diff options
author | Damien Miller <djm@mindrot.org> | 2002-03-13 13:21:54 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2002-03-13 13:21:54 +1100 |
commit | f831f761250f28ff5537f7bd66c2f6816d67503d (patch) | |
tree | c302b7c849777941a123681ee91ac92601cf8057 | |
parent | 3a5b0233306a3db3a5db5b9ddc187c55e9b251f4 (diff) |
revert more of my stupidity
-rw-r--r-- | monitor.c | 656 | ||||
-rw-r--r-- | monitor.h | 57 | ||||
-rw-r--r-- | monitor_fdpass.c | 89 | ||||
-rw-r--r-- | monitor_fdpass.h | 32 | ||||
-rw-r--r-- | monitor_mm.c | 329 | ||||
-rw-r--r-- | monitor_mm.h | 64 | ||||
-rw-r--r-- | monitor_wrap.c | 538 |
7 files changed, 0 insertions, 1765 deletions
diff --git a/monitor.c b/monitor.c deleted file mode 100644 index b8579027..00000000 --- a/monitor.c +++ /dev/null @@ -1,656 +0,0 @@ -/* - * Copyright 2001 Niels Provos <provos@citi.umich.edu> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD$"); - -#include <openssl/dh.h> - -#include "ssh.h" -#include "auth.h" -#include "kex.h" -#include "dh.h" -#include "zlib.h" -#include "packet.h" -#include "auth-options.h" -#include "sshpty.h" -#include "channels.h" -#include "session.h" -#include "log.h" -#include "monitor.h" -#include "monitor_mm.h" -#include "monitor_wrap.h" -#include "monitor_fdpass.h" -#include "xmalloc.h" -#include "misc.h" -#include "buffer.h" -#include "bufaux.h" - -/* Imports */ -extern Newkeys *current_keys[]; -extern z_stream incoming_stream; -extern z_stream outgoing_stream; -extern int compat20; -extern int mm_sendfd; - -/* State exported from the child */ - -struct { - z_stream incoming; - z_stream outgoing; - u_char *keyin; - u_int keyinlen; - u_char *keyout; - u_int keyoutlen; -} child_state; - -/* Prototype for authentication functions */ - -int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); -int user_key_allowed(struct passwd *, Key *); -Key *get_hostkey_by_index(int); - -void session_pty_cleanup(void *); - -static Authctxt *authctxt; - -struct mon_table { - enum monitor_reqtype type; - int flags; - int (*f)(int, Buffer *); -}; - -#define MON_PROTOONE 0x0001 /* Used in protocol 1 */ -#define MON_PROTOTWO 0x0002 /* Used in protocol 2 */ -#define MON_AUTH 0x0004 /* Authentication Request */ - -#define MON_BOTH (MON_PROTOONE|MON_PROTOTWO) - -#define MON_PERMIT 0x1000 /* Request is permitted */ - -struct mon_table mon_dispatch_proto20[] = { - {MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli}, - {MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign}, - {MONITOR_REQ_PWNAM, MON_BOTH, mm_answer_pwnamallow}, - {MONITOR_REQ_AUTHSERV, MON_BOTH, mm_answer_authserv}, - {MONITOR_REQ_AUTHPASSWORD, MON_BOTH | MON_AUTH, mm_answer_authpassword}, - {MONITOR_REQ_KEYALLOWED, MON_BOTH | MON_AUTH, mm_answer_keyallowed}, - {MONITOR_REQ_KEYVERIFY, MON_BOTH | MON_AUTH, mm_answer_keyverify}, - {0, 0, NULL} -}; - -struct mon_table mon_dispatch_postauth20[] = { - {MONITOR_REQ_MODULI, MON_PROTOTWO, mm_answer_moduli}, - {MONITOR_REQ_SIGN, MON_PROTOTWO, mm_answer_sign}, - {MONITOR_REQ_PTY, MON_BOTH, mm_answer_pty}, - {MONITOR_REQ_TERM, MON_BOTH, mm_answer_term}, - {0, 0, NULL} -}; - -struct mon_table mon_dispatch_proto15[] = { - {0, 0, NULL} -}; - -struct mon_table *mon_dispatch; - -/* Specifies if a certain message is allowed at the moment */ - -void -monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit) -{ - while (ent->f != NULL) { - if (ent->type == type) { - ent->flags &= ~MON_PERMIT; - ent->flags |= permit ? MON_PERMIT : 0; - return; - } - ent++; - } -} - -void -monitor_permit_authentications(int permit) -{ - struct mon_table *ent = mon_dispatch; - - while (ent->f != NULL) { - if (ent->flags & MON_AUTH) { - ent->flags &= ~MON_PERMIT; - ent->flags |= permit ? MON_PERMIT : 0; - } - ent++; - } -} - -#define FD_CLOSEONEXEC(x) do { \ - if (fcntl(x, F_SETFD, 1) == -1) \ - fatal("fcntl(%d, F_SETFD)", x); \ -} while (0) - -void -monitor_socketpair(int *pair) -{ - if (socketpair(PF_LOCAL, SOCK_STREAM, 0, pair) == -1) - fatal("%s: socketpair", __FUNCTION__); - FD_CLOSEONEXEC(pair[0]); - FD_CLOSEONEXEC(pair[1]); -} - -Authctxt * -monitor_child_preauth(int socket) -{ - debug3("preauth child monitor