Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | extern struct monitor *pmonitor; | - |
23 | extern struct sshbuf *loginmsg; | - |
24 | extern ServerOptions options; | - |
25 | | - |
26 | void | - |
27 | mm_log_handler(LogLevel level, const char *msg, void *ctx) | - |
28 | { | - |
29 | struct sshbuf *log_msg; | - |
30 | struct monitor *mon = (struct monitor *)ctx; | - |
31 | int r; | - |
32 | size_t len; | - |
33 | | - |
34 | if (mon->m_log_sendfd == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
35 | fatal("%s: no log channel", __func__); never executed: fatal("%s: no log channel", __func__); | 0 |
36 | | - |
37 | if ((TRUE | never evaluated | FALSE | never evaluated |
log_msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
38 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
39 | ) | - |
40 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
41 | | - |
42 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(log_msg, 0)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
43 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(log_msg, level)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
44 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(log_msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
45 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
46 | if ((TRUE | never evaluated | FALSE | never evaluated |
len = sshbuf_len(log_msg)) < 4TRUE | never evaluated | FALSE | never evaluated |
|| len > 0xffffffffTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
47 | fatal("%s: bad length %zu", __func__, len); never executed: fatal("%s: bad length %zu", __func__, len); | 0 |
48 | do { const u_int32_t __v = (len - 4); ((u_char *)(sshbuf_mutable_ptr(log_msg)))[0] = (__v >> 24) & 0xff; ((u_char *)(sshbuf_mutable_ptr(log_msg)))[1] = (__v >> 16) & 0xff; ((u_char *)(sshbuf_mutable_ptr(log_msg)))[2] = (__v >> 8) & 0xff; ((u_char *)(sshbuf_mutable_ptr(log_msg)))[3] = __v & 0xff; } while (0); | - |
49 | if (atomicio((ssize_t (*)(int, void *, size_t))write, mon->m_log_sendfd,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
50 | sshbuf_mutable_ptr(log_msg), len) != lenTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
51 | fatal("%s: write: %s", __func__, strerror( never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
52 | (*__errno_location ()) never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
53 | )); never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
54 | sshbuf_free(log_msg); | - |
55 | } never executed: end of block | 0 |
56 | | - |
57 | int | - |
58 | mm_is_monitor(void) | - |
59 | { | - |
60 | | - |
61 | | - |
62 | | - |
63 | | - |
64 | return never executed: return (pmonitor && pmonitor->m_pid > 0); (pmonitorTRUE | never evaluated | FALSE | never evaluated |
&& pmonitor->m_pid > 0TRUE | never evaluated | FALSE | never evaluated |
);never executed: return (pmonitor && pmonitor->m_pid > 0); | 0 |
65 | } | - |
66 | | - |
67 | void | - |
68 | mm_request_send(int sock, enum monitor_reqtype type, struct sshbuf *m) | - |
69 | { | - |
70 | size_t mlen = sshbuf_len(m); | - |
71 | u_char buf[5]; | - |
72 | | - |
73 | debug3("%s entering: type %d", __func__, type); | - |
74 | | - |
75 | if (mlen >= 0xffffffffTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
76 | fatal("%s: bad length %zu", __func__, mlen); never executed: fatal("%s: bad length %zu", __func__, mlen); | 0 |
77 | do { const u_int32_t __v = (mlen + 1); ((u_char *)(buf))[0] = (__v >> 24) & 0xff; ((u_char *)(buf))[1] = (__v >> 16) & 0xff; ((u_char *)(buf))[2] = (__v >> 8) & 0xff; ((u_char *)(buf))[3] = __v & 0xff; } while (0); | - |
78 | buf[4] = (u_char) type; | - |
79 | if (atomicio((ssize_t (*)(int, void *, size_t))write, sock, buf, sizeof(buf)) != sizeof(buf)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
80 | fatal("%s: write: %s", __func__, strerror( never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
81 | (*__errno_location ()) never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
82 | )); never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
83 | if (atomicio((ssize_t (*)(int, void *, size_t))write, sock, sshbuf_mutable_ptr(m), mlen) != mlenTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
84 | fatal("%s: write: %s", __func__, strerror( never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
85 | (*__errno_location ()) never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
86 | )); never executed: fatal("%s: write: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
87 | } never executed: end of block | 0 |
88 | | - |
89 | void | - |
90 | mm_request_receive(int sock, struct sshbuf *m) | - |
91 | { | - |
92 | u_char buf[4], *p = | - |
93 | ((void *)0) | - |
94 | ; | - |
95 | u_int msg_len; | - |
96 | int r; | - |
97 | | - |
98 | debug3("%s entering", __func__); | - |
99 | | - |
100 | if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
101 | if ( | - |
102 | (*TRUE | never evaluated | FALSE | never evaluated |
__errno_location ()) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
103 | == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
104 | 32TRUE | never evaluated | FALSE | never evaluated |
| 0 |
105 | ) | - |
106 | cleanup_exit(255); never executed: cleanup_exit(255); | 0 |
107 | fatal("%s: read: %s", __func__, strerror( | - |
108 | (*__errno_location ()) | - |
109 | )); | - |
110 | } never executed: end of block | 0 |
111 | msg_len = (((u_int32_t)(((const u_char *)(buf))[0]) << 24) | ((u_int32_t)(((const u_char *)(buf))[1]) << 16) | ((u_int32_t)(((const u_char *)(buf))[2]) << 8) | (u_int32_t)(((const u_char *)(buf))[3])); | - |
112 | if (msg_len > 256 * 1024TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
