OpenCoverage

monitor_wrap.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/monitor_wrap.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: monitor_wrap.c,v 1.107 2018/07/20 03:46:34 djm Exp $ */-
2/*-
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>-
4 * Copyright 2002 Markus Friedl <markus@openbsd.org>-
5 * All rights reserved.-
6 *-
7 * Redistribution and use in source and binary forms, with or without-
8 * modification, are permitted provided that the following conditions-
9 * are met:-
10 * 1. Redistributions of source code must retain the above copyright-
11 * notice, this list of conditions and the following disclaimer.-
12 * 2. Redistributions in binary form must reproduce the above copyright-
13 * notice, this list of conditions and the following disclaimer in the-
14 * documentation and/or other materials provided with the distribution.-
15 *-
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR-
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES-
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.-
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,-
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,-
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY-
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT-
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF-
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.-
26 */-
27-
28#include "includes.h"-
29-
30#include <sys/types.h>-
31#include <sys/uio.h>-
32-
33#include <errno.h>-
34#include <pwd.h>-
35#include <signal.h>-
36#include <stdarg.h>-
37#include <stdio.h>-
38#include <string.h>-
39#include <unistd.h>-
40-
41#ifdef WITH_OPENSSL-
42#include <openssl/bn.h>-
43#include <openssl/dh.h>-
44#include <openssl/evp.h>-
45#endif-
46-
47#include "openbsd-compat/sys-queue.h"-
48#include "xmalloc.h"-
49#include "ssh.h"-
50#ifdef WITH_OPENSSL-
51#include "dh.h"-
52#endif-
53#include "sshbuf.h"-
54#include "sshkey.h"-
55#include "cipher.h"-
56#include "kex.h"-
57#include "hostfile.h"-
58#include "auth.h"-
59#include "auth-options.h"-
60#include "packet.h"-
61#include "mac.h"-
62#include "log.h"-
63#include "auth-pam.h"-
64#include "monitor.h"-
65#ifdef GSSAPI-
66#include "ssh-gss.h"-
67#endif-
68#include "monitor_wrap.h"-
69#include "atomicio.h"-
70#include "monitor_fdpass.h"-
71#include "misc.h"-
72-
73#include "channels.h"-
74#include "session.h"-
75#include "servconf.h"-
76-
77#include "ssherr.h"-
78-
79/* Imports */-
80extern struct monitor *pmonitor;-
81extern struct sshbuf *loginmsg;-
82extern ServerOptions options;-
83-
84void-
85mm_log_handler(LogLevel level, const char *msg, void *ctx)-
86{-
87 struct sshbuf *log_msg;-
88 struct monitor *mon = (struct monitor *)ctx;-
89 int r;-
90 size_t len;-
91-
92 if (mon->m_log_sendfd == -1)
mon->m_log_sendfd == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
93 fatal("%s: no log channel", __func__);
never executed: fatal("%s: no log channel", __func__);
0
94-
95 if ((log_msg = sshbuf_new()) == NULL)
(log_msg = ssh...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
96 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
97-
98 if ((r = sshbuf_put_u32(log_msg, 0)) != 0 || /* length; filled below */
(r = sshbuf_pu..._msg, 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
99 (r = sshbuf_put_u32(log_msg, level)) != 0 ||
(r = sshbuf_pu..., level)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
100 (r = sshbuf_put_cstring(log_msg, msg)) != 0)
(r = sshbuf_pu...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
101 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
102 if ((len = sshbuf_len(log_msg)) < 4 || len > 0xffffffff)
(len = sshbuf_...(log_msg)) < 4Description
TRUEnever evaluated
FALSEnever evaluated
len > 0xffffffffDescription
TRUEnever evaluated
FALSEnever evaluated
0
103 fatal("%s: bad length %zu", __func__, len);
never executed: fatal("%s: bad length %zu", __func__, len);
0
104 POKE_U32(sshbuf_mutable_ptr(log_msg), len - 4);-
105 if (atomicio(vwrite, mon->m_log_sendfd,
atomicio((ssiz...), len) != lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
106 sshbuf_mutable_ptr(log_msg), len) != len)
atomicio((ssiz...), len) != lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
107 fatal("%s: write: %s", __func__, strerror(errno));
never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) ));
0
108 sshbuf_free(log_msg);-
109}
never executed: end of block
0
110-
111int-
112mm_is_monitor(void)-
113{-
114 /*-
115 * m_pid is only set in the privileged part, and-
116 * points to the unprivileged child.-
117 */-
118 return (pmonitor && pmonitor->m_pid > 0);
never executed: return (pmonitor && pmonitor->m_pid > 0);
pmonitorDescription
TRUEnever evaluated
FALSEnever evaluated
pmonitor->m_pid > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
119}-
120-
121void-
122mm_request_send(int sock, enum monitor_reqtype type, struct sshbuf *m)-
123{-
124 size_t mlen = sshbuf_len(m);-
125 u_char buf[5];-
126-
127 debug3("%s entering: type %d", __func__, type);-
128-
129 if (mlen >= 0xffffffff)
mlen >= 0xffffffffDescription
TRUEnever evaluated
FALSEnever evaluated
0
130 fatal("%s: bad length %zu", __func__, mlen);
never executed: fatal("%s: bad length %zu", __func__, mlen);
0
131 POKE_U32(buf, mlen + 1);-
132 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */-
133 if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf))
