summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c156
1 files changed, 81 insertions, 75 deletions
diff --git a/monitor.c b/monitor.c
index 9c30c1c39..b7463400e 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
25 */ 25 */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: monitor.c,v 1.55 2004/02/05 05:37:17 dtucker Exp $"); 28RCSID("$OpenBSD: monitor.c,v 1.61 2004/07/17 05:31:41 dtucker Exp $");
29 29
30#include <openssl/dh.h> 30#include <openssl/dh.h>
31 31
@@ -63,7 +63,6 @@ RCSID("$OpenBSD: monitor.c,v 1.55 2004/02/05 05:37:17 dtucker Exp $");
63#include "bufaux.h" 63#include "bufaux.h"
64#include "compat.h" 64#include "compat.h"
65#include "ssh2.h" 65#include "ssh2.h"
66#include "mpaux.h"
67 66
68#ifdef GSSAPI 67#ifdef GSSAPI
69#include "ssh-gss.h" 68#include "ssh-gss.h"
@@ -80,6 +79,7 @@ extern u_char session_id[];
80extern Buffer input, output; 79extern Buffer input, output;
81extern Buffer auth_debug; 80extern Buffer auth_debug;
82extern int auth_debug_init; 81extern int auth_debug_init;
82extern Buffer loginmsg;
83 83
84/* State exported from the child */ 84/* State exported from the child */
85 85
@@ -351,9 +351,9 @@ monitor_set_child_handler(pid_t pid)
351} 351}
352 352
353static void 353static void
354monitor_child_handler(int signal) 354monitor_child_handler(int sig)
355{ 355{
356 kill(monitor_child_pid, signal); 356 kill(monitor_child_pid, sig);
357} 357}
358 358
359void 359void
@@ -468,7 +468,7 @@ monitor_reset_key_state(void)
468} 468}
469 469
470int 470int
471mm_answer_moduli(int socket, Buffer *m) 471mm_answer_moduli(int sock, Buffer *m)
472{ 472{
473 DH *dh; 473 DH *dh;
474 int min, want, max; 474 int min, want, max;
@@ -498,12 +498,12 @@ mm_answer_moduli(int socket, Buffer *m)
498 498
499 DH_free(dh); 499 DH_free(dh);
500 } 500 }
501 mm_request_send(socket, MONITOR_ANS_MODULI, m); 501 mm_request_send(sock, MONITOR_ANS_MODULI, m);
502 return (0); 502 return (0);
503} 503}
504 504
505int 505int
506mm_answer_sign(int socket, Buffer *m) 506mm_answer_sign(int sock, Buffer *m)
507{ 507{
508 Key *key; 508 Key *key;
509 u_char *p; 509 u_char *p;
@@ -539,7 +539,7 @@ mm_answer_sign(int socket, Buffer *m)
539 xfree(p); 539 xfree(p);
540 xfree(signature); 540 xfree(signature);
541 541
542 mm_request_send(socket, MONITOR_ANS_SIGN, m); 542 mm_request_send(sock, MONITOR_ANS_SIGN, m);
543 543
544 /* Turn on permissions for getpwnam */ 544 /* Turn on permissions for getpwnam */
545 monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); 545 monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
@@ -550,9 +550,9 @@ mm_answer_sign(int socket, Buffer *m)
550/* Retrieves the password entry and also checks if the user is permitted */ 550/* Retrieves the password entry and also checks if the user is permitted */
551 551
552int 552int
553mm_answer_pwnamallow(int socket, Buffer *m) 553mm_answer_pwnamallow(int sock, Buffer *m)
554{ 554{
555 char *login; 555 char *username;
556 struct passwd *pwent; 556 struct passwd *pwent;
557 int allowed = 0; 557 int allowed = 0;
558 558
@@ -561,13 +561,13 @@ mm_answer_pwnamallow(int socket, Buffer *m)
561 if (authctxt->attempt++ != 0) 561 if (authctxt->attempt++ != 0)
562 fatal("%s: multiple attempts for getpwnam", __func__); 562 fatal("%s: multiple attempts for getpwnam", __func__);
563 563
564 login = buffer_get_string(m, NULL); 564 username = buffer_get_string(m, NULL);
565 565
566 pwent = getpwnamallow(login); 566 pwent = getpwnamallow(username);
567 567
