1 /* $NetBSD: monitor_wrap.c,v 1.38 2026/04/08 18:58:41 christos Exp $ */ 2 /* $OpenBSD: monitor_wrap.c,v 1.146 2026/03/02 02:40:15 djm Exp $ */ 3 4 /* 5 * Copyright 2002 Niels Provos <provos (at) citi.umich.edu> 6 * Copyright 2002 Markus Friedl <markus (at) openbsd.org> 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #include "includes.h" 31 __RCSID("$NetBSD: monitor_wrap.c,v 1.38 2026/04/08 18:58:41 christos Exp $"); 32 #include <sys/types.h> 33 #include <sys/uio.h> 34 #include <sys/queue.h> 35 #include <sys/wait.h> 36 37 #include <errno.h> 38 #include <pwd.h> 39 #include <signal.h> 40 #include <stdarg.h> 41 #include <stdio.h> 42 #include <string.h> 43 #include <unistd.h> 44 45 #ifdef WITH_OPENSSL 46 #include <openssl/bn.h> 47 #include <openssl/dh.h> 48 #include <openssl/evp.h> 49 #endif 50 51 #include "xmalloc.h" 52 #include "ssh.h" 53 #ifdef WITH_OPENSSL 54 #include "dh.h" 55 #endif 56 #include "sshbuf.h" 57 #include "sshkey.h" 58 #include "cipher.h" 59 #include "kex.h" 60 #include "hostfile.h" 61 #include "auth.h" 62 #include "auth-options.h" 63 #include "packet.h" 64 #include "mac.h" 65 #include "log.h" 66 #include "monitor.h" 67 #ifdef GSSAPI 68 #include "ssh-gss.h" 69 #endif 70 #include "atomicio.h" 71 #include "monitor_fdpass.h" 72 #ifdef USE_PAM 73 #include "misc.h" 74 #include "servconf.h" 75 #include <security/pam_appl.h> 76 #endif 77 #include "misc.h" 78 79 #include "channels.h" 80 #include "session.h" 81 #include "servconf.h" 82 #include "monitor_wrap.h" 83 #include "srclimit.h" 84 85 #include "ssherr.h" 86 87 /* Imports */ 88 extern struct monitor *pmonitor; 89 extern struct sshbuf *loginmsg; 90 extern ServerOptions options; 91 92 void 93 mm_log_handler(LogLevel level, int forced, const char *msg, void *ctx) 94 { 95 struct sshbuf *log_msg; 96 struct monitor *mon = (struct monitor *)ctx; 97 int r; 98 size_t len; 99 100 if (mon->m_log_sendfd == -1) 101 fatal_f("no log channel"); 102 103 if ((log_msg = sshbuf_new()) == NULL) 104 fatal_f("sshbuf_new failed"); 105 106 if ((r = sshbuf_put_u32(log_msg, 0)) != 0 || /* length; filled below */ 107 (r = sshbuf_put_u32(log_msg, level)) != 0 || 108 (r = sshbuf_put_u32(log_msg, forced)) != 0 || 109 (r = sshbuf_put_cstring(log_msg, msg)) != 0) 110 fatal_fr(r, "assemble"); 111 if ((len = sshbuf_len(log_msg)) < 4 || len > 0xffffffff) 112 fatal_f("bad length %zu", len); 113 POKE_U32(sshbuf_mutable_ptr(log_msg), len - 4); 114 if (atomicio(vwrite, mon->m_log_sendfd, 115 sshbuf_mutable_ptr(log_msg), len) != len) { 116 if (errno == EPIPE) { 117 debug_f("write: %s", strerror(errno)); 118 cleanup_exit(255); 119 } 120 fatal_f("write: %s", strerror(errno)); 121 } 122 sshbuf_free(log_msg); 123 } 124 125 static void 126 mm_reap(void) 127 { 128 int status = -1; 129 130 if (!mm_is_monitor()) 131 return; 132 while (waitpid(pmonitor->m_pid, &status, 0) == -1) { 133 if (errno == EINTR) 134 continue; 135 pmonitor->m_pid = -1; 136 fatal_f("waitpid: %s", strerror(errno)); 137 } 138 if (WIFEXITED(status)) { 139 if (WEXITSTATUS(status) != 0) { 140 debug_f("child exited with status %d", 141 WEXITSTATUS(status)); 142 cleanup_exit(255); 143 } 144 } else if (WIFSIGNALED(status)) { 145 error_f("child terminated by signal %d", 146 WTERMSIG(status)); 147 cleanup_exit(signal_is_crash(WTERMSIG(status)) ? 148 EXIT_CHILD_CRASH : 255); 149 } else { 150 error_f("child terminated abnormally (status=0x%x)", 151 status); 152 cleanup_exit(EXIT_CHILD_CRASH); 153 } 154 } 155 156 void 157 mm_request_send(int sock, enum monitor_reqtype type, struct sshbuf *m) 158 { 159 size_t mlen = sshbuf_len(m); 160 u_char buf[5]; 161 162 debug3_f("entering, type %d", type); 163 164 if (mlen >= MONITOR_MAX_MSGLEN) 165 fatal_f("bad length %zu", mlen); 166 POKE_U32(buf, mlen + 1); 167 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ 168 if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf) || 169 atomicio(vwrite, sock, sshbuf_mutable_ptr(m), mlen) != mlen) { 170 if (errno == EPIPE) { 171 debug3_f("monitor fd closed"); 172 mm_reap(); 173 cleanup_exit(255); 174 } 175 fatal_f("write: %s", strerror(errno)); 176 } 177 } 178 179 void 180 mm_request_receive(int sock, struct sshbuf *m) 181 { 182 u_char buf[4], *p = NULL; 183 u_int msg_len; 184 int oerrno, r; 185 186 debug3_f("entering"); 187 188 if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { 189 if (errno == EPIPE) { 190 debug3_f("monitor fd closed"); 191 mm_reap(); 192 cleanup_exit(255); 193 } 194 fatal_f("read: %s", strerror(errno)); 195 } 196 msg_len = PEEK_U32(buf); 197 if (msg_len > MONITOR_MAX_MSGLEN) 198 