Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | | - |
26 | extern ServerOptions options; | - |
27 | extern u_int utmp_len; | - |
28 | extern u_char session_id[]; | - |
29 | extern struct sshbuf *loginmsg; | - |
30 | extern struct sshauthopt *auth_opts; | - |
31 | | - |
32 | | - |
33 | static struct sshbuf *child_state; | - |
34 | | - |
35 | | - |
36 | | - |
37 | int mm_answer_moduli(int, struct sshbuf *); | - |
38 | int mm_answer_sign(int, struct sshbuf *); | - |
39 | int mm_answer_pwnamallow(int, struct sshbuf *); | - |
40 | int mm_answer_auth2_read_banner(int, struct sshbuf *); | - |
41 | int mm_answer_authserv(int, struct sshbuf *); | - |
42 | int mm_answer_authpassword(int, struct sshbuf *); | - |
43 | int mm_answer_bsdauthquery(int, struct sshbuf *); | - |
44 | int mm_answer_bsdauthrespond(int, struct sshbuf *); | - |
45 | int mm_answer_keyallowed(int, struct sshbuf *); | - |
46 | int mm_answer_keyverify(int, struct sshbuf *); | - |
47 | int mm_answer_pty(int, struct sshbuf *); | - |
48 | int mm_answer_pty_cleanup(int, struct sshbuf *); | - |
49 | int mm_answer_term(int, struct sshbuf *); | - |
50 | int mm_answer_rsa_keyallowed(int, struct sshbuf *); | - |
51 | int mm_answer_rsa_challenge(int, struct sshbuf *); | - |
52 | int mm_answer_rsa_response(int, struct sshbuf *); | - |
53 | int mm_answer_sesskey(int, struct sshbuf *); | - |
54 | int mm_answer_sessid(int, struct sshbuf *); | - |
55 | static int monitor_read_log(struct monitor *); | - |
56 | | - |
57 | static Authctxt *authctxt; | - |
58 | | - |
59 | | - |
60 | static u_char *key_blob = | - |
61 | ((void *)0) | - |
62 | ; | - |
63 | static size_t key_bloblen = 0; | - |
64 | static int key_blobtype = MM_NOKEY; | - |
65 | static struct sshauthopt *key_opts = | - |
66 | ((void *)0) | - |
67 | ; | - |
68 | static char *hostbased_cuser = | - |
69 | ((void *)0) | - |
70 | ; | - |
71 | static char *hostbased_chost = | - |
72 | ((void *)0) | - |
73 | ; | - |
74 | static char *auth_method = "unknown"; | - |
75 | static char *auth_submethod = | - |
76 | ((void *)0) | - |
77 | ; | - |
78 | static u_int session_id2_len = 0; | - |
79 | static u_char *session_id2 = | - |
80 | ((void *)0) | - |
81 | ; | - |
82 | static pid_t monitor_child_pid; | - |
83 | | - |
84 | struct mon_table { | - |
85 | enum monitor_reqtype type; | - |
86 | int flags; | - |
87 | int (*f)(int, struct sshbuf *); | - |
88 | }; | - |
89 | struct mon_table mon_dispatch_proto20[] = { | - |
90 | | - |
91 | {MONITOR_REQ_MODULI, 0x0010, mm_answer_moduli}, | - |
92 | | - |
93 | {MONITOR_REQ_SIGN, 0x0010, mm_answer_sign}, | - |
94 | {MONITOR_REQ_PWNAM, 0x0010, mm_answer_pwnamallow}, | - |
95 | {MONITOR_REQ_AUTHSERV, 0x0010, mm_answer_authserv}, | - |
96 | {MONITOR_REQ_AUTH2_READ_BANNER, 0x0010, mm_answer_auth2_read_banner}, | - |
97 | {MONITOR_REQ_AUTHPASSWORD, (0x0004|0x0008), mm_answer_authpassword}, | - |
98 | {MONITOR_REQ_KEYALLOWED, 0x0004, mm_answer_keyallowed}, | - |
99 | {MONITOR_REQ_KEYVERIFY, (0x0004|0x0008), mm_answer_keyverify}, | - |
100 | | - |
101 | | - |
102 | | - |
103 | | - |
104 | | - |
105 | | - |
106 | {0, 0, | - |
107 | ((void *)0) | - |
108 | } | - |
109 | }; | - |
110 | | - |
111 | struct mon_table mon_dispatch_postauth20[] = { | - |
112 | | - |
113 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, | - |
114 | | - |
115 | {MONITOR_REQ_SIGN, 0, mm_answer_sign}, | - |
116 | {MONITOR_REQ_PTY, 0, mm_answer_pty}, | - |
117 | {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup}, | - |
118 | {MONITOR_REQ_TERM, 0, mm_answer_term}, | - |
119 | | - |
120 | | - |
121 | | - |
122 | | - |
123 | {0, 0, | - |
124 | ((void *)0) | - |
125 | } | - |
126 | }; | - |
127 | | - |
128 | struct mon_table *mon_dispatch; | - |
129 | | - |
130 | | - |
131 | static void | - |
132 | monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit) | - |
133 | { | - |
134 | while (ent->f != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
135 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
136 | ) { | - |
137 | if (ent->type == typeTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
138 | ent->flags &= ~0x1000; | - |
139 | ent->flags |= permitTRUE | never evaluated | FALSE | never evaluated |
? 0x1000 : 0; | 0 |
140 | return; never executed: return; | 0 |
141 | } | - |
142 | ent++; | - |
143 | } never executed: end of block | 0 |
144 | } never executed: end of block | 0 |
145 | | - |
146 | static void | - |
147 | monitor_permit_authentications(int permit) | - |
148 | { | - |
149 | struct mon_table *ent = mon_dispatch; | - |
150 | | - |
151 | while (ent->f != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
152 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
153 | ) { | - |
154 | if (ent->flags & (0x0004|0x0008)TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
155 | ent->flags &= ~0x1000; | - |
156 | ent->flags |= permitTRUE | never evaluated | FALSE | never evaluated |
? 0x1000 : 0; | 0 |
157 | } never executed: end of block | 0 |
158 | ent++; | - |
159 | } never executed: end of block | 0 |
160 | } never executed: end of block | 0 |
161 | | - |
162 | void | - |
163 | monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | - |
164 | { | - |
165 | struct ssh *ssh = active_state; | - |
166 | struct mon_table *ent; | - |
167 | int authenticated = 0, partial = 0; | - |
168 | | - |
169 | debug3("preauth child monitor started"); | - |
170 | | - |
171 | if (pmonitor->m_recvfd >= 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
172 | close(pmonitor->m_recvfd); never executed: close(pmonitor->m_recvfd); | 0 |
173 | if (pmonitor->m_log_sendfd >= 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
174 | close(pmonitor->m_log_sendfd); never executed: close(pmonitor->m_log_sendfd); | 0 |
175 | pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; | - |
176 | | - |
177 | authctxt = _authctxt; | - |
178 | memset(authctxt, 0, sizeof(*authctxt)); | - |
179 | ssh->authctxt = authctxt; | - |
180 | | - |
181 | authctxt->loginmsg = loginmsg; | - |
182 | | - |
183 | mon_dispatch = mon_dispatch_proto20; | - |
184 | | - |
185 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | - |
186 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | - |
187 | | - |
188 | | - |
189 | while (!authenticatedTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
190 | partial = 0; | - |
191 | auth_method = "unknown"; | - |
192 | auth_submethod = | - |
193 | ((void *)0) | - |
194 | ; | - |
195 | auth2_authctxt_reset_info(authctxt); | - |
196 | | - |
197 | authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1); | - |
198 | | - |
199 | | - |
200 | if (options.num_auth_methods != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
201 | if (authenticatedTRUE | never evaluated | FALSE | never evaluated |
&& | 0 |
202 | !auth2_update_methods_lists(authctxt,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
203 | auth_method, auth_submethod)TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
204 | debug3("%s: method %s: partial", __func__, | - |
205 | auth_method); | - |
206 | authenticated = 0; | - |
207 | partial = 1; | - |
208 | } never executed: end of block | 0 |
209 | } never executed: end of block | 0 |
210 | | - |
211 | if (authenticatedTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
212 | if (!(ent->flags & 0x0008)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
213 | fatal("%s: unexpected authentication from %d", never executed: fatal("%s: unexpected authentication from %d", __func__, ent->type); | 0 |
214 | __func__, ent->type); never executed: fatal("%s: unexpected authentication from %d", __func__, ent->type); | 0 |
215 | if (authctxt->pw->pw_uid == 0TRUE | never evaluated | FALSE | never evaluated |
&& | 0 |
216 | !auth_root_allowed(ssh, auth_method)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
217 | authenticated = 0; never executed: authenticated = 0; | 0 |
218 | } never executed: end of block | 0 |
219 | if (ent->flags & (0x0008|0x0020)TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
220 | auth_log(authctxt, authenticated, partial, | - |
221 | auth_method, auth_submethod); | - |
222 | if (!partialTRUE | never evaluated | FALSE | never evaluated |
&& !authenticatedTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
223 | authctxt->failures++; never executed: authctxt->failures++; | 0 |
224 | if (authenticatedTRUE | never evaluated | FALSE | never evaluated |
|| partialTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
225 | auth2_update_session_info(authctxt, | - |
226 | auth_method, auth_submethod); | - |
227 | } never executed: end of block | 0 |
228 | } never executed: end of block | 0 |
229 | } never executed: end of block | 0 |
230 | | - |
231 | if (!authctxt->validTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
232 | fatal("%s: authenticated invalid user", __func__); never executed: fatal("%s: authenticated invalid user", __func__); | 0 |
233 | if ( | - |
234 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
235 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
236 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
237 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
238 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
239 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
240 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
241 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
242 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
243 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
244 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
245 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
246 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
247 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
248 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
249 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
250 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
251 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
252 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
253 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
254 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
255 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
256 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
257 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
258 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
259 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
260 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
261 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
262 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
263 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
264 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
265 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
266 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
267 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
268 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
269 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
270 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
271 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
272 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
273 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
274 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
275 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
276 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
277 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
278 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
279 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
280 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( auth_method ))[3] - __s2[3]); | 0 |
281 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( auth_method ))[3] - __s2[3]); | 0 |
282 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
283 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
284 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
285 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
286 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
287 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
288 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
289 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
290 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
291 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
292 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
293 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
294 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
295 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
296 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
297 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
298 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
299 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
300 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
301 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
302 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
303 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
304 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
305 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
306 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
307 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
308 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( "unknown" ))[3] - __s2[3]); | 0 |
309 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( "unknown" ))[3] - __s2[3]); | 0 |
310 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
311 | auth_methodTRUE | never evaluated | FALSE | never evaluated |
| 0 |
312 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
313 | "unknown"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
314 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
315 | == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
316 | fatal("%s: authentication method name unknown", __func__); never executed: fatal("%s: authentication method name unknown", __func__); | 0 |
317 | | - |
318 | debug("%s: %s has been authenticated by privileged process", | - |
319 | __func__, authctxt->user); | - |
320 | ssh->authctxt = | - |
321 | ((void *)0) | - |
322 | ; | - |
323 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | - |
324 | | - |
