Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | | - |
26 | | - |
27 | | - |
28 | #include "includes.h" | - |
29 | | - |
30 | #include <sys/types.h> | - |
31 | #include <sys/socket.h> | - |
32 | #include <sys/wait.h> | - |
33 | | - |
34 | #include <errno.h> | - |
35 | #include <fcntl.h> | - |
36 | #include <limits.h> | - |
37 | #ifdef HAVE_PATHS_H | - |
38 | #include <paths.h> | - |
39 | #endif | - |
40 | #include <pwd.h> | - |
41 | #include <signal.h> | - |
42 | #ifdef HAVE_STDINT_H | - |
43 | #include <stdint.h> | - |
44 | #endif | - |
45 | #include <stdlib.h> | - |
46 | #include <string.h> | - |
47 | #include <stdarg.h> | - |
48 | #include <stdio.h> | - |
49 | #include <unistd.h> | - |
50 | #ifdef HAVE_POLL_H | - |
51 | #include <poll.h> | - |
52 | #else | - |
53 | # ifdef HAVE_SYS_POLL_H | - |
54 | # include <sys/poll.h> | - |
55 | # endif | - |
56 | #endif | - |
57 | | - |
58 | #ifdef WITH_OPENSSL | - |
59 | #include <openssl/dh.h> | - |
60 | #endif | - |
61 | | - |
62 | #include "openbsd-compat/sys-tree.h" | - |
63 | #include "openbsd-compat/sys-queue.h" | - |
64 | #include "openbsd-compat/openssl-compat.h" | - |
65 | | - |
66 | #include "atomicio.h" | - |
67 | #include "xmalloc.h" | - |
68 | #include "ssh.h" | - |
69 | #include "sshkey.h" | - |
70 | #include "sshbuf.h" | - |
71 | #include "hostfile.h" | - |
72 | #include "auth.h" | - |
73 | #include "cipher.h" | - |
74 | #include "kex.h" | - |
75 | #include "dh.h" | - |
76 | #include "auth-pam.h" | - |
77 | #include "packet.h" | - |
78 | #include "auth-options.h" | - |
79 | #include "sshpty.h" | - |
80 | #include "channels.h" | - |
81 | #include "session.h" | - |
82 | #include "sshlogin.h" | - |
83 | #include "canohost.h" | - |
84 | #include "log.h" | - |
85 | #include "misc.h" | - |
86 | #include "servconf.h" | - |
87 | #include "monitor.h" | - |
88 | #ifdef GSSAPI | - |
89 | #include "ssh-gss.h" | - |
90 | #endif | - |
91 | #include "monitor_wrap.h" | - |
92 | #include "monitor_fdpass.h" | - |
93 | #include "compat.h" | - |
94 | #include "ssh2.h" | - |
95 | #include "authfd.h" | - |
96 | #include "match.h" | - |
97 | #include "ssherr.h" | - |
98 | | - |
99 | #ifdef GSSAPI | - |
100 | static Gssctxt *gsscontext = NULL; | - |
101 | #endif | - |
102 | | - |
103 | | - |
104 | extern ServerOptions options; | - |
105 | extern u_int utmp_len; | - |
106 | extern u_char session_id[]; | - |
107 | extern struct sshbuf *loginmsg; | - |
108 | extern struct sshauthopt *auth_opts; | - |
109 | | - |
110 | | - |
111 | static struct sshbuf *child_state; | - |
112 | | - |
113 | | - |
114 | | - |
115 | int mm_answer_moduli(int, struct sshbuf *); | - |
116 | int mm_answer_sign(int, struct sshbuf *); | - |
117 | int mm_answer_pwnamallow(int, struct sshbuf *); | - |
118 | int mm_answer_auth2_read_banner(int, struct sshbuf *); | - |
119 | int mm_answer_authserv(int, struct sshbuf *); | - |
120 | int mm_answer_authpassword(int, struct sshbuf *); | - |
121 | int mm_answer_bsdauthquery(int, struct sshbuf *); | - |
122 | int mm_answer_bsdauthrespond(int, struct sshbuf *); | - |
123 | int mm_answer_keyallowed(int, struct sshbuf *); | - |
124 | int mm_answer_keyverify(int, struct sshbuf *); | - |
125 | int mm_answer_pty(int, struct sshbuf *); | - |
126 | int mm_answer_pty_cleanup(int, struct sshbuf *); | - |
127 | int mm_answer_term(int, struct sshbuf *); | - |
128 | int mm_answer_rsa_keyallowed(int, struct sshbuf *); | - |
129 | int mm_answer_rsa_challenge(int, struct sshbuf *); | - |
130 | int mm_answer_rsa_response(int, struct sshbuf *); | - |
131 | int mm_answer_sesskey(int, struct sshbuf *); | - |
132 | int mm_answer_sessid(int, struct sshbuf *); | - |
133 | | - |
134 | #ifdef USE_PAM | - |
135 | int mm_answer_pam_start(int, struct sshbuf *); | - |
136 | int mm_answer_pam_account(int, struct sshbuf *); | - |
137 | int mm_answer_pam_init_ctx(int, struct sshbuf *); | - |
138 | int mm_answer_pam_query(int, struct sshbuf *); | - |
139 | int mm_answer_pam_respond(int, struct sshbuf *); | - |
140 | int mm_answer_pam_free_ctx(int, struct sshbuf *); | - |
141 | #endif | - |
142 | | - |
143 | #ifdef GSSAPI | - |
144 | int mm_answer_gss_setup_ctx(int, struct sshbuf *); | - |
145 | int mm_answer_gss_accept_ctx(int, struct sshbuf *); | - |
146 | int mm_answer_gss_userok(int, struct sshbuf *); | - |
147 | int mm_answer_gss_checkmic(int, struct sshbuf *); | - |
148 | #endif | - |
149 | | - |
150 | #ifdef SSH_AUDIT_EVENTS | - |
151 | int mm_answer_audit_event(int, struct sshbuf *); | - |
152 | int mm_answer_audit_command(int, struct sshbuf *); | - |
153 | #endif | - |
154 | | - |
155 | static int monitor_read_log(struct monitor *); | - |
156 | | - |
157 | static Authctxt *authctxt; | - |
158 | | - |
159 | | - |
160 | static u_char *key_blob = NULL; | - |
161 | static size_t key_bloblen = 0; | - |
162 | static int key_blobtype = MM_NOKEY; | - |
163 | static struct sshauthopt *key_opts = NULL; | - |
164 | static char *hostbased_cuser = NULL; | - |
165 | static char *hostbased_chost = NULL; | - |
166 | static char *auth_method = "unknown"; | - |
167 | static char *auth_submethod = NULL; | - |
168 | static u_int session_id2_len = 0; | - |
169 | static u_char *session_id2 = NULL; | - |
170 | static pid_t monitor_child_pid; | - |
171 | | - |
172 | struct mon_table { | - |
173 | enum monitor_reqtype type; | - |
174 | int flags; | - |
175 | int (*f)(int, struct sshbuf *); | - |
176 | }; | - |
177 | | - |
178 | #define MON_ISAUTH 0x0004 /* Required for Authentication */ | - |
179 | #define MON_AUTHDECIDE 0x0008 /* Decides Authentication */ | - |
180 | #define MON_ONCE 0x0010 /* Disable after calling */ | - |
181 | #define MON_ALOG 0x0020 /* Log auth attempt without authenticating */ | - |
182 | | - |
183 | #define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE) | - |
184 | | - |
185 | #define MON_PERMIT 0x1000 /* Request is permitted */ | - |
186 | | - |
187 | struct mon_table mon_dispatch_proto20[] = { | - |
188 | #ifdef WITH_OPENSSL | - |
189 | {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, | - |
190 | #endif | - |
191 | {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, | - |
192 | {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, | - |
193 | {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, | - |
194 | {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, | - |
195 | {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, | - |
196 | #ifdef USE_PAM | - |
197 | {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, | - |
198 | {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, | - |
199 | {MONITOR_REQ_PAM_INIT_CTX, MON_ONCE, mm_answer_pam_init_ctx}, | - |
200 | {MONITOR_REQ_PAM_QUERY, 0, mm_answer_pam_query}, | - |
201 | {MONITOR_REQ_PAM_RESPOND, MON_ONCE, mm_answer_pam_respond}, | - |
202 | {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, | - |
203 | #endif | - |
204 | #ifdef SSH_AUDIT_EVENTS | - |
205 | {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, | - |
206 | #endif | - |
207 | #ifdef BSD_AUTH | - |
208 | {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, | - |
209 | {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, | - |
210 | #endif | - |
211 | {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, | - |
212 | {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, | - |
213 | #ifdef GSSAPI | - |
214 | {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx}, | - |
215 | {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, | - |
216 | {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, | - |
217 | {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, | - |
218 | #endif | - |
219 | {0, 0, NULL} | - |
220 | }; | - |
221 | | - |
222 | struct mon_table mon_dispatch_postauth20[] = { | - |
223 | #ifdef WITH_OPENSSL | - |
224 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, | - |
225 | #endif | - |
226 | {MONITOR_REQ_SIGN, 0, mm_answer_sign}, | - |
227 | {MONITOR_REQ_PTY, 0, mm_answer_pty}, | - |
228 | {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup}, | - |
229 | {MONITOR_REQ_TERM, 0, mm_answer_term}, | - |
230 | #ifdef SSH_AUDIT_EVENTS | - |
231 | {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, | - |
232 | {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, | - |
233 | #endif | - |
234 | {0, 0, NULL} | - |
235 | }; | - |
236 | | - |
237 | struct mon_table *mon_dispatch; | - |
238 | | - |
239 | | - |
240 | static void | - |
241 | monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit) | - |
242 | { | - |
243 | while (ent->f != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
244 | if (ent->type == type) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
245 | ent->flags &= ~MON_PERMIT; | - |
246 | ent->flags |= permit ? MON_PERMIT : 0;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
247 | return; never executed: return; | 0 |
248 | } | - |
249 | ent++; | - |
250 | } never executed: end of block | 0 |
251 | } never executed: end of block | 0 |
252 | | - |
253 | static void | - |
254 | monitor_permit_authentications(int permit) | - |
255 | { | - |
256 | struct mon_table *ent = mon_dispatch; | - |
257 | | - |
258 | while (ent->f != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
259 | if (ent->flags & MON_AUTH) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
260 | ent->flags &= ~MON_PERMIT; | - |
261 | ent->flags |= permit ? MON_PERMIT : 0;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
262 | } never executed: end of block | 0 |
263 | ent++; | - |
264 | } never executed: end of block | 0 |
265 | } never executed: end of block | 0 |
266 | | - |
267 | void | - |
268 | monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | - |
269 | { | - |
270 | struct ssh *ssh = active_state; | - |
271 | struct mon_table *ent; | - |
272 | int authenticated = 0, partial = 0; | - |
273 | | - |
274 | debug3("preauth child monitor started"); | - |
275 | | - |
276 | if (pmonitor->m_recvfd >= 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
277 | close(pmonitor->m_recvfd); never executed: close(pmonitor->m_recvfd); | 0 |
278 | if (pmonitor->m_log_sendfd >= 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
279 | close(pmonitor->m_log_sendfd); never executed: close(pmonitor->m_log_sendfd); | 0 |
280 | pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; | - |