fatal_f("read: bad msg_len %d", msg_len); 199 sshbuf_reset(m); 200 if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) 201 fatal_fr(r, "reserve"); 202 if (atomicio(read, sock, p, msg_len) != msg_len) { 203 oerrno = errno; 204 error_f("read: %s", strerror(errno)); 205 if (oerrno == EPIPE) 206 mm_reap(); 207 cleanup_exit(255); 208 } 209 } 210 211 void 212 mm_request_receive_expect(int sock, enum monitor_reqtype type, struct sshbuf *m) 213 { 214 u_char rtype; 215 int r; 216 217 debug3_f("entering, type %d", type); 218 219 mm_request_receive(sock, m); 220 if ((r = sshbuf_get_u8(m, &rtype)) != 0) 221 fatal_fr(r, "parse"); 222 if (rtype != type) 223 fatal_f("read: rtype %d != type %d", rtype, type); 224 } 225 226 #ifdef WITH_OPENSSL 227 DH * 228 mm_choose_dh(int min, int nbits, int max) 229 { 230 BIGNUM *p, *g; 231 int r; 232 u_char success = 0; 233 struct sshbuf *m; 234 235 if ((m = sshbuf_new()) == NULL) 236 fatal_f("sshbuf_new failed"); 237 if ((r = sshbuf_put_u32(m, min)) != 0 || 238 (r = sshbuf_put_u32(m, nbits)) != 0 || 239 (r = sshbuf_put_u32(m, max)) != 0) 240 fatal_fr(r, "assemble"); 241 242 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, m); 243 244 debug3_f("waiting for MONITOR_ANS_MODULI"); 245 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, m); 246 247 if ((r = sshbuf_get_u8(m, &success)) != 0) 248 fatal_fr(r, "parse success"); 249 if (success == 0) 250 fatal_f("MONITOR_ANS_MODULI failed"); 251 252 if ((r = sshbuf_get_bignum2(m, &p)) != 0 || 253 (r = sshbuf_get_bignum2(m, &g)) != 0) 254 fatal_fr(r, "parse group"); 255 256 debug3_f("remaining %zu", sshbuf_len(m)); 257 sshbuf_free(m); 258 259 return (dh_new_group(g, p)); 260 } 261 #endif 262 263 void 264 mm_sshkey_setcompat(struct ssh *ssh) 265 { 266 struct sshbuf *m; 267 int r; 268 269 debug3_f("entering"); 270 if ((m = sshbuf_new()) == NULL) 271 fatal_f("sshbuf_new failed"); 272 if ((r = sshbuf_put_u32(m, ssh->compat)) != 0) 273 fatal_fr(r, "assemble"); 274 275 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SETCOMPAT, m); 276 } 277 278 int 279 mm_sshkey_sign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, 280 const u_char *data, size_t datalen, const char *hostkey_alg, 281 const char *sk_provider, const char *sk_pin, u_int compat) 282 { 283 struct sshbuf *m; 284 int r; 285 286 debug3_f("entering"); 287 if ((m = sshbuf_new()) == NULL) 288 fatal_f("sshbuf_new failed"); 289 if ((r = sshkey_puts(key, m)) != 0 || 290 (r = sshbuf_put_string(m, data, datalen)) != 0 || 291 (r = sshbuf_put_cstring(m, hostkey_alg)) != 0 || 292 (r = sshbuf_put_u32(m, compat)) != 0) 293 fatal_fr(r, "assemble"); 294 295 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, m); 296 297 debug3_f("waiting for MONITOR_ANS_SIGN"); 298 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, m); 299 if ((r = sshbuf_get_string(m, sigp, lenp)) != 0) 300 fatal_fr(r, "parse"); 301 sshbuf_free(m); 302 debug3_f("%s signature len=%zu", hostkey_alg ? hostkey_alg : "(null)", 303 *lenp); 304 305 return (0); 306 } 307 308 void 309 mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m) 310 { 311 const u_char *p; 312 size_t len; 313 u_int i; 314 ServerOptions *newopts; 315 int r; 316 317 if ((r = sshbuf_get_string_direct(m, &p, &len)) != 0) 318 fatal_fr(r, "parse opts"); 319 if (len != sizeof(*newopts)) 320 fatal_f("option block size mismatch"); 321 newopts = xcalloc(sizeof(*newopts), 1); 322 memcpy(newopts, p, sizeof(*newopts)); 323 324 #define M_CP_STROPT(x) do { \ 325 if (newopts->x != NULL && \ 326 (r = sshbuf_get_cstring(m, &newopts->x, NULL)) != 0) \ 327 fatal_fr(r, "parse %s", #x); \ 328 } while (0) 329 #define M_CP_STRARRAYOPT(x, nx, clobber) do { \ 330 newopts->x = newopts->nx == 0 ? \ 331 NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \ 332 for (i = 0; i < newopts->nx; i++) { \ 333 if ((r = sshbuf_get_cstring(m, \ 334 &newopts->x[i], NULL)) != 0) \ 335 fatal_fr(r, "parse %s", #x); \ 336 } \ 337 } while (0) 338 /* See comment in servconf.h */ 339 COPY_MATCH_STRING_OPTS(); 340 #undef M_CP_STROPT 341 #undef M_CP_STRARRAYOPT 342 343 copy_set_server_options(&options, newopts, 1); 344 log_change_level(options.log_level); 345 log_verbose_reset(); 346 for (i = 0; i < options.num_log_verbose; i++) 347 log_verbose_add(options.log_verbose[i]); 348 349 /* use the macro hell to clean up too */ 350 #define M_CP_STROPT(x) free(newopts->x) 351 #define M_CP_STRARRAYOPT(x, nx, clobber) do { \ 352 for (i = 0; i < newopts->nx; i++) \ 353 free(newopts->x[i]); \ 354 free(newopts->x); \ 355 } while (0) 356 COPY_MATCH_STRING_OPTS(); 357 #undef