325 | mm_get_keystate(pmonitor); | - |
326 | | - |
327 | | - |
328 | while (pmonitor->m_log_recvfd != -1TRUE | never evaluated | FALSE | never evaluated |
&& monitor_read_log(pmonitor) == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
329 | ; never executed: ; | 0 |
330 | | - |
331 | if (pmonitor->m_recvfd >= 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
332 | close(pmonitor->m_recvfd); never executed: close(pmonitor->m_recvfd); | 0 |
333 | if (pmonitor->m_log_sendfd >= 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
334 | close(pmonitor->m_log_sendfd); never executed: close(pmonitor->m_log_sendfd); | 0 |
335 | pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1; | - |
336 | } never executed: end of block | 0 |
337 | | - |
338 | static void | - |
339 | monitor_set_child_handler(pid_t pid) | - |
340 | { | - |
341 | monitor_child_pid = pid; | - |
342 | } never executed: end of block | 0 |
343 | | - |
344 | static void | - |
345 | monitor_child_handler(int sig) | - |
346 | { | - |
347 | kill(monitor_child_pid, sig); | - |
348 | } never executed: end of block | 0 |
349 | | - |
350 | void | - |
351 | monitor_child_postauth(struct monitor *pmonitor) | - |
352 | { | - |
353 | close(pmonitor->m_recvfd); | - |
354 | pmonitor->m_recvfd = -1; | - |
355 | | - |
356 | monitor_set_child_handler(pmonitor->m_pid); | - |
357 | mysignal( | - |
358 | 1 | - |
359 | ,&monitor_child_handler); | - |
360 | mysignal( | - |
361 | 15 | - |
362 | ,&monitor_child_handler); | - |
363 | mysignal( | - |
364 | 2 | - |
365 | ,&monitor_child_handler); | - |
366 | | - |
367 | mysignal( | - |
368 | 25 | - |
369 | , | - |
370 | ((__sighandler_t) 1) | - |
371 | ); | - |
372 | | - |
373 | | - |
374 | mon_dispatch = mon_dispatch_postauth20; | - |
375 | | - |
376 | | - |
377 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | - |
378 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | - |
379 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); | - |
380 | | - |
381 | if (auth_opts->permit_pty_flagTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
382 | monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); | - |
383 | monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1); | - |
384 | } never executed: end of block | 0 |
385 | | - |
386 | for (;;) | - |
387 | monitor_read(pmonitor, mon_dispatch, never executed: monitor_read(pmonitor, mon_dispatch, ((void *)0) ); | 0 |
388 | ((void *)0) never executed: monitor_read(pmonitor, mon_dispatch, ((void *)0) ); | 0 |
389 | ); never executed: monitor_read(pmonitor, mon_dispatch, ((void *)0) ); | 0 |
390 | } never executed: end of block | 0 |
391 | | - |
392 | static int | - |
393 | monitor_read_log(struct monitor *pmonitor) | - |
394 | { | - |
395 | struct sshbuf *logmsg; | - |
396 | u_int len, level; | - |
397 | char *msg; | - |
398 | u_char *p; | - |
399 | int r; | - |
400 | | - |
401 | if ((TRUE | never evaluated | FALSE | never evaluated |
logmsg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
402 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
403 | ) | - |
404 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
405 | | - |
406 | | - |
407 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_reserve(logmsg, 4, &p)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
408 | fatal("%s: reserve: %s", __func__, ssh_err(r)); never executed: fatal("%s: reserve: %s", __func__, ssh_err(r)); | 0 |
409 | if (atomicio(read, pmonitor->m_log_recvfd, p, 4) != 4TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
410 | if ( | - |
411 | (*TRUE | never evaluated | FALSE | never evaluated |
__errno_location ()) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
412 | == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
413 | 32TRUE | never evaluated | FALSE | never evaluated |
| 0 |
414 | ) { | - |
415 | sshbuf_free(logmsg); | - |
416 | debug("%s: child log fd closed", __func__); | - |
417 | close(pmonitor->m_log_recvfd); | - |
418 | pmonitor->m_log_recvfd = -1; | - |
419 | return never executed: return -1; -1;never executed: return -1; | 0 |
420 | } | - |
421 | fatal("%s: log fd read: %s", __func__, strerror( | - |
422 | (*__errno_location ()) | - |
423 | )); | - |
424 | } never executed: end of block | 0 |
425 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(logmsg, &len)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
426 | fatal("%s: get len: %s", __func__, ssh_err(r)); never executed: fatal("%s: get len: %s", __func__, ssh_err(r)); | 0 |
427 | if (len <= 4TRUE | never evaluated | FALSE | never evaluated |
|| len > 8192TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
428 | fatal("%s: invalid log message length %u", __func__, len); never executed: fatal("%s: invalid log message length %u", __func__, len); | 0 |
429 | | - |
430 | | - |
431 | sshbuf_reset(logmsg); | - |
432 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_reserve(logmsg, len, &p)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
433 | fatal("%s: reserve: %s", __func__, ssh_err(r)); never executed: fatal("%s: reserve: %s", __func__, ssh_err(r)); | 0 |
434 | if (atomicio(read, pmonitor->m_log_recvfd, p, len) != lenTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
435 | fatal("%s: log fd read: %s", __func__, strerror( never executed: fatal("%s: log fd read: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
436 | (*__errno_location ()) never executed: fatal("%s: log fd read: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
437 | )); never executed: fatal("%s: log fd read: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
438 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(logmsg, &level)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
439 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(logmsg, &msg, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
440 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
441 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
442 | fatal("%s: decode: %s", __func__, ssh_err(r)); never executed: fatal("%s: decode: %s", __func__, ssh_err(r)); | 0 |
443 | | - |
444 | | - |
445 | if (log_level_name(level) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
446 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
447 | ) | - |
448 | fatal("%s: invalid log level %u (corrupted message?)", never executed: fatal("%s: invalid log level %u (corrupted message?)", __func__, level); | 0 |
449 | __func__, level); never executed: fatal("%s: invalid log level %u (corrupted message?)", __func__, level); | 0 |
450 | do_log2(level, "%s [preauth]", msg); | - |
451 | | - |
452 | sshbuf_free(logmsg); | - |
453 | free(msg); | - |
454 | | - |
455 | return never executed: return 0; 0;never executed: return 0; | 0 |
456 | } | - |
457 | | - |
458 | int | - |
459 | monitor_read(struct monitor *pmonitor, struct mon_table *ent, | - |
460 | struct mon_table **pent) | - |
461 | { | - |
462 | struct sshbuf *m; | - |
463 | int r, ret; | - |
464 | u_char type; | - |
465 | struct pollfd pfd[2]; | - |
466 | | - |
467 | for (;;) { | - |
468 | memset(&pfd, 0, sizeof(pfd)); | - |
469 | pfd[0].fd = pmonitor->m_sendfd; | - |
470 | pfd[0].events = | - |
471 | 0x001 | - |
472 | ; | - |
473 | pfd[1].fd = pmonitor->m_log_recvfd; | - |
474 | pfd[1].events = pfd[1].fd == -1TRUE | never evaluated | FALSE | never evaluated |
? 0 : | 0 |
475 | 0x001 | - |
476 | ; | - |
477 | if (poll(pfd, pfd[1].fd == -1 ? 1 : 2, -1) == -1TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
478 | if ( | - |
479 | (*TRUE | never evaluated | FALSE | never evaluated |
__errno_location ()) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
480 | == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
481 | 4TRUE | never evaluated | FALSE | never evaluated |
| 0 |
482 | || | - |
483 | (*TRUE | never evaluated | FALSE | never evaluated |
__errno_location ()) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
484 | == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
485 | 11TRUE | never evaluated | FALSE | never evaluated |
| 0 |
486 | ) | - |
487 | continue; never executed: continue; | 0 |
488 | fatal("%s: poll: %s", __func__, strerror( | - |
489 | (*__errno_location ()) | - |
490 | )); | - |
491 | } never executed: end of block | 0 |
492 | if (pfd[1].reventsTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
493 | | - |
494 | | - |
495 | | - |
496 | | - |
497 | monitor_read_log(pmonitor); | - |
498 | continue; never executed: continue; | 0 |
499 | } | - |
500 | if (pfd[0].reventsTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
501 | break; never executed: break; | 0 |
502 | } never executed: end of block | 0 |
503 | | - |
504 | if ((TRUE | never evaluated | FALSE | never evaluated |
m = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
505 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
506 | ) | - |
507 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
508 | | - |
509 | mm_request_receive(pmonitor->m_sendfd, m); | - |
510 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(m, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
511 | fatal("%s: decode: %s", __func__, ssh_err(r)); never executed: fatal("%s: decode: %s", __func__, ssh_err(r)); | 0 |
512 | | - |
513 | debug3("%s: checking request %d", __func__, type); | - |
514 | | - |
515 | while (ent->f != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
516 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
517 | ) { | - |
518 | if (ent->type == typeTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
519 | break; never executed: break; | 0 |
520 | ent++; | - |
521 | } never executed: end of block | 0 |
522 | | - |
523 | if (ent->f != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
524 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
525 | ) { | - |
526 | if (!(ent->flags & 0x1000)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
527 | fatal("%s: unpermitted request %d", __func__, never executed: fatal("%s: unpermitted request %d", __func__, type); | 0 |
528 | type); never executed: fatal("%s: unpermitted request %d", __func__, type); | 0 |
529 | ret = (*ent->f)(pmonitor->m_sendfd, m); | - |
530 | sshbuf_free(m); | - |
531 | | - |
532 | | - |
533 | if (ent->flags & 0x0010TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
534 | debug2("%s: %d used once, disabling now", __func__, | - |
535 | type); | - |
536 | ent->flags &= ~0x1000; | - |
537 | } never executed: end of block | 0 |
538 | | - |
539 | if (pent != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
540 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
541 | ) | - |
542 | * never executed: *pent = ent; pent = ent;never executed: *pent = ent; | 0 |
543 | | - |
544 | return never executed: return ret; ret;never executed: return ret; | 0 |
545 | } | - |
546 | | - |
547 | fatal("%s: unsupported request: %d", __func__, type); | - |
548 | | - |
549 | | - |
550 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
551 | } | - |
552 | | - |
553 | | - |
554 | static int | - |
555 | monitor_allowed_key(u_char *blob, u_int bloblen) | - |
556 | { | - |
557 | | - |
558 | if (key_blob == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
559 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
560 | || key_bloblen != bloblenTRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
561 | timingsafe_bcmp(key_blob, blob, key_bloblen)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
562 | return never executed: return (0); (0);never executed: return (0); | 0 |
563 | return never executed: return (1); (1);never executed: return (1); | 0 |
564 | } | - |
565 | | - |
566 | static void | - |
567 | monitor_reset_key_state(void) | - |
568 | { | - |
569 | | - |
570 | free(key_blob); | - |
571 | free(hostbased_cuser); | - |
572 | free(hostbased_chost); | - |
573 | sshauthopt_free(key_opts); | - |
574 | key_blob = | - |
575 | ((void *)0) | - |
576 | ; | - |
577 | key_bloblen = 0; | - |
578 | key_blobtype = MM_NOKEY; | - |
579 | key_opts = | - |
580 | ((void *)0) | - |
581 | ; | - |
582 | hostbased_cuser = | - |
583 | ((void *)0) | - |
584 | ; | - |
585 | hostbased_chost = | - |
586 | ((void *)0) | - |
587 | ; | - |
588 | } never executed: end of block | 0 |
589 | | - |
590 | | - |
591 | int | - |
592 | mm_answer_moduli(int sock, struct sshbuf *m) | - |
593 | { | - |
594 | DH *dh; | - |
595 | const BIGNUM *dh_p, *dh_g; | - |
596 | int r; | - |
597 | u_int min, want, max; | - |
598 | | - |
599 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &min)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
600 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &want)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
601 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &max)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
602 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
603 | | - |
604 | debug3("%s: got parameters: %d %d %d", | - |
605 | __func__, min, want, max); | - |
606 | | - |
607 | if (max < minTRUE | never evaluated | FALSE | never evaluated |
|| want < minTRUE | never evaluated | FALSE | never evaluated |
|| max < wantTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
608 | fatal("%s: bad parameters: %d %d %d", never executed: fatal("%s: bad parameters: %d %d %d", __func__, min, want, max); | 0 |
609 | __func__, min, want, max); never executed: fatal("%s: bad parameters: %d %d %d", __func__, min, want, max); | 0 |
610 | | - |
611 | sshbuf_reset(m); | - |
612 | | - |
613 | dh = choose_dh(min, want, max); | - |
614 | if (dh == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
615 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
616 | ) { | - |
617 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(m, 0)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
618 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
619 | return never executed: return (0); (0);never executed: return (0); | 0 |
620 | } else { | - |
621 | | - |
622 | DH_get0_pqg(dh, &dh_p, | - |
623 | ((void *)0) | - |
624 | , &dh_g); | - |
625 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(m, 1)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
626 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_bignum2(m, dh_p)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
