- markus@cvs.openbsd.org 2002/06/04 23:05:49
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c] __FUNCTION__ -> __func__ NOTE: This includes all portable references also.
This commit is contained in:
parent
3dca4f55f2
commit
7d9c38f37a
|
@ -95,6 +95,9 @@
|
||||||
- markus@cvs.openbsd.org 2002/06/04 23:02:06
|
- markus@cvs.openbsd.org 2002/06/04 23:02:06
|
||||||
[packet.c]
|
[packet.c]
|
||||||
remove __FUNCTION__
|
remove __FUNCTION__
|
||||||
|
- markus@cvs.openbsd.org 2002/06/04 23:05:49
|
||||||
|
[cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
|
||||||
|
__FUNCTION__ -> __func__
|
||||||
|
|
||||||
20020604
|
20020604
|
||||||
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
|
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
|
||||||
|
@ -779,4 +782,4 @@
|
||||||
- (stevesk) entropy.c: typo in debug message
|
- (stevesk) entropy.c: typo in debug message
|
||||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.2169 2002/06/06 20:59:25 mouring Exp $
|
$Id: ChangeLog,v 1.2170 2002/06/06 21:40:51 mouring Exp $
|
||||||
|
|
26
cipher.c
26
cipher.c
|
@ -35,7 +35,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: cipher.c,v 1.57 2002/05/30 08:07:31 markus Exp $");
|
RCSID("$OpenBSD: cipher.c,v 1.58 2002/06/04 23:05:49 markus Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
|
@ -595,7 +595,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
|
||||||
if (evplen == 0)
|
if (evplen == 0)
|
||||||
return;
|
return;
|
||||||
if (evplen != len)
|
if (evplen != len)
|
||||||
fatal("%s: wrong iv length %d != %d", __FUNCTION__,
|
fatal("%s: wrong iv length %d != %d", __func__,
|
||||||
evplen, len);
|
evplen, len);
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
||||||
|
@ -604,7 +604,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
|
||||||
|
|
||||||
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
||||||
if (aesc == NULL)
|
if (aesc == NULL)
|
||||||
fatal("%s: no rijndael context", __FUNCTION__);
|
fatal("%s: no rijndael context", __func__);
|
||||||
civ = aesc->r_iv;
|
civ = aesc->r_iv;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
|
@ -615,18 +615,18 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
|
||||||
case SSH_CIPHER_3DES: {
|
case SSH_CIPHER_3DES: {
|
||||||
struct ssh1_3des_ctx *desc;
|
struct ssh1_3des_ctx *desc;
|
||||||
if (len != 24)
|
if (len != 24)
|
||||||
fatal("%s: bad 3des iv length: %d", __FUNCTION__, len);
|
fatal("%s: bad 3des iv length: %d", __func__, len);
|
||||||
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
||||||
if (desc == NULL)
|
if (desc == NULL)
|
||||||
fatal("%s: no 3des context", __FUNCTION__);
|
fatal("%s: no 3des context", __func__);
|
||||||
debug3("%s: Copying 3DES IV", __FUNCTION__);
|
debug3("%s: Copying 3DES IV", __func__);
|
||||||
memcpy(iv, desc->k1.iv, 8);
|
memcpy(iv, desc->k1.iv, 8);
|
||||||
memcpy(iv + 8, desc->k2.iv, 8);
|
memcpy(iv + 8, desc->k2.iv, 8);
|
||||||
memcpy(iv + 16, desc->k3.iv, 8);
|
memcpy(iv + 16, desc->k3.iv, 8);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
fatal("%s: bad cipher %d", __FUNCTION__, c->number);
|
fatal("%s: bad cipher %d", __func__, c->number);
|
||||||
}
|
}
|
||||||
memcpy(iv, civ, len);
|
memcpy(iv, civ, len);
|
||||||
}
|
}
|
||||||
|
@ -652,7 +652,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
|
||||||
|
|
||||||
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
aesc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
||||||
if (aesc == NULL)
|
if (aesc == NULL)
|
||||||
fatal("%s: no rijndael context", __FUNCTION__);
|
fatal("%s: no rijndael context", __func__);
|
||||||
div = aesc->r_iv;
|
div = aesc->r_iv;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
|
@ -664,15 +664,15 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
|
||||||
struct ssh1_3des_ctx *desc;
|
struct ssh1_3des_ctx *desc;
|
||||||
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
||||||
if (desc == NULL)
|
if (desc == NULL)
|
||||||
fatal("%s: no 3des context", __FUNCTION__);
|
fatal("%s: no 3des context", __func__);
|
||||||
debug3("%s: Installed 3DES IV", __FUNCTION__);
|
debug3("%s: Installed 3DES IV", __func__);
|
||||||
memcpy(desc->k1.iv, iv, 8);
|
memcpy(desc->k1.iv, iv, 8);
|
||||||
memcpy(desc->k2.iv, iv + 8, 8);
|
memcpy(desc->k2.iv, iv + 8, 8);
|
||||||
memcpy(desc->k3.iv, iv + 16, 8);
|
memcpy(desc->k3.iv, iv + 16, 8);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
fatal("%s: bad cipher %d", __FUNCTION__, c->number);
|
fatal("%s: bad cipher %d", __func__, c->number);
|
||||||
}
|
}
|
||||||
memcpy(div, iv, evplen);
|
memcpy(div, iv, evplen);
|
||||||
}
|
}
|
||||||
|
@ -695,7 +695,7 @@ cipher_get_keycontext(CipherContext *cc, u_char *dat)
|
||||||
struct ssh1_3des_ctx *desc;
|
struct ssh1_3des_ctx *desc;
|
||||||
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
||||||
if (desc == NULL)
|
if (desc == NULL)
|
||||||
fatal("%s: no 3des context", __FUNCTION__);
|
fatal("%s: no 3des context", __func__);
|
||||||
plen = EVP_X_STATE_LEN(desc->k1);
|
plen = EVP_X_STATE_LEN(desc->k1);
|
||||||
if (dat == NULL)
|
if (dat == NULL)
|
||||||
return (3*plen);
|
return (3*plen);
|
||||||
|
@ -724,7 +724,7 @@ cipher_set_keycontext(CipherContext *cc, u_char *dat)
|
||||||
struct ssh1_3des_ctx *desc;
|
struct ssh1_3des_ctx *desc;
|
||||||
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
desc = EVP_CIPHER_CTX_get_app_data(&cc->evp);
|
||||||
if (desc == NULL)
|
if (desc == NULL)
|
||||||
fatal("%s: no 3des context", __FUNCTION__);
|
fatal("%s: no 3des context", __func__);
|
||||||
plen = EVP_X_STATE_LEN(desc->k1);
|
plen = EVP_X_STATE_LEN(desc->k1);
|
||||||
memcpy(EVP_X_STATE(desc->k1), dat, plen);
|
memcpy(EVP_X_STATE(desc->k1), dat, plen);
|
||||||
memcpy(EVP_X_STATE(desc->k2), dat + plen, plen);
|
memcpy(EVP_X_STATE(desc->k2), dat + plen, plen);
|
||||||
|
|
144
monitor.c
144
monitor.c
|
@ -25,7 +25,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: monitor.c,v 1.13 2002/06/04 19:53:40 markus Exp $");
|
RCSID("$OpenBSD: monitor.c,v 1.14 2002/06/04 23:05:49 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
|
|
||||||
|
@ -269,7 +269,7 @@ monitor_child_preauth(struct monitor *pmonitor)
|
||||||
if (authenticated) {
|
if (authenticated) {
|
||||||
if (!(ent->flags & MON_AUTHDECIDE))
|
if (!(ent->flags & MON_AUTHDECIDE))
|
||||||
fatal("%s: unexpected authentication from %d",
|
fatal("%s: unexpected authentication from %d",
|
||||||
__FUNCTION__, ent->type);
|
__func__, ent->type);
|
||||||
if (authctxt->pw->pw_uid == 0 &&
|
if (authctxt->pw->pw_uid == 0 &&
|
||||||
!auth_root_allowed(auth_method))
|
!auth_root_allowed(auth_method))
|
||||||
authenticated = 0;
|
authenticated = 0;
|
||||||
|
@ -288,10 +288,10 @@ monitor_child_preauth(struct monitor *pmonitor)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!authctxt->valid)
|
if (!authctxt->valid)
|
||||||
fatal("%s: authenticated invalid user", __FUNCTION__);
|
fatal("%s: authenticated invalid user", __func__);
|
||||||
|
|
||||||
debug("%s: %s has been authenticated by privileged process",
|
debug("%s: %s has been authenticated by privileged process",
|
||||||
__FUNCTION__, authctxt->user);
|
__func__, authctxt->user);
|
||||||
|
|
||||||
mm_get_keystate(pmonitor);
|
mm_get_keystate(pmonitor);
|
||||||
|
|
||||||
|
@ -342,7 +342,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
|
||||||
mm_request_receive(pmonitor->m_sendfd, &m);
|
mm_request_receive(pmonitor->m_sendfd, &m);
|
||||||
type = buffer_get_char(&m);
|
type = buffer_get_char(&m);
|
||||||
|
|
||||||
debug3("%s: checking request %d", __FUNCTION__, type);