M_CP_STROPT 358 #undef M_CP_STRARRAYOPT 359 free(newopts); 360 } 361 362 #define GETPW(b, id) \ 363 do { \ 364 if ((r = sshbuf_get_string_direct(b, &p, &len)) != 0) \ 365 fatal_fr(r, "parse pw %s", #id); \ 366 if (len != sizeof(pw->id)) \ 367 fatal_fr(r, "bad length for %s", #id); \ 368 memcpy(&pw->id, p, len); \ 369 } while (0) 370 371 struct passwd * 372 mm_getpwnamallow(struct ssh *ssh, const char *username) 373 { 374 struct sshbuf *m; 375 struct passwd *pw; 376 size_t len; 377 int r; 378 u_char ok; 379 const u_char *p; 380 381 debug3_f("entering"); 382 383 if ((m = sshbuf_new()) == NULL) 384 fatal_f("sshbuf_new failed"); 385 if ((r = sshbuf_put_cstring(m, username)) != 0) 386 fatal_fr(r, "assemble"); 387 388 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, m); 389 390 debug3_f("waiting for MONITOR_ANS_PWNAM"); 391 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, m); 392 393 if ((r = sshbuf_get_u8(m, &ok)) != 0) 394 fatal_fr(r, "parse success"); 395 if (ok == 0) { 396 pw = NULL; 397 goto out; 398 } 399 400 pw = xcalloc(sizeof(*pw), 1); 401 GETPW(m, pw_uid); 402 GETPW(m, pw_gid); 403 GETPW(m, pw_change); 404 GETPW(m, pw_expire); 405 if ((r = sshbuf_get_cstring(m, &pw->pw_name, NULL)) != 0 || 406 (r = sshbuf_get_cstring(m, &pw->pw_passwd, NULL)) != 0 || 407 (r = sshbuf_get_cstring(m, &pw->pw_gecos, NULL)) != 0 || 408 (r = sshbuf_get_cstring(m, &pw->pw_class, NULL)) != 0 || 409 (r = sshbuf_get_cstring(m, &pw->pw_dir, NULL)) != 0 || 410 (r = sshbuf_get_cstring(m, &pw->pw_shell, NULL)) != 0) 411 fatal_fr(r, "parse pw"); 412 413 out: 414 /* copy options block as a Match directive may have changed some */ 415 mm_decode_activate_server_options(ssh, m); 416 server_process_permitopen(ssh); 417 server_process_channel_timeouts(ssh); 418 kex_set_server_sig_algs(ssh, options.pubkey_accepted_algos); 419 sshbuf_free(m); 420 421 return (pw); 422 } 423 424 char * 425 mm_auth2_read_banner(void) 426 { 427 struct sshbuf *m; 428 char *banner; 429 int r; 430 431 debug3_f("entering"); 432 433 if ((m = sshbuf_new()) == NULL) 434 fatal_f("sshbuf_new failed"); 435 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, m); 436 sshbuf_reset(m); 437 438 mm_request_receive_expect(pmonitor->m_recvfd, 439 MONITOR_ANS_AUTH2_READ_BANNER, m); 440 if ((r = sshbuf_get_cstring(m, &banner, NULL)) != 0) 441 fatal_fr(r, "parse"); 442 sshbuf_free(m); 443 444 /* treat empty banner as missing banner */ 445 if (strlen(banner) == 0) { 446 free(banner); 447 banner = NULL; 448 } 449 return (banner); 450 } 451 452 /* Inform the privileged process about service and style */ 453 454 void 455 mm_inform_authserv(char *service, char *style) 456 { 457 struct sshbuf *m; 458 int r; 459 460 debug3_f("entering"); 461 462 if ((m = sshbuf_new()) == NULL) 463 fatal_f("sshbuf_new failed"); 464 if ((r = sshbuf_put_cstring(m, service)) != 0 || 465 (r = sshbuf_put_cstring(m, style ? style : "")) != 0) 466 fatal_fr(r, "assemble"); 467 468 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m); 469 470 sshbuf_free(m); 471 } 472 473 /* Do the password authentication */ 474 int 475 mm_auth_password(struct ssh *ssh, const char *password) 476 { 477 struct sshbuf *m; 478 int r; 479 u_int authenticated = 0; 480 #ifdef USE_PAM 481 u_int maxtries = 0; 482 #endif 483 484 debug3_f("entering"); 485 486 if ((m = sshbuf_new()) == NULL) 487 fatal_f("sshbuf_new failed"); 488 if ((r = sshbuf_put_cstring(m, password)) != 0) 489 fatal_fr(r, "assemble"); 490 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, m); 491 492 debug3_f("waiting for MONITOR_ANS_AUTHPASSWORD"); 493 mm_request_receive_expect(pmonitor->m_recvfd, 494 MONITOR_ANS_AUTHPASSWORD, m); 495 496 if ((r = sshbuf_get_u32(m, &authenticated)) != 0) 497 fatal_fr(r, "parse"); 498 499 #ifdef USE_PAM 500 if ((r = sshbuf_get_u32(m, &maxtries)) != 0) 501 fatal_fr(r, "parse PAM"); 502 if (maxtries > INT_MAX) 503 fatal_fr(r, "bad maxtries"); 504 sshpam_set_maxtries_reached(maxtries); 505 #endif 506 507 sshbuf_free(m); 508 509 debug3_f("user %sauthenticated", authenticated ? "" : "not "); 510 return (authenticated); 511 } 512 513 int 514 mm_user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, 515 int pubkey_auth_attempt, struct sshauthopt **authoptp) 516 { 517 return (mm_key_allowed(MM_USERKEY, NULL, NULL, key, 518 pubkey_auth_attempt, authoptp)); 519 } 520 521 int 522 mm_hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, 523 const char *user, const char *host, struct sshkey *key) 524 { 525 return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, NULL)); 526 } 527 528 int 529 