627 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_bignum2(m, dh_g)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
628 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
629 | | - |
630 | DH_free(dh); | - |
631 | } never executed: end of block | 0 |
632 | mm_request_send(sock, MONITOR_ANS_MODULI, m); | - |
633 | return never executed: return (0); (0);never executed: return (0); | 0 |
634 | } | - |
635 | | - |
636 | | - |
637 | int | - |
638 | mm_answer_sign(int sock, struct sshbuf *m) | - |
639 | { | - |
640 | struct ssh *ssh = active_state; | - |
641 | extern int auth_sock; | - |
642 | struct sshkey *key; | - |
643 | struct sshbuf *sigbuf = | - |
644 | ((void *)0) | - |
645 | ; | - |
646 | u_char *p = | - |
647 | ((void *)0) | - |
648 | , *signature = | - |
649 | ((void *)0) | - |
650 | ; | - |
651 | char *alg = | - |
652 | ((void *)0) | - |
653 | ; | - |
654 | size_t datlen, siglen, alglen; | - |
655 | int r, is_proof = 0; | - |
656 | u_int keyid, compat; | - |
657 | const char proof_req[] = "hostkeys-prove-00@openssh.com"; | - |
658 | | - |
659 | debug3("%s", __func__); | - |
660 | | - |
661 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &keyid)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
662 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string(m, &p, &datlen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
663 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &alg, &alglen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
664 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &compat)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
665 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
666 | if (keyid > 0x7fffffffTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
667 | fatal("%s: invalid key ID", __func__); never executed: fatal("%s: invalid key ID", __func__); | 0 |
668 | if (datlen != 20TRUE | never evaluated | FALSE | never evaluated |
&& datlen != 32TRUE | never evaluated | FALSE | never evaluated |
&& datlen != 48TRUE | never evaluated | FALSE | never evaluated |
&& datlen != 64TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
669 | | - |
670 | | - |
671 | | - |
672 | | - |
673 | if (session_id2_len == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
674 | fatal("%s: bad data length: %zu", __func__, datlen); never executed: fatal("%s: bad data length: %zu", __func__, datlen); | 0 |
675 | if ((TRUE | never evaluated | FALSE | never evaluated |
key = get_hostkey_public_by_index(keyid, ssh)) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
676 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
677 | ) | - |
678 | fatal("%s: no hostkey for index %d", __func__, keyid); never executed: fatal("%s: no hostkey for index %d", __func__, keyid); | 0 |
679 | if ((TRUE | never evaluated | FALSE | never evaluated |
sigbuf = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
680 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
681 | ) | - |
682 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
683 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(sigbuf, proof_req)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
684 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(sigbuf, session_id2,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
685 | session_id2_len)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
686 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_puts(key, sigbuf)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
687 | fatal("%s: couldn't prepare private key " never executed: fatal("%s: couldn't prepare private key " "proof buffer: %s", __func__, ssh_err(r)); | 0 |
688 | "proof buffer: %s", __func__, ssh_err(r)); never executed: fatal("%s: couldn't prepare private key " "proof buffer: %s", __func__, ssh_err(r)); | 0 |
689 | if (datlen != sshbuf_len(sigbuf)TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
690 | memcmp(p, sshbuf_ptr(sigbuf), sshbuf_len(sigbuf)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
691 | fatal("%s: bad data length: %zu, hostkey proof len %zu", never executed: fatal("%s: bad data length: %zu, hostkey proof len %zu", __func__, datlen, sshbuf_len(sigbuf)); | 0 |
692 | __func__, datlen, sshbuf_len(sigbuf)); never executed: fatal("%s: bad data length: %zu, hostkey proof len %zu", __func__, datlen, sshbuf_len(sigbuf)); | 0 |
693 | sshbuf_free(sigbuf); | - |
694 | is_proof = 1; | - |
695 | } never executed: end of block | 0 |
696 | | - |
697 | | - |
698 | if (session_id2_len == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
699 | session_id2_len = datlen; | - |
700 | session_id2 = xmalloc(session_id2_len); | - |
701 | memcpy(session_id2, p, session_id2_len); | - |
702 | } never executed: end of block | 0 |
703 | | - |
704 | if ((TRUE | never evaluated | FALSE | never evaluated |
key = get_hostkey_by_index(keyid)) != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
705 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
706 | ) { | - |
707 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_sign(key, &signature, &siglen, p, datlen, alg,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
708 | compat)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
709 | fatal("%s: sshkey_sign failed: %s", never executed: fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); | 0 |
710 | __func__, ssh_err(r)); never executed: fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); | 0 |
711 | } never executed: end of block else if ((TRUE | never evaluated | FALSE | never evaluated |
key = get_hostkey_public_by_index(keyid, ssh)) != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
712 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
713 | && | - |
714 | auth_sock > 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
715 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_agent_sign(auth_sock, key, &signature, &siglen,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
716 | p, datlen, alg, compat)) != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
717 | fatal("%s: ssh_agent_sign failed: %s", | - |
718 | __func__, ssh_err(r)); | - |
719 | } never executed: end of block | 0 |
720 | } never executed: end of block else | 0 |
721 | fatal("%s: no hostkey from index %d", __func__, keyid); never executed: fatal("%s: no hostkey from index %d", __func__, keyid); | 0 |
722 | | - |
723 | debug3("%s: %s signature %p(%zu)", __func__, | - |
724 | is_proof ? "KEX" : "hostkey proof", signature, siglen); | - |
725 | | - |
726 | sshbuf_reset(m); | - |
727 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(m, signature, siglen)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
728 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
729 | | - |
730 | free(alg); | - |
731 | free(p); | - |
732 | free(signature); | - |
733 | | - |
734 | mm_request_send(sock, MONITOR_ANS_SIGN, m); | - |
735 | | - |
736 | | - |
737 | monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); | - |
738 | | - |
739 | return never executed: return (0); (0);never executed: return (0); | 0 |
740 | } | - |
741 | | - |
742 | | - |
743 | | - |
744 | int | - |
745 | mm_answer_pwnamallow(int sock, struct sshbuf *m) | - |
746 | { | - |
747 | struct ssh *ssh = active_state; | - |
748 | char *username; | - |
749 | struct passwd *pwent; | - |
750 | int r, allowed = 0; | - |
751 | u_int i; | - |
752 | | - |
753 | debug3("%s", __func__); | - |
754 | | - |
755 | if (authctxt->attempt++ != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
756 | fatal("%s: multiple attempts for getpwnam", __func__); never executed: fatal("%s: multiple attempts for getpwnam", __func__); | 0 |
757 | | - |
758 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &username, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
759 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
760 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
761 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
762 | | - |
763 | pwent = getpwnamallow(username); | - |
764 | | - |
765 | authctxt->user = xstrdup(username); | - |
766 | setproctitle("%s [priv]", pwent ? username : "unknown"); | - |
767 | free(username); | - |
768 | | - |
769 | sshbuf_reset(m); | - |
770 | | - |
771 | if (pwent == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
772 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
773 | ) { | - |
774 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(m, 0)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
775 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
776 | authctxt->pw = fakepw(); | - |
777 | goto never executed: goto out; out;never executed: goto out; | 0 |
778 | } | - |
779 | | - |
780 | allowed = 1; | - |
781 | authctxt->pw = pwent; | - |
782 | authctxt->valid = 1; | - |
783 | | - |
784 | | - |
785 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(m, 1)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
786 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(m, pwent, sizeof(*pwent))) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
787 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, pwent->pw_name)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
788 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, "*")) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
789 | | - |
790 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, pwent->pw_gecos)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
791 | | - |
792 | | - |
793 | | - |
794 | | - |
795 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, pwent->pw_dir)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
796 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, pwent->pw_shell)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
797 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
798 | | - |
799 | out: code before this statement never executed: out: | 0 |
800 | ssh_packet_set_log_preamble(ssh, "%suser %s", | - |
801 | authctxt->valid ? "authenticating" : "invalid ", authctxt->user); | - |
802 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(m, &options, sizeof(options))) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
803 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
804 | do { do { if (options.banner != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
805 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
806 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.banner)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.trusted_user_ca_keys != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
807 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
808 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.trusted_user_ca_keys)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.revoked_keys_file != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
809 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
810 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.revoked_keys_file)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.authorized_keys_command != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
811 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
812 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.authorized_keys_command)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.authorized_keys_command_user != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
813 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
814 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.authorized_keys_command_user)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.authorized_principals_file != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
815 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
816 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.authorized_principals_file)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.authorized_principals_command != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
817 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
818 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.authorized_principals_command)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.authorized_principals_command_user != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
819 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
820 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.authorized_principals_command_user)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.hostbased_key_types != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
821 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
822 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.hostbased_key_types)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.pubkey_key_types != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
823 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
824 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.pubkey_key_types)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.ca_sign_algorithms != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
825 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
826 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.ca_sign_algorithms)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.routing_domain != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
827 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
828 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.routing_domain)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { if (options.permit_user_env_whitelist != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
829 | ((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
830 | ) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.permit_user_env_whitelist)) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_authkeys_filesTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.authorized_keys_files[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_allow_usersTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.allow_users[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_deny_usersTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.deny_users[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_allow_groupsTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.allow_groups[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_deny_groupsTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.deny_groups[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_accept_envTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.accept_env[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_auth_methodsTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.auth_methods[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_permitted_opensTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.permitted_opens[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); do { for (i = 0; i < options.num_permitted_listensTRUE | never evaluated | FALSE | never evaluated |