281 | | - |
282 | authctxt = _authctxt; | - |
283 | memset(authctxt, 0, sizeof(*authctxt)); | - |
284 | ssh->authctxt = authctxt; | - |
285 | | - |
286 | authctxt->loginmsg = loginmsg; | - |
287 | | - |
288 | mon_dispatch = mon_dispatch_proto20; | - |
289 | | - |
290 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | - |
291 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | - |
292 | | - |
293 | | - |
294 | while (!authenticated) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
295 | partial = 0; | - |
296 | auth_method = "unknown"; | - |
297 | auth_submethod = NULL; | - |
298 | auth2_authctxt_reset_info(authctxt); | - |
299 | | - |
300 | authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1); | - |
301 | | - |
302 | | - |
303 | if (options.num_auth_methods != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
304 | if (authenticated &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
305 | !auth2_update_methods_lists(authctxt,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
306 | auth_method, auth_submethod)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
307 | debug3("%s: method %s: partial", __func__, | - |
308 | auth_method); | - |
309 | authenticated = 0; | - |
310 | partial = 1; | - |
311 | } never executed: end of block | 0 |
312 | } never executed: end of block | 0 |
313 | | - |
314 | if (authenticated) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
315 | if (!(ent->flags & MON_AUTHDECIDE))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
316 | fatal("%s: unexpected authentication from %d", never executed: fatal("%s: unexpected authentication from %d", __func__, ent->type); | 0 |
317 | __func__, ent->type); never executed: fatal("%s: unexpected authentication from %d", __func__, ent->type); | 0 |
318 | if (authctxt->pw->pw_uid == 0 &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
319 | !auth_root_allowed(ssh, auth_method))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
320 | authenticated = 0; never executed: authenticated = 0; | 0 |
321 | #ifdef USE_PAM | - |
322 | | - |
323 | if (options.use_pam && authenticated) { | - |
324 | struct sshbuf *m; | - |
325 | | - |
326 | if ((m = sshbuf_new()) == NULL) | - |
327 | fatal("%s: sshbuf_new failed", | - |
328 | __func__); | - |
329 | mm_request_receive_expect(pmonitor->m_sendfd, | - |
330 | MONITOR_REQ_PAM_ACCOUNT, m); | - |
331 | authenticated = mm_answer_pam_account( | - |
332 | pmonitor->m_sendfd, m); | - |
333 | sshbuf_free(m); | - |
334 | } | - |
335 | #endif | - |
336 | } never executed: end of block | 0 |
337 | if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
338 | auth_log(authctxt, authenticated, partial, | - |
339 | auth_method, auth_submethod); | - |
340 | if (!partial && !authenticated)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
341 | authctxt->failures++; never executed: authctxt->failures++; | 0 |
342 | if (authenticated || partial) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
343 | auth2_update_session_info(authctxt, | - |
344 | auth_method, auth_submethod); | - |
345 | } never executed: end of block | 0 |
346 | } never executed: end of block | 0 |
347 | } never executed: end of block | 0 |
348 | | - |
349 | if (!authctxt->valid)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
350 | fatal("%s: authenticated invalid user", __func__); never executed: fatal("%s: authenticated invalid user", __func__); | 0 |
351 | if (strcmp(auth_method, "unknown") == 0) never executed: __result = (((const unsigned char *) (const char *) ( auth_method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "unknown" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
352 | fatal("%s: authentication method name unknown", __func__); never executed: fatal("%s: authentication method name unknown", __func__); | 0 |
353 | | - |
354 | debug("%s: %s has been authenticated by privileged process", | - |
355 | __func__, authctxt->user); | - |
356 | ssh->authctxt = NULL; | - |
357 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | - |
358 | | - |
359 | mm_get_keystate(pmonitor); | - |
360 | | - |
361 | | - |
362 | while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
363 | ; never executed: ; | 0 |
364 | | - |
365 | if (pmonitor->m_recvfd >= 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
366 | close(pmonitor->m_recvfd); never executed: close(pmonitor->m_recvfd); | 0 |
367 | if (pmonitor->m_log_sendfd >= 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
368 | close(pmonitor->m_log_sendfd); never executed: close(pmonitor->m_log_sendfd); | 0 |
369 | pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1; | - |
370 | } never executed: end of block | 0 |
371 | | - |
372 | static void | - |
373 | monitor_set_child_handler(pid_t pid) | - |
374 | { | - |
375 | monitor_child_pid = pid; | - |
376 | } never executed: end of block | 0 |
377 | | - |
378 | static void | - |
379 | monitor_child_handler(int sig) | - |
380 | { | - |
381 | kill(monitor_child_pid, sig); | - |
382 | } never executed: end of block | 0 |
383 | | - |
384 | void | - |
385 | monitor_child_postauth(struct monitor *pmonitor) | - |
386 | { | - |
387 | close(pmonitor->m_recvfd); | - |
388 | pmonitor->m_recvfd = -1; | - |
389 | | - |
390 | monitor_set_child_handler(pmonitor->m_pid); | - |
391 | signal(SIGHUP, &monitor_child_handler); | - |
392 | signal(SIGTERM, &monitor_child_handler); | - |
393 | signal(SIGINT, &monitor_child_handler); | - |
394 | #ifdef SIGXFSZ | - |
395 | signal(SIGXFSZ, SIG_IGN); | - |
396 | #endif | - |
397 | | - |
398 | mon_dispatch = mon_dispatch_postauth20; | - |
399 | | - |
400 | | - |
401 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | - |
402 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | - |
403 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); | - |
404 | | - |
405 | if (auth_opts->permit_pty_flag) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
406 | monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); | - |
407 | monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1); | - |
408 | } never executed: end of block | 0 |
409 | | - |
410 | for (;;) | - |
411 | monitor_read(pmonitor, mon_dispatch, NULL); never executed: monitor_read(pmonitor, mon_dispatch, ((void *)0) ); | 0 |
412 | } never executed: end of block | 0 |
413 | | - |
414 | static int | - |
415 | monitor_read_log(struct monitor *pmonitor) | - |
416 | { | - |
417 | struct sshbuf *logmsg; | - |
418 | u_int len, level; | - |
419 | char *msg; | - |
420 | u_char *p; | - |
421 | int r; | - |
422 | | - |
423 | if ((logmsg = sshbuf_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
424 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
425 | | - |
426 | | - |
427 | if ((r = sshbuf_reserve(logmsg, 4, &p)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
428 | fatal("%s: reserve: %s", __func__, ssh_err(r)); never executed: fatal("%s: reserve: %s", __func__, ssh_err(r)); | 0 |
429 | if (atomicio(read, pmonitor->m_log_recvfd, p, 4) != 4) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
430 | if (errno == EPIPE) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
431 | sshbuf_free(logmsg); | - |
432 | debug("%s: child log fd closed", __func__); | - |
433 | close(pmonitor->m_log_recvfd); | - |
434 | pmonitor->m_log_recvfd = -1; | - |
435 | return -1; never executed: return -1; | 0 |
436 | } | - |
437 | fatal("%s: log fd read: %s", __func__, strerror(errno)); | - |
438 | } never executed: end of block | 0 |
439 | if ((r = sshbuf_get_u32(logmsg, &len)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
440 | fatal("%s: get len: %s", __func__, ssh_err(r)); never executed: fatal("%s: get len: %s", __func__, ssh_err(r)); | 0 |
441 | if (len <= 4 || len > 8192)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
442 | fatal("%s: invalid log message length %u", __func__, len); never executed: fatal("%s: invalid log message length %u", __func__, len); | 0 |
443 | | - |
444 | | - |
445 | sshbuf_reset(logmsg); | - |
446 | if ((r = sshbuf_reserve(logmsg, len, &p)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
447 | fatal("%s: reserve: %s", __func__, ssh_err(r)); never executed: fatal("%s: reserve: %s", __func__, ssh_err(r)); | 0 |
448 | if (atomicio(read, pmonitor->m_log_recvfd, p, len) != len)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
449 | fatal("%s: log fd read: %s", __func__, strerror(errno)); never executed: fatal("%s: log fd read: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
450 | if ((r = sshbuf_get_u32(logmsg, &level)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
451 | (r = sshbuf_get_cstring(logmsg, &msg, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
452 | fatal("%s: decode: %s", __func__, ssh_err(r)); never executed: fatal("%s: decode: %s", __func__, ssh_err(r)); | 0 |
453 | | - |
454 | | - |
455 | if (log_level_name(level) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
456 | fatal("%s: invalid log level %u (corrupted message?)", never executed: fatal("%s: invalid log level %u (corrupted message?)", __func__, level); | 0 |
457 | __func__, level); never executed: fatal("%s: invalid log level %u (corrupted message?)", __func__, level); | 0 |
458 | do_log2(level, "%s [preauth]", msg); | - |
459 | | - |
460 | sshbuf_free(logmsg); | - |
461 | free(msg); | - |
462 | | - |
463 | return 0; never executed: return 0; | 0 |
464 | } | - |
465 | | - |
466 | int | - |
467 | monitor_read(struct monitor *pmonitor, struct mon_table *ent, | - |
468 | struct mon_table **pent) | - |
469 | { | - |
470 | struct sshbuf *m; | - |
471 | int r, ret; | - |
472 | u_char type; | - |
473 | struct pollfd pfd[2]; | - |
474 | | - |
475 | for (;;) { | - |
476 | memset(&pfd, 0, sizeof(pfd)); | - |
477 | pfd[0].fd = pmonitor->m_sendfd; | - |
478 | pfd[0].events = POLLIN; | - |
479 | pfd[1].fd = pmonitor->m_log_recvfd; | - |
480 | pfd[1].events = pfd[1].fd == -1 ? 0 : POLLIN;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
481 | if (poll(pfd, pfd[1].fd == -1 ? 1 : 2, -1) == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
482 | if (errno == EINTR || errno == EAGAIN)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
483 | continue; never executed: continue; | 0 |
484 | fatal("%s: poll: %s", __func__, strerror(errno)); | - |
