1 /* 2 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include "includes.h" 28 RCSID("$OpenBSD: monitor.c,v 1.18 2002/06/26 13:20:57 deraadt Exp $"); 29 RCSID("$FreeBSD$"); 30 31 #include <openssl/dh.h> 32 33 #ifdef SKEY 34 #ifdef OPIE 35 #include <opie.h> 36 #define skey opie 37 #define skeychallenge(k, u, c) opiechallenge((k), (u), (c)) 38 #define skey_haskey(u) opie_haskey((u)) 39 #define skey_passcheck(u, r) opie_passverify((u), (r)) 40 #else 41 #include <skey.h> 42 #endif 43 #endif 44 45 #include "ssh.h" 46 #include "auth.h" 47 #include "kex.h" 48 #include "dh.h" 49 #include "zlib.h" 50 #include "packet.h" 51 #include "auth-options.h" 52 #include "sshpty.h" 53 #include "channels.h" 54 #include "session.h" 55 #include "sshlogin.h" 56 #include "canohost.h" 57 #include "log.h" 58 #include "servconf.h" 59 #include "monitor.h" 60 #include "monitor_mm.h" 61 #include "monitor_wrap.h" 62 #include "monitor_fdpass.h" 63 #include "xmalloc.h" 64 #include "misc.h" 65 #include "buffer.h" 66 #include "bufaux.h" 67 #include "compat.h" 68 #include "ssh2.h" 69 #include "mpaux.h" 70 71 /* Imports */ 72 extern ServerOptions options; 73 extern u_int utmp_len; 74 extern Newkeys *current_keys[]; 75 extern z_stream incoming_stream; 76 extern z_stream outgoing_stream; 77 extern u_char session_id[]; 78 extern Buffer input, output; 79 extern Buffer auth_debug; 80 extern int auth_debug_init; 81 82 /* State exported from the child */ 83 84 struct { 85 z_stream incoming; 86 z_stream outgoing; 87 u_char *keyin; 88 u_int keyinlen; 89 u_char *keyout; 90 u_int keyoutlen; 91 u_char *ivin; 92 u_int ivinlen; 93 u_char *ivout; 94 u_int ivoutlen; 95 u_char *ssh1key; 96 u_int ssh1keylen; 97 int ssh1cipher; 98 int ssh1protoflags; 99 u_char *input; 100 u_int ilen; 101 u_char *output; 102 u_int olen; 103 } child_state; 104 105 /* Functions on the montior that answer unprivileged requests */ 106 107 int mm_answer_moduli(int, Buffer *); 108 int mm_answer_sign(int, Buffer *); 109 int mm_answer_pwnamallow(int, Buffer *); 110 int mm_answer_auth2_read_banner(int, Buffer *); 111 int mm_answer_authserv(int, Buffer *); 112 int mm_answer_authpassword(int, Buffer *); 113 int mm_answer_bsdauthquery(int, Buffer *); 114 int mm_answer_bsdauthrespond(int, Buffer *); 115 int mm_answer_skeyquery(int, Buffer *); 116 int mm_answer_skeyrespond(int, Buffer *); 117 int mm_answer_keyallowed(int, Buffer *); 118 int mm_answer_keyverify(int, Buffer *); 119 int mm_answer_pty(int, Buffer *); 120 int mm_answer_pty_cleanup(int, Buffer *); 121 int mm_answer_term(int, Buffer *); 122 int mm_answer_rsa_keyallowed(int, Buffer *); 123 int mm_answer_rsa_challenge(int, Buffer *); 124 int mm_answer_rsa_response(int, Buffer *); 125 int mm_answer_sesskey(int, Buffer *); 126 int mm_answer_sessid(int, Buffer *); 127 128 #ifdef USE_PAM 129 int mm_answer_pam_start(int, Buffer *); 130 int mm_answer_pam_init_ctx(int, Buffer *); 131 int mm_answer_pam_query(int, Buffer *); 132 int mm_answer_pam_respond(int, Buffer *); 133 int mm_answer_pam_free_ctx(int, Buffer *); 134 #endif 135 136 static Authctxt *authctxt; 137 static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ 138 139 /* local state for key verify */ 140 static u_char *key_blob = NULL; 141 static u_int key_bloblen = 0; 142 static int key_blobtype = MM_NOKEY; 143 static u_char *hostbased_cuser = NULL; 144 static u_char *hostbased_chost = NULL; 145 static char *auth_method = "unknown"; 146 static int session_id2_len = 0; 147 static u_char *session_id2 = NULL; 148 149 struct mon_table { 150 enum monitor_reqtype type; 151 int flags; 152 int (*f)(int, Buffer *); 153 }; 154 155 #define MON_ISAUTH 0x0004 /* Required for Authentication */ 156 #define MON_AUTHDECIDE 0x0008 /* Decides Authentication */ 157 #define MON_ONCE 0x0010 /* Disable after calling */ 158 159 #define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE) 160 161 #define MON_PERMIT 0x1000 /* Request is permitted */ 162 163 struct mon_table mon_dispatch_proto20[] = { 164 {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, 165 {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, 166 {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, 167 {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, 168 {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, 169 {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, 170 #ifdef USE_PAM 171 {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, 172 {MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx}, 173 {MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query}, 174 {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, 175 {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, 176 #endif 177 #ifdef BSD_AUTH 178 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, 179 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, 180 #endif 181 #ifdef SKEY 182 {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 183 {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 184 #endif 185 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, 186 {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, 187 {0, 0, NULL} 188 }; 189 190 struct mon_table mon_dispatch_postauth20[] = { 191 {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, 192 {MONITOR_REQ_SIGN, 0, mm_answer_sign}, 193 {MONITOR_REQ_PTY, 0, mm_answer_pty}, 194 {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup}, 195 {MONITOR_REQ_TERM, 0, mm_answer_term}, 196 {0, 0, NULL} 197 }; 198 199 struct mon_table mon_dispatch_proto15[] = { 200 {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, 201 {MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey}, 202 {MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid}, 203 {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, 204 {MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH, mm_answer_rsa_keyallowed}, 205 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, 206 {MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge}, 207 {MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response}, 208 #ifdef BSD_AUTH 209 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, 210 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, 211 #endif 212 #ifdef SKEY 213 {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, 214 {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, 215 #endif 216 #ifdef USE_PAM 217 {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, 218 {MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx}, 219 {MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query}, 220 {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, 221 {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, 222 #endif 223 {0, 0, NULL} 224 }; 225 226 struct mon_table mon_dispatch_postauth15[] = { 227 {MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty}, 228 {MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup}, 229 {MONITOR_REQ_TERM, 0, mm_answer_term}, 230 {0, 0, NULL} 231 }; 232 233 struct mon_table *mon_dispatch; 234 235 /* Specifies if a certain message is allowed at the moment */ 236 237 static void 238 monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit) 239 { 240 while (ent->f != NULL) { 241 if (ent->type == type) { 242 ent->flags &= ~MON_PERMIT; 243 ent->flags |= permit ? MON_PERMIT : 0; 244 return; 245 } 246 ent++; 247 } 248 } 249 250 static void 251 monitor_permit_authentications(int permit) 252 { 253 struct mon_table *ent = mon_dispatch; 254 255 while (ent->f != NULL) { 256 if (ent->flags & MON_AUTH) { 257 ent->flags &= ~MON_PERMIT; 258 ent->flags |= permit ? MON_PERMIT : 0; 259 } 260 ent++; 261 } 262 } 263 264 Authctxt * 265 monitor_child_preauth(struct monitor *pmonitor) 266 { 267 struct mon_table *ent; 268 int authenticated = 0; 269 270 debug3("preauth child monitor started"); 271 272 if (compat20) { 273 mon_dispatch = mon_dispatch_proto20; 274 275 /* Permit requests for moduli and signatures */ 276 monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); 277 monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); 278 } else { 279 mon_dispatch = mon_dispatch_proto15; 280 281 monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); 282 } 283 284 authctxt = authctxt_new(); 285 286 /* The first few requests do not require asynchronous access */ 287 while (!authenticated) { 288 authenticated = monitor_read(pmonitor, mon_dispatch, &ent); 289 if (authenticated) { 290 if (!(ent->flags & MON_AUTHDECIDE)) 291 fatal("%s: unexpected authentication from %d", 292 __func__, ent->type); 293 if (authctxt->pw->pw_uid == 0 && 294 !auth_root_allowed(auth_method)) 295 authenticated = 0; 296 } 297 298 if (ent->flags & MON_AUTHDECIDE) { 299 auth_log(authctxt, authenticated, auth_method, 300 compat20 ? " ssh2" : ""); 301 if (!authenticated) 302 authctxt->failures++; 303 } 304 } 305 306 if (!authctxt->valid) 307 fatal("%s: authenticated invalid user", __func__); 308 309 debug("%s: %s has been authenticated by privileged process", 310 __func__, authctxt->user); 311 312 mm_get_keystate(pmonitor); 313 314 return (authctxt); 315 } 316 317 void 318 monitor_child_postauth(struct monitor *pmonitor) 319 { 320 if (compat20) { 321 mon_dispatch = mon_dispatch_postauth20; 322 323 /* Permit requests for moduli and signatures */ 324 monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); 325 monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); 326 monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); 327 328 } else { 329 mon_dispatch = mon_dispatch_postauth15; 330 monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); 331 } 332 if (!no_pty_flag) { 333 monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); 334 monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1); 335 } 336 337 for (;;) 338 monitor_read(pmonitor, mon_dispatch, NULL); 339 } 340 341 void 342 monitor_sync(struct monitor *pmonitor) 343 { 344 if (options.compression) { 345 /* The member allocation is not visible, so sync it */ 346 mm_share_sync(&pmonitor->m_zlib, &pmonitor->m_zback); 347 } 348 } 349 350 int 351 monitor_read(struct monitor *pmonitor, struct mon_table *ent, 352 struct mon_table **pent) 353 { 354 Buffer m; 355 int ret; 356 u_char type; 357 358 buffer_init(&m); 359 360 mm_request_receive(pmonitor->m_sendfd, &m); 361 type = buffer_get_char(&m); 362 363 debug3("%s: checking request %d", __func__, type); 364 365 while (ent->f != NULL) { 366 if (ent->type == type) 367 break; 368 ent++; 369 } 370 371 if (ent->f != NULL) { 372 if (!