atomicio((ssiz...!= sizeof(buf)Description
TRUEnever evaluated
FALSEnever evaluated
0
134 fatal("%s: write: %s", __func__, strerror(errno));
never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) ));
0
135 if (atomicio(vwrite, sock, sshbuf_mutable_ptr(m), mlen) != mlen)
atomicio((ssiz... mlen) != mlenDescription
TRUEnever evaluated
FALSEnever evaluated
0
136 fatal("%s: write: %s", __func__, strerror(errno));
never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) ));
0
137}
never executed: end of block
0
138-
139void-
140mm_request_receive(int sock, struct sshbuf *m)-
141{-
142 u_char buf[4], *p = NULL;-
143 u_int msg_len;-
144 int r;-
145-
146 debug3("%s entering", __func__);-
147-
148 if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) {
atomicio(read,...!= sizeof(buf)Description
TRUEnever evaluated
FALSEnever evaluated
0
149 if (errno == EPIPE)
(*__errno_location ()) == 32Description
TRUEnever evaluated
FALSEnever evaluated
0
150 cleanup_exit(255);
never executed: cleanup_exit(255);
0
151 fatal("%s: read: %s", __func__, strerror(errno));-
152 }
never executed: end of block
0
153 msg_len = PEEK_U32(buf);-
154 if (msg_len > 256 * 1024)
msg_len > 256 * 1024Description
TRUEnever evaluated
FALSEnever evaluated
0
155 fatal("%s: read: bad msg_len %d", __func__, msg_len);
never executed: fatal("%s: read: bad msg_len %d", __func__, msg_len);
0
156 sshbuf_reset(m);-
157 if ((r = sshbuf_reserve(m, msg_len, &p)) != 0)
(r = sshbuf_re...len, &p)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
158 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
159 if (atomicio(read, sock, p, msg_len) != msg_len)
atomicio(read,...en) != msg_lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
160 fatal("%s: read: %s", __func__, strerror(errno));
never executed: fatal("%s: read: %s", __func__, strerror( (*__errno_location ()) ));
0
161}
never executed: end of block
0
162-
163void-
164mm_request_receive_expect(int sock, enum monitor_reqtype type, struct sshbuf *m)-
165{-
166 u_char rtype;-
167 int r;-
168-
169 debug3("%s entering: type %d", __func__, type);-
170-
171 mm_request_receive(sock, m);-
172 if ((r = sshbuf_get_u8(m, &rtype)) != 0)
(r = sshbuf_ge... &rtype)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
173 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
174 if (rtype != type)
rtype != typeDescription
TRUEnever evaluated
FALSEnever evaluated
0
175 fatal("%s: read: rtype %d != type %d", __func__,
never executed: fatal("%s: read: rtype %d != type %d", __func__, rtype, type);
0
176 rtype, type);
never executed: fatal("%s: read: rtype %d != type %d", __func__, rtype, type);
0
177}
never executed: end of block
0
178-
179#ifdef WITH_OPENSSL-
180DH *-
181mm_choose_dh(int min, int nbits, int max)-
182{-
183 BIGNUM *p, *g;-
184 int r;-
185 u_char success = 0;-
186 struct sshbuf *m;-
187-
188 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
189 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
190 if ((r = sshbuf_put_u32(m, min)) != 0 ||
(r = sshbuf_pu...(m, min)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
191 (r = sshbuf_put_u32(m, nbits)) != 0 ||
(r = sshbuf_pu..., nbits)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
192 (r = sshbuf_put_u32(m, max)) != 0)
(r = sshbuf_pu...(m, max)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
193 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
194-
195 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, m);-
196-
197 debug3("%s: waiting for MONITOR_ANS_MODULI", __func__);-
198 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, m);-
199-
200 if ((r = sshbuf_get_u8(m, &success)) != 0)
(r = sshbuf_ge...success)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
201 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
202 if (success == 0)
success == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
203 fatal("%s: MONITOR_ANS_MODULI failed", __func__);
never executed: fatal("%s: MONITOR_ANS_MODULI failed", __func__);
0
204-
205 if ((p = BN_new()) == NULL)
(p = BN_new()) == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
206 fatal("%s: BN_new failed", __func__);
never executed: fatal("%s: BN_new failed", __func__);
0
207 if ((g = BN_new()) == NULL)
(g = BN_new()) == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
208 fatal("%s: BN_new failed", __func__);
never executed: fatal("%s: BN_new failed", __func__);
0
209 if ((r = sshbuf_get_bignum2(m, p)) != 0 ||
(r = sshbuf_ge...m2(m, p)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
210 (r = sshbuf_get_bignum2(m, g)) != 0)
(r = sshbuf_ge...m2(m, g)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
211 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
212-
213 debug3("%s: remaining %zu", __func__, sshbuf_len(m));-
214 sshbuf_free(m);-
215-
216 return (dh_new_group(g, p));
never executed: return (dh_new_group(g, p));
0
217}-
218#endif-
219-
220int-
221mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp,-
222 const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat)-
223{-
224 struct kex *kex = *pmonitor->m_pkex;-
225 struct sshbuf *m;-
226 u_int ndx = kex->host_key_index(key, 0, active_state);-
227 int r;-
228-
229 debug3("%s entering", __func__);-
230-
231 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
232 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
233 if ((r = sshbuf_put_u32(m, ndx)) != 0 ||