113 | fatal("%s: read: bad msg_len %d", __func__, msg_len); never executed: fatal("%s: read: bad msg_len %d", __func__, msg_len); | 0 |
114 | sshbuf_reset(m); | - |
115 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_reserve(m, msg_len, &p)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
116 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
117 | if (atomicio(read, sock, p, msg_len) != msg_lenTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
118 | fatal("%s: read: %s", __func__, strerror( never executed: fatal("%s: read: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
119 | (*__errno_location ()) never executed: fatal("%s: read: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
120 | )); never executed: fatal("%s: read: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
121 | } never executed: end of block | 0 |
122 | | - |
123 | void | - |
124 | mm_request_receive_expect(int sock, enum monitor_reqtype type, struct sshbuf *m) | - |
125 | { | - |
126 | u_char rtype; | - |
127 | int r; | - |
128 | | - |
129 | debug3("%s entering: type %d", __func__, type); | - |
130 | | - |
131 | mm_request_receive(sock, m); | - |
132 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(m, &rtype)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
133 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
134 | if (rtype != typeTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
135 | fatal("%s: read: rtype %d != type %d", __func__, never executed: fatal("%s: read: rtype %d != type %d", __func__, rtype, type); | 0 |
136 | rtype, type); never executed: fatal("%s: read: rtype %d != type %d", __func__, rtype, type); | 0 |
137 | } never executed: end of block | 0 |
138 | | - |
139 | | - |
140 | DH * | - |
141 | mm_choose_dh(int min, int nbits, int max) | - |
142 | { | - |
143 | BIGNUM *p, *g; | - |
144 | int r; | - |
145 | u_char success = 0; | - |
146 | struct sshbuf *m; | - |
147 | | - |
148 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
149 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
150 | ) | - |
151 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
152 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, min)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
153 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, nbits)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
154 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, max)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
155 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
156 | | - |
157 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, m); | - |
158 | | - |
159 | debug3("%s: waiting for MONITOR_ANS_MODULI", __func__); | - |
160 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, m); | - |
161 | | - |
162 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(m, &success)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
163 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
164 | if (success == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
165 | fatal("%s: MONITOR_ANS_MODULI failed", __func__); never executed: fatal("%s: MONITOR_ANS_MODULI failed", __func__); | 0 |
166 | | - |
167 | if ((TRUE | never evaluated | FALSE | never evaluated |
p = BN_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
168 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
169 | ) | - |
170 | fatal("%s: BN_new failed", __func__); never executed: fatal("%s: BN_new failed", __func__); | 0 |
171 | if ((TRUE | never evaluated | FALSE | never evaluated |
g = BN_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
172 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
173 | ) | - |
174 | fatal("%s: BN_new failed", __func__); never executed: fatal("%s: BN_new failed", __func__); | 0 |
175 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_bignum2(m, p)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
176 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_bignum2(m, g)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
177 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
178 | | - |
179 | debug3("%s: remaining %zu", __func__, sshbuf_len(m)); | - |
180 | sshbuf_free(m); | - |
181 | | - |
182 | return never executed: return (dh_new_group(g, p)); (dh_new_group(g, p));never executed: return (dh_new_group(g, p)); | 0 |
183 | } | - |
184 | | - |
185 | | - |
186 | int | - |
187 | mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp, | - |
188 | const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat) | - |
189 | { | - |
190 | struct kex *kex = *pmonitor->m_pkex; | - |
191 | struct sshbuf *m; | - |
192 | u_int ndx = kex->host_key_index(key, 0, active_state); | - |
193 | int r; | - |
194 | | - |
195 | debug3("%s entering", __func__); | - |
196 | | - |
197 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
198 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
199 | ) | - |
200 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
201 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, ndx)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
202 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(m, data, datalen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
203 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, hostkey_alg)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
204 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, compat)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
205 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
206 | | - |
207 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, m); | - |
208 | | - |
209 | debug3("%s: waiting for MONITOR_ANS_SIGN", __func__); | - |