|
debug3("%s: checking request %d", __func__, type);
|
||||||
|
|
||||||
while (ent->f != NULL) {
|
while (ent->f != NULL) {
|
||||||
if (ent->type == type)
|
if (ent->type == type)
|
||||||
|
@ -352,14 +352,14 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
|
||||||
|
|
||||||
if (ent->f != NULL) {
|
if (ent->f != NULL) {
|
||||||
if (!(ent->flags & MON_PERMIT))
|
if (!(ent->flags & MON_PERMIT))
|
||||||
fatal("%s: unpermitted request %d", __FUNCTION__,
|
fatal("%s: unpermitted request %d", __func__,
|
||||||
type);
|
type);
|
||||||
ret = (*ent->f)(pmonitor->m_sendfd, &m);
|
ret = (*ent->f)(pmonitor->m_sendfd, &m);
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
|
||||||
/* The child may use this request only once, disable it */
|
/* The child may use this request only once, disable it */
|
||||||
if (ent->flags & MON_ONCE) {
|
if (ent->flags & MON_ONCE) {
|
||||||
debug2("%s: %d used once, disabling now", __FUNCTION__,
|
debug2("%s: %d used once, disabling now", __func__,
|
||||||
type);
|
type);
|
||||||
ent->flags &= ~MON_PERMIT;
|
ent->flags &= ~MON_PERMIT;
|
||||||
}
|
}
|
||||||
|
@ -370,7 +370,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
fatal("%s: unsupported request: %d", __FUNCTION__, type);
|
fatal("%s: unsupported request: %d", __func__, type);
|
||||||
|
|
||||||
/* NOTREACHED */
|
/* NOTREACHED */
|
||||||
return (-1);
|
return (-1);
|
||||||
|
@ -415,11 +415,11 @@ mm_answer_moduli(int socket, Buffer *m)
|
||||||
max = buffer_get_int(m);
|
max = buffer_get_int(m);
|
||||||
|
|
||||||
debug3("%s: got parameters: %d %d %d",
|
debug3("%s: got parameters: %d %d %d",
|
||||||
__FUNCTION__, min, want, max);
|
__func__, min, want, max);
|
||||||
/* We need to check here, too, in case the child got corrupted */
|
/* We need to check here, too, in case the child got corrupted */
|
||||||
if (max < min || want < min || max < want)
|
if (max < min || want < min || max < want)
|
||||||
fatal("%s: bad parameters: %d %d %d",
|
fatal("%s: bad parameters: %d %d %d",
|
||||||
__FUNCTION__, min, want, max);
|
__func__, min, want, max);
|
||||||
|
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
|
|
||||||
|
@ -448,13 +448,13 @@ mm_answer_sign(int socket, Buffer *m)
|
||||||
u_int siglen, datlen;
|
u_int siglen, datlen;
|
||||||
int keyid;
|
int keyid;
|
||||||
|
|
||||||
debug3("%s", __FUNCTION__);
|
debug3("%s", __func__);
|
||||||
|
|
||||||
keyid = buffer_get_int(m);
|
keyid = buffer_get_int(m);
|
||||||
p = buffer_get_string(m, &datlen);
|
p = buffer_get_string(m, &datlen);
|
||||||
|
|
||||||
if (datlen != 20)
|
if (datlen != 20)
|
||||||
fatal("%s: data length incorrect: %d", __FUNCTION__, datlen);
|
fatal("%s: data length incorrect: %d", __func__, datlen);
|
||||||
|
|
||||||
/* save session id, it will be passed on the first call */
|
/* save session id, it will be passed on the first call */
|
||||||
if (session_id2_len == 0) {
|
if (session_id2_len == 0) {
|
||||||
|
@ -464,11 +464,11 @@ mm_answer_sign(int socket, Buffer *m)
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((key = get_hostkey_by_index(keyid)) == NULL)
|
if ((key = get_hostkey_by_index(keyid)) == NULL)
|
||||||
fatal("%s: no hostkey from index %d", __FUNCTION__, keyid);
|
fatal("%s: no hostkey from index %d", __func__, keyid);
|
||||||
if (key_sign(key, &signature, &siglen, p, datlen) < 0)
|
if (key_sign(key, &signature, &siglen, p, datlen) < 0)
|
||||||
fatal("%s: key_sign failed", __FUNCTION__);
|
fatal("%s: key_sign failed", __func__);
|
||||||
|
|
||||||
debug3("%s: signature %p(%d)", __FUNCTION__, signature, siglen);
|
debug3("%s: signature %p(%d)", __func__, signature, siglen);
|
||||||
|
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
buffer_put_string(m, signature, siglen);
|
buffer_put_string(m, signature, siglen);
|
||||||
|
@ -493,10 +493,10 @@ mm_answer_pwnamallow(int socket, Buffer *m)
|
||||||
struct passwd *pwent;
|
struct passwd *pwent;
|
||||||
int allowed = 0;
|
int allowed = 0;
|
||||||
|
|
||||||
debug3("%s", __FUNCTION__);
|
debug3("%s", __func__);
|
||||||
|
|
||||||
if (authctxt->attempt++ != 0)
|
if (authctxt->attempt++ != 0)
|
||||||
fatal("%s: multiple attempts for getpwnam", __FUNCTION__);
|
fatal("%s: multiple attempts for getpwnam", __func__);
|
||||||
|
|
||||||
login = buffer_get_string(m, NULL);
|
login = buffer_get_string(m, NULL);
|
||||||
|
|
||||||
|
@ -529,7 +529,7 @@ mm_answer_pwnamallow(int socket, Buffer *m)
|
||||||
buffer_put_cstring(m, pwent->pw_shell);
|
buffer_put_cstring(m, pwent->pw_shell);
|
||||||
|
|
||||||
out:
|
out:
|
||||||
debug3("%s: sending MONITOR_ANS_PWNAM: %d", __FUNCTION__, allowed);
|
debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
|
||||||
mm_request_send(socket, MONITOR_ANS_PWNAM, m);
|
mm_request_send(socket, MONITOR_ANS_PWNAM, m);
|
||||||
|
|
||||||
/* For SSHv1 allow authentication now */
|
/* For SSHv1 allow authentication now */
|
||||||
|
@ -571,7 +571,7 @@ mm_answer_authserv(int socket, Buffer *m)
|
||||||
authctxt->service = buffer_get_string(m, NULL);
|
authctxt->service = buffer_get_string(m, NULL);
|
||||||
authctxt->style = buffer_get_string(m, NULL);
|
authctxt->style = buffer_get_string(m, NULL);
|
||||||
debug3("%s: service=%s, style=%s",
|
debug3("%s: service=%s, style=%s",
|
||||||
__FUNCTION__, authctxt->service, authctxt->style);
|
__func__, authctxt->service, authctxt->style);
|
||||||
|
|
||||||
if (strlen(authctxt->style) == 0) {
|
if (strlen(authctxt->style) == 0) {
|
||||||
xfree(authctxt->style);
|
xfree(authctxt->style);
|
||||||
|
@ -598,7 +598,7 @@ mm_answer_authpassword(int socket, Buffer *m)
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
buffer_put_int(m, authenticated);
|
buffer_put_int(m, authenticated);
|
||||||
|
|
||||||
debug3("%s: sending result %d", __FUNCTION__, authenticated);
|
debug3("%s: sending result %d", __func__, authenticated);
|
||||||
mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m);
|
mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m);
|
||||||
|
|
||||||
call_count++;
|
call_count++;
|
||||||
|
@ -629,7 +629,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m)
|
||||||
if (res != -1)
|
if (res != -1)
|
||||||
buffer_put_cstring(m, prompts[0]);
|
buffer_put_cstring(m, prompts[0]);
|
||||||
|
|
||||||
debug3("%s: sending challenge res: %d", __FUNCTION__, res);
|
debug3("%s: sending challenge res: %d", __func__, res);
|
||||||
mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m);
|
mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m);
|
||||||
|
|
||||||
if (res != -1) {
|
if (res != -1) {
|
||||||
|
@ -649,19 +649,19 @@ mm_answer_bsdauthrespond(int socket, Buffer *m)
|
||||||
int authok;
|
int authok;
|
||||||
|
|
||||||
if (authctxt->as == 0)
|
if (authctxt->as == 0)
|
||||||
fatal("%s: no bsd auth session", __FUNCTION__);
|
fatal("%s: no bsd auth session", __func__);
|
||||||
|
|
||||||
response = buffer_get_string(m, NULL);
|
response = buffer_get_string(m, NULL);
|
||||||
authok = options.challenge_response_authentication &&
|
authok = options.challenge_response_authentication &&
|
||||||
auth_userresponse(authctxt->as, response, 0);
|
auth_userresponse(authctxt->as, response, 0);
|
||||||
authctxt->as = NULL;
|
authctxt->as = NULL;
|
||||||
debug3("%s: <%s> = <%d>", __FUNCTION__, response, authok);
|
debug3("%s: <%s> = <%d>", __func__, response, authok);
|
||||||
xfree(response);
|
xfree(response);
|
||||||
|
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
buffer_put_int(m, authok);
|
buffer_put_int(m, authok);
|
||||||
|
|
||||||