(ent->flags & MON_PERMIT)) 373 fatal("%s: unpermitted request %d", __func__, 374 type); 375 ret = (*ent->f)(pmonitor->m_sendfd, &m); 376 buffer_free(&m); 377 378 /* The child may use this request only once, disable it */ 379 if (ent->flags & MON_ONCE) { 380 debug2("%s: %d used once, disabling now", __func__, 381 type); 382 ent->flags &= ~MON_PERMIT; 383 } 384 385 if (pent != NULL) 386 *pent = ent; 387 388 return ret; 389 } 390 391 fatal("%s: unsupported request: %d", __func__, type); 392 393 /* NOTREACHED */ 394 return (-1); 395 } 396 397 /* allowed key state */ 398 static int 399 monitor_allowed_key(u_char *blob, u_int bloblen) 400 { 401 /* make sure key is allowed */ 402 if (key_blob == NULL || key_bloblen != bloblen || 403 memcmp(key_blob, blob, key_bloblen)) 404 return (0); 405 return (1); 406 } 407 408 static void 409 monitor_reset_key_state(void) 410 { 411 /* reset state */ 412 if (key_blob != NULL) 413 xfree(key_blob); 414 if (hostbased_cuser != NULL) 415 xfree(hostbased_cuser); 416 if (hostbased_chost != NULL) 417 xfree(hostbased_chost); 418 key_blob = NULL; 419 key_bloblen = 0; 420 key_blobtype = MM_NOKEY; 421 hostbased_cuser = NULL; 422 hostbased_chost = NULL; 423 } 424 425 int 426 mm_answer_moduli(int socket, Buffer *m) 427 { 428 DH *dh; 429 int min, want, max; 430 431 min = buffer_get_int(m); 432 want = buffer_get_int(m); 433 max = buffer_get_int(m); 434 435 debug3("%s: got parameters: %d %d %d", 436 __func__, min, want, max); 437 /* We need to check here, too, in case the child got corrupted */ 438 if (max < min || want < min || max < want) 439 fatal("%s: bad parameters: %d %d %d", 440 __func__, min, want, max); 441 442 buffer_clear(m); 443 444 dh = choose_dh(min, want, max); 445 if (dh == NULL) { 446 buffer_put_char(m, 0); 447 return (0); 448 } else { 449 /* Send first bignum */ 450 buffer_put_char(m, 1); 451 buffer_put_bignum2(m, dh->p); 452 buffer_put_bignum2(m, dh->g); 453 454 DH_free(dh); 455 } 456 mm_request_send(socket, MONITOR_ANS_MODULI, m); 457 return (0); 458 } 459 460 int 461 mm_answer_sign(int socket, Buffer *m) 462 { 463 Key *key; 464 u_char *p; 465 u_char *signature; 466 u_int siglen, datlen; 467 int keyid; 468 469 debug3("%s", __func__); 470 471 keyid = buffer_get_int(m); 472 p = buffer_get_string(m, &datlen); 473 474 if (datlen != 20) 475 fatal("%s: data length incorrect: %d", __func__, datlen); 476 477 /* save session id, it will be passed on the first call */ 478 if (session_id2_len == 0) { 479 session_id2_len = datlen; 480 session_id2 = xmalloc(session_id2_len); 481 memcpy(session_id2, p, session_id2_len); 482 } 483 484 if ((key = get_hostkey_by_index(keyid)) == NULL) 485 fatal("%s: no hostkey from index %d", __func__, keyid); 486 if (key_sign(key, &signature, &siglen, p, datlen) < 0) 487 fatal("%s: key_sign failed", __func__); 488 489 debug3("%s: signature %p(%d)", __func__, signature, siglen); 490 491 buffer_clear(m); 492 buffer_put_string(m, signature, siglen); 493 494 xfree(p); 495 xfree(signature); 496 497 mm_request_send(socket, MONITOR_ANS_SIGN, m); 498 499 /* Turn on permissions for getpwnam */ 500 monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); 501 502 return (0); 503 } 504 505 /* Retrieves the password entry and also checks if the user is permitted */ 506 507 int 508 mm_answer_pwnamallow(int socket, Buffer *m) 509 { 510 char *login; 511 struct passwd *pwent; 512 int allowed = 0; 513 514 debug3("%s", __func__); 515 516 if (authctxt->attempt++ != 0) 517 fatal("%s: multiple attempts for getpwnam", __func__); 518 519 login = buffer_get_string(m, NULL); 520 521 pwent = getpwnamallow(login); 522 523 authctxt->user = xstrdup(login); 524 setproctitle("%s [priv]", pwent ? login : "unknown"); 525 xfree(login); 526 527 buffer_clear(m); 528 529 if (pwent == NULL) { 530 buffer_put_char(m, 0); 531 goto out; 532 } 533 534 allowed = 1; 535 authctxt->pw = pwent; 536 authctxt->valid = 1; 537 538 buffer_put_char(m, 1); 539 buffer_put_string(m, pwent, sizeof(struct passwd)); 540 buffer_put_cstring(m, pwent->pw_name); 541 buffer_put_cstring(m, "*"); 542 buffer_put_cstring(m, pwent->pw_gecos); 543 #ifdef HAVE_PW_CLASS_IN_PASSWD 544 buffer_put_cstring(m, pwent->pw_class); 545 #endif 546 buffer_put_cstring(m, pwent->pw_dir); 547 buffer_put_cstring(m, pwent->pw_shell); 548 549 out: 550 debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); 551 mm_request_send(socket, MONITOR_ANS_PWNAM, m); 552 553 /* For SSHv1 allow authentication now */ 554 if (!compat20) 555 monitor_permit_authentications(1); 556 else { 557 /* Allow service/style information on the auth context */ 558 monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); 559 monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); 560 } 561 562 #ifdef USE_PAM 563 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1); 564 #endif 565 566 return (0); 567 } 568 569 int mm_answer_auth2_read_banner(int socket, Buffer *m) 570 { 571 char *banner; 572 573 buffer_clear(m); 574 banner = auth2_read_banner(); 575 buffer_put_cstring(m, banner != NULL ? banner : ""); 576 mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m); 577 578 if (banner != NULL) 579 free(banner); 580 581 return (0); 582 } 583 584 int 585 mm_answer_authserv(int socket, Buffer *m) 586 { 587 monitor_permit_authentications(1); 588 589 authctxt->service = buffer_get_string(m, NULL); 590 authctxt->style = buffer_get_string(m, NULL); 591 debug3("%s: service=%s, style=%s", 592 __func__, authctxt->service, authctxt->style); 593 594 if (strlen(authctxt->style) == 0) { 595 xfree(authctxt->style); 596 authctxt->style = NULL; 597 } 598 599 return (0); 600 } 601 602 int 603 mm_answer_authpassword(int socket, Buffer *m) 604 { 605 static int call_count; 606 char *passwd; 607 int authenticated, plen; 608 609 passwd = buffer_get_string(m, &plen); 610 /* Only authenticate if the context is valid */ 611 authenticated = options.password_authentication && 612 authctxt->valid && auth_password(authctxt, passwd); 613 memset(passwd, 0, strlen(passwd)); 614 xfree(passwd); 615 616 buffer_clear(m); 617 buffer_put_int(m, authenticated); 