; i++) { if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, options.permitted_listens[i])) != 0TRUE | never evaluated | FALSE | never evaluated |
) fatal("%s: buffer error: %s", __func__, ssh_err(r));never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); }never executed: end of block } while (0); } while (0); | 0 |
831 | | - |
832 | | - |
833 | | - |
834 | | - |
835 | if (auth2_setup_methods_lists(authctxt) != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
836 | | - |
837 | | - |
838 | | - |
839 | | - |
840 | | - |
841 | debug("%s: no valid authentication method lists", __func__); | - |
842 | } never executed: end of block | 0 |
843 | | - |
844 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); | - |
845 | mm_request_send(sock, MONITOR_ANS_PWNAM, m); | - |
846 | | - |
847 | | - |
848 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); | - |
849 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); | - |
850 | | - |
851 | | - |
852 | | - |
853 | | - |
854 | | - |
855 | | - |
856 | return never executed: return (0); (0);never executed: return (0); | 0 |
857 | } | - |
858 | | - |
859 | int mm_answer_auth2_read_banner(int sock, struct sshbuf *m) | - |
860 | { | - |
861 | char *banner; | - |
862 | int r; | - |
863 | | - |
864 | sshbuf_reset(m); | - |
865 | banner = auth2_read_banner(); | - |
866 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, banner != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
867 | ((void *)0) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
868 | ? banner : "")) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
869 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
870 | mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m); | - |
871 | free(banner); | - |
872 | | - |
873 | return never executed: return (0); (0);never executed: return (0); | 0 |
874 | } | - |
875 | | - |
876 | int | - |
877 | mm_answer_authserv(int sock, struct sshbuf *m) | - |
878 | { | - |
879 | int r; | - |
880 | | - |
881 | monitor_permit_authentications(1); | - |
882 | | - |
883 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &authctxt->service, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
884 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
885 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
886 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &authctxt->style, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
887 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
888 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
889 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
890 | debug3("%s: service=%s, style=%s", | - |
891 | __func__, authctxt->service, authctxt->style); | - |
892 | | - |
893 | if (strlen(authctxt->style) == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
894 | free(authctxt->style); | - |
895 | authctxt->style = | - |
896 | ((void *)0) | - |
897 | ; | - |
898 | } never executed: end of block | 0 |
899 | | - |
900 | return never executed: return (0); (0);never executed: return (0); | 0 |
901 | } | - |
902 | | - |
903 | int | - |
904 | mm_answer_authpassword(int sock, struct sshbuf *m) | - |
905 | { | - |
906 | struct ssh *ssh = active_state; | - |
907 | static int call_count; | - |
908 | char *passwd; | - |
909 | int r, authenticated; | - |
910 | size_t plen; | - |
911 | | - |
912 | if (!options.password_authenticationTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
913 | fatal("%s: password authentication not enabled", __func__); never executed: fatal("%s: password authentication not enabled", __func__); | 0 |
914 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &passwd, &plen)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
915 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
916 | | - |
917 | authenticated = options.password_authenticationTRUE | never evaluated | FALSE | never evaluated |
&& | 0 |
918 | auth_password(ssh, passwd)TRUE | never evaluated | FALSE | never evaluated |
; | 0 |
919 | explicit_bzero(passwd, plen); | - |
920 | free(passwd); | - |
921 | | - |
922 | sshbuf_reset(m); | - |
923 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, authenticated)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
924 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
925 | | - |
926 | | - |
927 | | - |
928 | | - |
929 | | - |
930 | debug3("%s: sending result %d", __func__, authenticated); | - |
931 | mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m); | - |
932 | | - |
933 | call_count++; | - |
934 | if (plen == 0TRUE | never evaluated | FALSE | never evaluated |
&& call_count == 1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
935 | auth_method = "none"; never executed: auth_method = "none"; | 0 |
936 | else | - |
937 | auth_method = "password"; never executed: auth_method = "password"; | 0 |
938 | | - |
939 | | - |
940 | return never executed: return (authenticated); (authenticated);never executed: return (authenticated); | 0 |
941 | } | - |
942 | int | - |
943 | mm_answer_keyallowed(int sock, struct sshbuf *m) | - |
944 | { | - |
945 | struct ssh *ssh = active_state; | - |
946 | struct sshkey *key = | - |
947 | ((void *)0) | - |
948 | ; | - |
949 | char *cuser, *chost; | - |
950 | u_int pubkey_auth_attempt; | - |
951 | enum mm_keytype type = 0; | - |
952 | int r, allowed = 0; | - |
953 | struct sshauthopt *opts = | - |
954 | ((void *)0) | - |
955 | ; | - |
956 | | - |
957 | debug3("%s entering", __func__); | - |
958 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
959 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &cuser, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
960 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
961 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
962 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &chost, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
963 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
964 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
965 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_froms(m, &key)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
966 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(m, &pubkey_auth_attempt)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
967 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
968 | | - |
969 | debug3("%s: key_from_blob: %p", __func__, key); | - |
970 | | - |
971 | if (key != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
972 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
973 | && authctxt->validTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
974 | | - |
975 | if (sshkey_type_plain(key->type) == KEY_RSATRUE | never evaluated | FALSE | never evaluated |
&& | 0 |
976 | (TRUE | never evaluated | FALSE | never evaluated |
datafellows & 0x00002000) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
977 | fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__); never executed: fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__); | 0 |
978 | | - |
979 | switch (type) { | - |
980 | case never executed: case MM_USERKEY: MM_USERKEY:never executed: case MM_USERKEY: | 0 |
981 | auth_method = "publickey"; | - |
982 | if (!options.pubkey_authenticationTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
983 | break; never executed: break; | 0 |
984 | if (auth2_key_already_used(authctxt, key)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
985 | break; never executed: break; | 0 |
986 | if (match_pattern_list(sshkey_ssh_name(key),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
987 | options.pubkey_key_types, 0) != 1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
988 | break; never executed: break; | 0 |
989 | allowed = user_key_allowed(ssh, authctxt->pw, key, | - |
990 | pubkey_auth_attempt, &opts); | - |
991 | break; never executed: break; | 0 |
992 | case never executed: case MM_HOSTKEY: MM_HOSTKEY:never executed: case MM_HOSTKEY: | 0 |
993 | auth_method = "hostbased"; | - |
994 | if (!options.hostbased_authenticationTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
995 | break; never executed: break; | 0 |
996 | if (auth2_key_already_used(authctxt, key)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
997 | break; never executed: break; | 0 |
998 | if (match_pattern_list(sshkey_ssh_name(key),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
999 | options.hostbased_key_types, 0) != 1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1000 | break; never executed: break; | 0 |
1001 | allowed = hostbased_key_allowed(authctxt->pw, | - |
1002 | cuser, chost, key); | - |
1003 | auth2_record_info(authctxt, | - |
1004 | "client user \"%.100s\", client host \"%.100s\"", | - |
1005 | cuser, chost); | - |
1006 | break; never executed: break; | 0 |
1007 | default never executed: default: :never executed: default: | 0 |
1008 | fatal("%s: unknown key type %d", __func__, type); | - |
1009 | break; never executed: break; | 0 |
1010 | } | - |
1011 | } | - |
1012 | | - |
1013 | debug3("%s: %s authentication%s: %s key is %s", __func__, | - |
1014 | auth_method, pubkey_auth_attempt ? "" : " test", | - |
1015 | (key == | - |
1016 | ((void *)0) | - |
1017 | || !authctxt->valid) ? "invalid" : sshkey_type(key), | - |
1018 | allowed ? "allowed" : "not allowed"); | - |
1019 | | - |
1020 | auth2_record_key(authctxt, 0, key); | - |
1021 | | - |
1022 | | - |
1023 | monitor_reset_key_state(); | - |
1024 | | - |
1025 | if (allowedTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1026 | | - |
1027 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_to_blob(key, &key_blob, &key_bloblen)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1028 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1029 | key_blobtype = type; | - |
1030 | key_opts = opts; | - |
1031 | hostbased_cuser = cuser; | - |
1032 | hostbased_chost = chost; | - |
1033 | } never executed: end of block else { | 0 |
1034 | | - |
1035 | auth_log(authctxt, 0, 0, auth_method, | - |
1036 | ((void *)0) | - |
1037 | ); | - |
1038 | free(cuser); | - |
1039 | free(chost); | - |
1040 | } never executed: end of block | 0 |
1041 | sshkey_free(key); | - |
1042 | | - |
1043 | sshbuf_reset(m); | - |
1044 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, allowed)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1045 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1046 | if (opts != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1047 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1048 | && (TRUE | never evaluated | FALSE | never evaluated |
r = sshauthopt_serialise(opts, m, 1)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1049 | fatal("%s: sshauthopt_serialise: %s", __func__, ssh_err(r)); never executed: fatal("%s: sshauthopt_serialise: %s", __func__, ssh_err(r)); | 0 |
1050 | mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m); | - |
1051 | | - |
1052 | if (!allowedTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1053 | sshauthopt_free(opts); never executed: sshauthopt_free(opts); | 0 |
1054 | | - |
1055 | return never executed: return (0); (0);never executed: return (0); | 0 |
1056 | } | - |
1057 | | - |
1058 | static int | - |
1059 | monitor_valid_userblob(u_char *data, u_int datalen) | - |
1060 | { | - |
1061 | struct sshbuf *b; | - |
1062 | const u_char *p; | - |
1063 | char *userstyle, *cp; | - |
1064 | size_t len; | - |
1065 | u_char type; | - |
1066 | int r, fail = 0; | - |
1067 | | - |
1068 | if ((TRUE | never evaluated | FALSE | never evaluated |
b = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1069 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1070 | ) | - |
1071 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
1072 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put(b, data, datalen)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1073 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1074 | | - |
1075 | if (datafellows & 0x00000010TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1076 | p = sshbuf_ptr(b); | - |
1077 | len = sshbuf_len(b); | - |
1078 | if ((TRUE | never evaluated | FALSE | never evaluated |
session_id2 == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1079 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1080 | )TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1081 | (TRUE | never evaluated | FALSE | never evaluated |
len < session_id2_len)TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1082 | (TRUE | never evaluated | FALSE | never evaluated |
timingsafe_bcmp(p, session_id2, session_id2_len) != 0)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1083 | fail++; never executed: fail++; | 0 |
1084 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_consume(b, session_id2_len)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1085 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1086 | } never executed: end of block else { | 0 |
1087 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, &p, &len)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1088 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1089 | if ((TRUE | never evaluated | FALSE | never evaluated |
session_id2 == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1090 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1091 | )TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1092 | (TRUE | never evaluated | FALSE | never evaluated |
len != session_id2_len)TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1093 | (TRUE | never evaluated | FALSE | never evaluated |
timingsafe_bcmp(p, session_id2, session_id2_len) != 0)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1094 | fail++; never executed: fail++; | 0 |