210 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, m); | - |
211 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string(m, sigp, lenp)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
212 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
213 | sshbuf_free(m); | - |
214 | | - |
215 | return never executed: return (0); (0);never executed: return (0); | 0 |
216 | } | - |
217 | | - |
218 | struct passwd * | - |
219 | mm_getpwnamallow(const char *username) | - |
220 | { | - |
221 | struct ssh *ssh = active_state; | - |
222 | struct sshbuf *m; | - |
223 | struct passwd *pw; | - |
224 | size_t len; | - |
225 | u_int i; | - |
226 | ServerOptions *newopts; | - |
227 | int r; | - |
228 | u_char ok; | - |
229 | const u_char *p; | - |
230 | | - |
231 | debug3("%s entering", __func__); | - |
232 | | - |
233 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
234 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
235 | ) | - |
236 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
237 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, username)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
238 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
239 | | - |
240 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, m); | - |
241 | | - |
242 | debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__); | - |
243 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, m); | - |
244 | | - |
245 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(m, &ok)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
246 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
247 | if (ok == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
248 | pw = | - |
249 | ((void *)0) | - |
250 | ; | - |
251 | goto never executed: goto out; out;never executed: goto out; | 0 |
252 | } | - |
253 | | - |
254 | | - |
255 | pw = xcalloc(sizeof(*pw), 1); | - |
256 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(m, &p, &len)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
257 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
258 | if (len != sizeof(*pw)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
259 | fatal("%s: struct passwd size mismatch", __func__); never executed: fatal("%s: struct passwd size mismatch", __func__); | 0 |
260 | memcpy(pw, p, sizeof(*pw)); | - |
261 | | - |
262 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &pw->pw_name, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
263 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
264 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
265 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &pw->pw_passwd, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
266 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
267 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
268 | | - |
269 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &pw->pw_gecos, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
270 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
271 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
272 | | - |
273 | | - |
274 | | - |
275 | | - |
276 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &pw->pw_dir, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
277 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
278 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
279 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &pw->pw_shell, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
280 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
281 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
282 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
283 | | - |
284 | out: code before this statement never executed: out: | 0 |
285 | | - |
286 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(m, &p, &len)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
287 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
288 | if (len != sizeof(*newopts)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
289 | fatal("%s: option block size mismatch", __func__); never executed: fatal("%s: option block size mismatch", __func__); | 0 |
290 | newopts = xcalloc(sizeof(*newopts), 1); | - |
291 | memcpy(newopts, p, sizeof(*newopts)); | - |
292 | do { do { if (newopts->banner != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
293 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
294 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->banner, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
295 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
296 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->trusted_user_ca_keys != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
297 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
298 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->trusted_user_ca_keys, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
299 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
300 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->revoked_keys_file != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
301 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
302 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->revoked_keys_file, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
303 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
304 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->authorized_keys_command != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
305 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
306 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->authorized_keys_command, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
307 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