485 | } never executed: end of block | 0 |
486 | if (pfd[1].revents) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
487 | | - |
488 | | - |
489 | | - |
490 | | - |
491 | monitor_read_log(pmonitor); | - |
492 | continue; never executed: continue; | 0 |
493 | } | - |
494 | if (pfd[0].revents)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
495 | break; never executed: break; | 0 |
496 | } never executed: end of block | 0 |
497 | | - |
498 | if ((m = sshbuf_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
499 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
500 | | - |
501 | mm_request_receive(pmonitor->m_sendfd, m); | - |
502 | if ((r = sshbuf_get_u8(m, &type)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
503 | fatal("%s: decode: %s", __func__, ssh_err(r)); never executed: fatal("%s: decode: %s", __func__, ssh_err(r)); | 0 |
504 | | - |
505 | debug3("%s: checking request %d", __func__, type); | - |
506 | | - |
507 | while (ent->f != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
508 | if (ent->type == type)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
509 | break; never executed: break; | 0 |
510 | ent++; | - |
511 | } never executed: end of block | 0 |
512 | | - |
513 | if (ent->f != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
514 | if (!(ent->flags & MON_PERMIT))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
515 | fatal("%s: unpermitted request %d", __func__, never executed: fatal("%s: unpermitted request %d", __func__, type); | 0 |
516 | type); never executed: fatal("%s: unpermitted request %d", __func__, type); | 0 |
517 | ret = (*ent->f)(pmonitor->m_sendfd, m); | - |
518 | sshbuf_free(m); | - |
519 | | - |
520 | | - |
521 | if (ent->flags & MON_ONCE) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
522 | debug2("%s: %d used once, disabling now", __func__, | - |
523 | type); | - |
524 | ent->flags &= ~MON_PERMIT; | - |
525 | } never executed: end of block | 0 |
526 | | - |
527 | if (pent != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
528 | *pent = ent; never executed: *pent = ent; | 0 |
529 | | - |
530 | return ret; never executed: return ret; | 0 |
531 | } | - |
532 | | - |
533 | fatal("%s: unsupported request: %d", __func__, type); | - |
534 | | - |
535 | | - |
536 | return (-1); never executed: return (-1); | 0 |
537 | } | - |
538 | | - |
539 | | - |
540 | static int | - |
541 | monitor_allowed_key(u_char *blob, u_int bloblen) | - |
542 | { | - |
543 | | - |
544 | if (key_blob == NULL || key_bloblen != bloblen ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
545 | timingsafe_bcmp(key_blob, blob, key_bloblen))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
546 | return (0); never executed: return (0); | 0 |
547 | return (1); never executed: return (1); | 0 |
548 | } | - |
549 | | - |
550 | static void | - |
551 | monitor_reset_key_state(void) | - |
552 | { | - |
553 | | - |
554 | free(key_blob); | - |
555 | free(hostbased_cuser); | - |
556 | free(hostbased_chost); | - |
557 | sshauthopt_free(key_opts); | - |
558 | key_blob = NULL; | - |
559 | key_bloblen = 0; | - |
560 | key_blobtype = MM_NOKEY; | - |
561 | key_opts = NULL; | - |
562 | hostbased_cuser = NULL; | - |
563 | hostbased_chost = NULL; | - |
564 | } never executed: end of block | 0 |
565 | | - |
566 | #ifdef WITH_OPENSSL | - |
567 | int | - |
568 | mm_answer_moduli(int sock, struct sshbuf *m) | - |
569 | { | - |
570 | DH *dh; | - |
571 | const BIGNUM *dh_p, *dh_g; | - |
572 | int r; | - |
573 | u_int min, want, max; | - |
574 | | - |
575 | if ((r = sshbuf_get_u32(m, &min)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
576 | (r = sshbuf_get_u32(m, &want)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
577 | (r = sshbuf_get_u32(m, &max)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
578 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
579 | | - |
580 | debug3("%s: got parameters: %d %d %d", | - |
581 | __func__, min, want, max); | - |
582 | | - |
583 | if (max < min || want < min || max < want)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
584 | fatal("%s: bad parameters: %d %d %d", never executed: fatal("%s: bad parameters: %d %d %d", __func__, min, want, max); | 0 |
585 | __func__, min, want, max); never executed: fatal("%s: bad parameters: %d %d %d", __func__, min, want, max); | 0 |
586 | | - |
587 | sshbuf_reset(m); | - |
588 | | - |
589 | dh = choose_dh(min, want, max); | - |
590 | if (dh == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
591 | if ((r = sshbuf_put_u8(m, 0)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
592 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
593 | return (0); never executed: return (0); | 0 |
594 | } else { | - |
595 | | - |
596 | DH_get0_pqg(dh, &dh_p, NULL, &dh_g); | - |
597 | if ((r = sshbuf_put_u8(m, 1)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
598 | (r = sshbuf_put_bignum2(m, dh_p)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
599 | (r = sshbuf_put_bignum2(m, dh_g)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
600 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
601 | | - |
602 | DH_free(dh); | - |
603 | } never executed: end of block | 0 |
604 | mm_request_send(sock, MONITOR_ANS_MODULI, m); | - |
605 | return (0); never executed: return (0); | 0 |
606 | } | - |
607 | #endif | - |
608 | | - |
609 | int | - |
610 | mm_answer_sign(int sock, struct sshbuf *m) | - |
611 | { | - |
612 | struct ssh *ssh = active_state; | - |
613 | extern int auth_sock; | - |
614 | struct sshkey *key; | - |
615 | struct sshbuf *sigbuf = NULL; | - |
616 | u_char *p = NULL, *signature = NULL; | - |
617 | char *alg = NULL; | - |
618 | size_t datlen, siglen, alglen; | - |
619 | int r, is_proof = 0; | - |
620 | u_int keyid, compat; | - |
621 | const char proof_req[] = "hostkeys-prove-00@openssh.com"; | - |
622 | | - |
623 | debug3("%s", __func__); | - |
624 | | - |
625 | if ((r = sshbuf_get_u32(m, &keyid)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
626 | (r = sshbuf_get_string(m, &p, &datlen)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
627 | (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
628 | (r = sshbuf_get_u32(m, &compat)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
629 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
630 | if (keyid > INT_MAX)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
631 | fatal("%s: invalid key ID", __func__); never executed: fatal("%s: invalid key ID", __func__); | 0 |
632 | | - |
633 | | - |
634 | | - |
635 | | - |
636 | | - |
637 | | - |
638 | | - |
639 | | - |
640 | | - |
641 | | - |
642 | | - |
643 | | - |
644 | if (datlen != 20 && datlen != 32 && datlen != 48 && datlen != 64) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
645 | | - |
646 | | - |
647 | | - |
648 | | - |
649 | if (session_id2_len == 0) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
650 | fatal("%s: bad data length: %zu", __func__, datlen); never executed: fatal("%s: bad data length: %zu", __func__, datlen); | 0 |
651 | if ((key = get_hostkey_public_by_index(keyid, ssh)) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
652 | fatal("%s: no hostkey for index %d", __func__, keyid); never executed: fatal("%s: no hostkey for index %d", __func__, keyid); | 0 |
653 | if ((sigbuf = sshbuf_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
654 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
655 | if ((r = sshbuf_put_cstring(sigbuf, proof_req)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
656 | (r = sshbuf_put_string(sigbuf, session_id2,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
657 | session_id2_len)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
658 | (r = sshkey_puts(key, sigbuf)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
659 | fatal("%s: couldn't prepare private key " never executed: fatal("%s: couldn't prepare private key " "proof buffer: %s", __func__, ssh_err(r)); | 0 |
660 | "proof buffer: %s", __func__, ssh_err(r)); never executed: fatal("%s: couldn't prepare private key " "proof buffer: %s", __func__, ssh_err(r)); | 0 |
661 | if (datlen != sshbuf_len(sigbuf) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
662 | memcmp(p, sshbuf_ptr(sigbuf), sshbuf_len(sigbuf)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
663 | fatal("%s: bad data length: %zu, hostkey proof len %zu", never executed: fatal("%s: bad data length: %zu, hostkey proof len %zu", __func__, datlen, sshbuf_len(sigbuf)); | 0 |
664 | __func__, datlen, sshbuf_len(sigbuf)); never executed: fatal("%s: bad data length: %zu, hostkey proof len %zu", __func__, datlen, sshbuf_len(sigbuf)); | 0 |
665 | sshbuf_free(sigbuf); | - |
666 | is_proof = 1; | - |
667 | } never executed: end of block | 0 |
668 | | - |
669 | | - |
670 | if (session_id2_len == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
671 | session_id2_len = datlen; | - |
672 | session_id2 = xmalloc(session_id2_len); | - |
673 | memcpy(session_id2, p, session_id2_len); | - |
674 | } never executed: end of block | 0 |
675 | | - |
676 | if ((key = get_hostkey_by_index(keyid)) != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
677 | if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
678 | compat)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
679 | fatal("%s: sshkey_sign failed: %s", never executed: fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); | 0 |
680 | __func__, ssh_err(r)); never executed: fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); | 0 |
681 | } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
682 | auth_sock > 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
683 | if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
684 | p, datlen, alg, compat)) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
685 | fatal("%s: ssh_agent_sign failed: %s", | - |
686 | __func__, ssh_err(r)); | - |
687 | } never executed: end of block | 0 |
688 | } else never executed: end of block | 0 |
689 | fatal("%s: no hostkey from index %d", __func__, keyid); never executed: fatal("%s: no hostkey from index %d", __func__, keyid); | 0 |
690 | | - |
691 | debug3("%s: %s signature %p(%zu)", __func__, | - |
692 | is_proof ? "KEX" : "hostkey proof", signature, siglen); | - |
693 | | - |
694 | sshbuf_reset(m); | - |