1095 | } never executed: end of block | 0 |
1096 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(b, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1097 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1098 | if (type != 50TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1099 | fail++; never executed: fail++; | 0 |
1100 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(b, &cp, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1101 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1102 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1103 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1104 | xasprintf(&userstyle, "%s%s%s", authctxt->user, | - |
1105 | authctxt->style ? ":" : "", | - |
1106 | authctxt->style ? authctxt->style : ""); | - |
1107 | if ( | - |
1108 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1109 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1110 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1111 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1112 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1113 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1114 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1115 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1116 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1117 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1118 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1119 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1120 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1121 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1122 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1123 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1124 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1125 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1126 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1127 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1128 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1129 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1130 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1131 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1132 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1133 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1134 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1135 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1136 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1137 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1138 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1139 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1140 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1141 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1142 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1143 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1144 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1145 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1146 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1147 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1148 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1149 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1150 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1151 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1152 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1153 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1154 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( userstyle ))[3] - __s2[3]); | 0 |
1155 | userstyleTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( userstyle ))[3] - __s2[3]); | 0 |
1156 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1157 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1158 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1159 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1160 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1161 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1162 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1163 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1164 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1165 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1166 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1167 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1168 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1169 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1170 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1171 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1172 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1173 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1174 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1175 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1176 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1177 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1178 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1179 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1180 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1181 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1182 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1183 | cpTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1184 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1185 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1186 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1187 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1188 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1189 | != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1190 | logit("wrong user name passed to monitor: " | - |
1191 | "expected %s != %.100s", userstyle, cp); | - |
1192 | fail++; | - |
1193 | } never executed: end of block | 0 |
1194 | free(userstyle); | - |
1195 | free(cp); | - |
1196 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1197 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1198 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1199 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1200 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1201 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(b, &cp, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1202 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1203 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1204 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1205 | if ( | - |
1206 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1207 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1208 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1209 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1210 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1211 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1212 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1213 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1214 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1215 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1216 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1217 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1218 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1219 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1220 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1221 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1222 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1223 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1224 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1225 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1226 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1227 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1228 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1229 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1230 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1231 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1232 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1233 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1234 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1235 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1236 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1237 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1238 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1239 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1240 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1241 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1242 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1243 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1244 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1245 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1246 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1247 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1248 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1249 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1250 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1251 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1252 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( "publickey" ))[3] - __s2[3]); | 0 |
1253 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( "publickey" ))[3] - __s2[3]); | 0 |
1254 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1255 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1256 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1257 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1258 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1259 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1260 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1261 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1262 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1263 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1264 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1265 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1266 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1267 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1268 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1269 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1270 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1271 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1272 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1273 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1274 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1275 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1276 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1277 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1278 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1279 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1280 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1281 | cpTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1282 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1283 | "publickey"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1284 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1285 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1286 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1287 | != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1288 | fail++; never executed: fail++; | 0 |
1289 | free(cp); | - |
1290 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(b, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1291 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1292 | if (type == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1293 | fail++; never executed: fail++; | 0 |
1294 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1295 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1296 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1297 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1298 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1299 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1300 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1301 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1302 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1303 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1304 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1305 | if (sshbuf_len(b) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1306 | fail++; never executed: fail++; | 0 |
1307 | sshbuf_free(b); | - |
1308 | return never executed: return (fail == 0); (fail == 0);never executed: return (fail == 0); | 0 |
1309 | } | - |
1310 | | - |
1311 | static int | - |
1312 | monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, | - |
1313 | char *chost) | - |
1314 | { | - |
1315 | struct sshbuf *b; | - |
1316 | const u_char *p; | - |
1317 | char *cp, *userstyle; | - |
1318 | size_t len; | - |
1319 | int r, fail = 0; | - |
1320 | u_char type; | - |
1321 | | - |
1322 | if ((TRUE | never evaluated | FALSE | never evaluated |
b = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1323 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1324 | ) | - |
1325 | fatal("%s: sshbuf_new", __func__); never executed: fatal("%s: sshbuf_new", __func__); | 0 |
1326 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put(b, data, datalen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1327 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, &p, &len)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1328 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1329 | | - |
1330 | if ((TRUE | never evaluated | FALSE | never evaluated |
session_id2 == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1331 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1332 | )TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1333 | (TRUE | never evaluated | FALSE | never evaluated |
len != session_id2_len)TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1334 | (TRUE | never evaluated | FALSE | never evaluated |
timingsafe_bcmp(p, session_id2, session_id2_len) != 0)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1335 | fail++; never executed: fail++; | 0 |
1336 | | - |