308 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->authorized_keys_command_user != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
309 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
310 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->authorized_keys_command_user, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
311 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
312 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->authorized_principals_file != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
313 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
314 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->authorized_principals_file, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
315 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
316 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->authorized_principals_command != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
317 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
318 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->authorized_principals_command, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
319 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
320 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->authorized_principals_command_user != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
321 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
322 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->authorized_principals_command_user, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
323 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
324 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->hostbased_key_types != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
325 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
326 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->hostbased_key_types, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
327 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
328 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->pubkey_key_types != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
329 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
330 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->pubkey_key_types, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
331 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
332 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->ca_sign_algorithms != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
333 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
334 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->ca_sign_algorithms, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
335 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
336 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->routing_domain != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
337 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
338 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->routing_domain, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
339 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
340 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (newopts->permit_user_env_whitelist != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
341 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
342 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->permit_user_env_whitelist, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
343 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
344 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->authorized_keys_files = newopts->num_authkeys_files == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
345 | ((void *)0) | - |
346 | : xcalloc(newopts->num_authkeys_files, sizeof(*newopts->authorized_keys_files)); for (i = 0; i < newopts->num_authkeys_filesTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->authorized_keys_files[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
347 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
348 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->allow_users = newopts->num_allow_users == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
349 | ((void *)0) | - |
350 | : xcalloc(newopts->num_allow_users, sizeof(*newopts->allow_users)); for (i = 0; i < newopts->num_allow_usersTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->allow_users[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
351 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
352 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->deny_users = newopts->num_deny_users == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
353 | ((void *)0) | - |
354 | : xcalloc(newopts->num_deny_users, sizeof(*newopts->deny_users)); for (i = 0; i < newopts->num_deny_usersTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->deny_users[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
355 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
356 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->allow_groups = newopts->num_allow_groups == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
357 | ((void *)0) | - |
358 | : xcalloc(newopts->num_allow_groups, sizeof(*newopts->allow_groups)); for (i = 0; i < newopts->num_allow_groupsTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->allow_groups[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
359 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
360 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->deny_groups = newopts->num_deny_groups == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
361 | ((void *)0) | - |