debug3("%s: sending authenticated: %d", __FUNCTION__, authok);
|
debug3("%s: sending authenticated: %d", __func__, authok);
|
||||||
mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m);
|
mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m);
|
||||||
|
|
||||||
auth_method = "bsdauth";
|
auth_method = "bsdauth";
|
||||||
|
@ -685,7 +685,7 @@ mm_answer_skeyquery(int socket, Buffer *m)
|
||||||
if (res != -1)
|
if (res != -1)
|
||||||
buffer_put_cstring(m, challenge);
|
buffer_put_cstring(m, challenge);
|
||||||
|
|
||||||
debug3("%s: sending challenge res: %d", __FUNCTION__, res);
|
debug3("%s: sending challenge res: %d", __func__, res);
|
||||||
mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m);
|
mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m);
|
||||||
|
|
||||||
return (0);
|
return (0);
|
||||||
|
@ -709,7 +709,7 @@ mm_answer_skeyrespond(int socket, Buffer *m)
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
buffer_put_int(m, authok);
|
buffer_put_int(m, authok);
|
||||||
|
|
||||||
debug3("%s: sending authenticated: %d", __FUNCTION__, authok);
|
debug3("%s: sending authenticated: %d", __func__, authok);
|
||||||
mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m);
|
mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m);
|
||||||
|
|
||||||
auth_method = "skey";
|
auth_method = "skey";
|
||||||
|
@ -738,7 +738,7 @@ static void
|
||||||
mm_append_debug(Buffer *m)
|
mm_append_debug(Buffer *m)
|
||||||
{
|
{
|
||||||
if (auth_debug_init && buffer_len(&auth_debug)) {
|
if (auth_debug_init && buffer_len(&auth_debug)) {
|
||||||
debug3("%s: Appending debug messages for child", __FUNCTION__);
|
debug3("%s: Appending debug messages for child", __func__);
|
||||||
buffer_append(m, buffer_ptr(&auth_debug),
|
buffer_append(m, buffer_ptr(&auth_debug),
|
||||||
buffer_len(&auth_debug));
|
buffer_len(&auth_debug));
|
||||||
buffer_clear(&auth_debug);
|
buffer_clear(&auth_debug);
|
||||||
|
@ -754,7 +754,7 @@ mm_answer_keyallowed(int socket, Buffer *m)
|
||||||
enum mm_keytype type = 0;
|
enum mm_keytype type = 0;
|
||||||
int allowed = 0;
|
int allowed = 0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
type = buffer_get_int(m);
|
type = buffer_get_int(m);
|
||||||
cuser = buffer_get_string(m, NULL);
|
cuser = buffer_get_string(m, NULL);
|
||||||
|
@ -765,9 +765,9 @@ mm_answer_keyallowed(int socket, Buffer *m)
|
||||||
|
|
||||||
if ((compat20 && type == MM_RSAHOSTKEY) ||
|
if ((compat20 && type == MM_RSAHOSTKEY) ||
|
||||||
(!compat20 && type != MM_RSAHOSTKEY))
|
(!compat20 && type != MM_RSAHOSTKEY))
|
||||||
fatal("%s: key type and protocol mismatch", __FUNCTION__);
|
fatal("%s: key type and protocol mismatch", __func__);
|
||||||
|
|
||||||
debug3("%s: key_from_blob: %p", __FUNCTION__, key);
|
debug3("%s: key_from_blob: %p", __func__, key);
|
||||||
|
|
||||||
if (key != NULL && authctxt->pw != NULL) {
|
if (key != NULL && authctxt->pw != NULL) {
|
||||||
switch(type) {
|
switch(type) {
|
||||||
|
@ -787,7 +787,7 @@ mm_answer_keyallowed(int socket, Buffer *m)
|
||||||
cuser, chost, key);
|
cuser, chost, key);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
fatal("%s: unknown key type %d", __FUNCTION__, type);
|
fatal("%s: unknown key type %d", __func__, type);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
key_free(key);
|
key_free(key);
|
||||||
|
@ -806,7 +806,7 @@ mm_answer_keyallowed(int socket, Buffer *m)
|
||||||
}
|
}
|
||||||
|
|
||||||
debug3("%s: key %p is %s",
|
debug3("%s: key %p is %s",
|
||||||
__FUNCTION__, key, allowed ? "allowed" : "disallowed");
|
__func__, key, allowed ? "allowed" : "disallowed");
|
||||||
|
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
buffer_put_int(m, allowed);
|
buffer_put_int(m, allowed);
|
||||||
|
@ -948,11 +948,11 @@ mm_answer_keyverify(int socket, Buffer *m)
|
||||||
|
|
||||||
if (hostbased_cuser == NULL || hostbased_chost == NULL ||
|
if (hostbased_cuser == NULL || hostbased_chost == NULL ||
|
||||||
!monitor_allowed_key(blob, bloblen))
|
!monitor_allowed_key(blob, bloblen))
|
||||||
fatal("%s: bad key, not previously allowed", __FUNCTION__);
|
fatal("%s: bad key, not previously allowed", __func__);
|
||||||
|
|
||||||
key = key_from_blob(blob, bloblen);
|
key = key_from_blob(blob, bloblen);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
fatal("%s: bad public key blob", __FUNCTION__);
|
fatal("%s: bad public key blob", __func__);
|
||||||
|
|
||||||
switch (key_blobtype) {
|
switch (key_blobtype) {
|
||||||
case MM_USERKEY:
|
case MM_USERKEY:
|
||||||
|
@ -967,11 +967,11 @@ mm_answer_keyverify(int socket, Buffer *m)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (!valid_data)
|
if (!valid_data)
|
||||||
fatal("%s: bad signature data blob", __FUNCTION__);
|
fatal("%s: bad signature data blob", __func__);
|
||||||
|
|
||||||
verified = key_verify(key, signature, signaturelen, data, datalen);
|
verified = key_verify(key, signature, signaturelen, data, datalen);
|
||||||
debug3("%s: key %p signature %s",
|
debug3("%s: key %p signature %s",
|
||||||
__FUNCTION__, key, verified ? "verified" : "unverified");
|
__func__, key, verified ? "verified" : "unverified");
|
||||||
|
|
||||||
key_free(key);
|
key_free(key);
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
|
@ -1017,9 +1017,9 @@ mm_record_login(Session *s, struct passwd *pw)
|
||||||
static void
|
static void
|
||||||
mm_session_close(Session *s)
|
mm_session_close(Session *s)
|
||||||
{
|
{
|
||||||
debug3("%s: session %d pid %d", __FUNCTION__, s->self, s->pid);
|
debug3("%s: session %d pid %d", __func__, s->self, s->pid);
|
||||||
if (s->ttyfd != -1) {
|
if (s->ttyfd != -1) {
|
||||||
debug3("%s: tty %s ptyfd %d", __FUNCTION__, s->tty, s->ptyfd);
|
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
|
||||||
fatal_remove_cleanup(session_pty_cleanup2, (void *)s);
|
fatal_remove_cleanup(session_pty_cleanup2, (void *)s);
|
||||||
session_pty_cleanup2(s);
|
session_pty_cleanup2(s);
|
||||||
}
|
}
|
||||||
|
@ -1033,7 +1033,7 @@ mm_answer_pty(int socket, Buffer *m)
|
||||||
Session *s;
|
Session *s;
|
||||||
int res, fd0;
|
int res, fd0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
s = session_new();
|
s = session_new();
|
||||||
|
@ -1057,7 +1057,7 @@ mm_answer_pty(int socket, Buffer *m)
|
||||||
|
|
||||||
/* We need to trick ttyslot */
|
/* We need to trick ttyslot */
|
||||||
if (dup2(s->ttyfd, 0) == -1)
|
if (dup2(s->ttyfd, 0) == -1)
|
||||||
fatal("%s: dup2", __FUNCTION__);
|
fatal("%s: dup2", __func__);
|
||||||
|
|
||||||
mm_record_login(s, authctxt->pw);
|
mm_record_login(s, authctxt->pw);
|
||||||
|
|
||||||
|
@ -1066,9 +1066,9 @@ mm_answer_pty(int socket, Buffer *m)
|
||||||
|
|
||||||
/* make sure nothing uses fd 0 */
|
/* make sure nothing uses fd 0 */
|
||||||
if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
|
if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
|
||||||
fatal("%s: open(/dev/null): %s", __FUNCTION__, strerror(errno));
|
fatal("%s: open(/dev/null): %s", __func__, strerror(errno));
|
||||||
if (fd0 != 0)
|
if (fd0 != 0)
|
||||||
error("%s: fd0 %d != 0", __FUNCTION__, fd0);
|
error("%s: fd0 %d != 0", __func__, fd0);
|
||||||
|
|
||||||
/* slave is not needed */
|
/* slave is not needed */
|
||||||
close(s->ttyfd);
|
close(s->ttyfd);
|
||||||
|
@ -1076,7 +1076,7 @@ mm_answer_pty(int socket, Buffer *m)
|
||||||
/* no need to dup() because nobody closes ptyfd */
|
/* no need to dup() because nobody closes ptyfd */
|
||||||
s->ptymaster = s->ptyfd;
|
s->ptymaster = s->ptyfd;
|
||||||
|
|
||||||