568 authctxt->user = xstrdup(login); 568 authctxt->user = xstrdup(username);
569 setproctitle("%s [priv]", pwent ? login : "unknown"); 569 setproctitle("%s [priv]", pwent ? username : "unknown");
570 xfree(login); 570 xfree(username);
571 571
572 buffer_clear(m); 572 buffer_clear(m);
573 573
@@ -594,7 +594,7 @@ mm_answer_pwnamallow(int socket, Buffer *m)
594 594
595 out: 595 out:
596 debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); 596 debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
597 mm_request_send(socket, MONITOR_ANS_PWNAM, m); 597 mm_request_send(sock, MONITOR_ANS_PWNAM, m);
598 598
599 /* For SSHv1 allow authentication now */ 599 /* For SSHv1 allow authentication now */
600 if (!compat20) 600 if (!compat20)
@@ -613,14 +613,14 @@ mm_answer_pwnamallow(int socket, Buffer *m)
613 return (0); 613 return (0);
614} 614}
615 615
616int mm_answer_auth2_read_banner(int socket, Buffer *m) 616int mm_answer_auth2_read_banner(int sock, Buffer *m)
617{ 617{
618 char *banner; 618 char *banner;
619 619
620 buffer_clear(m); 620 buffer_clear(m);
621 banner = auth2_read_banner(); 621 banner = auth2_read_banner();
622 buffer_put_cstring(m, banner != NULL ? banner : ""); 622 buffer_put_cstring(m, banner != NULL ? banner : "");
623 mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m); 623 mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m);
624 624
625 if (banner != NULL) 625 if (banner != NULL)
626 xfree(banner); 626 xfree(banner);
@@ -629,7 +629,7 @@ int mm_answer_auth2_read_banner(int socket, Buffer *m)
629} 629}
630 630
631int 631int
632mm_answer_authserv(int socket, Buffer *m) 632mm_answer_authserv(int sock, Buffer *m)
633{ 633{
634 monitor_permit_authentications(1); 634 monitor_permit_authentications(1);
635 635
@@ -647,7 +647,7 @@ mm_answer_authserv(int socket, Buffer *m)
647} 647}
648 648
649int 649int
650mm_answer_authpassword(int socket, Buffer *m) 650mm_answer_authpassword(int sock, Buffer *m)
651{ 651{
652 static int call_count; 652 static int call_count;
653 char *passwd; 653 char *passwd;
@@ -665,7 +665,7 @@ mm_answer_authpassword(int socket, Buffer *m)
665 buffer_put_int(m, authenticated); 665 buffer_put_int(m, authenticated);
666 666
667 debug3("%s: sending result %d", __func__, authenticated); 667 debug3("%s: sending result %d", __func__, authenticated);
668 mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m); 668 mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m);
669 669
670 call_count++; 670 call_count++;
671 if (plen == 0 && call_count == 1) 671 if (plen == 0 && call_count == 1)
@@ -679,7 +679,7 @@ mm_answer_authpassword(int socket, Buffer *m)
679 679
680#ifdef BSD_AUTH 680#ifdef BSD_AUTH
681int 681int
682mm_answer_bsdauthquery(int socket, Buffer *m) 682mm_answer_bsdauthquery(int sock, Buffer *m)
683{ 683{
684 char *name, *infotxt; 684 char *name, *infotxt;
685 u_int numprompts; 685 u_int numprompts;
@@ -696,7 +696,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m)
696 buffer_put_cstring(m, prompts[0]); 696 buffer_put_cstring(m, prompts[0]);
697 697
698 debug3("%s: sending challenge success: %u", __func__, success); 698 debug3("%s: sending challenge success: %u", __func__, success);
699 mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m); 699 mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m);
700 700
701 if (success) { 701 if (success) {
702 xfree(name); 702 xfree(name);
@@ -709,7 +709,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m)