(r = sshbuf_pu...(m, ndx)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
234 (r = sshbuf_put_string(m, data, datalen)) != 0 ||
(r = sshbuf_pu...datalen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
235 (r = sshbuf_put_cstring(m, hostkey_alg)) != 0 ||
(r = sshbuf_pu...key_alg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
236 (r = sshbuf_put_u32(m, compat)) != 0)
(r = sshbuf_pu... compat)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
237 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
238-
239 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, m);-
240-
241 debug3("%s: waiting for MONITOR_ANS_SIGN", __func__);-
242 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, m);-
243 if ((r = sshbuf_get_string(m, sigp, lenp)) != 0)
(r = sshbuf_ge...p, lenp)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
244 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
245 sshbuf_free(m);-
246-
247 return (0);
never executed: return (0);
0
248}-
249-
250struct passwd *-
251mm_getpwnamallow(const char *username)-
252{-
253 struct ssh *ssh = active_state; /* XXX */-
254 struct sshbuf *m;-
255 struct passwd *pw;-
256 size_t len;-
257 u_int i;-
258 ServerOptions *newopts;-
259 int r;-
260 u_char ok;-
261 const u_char *p;-
262-
263 debug3("%s entering", __func__);-
264-
265 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
266 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
267 if ((r = sshbuf_put_cstring(m, username)) != 0)
(r = sshbuf_pu...sername)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
268 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
269-
270 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, m);-
271-
272 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__);-
273 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, m);-
274-
275 if ((r = sshbuf_get_u8(m, &ok)) != 0)
(r = sshbuf_ge...(m, &ok)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
276 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
277 if (ok == 0) {
ok == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
278 pw = NULL;-
279 goto out;
never executed: goto out;
0
280 }-
281-
282 /* XXX don't like passing struct passwd like this */-
283 pw = xcalloc(sizeof(*pw), 1);-
284 if ((r = sshbuf_get_string_direct(m, &p, &len)) != 0)
(r = sshbuf_ge...p, &len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
285 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
286 if (len != sizeof(*pw))
len != sizeof(*pw)Description
TRUEnever evaluated
FALSEnever evaluated
0
287 fatal("%s: struct passwd size mismatch", __func__);
never executed: fatal("%s: struct passwd size mismatch", __func__);
0
288 memcpy(pw, p, sizeof(*pw));-
289-
290 if ((r = sshbuf_get_cstring(m, &pw->pw_name, NULL)) != 0 ||
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
291 (r = sshbuf_get_cstring(m, &pw->pw_passwd, NULL)) != 0 ||
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
292#ifdef HAVE_STRUCT_PASSWD_PW_GECOS-
293 (r = sshbuf_get_cstring(m, &pw->pw_gecos, NULL)) != 0 ||
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
294#endif-
295#ifdef HAVE_STRUCT_PASSWD_PW_CLASS-
296 (r = sshbuf_get_cstring(m, &pw->pw_class, NULL)) != 0 ||-
297#endif-
298 (r = sshbuf_get_cstring(m, &pw->pw_dir, NULL)) != 0 ||
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
299 (r = sshbuf_get_cstring(m, &pw->pw_shell, NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
300 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
301-
302out:
code before this statement never executed: out:
0
303 /* copy options block as a Match directive may have changed some */-
304 if ((r = sshbuf_get_string_direct(m, &p, &len)) != 0)
(r = sshbuf_ge...p, &len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
305 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
306 if (len != sizeof(*newopts))
len != sizeof(*newopts)Description
TRUEnever evaluated
FALSEnever evaluated
0
307 fatal("%s: option block size mismatch", __func__);
never executed: fatal("%s: option block size mismatch", __func__);
0
308 newopts = xcalloc(sizeof(*newopts), 1);-
309 memcpy(newopts, p, sizeof(*newopts));-
310-
311#define M_CP_STROPT(x) do { \-
312 if (newopts->x != NULL) { \-
313 if ((r = sshbuf_get_cstring(m, \-
314 &newopts->x, NULL)) != 0) \-
315 fatal("%s: buffer error: %s", \-
316 __func__, ssh_err(r)); \-
317 } \-
318 } while (0)-
319#define M_CP_STRARRAYOPT(x, nx) do { \-
320 newopts->x = newopts->nx == 0 ? \-
321 NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \-
322 for (i = 0; i < newopts->nx; i++) { \-
323 if ((r = sshbuf_get_cstring(m, \-
324 &newopts->x[i], NULL)) != 0) \-
325 fatal("%s: buffer error: %s", \-
326 __func__, ssh_err(r)); \-
327 } \-
328 } while (0)-
329 /* See comment in servconf.h */-
330 COPY_MATCH_STRING_OPTS();
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: end of block
newopts->banner != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->trust...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->revok...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->autho...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->autho...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->autho...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->autho...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->autho...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->hostb...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->pubke...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->ca_si...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->routi...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->permi...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