debug3("%s: tty %s ptyfd %d", __FUNCTION__, s->tty, s->ttyfd);
|
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd);
|
||||||
|
|
||||||
return (0);
|
return (0);
|
||||||
|
|
||||||
|
@ -1094,7 +1094,7 @@ mm_answer_pty_cleanup(int socket, Buffer *m)
|
||||||
Session *s;
|
Session *s;
|
||||||
char *tty;
|
char *tty;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
tty = buffer_get_string(m, NULL);
|
tty = buffer_get_string(m, NULL);
|
||||||
if ((s = session_by_tty(tty)) != NULL)
|
if ((s = session_by_tty(tty)) != NULL)
|
||||||
|
@ -1114,7 +1114,7 @@ mm_answer_sesskey(int socket, Buffer *m)
|
||||||
monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1);
|
monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1);
|
||||||
|
|
||||||
if ((p = BN_new()) == NULL)
|
if ((p = BN_new()) == NULL)
|
||||||
fatal("%s: BN_new", __FUNCTION__);
|
fatal("%s: BN_new", __func__);
|
||||||
|
|
||||||
buffer_get_bignum2(m, p);
|
buffer_get_bignum2(m, p);
|
||||||
|
|
||||||
|
@ -1139,10 +1139,10 @@ mm_answer_sessid(int socket, Buffer *m)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
if (buffer_len(m) != 16)
|
if (buffer_len(m) != 16)
|
||||||
fatal("%s: bad ssh1 session id", __FUNCTION__);
|
fatal("%s: bad ssh1 session id", __func__);
|
||||||
for (i = 0; i < 16; i++)
|
for (i = 0; i < 16; i++)
|
||||||
session_id[i] = buffer_get_char(m);
|
session_id[i] = buffer_get_char(m);
|
||||||
|
|
||||||
|
@ -1161,11 +1161,11 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
|
||||||
u_int blen = 0;
|
u_int blen = 0;
|
||||||
int allowed = 0;
|
int allowed = 0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
if (options.rsa_authentication && authctxt->valid) {
|
if (options.rsa_authentication && authctxt->valid) {
|
||||||
if ((client_n = BN_new()) == NULL)
|
if ((client_n = BN_new()) == NULL)
|
||||||
fatal("%s: BN_new", __FUNCTION__);
|
fatal("%s: BN_new", __func__);
|
||||||
buffer_get_bignum2(m, client_n);
|
buffer_get_bignum2(m, client_n);
|
||||||
allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key);
|
allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key);
|
||||||
BN_clear_free(client_n);
|
BN_clear_free(client_n);
|
||||||
|
@ -1179,7 +1179,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
|
||||||
if (allowed && key != NULL) {
|
if (allowed && key != NULL) {
|
||||||
key->type = KEY_RSA; /* cheat for key_to_blob */
|
key->type = KEY_RSA; /* cheat for key_to_blob */
|
||||||
if (key_to_blob(key, &blob, &blen) == 0)
|
if (key_to_blob(key, &blob, &blen) == 0)
|
||||||
fatal("%s: key_to_blob failed", __FUNCTION__);
|
fatal("%s: key_to_blob failed", __func__);
|
||||||
buffer_put_string(m, blob, blen);
|
buffer_put_string(m, blob, blen);
|
||||||
|
|
||||||
/* Save temporarily for comparison in verify */
|
/* Save temporarily for comparison in verify */
|
||||||
|
@ -1205,17 +1205,17 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
|
||||||
u_char *blob;
|
u_char *blob;
|
||||||
u_int blen;
|
u_int blen;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
if (!authctxt->valid)
|
if (!authctxt->valid)
|
||||||
fatal("%s: authctxt not valid", __FUNCTION__);
|
fatal("%s: authctxt not valid", __func__);
|
||||||
blob = buffer_get_string(m, &blen);
|
blob = buffer_get_string(m, &blen);
|
||||||
if (!monitor_allowed_key(blob, blen))
|
if (!monitor_allowed_key(blob, blen))
|
||||||
fatal("%s: bad key, not previously allowed", __FUNCTION__);
|
fatal("%s: bad key, not previously allowed", __func__);
|
||||||
if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY)
|
if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY)
|
||||||
fatal("%s: key type mismatch", __FUNCTION__);
|
fatal("%s: key type mismatch", __func__);
|
||||||
if ((key = key_from_blob(blob, blen)) == NULL)
|
if ((key = key_from_blob(blob, blen)) == NULL)
|
||||||
fatal("%s: received bad key", __FUNCTION__);
|
fatal("%s: received bad key", __func__);
|
||||||
|
|
||||||
if (ssh1_challenge)
|
if (ssh1_challenge)
|
||||||
BN_clear_free(ssh1_challenge);
|
BN_clear_free(ssh1_challenge);
|
||||||
|
@ -1224,7 +1224,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
buffer_put_bignum2(m, ssh1_challenge);
|
buffer_put_bignum2(m, ssh1_challenge);
|
||||||
|
|
||||||
debug3("%s sending reply", __FUNCTION__);
|
debug3("%s sending reply", __func__);
|
||||||
mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m);
|
mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m);
|
||||||
|
|
||||||
monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
|
monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
|
||||||
|
@ -1239,23 +1239,23 @@ mm_answer_rsa_response(int socket, Buffer *m)
|
||||||
u_int blen, len;
|
u_int blen, len;
|
||||||
int success;
|
int success;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
if (!authctxt->valid)
|
if (!authctxt->valid)
|
||||||
fatal("%s: authctxt not valid", __FUNCTION__);
|
fatal("%s: authctxt not valid", __func__);
|
||||||
if (ssh1_challenge == NULL)
|
if (ssh1_challenge == NULL)
|
||||||
fatal("%s: no ssh1_challenge", __FUNCTION__);
|
fatal("%s: no ssh1_challenge", __func__);
|
||||||
|
|
||||||
blob = buffer_get_string(m, &blen);
|
blob = buffer_get_string(m, &blen);
|
||||||
if (!monitor_allowed_key(blob, blen))
|
if (!monitor_allowed_key(blob, blen))
|
||||||
fatal("%s: bad key, not previously allowed", __FUNCTION__);
|
fatal("%s: bad key, not previously allowed", __func__);
|
||||||
if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY)
|
if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY)
|
||||||
fatal("%s: key type mismatch: %d", __FUNCTION__, key_blobtype);
|
fatal("%s: key type mismatch: %d", __func__, key_blobtype);
|
||||||
if ((key = key_from_blob(blob, blen)) == NULL)
|
if ((key = key_from_blob(blob, blen)) == NULL)
|
||||||
fatal("%s: received bad key", __FUNCTION__);
|
fatal("%s: received bad key", __func__);
|
||||||
response = buffer_get_string(m, &len);
|
response = buffer_get_string(m, &len);
|
||||||
if (len != 16)
|
if (len != 16)
|
||||||
fatal("%s: received bad response to challenge", __FUNCTION__);
|
fatal("%s: received bad response to challenge", __func__);
|
||||||
success = auth_rsa_verify_response(key, ssh1_challenge, response);
|
success = auth_rsa_verify_response(key, ssh1_challenge, response);
|
||||||
|
|
||||||
key_free(key);
|
key_free(key);
|
||||||
|
@ -1281,7 +1281,7 @@ mm_answer_term(int socket, Buffer *req)
|
||||||
extern struct monitor *pmonitor;
|
extern struct monitor *pmonitor;
|
||||||
int res, status;
|
int res, status;
|
||||||
|
|
||||||
debug3("%s: tearing down sessions", __FUNCTION__);
|
debug3("%s: tearing down sessions", __func__);
|
||||||
|
|
||||||
/* The child is terminating */
|
/* The child is terminating */
|
||||||
session_destroy_all(&mm_session_close);
|
session_destroy_all(&mm_session_close);
|
||||||
|
@ -1389,7 +1389,7 @@ mm_get_keystate(struct monitor *pmonitor)
|
||||||
u_char *blob, *p;
|
u_char *blob, *p;
|
||||||
u_int bloblen, plen;
|
u_int bloblen, plen;
|
||||||
|
|
||||||
debug3("%s: Waiting for new keys", __FUNCTION__);
|
debug3("%s: Waiting for new keys", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, &m);
|
mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, &m);
|
||||||
|
@ -1409,7 +1409,7 @@ mm_get_keystate(struct monitor *pmonitor)
|
||||||
current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);
|
current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
|
|
||||||
debug3("%s: Waiting for second key", __FUNCTION__);
|
debug3("%s: Waiting for second key", __func__);
|
||||||
blob = buffer_get_string(&m, &bloblen);
