diff options
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r-- | monitor_wrap.c | 151 |
1 files changed, 1 insertions, 150 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c index 11e3a6956..2ff8064a0 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.88 2016/03/07 19:02:43 djm Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.89 2016/08/13 17:47:41 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -85,7 +85,6 @@ | |||
85 | #include "ssherr.h" | 85 | #include "ssherr.h" |
86 | 86 | ||
87 | /* Imports */ | 87 | /* Imports */ |
88 | extern int compat20; | ||
89 | extern z_stream incoming_stream; | 88 | extern z_stream incoming_stream; |
90 | extern z_stream outgoing_stream; | 89 | extern z_stream outgoing_stream; |
91 | extern struct monitor *pmonitor; | 90 | extern struct monitor *pmonitor; |
@@ -407,18 +406,6 @@ mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, | |||
407 | } | 406 | } |
408 | 407 | ||
409 | int | 408 | int |
410 | mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, const char *user, | ||
411 | const char *host, Key *key) | ||
412 | { | ||
413 | int ret; | ||
414 | |||
415 | key->type = KEY_RSA; /* XXX hack for key_to_blob */ | ||
416 | ret = mm_key_allowed(MM_RSAHOSTKEY, user, host, key, 0); | ||
417 | key->type = KEY_RSA1; | ||
418 | return (ret); | ||
419 | } | ||
420 | |||
421 | int | ||
422 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, | 409 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, |
423 | Key *key, int pubkey_auth_attempt) | 410 | Key *key, int pubkey_auth_attempt) |
424 | { | 411 | { |
@@ -728,28 +715,6 @@ mm_terminate(void) | |||
728 | buffer_free(&m); | 715 | buffer_free(&m); |
729 | } | 716 | } |
730 | 717 | ||
731 | #ifdef WITH_SSH1 | ||
732 | int | ||
733 | mm_ssh1_session_key(BIGNUM *num) | ||
734 | { | ||
735 | int rsafail; | ||
736 | Buffer m; | ||
737 | |||
738 | buffer_init(&m); | ||
739 | buffer_put_bignum2(&m, num); | ||
740 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSKEY, &m); | ||
741 | |||
742 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SESSKEY, &m); | ||
743 | |||
744 | rsafail = buffer_get_int(&m); | ||
745 | buffer_get_bignum2(&m, num); | ||
746 | |||
747 | buffer_free(&m); | ||
748 | |||
749 | return (rsafail); | ||
750 | } | ||
751 | #endif | ||
752 | |||
753 | static void | 718 | static void |
754 | mm_chall_setup(char **name, char **infotxt, u_int *numprompts, | 719 | mm_chall_setup(char **name, char **infotxt, u_int *numprompts, |
755 | char ***prompts, u_int **echo_on) | 720 | char ***prompts, u_int **echo_on) |
@@ -880,120 +845,6 @@ mm_skey_respond(void *ctx, u_int numresponses, char **responses) | |||
880 | } | 845 | } |
881 | #endif /* SKEY */ | 846 | #endif /* SKEY */ |
882 | 847 | ||
883 | void | ||
884 | mm_ssh1_session_id(u_char session_id[16]) | ||
885 | { | ||
886 | Buffer m; | ||
887 | int i; | ||
888 | |||
889 | debug3("%s entering", __func__); | ||
890 | |||
891 | buffer_init(&m); | ||
892 | for (i = 0; i < 16; i++) | ||
893 | buffer_put_char(&m, session_id[i]); | ||
894 | |||
895 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SESSID, &m); | ||
896 | buffer_free(&m); | ||
897 | } | ||
898 | |||
899 | #ifdef WITH_SSH1 | ||
900 | int | ||
901 | mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | ||
902 | { | ||
903 | Buffer m; | ||
904 | Key *key; | ||
905 | u_char *blob; | ||
906 | u_int blen; | ||
907 | int allowed = 0, have_forced = 0; | ||
908 | |||
909 | debug3("%s entering", __func__); | ||
910 | |||
911 | buffer_init(&m); | ||
912 | buffer_put_bignum2(&m, client_n); | ||
913 | |||
914 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSAKEYALLOWED, &m); | ||
915 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSAKEYALLOWED, &m); | ||
916 | |||
917 | allowed = buffer_get_int(&m); | ||
918 | |||
919 | /* fake forced command */ | ||
920 | auth_clear_options(); | ||
921 | have_forced = buffer_get_int(&m); | ||
922 | forced_command = have_forced ? xstrdup("true") : NULL; | ||
923 | |||
924 | if (allowed && rkey != NULL) { | ||
925 | blob = buffer_get_string(&m, &blen); | ||
926 | if ((key = key_from_blob(blob, blen)) == NULL) | ||
927 | fatal("%s: key_from_blob failed", __func__); | ||
928 | *rkey = key; | ||
929 | free(blob); | ||
930 | } | ||
931 | buffer_free(&m); | ||
932 | |||
933 | return (allowed); | ||
934 | } | ||
935 | |||
936 | BIGNUM * | ||
937 | mm_auth_rsa_generate_challenge(Key *key) | ||
938 | { | ||
939 | Buffer m; | ||
940 | BIGNUM *challenge; | ||
941 | u_char *blob; | ||
942 | u_int blen; | ||
943 | |||
944 | debug3("%s entering", __func__); | ||
945 | |||
946 | if ((challenge = BN_new()) == NULL) | ||
947 | fatal("%s: BN_new failed", __func__); | ||
948 | |||
949 | key->type = KEY_RSA; /* XXX cheat for key_to_blob */ | ||
950 | if (key_to_blob(key, &blob, &blen) == 0) | ||
951 | fatal("%s: key_to_blob failed", __func__); | ||
952 | key->type = KEY_RSA1; | ||
953 | |||
954 | buffer_init(&m); | ||
955 | buffer_put_string(&m, blob, blen); | ||
956 | free(blob); | ||
957 | |||
958 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m); | ||
959 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m); | ||
960 | |||
961 | buffer_get_bignum2(&m, challenge); | ||
962 | buffer_free(&m); | ||
963 | |||
964 | return (challenge); | ||
965 | } | ||
966 | |||
967 | int | ||
968 | mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16]) | ||
969 | { | ||
970 | Buffer m; | ||
971 | u_char *blob; | ||
972 | u_int blen; | ||
973 | int success = 0; | ||
974 | |||
975 | debug3("%s entering", __func__); | ||
976 | |||
977 | key->type = KEY_RSA; /* XXX cheat for key_to_blob */ | ||
978 | if (key_to_blob(key, &blob, &blen) == 0) | ||
979 | fatal("%s: key_to_blob failed", __func__); | ||
980 | key->type = KEY_RSA1; | ||
981 | |||
982 | buffer_init(&m); | ||
983 | buffer_put_string(&m, blob, blen); | ||
984 | buffer_put_string(&m, response, 16); | ||
985 | free(blob); | ||
986 | |||
987 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); | ||
988 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); | ||
989 | |||
990 | success = buffer_get_int(&m); | ||
991 | buffer_free(&m); | ||
992 | |||
993 | return (success); | ||
994 | } | ||
995 | #endif | ||
996 | |||
997 | #ifdef SSH_AUDIT_EVENTS | 848 | #ifdef SSH_AUDIT_EVENTS |
998 | void | 849 | void |
999 | mm_audit_event(ssh_audit_event_t event) | 850 | mm_audit_event(ssh_audit_event_t event) |