695 | if ((r = sshbuf_put_string(m, signature, siglen)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
696 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
697 | | - |
698 | free(alg); | - |
699 | free(p); | - |
700 | free(signature); | - |
701 | | - |
702 | mm_request_send(sock, MONITOR_ANS_SIGN, m); | - |
703 | | - |
704 | | - |
705 | monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); | - |
706 | | - |
707 | return (0); never executed: return (0); | 0 |
708 | } | - |
709 | | - |
710 | | - |
711 | | - |
712 | int | - |
713 | mm_answer_pwnamallow(int sock, struct sshbuf *m) | - |
714 | { | - |
715 | struct ssh *ssh = active_state; | - |
716 | char *username; | - |
717 | struct passwd *pwent; | - |
718 | int r, allowed = 0; | - |
719 | u_int i; | - |
720 | | - |
721 | debug3("%s", __func__); | - |
722 | | - |
723 | if (authctxt->attempt++ != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
724 | fatal("%s: multiple attempts for getpwnam", __func__); never executed: fatal("%s: multiple attempts for getpwnam", __func__); | 0 |
725 | | - |
726 | if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
727 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
728 | | - |
729 | pwent = getpwnamallow(username); | - |
730 | | - |
731 | authctxt->user = xstrdup(username); | - |
732 | setproctitle("%s [priv]", pwent ? username : "unknown"); | - |
733 | free(username); | - |
734 | | - |
735 | sshbuf_reset(m); | - |
736 | | - |
737 | if (pwent == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
738 | if ((r = sshbuf_put_u8(m, 0)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
739 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
740 | authctxt->pw = fakepw(); | - |
741 | goto out; never executed: goto out; | 0 |
742 | } | - |
743 | | - |
744 | allowed = 1; | - |
745 | authctxt->pw = pwent; | - |
746 | authctxt->valid = 1; | - |
747 | | - |
748 | | - |
749 | if ((r = sshbuf_put_u8(m, 1)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
750 | (r = sshbuf_put_string(m, pwent, sizeof(*pwent))) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
751 | (r = sshbuf_put_cstring(m, pwent->pw_name)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
752 | (r = sshbuf_put_cstring(m, "*")) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
753 | #ifdef HAVE_STRUCT_PASSWD_PW_GECOS | - |
754 | (r = sshbuf_put_cstring(m, pwent->pw_gecos)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
755 | #endif | - |
756 | #ifdef HAVE_STRUCT_PASSWD_PW_CLASS | - |
757 | (r = sshbuf_put_cstring(m, pwent->pw_class)) != 0 || | - |
758 | #endif | - |
759 | (r = sshbuf_put_cstring(m, pwent->pw_dir)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
760 | (r = sshbuf_put_cstring(m, pwent->pw_shell)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
761 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
762 | | - |
763 | out: code before this statement never executed: out: | 0 |
764 | ssh_packet_set_log_preamble(ssh, "%suser %s", | - |
765 | authctxt->valid ? "authenticating" : "invalid ", authctxt->user); | - |
766 | if ((r = sshbuf_put_string(m, &options, sizeof(options))) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
767 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
768 | | - |
769 | #define M_CP_STROPT(x) do { \ | - |
770 | if (options.x != NULL) { \ | - |
771 | if ((r = sshbuf_put_cstring(m, options.x)) != 0) \ | - |
772 | fatal("%s: buffer error: %s", \ | - |
773 | __func__, ssh_err(r)); \ | - |
774 | } \ | - |
775 | } while (0) | - |
776 | #define M_CP_STRARRAYOPT(x, nx) do { \ | - |
777 | for (i = 0; i < options.nx; i++) { \ | - |
778 | if ((r = sshbuf_put_cstring(m, options.x[i])) != 0) \ | - |
779 | fatal("%s: buffer error: %s", \ | - |
780 | __func__, ssh_err(r)); \ | - |
781 | } \ | - |
782 | } while (0) | - |
783 | | - |
784 | COPY_MATCH_STRING_OPTS(); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
785 | #undef M_CP_STROPT | - |
786 | #undef M_CP_STRARRAYOPT | - |
787 | | - |
788 | | - |
789 | if (auth2_setup_methods_lists(authctxt) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
790 | | - |
791 | | - |
792 | | - |
793 | | - |
794 | | - |
795 | debug("%s: no valid authentication method lists", __func__); | - |
796 | } never executed: end of block | 0 |
797 | | - |
798 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); | - |
799 | mm_request_send(sock, MONITOR_ANS_PWNAM, m); | - |
800 | | - |
801 | | - |
802 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); | - |
803 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); | - |
804 | | - |
805 | #ifdef USE_PAM | - |
806 | if (options.use_pam) | - |
807 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1); | - |
808 | #endif | - |
809 | | - |
810 | return (0); never executed: return (0); | 0 |
811 | } | - |
812 | | - |
813 | int mm_answer_auth2_read_banner(int sock, struct sshbuf *m) | - |
814 | { | - |
815 | char *banner; | - |
816 | int r; | - |
817 | | - |
818 | sshbuf_reset(m); | - |
819 | banner = auth2_read_banner(); | - |
820 | if ((r = sshbuf_put_cstring(m, banner != NULL ? banner : "")) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
821 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
822 | mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m); | - |
823 | free(banner); | - |
824 | | - |
825 | return (0); never executed: return (0); | 0 |
826 | } | - |
827 | | - |
828 | int | - |
829 | mm_answer_authserv(int sock, struct sshbuf *m) | - |
830 | { | - |
831 | int r; | - |
832 | | - |
833 | monitor_permit_authentications(1); | - |
834 | | - |
835 | if ((r = sshbuf_get_cstring(m, &authctxt->service, NULL)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
836 | (r = sshbuf_get_cstring(m, &authctxt->style, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
837 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
838 | debug3("%s: service=%s, style=%s", | - |
839 | __func__, authctxt->service, authctxt->style); | - |
840 | | - |
841 | if (strlen(authctxt->style) == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
842 | free(authctxt->style); | - |
843 | authctxt->style = NULL; | - |
844 | } never executed: end of block | 0 |
845 | | - |
846 | return (0); never executed: return (0); | 0 |
847 | } | - |
848 | | - |
849 | int | - |
850 | mm_answer_authpassword(int sock, struct sshbuf *m) | - |
851 | { | - |
852 | struct ssh *ssh = active_state; | - |
853 | static int call_count; | - |
854 | char *passwd; | - |
855 | int r, authenticated; | - |
856 | size_t plen; | - |
857 | | - |
858 | if (!options.password_authentication)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
859 | fatal("%s: password authentication not enabled", __func__); never executed: fatal("%s: password authentication not enabled", __func__); | 0 |
860 | if ((r = sshbuf_get_cstring(m, &passwd, &plen)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
861 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
862 | | - |
863 | authenticated = options.password_authentication &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
864 | auth_password(ssh, passwd);TRUE | never evaluated | FALSE | never evaluated |
| 0 |
865 | explicit_bzero(passwd, plen); | - |
866 | free(passwd); | - |
867 | | - |
868 | sshbuf_reset(m); | - |
869 | if ((r = sshbuf_put_u32(m, authenticated)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
870 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
871 | #ifdef USE_PAM | - |
872 | if ((r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0) | - |
873 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
874 | #endif | - |
875 | | - |
876 | debug3("%s: sending result %d", __func__, authenticated); | - |
877 | mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m); | - |
878 | | - |
879 | call_count++; | - |
880 | if (plen == 0 && call_count == 1)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
881 | auth_method = "none"; never executed: auth_method = "none"; | 0 |
882 | else | - |
883 | auth_method = "password"; never executed: auth_method = "password"; | 0 |
884 | | - |
885 | | - |
886 | return (authenticated); never executed: return (authenticated); | 0 |
887 | } | - |
888 | | - |
889 | #ifdef BSD_AUTH | - |
890 | int | - |
891 | mm_answer_bsdauthquery(int sock, struct sshbuf *m) | - |
892 | { | - |
893 | char *name, *infotxt; | - |
894 | u_int numprompts, *echo_on, success; | - |
895 | char **prompts; | - |
896 | int r; | - |
897 | | - |
898 | if (!options.kbd_interactive_authentication) | - |
899 | fatal("%s: kbd-int authentication not enabled", __func__); | - |
900 | success = bsdauth_query(authctxt, &name, &infotxt, &numprompts, | - |
901 | &prompts, &echo_on) < 0 ? 0 : 1; | - |
902 | | - |
903 | sshbuf_reset(m); | - |
904 | if ((r = sshbuf_put_u32(m, success)) != 0) | - |
905 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
906 | if (success) { | - |
907 | if ((r = sshbuf_put_cstring(m, prompts[0])) != 0) | - |
908 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
909 | } | - |
910 | | - |
911 | debug3("%s: sending challenge success: %u", __func__, success); | - |
912 | mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m); | - |
913 | | - |
914 | if (success) { | - |
915 | free(name); | - |
916 | free(infotxt); | - |
917 | free(prompts); | - |
918 | free(echo_on); | - |
919 | } | - |
920 | | - |
921 | return (0); | - |
922 | } | - |
923 | | - |
924 | int | - |
925 | mm_answer_bsdauthrespond(int sock, struct sshbuf *m) | - |
926 | { | - |
927 | char *response; | - |
928 | int r, authok; | - |
929 | | - |
930 | if (!options.kbd_interactive_authentication) | - |
931 | fatal("%s: kbd-int authentication not enabled", __func__); | - |
932 | if (authctxt->as == NULL) | - |
933 | fatal("%s: no bsd auth session", __func__); | - |
934 | | - |
935 | if ((r = sshbuf_get_cstring(m, &response, NULL)) != 0) | - |
936 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
937 | authok = options.challenge_response_authentication && | - |
938 | auth_userresponse(authctxt->as, response, 0); | - |
939 | authctxt->as = NULL; | - |
940 | debug3("%s: <%s> = <%d>", __func__, response, authok); | - |
941 | free(response); | - |
942 | | - |
943 | sshbuf_reset(m); | - |
944 | if ((r = sshbuf_put_u32(m, authok)) != 0) | - |
945 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