|
blob = buffer_get_string(&m, &bloblen);
|
||||||
current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);
|
current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
|
@ -1423,22 +1423,22 @@ mm_get_keystate(struct monitor *pmonitor)
|
||||||
child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen);
|
child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen);
|
||||||
child_state.keyin = buffer_get_string(&m, &child_state.keyinlen);
|
child_state.keyin = buffer_get_string(&m, &child_state.keyinlen);
|
||||||
|
|
||||||
debug3("%s: Getting compression state", __FUNCTION__);
|
debug3("%s: Getting compression state", __func__);
|
||||||
/* Get compression state */
|
/* Get compression state */
|
||||||
p = buffer_get_string(&m, &plen);
|
p = buffer_get_string(&m, &plen);
|
||||||
if (plen != sizeof(child_state.outgoing))
|
if (plen != sizeof(child_state.outgoing))
|
||||||
fatal("%s: bad request size", __FUNCTION__);
|
fatal("%s: bad request size", __func__);
|
||||||
memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing));
|
memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing));
|
||||||
xfree(p);
|
xfree(p);
|
||||||
|
|
||||||
p = buffer_get_string(&m, &plen);
|
p = buffer_get_string(&m, &plen);
|
||||||
if (plen != sizeof(child_state.incoming))
|
if (plen != sizeof(child_state.incoming))
|
||||||
fatal("%s: bad request size", __FUNCTION__);
|
fatal("%s: bad request size", __func__);
|
||||||
memcpy(&child_state.incoming, p, sizeof(child_state.incoming));
|
memcpy(&child_state.incoming, p, sizeof(child_state.incoming));
|
||||||
xfree(p);
|
xfree(p);
|
||||||
|
|
||||||
/* Network I/O buffers */
|
/* Network I/O buffers */
|
||||||
debug3("%s: Getting Network I/O buffers", __FUNCTION__);
|
debug3("%s: Getting Network I/O buffers", __func__);
|
||||||
child_state.input = buffer_get_string(&m, &child_state.ilen);
|
child_state.input = buffer_get_string(&m, &child_state.ilen);
|
||||||
child_state.output = buffer_get_string(&m, &child_state.olen);
|
child_state.output = buffer_get_string(&m, &child_state.olen);
|
||||||
|
|
||||||
|
@ -1487,10 +1487,10 @@ monitor_socketpair(int *pair)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_SOCKETPAIR
|
#ifdef HAVE_SOCKETPAIR
|
||||||
if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)
|
if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)
|
||||||
fatal("%s: socketpair", __FUNCTION__);
|
fatal("%s: socketpair", __func__);
|
||||||
#else
|
#else
|
||||||
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
||||||
__FUNCTION__);
|
__func__);
|
||||||
#endif
|
#endif
|
||||||
FD_CLOSEONEXEC(pair[0]);
|
FD_CLOSEONEXEC(pair[0]);
|
||||||
FD_CLOSEONEXEC(pair[1]);
|
FD_CLOSEONEXEC(pair[1]);
|
||||||
|
|
|
@ -24,7 +24,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: monitor_fdpass.c,v 1.2 2002/03/24 17:53:16 stevesk Exp $");
|
RCSID("$OpenBSD: monitor_fdpass.c,v 1.3 2002/06/04 23:05:49 markus Exp $");
|
||||||
|
|
||||||
#include <sys/uio.h>
|
#include <sys/uio.h>
|
||||||
|
|
||||||
|
@ -64,14 +64,14 @@ mm_send_fd(int socket, int fd)
|
||||||
msg.msg_iovlen = 1;
|
msg.msg_iovlen = 1;
|
||||||
|
|
||||||
if ((n = sendmsg(socket, &msg, 0)) == -1)
|
if ((n = sendmsg(socket, &msg, 0)) == -1)
|
||||||
fatal("%s: sendmsg(%d): %s", __FUNCTION__, fd,
|
fatal("%s: sendmsg(%d): %s", __func__, fd,
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
if (n != 1)
|
if (n != 1)
|
||||||
fatal("%s: sendmsg: expected sent 1 got %d",
|
fatal("%s: sendmsg: expected sent 1 got %d",
|
||||||
__FUNCTION__, n);
|
__func__, n);
|
||||||
#else
|
#else
|
||||||
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
||||||
__FUNCTION__);
|
__func__);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -102,24 +102,24 @@ mm_receive_fd(int socket)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if ((n = recvmsg(socket, &msg, 0)) == -1)
|
if ((n = recvmsg(socket, &msg, 0)) == -1)
|
||||||
fatal("%s: recvmsg: %s", __FUNCTION__, strerror(errno));
|
fatal("%s: recvmsg: %s", __func__, strerror(errno));
|
||||||
if (n != 1)
|
if (n != 1)
|
||||||
fatal("%s: recvmsg: expected received 1 got %d",
|
fatal("%s: recvmsg: expected received 1 got %d",
|
||||||
__FUNCTION__, n);
|
__func__, n);
|
||||||
|
|
||||||
#ifdef HAVE_ACCRIGHTS_IN_MSGHDR
|
#ifdef HAVE_ACCRIGHTS_IN_MSGHDR
|
||||||
if (msg.msg_accrightslen != sizeof(fd))
|
if (msg.msg_accrightslen != sizeof(fd))
|
||||||
fatal("%s: no fd", __FUNCTION__);
|
fatal("%s: no fd", __func__);
|
||||||
#else
|
#else
|
||||||
cmsg = CMSG_FIRSTHDR(&msg);
|
cmsg = CMSG_FIRSTHDR(&msg);
|
||||||
if (cmsg->cmsg_type != SCM_RIGHTS)
|
if (cmsg->cmsg_type != SCM_RIGHTS)
|
||||||
fatal("%s: expected type %d got %d", __FUNCTION__,
|
fatal("%s: expected type %d got %d", __func__,
|
||||||
SCM_RIGHTS, cmsg->cmsg_type);
|
SCM_RIGHTS, cmsg->cmsg_type);
|
||||||
fd = (*(int *)CMSG_DATA(cmsg));
|
fd = (*(int *)CMSG_DATA(cmsg));
|
||||||
#endif
|
#endif
|
||||||
return fd;
|
return fd;
|
||||||
#else
|
#else
|
||||||
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
||||||
__FUNCTION__);
|
__func__);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
12
monitor_mm.c
12
monitor_mm.c
|
@ -24,7 +24,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: monitor_mm.c,v 1.5 2002/05/28 16:45:27 stevesk Exp $");
|
RCSID("$OpenBSD: monitor_mm.c,v 1.6 2002/06/04 23:05:49 markus Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_SYS_MMAN_H
|
#ifdef HAVE_SYS_MMAN_H
|
||||||
#include <sys/mman.h>
|
#include <sys/mman.h>
|
||||||
|
@ -91,7 +91,7 @@ mm_create(struct mm_master *mmalloc, size_t size)
|
||||||
fatal("mmap(%lu): %s", (u_long)size, strerror(errnor));
|
fatal("mmap(%lu): %s", (u_long)size, strerror(errnor));
|
||||||
#else
|
#else
|
||||||
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
||||||
__FUNCTION__);
|
__func__);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
mm->address = address;
|
mm->address = address;
|
||||||
|
@ -136,7 +136,7 @@ mm_destroy(struct mm_master *mm)
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
#else
|
#else
|
||||||
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
||||||
__FUNCTION__);
|
__func__);
|
||||||
#endif
|
#endif
|
||||||
if (mm->mmalloc == NULL)
|
if (mm->mmalloc == NULL)
|
||||||
xfree(mm);
|
xfree(mm);
|
||||||
|
@ -151,7 +151,7 @@ mm_xmalloc(struct mm_master *mm, size_t size)
|
||||||
|
|
||||||
address = mm_malloc(mm, size);
|
address = mm_malloc(mm, size);
|
||||||
if (address == NULL)
|
if (address == NULL)
|
||||||
fatal("%s: mm_malloc(%lu)", __FUNCTION__, (u_long)size);
|
fatal("%s: mm_malloc(%lu)", __func__, (u_long)size);
|
||||||
return (address);
|
return (address);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -300,7 +300,7 @@ mm_share_sync(struct mm_master **pmm, struct mm_master **pmmalloc)
|
||||||
struct mm_master *mmold;
|
struct mm_master *mmold;
|
||||||
struct mmtree rb_free, rb_allocated;
|
struct mmtree rb_free, rb_allocated;
|
||||||
|
|
||||||
debug3("%s: Share sync", __FUNCTION__);
|
debug3("%s: Share sync", __func__);
|
||||||
|
|
||||||
mm = *pmm;
|
mm = *pmm;
|
||||||
mmold = mm->mmalloc;
|
mmold = mm->mmalloc;
|
||||||
|
@ -325,7 +325,7 @@ mm_share_sync(struct mm_master **pmm, struct mm_master **pmmalloc)
|
||||||
*pmm = mm;
|
*pmm = mm;
|
||||||
*pmmalloc = mmalloc;
|
*pmmalloc = mmalloc;
|
||||||
|
|
||||||
debug3("%s: Share sync end", __FUNCTION__);
|
debug3("%s: Share sync end", __func__);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
|
126
monitor_wrap.c
126
monitor_wrap.c
|