618 619 debug3("%s: sending result %d", __func__, authenticated); 620 mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m); 621 622 call_count++; 623 if (plen == 0 && call_count == 1) 624 auth_method = "none"; 625 else 626 auth_method = "password"; 627 628 /* Causes monitor loop to terminate if authenticated */ 629 return (authenticated); 630 } 631 632 #ifdef BSD_AUTH 633 int 634 mm_answer_bsdauthquery(int socket, Buffer *m) 635 { 636 char *name, *infotxt; 637 u_int numprompts; 638 u_int *echo_on; 639 char **prompts; 640 int res; 641 642 res = bsdauth_query(authctxt, &name, &infotxt, &numprompts, 643 &prompts, &echo_on); 644 645 buffer_clear(m); 646 buffer_put_int(m, res); 647 if (res != -1) 648 buffer_put_cstring(m, prompts[0]); 649 650 debug3("%s: sending challenge res: %d", __func__, res); 651 mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m); 652 653 if (res != -1) { 654 xfree(name); 655 xfree(infotxt); 656 xfree(prompts); 657 xfree(echo_on); 658 } 659 660 return (0); 661 } 662 663 int 664 mm_answer_bsdauthrespond(int socket, Buffer *m) 665 { 666 char *response; 667 int authok; 668 669 if (authctxt->as == 0) 670 fatal("%s: no bsd auth session", __func__); 671 672 response = buffer_get_string(m, NULL); 673 authok = options.challenge_response_authentication && 674 auth_userresponse(authctxt->as, response, 0); 675 authctxt->as = NULL; 676 debug3("%s: <%s> = <%d>", __func__, response, authok); 677 xfree(response); 678 679 buffer_clear(m); 680 buffer_put_int(m, authok); 681 682 debug3("%s: sending authenticated: %d", __func__, authok); 683 mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m); 684 685 auth_method = "bsdauth"; 686 687 return (authok != 0); 688 } 689 #endif 690 691 #ifdef SKEY 692 int 693 mm_answer_skeyquery(int socket, Buffer *m) 694 { 695 struct skey skey; 696 char challenge[1024]; 697 int res; 698 699 res = skeychallenge(&skey, authctxt->user, challenge); 700 701 buffer_clear(m); 702 buffer_put_int(m, res); 703 if (res != -1) 704 buffer_put_cstring(m, challenge); 705 706 debug3("%s: sending challenge res: %d", __func__, res); 707 mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m); 708 709 return (0); 710 } 711 712 int 713 mm_answer_skeyrespond(int socket, Buffer *m) 714 { 715 char *response; 716 int authok; 717 718 response = buffer_get_string(m, NULL); 719 720 authok = (options.challenge_response_authentication && 721 authctxt->valid && 722 skey_haskey(authctxt->pw->pw_name) == 0 && 723 skey_passcheck(authctxt->pw->pw_name, response) != -1); 724 725 xfree(response); 726 727 buffer_clear(m); 728 buffer_put_int(m, authok); 729 730 debug3("%s: sending authenticated: %d", __func__, authok); 731 mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m); 732 733 auth_method = "skey"; 734 735 return (authok != 0); 736 } 737 #endif 738 739 #ifdef USE_PAM 740 int 741 mm_answer_pam_start(int socket, Buffer *m) 742 { 743 char *user; 744 745 user = buffer_get_string(m, NULL); 746 747 start_pam(user); 748 749 xfree(user); 750 751 return (0); 752 } 753 754 static void *pam_ctxt, *pam_authok; 755 extern KbdintDevice pam_device; 756 757 int 758 mm_answer_pam_init_ctx(int socket, Buffer *m) 759 { 760 761 debug3("%s", __func__); 762 authctxt->user = buffer_get_string(m, NULL); 763 pam_ctxt = (pam_device.init_ctx)(authctxt); 764 pam_authok = NULL; 765 buffer_clear(m); 766 if (pam_ctxt != NULL) { 767 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); 768 buffer_put_int(m, 1); 769 } else { 770 buffer_put_int(m, 0); 771 } 772 mm_request_send(socket, MONITOR_ANS_PAM_INIT_CTX, m); 773 return (0); 774 } 775 776 int 777 mm_answer_pam_query(int socket, Buffer *m) 778 { 779 char *name, *info, **prompts; 780 u_int num, *echo_on; 781 int i, ret; 782 783 debug3("%s", __func__); 784 pam_authok = NULL; 785 ret = (pam_device.query)(pam_ctxt, &name, &info, &num, &prompts, &echo_on); 786 if (num > 1 || name == NULL || info == NULL) 787 ret = -1; 788 buffer_clear(m); 789 buffer_put_int(m, ret); 790 buffer_put_cstring(m, name); 791 xfree(name); 792 buffer_put_cstring(m, info); 793 xfree(info); 794 buffer_put_int(m, num); 795 for (i = 0; i < num; ++i) { 796 buffer_put_cstring(m, prompts[i]); 797 xfree(prompts[i]); 798 buffer_put_int(m, echo_on[i]); 799 } 800 if (prompts != NULL) 801 xfree(prompts); 802 if (echo_on != NULL) 803 xfree(echo_on); 804 mm_request_send(socket, MONITOR_ANS_PAM_QUERY, m); 805 return (0); 806 } 807 808 int 809 mm_answer_pam_respond(int socket, Buffer *m) 810 { 811 char **resp; 812 u_int num; 813 int i, ret; 814 815 debug3("%s", __func__); 816 pam_authok = NULL; 817 num = buffer_get_int(m); 818 if (num > 0) { 819 resp = xmalloc(num * sizeof(char *)); 820 for (i = 0; i < num; ++i) 821 resp[i] = buffer_get_string(m, NULL); 822 ret = (pam_device.respond)(pam_ctxt, num, resp); 823 for (i = 0; i < num; ++i) 824 xfree(resp[i]); 825 xfree(resp); 826 } else { 827 ret = (pam_device.respond)(pam_ctxt, num, NULL); 828 } 829 buffer_clear(m); 830 buffer_put_int(m, ret); 831 mm_request_send(socket, MONITOR_ANS_PAM_RESPOND, m); 832 auth_method = "keyboard-interactive/pam"; 833 if (ret == 0) 834 pam_authok = pam_ctxt; 835 return (0); 836 } 837 838 int 839 mm_answer_pam_free_ctx(int socket, Buffer *m) 840 { 841 842 debug3("%s", __func__); 843 (pam_device.free_ctx)(pam_ctxt); 844 buffer_clear(m); 845 mm_request_send(socket, MONITOR_ANS_PAM_FREE_CTX, m); 846 return (pam_authok == pam_ctxt); 847 } 848 #endif 849 850 static void 851 mm_append_debug(Buffer *m) 852 { 853 if (auth_debug_init && buffer_len(&auth_debug)) { 854 debug3("%s: Appending debug messages for child", __func__); 855 buffer_append(m, buffer_ptr(&auth_debug), 856 buffer_len(&auth_debug)); 857 buffer_clear(&auth_debug); 858 } 859 } 860 861 int 862 mm_answer_keyallowed(int socket, Buffer *m) 863 { 864 Key *key; 865 u_char *cuser, *chost, *blob; 866 u_int bloblen; 867 enum mm_keytype type = 0; 868 int allowed = 0; 869 870 debug3("%s entering", __func__); 871 872 type = buffer_get_int(m); 873 cuser = buffer_get_string(m, NULL); 874 chost = buffer_get_string(m, NULL); 875 blob = buffer_get_string(m, &bloblen); 876 877 key = key_from_blob(blob, bloblen); 878 879 if ((compat20 && type == MM_RSAHOSTKEY) || 880 (!compat20 && type != MM_RSAHOSTKEY)) 881 fatal("%s: key type and protocol mismatch", __func__); 882 883 debug3("%s: key_from_blob: %p", __func__, key); 884 885 if (key != NULL && authctxt->pw != NULL) { 886 switch(type) { 887 case MM_USERKEY: 888 allowed = options.pubkey_authentication && 889 user_key_allowed(authctxt->pw, key); 890 break; 891 case MM_HOSTKEY: 892 allowed = options.hostbased_authentication && 893 hostbased_key_allowed(authctxt->pw, 894 cuser, chost, key); 895 break; 896 case MM_RSAHOSTKEY: 897 key->type = KEY_RSA1; /* XXX */ 898 allowed = options.rhosts_rsa_authentication && 899 auth_rhosts_rsa_key_allowed(authctxt->pw, 900 cuser, chost, key); 901 break; 902 default: 903 fatal("%s: unknown key type %d", __func__, type); 904 break; 905 } 906 key_free(key); 907 } 908 909 /* clear temporarily storage (used by verify) */ 910 monitor_reset_key_state(); 911 912 if (allowed) { 913 /* Save temporarily for comparison in verify */ 914 key_blob = blob; 915 key_bloblen = bloblen; 916 key_blobtype = type; 917 hostbased_cuser = cuser; 918 hostbased_chost = chost; 919 } 920 921 debug3("%s: key %p is %s", 922 __func__, key, allowed ? "allowed" : "disallowed"); 923 924 buffer_clear(m); 925 buffer_put_int(m, allowed); 926 927 mm_append_debug(m); 928 929 mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m); 930 931 if (type == MM_RSAHOSTKEY) 932 monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); 933 934 return (0); 935 } 936 937 static int 938 monitor_valid_userblob(u_char *data, u_int datalen) 939 { 940 Buffer b; 941 u_char *p; 942 u_int len; 943 int fail = 0; 944 945 buffer_init(&b); 946 buffer_append(&b, data, datalen); 947 948 if (datafellows & SSH_OLD_SESSIONID) { 949 p = buffer_ptr(&b); 950 len = buffer_len(&b); 951 if ((session_id2 == NULL) || 952 (len < session_id2_len) || 953 (memcmp(p, session_id2, session_id2_len) != 0)) 954 fail++; 955 buffer_consume(&b, session_id2_len); 956 } else { 957 p = buffer_get_string(&b, &len); 958 if ((session_id2 == NULL) || 959 (len != session_id2_len) || 960 (memcmp(p, session_id2, session_id2_len) != 0)) 961 fail++; 962 xfree(p); 963 } 964 if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 965 fail++; 966 p = buffer_get_string(&b, NULL); 967 if (strcmp(authctxt->user, p) != 0) { 968 log("wrong user name passed to monitor: expected %s != %.100s", 969 authctxt->user, p); 970 fail++; 971 } 972 xfree(p); 973 buffer_skip_string(&b); 974 if (datafellows & SSH_BUG_PKAUTH) { 975 if (!buffer_get_char(&b)) 976 fail++; 977 } else { 978 p = buffer_get_string(&b, NULL); 979 if (strcmp("publickey", p) != 0) 980 fail++; 981 xfree(p); 982 if (!buffer_get_char(&b)) 983 fail++; 984 buffer_skip_string(&b); 985 } 986 buffer_skip_string(&b); 987 if (buffer_len(&b) != 0) 988 fail++; 989 buffer_free(&b); 990 return (fail == 0); 991 } 992 993 static int 994 monitor_valid_hostbasedblob(u_char *data, u_int datalen, u_char *cuser, 995 u_char *chost) 996 { 997 Buffer b; 998 u_char *p; 999 u_int len; 1000 int fail = 0; 1001 1002 buffer_init(&b); 1003 buffer_append(&b, data, datalen); 1004 1005 p = buffer_get_string(&b, &len); 1006 if ((session_id2 == NULL) || 1007 (len != session_id2_len) || 1008 (memcmp(p, session_id2, session_id2_len) != 0)) 1009 fail++; 1010 xfree(p); 1011 1012 if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 1013 fail++; 1014 p = buffer_get_string(&b, NULL); 1015 if (strcmp(authctxt->user, p) != 0) { 1016 log("wrong user name passed to monitor: expected %s != %.100s", 1017 authctxt->user, p); 1018 fail++; 1019 } 1020 xfree(p); 1021 buffer_skip_string(&b); /* service */ 1022 p = buffer_get_string(&b, NULL); 1023 if (strcmp(p, "hostbased") != 0) 1024 fail++; 1025 xfree(p); 1026 buffer_skip_string(&b); /* pkalg */ 1027 buffer_skip_string(&b); /* pkblob */ 1028 1029 /* verify client host, strip trailing dot if necessary */ 1030 p = buffer_get_string(&b, NULL); 1031 if (((len = strlen(p)) > 0) && p[len - 1] == '.') 1032 p[len - 1] = '\0'; 1033 if (strcmp(p, chost) != 0) 1034 fail++; 1035 xfree(p); 1036 1037 /* verify client user */ 1038 p = buffer_get_string(&b, NULL); 1039 if (strcmp(p, cuser) != 0) 1040 fail++; 1041 xfree(p); 1042 1043 if (buffer_len(&b) != 0) 1044 fail++; 1045 buffer_free(&b); 1046 return (fail == 0); 1047 } 1048 1049 int 1050 mm_answer_keyverify(int socket, Buffer *m) 1051 { 1052 Key *key; 1053 u_char *signature, *data, *blob; 1054 u_int signaturelen, datalen, bloblen; 1055 int verified = 0; 1056 int valid_data = 0; 1057 1058 blob = buffer_get_string(m, &bloblen); 1059 signature = buffer_get_string(m, &signaturelen); 1060 data = buffer_get_string(m, &datalen); 1061 1062 if (hostbased_cuser == NULL || hostbased_chost == NULL || 1063 !monitor_allowed_key(blob, bloblen)) 1064 fatal("%s: bad key, not previously allowed", __func__); 1065 1066 