946 | | - |
947 | debug3("%s: sending authenticated: %d", __func__, authok); | - |
948 | mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m); | - |
949 | | - |
950 | auth_method = "keyboard-interactive"; | - |
951 | auth_submethod = "bsdauth"; | - |
952 | | - |
953 | return (authok != 0); | - |
954 | } | - |
955 | #endif | - |
956 | | - |
957 | #ifdef USE_PAM | - |
958 | int | - |
959 | mm_answer_pam_start(int sock, struct sshbuf *m) | - |
960 | { | - |
961 | if (!options.use_pam) | - |
962 | fatal("UsePAM not set, but ended up in %s anyway", __func__); | - |
963 | | - |
964 | start_pam(authctxt); | - |
965 | | - |
966 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1); | - |
967 | if (options.kbd_interactive_authentication) | - |
968 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1); | - |
969 | | - |
970 | return (0); | - |
971 | } | - |
972 | | - |
973 | int | - |
974 | mm_answer_pam_account(int sock, struct sshbuf *m) | - |
975 | { | - |
976 | u_int ret; | - |
977 | int r; | - |
978 | | - |
979 | if (!options.use_pam) | - |
980 | fatal("%s: PAM not enabled", __func__); | - |
981 | | - |
982 | ret = do_pam_account(); | - |
983 | | - |
984 | if ((r = sshbuf_put_u32(m, ret)) != 0 || | - |
985 | (r = sshbuf_put_stringb(m, loginmsg)) != 0) | - |
986 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
987 | | - |
988 | mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); | - |
989 | | - |
990 | return (ret); | - |
991 | } | - |
992 | | - |
993 | static void *sshpam_ctxt, *sshpam_authok; | - |
994 | extern KbdintDevice sshpam_device; | - |
995 | | - |
996 | int | - |
997 | mm_answer_pam_init_ctx(int sock, struct sshbuf *m) | - |
998 | { | - |
999 | u_int ok = 0; | - |
1000 | int r; | - |
1001 | | - |
1002 | debug3("%s", __func__); | - |
1003 | if (!options.kbd_interactive_authentication) | - |
1004 | fatal("%s: kbd-int authentication not enabled", __func__); | - |
1005 | if (sshpam_ctxt != NULL) | - |
1006 | fatal("%s: already called", __func__); | - |
1007 | sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); | - |
1008 | sshpam_authok = NULL; | - |
1009 | sshbuf_reset(m); | - |
1010 | if (sshpam_ctxt != NULL) { | - |
1011 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); | - |
1012 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1); | - |
1013 | ok = 1; | - |
1014 | } | - |
1015 | if ((r = sshbuf_put_u32(m, ok)) != 0) | - |
1016 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1017 | mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m); | - |
1018 | return (0); | - |
1019 | } | - |
1020 | | - |
1021 | int | - |
1022 | mm_answer_pam_query(int sock, struct sshbuf *m) | - |
1023 | { | - |
1024 | char *name = NULL, *info = NULL, **prompts = NULL; | - |
1025 | u_int i, num = 0, *echo_on = 0; | - |
1026 | int r, ret; | - |
1027 | | - |
1028 | debug3("%s", __func__); | - |
1029 | sshpam_authok = NULL; | - |
1030 | if (sshpam_ctxt == NULL) | - |
1031 | fatal("%s: no context", __func__); | - |
1032 | ret = (sshpam_device.query)(sshpam_ctxt, &name, &info, | - |
1033 | &num, &prompts, &echo_on); | - |
1034 | if (ret == 0 && num == 0) | - |
1035 | sshpam_authok = sshpam_ctxt; | - |
1036 | if (num > 1 || name == NULL || info == NULL) | - |
1037 | fatal("sshpam_device.query failed"); | - |
1038 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1); | - |
1039 | sshbuf_reset(m); | - |
1040 | if ((r = sshbuf_put_u32(m, ret)) != 0 || | - |
1041 | (r = sshbuf_put_cstring(m, name)) != 0 || | - |
1042 | (r = sshbuf_put_cstring(m, info)) != 0 || | - |
1043 | (r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 || | - |
1044 | (r = sshbuf_put_u32(m, num)) != 0) | - |
1045 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1046 | free(name); | - |
1047 | free(info); | - |
1048 | for (i = 0; i < num; ++i) { | - |
1049 | if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 || | - |
1050 | (r = sshbuf_put_u32(m, echo_on[i])) != 0) | - |
1051 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1052 | free(prompts[i]); | - |
1053 | } | - |
1054 | free(prompts); | - |
1055 | free(echo_on); | - |
1056 | auth_method = "keyboard-interactive"; | - |
1057 | auth_submethod = "pam"; | - |
1058 | mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m); | - |
1059 | return (0); | - |
1060 | } | - |
1061 | | - |
1062 | int | - |
1063 | mm_answer_pam_respond(int sock, struct sshbuf *m) | - |
1064 | { | - |
1065 | char **resp; | - |
1066 | u_int i, num; | - |
1067 | int r, ret; | - |
1068 | | - |
1069 | debug3("%s", __func__); | - |
1070 | if (sshpam_ctxt == NULL) | - |
1071 | fatal("%s: no context", __func__); | - |
1072 | sshpam_authok = NULL; | - |
1073 | if ((r = sshbuf_get_u32(m, &num)) != 0) | - |
1074 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1075 | if (num > 0) { | - |
1076 | resp = xcalloc(num, sizeof(char *)); | - |
1077 | for (i = 0; i < num; ++i) { | - |
1078 | if ((r = sshbuf_get_cstring(m, &(resp[i]), NULL)) != 0) | - |
1079 | fatal("%s: buffer error: %s", | - |
1080 | __func__, ssh_err(r)); | - |
1081 | } | - |
1082 | ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); | - |
1083 | for (i = 0; i < num; ++i) | - |
1084 | free(resp[i]); | - |
1085 | free(resp); | - |
1086 | } else { | - |
1087 | ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); | - |
1088 | } | - |
1089 | sshbuf_reset(m); | - |
1090 | if ((r = sshbuf_put_u32(m, ret)) != 0) | - |
1091 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1092 | mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); | - |
1093 | auth_method = "keyboard-interactive"; | - |
1094 | auth_submethod = "pam"; | - |
1095 | if (ret == 0) | - |
1096 | sshpam_authok = sshpam_ctxt; | - |
1097 | return (0); | - |
1098 | } | - |
1099 | | - |
1100 | int | - |
1101 | mm_answer_pam_free_ctx(int sock, struct sshbuf *m) | - |
1102 | { | - |
1103 | int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; | - |
1104 | | - |
1105 | debug3("%s", __func__); | - |
1106 | if (sshpam_ctxt == NULL) | - |
1107 | fatal("%s: no context", __func__); | - |
1108 | (sshpam_device.free_ctx)(sshpam_ctxt); | - |
1109 | sshpam_ctxt = sshpam_authok = NULL; | - |
1110 | sshbuf_reset(m); | - |
1111 | mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); | - |
1112 | | - |
1113 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1); | - |
1114 | auth_method = "keyboard-interactive"; | - |
1115 | auth_submethod = "pam"; | - |
1116 | return r; | - |
1117 | } | - |
1118 | #endif | - |
1119 | | - |
1120 | int | - |
1121 | mm_answer_keyallowed(int sock, struct sshbuf *m) | - |
1122 | { | - |
1123 | struct ssh *ssh = active_state; | - |
1124 | struct sshkey *key = NULL; | - |
1125 | char *cuser, *chost; | - |
1126 | u_int pubkey_auth_attempt; | - |
1127 | enum mm_keytype type = 0; | - |
1128 | int r, allowed = 0; | - |
1129 | struct sshauthopt *opts = NULL; | - |
1130 | | - |
1131 | debug3("%s entering", __func__); | - |
1132 | if ((r = sshbuf_get_u32(m, &type)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1133 | (r = sshbuf_get_cstring(m, &cuser, NULL)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1134 | (r = sshbuf_get_cstring(m, &chost, NULL)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1135 | (r = sshkey_froms(m, &key)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1136 | (r = sshbuf_get_u32(m, &pubkey_auth_attempt)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1137 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1138 | | - |
1139 | debug3("%s: key_from_blob: %p", __func__, key); | - |
1140 | | - |
1141 | if (key != NULL && authctxt->valid) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1142 | | - |
1143 | if (sshkey_type_plain(key->type) == KEY_RSA &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1144 | (datafellows & SSH_BUG_RSASIGMD5) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1145 | fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__); never executed: fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__); | 0 |
1146 | | - |
1147 | switch (type) { | - |
1148 | case MM_USERKEY: never executed: case MM_USERKEY: | 0 |
1149 | auth_method = "publickey"; | - |
1150 | if (!options.pubkey_authentication)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1151 | break; never executed: break; | 0 |
1152 | if (auth2_key_already_used(authctxt, key))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1153 | break; never executed: break; | 0 |
1154 | if (match_pattern_list(sshkey_ssh_name(key),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1155 | options.pubkey_key_types, 0) != 1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1156 | break; never executed: break; | 0 |
1157 | allowed = user_key_allowed(ssh, authctxt->pw, key, | - |
1158 | pubkey_auth_attempt, &opts); | - |
1159 | break; never executed: break; | 0 |
1160 | case MM_HOSTKEY: never executed: case MM_HOSTKEY: | 0 |
1161 | auth_method = "hostbased"; | - |
1162 | if (!options.hostbased_authentication)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1163 | break; never executed: break; | 0 |
1164 | if (auth2_key_already_used(authctxt, key))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1165 | break; never executed: break; | 0 |
1166 | if (match_pattern_list(sshkey_ssh_name(key),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1167 | options.hostbased_key_types, 0) != 1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1168 | break; never executed: break; | 0 |
1169 | allowed = hostbased_key_allowed(authctxt->pw, | - |
1170 | cuser, chost, key); | - |
1171 | auth2_record_info(authctxt, | - |
1172 | "client user \"%.100s\", client host \"%.100s\"", | - |
1173 | cuser, chost); | - |
1174 | break; never executed: break; | 0 |
1175 | default: never executed: default: | 0 |
1176 | fatal("%s: unknown key type %d", __func__, type); | - |
1177 | break; never executed: break; | 0 |
1178 | } | - |
1179 | } | - |
1180 | | - |
1181 | debug3("%s: %s authentication%s: %s key is %s", __func__, | - |
1182 | auth_method, pubkey_auth_attempt ? "" : " test", | - |
1183 | (key == NULL || !authctxt->valid) ? "invalid" : sshkey_type(key), | - |
1184 | allowed ? "allowed" : "not allowed"); | - |
1185 | | - |
1186 | auth2_record_key(authctxt, 0, key); | - |
1187 | | - |
1188 | | - |