mm_key_allowed(enum mm_keytype type, const char *user, const char *host, 530 struct sshkey *key, int pubkey_auth_attempt, struct sshauthopt **authoptp) 531 { 532 struct sshbuf *m; 533 int r; 534 u_int allowed = 0; 535 struct sshauthopt *opts = NULL; 536 537 debug3_f("entering"); 538 539 if (authoptp != NULL) 540 *authoptp = NULL; 541 542 if ((m = sshbuf_new()) == NULL) 543 fatal_f("sshbuf_new failed"); 544 if ((r = sshbuf_put_u32(m, type)) != 0 || 545 (r = sshbuf_put_cstring(m, user ? user : "")) != 0 || 546 (r = sshbuf_put_cstring(m, host ? host : "")) != 0 || 547 (r = sshkey_puts(key, m)) != 0 || 548 (r = sshbuf_put_u32(m, pubkey_auth_attempt)) != 0) 549 fatal_fr(r, "assemble"); 550 551 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, m); 552 553 debug3_f("waiting for MONITOR_ANS_KEYALLOWED"); 554 mm_request_receive_expect(pmonitor->m_recvfd, 555 MONITOR_ANS_KEYALLOWED, m); 556 557 if ((r = sshbuf_get_u32(m, &allowed)) != 0) 558 fatal_fr(r, "parse"); 559 if (allowed && type == MM_USERKEY && 560 (r = sshauthopt_deserialise(m, &opts)) != 0) 561 fatal_fr(r, "sshauthopt_deserialise"); 562 sshbuf_free(m); 563 564 if (authoptp != NULL) { 565 *authoptp = opts; 566 opts = NULL; 567 } 568 sshauthopt_free(opts); 569 570 return allowed; 571 } 572 573 /* 574 * This key verify needs to send the key type along, because the 575 * privileged parent makes the decision if the key is allowed 576 * for authentication. 577 */ 578 579 int 580 mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, 581 const u_char *data, size_t datalen, const char *sigalg, u_int compat, 582 struct sshkey_sig_details **sig_detailsp) 583 { 584 struct sshbuf *m; 585 u_int encoded_ret = 0; 586 int r; 587 u_char sig_details_present, flags; 588 u_int counter; 589 590 debug3_f("entering"); 591 592 if (sig_detailsp != NULL) 593 *sig_detailsp = NULL; 594 if ((m = sshbuf_new()) == NULL) 595 fatal_f("sshbuf_new failed"); 596 if ((r = sshkey_puts(key, m)) != 0 || 597 (r = sshbuf_put_string(m, sig, siglen)) != 0 || 598 (r = sshbuf_put_string(m, data, datalen)) != 0 || 599 (r = sshbuf_put_cstring(m, sigalg == NULL ? "" : sigalg)) != 0) 600 fatal_fr(r, "assemble"); 601 602 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, m); 603 604 debug3_f("waiting for MONITOR_ANS_KEYVERIFY"); 605 mm_request_receive_expect(pmonitor->m_recvfd, 606 MONITOR_ANS_KEYVERIFY, m); 607 608 if ((r = sshbuf_get_u32(m, &encoded_ret)) != 0 || 609 (r = sshbuf_get_u8(m, &sig_details_present)) != 0) 610 fatal_fr(r, "parse"); 611 if (sig_details_present && encoded_ret == 0) { 612 if ((r = sshbuf_get_u32(m, &counter)) != 0 || 613 (r = sshbuf_get_u8(m, &flags)) != 0) 614 fatal_fr(r, "parse sig_details"); 615 if (sig_detailsp != NULL) { 616 *sig_detailsp = xcalloc(1, sizeof(**sig_detailsp)); 617 (*sig_detailsp)->sk_counter = counter; 618 (*sig_detailsp)->sk_flags = flags; 619 } 620 } 621 622 sshbuf_free(m); 623 624 if (encoded_ret != 0) 625 return SSH_ERR_SIGNATURE_INVALID; 626 return 0; 627 } 628 629 void 630 mm_send_keystate(struct ssh *ssh, struct monitor *monitor) 631 { 632 struct sshbuf *m; 633 int r; 634 635 if ((m = sshbuf_new()) == NULL) 636 fatal_f("sshbuf_new failed"); 637 if ((r = ssh_packet_get_state(ssh, m)) != 0) 638 fatal_fr(r, "ssh_packet_get_state"); 639 mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, m); 640 debug3_f("Finished sending state"); 641 sshbuf_free(m); 642 } 643 644 int 645 mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) 646 { 647 struct sshbuf *m; 648 char *p, *msg; 649 u_int success = 0; 650 int tmp1 = -1, tmp2 = -1, r; 651 652 /* Kludge: ensure there are fds free to receive the pty/tty */ 653 if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 || 654 (tmp2 = dup(pmonitor->m_recvfd)) == -1) { 655 error_f("cannot allocate fds for pty"); 656 if (tmp1 >= 0) 657 close(tmp1); 658 return 0; 659 } 660 close(tmp1); 661 close(tmp2); 662 663 if ((m = sshbuf_new()) == NULL) 664 fatal_f("sshbuf_new failed"); 665 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, m); 666 667 debug3_f("waiting for MONITOR_ANS_PTY"); 668 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, m); 669 670 if ((r = sshbuf_get_u32(m, &success)) != 0) 671 fatal_fr(r, "parse success"); 672 if (success == 0) { 673 debug3_f("pty alloc failed"); 674 sshbuf_free(m); 675 return (0); 676 } 677 if ((r = sshbuf_get_cstring(m, &p, NULL)) != 0 || 678 (r = sshbuf_get_cstring(m, &msg, NULL)) != 0) 679 fatal_fr(r, "parse"); 680 sshbuf_free(m); 681 682 strlcpy(namebuf, p, namebuflen); /* Possible truncation */ 683 free(p); 684 685 