key = key_from_blob(blob, bloblen); 1067 if (key == NULL) 1068 fatal("%s: bad public key blob", __func__); 1069 1070 switch (key_blobtype) { 1071 case MM_USERKEY: 1072 valid_data = monitor_valid_userblob(data, datalen); 1073 break; 1074 case MM_HOSTKEY: 1075 valid_data = monitor_valid_hostbasedblob(data, datalen, 1076 hostbased_cuser, hostbased_chost); 1077 break; 1078 default: 1079 valid_data = 0; 1080 break; 1081 } 1082 if (!valid_data) 1083 fatal("%s: bad signature data blob", __func__); 1084 1085 verified = key_verify(key, signature, signaturelen, data, datalen); 1086 debug3("%s: key %p signature %s", 1087 __func__, key, verified ? "verified" : "unverified"); 1088 1089 key_free(key); 1090 xfree(blob); 1091 xfree(signature); 1092 xfree(data); 1093 1094 auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased"; 1095 1096 monitor_reset_key_state(); 1097 1098 buffer_clear(m); 1099 buffer_put_int(m, verified); 1100 mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); 1101 1102 return (verified); 1103 } 1104 1105 static void 1106 mm_record_login(Session *s, struct passwd *pw) 1107 { 1108 socklen_t fromlen; 1109 struct sockaddr_storage from; 1110 1111 /* 1112 * Get IP address of client. If the connection is not a socket, let 1113 * the address be 0.0.0.0. 1114 */ 1115 memset(&from, 0, sizeof(from)); 1116 if (packet_connection_is_on_socket()) { 1117 fromlen = sizeof(from); 1118 if (getpeername(packet_get_connection_in(), 1119 (struct sockaddr *) & from, &fromlen) < 0) { 1120 debug("getpeername: %.100s", strerror(errno)); 1121 fatal_cleanup(); 1122 } 1123 } 1124 /* Record that there was a login on that tty from the remote host. */ 1125 record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, 1126 get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), 1127 (struct sockaddr *)&from); 1128 } 1129 1130 static void 1131 mm_session_close(Session *s) 1132 { 1133 debug3("%s: session %d pid %d", __func__, s->self, s->pid); 1134 if (s->ttyfd != -1) { 1135 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); 1136 fatal_remove_cleanup(session_pty_cleanup2, (void *)s); 1137 session_pty_cleanup2(s); 1138 } 1139 s->used = 0; 1140 } 1141 1142 int 1143 mm_answer_pty(int socket, Buffer *m) 1144 { 1145 extern struct monitor *pmonitor; 1146 Session *s; 1147 int res, fd0; 1148 1149 debug3("%s entering", __func__); 1150 1151 buffer_clear(m); 1152 s = session_new(); 1153 if (s == NULL) 1154 goto error; 1155 s->authctxt = authctxt; 1156 s->pw = authctxt->pw; 1157 s->pid = pmonitor->m_pid; 1158 res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); 1159 if (res == 0) 1160 goto error; 1161 fatal_add_cleanup(session_pty_cleanup2, (void *)s); 1162 pty_setowner(authctxt->pw, s->tty); 1163 1164 buffer_put_int(m, 1); 1165 buffer_put_cstring(m, s->tty); 1166 mm_request_send(socket, MONITOR_ANS_PTY, m); 1167 1168 mm_send_fd(socket, s->ptyfd); 1169 mm_send_fd(socket, s->ttyfd); 1170 1171 /* We need to trick ttyslot */ 1172 if (dup2(s->ttyfd, 0) == -1) 1173 fatal("%s: dup2", __func__); 1174 1175 mm_record_login(s, authctxt->pw); 1176 1177 /* Now we can close the file descriptor again */ 1178 close(0); 1179 1180 /* make sure nothing uses fd 0 */ 1181 if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) 1182 fatal("%s: open(/dev/null): %s", __func__, strerror(errno)); 1183 if (fd0 != 0) 1184 error("%s: fd0 %d != 0", __func__, fd0); 1185 1186 /* slave is not needed */ 1187 close(s->ttyfd); 1188 s->ttyfd = s->ptyfd; 1189 /* no need to dup() because nobody closes ptyfd */ 1190 s->ptymaster = s->ptyfd; 1191 1192 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd); 1193 1194 return (0); 1195 1196 error: 1197 if (s != NULL) 1198 mm_session_close(s); 1199 buffer_put_int(m, 0); 1200 mm_request_send(socket, MONITOR_ANS_PTY, m); 1201 return (0); 1202 } 1203 1204 int 1205 mm_answer_pty_cleanup(int socket, Buffer *m) 1206 { 1207 Session *s; 1208 char *tty; 1209 1210 debug3("%s entering", __func__); 1211 1212 tty = buffer_get_string(m, NULL); 1213 if ((s = session_by_tty(tty)) != NULL) 1214 mm_session_close(s); 1215 buffer_clear(m); 1216 xfree(tty); 1217 return (0); 1218 } 1219 1220 int 1221 mm_answer_sesskey(int socket, Buffer *m) 1222 { 1223 BIGNUM *p; 1224 int rsafail; 1225 1226 /* Turn off permissions */ 1227 monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); 1228 1229 if ((p = BN_new()) == NULL) 1230 fatal("%s: BN_new", __func__); 1231 1232 buffer_get_bignum2(m, p); 1233 1234 rsafail = ssh1_session_key(p); 1235 1236 buffer_clear(m); 1237 buffer_put_int(m, rsafail); 1238 buffer_put_bignum2(m, p); 1239 1240 BN_clear_free(p); 1241 1242 mm_request_send(socket, MONITOR_ANS_SESSKEY, m); 1243 1244 /* Turn on permissions for sessid passing */ 1245 monitor_permit(mon_dispatch, MONITOR_REQ_SESSID, 1); 1246 1247 return (0); 1248 } 1249 1250 int 1251 mm_answer_sessid(int socket, Buffer *m) 1252 { 1253 int i; 1254 1255 debug3("%s entering", __func__); 1256 1257 if (buffer_len(m) != 16) 1258 fatal("%s: bad ssh1 session id", __func__); 1259 for (i = 0; i < 16; i++) 1260 session_id[i] = buffer_get_char(m); 1261 1262 /* Turn on permissions for getpwnam */ 1263 monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); 1264 1265 return (0); 1266 } 1267 1268 int 1269 mm_answer_rsa_keyallowed(int socket, Buffer *m) 1270 { 1271 BIGNUM *client_n; 1272 Key *key = NULL; 1273 u_char *blob = NULL; 1274 u_int blen = 0; 1275 int allowed = 0; 1276 1277 debug3("%s entering", __func__); 1278 1279 if (options.rsa_authentication && authctxt->valid) { 