3("%s: tearing down sessions", __FUNCTION__); | 1284 | debug3("%s: tearing down sessions", __func__); |
1285 | 1285 | ||
1286 | /* The child is terminating */ | 1286 | /* The child is terminating */ |
1287 | session_destroy_all(&mm_session_close); | 1287 | session_destroy_all(&mm_session_close); |
@@ -1389,7 +1389,7 @@ mm_get_keystate(struct monitor *pmonitor) | |||
1389 | u_char *blob, *p; | 1389 | u_char *blob, *p; |
1390 | u_int bloblen, plen; | 1390 | u_int bloblen, plen; |
1391 | 1391 | ||
1392 | debug3("%s: Waiting for new keys", __FUNCTION__); | 1392 | debug3("%s: Waiting for new keys", __func__); |
1393 | 1393 | ||
1394 | buffer_init(&m); | 1394 | buffer_init(&m); |
1395 | mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, &m); | 1395 | mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, &m); |
@@ -1409,7 +1409,7 @@ mm_get_keystate(struct monitor *pmonitor) | |||
1409 | current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); | 1409 | current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); |
1410 | xfree(blob); | 1410 | xfree(blob); |
1411 | 1411 | ||
1412 | debug3("%s: Waiting for second key", __FUNCTION__); | 1412 | debug3("%s: Waiting for second key", __func__); |
1413 | blob = buffer_get_string(&m, &bloblen); | 1413 | blob = buffer_get_string(&m, &bloblen); |
1414 | current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen); | 1414 | current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen); |
1415 | xfree(blob); | 1415 | xfree(blob); |
@@ -1423,22 +1423,22 @@ mm_get_keystate(struct monitor *pmonitor) | |||
1423 | child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen); | 1423 | child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen); |
1424 | child_state.keyin = buffer_get_string(&m, &child_state.keyinlen); | 1424 | child_state.keyin = buffer_get_string(&m, &child_state.keyinlen); |
1425 | 1425 | ||
1426 | debug3("%s: Getting compression state", __FUNCTION__); | 1426 | debug3("%s: Getting compression state", __func__); |
1427 | /* Get compression state */ | 1427 | /* Get compression state */ |
1428 | p = buffer_get_string(&m, &plen); | 1428 | p = buffer_get_string(&m, &plen); |
1429 | if (plen != sizeof(child_state.outgoing)) | 1429 | if (plen != sizeof(child_state.outgoing)) |
1430 | fatal("%s: bad request size", __FUNCTION__); | 1430 | fatal("%s: bad request size", __func__); |
1431 | memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); | 1431 | memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); |
1432 | xfree(p); | 1432 | xfree(p); |
1433 | 1433 | ||
1434 | p = buffer_get_string(&m, &plen); | 1434 | p = buffer_get_string(&m, &plen); |
1435 | if (plen != sizeof(child_state.incoming)) | 1435 | if (plen != sizeof(child_state.incoming)) |
1436 | fatal("%s: bad request size", __FUNCTION__); | 1436 | fatal("%s: bad request size", __func__); |
1437 | memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); | 1437 | memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); |
1438 | xfree(p); | 1438 | xfree(p); |
1439 | 1439 | ||
1440 | /* Network I/O buffers */ | 1440 | /* Network I/O buffers */ |
1441 | debug3("%s: Getting Network I/O buffers", __FUNCTION__); | 1441 | debug3("%s: Getting Network I/O buffers", __func__); |
1442 | child_state.input = buffer_get_string(&m, &child_state.ilen); | 1442 | child_state.input = buffer_get_string(&m, &child_state.ilen); |
1443 | child_state.output = buffer_get_string(&m, &child_state.olen); | 1443 | child_state.output = buffer_get_string(&m, &child_state.olen); |
1444 | 1444 | ||
@@ -1487,10 +1487,10 @@ monitor_socketpair(int *pair) | |||
1487 | { | 1487 | { |
1488 | #ifdef HAVE_SOCKETPAIR | 1488 | #ifdef HAVE_SOCKETPAIR |
1489 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) | 1489 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) |
1490 | fatal("%s: socketpair", __FUNCTION__); | 1490 | fatal("%s: socketpair", __func__); |
1491 | #else | 1491 | #else |
1492 | fatal("%s: UsePrivilegeSeparation=yes not supported", | 1492 | fatal("%s: UsePrivilegeSeparation=yes not supported", |
1493 | __FUNCTION__); | 1493 | __func__); |
1494 | #endif | 1494 | #endif |
1495 | FD_CLOSEONEXEC(pair[0]); | 1495 | FD_CLOSEONEXEC(pair[0]); |
1496 | FD_CLOSEONEXEC(pair[1]); | 1496 | FD_CLOSEONEXEC(pair[1]); |