if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0) 686 fatal_fr(r, "put loginmsg"); 687 free(msg); 688 689 if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 || 690 (*ttyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1) 691 fatal_f("receive fds failed"); 692 693 /* Success */ 694 return (1); 695 } 696 697 void 698 mm_session_pty_cleanup2(Session *s) 699 { 700 struct sshbuf *m; 701 int r; 702 703 if (s->ttyfd == -1) 704 return; 705 if ((m = sshbuf_new()) == NULL) 706 fatal_f("sshbuf_new failed"); 707 if ((r = sshbuf_put_cstring(m, s->tty)) != 0) 708 fatal_fr(r, "assmble"); 709 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, m); 710 sshbuf_free(m); 711 712 /* closed dup'ed master */ 713 if (s->ptymaster != -1 && close(s->ptymaster) == -1) 714 error("close(s->ptymaster/%d): %s", 715 s->ptymaster, strerror(errno)); 716 717 /* unlink pty from session */ 718 s->ttyfd = -1; 719 } 720 721 #ifdef USE_PAM 722 void 723 mm_start_pam(struct ssh *ssh) 724 { 725 struct sshbuf *m; 726 727 debug3("%s entering", __func__); 728 if (!options.use_pam) 729 fatal("UsePAM=no, but ended up in %s anyway", __func__); 730 731 if ((m = sshbuf_new()) == NULL) 732 fatal("%s: sshbuf_new failed", __func__); 733 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, m); 734 735 sshbuf_free(m); 736 } 737 738 u_int 739 mm_do_pam_account(void) 740 { 741 struct sshbuf *m; 742 u_int ret; 743 size_t msglen; 744 char *msg; 745 int r; 746 747 debug3("%s entering", __func__); 748 if (!options.use_pam) 749 fatal("UsePAM=no, but ended up in %s anyway", __func__); 750 751 if ((m = sshbuf_new()) == NULL) 752 fatal("%s: sshbuf_new failed", __func__); 753 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, m); 754 755 mm_request_receive_expect(pmonitor->m_recvfd, 756 MONITOR_ANS_PAM_ACCOUNT, m); 757 if ((r = sshbuf_get_u32(m, &ret)) != 0 || 758 (r = sshbuf_get_cstring(m, &msg, &msglen)) != 0 || 759 (r = sshbuf_put(loginmsg, msg, msglen)) != 0) 760 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 761 762 free(msg); 763 sshbuf_free(m); 764 765 debug3("%s returning %d", __func__, ret); 766 767 return (ret); 768 } 769 770 void * 771 mm_sshpam_init_ctx(Authctxt *authctxt) 772 { 773 struct sshbuf *m; 774 u_int success; 775 int r; 776 777 debug3("%s", __func__); 778 if ((m = sshbuf_new()) == NULL) 779 fatal("%s: sshbuf_new failed", __func__); 780 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, m); 781 debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__); 782 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, m); 783 if ((r = sshbuf_get_u32(m, &success)) != 0) 784 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 785 if (success == 0) { 786 debug3("%s: pam_init_ctx failed", __func__); 787 sshbuf_free(m); 788 return (NULL); 789 } 790 sshbuf_free(m); 791 return (authctxt); 792 } 793 794 int 795 mm_sshpam_query(void *ctx, char **name, char **info, 796 u_int *num, char ***prompts, u_int **echo_on) 797 { 798 struct sshbuf *m; 799 u_int i, n, ret; 800 int r; 801 802 debug3("%s", __func__); 803 if ((m = sshbuf_new()) == NULL) 804 fatal("%s: sshbuf_new failed", __func__); 805 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, m); 806 debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__); 807 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, m); 808 if ((r = sshbuf_get_u32(m, &ret)) != 0 || 809 (r = sshbuf_get_cstring(m, name, NULL)) != 0 || 810 (r = sshbuf_get_cstring(m, info, NULL)) != 0 || 811 (r = sshbuf_get_u32(m, &n)) != 0 || 812 (r = sshbuf_get_u32(m, num)) != 0) 813 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 814 debug3("%s: pam_query returned %d", __func__, ret); 815 sshpam_set_maxtries_reached(n); 816 if (*num > PAM_MAX_NUM_MSG) 817 fatal("%s: received %u PAM messages, expected <= %u", 818 __func__, *num, PAM_MAX_NUM_MSG); 819 *prompts = xcalloc((*num + 1), sizeof(char *)); 820 *echo_on = xcalloc((*num + 1), sizeof(u_int)); 821 for (i = 0; i < *num; ++i) { 822 if ((r = sshbuf_get_cstring(m, &((*prompts)[i]), NULL)) != 0 || 823 (r = sshbuf_get_u32(m, &((*echo_on)[i]))) != 0) 824 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 825 } 826 sshbuf_free(m); 827 return (ret); 828 } 829 830 int 831 mm_sshpam_respond(void *ctx, u_int num, char **resp) 832 { 833 struct sshbuf *m; 834 u_int n, i; 835 int r, ret; 836 837 debug3("%s", __func__); 838 if ((m = sshbuf_new()) == NULL) 839 fatal("%s: sshbuf_new failed", __func__); 840 if ((r = sshbuf_put_u32(m, num)) != 0) 841 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 842 for (i = 0; i < num; ++i) { 843 if ((r = sshbuf_put_cstring(m, resp[i])) != 0) 844 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 845 } 846 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, m); 847 debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__); 848 mm_request_receive_expect(pmonitor->m_recvfd, 849 MONITOR_ANS_PAM_RESPOND, m); 850 if ((r = sshbuf_get_u32(m, &n)) != 0) 851 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 852 ret = (int)n; /* XXX */ 853 debug3("%s: pam_respond returned %d", __func__, ret); 854 sshbuf_free(m); 855 return (ret); 856 } 857 858 void 859 mm_sshpam_free_ctx(void *ctxtp) 860 { 861 struct sshbuf *m; 862 863 debug3("%s", __func__); 864 if ((m = sshbuf_new()) == NULL) 865 fatal("%s: sshbuf_new failed", __func__); 866 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, m); 867 debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__); 868 mm_request_receive_expect(pmonitor->m_recvfd, 869 MONITOR_ANS_PAM_FREE_CTX, m); 870 sshbuf_free(m); 871 } 872 #endif /* USE_PAM */ 873 874 /* Request process termination */ 875 876 void 877 mm_terminate(void) 878 { 879 struct sshbuf *m; 880 881 if ((m = sshbuf_new()) == NULL) 882 fatal_f("sshbuf_new failed"); 883 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, m); 884 sshbuf_free(m); 885 } 886 887 /* Request state information */ 888 889 void 890 mm_get_state(struct ssh *ssh, struct include_list *includes, 891 struct sshbuf *conf, struct sshbuf **confdatap, 892 uint64_t *timing_secretp, 893 struct sshbuf **hostkeysp, struct sshbuf **keystatep, 894 u_char **pw_namep, 895 struct sshbuf **authinfop, struct sshbuf **auth_optsp) 896 { 897 struct sshbuf *m, *inc; 898 u_char *cp; 899 size_t len; 900 int r; 901 struct include_item *item; 902 903 debug3_f("entering"); 904 905 if ((m = sshbuf_new()) == NULL || (inc = sshbuf_new()) == NULL) 906 fatal_f("sshbuf_new failed"); 907 908 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_STATE, m); 909 910 debug3_f("waiting for MONITOR_ANS_STATE"); 911 mm_request_receive_expect(pmonitor->m_recvfd, 912 MONITOR_ANS_STATE, m); 913 914 if ((r = sshbuf_get_string(m, &cp, &len)) != 0 || 915 (r = sshbuf_get_u64(m, timing_secretp)) != 0 || 916 (r = sshbuf_froms(m, hostkeysp)) != 0 || 917 (r = sshbuf_get_stringb(m, ssh->kex->server_version)) != 0 || 918 (r = sshbuf_get_stringb(m, ssh->kex->client_version)) != 0 || 919 (r = sshbuf_get_stringb(m, inc)) != 0) 920 fatal_fr(r, "parse config"); 921 922 /* postauth */ 923 if (confdatap) { 924 if ((r = sshbuf_froms(m, confdatap)) != 0 || 925 (r = sshbuf_froms(m, keystatep)) != 0 || 926 (r = sshbuf_get_string(m, pw_namep, NULL)) != 0 || 927 (r = sshbuf_froms(m, authinfop)) != 0 || 928 (r = sshbuf_froms(m, auth_optsp)) != 0) 929 fatal_fr(r, "parse config postauth"); 930 } 931 932 if (conf != NULL && (r = sshbuf_put(conf, cp, len))) 933 fatal_fr(r, "sshbuf_put"); 934 935 while (sshbuf_len(inc) != 0) { 936 item = xcalloc(1, sizeof(*item)); 937 if ((item->contents = sshbuf_new()) == NULL) 938 fatal_f("sshbuf_new failed"); 939 if ((r = sshbuf_get_cstring(inc, &item->selector, NULL)) != 0 || 940 (r = sshbuf_get_cstring(inc, &item->filename, NULL)) != 0 || 941 (r = sshbuf_get_stringb(inc, item->contents)) != 0) 942 fatal_fr(r, "parse includes"); 943 TAILQ_INSERT_TAIL(includes, item, entry); 944 } 945 946 free(cp); 947 sshbuf_free(m); 948 sshbuf_free(inc); 949 950 debug3_f("done"); 951 } 952 953 #if defined(BSD_AUTH) || defined(SKEY) 954 955 static void 956 mm_chall_setup(char **name, char **infotxt, u_int *numprompts, 957 char ***prompts, u_int **echo_on) 958 { 959 *name = xstrdup(""); 960 *infotxt = xstrdup(""); 961 *numprompts = 1; 962 *prompts = xcalloc(*numprompts, sizeof(char *)); 963 *echo_on = xcalloc(*numprompts, sizeof(u_int)); 964 (*echo_on)[0] = 0; 965 } 966 967 #ifdef BSD_AUTH 968 int 969 mm_bsdauth_query(void *ctx, char **name, char **infotxt, 970 u_int *numprompts, char ***prompts, u_int **echo_on) 971 { 972 struct sshbuf *m; 973 u_int success; 974 char *challenge; 975 int r; 976 977 debug3_f("entering"); 978 979 if ((m = sshbuf_new()) == NULL) 980 fatal_f("sshbuf_new failed"); 981 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, m); 982 983 mm_request_receive_expect(pmonitor->m_recvfd, 984 MONITOR_ANS_BSDAUTHQUERY, m); 985 if ((r = sshbuf_get_u32(m, &success)) != 0) 986 fatal_fr(r, "parse success"); 987 if (success == 0) { 988 debug3_f("no challenge"); 989 sshbuf_free(m); 990 return (-1); 991 } 992 993 /* Get the challenge, and format the response */ 994 if ((r = sshbuf_get_cstring(m, &challenge, NULL)) != 0) 995 fatal_fr(r, "parse challenge"); 