1280 if ((client_n = BN_new()) == NULL) 1281 fatal("%s: BN_new", __func__); 1282 buffer_get_bignum2(m, client_n); 1283 allowed = auth_rsa_key_allowed(authctxt->pw, client_n, &key); 1284 BN_clear_free(client_n); 1285 } 1286 buffer_clear(m); 1287 buffer_put_int(m, allowed); 1288 1289 /* clear temporarily storage (used by generate challenge) */ 1290 monitor_reset_key_state(); 1291 1292 if (allowed && key != NULL) { 1293 key->type = KEY_RSA; /* cheat for key_to_blob */ 1294 if (key_to_blob(key, &blob, &blen) == 0) 1295 fatal("%s: key_to_blob failed", __func__); 1296 buffer_put_string(m, blob, blen); 1297 1298 /* Save temporarily for comparison in verify */ 1299 key_blob = blob; 1300 key_bloblen = blen; 1301 key_blobtype = MM_RSAUSERKEY; 1302 key_free(key); 1303 } 1304 1305 mm_append_debug(m); 1306 1307 mm_request_send(socket, MONITOR_ANS_RSAKEYALLOWED, m); 1308 1309 monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); 1310 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 0); 1311 return (0); 1312 } 1313 1314 int 1315 mm_answer_rsa_challenge(int socket, Buffer *m) 1316 { 1317 Key *key = NULL; 1318 u_char *blob; 1319 u_int blen; 1320 1321 debug3("%s entering", __func__); 1322 1323 if (!authctxt->valid) 1324 fatal("%s: authctxt not valid", __func__); 1325 blob = buffer_get_string(m, &blen); 1326 if (!monitor_allowed_key(blob, blen)) 1327 fatal("%s: bad key, not previously allowed", __func__); 1328 if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) 1329 fatal("%s: key type mismatch", __func__); 1330 if ((key = key_from_blob(blob, blen)) == NULL) 1331 fatal("%s: received bad key", __func__); 1332 1333 if (ssh1_challenge) 1334 BN_clear_free(ssh1_challenge); 1335 ssh1_challenge = auth_rsa_generate_challenge(key); 1336 1337 buffer_clear(m); 1338 buffer_put_bignum2(m, ssh1_challenge); 1339 1340 debug3("%s sending reply", __func__); 1341 mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m); 1342 1343 monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); 1344 return (0); 1345 } 1346 1347 int 1348 mm_answer_rsa_response(int socket, Buffer *m) 1349 { 1350 Key *key = NULL; 1351 u_char *blob, *response; 1352 u_int blen, len; 1353 int success; 1354 1355 debug3("%s entering", __func__); 1356 1357 if (!authctxt->valid) 1358 fatal("%s: authctxt not valid", __func__); 1359 if (ssh1_challenge == NULL) 1360 fatal("%s: no ssh1_challenge", __func__); 1361 1362 blob = buffer_get_string(m, &blen); 1363 if (!monitor_allowed_key(blob, blen)) 1364 fatal("%s: bad key, not previously allowed", __func__); 1365 if (key_blobtype != MM_RSAUSERKEY && key_blobtype != MM_RSAHOSTKEY) 1366 fatal("%s: key type mismatch: %d", __func__, key_blobtype); 1367 if ((key = key_from_blob(blob, blen)) == NULL) 1368 fatal("%s: received bad key", __func__); 1369 response = buffer_get_string(m, &len); 1370 if (len != 16) 1371 fatal("%s: received bad response to challenge", __func__); 1372 success = auth_rsa_verify_response(key, ssh1_challenge, response); 1373 1374 key_free(key); 1375 xfree(response); 1376 1377 auth_method = key_blobtype == MM_RSAUSERKEY ? "rsa" : "rhosts-rsa"; 1378 1379 /* reset state */ 1380 BN_clear_free(ssh1_challenge); 1381 ssh1_challenge = NULL; 1382 monitor_reset_key_state(); 1383 1384 buffer_clear(m); 1385 buffer_put_int(m, success); 1386 mm_request_send(socket, MONITOR_ANS_RSARESPONSE, m); 1387 1388 return (success); 1389 } 1390 1391 int 1392 mm_answer_term(int socket, Buffer *req) 1393 { 1394 extern struct monitor *pmonitor; 1395 int res, status; 1396 1397 debug3("%s: tearing down sessions", __func__); 1398 1399 /* The child is terminating */ 1400 session_destroy_all(&mm_session_close); 1401 1402 while (waitpid(pmonitor->m_pid, &status, 0) == -1) 1403 if (errno != EINTR) 1404 exit(1); 1405 1406 res = WIFEXITED(status) ? WEXITSTATUS(status) : 1; 1407 1408 /* Terminate process */ 1409 exit (res); 1410 } 1411 1412 void 1413 monitor_apply_keystate(struct monitor *pmonitor) 1414 { 1415 if (compat20) { 1416 set_newkeys(MODE_IN); 1417 set_newkeys(MODE_OUT); 1418 } else { 1419 packet_set_protocol_flags(child_state.ssh1protoflags); 1420 packet_set_encryption_key(child_state.ssh1key, 1421 child_state.ssh1keylen, child_state.ssh1cipher); 1422 xfree(child_state.ssh1key); 1423 } 1424 1425 /* for rc4 and other stateful ciphers */ 1426 packet_set_keycontext(MODE_OUT, child_state.keyout); 1427 xfree(child_state.keyout); 1428 packet_set_keycontext(MODE_IN, child_state.keyin); 1429 xfree(child_state.keyin); 1430 1431 if (!compat20) { 1432 packet_set_iv(MODE_OUT, child_state.ivout); 1433 xfree(child_state.ivout); 1434 packet_set_iv(MODE_IN, child_state.ivin); 1435 xfree(child_state.ivin); 1436 } 1437 1438 memcpy(&incoming_stream, &child_state.incoming, 1439 sizeof(incoming_stream)); 1440 memcpy(&outgoing_stream, &child_state.outgoing, 1441 sizeof(outgoing_stream)); 1442 1443 /* Update with new address */ 1444 if (options.compression) 1445 mm_init_compression(pmonitor->m_zlib); 1446 1447 /* Network I/O buffers */ 1448 /* XXX inefficient for large buffers, need: buffer_init_from_string */ 1449 buffer_clear(&input); 1450 buffer_append(&input, child_state.input, child_state.ilen); 1451 memset(child_state.input, 0, child_state.ilen); 1452 xfree(child_state.input); 1453 1454 buffer_clear(&output); 1455 buffer_append(&output, child_state.output, child_state.olen); 1456 memset(child_state.output, 0, child_state.olen); 1457 xfree(child_state.output); 1458 } 1459 1460 static Kex * 1461 mm_get_kex(Buffer *m) 1462 { 1463 Kex *kex; 