362 | : xcalloc(newopts->num_deny_groups, sizeof(*newopts->deny_groups)); for (i = 0; i < newopts->num_deny_groupsTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->deny_groups[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
363 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
364 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->accept_env = newopts->num_accept_env == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
365 | ((void *)0) | - |
366 | : xcalloc(newopts->num_accept_env, sizeof(*newopts->accept_env)); for (i = 0; i < newopts->num_accept_envTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->accept_env[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
367 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
368 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->auth_methods = newopts->num_auth_methods == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
369 | ((void *)0) | - |
370 | : xcalloc(newopts->num_auth_methods, sizeof(*newopts->auth_methods)); for (i = 0; i < newopts->num_auth_methodsTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->auth_methods[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
371 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
372 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->permitted_opens = newopts->num_permitted_opens == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
373 | ((void *)0) | - |
374 | : xcalloc(newopts->num_permitted_opens, sizeof(*newopts->permitted_opens)); for (i = 0; i < newopts->num_permitted_opensTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->permitted_opens[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
375 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
376 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { newopts->permitted_listens = newopts->num_permitted_listens == 0TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
377 | ((void *)0) | - |
378 | : xcalloc(newopts->num_permitted_listens, sizeof(*newopts->permitted_listens)); for (i = 0; i < newopts->num_permitted_listensTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &newopts->permitted_listens[i], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
379 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
380 | ))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
!= 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); } while (0); | 0 |
381 | | - |
382 | | - |
383 | | - |
384 | copy_set_server_options(&options, newopts, 1); | - |
385 | log_change_level(options.log_level); | - |
386 | process_permitopen(ssh, &options); | - |
387 | free(newopts); | - |
388 | | - |
389 | sshbuf_free(m); | - |
390 | | - |
391 | return never executed: return (pw); (pw);never executed: return (pw); | 0 |
392 | } | - |
393 | | - |
394 | char * | - |
395 | mm_auth2_read_banner(void) | - |
396 | { | - |
397 | struct sshbuf *m; | - |
398 | char *banner; | - |
399 | int r; | - |
400 | | - |
401 | debug3("%s entering", __func__); | - |
402 | | - |
403 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
404 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
405 | ) | - |
406 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
407 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, m); | - |
408 | sshbuf_reset(m); | - |
409 | | - |
410 | mm_request_receive_expect(pmonitor->m_recvfd, | - |
411 | MONITOR_ANS_AUTH2_READ_BANNER, m); | - |
412 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &banner, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
413 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
414 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
415 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
416 | sshbuf_free(m); | - |
417 | | - |
418 | | - |
419 | if (strlen(banner) == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
420 | free(banner); | - |
421 | banner = | - |
422 | ((void *)0) | - |
423 | ; | - |
424 | } never executed: end of block | 0 |
425 | return never executed: return (banner); (banner);never executed: return (banner); | 0 |
426 | } | - |
427 | | - |
428 | | - |
429 | | - |
430 | void | - |
431 | mm_inform_authserv(char *service, char *style) | - |
432 | { | - |
433 | struct sshbuf *m; | - |
434 | int r; | - |
435 | | - |
436 | debug3("%s entering", __func__); | - |
437 | | - |
438 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
439 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
440 | ) | - |
441 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
442 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, service)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
443 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, style ? style : "")) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
444 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
445 | | - |
446 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m); | - |
447 | | - |
448 | sshbuf_free(m); | - |
449 | } never executed: end of block | 0 |
450 | | - |
451 | | - |
452 | int | - |
453 | mm_auth_password(struct ssh *ssh, char *password) | - |
454 | { | - |
455 | struct sshbuf *m; | - |
456 | int r, authenticated = 0; | - |
457 | | - |
458 | | - |
459 | | - |
460 | | - |
461 | debug3("%s entering", __func__); | - |
462 | | - |
463 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
464 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
465 | ) | - |
466 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
467 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, password)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
468 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
469 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, m); | - |
470 | | - |