996 sshbuf_free(m); 997 998 mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); 999 (*prompts)[0] = challenge; 1000 1001 debug3_f("received challenge: %s", challenge); 1002 1003 return (0); 1004 } 1005 1006 int 1007 mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses) 1008 { 1009 struct sshbuf *m; 1010 int r, authok; 1011 1012 debug3_f("entering"); 1013 if (numresponses != 1) 1014 return (-1); 1015 1016 if ((m = sshbuf_new()) == NULL) 1017 fatal_f("sshbuf_new failed"); 1018 if ((r = sshbuf_put_cstring(m, responses[0])) != 0) 1019 fatal_fr(r, "assemble"); 1020 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, m); 1021 1022 mm_request_receive_expect(pmonitor->m_recvfd, 1023 MONITOR_ANS_BSDAUTHRESPOND, m); 1024 1025 if ((r = sshbuf_get_u32(m, &authok)) != 0) 1026 fatal_fr(r, "parse"); 1027 sshbuf_free(m); 1028 1029 return ((authok == 0) ? -1 : 0); 1030 } 1031 #endif 1032 1033 #ifdef SKEY 1034 int 1035 mm_skey_query(void *ctx, char **name, char **infotxt, 1036 u_int *numprompts, char ***prompts, u_int **echo_on) 1037 { 1038 struct sshbuf m; 1039 u_int success; 1040 char *challenge; 1041 1042 debug3("%s: entering", __func__); 1043 1044 sshbuf_new(&m); 1045 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m); 1046 1047 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY, 1048 &m); 1049 success = sshbuf_get_int(&m); 1050 if (success == 0) { 1051 debug3("%s: no challenge", __func__); 1052 sshbuf_free(&m); 1053 return (-1); 1054 } 1055 1056 /* Get the challenge, and format the response */ 1057 challenge = sshbuf_get_string(&m, NULL); 1058 sshbuf_free(&m); 1059 1060 debug3("%s: received challenge: %s", __func__, challenge); 1061 1062 mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); 1063 1064 xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); 1065 free(challenge); 1066 1067 return (0); 1068 } 1069 1070 int 1071 mm_skey_respond(void *ctx, u_int numresponses, char **responses) 1072 { 1073 struct sshbuf m; 1074 int authok; 1075 1076 debug3("%s: entering", __func__); 1077 if (numresponses != 1) 1078 return (-1); 1079 1080 sshbuf_new(&m); 1081 sshbuf_put_cstring(&m, responses[0]); 1082 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, &m); 1083 1084 mm_request_receive_expect(pmonitor->m_recvfd, 1085 MONITOR_ANS_SKEYRESPOND, &m); 1086 1087 authok = sshbuf_get_int(&m); 1088 sshbuf_free(&m); 1089 1090 return ((authok == 0) ? -1 : 0); 1091 } 1092 #endif /* SKEY */ 1093 #endif /* BSDAUTH || SKEY */ 1094 1095 #ifdef GSSAPI 1096 OM_uint32 1097 mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid) 1098 { 1099 struct sshbuf *m; 1100 OM_uint32 major; 1101 int r; 1102 1103 /* Client doesn't get to see the context */ 1104 *ctx = NULL; 1105 1106 if ((m = sshbuf_new()) == NULL) 1107 fatal_f("sshbuf_new failed"); 1108 if ((r = sshbuf_put_string(m, goid->elements, goid->length)) != 0) 1109 fatal_fr(r, "assemble"); 1110 1111 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, m); 1112 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, m); 1113 1114 if ((r = sshbuf_get_u32(m, &major)) != 0) 1115 fatal_fr(r, "parse"); 1116 1117 sshbuf_free(m); 1118 return (major); 1119 } 1120 1121 OM_uint32 1122 mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in, 1123 gss_buffer_desc *out, OM_uint32 *flagsp) 1124 { 1125 struct sshbuf *m; 1126 OM_uint32 major; 1127 u_int flags; 1128 int r; 1129 1130 if ((m = sshbuf_new()) == NULL) 1131 fatal_f("sshbuf_new failed"); 1132 if ((r = sshbuf_put_string(m, in->value, in->length)) != 0) 1133 fatal_fr(r, "assemble"); 1134 1135 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSTEP, m); 1136 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m); 1137 1138 if ((r = sshbuf_get_u32(m, &major)) != 0 || 1139 (r = ssh_gssapi_get_buffer_desc(m, out)) != 0) 1140 fatal_fr(r, "parse"); 1141 if (flagsp != NULL) { 1142 if ((r = sshbuf_get_u32(m, &flags)) != 0) 1143 fatal_fr(r, "parse flags"); 1144 *flagsp = flags; 1145 } 1146 1147 sshbuf_free(m); 1148 1149 return (major); 1150 } 1151 1152 OM_uint32 1153 mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) 1154 { 1155 struct sshbuf *m; 1156 OM_uint32 major; 1157 int r; 1158 1159 if ((m = sshbuf_new()) == NULL) 1160 fatal_f("sshbuf_new failed"); 1161 if ((r = sshbuf_put_string(m, gssbuf->value, gssbuf->length)) != 0 || 1162 (r = sshbuf_put_string(m, gssmic->value, gssmic->length)) != 0) 1163 fatal_fr(r, "assemble"); 1164 1165 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSCHECKMIC, m); 1166 mm_request_receive_expect(pmonitor->m_recvfd, 1167 MONITOR_ANS_GSSCHECKMIC, m); 1168 1169 