709} 709}
710 710
711int 711int
712mm_answer_bsdauthrespond(int socket, Buffer *m) 712mm_answer_bsdauthrespond(int sock, Buffer *m)
713{ 713{
714 char *response; 714 char *response;
715 int authok; 715 int authok;
@@ -728,7 +728,7 @@ mm_answer_bsdauthrespond(int socket, Buffer *m)
728 buffer_put_int(m, authok); 728 buffer_put_int(m, authok);
729 729
730 debug3("%s: sending authenticated: %d", __func__, authok); 730 debug3("%s: sending authenticated: %d", __func__, authok);
731 mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m); 731 mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m);
732 732
733 auth_method = "bsdauth"; 733 auth_method = "bsdauth";
734 734
@@ -738,7 +738,7 @@ mm_answer_bsdauthrespond(int socket, Buffer *m)
738 738
739#ifdef SKEY 739#ifdef SKEY
740int 740int
741mm_answer_skeyquery(int socket, Buffer *m) 741mm_answer_skeyquery(int sock, Buffer *m)
742{ 742{
743 struct skey skey; 743 struct skey skey;
744 char challenge[1024]; 744 char challenge[1024];
@@ -753,13 +753,13 @@ mm_answer_skeyquery(int socket, Buffer *m)
753 buffer_put_cstring(m, challenge); 753 buffer_put_cstring(m, challenge);
754 754
755 debug3("%s: sending challenge success: %u", __func__, success); 755 debug3("%s: sending challenge success: %u", __func__, success);
756 mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m); 756 mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m);
757 757
758 return (0); 758 return (0);
759} 759}
760 760
761int 761int
762mm_answer_skeyrespond(int socket, Buffer *m) 762mm_answer_skeyrespond(int sock, Buffer *m)
763{ 763{
764 char *response; 764 char *response;
765 int authok; 765 int authok;
@@ -777,7 +777,7 @@ mm_answer_skeyrespond(int socket, Buffer *m)
777 buffer_put_int(m, authok); 777 buffer_put_int(m, authok);
778 778
779 debug3("%s: sending authenticated: %d", __func__, authok); 779 debug3("%s: sending authenticated: %d", __func__, authok);
780 mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m); 780 mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m);
781 781
782 auth_method = "skey"; 782 auth_method = "skey";
783 783
@@ -787,7 +787,7 @@ mm_answer_skeyrespond(int socket, Buffer *m)
787 787
788#ifdef USE_PAM 788#ifdef USE_PAM
789int 789int
790mm_answer_pam_start(int socket, Buffer *m) 790mm_answer_pam_start(int sock, Buffer *m)
791{ 791{
792 if (!options.use_pam) 792 if (!options.use_pam)
793 fatal("UsePAM not set, but ended up in %s anyway", __func__); 793 fatal("UsePAM not set, but ended up in %s anyway", __func__);
@@ -800,7 +800,7 @@ mm_answer_pam_start(int socket, Buffer *m)
800} 800}
801 801
802int 802int
803mm_answer_pam_account(int socket, Buffer *m) 803mm_answer_pam_account(int sock, Buffer *m)
804{ 804{
805 u_int ret; 805 u_int ret;
806 806
@@ -811,7 +811,7 @@ mm_answer_pam_account(int socket, Buffer *m)
811 811
812 buffer_put_int(m, ret); 812 buffer_put_int(m, ret);
813 813
814 mm_request_send(socket, MONITOR_ANS_PAM_ACCOUNT, m); 814 mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);
815 815
816 return (ret); 816 return (ret);
817} 817}
@@ -820,7 +820,7 @@ static void *sshpam_ctxt, *sshpam_authok;
820extern KbdintDevice sshpam_device; 820extern KbdintDevice sshpam_device;
821 821
822int 822int
823mm_answer_pam_init_ctx(int socket, Buffer *m) 823mm_answer_pam_init_ctx(int sock, Buffer *m)
824{ 824{
825 825
826 debug3("%s", __func__); 826 debug3("%s", __func__);
@@ -834,12 +834,12 @@ mm_answer_pam_init_ctx(int socket, Buffer *m)
834 } else { 834 } else {