471 | debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__); | - |
472 | mm_request_receive_expect(pmonitor->m_recvfd, | - |
473 | MONITOR_ANS_AUTHPASSWORD, m); | - |
474 | | - |
475 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &authenticated)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
476 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
477 | sshbuf_free(m); | - |
478 | | - |
479 | debug3("%s: user %sauthenticated", | - |
480 | __func__, authenticated ? "" : "not "); | - |
481 | return never executed: return (authenticated); (authenticated);never executed: return (authenticated); | 0 |
482 | } | - |
483 | | - |
484 | int | - |
485 | mm_user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, | - |
486 | int pubkey_auth_attempt, struct sshauthopt **authoptp) | - |
487 | { | - |
488 | return never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp)); (mm_key_allowed(MM_USERKEY, never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp)); | 0 |
489 | ((void *)0) never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp)); | 0 |
490 | , never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp)); | 0 |
491 | ((void *)0) never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp)); | 0 |
492 | , key, never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp)); | 0 |
493 | pubkey_auth_attempt, authoptp)); never executed: return (mm_key_allowed(MM_USERKEY, ((void *)0) , ((void *)0) , key, pubkey_auth_attempt, authoptp)); | 0 |
494 | } | - |
495 | | - |
496 | int | - |
497 | mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, | - |
498 | struct sshkey *key) | - |
499 | { | - |
500 | return never executed: return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, ((void *)0) )); (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, never executed: return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, ((void *)0) )); | 0 |
501 | ((void *)0) never executed: return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, ((void *)0) )); | 0 |
502 | )); never executed: return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, ((void *)0) )); | 0 |
503 | } | - |
504 | | - |
505 | int | - |
506 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, | - |
507 | struct sshkey *key, int pubkey_auth_attempt, struct sshauthopt **authoptp) | - |
508 | { | - |
509 | struct sshbuf *m; | - |
510 | int r, allowed = 0; | - |
511 | struct sshauthopt *opts = | - |
512 | ((void *)0) | - |
513 | ; | - |
514 | | - |
515 | debug3("%s entering", __func__); | - |
516 | | - |
517 | if (authoptp != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
518 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
519 | ) | - |
520 | * never executed: *authoptp = ((void *)0) ; authoptp = never executed: *authoptp = ((void *)0) ; | 0 |
521 | ((void *)0) never executed: *authoptp = ((void *)0) ; | 0 |
522 | ; never executed: *authoptp = ((void *)0) ; | 0 |
523 | | - |
524 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
525 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
526 | ) | - |
527 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
528 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, type)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
529 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, user ? user : "")) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
530 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, host ? host : "")) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
531 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_puts(key, m)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
532 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, pubkey_auth_attempt)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
533 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
534 | | - |
535 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, m); | - |
536 | | - |
537 | debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__); | - |
538 | mm_request_receive_expect(pmonitor->m_recvfd, | - |
539 | MONITOR_ANS_KEYALLOWED, m); | - |
540 | | - |
541 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &allowed)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
542 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
543 | if (allowedTRUE | never evaluated | FALSE | never evaluated |
&& type == MM_USERKEYTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
544 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshauthopt_deserialise(m, &opts)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
545 | fatal("%s: sshauthopt_deserialise: %s", never executed: fatal("%s: sshauthopt_deserialise: %s", __func__, ssh_err(r)); | 0 |
546 | __func__, ssh_err(r)); never executed: fatal("%s: sshauthopt_deserialise: %s", __func__, ssh_err(r)); | 0 |
547 | } never executed: end of block | 0 |
548 | sshbuf_free(m); | - |
549 | | - |
550 | if (authoptp != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
551 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
552 | ) { | - |
553 | *authoptp = opts; | - |
554 | opts = | - |
555 | ((void *)0) | - |
556 | ; | - |
557 | } never executed: end of block | 0 |
558 | sshauthopt_free(opts); | - |
559 | | - |
560 | return never executed: return allowed; allowed;never executed: return allowed; | 0 |
561 | } | - |
562 | | - |
563 | | - |
564 | | - |
565 | | - |
566 | | - |
567 | | - |
568 | | - |
569 | int | - |
570 | mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, | - |
571 | const u_char *data, size_t datalen, const char *sigalg, u_int compat) | - |
572 | { | - |
573 | struct sshbuf *m; | - |
574 | u_int encoded_ret = 0; | - |
575 | int r; | - |
576 | | - |
577 | debug3("%s entering", __func__); | - |