1337 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(b, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1338 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1339 | if (type != 50TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1340 | fail++; never executed: fail++; | 0 |
1341 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(b, &cp, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1342 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1343 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1344 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1345 | xasprintf(&userstyle, "%s%s%s", authctxt->user, | - |
1346 | authctxt->style ? ":" : "", | - |
1347 | authctxt->style ? authctxt->style : ""); | - |
1348 | if ( | - |
1349 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1350 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1351 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1352 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1353 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1354 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1355 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1356 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1357 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1358 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1359 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1360 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1361 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1362 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1363 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1364 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1365 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1366 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1367 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1368 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1369 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1370 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1371 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1372 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1373 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1374 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1375 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1376 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1377 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1378 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1379 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1380 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1381 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1382 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1383 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1384 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1385 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1386 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1387 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1388 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1389 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1390 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1391 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1392 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1393 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1394 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1395 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( userstyle ))[3] - __s2[3]); | 0 |
1396 | userstyleTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( userstyle ))[3] - __s2[3]); | 0 |
1397 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1398 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1399 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1400 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1401 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1402 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1403 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1404 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1405 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1406 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1407 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1408 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1409 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1410 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1411 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1412 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1413 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1414 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1415 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1416 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1417 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1418 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1419 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1420 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1421 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1422 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1423 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1424 | cpTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1425 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1426 | userstyleTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1427 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1428 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1429 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1430 | != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1431 | logit("wrong user name passed to monitor: " | - |
1432 | "expected %s != %.100s", userstyle, cp); | - |
1433 | fail++; | - |
1434 | } never executed: end of block | 0 |
1435 | free(userstyle); | - |
1436 | free(cp); | - |
1437 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1438 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1439 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1440 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1441 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1442 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(b, &cp, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1443 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1444 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1445 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1446 | if ( | - |
1447 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1448 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1449 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1450 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1451 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1452 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1453 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1454 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1455 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1456 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1457 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1458 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1459 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1460 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1461 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1462 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1463 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1464 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1465 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1466 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1467 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1468 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1469 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1470 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1471 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1472 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1473 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1474 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1475 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1476 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1477 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1478 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1479 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1480 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1481 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1482 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1483 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1484 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1485 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1486 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1487 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1488 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1489 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1490 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1491 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1492 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1493 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1494 | cpTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1495 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1496 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1497 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1498 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1499 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1500 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1501 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1502 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1503 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1504 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1505 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1506 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1507 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1508 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1509 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1510 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1511 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1512 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1513 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1514 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1515 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1516 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1517 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1518 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1519 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1520 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1521 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( "hostbased" ))[3] - __s2[3]); | 0 |
1522 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( "hostbased" ))[3] - __s2[3]); | 0 |
1523 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1524 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1525 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1526 | "hostbased"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1527 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1528 | != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1529 | fail++; never executed: fail++; | 0 |
1530 | free(cp); | - |
1531 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1532 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1533 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1534 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1535 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1536 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(b, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1537 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1538 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1539 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1540 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1541 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1542 | | - |
1543 | | - |
1544 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(b, &cp, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1545 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1546 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1547 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1548 | if (((TRUE | never evaluated | FALSE | never evaluated |
len = strlen(cp)) > 0)TRUE | never evaluated | FALSE | never evaluated |
&& cp[len - 1] == '.'TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1549 | cp[len - 1] = '\0'; never executed: cp[len - 1] = '\0'; | 0 |
1550 | if ( | - |