835 buffer_put_int(m, 0); 835 buffer_put_int(m, 0);
836 } 836 }
837 mm_request_send(socket, MONITOR_ANS_PAM_INIT_CTX, m); 837 mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m);
838 return (0); 838 return (0);
839} 839}
840 840
841int 841int
842mm_answer_pam_query(int socket, Buffer *m) 842mm_answer_pam_query(int sock, Buffer *m)
843{ 843{
844 char *name, *info, **prompts; 844 char *name, *info, **prompts;
845 u_int num, *echo_on; 845 u_int num, *echo_on;
@@ -868,12 +868,12 @@ mm_answer_pam_query(int socket, Buffer *m)
868 xfree(prompts); 868 xfree(prompts);
869 if (echo_on != NULL) 869 if (echo_on != NULL)
870 xfree(echo_on); 870 xfree(echo_on);
871 mm_request_send(socket, MONITOR_ANS_PAM_QUERY, m); 871 mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m);
872 return (0); 872 return (0);
873} 873}
874 874
875int 875int
876mm_answer_pam_respond(int socket, Buffer *m) 876mm_answer_pam_respond(int sock, Buffer *m)
877{ 877{
878 char **resp; 878 char **resp;
879 u_int num; 879 u_int num;
@@ -895,7 +895,7 @@ mm_answer_pam_respond(int socket, Buffer *m)
895 } 895 }
896 buffer_clear(m); 896 buffer_clear(m);
897 buffer_put_int(m, ret); 897 buffer_put_int(m, ret);
898 mm_request_send(socket, MONITOR_ANS_PAM_RESPOND, m); 898 mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
899 auth_method = "keyboard-interactive/pam"; 899 auth_method = "keyboard-interactive/pam";
900 if (ret == 0) 900 if (ret == 0)
901 sshpam_authok = sshpam_ctxt; 901 sshpam_authok = sshpam_ctxt;
@@ -903,13 +903,13 @@ mm_answer_pam_respond(int socket, Buffer *m)
903} 903}
904 904
905int 905int
906mm_answer_pam_free_ctx(int socket, Buffer *m) 906mm_answer_pam_free_ctx(int sock, Buffer *m)
907{ 907{
908 908
909 debug3("%s", __func__); 909 debug3("%s", __func__);
910 (sshpam_device.free_ctx)(sshpam_ctxt); 910 (sshpam_device.free_ctx)(sshpam_ctxt);
911 buffer_clear(m); 911 buffer_clear(m);
912 mm_request_send(socket, MONITOR_ANS_PAM_FREE_CTX, m); 912 mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m);
913 return (sshpam_authok == sshpam_ctxt); 913 return (sshpam_authok == sshpam_ctxt);
914} 914}
915#endif 915#endif
@@ -926,7 +926,7 @@ mm_append_debug(Buffer *m)
926} 926}
927 927
928int 928int
929mm_answer_keyallowed(int socket, Buffer *m) 929mm_answer_keyallowed(int sock, Buffer *m)
930{ 930{
931 Key *key; 931 Key *key;
932 char *cuser, *chost; 932 char *cuser, *chost;
@@ -996,7 +996,7 @@ mm_answer_keyallowed(int socket, Buffer *m)
996 996
997 mm_append_debug(m); 997 mm_append_debug(m);
998 998
999 mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m); 999 mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
1000 1000
1001 if (type == MM_RSAHOSTKEY) 1001 if (type == MM_RSAHOSTKEY)
1002 monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); 1002 monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
@@ -1117,7 +1117,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
1117} 1117}
1118 1118
1119int 1119int
1120mm_answer_keyverify(int socket, Buffer *m) 1120mm_answer_keyverify(int sock, Buffer *m)
1121{ 1121{
1122 Key *key; 1122 Key *key;
1123 u_char *signature, *data, *blob; 1123 u_char *signature, *data, *blob;
@@ -1167,7 +1167,7 @@ mm_answer_keyverify(int socket, Buffer *m)
1167 1167
1168 buffer_clear(m); 1168 buffer_clear(m);
1169 buffer_put_int(m, verified); 1169 buffer_put_int(m, verified);
1170 mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); 1170 mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