i < newopts->n...authkeys_filesDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->num_allow_usersDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->num_deny_usersDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->num_allow_groupsDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->num_deny_groupsDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->num_accept_envDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->num_auth_methodsDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->n...ermitted_opensDescription
TRUEnever evaluated
FALSEnever evaluated
i < newopts->n...mitted_listensDescription
TRUEnever evaluated
FALSEnever evaluated
newopts->num_a...eys_files == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_allow_users == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_deny_users == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_allow_groups == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_deny_groups == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_accept_env == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_auth_methods == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_p...ted_opens == 0Description
TRUEnever evaluated
FALSEnever evaluated
newopts->num_p...d_listens == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
331#undef M_CP_STROPT-
332#undef M_CP_STRARRAYOPT-
333-
334 copy_set_server_options(&options, newopts, 1);-
335 log_change_level(options.log_level);-
336 process_permitopen(ssh, &options);-
337 free(newopts);-
338-
339 sshbuf_free(m);-
340-
341 return (pw);
never executed: return (pw);
0
342}-
343-
344char *-
345mm_auth2_read_banner(void)-
346{-
347 struct sshbuf *m;-
348 char *banner;-
349 int r;-
350-
351 debug3("%s entering", __func__);-
352-
353 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
354 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
355 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, m);-
356 sshbuf_reset(m);-
357-
358 mm_request_receive_expect(pmonitor->m_recvfd,-
359 MONITOR_ANS_AUTH2_READ_BANNER, m);-
360 if ((r = sshbuf_get_cstring(m, &banner, NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
361 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
362 sshbuf_free(m);-
363-
364 /* treat empty banner as missing banner */-
365 if (strlen(banner) == 0) {
strlen(banner) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
366 free(banner);-
367 banner = NULL;-
368 }
never executed: end of block
0
369 return (banner);
never executed: return (banner);
0
370}-
371-
372/* Inform the privileged process about service and style */-
373-
374void-
375mm_inform_authserv(char *service, char *style)-
376{-
377 struct sshbuf *m;-
378 int r;-
379-
380 debug3("%s entering", __func__);-
381-
382 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
383 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
384 if ((r = sshbuf_put_cstring(m, service)) != 0 ||
(r = sshbuf_pu...service)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
385 (r = sshbuf_put_cstring(m, style ? style : "")) != 0)
(r = sshbuf_pu...le : "")) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
386 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
387-
388 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m);-
389-
390 sshbuf_free(m);-
391}
never executed: end of block
0
392-
393/* Do the password authentication */-
394int-
395mm_auth_password(struct ssh *ssh, char *password)-
396{-
397 struct sshbuf *m;-
398 int r, authenticated = 0;-
399#ifdef USE_PAM-
400 u_int maxtries = 0;-
401#endif-
402-
403 debug3("%s entering", __func__);-
404-
405 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
406 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
407 if ((r = sshbuf_put_cstring(m, password)) != 0)
(r = sshbuf_pu...assword)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
408 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
409 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, m);-
410-
411 debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__);-
412 mm_request_receive_expect(pmonitor->m_recvfd,-
413 MONITOR_ANS_AUTHPASSWORD, m);-
414-
415 if ((r = sshbuf_get_u32(m, &authenticated)) != 0)
(r = sshbuf_ge...ticated)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
416 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
417#ifdef USE_PAM-
418 if ((r = sshbuf_get_u32(m, &maxtries)) != 0)-
419 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
420 if (maxtries > INT_MAX)-
421 fatal("%s: bad maxtries %u", __func__, maxtries);-
422 sshpam_set_maxtries_reached(maxtries);-
423#endif-
424-
425 sshbuf_free(m);-
426-
427 debug3("%s: user %sauthenticated",-
428 __func__, authenticated ? "" : "not ");-
429 return (authenticated);
never executed: return (authenticated);
0
430}-
431-
432int-
433mm_user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,-
434 int pubkey_auth_attempt, struct sshauthopt **authoptp)-
435{-
436 return (mm_key_allowed(MM_USERKEY, NULL, NULL, key,
never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp));
0
437 pubkey_auth_attempt, authoptp));
never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp));