@ -25,7 +25,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: monitor_wrap.c,v 1.7 2002/05/15 15:47:49 mouring Exp $");
|
RCSID("$OpenBSD: monitor_wrap.c,v 1.8 2002/06/04 23:05:49 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
|
@ -65,14 +65,14 @@ mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
|
||||||
u_char buf[5];
|
u_char buf[5];
|
||||||
u_int mlen = buffer_len(m);
|
u_int mlen = buffer_len(m);
|
||||||
|
|
||||||
debug3("%s entering: type %d", __FUNCTION__, type);
|
debug3("%s entering: type %d", __func__, type);
|
||||||
|
|
||||||
PUT_32BIT(buf, mlen + 1);
|
PUT_32BIT(buf, mlen + 1);
|
||||||
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
|
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
|
||||||
if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf))
|
if (atomicio(write, socket, buf, sizeof(buf)) != sizeof(buf))
|
||||||
fatal("%s: write", __FUNCTION__);
|
fatal("%s: write", __func__);
|
||||||
if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen)
|
if (atomicio(write, socket, buffer_ptr(m), mlen) != mlen)
|
||||||
fatal("%s: write", __FUNCTION__);
|
fatal("%s: write", __func__);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
@ -82,22 +82,22 @@ mm_request_receive(int socket, Buffer *m)
|
||||||
ssize_t res;
|
ssize_t res;
|
||||||
u_int msg_len;
|
u_int msg_len;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
res = atomicio(read, socket, buf, sizeof(buf));
|
res = atomicio(read, socket, buf, sizeof(buf));
|
||||||
if (res != sizeof(buf)) {
|
if (res != sizeof(buf)) {
|
||||||
if (res == 0)
|
if (res == 0)
|
||||||
fatal_cleanup();
|
fatal_cleanup();
|
||||||
fatal("%s: read: %ld", __FUNCTION__, (long)res);
|
fatal("%s: read: %ld", __func__, (long)res);
|
||||||
}
|
}
|
||||||
msg_len = GET_32BIT(buf);
|
msg_len = GET_32BIT(buf);
|
||||||
if (msg_len > 256 * 1024)
|
if (msg_len > 256 * 1024)
|
||||||
fatal("%s: read: bad msg_len %d", __FUNCTION__, msg_len);
|
fatal("%s: read: bad msg_len %d", __func__, msg_len);
|
||||||
buffer_clear(m);
|
buffer_clear(m);
|
||||||
buffer_append_space(m, msg_len);
|
buffer_append_space(m, msg_len);
|
||||||
res = atomicio(read, socket, buffer_ptr(m), msg_len);
|
res = atomicio(read, socket, buffer_ptr(m), msg_len);
|
||||||
if (res != msg_len)
|
if (res != msg_len)
|
||||||
fatal("%s: read: %ld != msg_len", __FUNCTION__, (long)res);
|
fatal("%s: read: %ld != msg_len", __func__, (long)res);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
@ -105,12 +105,12 @@ mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m)
|
||||||
{
|
{
|
||||||
u_char rtype;
|
u_char rtype;
|
||||||
|
|
||||||
debug3("%s entering: type %d", __FUNCTION__, type);
|
debug3("%s entering: type %d", __func__, type);
|
||||||
|
|
||||||
mm_request_receive(socket, m);
|
mm_request_receive(socket, m);
|
||||||
rtype = buffer_get_char(m);
|
rtype = buffer_get_char(m);
|
||||||
if (rtype != type)
|
if (rtype != type)
|
||||||
fatal("%s: read: rtype %d != type %d", __FUNCTION__,
|
fatal("%s: read: rtype %d != type %d", __func__,
|
||||||
rtype, type);
|
rtype, type);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -128,21 +128,21 @@ mm_choose_dh(int min, int nbits, int max)
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, &m);
|
||||||
|
|
||||||
debug3("%s: waiting for MONITOR_ANS_MODULI", __FUNCTION__);
|
debug3("%s: waiting for MONITOR_ANS_MODULI", __func__);
|
||||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, &m);
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, &m);
|
||||||
|
|
||||||
success = buffer_get_char(&m);
|
success = buffer_get_char(&m);
|
||||||
if (success == 0)
|
if (success == 0)
|
||||||
fatal("%s: MONITOR_ANS_MODULI failed", __FUNCTION__);
|
fatal("%s: MONITOR_ANS_MODULI failed", __func__);
|
||||||
|
|
||||||
if ((p = BN_new()) == NULL)
|
if ((p = BN_new()) == NULL)
|
||||||
fatal("%s: BN_new failed", __FUNCTION__);
|
fatal("%s: BN_new failed", __func__);
|
||||||
if ((g = BN_new()) == NULL)
|
if ((g = BN_new()) == NULL)
|
||||||
fatal("%s: BN_new failed", __FUNCTION__);
|
fatal("%s: BN_new failed", __func__);
|
||||||
buffer_get_bignum2(&m, p);
|
buffer_get_bignum2(&m, p);
|
||||||
buffer_get_bignum2(&m, g);
|
buffer_get_bignum2(&m, g);
|
||||||
|
|
||||||
debug3("%s: remaining %d", __FUNCTION__, buffer_len(&m));
|
debug3("%s: remaining %d", __func__, buffer_len(&m));
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
|
||||||
return (dh_new_group(g, p));
|
return (dh_new_group(g, p));
|
||||||
|
@ -154,7 +154,7 @@ mm_key_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen)
|
||||||
Kex *kex = *pmonitor->m_pkex;
|
Kex *kex = *pmonitor->m_pkex;
|
||||||
Buffer m;
|
Buffer m;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
buffer_put_int(&m, kex->host_key_index(key));
|
buffer_put_int(&m, kex->host_key_index(key));
|
||||||
|
@ -162,7 +162,7 @@ mm_key_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen)
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m);
|
||||||
|
|
||||||
debug3("%s: waiting for MONITOR_ANS_SIGN", __FUNCTION__);
|
debug3("%s: waiting for MONITOR_ANS_SIGN", __func__);
|
||||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m);
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m);
|
||||||
*sigp = buffer_get_string(&m, lenp);
|
*sigp = buffer_get_string(&m, lenp);
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
@ -177,14 +177,14 @@ mm_getpwnamallow(const char *login)
|
||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
u_int pwlen;
|
u_int pwlen;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
buffer_put_cstring(&m, login);
|
buffer_put_cstring(&m, login);
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m);
|
||||||
|
|
||||||
debug3("%s: waiting for MONITOR_ANS_PWNAM", __FUNCTION__);
|
debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__);
|
||||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m);
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m);
|
||||||
|
|
||||||
if (buffer_get_char(&m) == 0) {
|
if (buffer_get_char(&m) == 0) {
|
||||||
|
@ -193,7 +193,7 @@ mm_getpwnamallow(const char *login)
|
||||||
}
|
}
|
||||||
pw = buffer_get_string(&m, &pwlen);
|
pw = buffer_get_string(&m, &pwlen);
|
||||||
if (pwlen != sizeof(struct passwd))
|
if (pwlen != sizeof(struct passwd))
|
||||||
fatal("%s: struct passwd size mismatch", __FUNCTION__);
|
fatal("%s: struct passwd size mismatch", __func__);
|
||||||
pw->pw_name = buffer_get_string(&m, NULL);
|
pw->pw_name = buffer_get_string(&m, NULL);
|
||||||
pw->pw_passwd = buffer_get_string(&m, NULL);
|
pw->pw_passwd = buffer_get_string(&m, NULL);
|
||||||
pw->pw_gecos = buffer_get_string(&m, NULL);
|
pw->pw_gecos = buffer_get_string(&m, NULL);
|
||||||
|
@ -212,7 +212,7 @@ char* mm_auth2_read_banner(void)
|
||||||
Buffer m;
|
Buffer m;
|
||||||
char *banner;
|
char *banner;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m);
|
||||||
|
@ -232,7 +232,7 @@ mm_inform_authserv(char *service, char *style)
|
||||||
{
|
{
|
||||||
Buffer m;
|
Buffer m;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
buffer_put_cstring(&m, service);
|
buffer_put_cstring(&m, service);
|
||||||
|
@ -250,13 +250,13 @@ mm_auth_password(Authctxt *authctxt, char *password)
|
||||||
Buffer m;
|
Buffer m;
|
||||||
int authenticated = 0;
|
int authenticated = 0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
buffer_put_cstring(&m, password);
|
buffer_put_cstring(&m, password);
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m);
|
||||||
|
|
||||||
debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __FUNCTION__);
|
debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__);