1171 1171
1172 return (verified); 1172 return (verified);
1173} 1173}
@@ -1209,7 +1209,7 @@ mm_session_close(Session *s)
1209} 1209}
1210 1210
1211int 1211int
1212mm_answer_pty(int socket, Buffer *m) 1212mm_answer_pty(int sock, Buffer *m)
1213{ 1213{
1214 extern struct monitor *pmonitor; 1214 extern struct monitor *pmonitor;
1215 Session *s; 1215 Session *s;
@@ -1231,10 +1231,6 @@ mm_answer_pty(int socket, Buffer *m)
1231 1231
1232 buffer_put_int(m, 1); 1232 buffer_put_int(m, 1);
1233 buffer_put_cstring(m, s->tty); 1233 buffer_put_cstring(m, s->tty);
1234 mm_request_send(socket, MONITOR_ANS_PTY, m);
1235
1236 mm_send_fd(socket, s->ptyfd);
1237 mm_send_fd(socket, s->ttyfd);
1238 1234
1239 /* We need to trick ttyslot */ 1235 /* We need to trick ttyslot */
1240 if (dup2(s->ttyfd, 0) == -1) 1236 if (dup2(s->ttyfd, 0) == -1)
@@ -1245,6 +1241,15 @@ mm_answer_pty(int socket, Buffer *m)
1245 /* Now we can close the file descriptor again */ 1241 /* Now we can close the file descriptor again */
1246 close(0); 1242 close(0);
1247 1243
1244 /* send messages generated by record_login */
1245 buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg));
1246 buffer_clear(&loginmsg);
1247
1248 mm_request_send(sock, MONITOR_ANS_PTY, m);
1249
1250 mm_send_fd(sock, s->ptyfd);
1251 mm_send_fd(sock, s->ttyfd);
1252
1248 /* make sure nothing uses fd 0 */ 1253 /* make sure nothing uses fd 0 */
1249 if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) 1254 if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
1250 fatal("%s: open(/dev/null): %s", __func__, strerror(errno)); 1255 fatal("%s: open(/dev/null): %s", __func__, strerror(errno));
@@ -1265,12 +1270,12 @@ mm_answer_pty(int socket, Buffer *m)
1265 if (s != NULL) 1270 if (s != NULL)
1266 mm_session_close(s); 1271 mm_session_close(s);
1267 buffer_put_int(m, 0); 1272 buffer_put_int(m, 0);
1268 mm_request_send(socket, MONITOR_ANS_PTY, m); 1273 mm_request_send(sock, MONITOR_ANS_PTY, m);
1269 return (0); 1274 return (0);
1270} 1275}
1271 1276
1272int 1277int
1273mm_answer_pty_cleanup(int socket, Buffer *m) 1278mm_answer_pty_cleanup(int sock, Buffer *m)
1274{ 1279{
1275 Session *s; 1280 Session *s;
1276 char *tty; 1281 char *tty;
@@ -1286,7 +1291,7 @@ mm_answer_pty_cleanup(int socket, Buffer *m)
1286} 1291}
1287 1292
1288int 1293int
1289mm_answer_sesskey(int socket, Buffer *m) 1294mm_answer_sesskey(int sock, Buffer *m)
1290{ 1295{
1291 BIGNUM *p; 1296 BIGNUM *p;
1292 int rsafail; 1297 int rsafail;
@@ -1307,7 +1312,7 @@ mm_answer_sesskey(int socket, Buffer *m)
1307 1312
1308 BN_clear_free(p); 1313 BN_clear_free(p);
1309 1314
1310 mm_request_send(socket, MONITOR_ANS_SESSKEY, m); 1315 mm_request_send(sock, MONITOR_ANS_SESSKEY, m);
1311 1316
1312 /* Turn on permissions for sessid passing */ 1317 /* Turn on permissions for sessid passing */
1313 monitor_permit(mon_dispatch, MONITOR_REQ_SESSID, 1); 1318 monitor_permit(mon_dispatch, MONITOR_REQ_SESSID, 1);
@@ -1316,7 +1321,7 @@ mm_answer_sesskey(int socket, Buffer *m)
1316} 1321}
1317 1322
1318int 1323int
1319mm_answer_sessid(int socket, Buffer *m) 1324mm_answer_sessid(int sock, Buffer *m)
1320{ 1325{
1321 int i; 1326 int i;
1322 1327
@@ -1334,7 +1339,7 @@ mm_answer_sessid(int socket, Buffer *m)
1334} 1339}
1335 1340
1336int 1341int
1337mm_answer_rsa_keyallowed(int socket, Buffer *m) 1342mm_answer_rsa_keyallowed(int sock, Buffer *m)
1338{ 1343{
1339 BIGNUM *client_n; 1344 BIGNUM *client_n;
1340 Key *key = NULL; 1345 Key *key = NULL;