0
438}-
439-
440int-
441mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host,-
442 struct sshkey *key)-
443{-
444 return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, NULL));
never executed: return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, ((void *)0) ));
0
445}-
446-
447int-
448mm_key_allowed(enum mm_keytype type, const char *user, const char *host,-
449 struct sshkey *key, int pubkey_auth_attempt, struct sshauthopt **authoptp)-
450{-
451 struct sshbuf *m;-
452 int r, allowed = 0;-
453 struct sshauthopt *opts = NULL;-
454-
455 debug3("%s entering", __func__);-
456-
457 if (authoptp != NULL)
authoptp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
458 *authoptp = NULL;
never executed: *authoptp = ((void *)0) ;
0
459-
460 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
461 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
462 if ((r = sshbuf_put_u32(m, type)) != 0 ||
(r = sshbuf_pu...m, type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
463 (r = sshbuf_put_cstring(m, user ? user : "")) != 0 ||
(r = sshbuf_pu...er : "")) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
464 (r = sshbuf_put_cstring(m, host ? host : "")) != 0 ||
(r = sshbuf_pu...st : "")) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
465 (r = sshkey_puts(key, m)) != 0 ||
(r = sshkey_puts(key, m)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
466 (r = sshbuf_put_u32(m, pubkey_auth_attempt)) != 0)
(r = sshbuf_pu...attempt)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
467 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
468-
469 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, m);-
470-
471 debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__);-
472 mm_request_receive_expect(pmonitor->m_recvfd,-
473 MONITOR_ANS_KEYALLOWED, m);-
474-
475 if ((r = sshbuf_get_u32(m, &allowed)) != 0)
(r = sshbuf_ge...allowed)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
476 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
477 if (allowed && type == MM_USERKEY) {
allowedDescription
TRUEnever evaluated
FALSEnever evaluated
type == MM_USERKEYDescription
TRUEnever evaluated
FALSEnever evaluated
0
478 if ((r = sshauthopt_deserialise(m, &opts)) != 0)
(r = sshauthop..., &opts)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
479 fatal("%s: sshauthopt_deserialise: %s",
never executed: fatal("%s: sshauthopt_deserialise: %s", __func__, ssh_err(r));
0
480 __func__, ssh_err(r));
never executed: fatal("%s: sshauthopt_deserialise: %s", __func__, ssh_err(r));
0
481 }
never executed: end of block
0
482 sshbuf_free(m);-
483-
484 if (authoptp != NULL) {
authoptp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
485 *authoptp = opts;-
486 opts = NULL;-
487 }
never executed: end of block
0
488 sshauthopt_free(opts);-
489-
490 return allowed;
never executed: return allowed;
0
491}-
492-
493/*-
494 * This key verify needs to send the key type along, because the-
495 * privileged parent makes the decision if the key is allowed-
496 * for authentication.-
497 */-
498-
499int-
500mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,-
501 const u_char *data, size_t datalen, const char *sigalg, u_int compat)-
502{-
503 struct sshbuf *m;-
504 u_int encoded_ret = 0;-
505 int r;-
506-
507 debug3("%s entering", __func__);-
508-
509-
510 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
511 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
512 if ((r = sshkey_puts(key, m)) != 0 ||
(r = sshkey_puts(key, m)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
513 (r = sshbuf_put_string(m, sig, siglen)) != 0 ||
(r = sshbuf_pu... siglen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
514 (r = sshbuf_put_string(m, data, datalen)) != 0 ||
(r = sshbuf_pu...datalen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
515 (r = sshbuf_put_cstring(m, sigalg == NULL ? "" : sigalg)) != 0)
(r = sshbuf_pu... sigalg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
516 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
517-
518 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, m);-
519-
520 debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__);-
521 mm_request_receive_expect(pmonitor->m_recvfd,-
522 MONITOR_ANS_KEYVERIFY, m);-
523-
524 if ((r = sshbuf_get_u32(m, &encoded_ret)) != 0)
(r = sshbuf_ge...ded_ret)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
525 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
526-
527 sshbuf_free(m);-
528-
529 if (encoded_ret != 0)
encoded_ret != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
530 return SSH_ERR_SIGNATURE_INVALID;
never executed: return -21;
0
531 return 0;
never executed: return 0;
0
532}-
533-
534void-
535mm_send_keystate(struct monitor *monitor)-
536{-
537 struct ssh *ssh = active_state; /* XXX */-
538 struct sshbuf *m;-
539 int r;-
540-
541 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
542 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
543 if ((r = ssh_packet_get_state(ssh, m)) != 0)
(r = ssh_packe...(ssh, m)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
544 fatal("%s: get_state failed: %s",
never executed: fatal("%s: get_state failed: %s", __func__, ssh_err(r));
0
545 __func__, ssh_err(r));
never executed: fatal("%s: get_state failed: %s", __func__, ssh_err(r));
0
546 mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, m);-
547 debug3("%s: Finished sending state", __func__);-