if ((r = sshbuf_get_u32(m, &major)) != 0) 1170 fatal_fr(r, "parse"); 1171 sshbuf_free(m); 1172 return(major); 1173 } 1174 1175 int 1176 mm_ssh_gssapi_userok(char *user) 1177 { 1178 struct sshbuf *m; 1179 int r; 1180 u_int authenticated = 0; 1181 1182 if ((m = sshbuf_new()) == NULL) 1183 fatal_f("sshbuf_new failed"); 1184 1185 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); 1186 mm_request_receive_expect(pmonitor->m_recvfd, 1187 MONITOR_ANS_GSSUSEROK, m); 1188 1189 if ((r = sshbuf_get_u32(m, &authenticated)) != 0) 1190 fatal_fr(r, "parse"); 1191 1192 sshbuf_free(m); 1193 debug3_f("user %sauthenticated", authenticated ? "" : "not "); 1194 return (authenticated); 1195 } 1196 #endif /* GSSAPI */ 1197 1198 #ifdef KRB5 1199 int 1200 mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp) 1201 { 1202 krb5_data *tkt, *reply; 1203 struct sshbuf *m; 1204 u_int success; 1205 int r; 1206 1207 debug3("%s entering", __func__); 1208 tkt = (krb5_data *) argp; 1209 reply = (krb5_data *) resp; 1210 1211 if ((m = sshbuf_new()) == NULL) 1212 fatal("%s: sshbuf_new failed", __func__); 1213 sshbuf_put_string(m, tkt->data, tkt->length); 1214 1215 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, m); 1216 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, m); 1217 1218 if ((r = sshbuf_get_u32(m, &success)) != 0) 1219 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 1220 if (success) { 1221 size_t len; 1222 u_char *data; 1223 1224 if ((r = sshbuf_get_cstring(m, userp, NULL)) != 0 || 1225 (r = sshbuf_get_string(m, &data, &len)) != 0) 1226 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 1227 reply->data = data; 1228 reply->length = len; 1229 } else { 1230 memset(reply, 0, sizeof(*reply)); 1231 *userp = NULL; 1232 } 1233 1234 sshbuf_free(m); 1235 return (success); 1236 } 1237 #endif 1238 1239 /* 1240 * Inform channels layer of permitopen options for a single forwarding 1241 * direction (local/remote). 1242 */ 1243 static void 1244 server_process_permitopen_list(struct ssh *ssh, int listen, 1245 char **opens, u_int num_opens) 1246 { 1247 u_int i; 1248 int port; 1249 char *host, *arg, *oarg; 1250 int where = listen ? FORWARD_REMOTE : FORWARD_LOCAL; 1251 const char *what = listen ? "permitlisten" : "permitopen"; 1252 1253 channel_clear_permission(ssh, FORWARD_ADM, where); 1254 if (num_opens == 0) 1255 return; /* permit any */ 1256 1257 /* handle keywords: "any" / "none" */ 1258 if (num_opens == 1 && strcmp(opens[0], "any") == 0) 1259 return; 1260 if (num_opens == 1 && strcmp(opens[0], "none") == 0) { 1261 channel_disable_admin(ssh, where); 1262 return; 1263 } 1264 /* Otherwise treat it as a list of permitted host:port */ 1265 for (i = 0; i < num_opens; i++) { 1266 oarg = arg = xstrdup(opens[i]); 1267 host = hpdelim(&arg); 1268 if (host == NULL) 1269 fatal_f("missing host in %s", what); 1270 host = cleanhostname(host); 1271 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1272 fatal_f("bad port number in %s", what); 1273 /* Send it to channels layer */ 1274 channel_add_permission(ssh, FORWARD_ADM, 1275 where, host, port); 1276 free(oarg); 1277 } 1278 } 1279 1280 /* 1281 * Inform channels layer of permitopen options from configuration. 1282 */ 1283 void 1284 server_process_permitopen(struct ssh *ssh) 1285 { 1286 server_process_permitopen_list(ssh, 0, 1287 options.permitted_opens, options.num_permitted_opens); 1288 server_process_permitopen_list(ssh, 1, 1289 options.permitted_listens, options.num_permitted_listens); 1290 } 1291 1292 void 1293 server_process_channel_timeouts(struct ssh *ssh) 1294 { 1295 u_int i; 1296 int secs; 1297 char *type; 1298 1299 debug3_f("setting %u timeouts", options.num_channel_timeouts); 1300 channel_clear_timeouts(ssh); 1301 for (i = 0; i < options.num_channel_timeouts; i++) { 1302 if (parse_pattern_interval(options.channel_timeouts[i], 1303 &type, &secs) != 0) { 1304 fatal_f("internal error: bad timeout %s", 1305 options.channel_timeouts[i]); 1306 } 1307 channel_add_timeout(ssh, type, secs); 1308 free(type); 1309 } 1310 } 1311 1312 struct connection_info * 1313 server_get_connection_info(struct ssh *ssh, int populate, int use_dns) 1314 { 1315 static struct connection_info ci; 1316 1317 if (ssh == NULL || !populate) 1318 return &ci; 1319 ci.host = use_dns ? ssh_remote_hostname(ssh) : ssh_remote_ipaddr(ssh); 1320 ci.address = ssh_remote_ipaddr(ssh); 1321 ci.laddress = ssh_local_ipaddr(ssh); 1322 ci.lport = ssh_local_port(ssh); 1323 ci.rdomain = ssh_packet_rdomain_in(ssh); 1324 return &ci; 1325 } 1326 1327
Indexes created Sat Jun 13 00:24:39 UTC 2026