@@ -1374,7 +1379,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
1374 1379
1375 mm_append_debug(m); 1380 mm_append_debug(m);
1376 1381
1377 mm_request_send(socket, MONITOR_ANS_RSAKEYALLOWED, m); 1382 mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m);
1378 1383
1379 monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); 1384 monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
1380 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 0); 1385 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 0);
@@ -1382,7 +1387,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
1382} 1387}
1383 1388
1384int 1389int
1385mm_answer_rsa_challenge(int socket, Buffer *m) 1390mm_answer_rsa_challenge(int sock, Buffer *m)
1386{ 1391{
1387 Key *key = NULL; 1392 Key *key = NULL;
1388 u_char *blob; 1393 u_char *blob;
@@ -1408,7 +1413,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
1408 buffer_put_bignum2(m, ssh1_challenge); 1413 buffer_put_bignum2(m, ssh1_challenge);
1409 1414
1410 debug3("%s sending reply", __func__); 1415 debug3("%s sending reply", __func__);
1411 mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m); 1416 mm_request_send(sock, MONITOR_ANS_RSACHALLENGE, m);
1412 1417
1413 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); 1418 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
1414 1419
@@ -1418,7 +1423,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
1418} 1423}
1419 1424
1420int 1425int
1421mm_answer_rsa_response(int socket, Buffer *m) 1426mm_answer_rsa_response(int sock, Buffer *m)
1422{ 1427{
1423 Key *key = NULL; 1428 Key *key = NULL;
1424 u_char *blob, *response; 1429 u_char *blob, *response;
@@ -1457,13 +1462,13 @@ mm_answer_rsa_response(int socket, Buffer *m)
1457 1462
1458 buffer_clear(m); 1463 buffer_clear(m);
1459 buffer_put_int(m, success); 1464 buffer_put_int(m, success);
1460 mm_request_send(socket, MONITOR_ANS_RSARESPONSE, m); 1465 mm_request_send(sock, MONITOR_ANS_RSARESPONSE, m);
1461 1466
1462 return (success); 1467 return (success);
1463} 1468}
1464 1469
1465int 1470int
1466mm_answer_term(int socket, Buffer *req) 1471mm_answer_term(int sock, Buffer *req)
1467{ 1472{
1468 extern struct monitor *pmonitor; 1473 extern struct monitor *pmonitor;
1469 int res, status; 1474 int res, status;
@@ -1480,7 +1485,7 @@ mm_answer_term(int socket, Buffer *req)
1480 res = WIFEXITED(status) ? WEXITSTATUS(status) : 1; 1485 res = WIFEXITED(status) ? WEXITSTATUS(status) : 1;
1481 1486
1482 /* Terminate process */ 1487 /* Terminate process */
1483 exit (res); 1488 exit(res);
1484} 1489}
1485 1490
1486void 1491void
@@ -1547,6 +1552,7 @@ mm_get_kex(Buffer *m)
1547 fatal("mm_get_get: internal error: bad session id"); 1552 fatal("mm_get_get: internal error: bad session id");
1548 kex->we_need = buffer_get_int(m); 1553 kex->we_need = buffer_get_int(m);
1549 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1554 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
1555 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
1550 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; 1556 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1551 kex->server = 1; 1557 kex->server = 1;
1552 kex->hostkey_type = buffer_get_int(m); 1558 kex->hostkey_type = buffer_get_int(m);
@@ -1740,23 +1746,23 @@ monitor_reinit(struct monitor *mon)
1740 1746
1741#ifdef GSSAPI 1747#ifdef GSSAPI
1742int 1748int
1743mm_answer_gss_setup_ctx(int socket, Buffer *m) 1749mm_answer_gss_setup_ctx(int sock, Buffer *m)