548 sshbuf_free(m);-
549}
never executed: end of block
0
550-
551int-
552mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)-
553{-
554 struct sshbuf *m;-
555 char *p, *msg;-
556 int success = 0, tmp1 = -1, tmp2 = -1, r;-
557-
558 /* Kludge: ensure there are fds free to receive the pty/tty */-
559 if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
(tmp1 = dup(pm...recvfd)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
560 (tmp2 = dup(pmonitor->m_recvfd)) == -1) {
(tmp2 = dup(pm...recvfd)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
561 error("%s: cannot allocate fds for pty", __func__);-
562 if (tmp1 > 0)
tmp1 > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
563 close(tmp1);
never executed: close(tmp1);
0
564 if (tmp2 > 0)
tmp2 > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
565 close(tmp2);
never executed: close(tmp2);
0
566 return 0;
never executed: return 0;
0
567 }-
568 close(tmp1);-
569 close(tmp2);-
570-
571 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
572 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
573 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, m);-
574-
575 debug3("%s: waiting for MONITOR_ANS_PTY", __func__);-
576 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, m);-
577-
578 if ((r = sshbuf_get_u32(m, &success)) != 0)
(r = sshbuf_ge...success)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
579 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
580 if (success == 0) {
success == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
581 debug3("%s: pty alloc failed", __func__);-
582 sshbuf_free(m);-
583 return (0);
never executed: return (0);
0
584 }-
585 if ((r = sshbuf_get_cstring(m, &p, NULL)) != 0 ||
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
586 (r = sshbuf_get_cstring(m, &msg, NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
587 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
588 sshbuf_free(m);-
589-
590 strlcpy(namebuf, p, namebuflen); /* Possible truncation */-
591 free(p);-
592-
593 if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0)
(r = sshbuf_pu...en(msg))) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
594 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
595 free(msg);-
596-
597 if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 ||
(*ptyfd = mm_r...recvfd)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
598 (*ttyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1)
(*ttyfd = mm_r...recvfd)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
599 fatal("%s: receive fds failed", __func__);
never executed: fatal("%s: receive fds failed", __func__);
0
600-
601 /* Success */-
602 return (1);
never executed: return (1);
0
603}-
604-
605void-
606mm_session_pty_cleanup2(Session *s)-
607{-
608 struct sshbuf *m;-
609 int r;-
610-
611 if (s->ttyfd == -1)
s->ttyfd == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
612 return;
never executed: return;
0
613 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
614 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
615 if ((r = sshbuf_put_cstring(m, s->tty)) != 0)
(r = sshbuf_pu... s->tty)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
616 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
617 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, m);-
618 sshbuf_free(m);-
619-
620 /* closed dup'ed master */-
621 if (s->ptymaster != -1 && close(s->ptymaster) < 0)
s->ptymaster != -1Description
TRUEnever evaluated
FALSEnever evaluated
close(s->ptymaster) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
622 error("close(s->ptymaster/%d): %s",
never executed: error("close(s->ptymaster/%d): %s", s->ptymaster, strerror( (*__errno_location ()) ));
0
623 s->ptymaster, strerror(errno));
never executed: error("close(s->ptymaster/%d): %s", s->ptymaster, strerror( (*__errno_location ()) ));
0
624-
625 /* unlink pty from session */-
626 s->ttyfd = -1;-
627}
never executed: end of block
0
628-
629#ifdef USE_PAM-
630void-
631mm_start_pam(Authctxt *authctxt)-
632{-
633 struct sshbuf *m;-
634-
635 debug3("%s entering", __func__);-
636 if (!options.use_pam)-
637 fatal("UsePAM=no, but ended up in %s anyway", __func__);-
638 if ((m = sshbuf_new()) == NULL)-
639 fatal("%s: sshbuf_new failed", __func__);-
640 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, m);-
641-
642 sshbuf_free(m);-
643}-
644-
645u_int-
646mm_do_pam_account(void)-
647{-
648 struct sshbuf *m;-
649 u_int ret;-
650 char *msg;-
651 size_t msglen;-
652 int r;-
653-
654 debug3("%s entering", __func__);-
655 if (!options.use_pam)-
656 fatal("UsePAM=no, but ended up in %s anyway", __func__);-
657-
658 if ((m = sshbuf_new()) == NULL)-
659 fatal("%s: sshbuf_new failed", __func__);-
660 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, m);-
661-
662 mm_request_receive_expect(pmonitor->m_recvfd,-
663 MONITOR_ANS_PAM_ACCOUNT, m);-
664 if ((r = sshbuf_get_u32(m, &ret)) != 0 ||-
665 (r = sshbuf_get_cstring(m, &msg, &msglen)) != 0 ||-
666 (r = sshbuf_put(loginmsg, msg, msglen)) != 0)-
667 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
668-
669 free(msg);-
670 sshbuf_free(m);-
671-
672 debug3("%s returning %d", __func__, ret);-
673-
674 return (ret);-
675}-
676-
677void *-
678mm_sshpam_init_ctx(Authctxt *authctxt)-
679{-
680 struct sshbuf *m;-
681 int r, success;-
682-
683 debug3("%s", __func__);-
684 if ((m = sshbuf_new()) == NULL)-