1189 | monitor_reset_key_state(); | - |
1190 | | - |
1191 | if (allowed) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1192 | | - |
1193 | if ((r = sshkey_to_blob(key, &key_blob, &key_bloblen)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1194 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1195 | key_blobtype = type; | - |
1196 | key_opts = opts; | - |
1197 | hostbased_cuser = cuser; | - |
1198 | hostbased_chost = chost; | - |
1199 | } else { never executed: end of block | 0 |
1200 | | - |
1201 | auth_log(authctxt, 0, 0, auth_method, NULL); | - |
1202 | free(cuser); | - |
1203 | free(chost); | - |
1204 | } never executed: end of block | 0 |
1205 | sshkey_free(key); | - |
1206 | | - |
1207 | sshbuf_reset(m); | - |
1208 | if ((r = sshbuf_put_u32(m, allowed)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1209 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1210 | if (opts != NULL && (r = sshauthopt_serialise(opts, m, 1)) != 0)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1211 | fatal("%s: sshauthopt_serialise: %s", __func__, ssh_err(r)); never executed: fatal("%s: sshauthopt_serialise: %s", __func__, ssh_err(r)); | 0 |
1212 | mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m); | - |
1213 | | - |
1214 | if (!allowed)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1215 | sshauthopt_free(opts); never executed: sshauthopt_free(opts); | 0 |
1216 | | - |
1217 | return (0); never executed: return (0); | 0 |
1218 | } | - |
1219 | | - |
1220 | static int | - |
1221 | monitor_valid_userblob(u_char *data, u_int datalen) | - |
1222 | { | - |
1223 | struct sshbuf *b; | - |
1224 | const u_char *p; | - |
1225 | char *userstyle, *cp; | - |
1226 | size_t len; | - |
1227 | u_char type; | - |
1228 | int r, fail = 0; | - |
1229 | | - |
1230 | if ((b = sshbuf_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1231 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
1232 | if ((r = sshbuf_put(b, data, datalen)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1233 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1234 | | - |
1235 | if (datafellows & SSH_OLD_SESSIONID) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1236 | p = sshbuf_ptr(b); | - |
1237 | len = sshbuf_len(b); | - |
1238 | if ((session_id2 == NULL) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1239 | (len < session_id2_len) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1240 | (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1241 | fail++; never executed: fail++; | 0 |
1242 | if ((r = sshbuf_consume(b, session_id2_len)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1243 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1244 | } else { never executed: end of block | 0 |
1245 | if ((r = sshbuf_get_string_direct(b, &p, &len)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1246 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1247 | if ((session_id2 == NULL) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1248 | (len != session_id2_len) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1249 | (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1250 | fail++; never executed: fail++; | 0 |
1251 | } never executed: end of block | 0 |
1252 | if ((r = sshbuf_get_u8(b, &type)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1253 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1254 | if (type != SSH2_MSG_USERAUTH_REQUEST)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1255 | fail++; never executed: fail++; | 0 |
1256 | if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1257 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1258 | xasprintf(&userstyle, "%s%s%s", authctxt->user, | - |
1259 | authctxt->style ? ":" : "", | - |
1260 | authctxt->style ? authctxt->style : ""); | - |
1261 | if (strcmp(userstyle, cp) != 0) { never executed: __result = (((const unsigned char *) (const char *) ( userstyle ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1262 | logit("wrong user name passed to monitor: " | - |
1263 | "expected %s != %.100s", userstyle, cp); | - |
1264 | fail++; | - |
1265 | } never executed: end of block | 0 |
1266 | free(userstyle); | - |
1267 | free(cp); | - |
1268 | if ((r = sshbuf_skip_string(b)) != 0 || TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1269 | (r = sshbuf_get_cstring(b, &cp, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1270 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1271 | if (strcmp("publickey", cp) != 0) never executed: __result = (((const unsigned char *) (const char *) ( "publickey" ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1272 | fail++; never executed: fail++; | 0 |
1273 | free(cp); | - |
1274 | if ((r = sshbuf_get_u8(b, &type)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1275 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1276 | if (type == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1277 | fail++; never executed: fail++; | 0 |
1278 | if ((r = sshbuf_skip_string(b)) != 0 || TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1279 | (r = sshbuf_skip_string(b)) != 0) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1280 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1281 | if (sshbuf_len(b) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1282 | fail++; never executed: fail++; | 0 |
1283 | sshbuf_free(b); | - |
1284 | return (fail == 0); never executed: return (fail == 0); | 0 |
1285 | } | - |
1286 | | - |
1287 | static int | - |
1288 | monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, | - |
1289 | char *chost) | - |
1290 | { | - |
1291 | struct sshbuf *b; | - |
1292 | const u_char *p; | - |
1293 | char *cp, *userstyle; | - |
1294 | size_t len; | - |
1295 | int r, fail = 0; | - |
1296 | u_char type; | - |
1297 | | - |
1298 | if ((b = sshbuf_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1299 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
1300 | if ((r = sshbuf_put(b, data, datalen)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1301 | (r = sshbuf_get_string_direct(b, &p, &len)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1302 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1303 | | - |
1304 | if ((session_id2 == NULL) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1305 | (len != session_id2_len) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1306 | (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1307 | fail++; never executed: fail++; | 0 |
1308 | | - |
1309 | if ((r = sshbuf_get_u8(b, &type)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1310 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1311 | if (type != SSH2_MSG_USERAUTH_REQUEST)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1312 | fail++; never executed: fail++; | 0 |
1313 | if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1314 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1315 | xasprintf(&userstyle, "%s%s%s", authctxt->user, | - |
1316 | authctxt->style ? ":" : "", | - |
1317 | authctxt->style ? authctxt->style : ""); | - |
1318 | if (strcmp(userstyle, cp) != 0) { never executed: __result = (((const unsigned char *) (const char *) ( userstyle ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1319 | logit("wrong user name passed to monitor: " | - |
1320 | "expected %s != %.100s", userstyle, cp); | - |
1321 | fail++; | - |
1322 | } never executed: end of block | 0 |
1323 | free(userstyle); | - |
1324 | free(cp); | - |
1325 | if ((r = sshbuf_skip_string(b)) != 0 || TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1326 | (r = sshbuf_get_cstring(b, &cp, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1327 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1328 | if (strcmp(cp, "hostbased") != 0) never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "hostbased" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1329 | fail++; never executed: fail++; | 0 |
1330 | free(cp); | - |
1331 | if ((r = sshbuf_skip_string(b)) != 0 || TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1332 | (r = sshbuf_skip_string(b)) != 0) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1333 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1334 | | - |
1335 | | - |
1336 | if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1337 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1338 | if (((len = strlen(cp)) > 0) && cp[len - 1] == '.')TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1339 | cp[len - 1] = '\0'; never executed: cp[len - 1] = '\0'; | 0 |
1340 | if (strcmp(cp, chost) != 0) never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( chost ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1341 | fail++; never executed: fail++; | 0 |
1342 | free(cp); | - |
1343 | | - |
1344 | | - |
1345 | if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1346 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1347 | if (strcmp(cp, cuser) != 0) never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( cuser ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1348 | fail++; never executed: fail++; | 0 |
1349 | free(cp); | - |
1350 | | - |
1351 | if (sshbuf_len(b) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1352 | fail++; never executed: fail++; | 0 |
1353 | sshbuf_free(b); | - |
1354 | return (fail == 0); never executed: return (fail == 0); | 0 |
1355 | } | - |
1356 | | - |
1357 | int | - |
1358 | mm_answer_keyverify(int sock, struct sshbuf *m) | - |
1359 | { | - |
1360 | struct ssh *ssh = active_state; | - |
1361 | struct sshkey *key; | - |
1362 | u_char *signature, *data, *blob; | - |
1363 | char *sigalg; | - |
1364 | size_t signaturelen, datalen, bloblen; | - |
1365 | int r, ret, valid_data = 0, encoded_ret; | - |
1366 | | - |
1367 | if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1368 | (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1369 | (r = sshbuf_get_string(m, &data, &datalen)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1370 | (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1371 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1372 | | - |
1373 | if (hostbased_cuser == NULL || hostbased_chost == NULL ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1374 | !monitor_allowed_key(blob, bloblen))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1375 | fatal("%s: bad key, not previously allowed", __func__); never executed: fatal("%s: bad key, not previously allowed", __func__); | 0 |