1744{ 1750{
1745 gss_OID_desc oid; 1751 gss_OID_desc goid;
1746 OM_uint32 major; 1752 OM_uint32 major;
1747 u_int len; 1753 u_int len;
1748 1754
1749 oid.elements = buffer_get_string(m, &len); 1755 goid.elements = buffer_get_string(m, &len);
1750 oid.length = len; 1756 goid.length = len;
1751 1757
1752 major = ssh_gssapi_server_ctx(&gsscontext, &oid); 1758 major = ssh_gssapi_server_ctx(&gsscontext, &goid);
1753 1759
1754 xfree(oid.elements); 1760 xfree(goid.elements);
1755 1761
1756 buffer_clear(m); 1762 buffer_clear(m);
1757 buffer_put_int(m, major); 1763 buffer_put_int(m, major);
1758 1764
1759 mm_request_send(socket,MONITOR_ANS_GSSSETUP, m); 1765 mm_request_send(sock,MONITOR_ANS_GSSSETUP, m);
1760 1766
1761 /* Now we have a context, enable the step */ 1767 /* Now we have a context, enable the step */
1762 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1); 1768 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1);
@@ -1765,7 +1771,7 @@ mm_answer_gss_setup_ctx(int socket, Buffer *m)
1765} 1771}
1766 1772
1767int 1773int
1768mm_answer_gss_accept_ctx(int socket, Buffer *m) 1774mm_answer_gss_accept_ctx(int sock, Buffer *m)
1769{ 1775{
1770 gss_buffer_desc in; 1776 gss_buffer_desc in;
1771 gss_buffer_desc out = GSS_C_EMPTY_BUFFER; 1777 gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
@@ -1782,7 +1788,7 @@ mm_answer_gss_accept_ctx(int socket, Buffer *m)
1782 buffer_put_int(m, major); 1788 buffer_put_int(m, major);
1783 buffer_put_string(m, out.value, out.length); 1789 buffer_put_string(m, out.value, out.length);
1784 buffer_put_int(m, flags); 1790 buffer_put_int(m, flags);
1785 mm_request_send(socket, MONITOR_ANS_GSSSTEP, m); 1791 mm_request_send(sock, MONITOR_ANS_GSSSTEP, m);
1786 1792
1787 gss_release_buffer(&minor, &out); 1793 gss_release_buffer(&minor, &out);
1788 1794
@@ -1795,7 +1801,7 @@ mm_answer_gss_accept_ctx(int socket, Buffer *m)
1795} 1801}
1796 1802
1797int 1803int
1798mm_answer_gss_checkmic(int socket, Buffer *m) 1804mm_answer_gss_checkmic(int sock, Buffer *m)
1799{ 1805{
1800 gss_buffer_desc gssbuf, mic; 1806 gss_buffer_desc gssbuf, mic;
1801 OM_uint32 ret; 1807 OM_uint32 ret;
@@ -1814,7 +1820,7 @@ mm_answer_gss_checkmic(int socket, Buffer *m)
1814 buffer_clear(m); 1820 buffer_clear(m);
1815 buffer_put_int(m, ret); 1821 buffer_put_int(m, ret);
1816 1822
1817 mm_request_send(socket, MONITOR_ANS_GSSCHECKMIC, m); 1823 mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m);
1818 1824
1819 if (!GSS_ERROR(ret)) 1825 if (!GSS_ERROR(ret))
1820 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); 1826 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
@@ -1823,7 +1829,7 @@ mm_answer_gss_checkmic(int socket, Buffer *m)
1823} 1829}
1824 1830
1825int 1831int
1826mm_answer_gss_userok(int socket, Buffer *m) 1832mm_answer_gss_userok(int sock, Buffer *m)
1827{ 1833{
1828 int authenticated; 1834 int authenticated;
1829 1835
@@ -1833,7 +1839,7 @@ mm_answer_gss_userok(int socket, Buffer *m)
1833 buffer_put_int(m, authenticated); 1839 buffer_put_int(m, authenticated);
1834 1840
1835 debug3("%s: sending result %d", __func__, authenticated); 1841 debug3("%s: sending result %d", __func__, authenticated);
1836 mm_request_send(socket, MONITOR_ANS_GSSUSEROK, m); 1842 mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
1837 1843
1838 auth_method="gssapi-with-mic"; 1844 auth_method="gssapi-with-mic";
1839 1845
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-28 17:37:43 +0000