1464 void *blob; 1465 u_int bloblen; 1466 1467 kex = xmalloc(sizeof(*kex)); 1468 memset(kex, 0, sizeof(*kex)); 1469 kex->session_id = buffer_get_string(m, &kex->session_id_len); 1470 if ((session_id2 == NULL) || 1471 (kex->session_id_len != session_id2_len) || 1472 (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) 1473 fatal("mm_get_get: internal error: bad session id"); 1474 kex->we_need = buffer_get_int(m); 1475 kex->server = 1; 1476 kex->hostkey_type = buffer_get_int(m); 1477 kex->kex_type = buffer_get_int(m); 1478 blob = buffer_get_string(m, &bloblen); 1479 buffer_init(&kex->my); 1480 buffer_append(&kex->my, blob, bloblen); 1481 xfree(blob); 1482 blob = buffer_get_string(m, &bloblen); 1483 buffer_init(&kex->peer); 1484 buffer_append(&kex->peer, blob, bloblen); 1485 xfree(blob); 1486 kex->done = 1; 1487 kex->flags = buffer_get_int(m); 1488 kex->client_version_string = buffer_get_string(m, NULL); 1489 kex->server_version_string = buffer_get_string(m, NULL); 1490 kex->load_host_key=&get_hostkey_by_type; 1491 kex->host_key_index=&get_hostkey_index; 1492 1493 return (kex); 1494 } 1495 1496 /* This function requries careful sanity checking */ 1497 1498 void 1499 mm_get_keystate(struct monitor *pmonitor) 1500 { 1501 Buffer m; 1502 u_char *blob, *p; 1503 u_int bloblen, plen; 1504 1505 debug3("%s: Waiting for new keys", __func__); 1506 1507 buffer_init(&m); 1508 mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, &m); 1509 if (!compat20) { 1510 child_state.ssh1protoflags = buffer_get_int(&m); 1511 child_state.ssh1cipher = buffer_get_int(&m); 1512 child_state.ssh1key = buffer_get_string(&m, 1513 &child_state.ssh1keylen); 1514 child_state.ivout = buffer_get_string(&m, 1515 &child_state.ivoutlen); 1516 child_state.ivin = buffer_get_string(&m, &child_state.ivinlen); 1517 goto skip; 1518 } else { 1519 /* Get the Kex for rekeying */ 1520 *pmonitor->m_pkex = mm_get_kex(&m); 1521 } 1522 1523 blob = buffer_get_string(&m, &bloblen); 1524 current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); 1525 xfree(blob); 1526 1527 debug3("%s: Waiting for second key", __func__); 1528 blob = buffer_get_string(&m, &bloblen); 1529 current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen); 1530 xfree(blob); 1531 1532 /* Now get sequence numbers for the packets */ 1533 packet_set_seqnr(MODE_OUT, buffer_get_int(&m)); 1534 packet_set_seqnr(MODE_IN, buffer_get_int(&m)); 1535 1536 skip: 1537 /* Get the key context */ 1538 child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen); 1539 child_state.keyin = buffer_get_string(&m, &child_state.keyinlen); 1540 1541 debug3("%s: Getting compression state", __func__); 1542 /* Get compression state */ 1543 p = buffer_get_string(&m, &plen); 1544 if (plen != sizeof(child_state.outgoing)) 1545 fatal("%s: bad request size", __func__); 1546 memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); 1547 xfree(p); 1548 1549 p = buffer_get_string(&m, &plen); 1550 if (plen != sizeof(child_state.incoming)) 1551 fatal("%s: bad request size", __func__); 1552 memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); 1553 xfree(p); 1554 1555 /* Network I/O buffers */ 1556 debug3("%s: Getting Network I/O buffers", __func__); 1557 child_state.input = buffer_get_string(&m, &child_state.ilen); 1558 child_state.output = buffer_get_string(&m, &child_state.olen); 1559 1560 buffer_free(&m); 1561 } 1562 1563 1564 /* Allocation functions for zlib */ 1565 void * 1566 mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) 1567 { 1568 int len = size * ncount; 1569 void *address; 1570 1571 if (len <= 0) 1572 fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size); 1573 1574 address = mm_malloc(mm, len); 1575 1576 return (address); 1577 } 1578 1579 void 1580 mm_zfree(struct mm_master *mm, void *address) 1581 { 1582 mm_free(mm, address); 1583 } 1584 1585 void 1586 mm_init_compression(struct mm_master *mm) 1587 { 1588 outgoing_stream.zalloc = (alloc_func)mm_zalloc; 1589 outgoing_stream.zfree = (free_func)mm_zfree; 1590 outgoing_stream.opaque = mm; 1591 1592 incoming_stream.zalloc = (alloc_func)mm_zalloc; 1593 incoming_stream.zfree = (free_func)mm_zfree; 1594 incoming_stream.opaque = mm; 1595 } 1596 1597 /* XXX */ 1598 1599 #define FD_CLOSEONEXEC(x) do { \ 1600 if (fcntl(x, F_SETFD, 1) == -1) \ 1601 fatal("fcntl(%d, F_SETFD)", x); \ 1602 } while (0) 1603 1604 static void 1605 monitor_socketpair(int *pair) 1606 { 1607 #ifdef HAVE_SOCKETPAIR 1608 if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) 1609 fatal("%s: socketpair", __func__); 1610 #else 1611 fatal("%s: UsePrivilegeSeparation=yes not supported", 1612 __func__); 1613 #endif 1614 FD_CLOSEONEXEC(pair[0]); 1615 FD_CLOSEONEXEC(pair[1]); 1616 } 1617 1618 #define MM_MEMSIZE 65536 1619 1620 struct monitor * 1621 monitor_init(void) 1622 { 1623 struct monitor *mon; 1624 int pair[2]; 1625 1626 mon = xmalloc(sizeof(*mon)); 1627 1628 monitor_socketpair(pair); 1629 1630 mon->m_recvfd = pair[0]; 1631 mon->m_sendfd = pair[1]; 1632 1633 /* Used to share zlib space across processes */ 1634 if (options.compression) { 1635 mon->m_zback = mm_create(NULL, MM_MEMSIZE); 1636 mon->m_zlib = mm_create(mon->m_zback, 20 * MM_MEMSIZE); 1637 1638 /* Compression needs to share state across borders */ 1639 mm_init_compression(mon->m_zlib); 1640 } 1641 1642 return mon; 1643 } 1644 1645 void 1646 monitor_reinit(struct monitor *mon) 1647 { 1648 int pair[2]; 1649 1650 monitor_socketpair(pair); 1651 1652 mon->m_recvfd = pair[0]; 1653 mon->m_sendfd = pair[1]; 1654 } 1655