1376 | | - |
1377 | | - |
1378 | if (*sigalg == '\0') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1379 | free(sigalg); | - |
1380 | sigalg = NULL; | - |
1381 | } never executed: end of block | 0 |
1382 | | - |
1383 | | - |
1384 | if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1385 | fatal("%s: bad public key blob: %s", __func__, ssh_err(r)); never executed: fatal("%s: bad public key blob: %s", __func__, ssh_err(r)); | 0 |
1386 | | - |
1387 | switch (key_blobtype) { | - |
1388 | case MM_USERKEY: never executed: case MM_USERKEY: | 0 |
1389 | valid_data = monitor_valid_userblob(data, datalen); | - |
1390 | auth_method = "publickey"; | - |
1391 | break; never executed: break; | 0 |
1392 | case MM_HOSTKEY: never executed: case MM_HOSTKEY: | 0 |
1393 | valid_data = monitor_valid_hostbasedblob(data, datalen, | - |
1394 | hostbased_cuser, hostbased_chost); | - |
1395 | auth_method = "hostbased"; | - |
1396 | break; never executed: break; | 0 |
1397 | default: never executed: default: | 0 |
1398 | valid_data = 0; | - |
1399 | break; never executed: break; | 0 |
1400 | } | - |
1401 | if (!valid_data)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1402 | fatal("%s: bad signature data blob", __func__); never executed: fatal("%s: bad signature data blob", __func__); | 0 |
1403 | | - |
1404 | ret = sshkey_verify(key, signature, signaturelen, data, datalen, | - |
1405 | sigalg, active_state->compat); | - |
1406 | debug3("%s: %s %p signature %s", __func__, auth_method, key, | - |
1407 | (ret == 0) ? "verified" : "unverified"); | - |
1408 | auth2_record_key(authctxt, ret == 0, key); | - |
1409 | | - |
1410 | free(blob); | - |
1411 | free(signature); | - |
1412 | free(data); | - |
1413 | free(sigalg); | - |
1414 | | - |
1415 | if (key_blobtype == MM_USERKEY)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1416 | auth_activate_options(ssh, key_opts); never executed: auth_activate_options(ssh, key_opts); | 0 |
1417 | monitor_reset_key_state(); | - |
1418 | | - |
1419 | sshkey_free(key); | - |
1420 | sshbuf_reset(m); | - |
1421 | | - |
1422 | | - |
1423 | encoded_ret = (ret != 0); | - |
1424 | if ((r = sshbuf_put_u32(m, encoded_ret)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1425 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1426 | mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m); | - |
1427 | | - |
1428 | return ret == 0; never executed: return ret == 0; | 0 |
1429 | } | - |
1430 | | - |
1431 | static void | - |
1432 | mm_record_login(Session *s, struct passwd *pw) | - |
1433 | { | - |
1434 | struct ssh *ssh = active_state; | - |
1435 | socklen_t fromlen; | - |
1436 | struct sockaddr_storage from; | - |
1437 | | - |
1438 | | - |
1439 | | - |
1440 | | - |
1441 | | - |
1442 | memset(&from, 0, sizeof(from)); | - |
1443 | fromlen = sizeof(from); | - |
1444 | if (packet_connection_is_on_socket()) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1445 | if (getpeername(packet_get_connection_in(),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1446 | (struct sockaddr *)&from, &fromlen) < 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1447 | debug("getpeername: %.100s", strerror(errno)); | - |
1448 | cleanup_exit(255); | - |
1449 | } never executed: end of block | 0 |
1450 | } never executed: end of block | 0 |
1451 | | - |
1452 | record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, | - |
1453 | session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns), | - |
1454 | (struct sockaddr *)&from, fromlen); | - |
1455 | } never executed: end of block | 0 |
1456 | | - |
1457 | static void | - |
1458 | mm_session_close(Session *s) | - |
1459 | { | - |
1460 | debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid); | - |
1461 | if (s->ttyfd != -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1462 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); | - |
1463 | session_pty_cleanup2(s); | - |
1464 | } never executed: end of block | 0 |
1465 | session_unused(s->self); | - |
1466 | } never executed: end of block | 0 |
1467 | | - |
1468 | int | - |
1469 | mm_answer_pty(int sock, struct sshbuf *m) | - |
1470 | { | - |
1471 | extern struct monitor *pmonitor; | - |
1472 | Session *s; | - |
1473 | int r, res, fd0; | - |
1474 | | - |
1475 | debug3("%s entering", __func__); | - |
1476 | | - |
1477 | sshbuf_reset(m); | - |
1478 | s = session_new(); | - |
1479 | if (s == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1480 | goto error; never executed: goto error; | 0 |
1481 | s->authctxt = authctxt; | - |
1482 | s->pw = authctxt->pw; | - |
1483 | s->pid = pmonitor->m_pid; | - |
1484 | res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); | - |
1485 | if (res == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1486 | goto error; never executed: goto error; | 0 |
1487 | pty_setowner(authctxt->pw, s->tty); | - |
1488 | | - |
1489 | if ((r = sshbuf_put_u32(m, 1)) != 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1490 | (r = sshbuf_put_cstring(m, s->tty)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1491 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1492 | | - |
1493 | | - |
1494 | if (dup2(s->ttyfd, 0) == -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1495 | fatal("%s: dup2", __func__); never executed: fatal("%s: dup2", __func__); | 0 |
1496 | | - |
1497 | mm_record_login(s, authctxt->pw); | - |
1498 | | - |
1499 | | - |
1500 | close(0); | - |
1501 | | - |
1502 | | - |
1503 | if ((r = sshbuf_put_stringb(m, loginmsg)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1504 | fatal("%s: put login message: %s", __func__, ssh_err(r)); never executed: fatal("%s: put login message: %s", __func__, ssh_err(r)); | 0 |
1505 | sshbuf_reset(loginmsg); | - |
1506 | | - |
1507 | mm_request_send(sock, MONITOR_ANS_PTY, m); | - |
1508 | | - |
1509 | if (mm_send_fd(sock, s->ptyfd) == -1 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1510 | mm_send_fd(sock, s->ttyfd) == -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1511 | fatal("%s: send fds failed", __func__); never executed: fatal("%s: send fds failed", __func__); | 0 |
1512 | | - |
1513 | | - |
1514 | if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1515 | fatal("%s: open(/dev/null): %s", __func__, strerror(errno)); never executed: fatal("%s: open(/dev/null): %s", __func__, strerror( (*__errno_location ()) )); | 0 |
1516 | if (fd0 != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1517 | error("%s: fd0 %d != 0", __func__, fd0); never executed: error("%s: fd0 %d != 0", __func__, fd0); | 0 |
1518 | | - |
1519 | | - |
1520 | close(s->ttyfd); | - |
1521 | s->ttyfd = s->ptyfd; | - |
1522 | | - |
1523 | s->ptymaster = s->ptyfd; | - |
1524 | | - |
1525 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd); | - |
1526 | | - |
1527 | return (0); never executed: return (0); | 0 |
1528 | | - |
1529 | error: | - |
1530 | if (s != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1531 | mm_session_close(s); never executed: mm_session_close(s); | 0 |
1532 | if ((r = sshbuf_put_u32(m, 0)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1533 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1534 | mm_request_send(sock, MONITOR_ANS_PTY, m); | - |
1535 | return (0); never executed: return (0); | 0 |
1536 | } | - |
1537 | | - |
1538 | int | - |
1539 | mm_answer_pty_cleanup(int sock, struct sshbuf *m) | - |
1540 | { | - |
1541 | Session *s; | - |
1542 | char *tty; | - |
1543 | int r; | - |
1544 | | - |
1545 | debug3("%s entering", __func__); | - |
1546 | | - |
1547 | if ((r = sshbuf_get_cstring(m, &tty, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1548 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1549 | if ((s = session_by_tty(tty)) != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1550 | mm_session_close(s); never executed: mm_session_close(s); | 0 |
1551 | sshbuf_reset(m); | - |
1552 | free(tty); | - |
1553 | return (0); never executed: return (0); | 0 |
1554 | } | - |
1555 | | - |
1556 | int | - |
1557 | mm_answer_term(int sock, struct sshbuf *req) | - |
1558 | { | - |
1559 | struct ssh *ssh = active_state; | - |
1560 | extern struct monitor *pmonitor; | - |
1561 | int res, status; | - |
1562 | | - |
1563 | debug3("%s: tearing down sessions", __func__); | - |
1564 | | - |
1565 | | - |
1566 | session_destroy_all(ssh, &mm_session_close); | - |
1567 | | - |
1568 | #ifdef USE_PAM | - |
1569 | if (options.use_pam) | - |
1570 | sshpam_cleanup(); | - |
1571 | #endif | - |
1572 | | - |
1573 | while (waitpid(pmonitor->m_pid, &status, 0) == -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1574 | if (errno != EINTR)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1575 | exit(1); never executed: exit(1); | 0 |
1576 | | - |
1577 | res = WIFEXITED(status) ? WEXITSTATUS(status) : 1;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1578 | | - |
1579 | | - |
1580 | exit(res); never executed: exit(res); | 0 |
1581 | } | - |
1582 | | - |
1583 | #ifdef SSH_AUDIT_EVENTS | - |
1584 | | - |
1585 | int | - |
1586 | mm_answer_audit_event(int socket, struct sshbuf *m) | - |
1587 | { | - |
1588 | u_int n; | - |
1589 | ssh_audit_event_t event; | - |
1590 | int r; | - |
1591 | | - |
1592 | debug3("%s entering", __func__); | - |
1593 | | - |
1594 | if ((r = sshbuf_get_u32(m, &n)) != 0) | - |
1595 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1596 | event = (ssh_audit_event_t)n; | - |
1597 | switch (event) { | - |
1598 | case SSH_AUTH_FAIL_PUBKEY: | - |
1599 | case SSH_AUTH_FAIL_HOSTBASED: | - |
1600 | case SSH_AUTH_FAIL_GSSAPI: | - |
1601 | case SSH_LOGIN_EXCEED_MAXTRIES: | - |
1602 | case SSH_LOGIN_ROOT_DENIED: | - |
1603 | case SSH_CONNECTION_CLOSE: | - |
1604 | case SSH_INVALID_USER: | - |
1605 | audit_event(event); | - |
1606 | break; | - |
1607 | default: | - |
1608 | fatal("Audit event type %d not permitted", event); | - |
1609 | } | - |
1610 | | - |
1611 | return (0); | - |
1612 | } | - |
1613 | | - |
1614 | int | - |
1615 | mm_answer_audit_command(int socket, struct sshbuf *m) | - |
1616 | { | - |
1617 | char *cmd; | - |
1618 | int r; | - |
1619 | | - |
1620 | debug3("%s entering", __func__); | - |