|
||||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m);
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m);
|
||||||
|
|
||||||
authenticated = buffer_get_int(&m);
|
authenticated = buffer_get_int(&m);
|
||||||
|
@ -264,7 +264,7 @@ mm_auth_password(Authctxt *authctxt, char *password)
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
|
||||||
debug3("%s: user %sauthenticated",
|
debug3("%s: user %sauthenticated",
|
||||||
__FUNCTION__, authenticated ? "" : "not ");
|
__func__, authenticated ? "" : "not ");
|
||||||
return (authenticated);
|
return (authenticated);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -300,7 +300,7 @@ mm_send_debug(Buffer *m)
|
||||||
|
|
||||||
while (buffer_len(m)) {
|
while (buffer_len(m)) {
|
||||||
msg = buffer_get_string(m, NULL);
|
msg = buffer_get_string(m, NULL);
|
||||||
debug3("%s: Sending debug: %s", __FUNCTION__, msg);
|
debug3("%s: Sending debug: %s", __func__, msg);
|
||||||
packet_send_debug("%s", msg);
|
packet_send_debug("%s", msg);
|
||||||
xfree(msg);
|
xfree(msg);
|
||||||
}
|
}
|
||||||
|
@ -314,7 +314,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
|
||||||
u_int len;
|
u_int len;
|
||||||
int allowed = 0;
|
int allowed = 0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
/* Convert the key to a blob and the pass it over */
|
/* Convert the key to a blob and the pass it over */
|
||||||
if (!key_to_blob(key, &blob, &len))
|
if (!key_to_blob(key, &blob, &len))
|
||||||
|
@ -329,7 +329,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m);
|
||||||
|
|
||||||
debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __FUNCTION__);
|
debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__);
|
||||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m);
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m);
|
||||||
|
|
||||||
allowed = buffer_get_int(&m);
|
allowed = buffer_get_int(&m);
|
||||||
|
@ -356,7 +356,7 @@ mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
||||||
u_int len;
|
u_int len;
|
||||||
int verified = 0;
|
int verified = 0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
/* Convert the key to a blob and the pass it over */
|
/* Convert the key to a blob and the pass it over */
|
||||||
if (!key_to_blob(key, &blob, &len))
|
if (!key_to_blob(key, &blob, &len))
|
||||||
|
@ -370,7 +370,7 @@ mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);
|
||||||
|
|
||||||
debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __FUNCTION__);
|
debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__);
|
||||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m);
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m);
|
||||||
|
|
||||||
verified = buffer_get_int(&m);
|
verified = buffer_get_int(&m);
|
||||||
|
@ -391,7 +391,7 @@ mm_newkeys_from_blob(u_char *blob, int blen)
|
||||||
Mac *mac;
|
Mac *mac;
|
||||||
Comp *comp;
|
Comp *comp;
|
||||||
|
|
||||||
debug3("%s: %p(%d)", __FUNCTION__, blob, blen);
|
debug3("%s: %p(%d)", __func__, blob, blen);
|
||||||
#ifdef DEBUG_PK
|
#ifdef DEBUG_PK
|
||||||
dump_base64(stderr, blob, blen);
|
dump_base64(stderr, blob, blen);
|
||||||
#endif
|
#endif
|
||||||
|
@ -411,21 +411,21 @@ mm_newkeys_from_blob(u_char *blob, int blen)
|
||||||
enc->key = buffer_get_string(&b, &enc->key_len);
|
enc->key = buffer_get_string(&b, &enc->key_len);
|
||||||
enc->iv = buffer_get_string(&b, &len);
|
enc->iv = buffer_get_string(&b, &len);
|
||||||
if (len != enc->block_size)
|
if (len != enc->block_size)
|
||||||
fatal("%s: bad ivlen: expected %d != %d", __FUNCTION__,
|
fatal("%s: bad ivlen: expected %d != %d", __func__,
|
||||||
enc->block_size, len);
|
enc->block_size, len);
|
||||||
|
|
||||||
if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher)
|
if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher)
|
||||||
fatal("%s: bad cipher name %s or pointer %p", __FUNCTION__,
|
fatal("%s: bad cipher name %s or pointer %p", __func__,
|
||||||
enc->name, enc->cipher);
|
enc->name, enc->cipher);
|
||||||
|
|
||||||
/* Mac structure */
|
/* Mac structure */
|
||||||
mac->name = buffer_get_string(&b, NULL);
|
mac->name = buffer_get_string(&b, NULL);
|
||||||
if (mac->name == NULL || mac_init(mac, mac->name) == -1)
|
if (mac->name == NULL || mac_init(mac, mac->name) == -1)
|
||||||
fatal("%s: can not init mac %s", __FUNCTION__, mac->name);
|
fatal("%s: can not init mac %s", __func__, mac->name);
|
||||||
mac->enabled = buffer_get_int(&b);
|
mac->enabled = buffer_get_int(&b);
|
||||||
mac->key = buffer_get_string(&b, &len);
|
mac->key = buffer_get_string(&b, &len);
|
||||||
if (len > mac->key_len)
|
if (len > mac->key_len)
|
||||||
fatal("%s: bad mac key lenght: %d > %d", __FUNCTION__, len,
|
fatal("%s: bad mac key lenght: %d > %d", __func__, len,
|
||||||
mac->key_len);
|
mac->key_len);
|
||||||
mac->key_len = len;
|
mac->key_len = len;
|
||||||
|
|
||||||
|
@ -452,10 +452,10 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
|
||||||
Comp *comp;
|
Comp *comp;
|
||||||
Newkeys *newkey = newkeys[mode];
|
Newkeys *newkey = newkeys[mode];
|
||||||
|
|
||||||
debug3("%s: converting %p", __FUNCTION__, newkey);
|
debug3("%s: converting %p", __func__, newkey);
|
||||||
|
|
||||||
if (newkey == NULL) {
|
if (newkey == NULL) {
|
||||||
error("%s: newkey == NULL", __FUNCTION__);
|
error("%s: newkey == NULL", __func__);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
enc = &newkey->enc;
|
enc = &newkey->enc;
|
||||||
|
@ -526,7 +526,7 @@ mm_send_keystate(struct monitor *pmonitor)
|
||||||
|
|
||||||
buffer_put_int(&m, packet_get_ssh1_cipher());
|
buffer_put_int(&m, packet_get_ssh1_cipher());
|
||||||
|
|
||||||
debug3("%s: Sending ssh1 IV", __FUNCTION__);
|
debug3("%s: Sending ssh1 IV", __func__);
|
||||||
ivlen = packet_get_keyiv_len(MODE_OUT);
|
ivlen = packet_get_keyiv_len(MODE_OUT);
|
||||||
packet_get_keyiv(MODE_OUT, iv, ivlen);
|
packet_get_keyiv(MODE_OUT, iv, ivlen);
|
||||||
buffer_put_string(&m, iv, ivlen);
|
buffer_put_string(&m, iv, ivlen);
|
||||||
|
@ -540,17 +540,17 @@ mm_send_keystate(struct monitor *pmonitor)
|
||||||
}
|
}
|
||||||
|
|
||||||
debug3("%s: Sending new keys: %p %p",
|
debug3("%s: Sending new keys: %p %p",
|
||||||
__FUNCTION__, newkeys[MODE_OUT], newkeys[MODE_IN]);
|
__func__, newkeys[MODE_OUT], newkeys[MODE_IN]);
|
||||||
|
|
||||||
/* Keys from Kex */
|
/* Keys from Kex */
|
||||||
if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
|
if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
|
||||||
fatal("%s: conversion of newkeys failed", __FUNCTION__);
|
fatal("%s: conversion of newkeys failed", __func__);
|
||||||
|
|
||||||
buffer_put_string(&m, blob, bloblen);
|
buffer_put_string(&m, blob, bloblen);
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
|
|
||||||
if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))
|
if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))
|
||||||
fatal("%s: conversion of newkeys failed", __FUNCTION__);
|
fatal("%s: conversion of newkeys failed", __func__);
|
||||||
|
|
||||||
buffer_put_string(&m, blob, bloblen);
|
buffer_put_string(&m, blob, bloblen);
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
|
@ -558,7 +558,7 @@ mm_send_keystate(struct monitor *pmonitor)
|
||||||
buffer_put_int(&m, packet_get_seqnr(MODE_OUT));
|
buffer_put_int(&m, packet_get_seqnr(MODE_OUT));
|
||||||
buffer_put_int(&m, packet_get_seqnr(MODE_IN));
|
buffer_put_int(&m, packet_get_seqnr(MODE_IN));
|
||||||
|
|
||||||
debug3("%s: New keys have been sent", __FUNCTION__);
|
debug3("%s: New keys have been sent", __func__);
|
||||||
skip:
|
skip:
|
||||||
/* More key context */
|
/* More key context */
|
||||||
plen = packet_get_keycontext(MODE_OUT, NULL);
|
plen = packet_get_keycontext(MODE_OUT, NULL);
|
||||||
|
@ -574,7 +574,7 @@ mm_send_keystate(struct monitor *pmonitor)
|
||||||
xfree(p);
|
xfree(p);
|
||||||
|
|
||||||
/* Compression state */
|
/* Compression state */
|
||||||
debug3("%s: Sending compression state", __FUNCTION__);
|
debug3("%s: Sending compression state", __func__);
|
||||||
buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
|
buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
|
||||||
buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
|
buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
|
||||||
|
|
||||||
|
@ -583,7 +583,7 @@ mm_send_keystate(struct monitor *pmonitor)
|
||||||
buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output));
|
buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output));
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m);
|
||||||
debug3("%s: Finished sending state", __FUNCTION__);
|
debug3("%s: Finished sending state", __func__);
|
||||||
|
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
}
|
}
|
||||||
|
@ -598,12 +598,12 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m);
|
||||||
|
|
||||||
debug3("%s: waiting for MONITOR_ANS_PTY", __FUNCTION__);
|
debug3("%s: waiting for MONITOR_ANS_PTY", __func__);
|
||||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m);
|
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m);
|
||||||
|
|
||||||
success = buffer_get_int(&m);
|
success = buffer_get_int(&m);
|
||||||
if (success == 0) {
|
if (success == 0) {
|
||||||
debug3("%s: pty alloc failed", __FUNCTION__);
|
debug3("%s: pty alloc failed", __func__);
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
@ -647,7 +647,7 @@ mm_start_pam(char *user)
|
||||||
{
|
{
|
||||||
Buffer m;
|
Buffer m;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
buffer_put_cstring(&m, user);
|
buffer_put_cstring(&m, user);
|
||||||
|
@ -710,7 +710,7 @@ mm_bsdauth_query(void *ctx, char **name, char **infotxt,
|
||||||
int res;
|
int res;
|
||||||
char *challenge;
|
char *challenge;
|
||||||
|
|
||||||
debug3("%s: entering", __FUNCTION__);
|
debug3("%s: entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m);
|
||||||
|
@ -719,7 +719,7 @@ mm_bsdauth_query(void *ctx, char **name, char **infotxt,
|
||||||
&m);
|
&m);
|
||||||
res = buffer_get_int(&m);
|
res = buffer_get_int(&m);
|
||||||
if (res == -1) {
|
if (res == -1) {
|
||||||
debug3("%s: no challenge", __FUNCTION__);
|
debug3("%s: no challenge", __func__);
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
|
@ -731,7 +731,7 @@ mm_bsdauth_query(void *ctx, char **name, char **infotxt,
|
||||||
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
|
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
|
||||||
(*prompts)[0] = challenge;
|
(*prompts)[0] = challenge;
|
||||||
|
|
||||||
debug3("%s: received challenge: %s", __FUNCTION__, challenge);
|
debug3("%s: received challenge: %s", __func__, challenge);
|
||||||
|
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
@ -742,7 +742,7 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses)
|
||||||
Buffer m;
|
Buffer m;
|
||||||
int authok;
|
int authok;
|
||||||
|
|
||||||
debug3("%s: entering", __FUNCTION__);
|
debug3("%s: entering", __func__);
|
||||||
if (numresponses != 1)
|
if (numresponses != 1)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
|
@ -767,7 +767,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
|
||||||
int len, res;
|
int len, res;
|
||||||
char *p, *challenge;
|
char *p, *challenge;
|
||||||
|
|
||||||
debug3("%s: entering", __FUNCTION__);
|
debug3("%s: entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m);
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m);
|
||||||
|
@ -776,7 +776,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
|
||||||
&m);
|
&m);
|
||||||
res = buffer_get_int(&m);
|
res = buffer_get_int(&m);
|
||||||
if (res == -1) {
|
if (res == -1) {
|
||||||
debug3("%s: no challenge", __FUNCTION__);
|
debug3("%s: no challenge", __func__);
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
|
@ -785,7 +785,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
|
||||||
challenge = buffer_get_string(&m, NULL);
|
challenge = buffer_get_string(&m, NULL);
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
|
||||||
debug3("%s: received challenge: %s", __FUNCTION__, challenge);
|
debug3("%s: received challenge: %s", __func__, challenge);
|
||||||
|
|
||||||
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
|
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
|
||||||
|
|
||||||
|
@ -805,7 +805,7 @@ mm_skey_respond(void *ctx, u_int numresponses, char **responses)
|
||||||
Buffer m;
|
Buffer m;
|
||||||
int authok;
|
int authok;
|
||||||
|
|
||||||
debug3("%s: entering", __FUNCTION__);
|
debug3("%s: entering", __func__);
|
||||||
if (numresponses != 1)
|
if (numresponses != 1)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
|
@ -828,7 +828,7 @@ mm_ssh1_session_id(u_char session_id[16])
|
||||||
Buffer m;
|
Buffer m;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
for (i = 0; i < 16; i++)
|
for (i = 0; i < 16; i++)
|
||||||
|
@ -847,7 +847,7 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||||
u_int blen;
|
u_int blen;
|
||||||
int allowed = 0;
|
int allowed = 0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
buffer_put_bignum2(&m, client_n);
|
buffer_put_bignum2(&m, client_n);
|
||||||
|
@ -860,7 +860,7 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||||
if (allowed && rkey != NULL) {
|
if (allowed && rkey != NULL) {
|
||||||
blob = buffer_get_string(&m, &blen);
|
blob = buffer_get_string(&m, &blen);
|
||||||
if ((key = key_from_blob(blob, blen)) == NULL)
|
if ((key = key_from_blob(blob, blen)) == NULL)
|
||||||
fatal("%s: key_from_blob failed", __FUNCTION__);
|
fatal("%s: key_from_blob failed", __func__);
|
||||||
*rkey = key;
|
*rkey = key;
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
}
|
}
|
||||||
|
@ -878,14 +878,14 @@ mm_auth_rsa_generate_challenge(Key *key)
|
||||||
u_char *blob;
|
u_char *blob;
|
||||||
u_int blen;
|
u_int blen;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
if ((challenge = BN_new()) == NULL)
|
if ((challenge = BN_new()) == NULL)
|
||||||
fatal("%s: BN_new failed", __FUNCTION__);
|
fatal("%s: BN_new failed", __func__);
|
||||||
|
|
||||||
key->type = KEY_RSA; /* XXX cheat for key_to_blob */
|
key->type = KEY_RSA; /* XXX cheat for key_to_blob */
|
||||||
if (key_to_blob(key, &blob, &blen) == 0)
|
if (key_to_blob(key, &blob, &blen) == 0)
|
||||||
fatal("%s: key_to_blob failed", __FUNCTION__);
|
fatal("%s: key_to_blob failed", __func__);
|
||||||
key->type = KEY_RSA1;
|
key->type = KEY_RSA1;
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
|
@ -909,11 +909,11 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
|
||||||
u_int blen;
|
u_int blen;
|
||||||
int success = 0;
|
int success = 0;
|
||||||
|
|
||||||
debug3("%s entering", __FUNCTION__);
|
debug3("%s entering", __func__);
|
||||||
|
|
||||||
key->type = KEY_RSA; /* XXX cheat for key_to_blob */
|
key->type = KEY_RSA; /* XXX cheat for key_to_blob */
|
||||||
if (key_to_blob(key, &blob, &blen) == 0)
|
if (key_to_blob(key, &blob, &blen) == 0)
|
||||||
fatal("%s: key_to_blob failed", __FUNCTION__);
|
fatal("%s: key_to_blob failed", __func__);
|
||||||
key->type = KEY_RSA1;
|
key->type = KEY_RSA1;
|
||||||
|
|
||||||
buffer_init(&m);
|
buffer_init(&m);
|
||||||
|
|
Loading…
Reference in New Issue