1551 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1552 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1553 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1554 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1555 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1556 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1557 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1558 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1559 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1560 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1561 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1562 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1563 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1564 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1565 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1566 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1567 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1568 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1569 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1570 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1571 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1572 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1573 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1574 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1575 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1576 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1577 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1578 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1579 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1580 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1581 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1582 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1583 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1584 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1585 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1586 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1587 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1588 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1589 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1590 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1591 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1592 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1593 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1594 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1595 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1596 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1597 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1598 | cpTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1599 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1600 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1601 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1602 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1603 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1604 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1605 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1606 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1607 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1608 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1609 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1610 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1611 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1612 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1613 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1614 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1615 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1616 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1617 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1618 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1619 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1620 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1621 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1622 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1623 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1624 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1625 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( chost ))[3] - __s2[3]); | 0 |
1626 | chostTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( chost ))[3] - __s2[3]); | 0 |
1627 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1628 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1629 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1630 | chostTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1631 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1632 | != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1633 | fail++; never executed: fail++; | 0 |
1634 | free(cp); | - |
1635 | | - |
1636 | | - |
1637 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(b, &cp, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1638 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1639 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1640 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1641 | if ( | - |
1642 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1643 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1644 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1645 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1646 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1647 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1648 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1649 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1650 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1651 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1652 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1653 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1654 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1655 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1656 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1657 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1658 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1659 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1660 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1661 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1662 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1663 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1664 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1665 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1666 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1667 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1668 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1669 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1670 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1671 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1672 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1673 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1674 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1675 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1676 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1677 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1678 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1679 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1680 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1681 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1682 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1683 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1684 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1685 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1686 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1687 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1688 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1689 | cpTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]); | 0 |
1690 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1691 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1692 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1693 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1694 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1695 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1696 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1697 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1698 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1699 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1700 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1701 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1702 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1703 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1704 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1705 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1706 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1707 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1708 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1709 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1710 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1711 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1712 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1713 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1714 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1715 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1716 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( cuser ))[3] - __s2[3]); | 0 |
1717 | cuserTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( cuser ))[3] - __s2[3]); | 0 |
1718 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1719 | cpTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1720 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1721 | cuserTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1722 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1723 | != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1724 | fail++; never executed: fail++; | 0 |
1725 | free(cp); | - |
1726 | | - |
1727 | if (sshbuf_len(b) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1728 | fail++; never executed: fail++; | 0 |
1729 | sshbuf_free(b); | - |
1730 | return never executed: return (fail == 0); (fail == 0);never executed: return (fail == 0); | 0 |
1731 | } | - |
1732 | | - |
1733 | int | - |
1734 | mm_answer_keyverify(int sock, struct sshbuf *m) | - |
1735 | { | - |
1736 | struct ssh *ssh = active_state; | - |
1737 | struct sshkey *key; | - |
1738 | u_char *signature, *data, *blob; | - |
1739 | char *sigalg; | - |
1740 | size_t signaturelen, datalen, bloblen; | - |
1741 | int r, ret, valid_data = 0, encoded_ret; | - |
1742 | | - |
1743 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string(m, &blob, &bloblen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1744 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string(m, &signature, &signaturelen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1745 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string(m, &data, &datalen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1746 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &sigalg, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1747 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1748 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1749 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1750 | | - |
1751 | if (hostbased_cuser == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1752 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1753 | || hostbased_chost == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1754 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1755 | || | - |
1756 | !monitor_allowed_key(blob, bloblen)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1757 | fatal("%s: bad key, not previously allowed", __func__); never executed: fatal("%s: bad key, not previously allowed", __func__); | 0 |
1758 | | - |
1759 | | - |
1760 | if (*TRUE | never evaluated | FALSE | never evaluated |
sigalg == '\0'TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1761 | free(sigalg); | - |
1762 | sigalg = | - |
1763 | ((void *)0) | - |
1764 | ; | - |
1765 | } never executed: end of block | 0 |
1766 | | - |
1767 | | - |
1768 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_from_blob(blob, bloblen, &key)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1769 | fatal("%s: bad public key blob: %s", __func__, ssh_err(r)); never executed: fatal("%s: bad public key blob: %s", __func__, ssh_err(r)); | 0 |
1770 | | - |
1771 | switch (key_blobtype) { | - |
1772 | case never executed: case MM_USERKEY: MM_USERKEY:never executed: case MM_USERKEY: | 0 |
1773 | valid_data = monitor_valid_userblob(data, datalen); | - |
1774 | auth_method = "publickey"; | - |
1775 | break; never executed: break; | 0 |
1776 | case never executed: case MM_HOSTKEY: MM_HOSTKEY:never executed: case MM_HOSTKEY: | 0 |
1777 | valid_data = monitor_valid_hostbasedblob(data, datalen, | - |
1778 | hostbased_cuser, hostbased_chost); | - |
1779 | auth_method = "hostbased"; | - |
1780 | break; never executed: break; | 0 |
1781 | default never executed: default: :never executed: default: | 0 |
1782 | valid_data = 0; | - |
1783 | break; never executed: break; | 0 |
1784 | } | - |
1785 | if (!valid_dataTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1786 | fatal("%s: bad signature data blob", __func__); never executed: fatal("%s: bad signature data blob", __func__); | 0 |
1787 | | - |
1788 | ret = sshkey_verify(key, signature, signaturelen, data, datalen, | - |
1789 | sigalg, active_state->compat); | - |
1790 | debug3("%s: %s %p signature %s", __func__, auth_method, key, | - |
1791 | (ret == 0) ? "verified" : "unverified"); | - |
1792 | auth2_record_key(authctxt, ret == 0, key); | - |
1793 | | - |
1794 | free(blob); | - |
1795 | free(signature); | - |
1796 | free(data); | - |
1797 | free(sigalg); | - |
1798 | | - |
1799 | if (key_blobtype == MM_USERKEYTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1800 | auth_activate_options(ssh, key_opts); never executed: auth_activate_options(ssh, key_opts); | 0 |
1801 | monitor_reset_key_state(); | - |
1802 | | - |
1803 | sshkey_free(key); | - |
1804 | sshbuf_reset(m); | - |
1805 | | - |
1806 | | - |
1807 | encoded_ret = (ret != 0); | - |
1808 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, encoded_ret)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1809 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1810 | mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m); | - |
1811 | | - |
1812 | return never executed: return ret == 0; ret == 0;never executed: return ret == 0; | 0 |
1813 | } | - |
1814 | | - |
1815 | static void | - |
1816 | mm_record_login(Session *s, struct passwd *pw) | - |
1817 | { | - |
1818 | struct ssh *ssh = active_state; | - |
1819 | socklen_t fromlen; | - |
1820 | struct sockaddr_storage from; | - |
1821 | | - |
1822 | | - |
1823 | | - |
1824 | | - |
1825 | | - |
1826 | memset(&from, 0, sizeof(from)); | - |
1827 | fromlen = sizeof(from); | - |
1828 | if (ssh_packet_connection_is_on_socket(active_state)TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1829 | if (getpeername(ssh_packet_get_connection_in(active_state),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1830 | (struct sockaddr *)&from, &fromlen) < 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1831 | debug("getpeername: %.100s", strerror( | - |
1832 | (*__errno_location ()) | - |
1833 | )); | - |
1834 | cleanup_exit(255); | - |
1835 | } never executed: end of block | 0 |
1836 | } never executed: end of block | 0 |
1837 | | - |
1838 | record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, | - |