1621 | if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0) | - |
1622 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1623 | | - |
1624 | audit_run_command(cmd); | - |
1625 | free(cmd); | - |
1626 | return (0); | - |
1627 | } | - |
1628 | #endif /* SSH_AUDIT_EVENTS */ | - |
1629 | | - |
1630 | void | - |
1631 | monitor_clear_keystate(struct monitor *pmonitor) | - |
1632 | { | - |
1633 | struct ssh *ssh = active_state; | - |
1634 | | - |
1635 | ssh_clear_newkeys(ssh, MODE_IN); | - |
1636 | ssh_clear_newkeys(ssh, MODE_OUT); | - |
1637 | sshbuf_free(child_state); | - |
1638 | child_state = NULL; | - |
1639 | } never executed: end of block | 0 |
1640 | | - |
1641 | void | - |
1642 | monitor_apply_keystate(struct monitor *pmonitor) | - |
1643 | { | - |
1644 | struct ssh *ssh = active_state; | - |
1645 | struct kex *kex; | - |
1646 | int r; | - |
1647 | | - |
1648 | debug3("%s: packet_set_state", __func__); | - |
1649 | if ((r = ssh_packet_set_state(ssh, child_state)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1650 | fatal("%s: packet_set_state: %s", __func__, ssh_err(r)); never executed: fatal("%s: packet_set_state: %s", __func__, ssh_err(r)); | 0 |
1651 | sshbuf_free(child_state); | - |
1652 | child_state = NULL; | - |
1653 | | - |
1654 | if ((kex = ssh->kex) != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1655 | | - |
1656 | #ifdef WITH_OPENSSL | - |
1657 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | - |
1658 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | - |
1659 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | - |
1660 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | - |
1661 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | - |
1662 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | - |
1663 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | - |
1664 | # ifdef OPENSSL_HAS_ECC | - |
1665 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | - |
1666 | # endif | - |
1667 | #endif /* WITH_OPENSSL */ | - |
1668 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | - |
1669 | kex->load_host_public_key=&get_hostkey_public_by_type; | - |
1670 | kex->load_host_private_key=&get_hostkey_private_by_type; | - |
1671 | kex->host_key_index=&get_hostkey_index; | - |
1672 | kex->sign = sshd_hostkey_sign; | - |
1673 | } never executed: end of block | 0 |
1674 | } never executed: end of block | 0 |
1675 | | - |
1676 | | - |
1677 | | - |
1678 | void | - |
1679 | mm_get_keystate(struct monitor *pmonitor) | - |
1680 | { | - |
1681 | debug3("%s: Waiting for new keys", __func__); | - |
1682 | | - |
1683 | if ((child_state = sshbuf_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1684 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
1685 | mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, | - |
1686 | child_state); | - |
1687 | debug3("%s: GOT new keys", __func__); | - |
1688 | } never executed: end of block | 0 |
1689 | | - |
1690 | | - |
1691 | | - |
1692 | | - |
1693 | #define FD_CLOSEONEXEC(x) do { \ | - |
1694 | if (fcntl(x, F_SETFD, FD_CLOEXEC) == -1) \ | - |
1695 | fatal("fcntl(%d, F_SETFD)", x); \ | - |
1696 | } while (0) | - |
1697 | | - |
1698 | static void | - |
1699 | monitor_openfds(struct monitor *mon, int do_logfds) | - |
1700 | { | - |
1701 | int pair[2]; | - |
1702 | #ifdef SO_ZEROIZE | - |
1703 | int on = 1; | - |
1704 | #endif | - |
1705 | | - |
1706 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1707 | fatal("%s: socketpair: %s", __func__, strerror(errno)); never executed: fatal("%s: socketpair: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
1708 | #ifdef SO_ZEROIZE | - |
1709 | if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0) | - |
1710 | error("setsockopt SO_ZEROIZE(0): %.100s", strerror(errno)); | - |
1711 | if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0) | - |
1712 | error("setsockopt SO_ZEROIZE(1): %.100s", strerror(errno)); | - |
1713 | #endif | - |
1714 | FD_CLOSEONEXEC(pair[0]); never executed: fatal("fcntl(%d, F_SETFD)", pair[0]); TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1715 | FD_CLOSEONEXEC(pair[1]); never executed: fatal("fcntl(%d, F_SETFD)", pair[1]); TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1716 | mon->m_recvfd = pair[0]; | - |
1717 | mon->m_sendfd = pair[1]; | - |
1718 | | - |
1719 | if (do_logfds) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1720 | if (pipe(pair) == -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1721 | fatal("%s: pipe: %s", __func__, strerror(errno)); never executed: fatal("%s: pipe: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
1722 | FD_CLOSEONEXEC(pair[0]); never executed: fatal("fcntl(%d, F_SETFD)", pair[0]); TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1723 | FD_CLOSEONEXEC(pair[1]); never executed: fatal("fcntl(%d, F_SETFD)", pair[1]); TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1724 | mon->m_log_recvfd = pair[0]; | - |
1725 | mon->m_log_sendfd = pair[1]; | - |
1726 | } else never executed: end of block | 0 |
1727 | mon->m_log_recvfd = mon->m_log_sendfd = -1; never executed: mon->m_log_recvfd = mon->m_log_sendfd = -1; | 0 |
1728 | } | - |
1729 | | - |
1730 | #define MM_MEMSIZE 65536 | - |
1731 | | - |
1732 | struct monitor * | - |
1733 | monitor_init(void) | - |
1734 | { | - |
1735 | struct monitor *mon; | - |
1736 | | - |
1737 | mon = xcalloc(1, sizeof(*mon)); | - |
1738 | monitor_openfds(mon, 1); | - |
1739 | | - |
1740 | return mon; never executed: return mon; | 0 |
1741 | } | - |
1742 | | - |
1743 | void | - |
1744 | monitor_reinit(struct monitor *mon) | - |
1745 | { | - |
1746 | monitor_openfds(mon, 0); | - |
1747 | } never executed: end of block | 0 |
1748 | | - |
1749 | #ifdef GSSAPI | - |
1750 | int | - |
1751 | mm_answer_gss_setup_ctx(int sock, struct sshbuf *m) | - |
1752 | { | - |
1753 | gss_OID_desc goid; | - |
1754 | OM_uint32 major; | - |
1755 | size_t len; | - |
1756 | u_char *p; | - |
1757 | int r; | - |
1758 | | - |
1759 | if (!options.gss_authentication) | - |
1760 | fatal("%s: GSSAPI authentication not enabled", __func__); | - |
1761 | | - |
1762 | if ((r = sshbuf_get_string(m, &p, &len)) != 0) | - |
1763 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1764 | goid.elements = p; | - |
1765 | goid.length = len; | - |
1766 | | - |
1767 | major = ssh_gssapi_server_ctx(&gsscontext, &goid); | - |
1768 | | - |
1769 | free(goid.elements); | - |
1770 | | - |
1771 | sshbuf_reset(m); | - |
1772 | if ((r = sshbuf_put_u32(m, major)) != 0) | - |
1773 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1774 | | - |
1775 | mm_request_send(sock, MONITOR_ANS_GSSSETUP, m); | - |
1776 | | - |
1777 | | - |
1778 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1); | - |
1779 | | - |
1780 | return (0); | - |
1781 | } | - |
1782 | | - |
1783 | int | - |
1784 | mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) | - |
1785 | { | - |
1786 | gss_buffer_desc in; | - |
1787 | gss_buffer_desc out = GSS_C_EMPTY_BUFFER; | - |
1788 | OM_uint32 major, minor; | - |
1789 | OM_uint32 flags = 0; | - |
1790 | int r; | - |
1791 | | - |
1792 | if (!options.gss_authentication) | - |
1793 | fatal("%s: GSSAPI authentication not enabled", __func__); | - |
1794 | | - |
1795 | if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) | - |
1796 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1797 | major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); | - |
1798 | free(in.value); | - |
1799 | | - |
1800 | sshbuf_reset(m); | - |
1801 | if ((r = sshbuf_put_u32(m, major)) != 0 || | - |
1802 | (r = sshbuf_put_string(m, out.value, out.length)) != 0 || | - |
1803 | (r = sshbuf_put_u32(m, flags)) != 0) | - |
1804 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1805 | mm_request_send(sock, MONITOR_ANS_GSSSTEP, m); | - |
1806 | | - |
1807 | gss_release_buffer(&minor, &out); | - |
1808 | | - |
1809 | if (major == GSS_S_COMPLETE) { | - |
1810 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); | - |
1811 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); | - |
1812 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); | - |
1813 | } | - |
1814 | return (0); | - |
1815 | } | - |
1816 | | - |
1817 | int | - |
1818 | mm_answer_gss_checkmic(int sock, struct sshbuf *m) | - |
1819 | { | - |
1820 | gss_buffer_desc gssbuf, mic; | - |
1821 | OM_uint32 ret; | - |
1822 | int r; | - |
1823 | | - |
1824 | if (!options.gss_authentication) | - |
1825 | fatal("%s: GSSAPI authentication not enabled", __func__); | - |
1826 | | - |
1827 | if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || | - |
1828 | (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) | - |
1829 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1830 | | - |
1831 | ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); | - |
1832 | | - |
1833 | free(gssbuf.value); | - |
1834 | free(mic.value); | - |
1835 | | - |
1836 | sshbuf_reset(m); | - |
1837 | if ((r = sshbuf_put_u32(m, ret)) != 0) | - |
1838 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1839 | | - |
1840 | mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m); | - |
1841 | | - |
1842 | if (!GSS_ERROR(ret)) | - |
1843 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); | - |
1844 | | - |
1845 | return (0); | - |
1846 | } | - |
1847 | | - |
1848 | int | - |
1849 | mm_answer_gss_userok(int sock, struct sshbuf *m) | - |
1850 | { | - |
1851 | int r, authenticated; | - |
1852 | const char *displayname; | - |
1853 | | - |
1854 | if (!options.gss_authentication) | - |
1855 | fatal("%s: GSSAPI authentication not enabled", __func__); | - |
1856 | | - |
1857 | authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); | - |
1858 | | - |
1859 | sshbuf_reset(m); | - |
1860 | if ((r = sshbuf_put_u32(m, authenticated)) != 0) | - |
1861 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
1862 | | - |
1863 | debug3("%s: sending result %d", __func__, authenticated); | - |
1864 | mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); | - |
1865 | | - |
1866 | auth_method = "gssapi-with-mic"; | - |
1867 | | - |
1868 | if ((displayname = ssh_gssapi_displayname()) != NULL) | - |
1869 | auth2_record_info(authctxt, "%s", displayname); | - |
1870 | | - |
1871 | | - |
1872 | return (authenticated); | - |
1873 | } | - |
1874 | #endif /* GSSAPI */ | - |
1875 | | - |
| | |