685 fatal("%s: sshbuf_new failed", __func__);-
686 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, m);-
687 debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__);-
688 mm_request_receive_expect(pmonitor->m_recvfd,-
689 MONITOR_ANS_PAM_INIT_CTX, m);-
690 if ((r = sshbuf_get_u32(m, &success)) != 0)-
691 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
692 if (success == 0) {-
693 debug3("%s: pam_init_ctx failed", __func__);-
694 sshbuf_free(m);-
695 return (NULL);-
696 }-
697 sshbuf_free(m);-
698 return (authctxt);-
699}-
700-
701int-
702mm_sshpam_query(void *ctx, char **name, char **info,-
703 u_int *num, char ***prompts, u_int **echo_on)-
704{-
705 struct sshbuf *m;-
706 u_int i, n;-
707 int r, ret;-
708-
709 debug3("%s", __func__);-
710 if ((m = sshbuf_new()) == NULL)-
711 fatal("%s: sshbuf_new failed", __func__);-
712 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, m);-
713 debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__);-
714 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, m);-
715 if ((r = sshbuf_get_u32(m, &ret)) != 0 ||-
716 (r = sshbuf_get_cstring(m, name, NULL)) != 0 ||-
717 (r = sshbuf_get_cstring(m, info, NULL)) != 0 ||-
718 (r = sshbuf_get_u32(m, &n)) != 0 ||-
719 (r = sshbuf_get_u32(m, num)) != 0)-
720 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
721 debug3("%s: pam_query returned %d", __func__, ret);-
722 sshpam_set_maxtries_reached(n);-
723 if (*num > PAM_MAX_NUM_MSG)-
724 fatal("%s: received %u PAM messages, expected <= %u",-
725 __func__, *num, PAM_MAX_NUM_MSG);-
726 *prompts = xcalloc((*num + 1), sizeof(char *));-
727 *echo_on = xcalloc((*num + 1), sizeof(u_int));-
728 for (i = 0; i < *num; ++i) {-
729 if ((r = sshbuf_get_cstring(m, &((*prompts)[i]), NULL)) != 0 ||-
730 (r = sshbuf_get_u32(m, &((*echo_on)[i]))) != 0)-
731 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
732 }-
733 sshbuf_free(m);-
734 return (ret);-
735}-
736-
737int-
738mm_sshpam_respond(void *ctx, u_int num, char **resp)-
739{-
740 struct sshbuf *m;-
741 u_int n, i;-
742 int r, ret;-
743-
744 debug3("%s", __func__);-
745 if ((m = sshbuf_new()) == NULL)-
746 fatal("%s: sshbuf_new failed", __func__);-
747 if ((r = sshbuf_put_u32(m, num)) != 0)-
748 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
749 for (i = 0; i < num; ++i) {-
750 if ((r = sshbuf_put_cstring(m, resp[i])) != 0)-
751 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
752 }-
753 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, m);-
754 debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__);-
755 mm_request_receive_expect(pmonitor->m_recvfd,-
756 MONITOR_ANS_PAM_RESPOND, m);-
757 if ((r = sshbuf_get_u32(m, &n)) != 0)-
758 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
759 ret = (int)n; /* XXX */-
760 debug3("%s: pam_respond returned %d", __func__, ret);-
761 sshbuf_free(m);-
762 return (ret);-
763}-
764-
765void-
766mm_sshpam_free_ctx(void *ctxtp)-
767{-
768 struct sshbuf *m;-
769-
770 debug3("%s", __func__);-
771 if ((m = sshbuf_new()) == NULL)-
772 fatal("%s: sshbuf_new failed", __func__);-
773 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, m);-
774 debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__);-
775 mm_request_receive_expect(pmonitor->m_recvfd,-
776 MONITOR_ANS_PAM_FREE_CTX, m);-
777 sshbuf_free(m);-
778}-
779#endif /* USE_PAM */-
780-
781/* Request process termination */-
782-
783void-
784mm_terminate(void)-
785{-
786 struct sshbuf *m;-
787-
788 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
789 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
790 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, m);-
791 sshbuf_free(m);-
792}
never executed: end of block
0
793-
794static void-
795mm_chall_setup(char **name, char **infotxt, u_int *numprompts,-
796 char ***prompts, u_int **echo_on)-
797{-
798 *name = xstrdup("");-
799 *infotxt = xstrdup("");-
800 *numprompts = 1;-
801 *prompts = xcalloc(*numprompts, sizeof(char *));-
802 *echo_on = xcalloc(*numprompts, sizeof(u_int));-
803 (*echo_on)[0] = 0;-
804}
never executed: end of block
0
805-
806int-
807mm_bsdauth_query(void *ctx, char **name, char **infotxt,-
808 u_int *numprompts, char ***prompts, u_int **echo_on)-
809{-
810 struct sshbuf *m;-
811 u_int success;-
812 char *challenge;-
813 int r;-
814-
815 debug3("%s: entering", __func__);-
816-
817 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
818 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
819 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, m);-
820-
821 mm_request_receive_expect(pmonitor->m_recvfd,-
822 MONITOR_ANS_BSDAUTHQUERY, m);-
823 if ((r = sshbuf_get_u32(m, &success)) != 0)
(r = sshbuf_ge...success)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
824 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
825 if (success == 0) {
success == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
826 debug3("%s: no challenge", __func__);-
827 sshbuf_free(m);-
828 return (-1);
never executed: return (-1);
0
829 }-
830-
831 /* Get the challenge, and format the response */-
832 if ((r = sshbuf_get_cstring(m, &challenge, NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
833 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
834 sshbuf_free(m);-
835-
836 mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);-
837 (*prompts)[0] = challenge;-
838-
839 debug3("%s: received challenge: %s", __func__, challenge);-