578 | | - |
579 | | - |
580 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
581 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
582 | ) | - |
583 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
584 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_puts(key, m)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
585 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(m, sig, siglen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
586 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(m, data, datalen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
587 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, sigalg == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
588 | ((void *)0) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
589 | ? "" : sigalg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
590 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
591 | | - |
592 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, m); | - |
593 | | - |
594 | debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__); | - |
595 | mm_request_receive_expect(pmonitor->m_recvfd, | - |
596 | MONITOR_ANS_KEYVERIFY, m); | - |
597 | | - |
598 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &encoded_ret)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
599 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
600 | | - |
601 | sshbuf_free(m); | - |
602 | | - |
603 | if (encoded_ret != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
604 | return never executed: return -21; -21;never executed: return -21; | 0 |
605 | return never executed: return 0; 0;never executed: return 0; | 0 |
606 | } | - |
607 | | - |
608 | void | - |
609 | mm_send_keystate(struct monitor *monitor) | - |
610 | { | - |
611 | struct ssh *ssh = active_state; | - |
612 | struct sshbuf *m; | - |
613 | int r; | - |
614 | | - |
615 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
616 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
617 | ) | - |
618 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
619 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_packet_get_state(ssh, m)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
620 | fatal("%s: get_state failed: %s", never executed: fatal("%s: get_state failed: %s", __func__, ssh_err(r)); | 0 |
621 | __func__, ssh_err(r)); never executed: fatal("%s: get_state failed: %s", __func__, ssh_err(r)); | 0 |
622 | mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, m); | - |
623 | debug3("%s: Finished sending state", __func__); | - |
624 | sshbuf_free(m); | - |
625 | } never executed: end of block | 0 |
626 | | - |
627 | int | - |
628 | mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) | - |
629 | { | - |
630 | struct sshbuf *m; | - |
631 | char *p, *msg; | - |
632 | int success = 0, tmp1 = -1, tmp2 = -1, r; | - |
633 | | - |
634 | | - |
635 | if ((TRUE | never evaluated | FALSE | never evaluated |
tmp1 = dup(pmonitor->m_recvfd)) == -1TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
636 | (TRUE | never evaluated | FALSE | never evaluated |
tmp2 = dup(pmonitor->m_recvfd)) == -1TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
637 | error("%s: cannot allocate fds for pty", __func__); | - |
638 | if (tmp1 > 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
639 | close(tmp1); never executed: close(tmp1); | 0 |
640 | if (tmp2 > 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
641 | close(tmp2); never executed: close(tmp2); | 0 |
642 | return never executed: return 0; 0;never executed: return 0; | 0 |
643 | } | - |
644 | close(tmp1); | - |
645 | close(tmp2); | - |
646 | | - |
647 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
648 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
649 | ) | - |
650 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
651 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, m); | - |
652 | | - |
653 | debug3("%s: waiting for MONITOR_ANS_PTY", __func__); | - |
654 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, m); | - |
655 | | - |
656 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &success)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
657 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
658 | if (success == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
659 | debug3("%s: pty alloc failed", __func__); | - |
660 | sshbuf_free(m); | - |
661 | return never executed: return (0); (0);never executed: return (0); | 0 |
662 | } | - |
663 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &p, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
664 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
665 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
666 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &msg, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
667 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
668 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
669 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
670 | sshbuf_free(m); | - |
671 | | - |
672 | strlcpy(namebuf, p, namebuflen); | - |
673 | free(p); | - |
674 | | - |
675 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
676 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
677 | free(msg); | - |
678 | | - |
679 | if ((*TRUE | never evaluated | FALSE | never evaluated |
ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
680 | (*TRUE | never evaluated | FALSE | never evaluated |
ttyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
681 | fatal("%s: receive fds failed", __func__); never executed: fatal("%s: receive fds failed", __func__); | 0 |
682 | | - |
683 | | - |
684 | return never executed: return (1); (1);never executed: return (1); | 0 |
