summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c42
1 files changed, 26 insertions, 16 deletions
diff --git a/monitor.c b/monitor.c
index 4ad3f3d21..3d7dcaf86 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
25 */ 25 */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: monitor.c,v 1.29 2002/09/26 11:38:43 markus Exp $"); 28RCSID("$OpenBSD: monitor.c,v 1.34 2003/03/23 19:02:00 markus Exp $");
29 29
30#include <openssl/dh.h> 30#include <openssl/dh.h>
31 31
@@ -634,20 +634,20 @@ mm_answer_bsdauthquery(int socket, Buffer *m)
634 u_int numprompts; 634 u_int numprompts;
635 u_int *echo_on; 635 u_int *echo_on;
636 char **prompts; 636 char **prompts;
637 int res; 637 u_int success;
638 638
639 res = bsdauth_query(authctxt, &name, &infotxt, &numprompts, 639 success = bsdauth_query(authctxt, &name, &infotxt, &numprompts,
640 &prompts, &echo_on); 640 &prompts, &echo_on) < 0 ? 0 : 1;
641 641
642 buffer_clear(m); 642 buffer_clear(m);
643 buffer_put_int(m, res); 643 buffer_put_int(m, success);
644 if (res != -1) 644 if (success)
645 buffer_put_cstring(m, prompts[0]); 645 buffer_put_cstring(m, prompts[0]);
646 646
647 debug3("%s: sending challenge res: %d", __func__, res); 647 debug3("%s: sending challenge success: %u", __func__, success);
648 mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m); 648 mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m);
649 649
650 if (res != -1) { 650 if (success) {
651 xfree(name); 651 xfree(name);
652 xfree(infotxt); 652 xfree(infotxt);
653 xfree(prompts); 653 xfree(prompts);
@@ -691,16 +691,16 @@ mm_answer_skeyquery(int socket, Buffer *m)
691{ 691{
692 struct skey skey; 692 struct skey skey;
693 char challenge[1024]; 693 char challenge[1024];
694 int res; 694 u_int success;
695 695
696 res = skeychallenge(&skey, authctxt->user, challenge); 696 success = skeychallenge(&skey, authctxt->user, challenge) < 0 ? 0 : 1;
697 697
698 buffer_clear(m); 698 buffer_clear(m);
699 buffer_put_int(m, res); 699 buffer_put_int(m, success);
700 if (res != -1) 700 if (success)
701 buffer_put_cstring(m, challenge); 701 buffer_put_cstring(m, challenge);
702 702
703 debug3("%s: sending challenge res: %d", __func__, res); 703 debug3("%s: sending challenge success: %u", __func__, success);
704 mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m); 704 mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m);
705 705
706 return (0); 706 return (0);
@@ -806,8 +806,9 @@ mm_answer_keyallowed(int socket, Buffer *m)
806 fatal("%s: unknown key type %d", __func__, type); 806 fatal("%s: unknown key type %d", __func__, type);
807 break; 807 break;
808 } 808 }
809 key_free(key);
810 } 809 }
810 if (key != NULL)
811 key_free(key);
811 812
812 /* clear temporarily storage (used by verify) */ 813 /* clear temporarily storage (used by verify) */
813 monitor_reset_key_state(); 814 monitor_reset_key_state();
@@ -826,6 +827,7 @@ mm_answer_keyallowed(int socket, Buffer *m)
826 827
827 buffer_clear(m); 828 buffer_clear(m);
828 buffer_put_int(m, allowed); 829 buffer_put_int(m, allowed);
830 buffer_put_int(m, forced_command != NULL);
829 831
830 mm_append_debug(m); 832 mm_append_debug(m);
831 833
@@ -1188,6 +1190,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
1188 } 1190 }
1189 buffer_clear(m); 1191 buffer_clear(m);
1190 buffer_put_int(m, allowed); 1192 buffer_put_int(m, allowed);
1193 buffer_put_int(m, forced_command != NULL);
1191 1194
1192 /* clear temporarily storage (used by generate challenge) */ 1195 /* clear temporarily storage (used by generate challenge) */
1193 monitor_reset_key_state(); 1196 monitor_reset_key_state();
@@ -1202,8 +1205,9 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
1202 key_blob = blob; 1205 key_blob = blob;
1203 key_bloblen = blen; 1206 key_bloblen = blen;
1204 key_blobtype = MM_RSAUSERKEY; 1207 key_blobtype = MM_RSAUSERKEY;
1205 key_free(key);
1206 } 1208 }
1209 if (key != NULL)
1210 key_free(key);
1207 1211
1208 mm_append_debug(m); 1212 mm_append_debug(m);
1209 1213
@@ -1244,6 +1248,9 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
1244 mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m); 1248 mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m);
1245 1249
1246 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); 1250 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
1251
1252 xfree(blob);
1253 key_free(key);
1247 return (0); 1254 return (0);
1248} 1255}
1249 1256
@@ -1274,6 +1281,7 @@ mm_answer_rsa_response(int socket, Buffer *m)
1274 fatal("%s: received bad response to challenge", __func__); 1281 fatal("%s: received bad response to challenge", __func__);
1275 success = auth_rsa_verify_response(key, ssh1_challenge, response); 1282 success = auth_rsa_verify_response(key, ssh1_challenge, response);
1276 1283
1284 xfree(blob);
1277 key_free(key); 1285 key_free(key);
1278 xfree(response); 1286 xfree(response);
1279 1287
@@ -1458,6 +1466,8 @@ mm_get_kex(Buffer *m)
1458 (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) 1466 (memcmp(kex->session_id, session_id2, session_id2_len) != 0))
1459 fatal("mm_get_get: internal error: bad session id"); 1467 fatal("mm_get_get: internal error: bad session id");
1460 kex->we_need = buffer_get_int(m); 1468 kex->we_need = buffer_get_int(m);
1469 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
1470 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1461 kex->server = 1; 1471 kex->server = 1;
1462 kex->hostkey_type = buffer_get_int(m); 1472 kex->hostkey_type = buffer_get_int(m);
1463 kex->kex_type = buffer_get_int(m); 1473 kex->kex_type = buffer_get_int(m);
@@ -1551,7 +1561,7 @@ mm_get_keystate(struct monitor *pmonitor)
1551void * 1561void *
1552mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) 1562mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
1553{ 1563{
1554 size_t len = size * ncount; 1564 size_t len = (size_t) size * ncount;
1555 void *address; 1565 void *address;
1556 1566
1557 if (len == 0 || ncount > SIZE_T_MAX / size) 1567 if (len == 0 || ncount > SIZE_T_MAX / size)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-19 10:46:00 +0000