1839 | session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns), | - |
1840 | (struct sockaddr *)&from, fromlen); | - |
1841 | } never executed: end of block | 0 |
1842 | | - |
1843 | static void | - |
1844 | mm_session_close(Session *s) | - |
1845 | { | - |
1846 | debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid); | - |
1847 | if (s->ttyfd != -1TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1848 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); | - |
1849 | session_pty_cleanup2(s); | - |
1850 | } never executed: end of block | 0 |
1851 | session_unused(s->self); | - |
1852 | } never executed: end of block | 0 |
1853 | | - |
1854 | int | - |
1855 | mm_answer_pty(int sock, struct sshbuf *m) | - |
1856 | { | - |
1857 | extern struct monitor *pmonitor; | - |
1858 | Session *s; | - |
1859 | int r, res, fd0; | - |
1860 | | - |
1861 | debug3("%s entering", __func__); | - |
1862 | | - |
1863 | sshbuf_reset(m); | - |
1864 | s = session_new(); | - |
1865 | if (s == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1866 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1867 | ) | - |
1868 | goto never executed: goto error; error;never executed: goto error; | 0 |
1869 | s->authctxt = authctxt; | - |
1870 | s->pw = authctxt->pw; | - |
1871 | s->pid = pmonitor->m_pid; | - |
1872 | res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); | - |
1873 | if (res == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1874 | goto never executed: goto error; error;never executed: goto error; | 0 |
1875 | pty_setowner(authctxt->pw, s->tty); | - |
1876 | | - |
1877 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, 1)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1878 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(m, s->tty)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1879 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1880 | | - |
1881 | | - |
1882 | if (dup2(s->ttyfd, 0) == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1883 | fatal("%s: dup2", __func__); never executed: fatal("%s: dup2", __func__); | 0 |
1884 | | - |
1885 | mm_record_login(s, authctxt->pw); | - |
1886 | | - |
1887 | | - |
1888 | close(0); | - |
1889 | | - |
1890 | | - |
1891 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_stringb(m, loginmsg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1892 | fatal("%s: put login message: %s", __func__, ssh_err(r)); never executed: fatal("%s: put login message: %s", __func__, ssh_err(r)); | 0 |
1893 | sshbuf_reset(loginmsg); | - |
1894 | | - |
1895 | mm_request_send(sock, MONITOR_ANS_PTY, m); | - |
1896 | | - |
1897 | if (mm_send_fd(sock, s->ptyfd) == -1TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1898 | mm_send_fd(sock, s->ttyfd) == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1899 | fatal("%s: send fds failed", __func__); never executed: fatal("%s: send fds failed", __func__); | 0 |
1900 | | - |
1901 | | - |
1902 | if ((TRUE | never evaluated | FALSE | never evaluated |
fd0 = open(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1903 | "/dev/null"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1904 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1905 | 00TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1906 | )) < 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1907 | fatal("%s: open(/dev/null): %s", __func__, strerror( never executed: fatal("%s: open(/dev/null): %s", __func__, strerror( (*__errno_location ()) )); | 0 |
1908 | (*__errno_location ()) never executed: fatal("%s: open(/dev/null): %s", __func__, strerror( (*__errno_location ()) )); | 0 |
1909 | )); never executed: fatal("%s: open(/dev/null): %s", __func__, strerror( (*__errno_location ()) )); | 0 |
1910 | if (fd0 != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1911 | error("%s: fd0 %d != 0", __func__, fd0); never executed: error("%s: fd0 %d != 0", __func__, fd0); | 0 |
1912 | | - |
1913 | | - |
1914 | close(s->ttyfd); | - |
1915 | s->ttyfd = s->ptyfd; | - |
1916 | | - |
1917 | s->ptymaster = s->ptyfd; | - |
1918 | | - |
1919 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd); | - |
1920 | | - |
1921 | return never executed: return (0); (0);never executed: return (0); | 0 |
1922 | | - |
1923 | error: | - |
1924 | if (s != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1925 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1926 | ) | - |
1927 | mm_session_close(s); never executed: mm_session_close(s); | 0 |
1928 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, 0)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1929 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1930 | mm_request_send(sock, MONITOR_ANS_PTY, m); | - |
1931 | return never executed: return (0); (0);never executed: return (0); | 0 |
1932 | } | - |
1933 | | - |
1934 | int | - |
1935 | mm_answer_pty_cleanup(int sock, struct sshbuf *m) | - |
1936 | { | - |
1937 | Session *s; | - |
1938 | char *tty; | - |
1939 | int r; | - |
1940 | | - |
1941 | debug3("%s entering", __func__); | - |
1942 | | - |
1943 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(m, &tty, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1944 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1945 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1946 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
1947 | if ((TRUE | never evaluated | FALSE | never evaluated |
s = session_by_tty(tty)) != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1948 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1949 | ) | - |
1950 | mm_session_close(s); never executed: mm_session_close(s); | 0 |
1951 | sshbuf_reset(m); | - |
1952 | free(tty); | - |
1953 | return never executed: return (0); (0);never executed: return (0); | 0 |
1954 | } | - |
1955 | | - |
1956 | int | - |
1957 | mm_answer_term(int sock, struct sshbuf *req) | - |
1958 | { | - |
1959 | struct ssh *ssh = active_state; | - |
1960 | extern struct monitor *pmonitor; | - |
1961 | int res, status; | - |
1962 | | - |
1963 | debug3("%s: tearing down sessions", __func__); | - |
1964 | | - |
1965 | | - |
1966 | session_destroy_all(ssh, &mm_session_close); | - |
1967 | | - |
1968 | | - |
1969 | | - |
1970 | | - |
1971 | | - |
1972 | | - |
1973 | while (waitpid(pmonitor->m_pid, &status, 0) == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1974 | if ( | - |
1975 | (*TRUE | never evaluated | FALSE | never evaluated |
__errno_location ()) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1976 | != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1977 | 4TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1978 | ) | - |
1979 | exit(1); never executed: exit(1); | 0 |
1980 | | - |
1981 | res = | - |
1982 | (((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1983 | statusTRUE | never evaluated | FALSE | never evaluated |
| 0 |
1984 | ) & 0x7f) == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1985 | ? | - |
1986 | ((( | - |
1987 | status | - |
1988 | ) & 0xff00) >> 8) | - |
1989 | : 1; | - |
1990 | | - |
1991 | | - |
1992 | exit(res); never executed: exit(res); | 0 |
1993 | } | - |
1994 | void | - |
1995 | monitor_clear_keystate(struct monitor *pmonitor) | - |
1996 | { | - |
1997 | struct ssh *ssh = active_state; | - |
1998 | | - |
1999 | ssh_clear_newkeys(ssh, MODE_IN); | - |
2000 | ssh_clear_newkeys(ssh, MODE_OUT); | - |
2001 | sshbuf_free(child_state); | - |
2002 | child_state = | - |
2003 | ((void *)0) | - |
2004 | ; | - |
2005 | } never executed: end of block | 0 |
2006 | | - |
2007 | void | - |
2008 | monitor_apply_keystate(struct monitor *pmonitor) | - |
2009 | { | - |
2010 | struct ssh *ssh = active_state; | - |
2011 | struct kex *kex; | - |
2012 | int r; | - |
2013 | | - |
2014 | debug3("%s: packet_set_state", __func__); | - |
2015 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_packet_set_state(ssh, child_state)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
2016 | fatal("%s: packet_set_state: %s", __func__, ssh_err(r)); never executed: fatal("%s: packet_set_state: %s", __func__, ssh_err(r)); | 0 |
2017 | sshbuf_free(child_state); | - |
2018 | child_state = | - |
2019 | ((void *)0) | - |
2020 | ; | - |
2021 | | - |
2022 | if ((TRUE | never evaluated | FALSE | never evaluated |
kex = ssh->kex) != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2023 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2024 | ) { | - |
2025 | | - |
2026 | | - |
2027 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | - |
2028 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | - |
2029 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | - |
2030 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | - |
2031 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | - |
2032 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | - |
2033 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | - |
2034 | | - |
2035 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | - |
2036 | | - |
2037 | | - |
2038 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | - |
2039 | kex->load_host_public_key=&get_hostkey_public_by_type; | - |
2040 | kex->load_host_private_key=&get_hostkey_private_by_type; | - |
2041 | kex->host_key_index=&get_hostkey_index; | - |
2042 | kex->sign = sshd_hostkey_sign; | - |
2043 | } never executed: end of block | 0 |
2044 | } never executed: end of block | 0 |
2045 | | - |
2046 | | - |
2047 | | - |
2048 | void | - |
2049 | mm_get_keystate(struct monitor *pmonitor) | - |
2050 | { | - |
2051 | debug3("%s: Waiting for new keys", __func__); | - |
2052 | | - |
2053 | if ((TRUE | never evaluated | FALSE | never evaluated |
child_state = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2054 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2055 | ) | - |
2056 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
2057 | mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, | - |
2058 | child_state); | - |
2059 | debug3("%s: GOT new keys", __func__); | - |
2060 | } never executed: end of block | 0 |
2061 | static void | - |
2062 | monitor_openfds(struct monitor *mon, int do_logfds) | - |
2063 | { | - |
2064 | int pair[2]; | - |
2065 | | - |
2066 | | - |
2067 | | - |
2068 | | - |
2069 | if (socketpair(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2070 | 1TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2071 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2072 | SOCK_STREAMTRUE | never evaluated | FALSE | never evaluated |
| 0 |
2073 | , 0, pair) == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
2074 | fatal("%s: socketpair: %s", __func__, strerror( never executed: fatal("%s: socketpair: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
2075 | (*__errno_location ()) never executed: fatal("%s: socketpair: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
2076 | )); never executed: fatal("%s: socketpair: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
2077 | | - |
2078 | | - |
2079 | | - |
2080 | | - |
2081 | | - |
2082 | | - |
2083 | do { if (fcntl(pair[0], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2084 | 2TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2085 | ,TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2086 | 1TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2087 | )TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
== -1TRUE | never evaluated | FALSE | never evaluated |
) fatal("fcntl(%d, F_SETFD)", pair[0]);never executed: fatal("fcntl(%d, F_SETFD)", pair[0]); } while (0); | 0 |
2088 | do { if (fcntl(pair[1], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2089 | 2TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2090 | ,TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2091 | 1TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2092 | )TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
== -1TRUE | never evaluated | FALSE | never evaluated |
) fatal("fcntl(%d, F_SETFD)", pair[1]);never executed: fatal("fcntl(%d, F_SETFD)", pair[1]); } while (0); | 0 |
2093 | mon->m_recvfd = pair[0]; | - |
2094 | mon->m_sendfd = pair[1]; | - |
2095 | | - |
2096 | if (do_logfdsTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
2097 | if (pipe(pair) == -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
2098 | fatal("%s: pipe: %s", __func__, strerror( never executed: fatal("%s: pipe: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
2099 | (*__errno_location ()) never executed: fatal("%s: pipe: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
2100 | )); never executed: fatal("%s: pipe: %s", __func__, strerror( (*__errno_location ()) )); | 0 |
2101 | do { if (fcntl(pair[0], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2102 | 2TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2103 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2104 | 1TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2105 | ) == -1TRUE | never evaluated | FALSE | never evaluated |
) fatal("fcntl(%d, F_SETFD)", pair[0]);never executed: fatal("fcntl(%d, F_SETFD)", pair[0]); } while (0); | 0 |
2106 | do { if (fcntl(pair[1], TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2107 | 2TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2108 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2109 | 1TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2110 | ) == -1TRUE | never evaluated | FALSE | never evaluated |
) fatal("fcntl(%d, F_SETFD)", pair[1]);never executed: fatal("fcntl(%d, F_SETFD)", pair[1]); } while (0); | 0 |
2111 | mon->m_log_recvfd = pair[0]; | - |
2112 | mon->m_log_sendfd = pair[1]; | - |
2113 | } never executed: end of block else | 0 |
2114 | mon->m_log_recvfd = mon->m_log_sendfd = -1; never executed: mon->m_log_recvfd = mon->m_log_sendfd = -1; | 0 |
2115 | } | - |
2116 | | - |
2117 | | - |
2118 | | - |
2119 | struct monitor * | - |
2120 | monitor_init(void) | - |
2121 | { | - |
2122 | struct monitor *mon; | - |
2123 | | - |
2124 | mon = xcalloc(1, sizeof(*mon)); | - |
2125 | monitor_openfds(mon, 1); | - |
2126 | | - |
2127 | return never executed: return mon; mon;never executed: return mon; | 0 |
2128 | } | - |
2129 | | - |
2130 | void | - |
2131 | monitor_reinit(struct monitor *mon) | - |
2132 | { | - |
2133 | monitor_openfds(mon, 0); | - |
2134 | } never executed: end of block | 0 |
| | |