685 | } | - |
686 | | - |
687 | void | - |
688 | mm_session_pty_cleanup2(Session *s) | - |
689 | { | - |
690 | struct sshbuf *m; | - |
691 | int r; | - |
692 | | - |
693 | if (s->ttyfd == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
694 | return; never executed: return; | 0 |
695 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
696 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
697 | ) | - |
698 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
699 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, s->tty)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
700 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
701 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, m); | - |
702 | sshbuf_free(m); | - |
703 | | - |
704 | | - |
705 | if (s->ptymaster != -1TRUE | never evaluated | FALSE | never evaluated |
&& close(s->ptymaster) < 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
706 | error("close(s->ptymaster/%d): %s", never executed: error("close(s->ptymaster/%d): %s", s->ptymaster, strerror( (*__errno_location ()) )); | 0 |
707 | s->ptymaster, strerror( never executed: error("close(s->ptymaster/%d): %s", s->ptymaster, strerror( (*__errno_location ()) )); | 0 |
708 | (*__errno_location ()) never executed: error("close(s->ptymaster/%d): %s", s->ptymaster, strerror( (*__errno_location ()) )); | 0 |
709 | )); never executed: error("close(s->ptymaster/%d): %s", s->ptymaster, strerror( (*__errno_location ()) )); | 0 |
710 | | - |
711 | | - |
712 | s->ttyfd = -1; | - |
713 | } never executed: end of block | 0 |
714 | void | - |
715 | mm_terminate(void) | - |
716 | { | - |
717 | struct sshbuf *m; | - |
718 | | - |
719 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
720 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
721 | ) | - |
722 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
723 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, m); | - |
724 | sshbuf_free(m); | - |
725 | } never executed: end of block | 0 |
726 | | - |
727 | static void | - |
728 | mm_chall_setup(char **name, char **infotxt, u_int *numprompts, | - |
729 | char ***prompts, u_int **echo_on) | - |
730 | { | - |
731 | *name = xstrdup(""); | - |
732 | *infotxt = xstrdup(""); | - |
733 | *numprompts = 1; | - |
734 | *prompts = xcalloc(*numprompts, sizeof(char *)); | - |
735 | *echo_on = xcalloc(*numprompts, sizeof(u_int)); | - |
736 | (*echo_on)[0] = 0; | - |
737 | } never executed: end of block | 0 |
738 | | - |
739 | int | - |
740 | mm_bsdauth_query(void *ctx, char **name, char **infotxt, | - |
741 | u_int *numprompts, char ***prompts, u_int **echo_on) | - |
742 | { | - |
743 | struct sshbuf *m; | - |
744 | u_int success; | - |
745 | char *challenge; | - |
746 | int r; | - |
747 | | - |
748 | debug3("%s: entering", __func__); | - |
749 | | - |
750 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
751 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
752 | ) | - |
753 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
754 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, m); | - |
755 | | - |
756 | mm_request_receive_expect(pmonitor->m_recvfd, | - |
757 | MONITOR_ANS_BSDAUTHQUERY, m); | - |
758 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &success)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
759 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
760 | if (success == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
761 | debug3("%s: no challenge", __func__); | - |
762 | sshbuf_free(m); | - |
763 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
764 | } | - |
765 | | - |
766 | | - |
767 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &challenge, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
768 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
769 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
770 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
771 | sshbuf_free(m); | - |
772 | | - |
773 | mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); | - |
774 | (*prompts)[0] = challenge; | - |
775 | | - |
776 | debug3("%s: received challenge: %s", __func__, challenge); | - |
777 | | - |
778 | return never executed: return (0); (0);never executed: return (0); | 0 |
779 | } | - |
780 | | - |
781 | int | - |
782 | mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses) | - |
783 | { | - |
784 | struct sshbuf *m; | - |
785 | int r, authok; | - |
786 | | - |
787 | debug3("%s: entering", __func__); | - |
788 | if (numresponses != 1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
789 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
790 | | - |
791 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
792 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
793 | ) | - |
794 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
795 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, responses[0])) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
796 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
797 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, m); | - |
798 | | - |
799 | mm_request_receive_expect(pmonitor->m_recvfd, | - |
800 | MONITOR_ANS_BSDAUTHRESPOND, m); | - |
801 | | - |
802 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &authok)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
803 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
804 | sshbuf_free(m); | - |
805 | | - |
806 | return never executed: return ((authok == 0) ? -1 : 0); ((TRUE | never evaluated | FALSE | never evaluated |
authok == 0)TRUE | never evaluated | FALSE | never evaluated |
? -1 : 0);never executed: return ((authok == 0) ? -1 : 0); | 0 |
807 | } | - |
| | |