840-
841 return (0);
never executed: return (0);
0
842}-
843-
844int-
845mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses)-
846{-
847 struct sshbuf *m;-
848 int r, authok;-
849-
850 debug3("%s: entering", __func__);-
851 if (numresponses != 1)
numresponses != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
852 return (-1);
never executed: return (-1);
0
853-
854 if ((m = sshbuf_new()) == NULL)
(m = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
855 fatal("%s: sshbuf_new failed", __func__);
never executed: fatal("%s: sshbuf_new failed", __func__);
0
856 if ((r = sshbuf_put_cstring(m, responses[0])) != 0)
(r = sshbuf_pu...nses[0])) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
857 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
858 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, m);-
859-
860 mm_request_receive_expect(pmonitor->m_recvfd,-
861 MONITOR_ANS_BSDAUTHRESPOND, m);-
862-
863 if ((r = sshbuf_get_u32(m, &authok)) != 0)
(r = sshbuf_ge...&authok)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
864 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
865 sshbuf_free(m);-
866-
867 return ((authok == 0) ? -1 : 0);
never executed: return ((authok == 0) ? -1 : 0);
(authok == 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
868}-
869-
870#ifdef SSH_AUDIT_EVENTS-
871void-
872mm_audit_event(ssh_audit_event_t event)-
873{-
874 struct sshbuf *m;-
875 int r;-
876-
877 debug3("%s entering", __func__);-
878-
879 if ((m = sshbuf_new()) == NULL)-
880 fatal("%s: sshbuf_new failed", __func__);-
881 if ((r = sshbuf_put_u32(m, event)) != 0)-
882 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
883-
884 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, m);-
885 sshbuf_free(m);-
886}-
887-
888void-
889mm_audit_run_command(const char *command)-
890{-
891 struct sshbuf *m;-
892 int r;-
893-
894 debug3("%s entering command %s", __func__, command);-
895-
896 if ((m = sshbuf_new()) == NULL)-
897 fatal("%s: sshbuf_new failed", __func__);-
898 if ((r = sshbuf_put_cstring(m, command)) != 0)-
899 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
900-
901 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m);-
902 sshbuf_free(m);-
903}-
904#endif /* SSH_AUDIT_EVENTS */-
905-
906#ifdef GSSAPI-
907OM_uint32-
908mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid)-
909{-
910 struct sshbuf *m;-
911 OM_uint32 major;-
912 int r;-
913-
914 /* Client doesn't get to see the context */-
915 *ctx = NULL;-
916-
917 if ((m = sshbuf_new()) == NULL)-
918 fatal("%s: sshbuf_new failed", __func__);-
919 if ((r = sshbuf_put_string(m, goid->elements, goid->length)) != 0)-
920 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
921-
922 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, m);-
923 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, m);-
924-
925 if ((r = sshbuf_get_u32(m, &major)) != 0)-
926 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
927-
928 sshbuf_free(m);-
929 return (major);-
930}-
931-
932OM_uint32-
933mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in,-
934 gss_buffer_desc *out, OM_uint32 *flagsp)-
935{-
936 struct sshbuf *m;-
937 OM_uint32 major;-
938 u_int flags;-
939 int r;-
940-
941 if ((m = sshbuf_new()) == NULL)-
942 fatal("%s: sshbuf_new failed", __func__);-
943 if ((r = sshbuf_put_string(m, in->value, in->length)) != 0)-
944 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
945-
946 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSTEP, m);-
947 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m);-
948-
949 if ((r = sshbuf_get_u32(m, &major)) != 0 ||-
950 (r = ssh_gssapi_get_buffer_desc(m, out)) != 0)-
951 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
952 if (flagsp != NULL) {-
953 if ((r = sshbuf_get_u32(m, &flags)) != 0)-
954 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
955 *flagsp = flags;-
956 }-
957-
958 sshbuf_free(m);-
959-
960 return (major);-
961}-
962-
963OM_uint32-
964mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)-
965{-
966 struct sshbuf *m;-
967 OM_uint32 major;-
968 int r;-
969-
970 if ((m = sshbuf_new()) == NULL)-
971 fatal("%s: sshbuf_new failed", __func__);-
972 if ((r = sshbuf_put_string(m, gssbuf->value, gssbuf->length)) != 0 ||-
973 (r = sshbuf_put_string(m, gssmic->value, gssmic->length)) != 0)-
974 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
975-
976 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSCHECKMIC, m);-
977 mm_request_receive_expect(pmonitor->m_recvfd,-
978 MONITOR_ANS_GSSCHECKMIC, m);-
979-
980 if ((r = sshbuf_get_u32(m, &major)) != 0)-
981 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
982 sshbuf_free(m);-
983 return(major);-
984}-
985-
986int-
987mm_ssh_gssapi_userok(char *user)-
988{-
989 struct sshbuf *m;-
990 int r, authenticated = 0;-
991-
992 if ((m = sshbuf_new()) == NULL)-
993 fatal("%s: sshbuf_new failed", __func__);-
994-
995 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m);-
996 mm_request_receive_expect(pmonitor->m_recvfd,-
997 MONITOR_ANS_GSSUSEROK, m);-
998-
999 if ((r = sshbuf_get_u32(m, &authenticated)) != 0)-
1000 fatal("%s: buffer error: %s", __func__, ssh_err(r));-
1001-
1002 sshbuf_free(m);-
1003 debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");-
1004 return (authenticated);-
1005}-
1006#endif /* GSSAPI */-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2