summaryrefslogtreecommitdiff
path: root/monitor_wrap.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r--monitor_wrap.c32
1 files changed, 22 insertions, 10 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 4c53bfd13..1395a32f4 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
25 */ 25 */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: monitor_wrap.c,v 1.19 2002/09/26 11:38:43 markus Exp $"); 28RCSID("$OpenBSD: monitor_wrap.c,v 1.22 2003/02/16 17:30:33 markus Exp $");
29 29
30#include <openssl/bn.h> 30#include <openssl/bn.h>
31#include <openssl/dh.h> 31#include <openssl/dh.h>
@@ -34,6 +34,7 @@ RCSID("$OpenBSD: monitor_wrap.c,v 1.19 2002/09/26 11:38:43 markus Exp $");
34#include "dh.h" 34#include "dh.h"
35#include "kex.h" 35#include "kex.h"
36#include "auth.h" 36#include "auth.h"
37#include "auth-options.h"
37#include "buffer.h" 38#include "buffer.h"
38#include "bufaux.h" 39#include "bufaux.h"
39#include "packet.h" 40#include "packet.h"
@@ -312,7 +313,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
312 Buffer m; 313 Buffer m;
313 u_char *blob; 314 u_char *blob;
314 u_int len; 315 u_int len;
315 int allowed = 0; 316 int allowed = 0, have_forced = 0;
316 317
317 debug3("%s entering", __func__); 318 debug3("%s entering", __func__);
318 319
@@ -334,6 +335,11 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
334 335
335 allowed = buffer_get_int(&m); 336 allowed = buffer_get_int(&m);
336 337
338 /* fake forced command */
339 auth_clear_options();
340 have_forced = buffer_get_int(&m);
341 forced_command = have_forced ? xstrdup("true") : NULL;
342
337 /* Send potential debug messages */ 343 /* Send potential debug messages */
338 mm_send_debug(&m); 344 mm_send_debug(&m);
339 345
@@ -714,7 +720,7 @@ mm_bsdauth_query(void *ctx, char **name, char **infotxt,
714 u_int *numprompts, char ***prompts, u_int **echo_on) 720 u_int *numprompts, char ***prompts, u_int **echo_on)
715{ 721{
716 Buffer m; 722 Buffer m;
717 int res; 723 u_int success;
718 char *challenge; 724 char *challenge;
719 725
720 debug3("%s: entering", __func__); 726 debug3("%s: entering", __func__);
@@ -724,8 +730,8 @@ mm_bsdauth_query(void *ctx, char **name, char **infotxt,
724 730
725 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY, 731 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY,
726 &m); 732 &m);
727 res = buffer_get_int(&m); 733 success = buffer_get_int(&m);
728 if (res == -1) { 734 if (success == 0) {
729 debug3("%s: no challenge", __func__); 735 debug3("%s: no challenge", __func__);
730 buffer_free(&m); 736 buffer_free(&m);
731 return (-1); 737 return (-1);
@@ -771,7 +777,8 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
771 u_int *numprompts, char ***prompts, u_int **echo_on) 777 u_int *numprompts, char ***prompts, u_int **echo_on)
772{ 778{
773 Buffer m; 779 Buffer m;
774 int len, res; 780 int len;
781 u_int success;
775 char *p, *challenge; 782 char *p, *challenge;
776 783
777 debug3("%s: entering", __func__); 784 debug3("%s: entering", __func__);
@@ -781,8 +788,8 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
781 788
782 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY, 789 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY,
783 &m); 790 &m);
784 res = buffer_get_int(&m); 791 success = buffer_get_int(&m);
785 if (res == -1) { 792 if (success == 0) {
786 debug3("%s: no challenge", __func__); 793 debug3("%s: no challenge", __func__);
787 buffer_free(&m); 794 buffer_free(&m);
788 return (-1); 795 return (-1);
@@ -852,7 +859,7 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
852 Key *key; 859 Key *key;
853 u_char *blob; 860 u_char *blob;
854 u_int blen; 861 u_int blen;
855 int allowed = 0; 862 int allowed = 0, have_forced = 0;
856 863
857 debug3("%s entering", __func__); 864 debug3("%s entering", __func__);
858 865
@@ -864,6 +871,11 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
864 871
865 allowed = buffer_get_int(&m); 872 allowed = buffer_get_int(&m);
866 873
874 /* fake forced command */
875 auth_clear_options();
876 have_forced = buffer_get_int(&m);
877 forced_command = have_forced ? xstrdup("true") : NULL;
878
867 if (allowed && rkey != NULL) { 879 if (allowed && rkey != NULL) {
868 blob = buffer_get_string(&m, &blen); 880 blob = buffer_get_string(&m, &blen);
869 if ((key = key_from_blob(blob, blen)) == NULL) 881 if ((key = key_from_blob(blob, blen)) == NULL)
@@ -969,7 +981,7 @@ mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply)
969 xfree(p); 981 xfree(p);
970 } 982 }
971 buffer_free(&m); 983 buffer_free(&m);
972 return (success); 984 return (success);
973} 985}
974#endif 986#endif
975 987