started"); - - if (compat20) { - mon_dispatch = mon_dispatch_proto20; - - /* Permit requests for moduli and signatures */ - monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); - monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); - } else - mon_dispatch = mon_dispatch_proto15; - - authctxt = authctxt_new(); - - /* The first few requests do not require asynchronous access */ - for (;;) { - if (monitor_read(socket, mon_dispatch)) - break; - } - - debug("%s: %s has been authenticated by privileged process", - __FUNCTION__, authctxt->user); - - if (compat20) { - mm_get_keystate(socket); - } else { - fatal("Use loose"); - } - - return (authctxt); -} - -void -monitor_child_postauth(int socket) -{ - if (compat20) { - mon_dispatch = mon_dispatch_postauth20; - - /* Permit requests for moduli and signatures */ - monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); - monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); - monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); - - if (!no_pty_flag) - monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); - } else - mon_dispatch = mon_dispatch_proto15; - - for (;;) { - if (monitor_read(socket, mon_dispatch)) - break; - } -} - -int -monitor_read(int socket, struct mon_table *ent) -{ - Buffer m; - int ret; - u_char type; - - buffer_init(&m); - - mm_request_receive(socket, &m); - type = buffer_get_char(&m); - - debug3("%s: checking request %d", __FUNCTION__, type); - - while (ent->f != NULL) { - if (ent->type == type) - break; - ent++; - } - - if (ent->f != NULL) { - if (!(ent->flags & MON_PERMIT)) - fatal("%s: unpermitted request %d", __FUNCTION__, - type); - ret = (*ent->f)(socket, &m); - buffer_free(&m); - return ret; - } - - fatal("%s: unsupported request: %d\n", __FUNCTION__, type); - - /* NOTREACHED */ - return (-1); -} - -int -mm_answer_moduli(int socket, Buffer *m) -{ - DH *dh; - int min, want, max; - - /* Turn off requests for moduli */ - monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 0); - - min = buffer_get_int(m); - want = buffer_get_int(m); - max = buffer_get_int(m); - - debug3("%s: got parameters: %d %d %d", - __FUNCTION__, min, want, max); - /* We need to check here, too, in case the child got corrupted */ - if (max < min || want < min || max < want) - fatal("%s: bad parameters: %d %d %d", - __FUNCTION__, min, want, max); - - buffer_clear(m); - - dh = choose_dh(min, want, max); - if (dh == NULL) { - buffer_put_char(m, 0); - return (0); - } else { - /* Send first bignum */ - buffer_put_char(m, 1); - buffer_put_bignum2(m, dh->p); - buffer_put_bignum2(m, dh->g); - - DH_free(dh); - } - mm_request_send(socket, MONITOR_ANS_MODULI, m); - return (0); -} - -int -mm_answer_sign(int socket, Buffer *m) -{ - Key *key; - u_char *p; - u_char *signature; - u_int siglen, datlen; - int keyid; - - debug3("%s", __FUNCTION__); - - keyid = buffer_get_int(m); - p = buffer_get_string(m, &datlen); - - if ((key = get_hostkey_by_index(keyid)) == NULL) - fatal("%s: no hostkey from index %d", __FUNCTION__, keyid); - if (key_sign(key, &signature, &siglen, p, datlen) < 0) - fatal("%s: key_sign failed", __FUNCTION__); - - debug3("%s: signature %p(%d)", __FUNCTION__, signature, siglen); - - buffer_clear(m); - buffer_put_string(m, signature, siglen); - - xfree(p); - xfree(signature); - - /* Turn on permissions for getpwnam */ - monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); - - mm_request_send(socket, MONITOR_ANS_SIGN, m); - return (0); -} - -/* Retrieves the password entry and also checks if the user is permitted */ - -int -mm_answer_pwnamallow(int socket, Buffer *m) -{ - char *login; - struct passwd *pwent; - int allowed; - - debug3("%s", __FUNCTION__); - - if (authctxt->attempt++ != 0) - fatal("%s: multiple attempts for getpwnam", __FUNCTION__); - - login = buffer_get_string(m, NULL); - - /* XXX - probably latch the username here */ - pwent = getpwnam(login); - authctxt->user = xstrdup(login); - setproctitle("%s [priv]", pwent ? login : "unknown"); - xfree(login); - - /* Allow service/style information on the auth context */ - monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); - - buffer_clear(m); - - if (pwent == NULL) { - buffer_put_char(m, 0); - mm_request_send(socket, MONITOR_ANS_PWNAM, m); - return (0); - } - - /* Check if we permit this user */ - allowed = allowed_user(pwent); - - if (allowed) { - authctxt->pw = pwcopy(pwent); - authctxt->valid = 1; - } - buffer_put_char(m, allowed); - buffer_put_string(m, pwent, sizeof(struct passwd)); - buffer_put_cstring(m, pwent->pw_name); - buffer_put_cstring(m, "*"); - buffer_put_cstring(m, pwent->pw_gecos); - buffer_put_cstring(m, pwent->pw_class); - buffer_put_cstring(m, pwent->pw_dir); - buffer_put_cstring(m, pwent->pw_shell); - - debug3("%s: sending MONITOR_ANS_PWNAM: %d", __FUNCTION__, allowed); - mm_request_send(socket, MONITOR_ANS_PWNAM, m); - - return (0); -} - -int -mm_answer_authserv(int socket, Buffer *m) -{ - /* Disallow service/style information on the auth context */ - monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 0); - - monitor_permit_authentications(1); - - authctxt->service = buffer_get_string(m, NULL); - authctxt->style = buffer_get_string(m, NULL); - if (strlen(authctxt->style) == 0) { - xfree(authctxt->style); - authctxt->style = NULL; - } - - debug3("%s: service=%s, style=%s", - __FUNCTION__, authctxt->service, authctxt->style); - - return (0); -} - -int -mm_answer_authpassword(int socket, Buffer *m) -{ - char *passwd; - int authenticated; - - passwd = buffer_get_string(m, NULL); - /* Only authenticate if the context is valid */ - authenticated = authctxt->valid && auth_password(authctxt, passwd); - memset(passwd, 0, strlen(passwd)); - xfree(passwd); - - buffer_clear(m); - buffer_put_int(m, authenticated); - - debug3("%s: sending result %d", __FUNCTION__, authenticated); - mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m); - - /* Causes monitor loop to terminate if authenticated */ - return (authenticated); -} - -int -mm_answer_keyallowed(int socket, Buffer *m) -{ - Key *key; - u_char *cuser, *chost, *blob; - u_int bloblen; - enum mm_keytype type = 0; - int allowed = 0; - - debug3("%s entering", __FUNCTION__); - - type = buffer_get_int(m); - cuser = buffer_get_string(m, NULL); - chost = buffer_get_string(m, NULL); - blob = buffer_get_string(m, &bloblen); - - key = key_from_blob(blob, bloblen); - - debug3("%s: key_from_blob: %p", __FUNCTION__, key); - - if (key != NULL && authctxt->pw != NULL) { - switch(type) { - case MM_USERKEY: - allowed = user_key_allowed(authctxt->pw, key); - break; - case MM_HOSTKEY: - allowed = hostbased_key_allowed(authctxt->pw, - cuser, chost, key); - break; - default: - fatal("%s: unknown key type %d", __FUNCTION__, - type); - break; - } - key_free(key); - } - xfree(chost); - xfree(cuser); - xfree(blob); - - debug3("%s: key %p is %s", - __FUNCTION__, key, allowed ? "allowed" : "disallowed"); - - buffer_clear(m); - buffer_put_int(m, allowed); - - mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m); - return (0); -} - -int -mm_answer_keyverify(int socket, Buffer *m) -{ - Key *key; - u_char *signature, *data, *cuser, *chost, *blob; - u_int signaturelen, datalen, bloblen; - int type; - int verified = 0; - - type = buffer_get_int(m); - cuser = buffer_get_string(m, NULL); - chost = buffer_get_string(m, NULL); - blob = buffer_get_string(m, &bloblen); - signature = buffer_get_string(m, &signaturelen); - data = buffer_get_string(m, &datalen); - - key = key_from_blob(blob, bloblen); - if (key == NULL) - fatal("%s: bad public key blob", __FUNCTION__); - - if (authctxt->pw == NULL || !user_key_allowed(authctxt->pw, key)) - fatal("%s: user not allowed", __FUNCTION__); - verified = key_verify(key, signature, signaturelen, data, datalen); - debug3("%s: key %p signature %s", - __FUNCTION__, key, verified ? "verified" : "unverified"); - - key_free(key); - xfree(chost); - xfree(cuser); - xfree(blob); - xfree(signature); - xfree(data); - - buffer_clear(m); - buffer_put_int(m, verified); - mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); - - return (verified); -} - -int -mm_answer_pty(int socket, Buffer *m) -{ - Session *s; - int res; - - debug3("%s entering", __FUNCTION__); - - buffer_clear(m); - s = session_new(); - if (s == NULL) - goto error; - s->authctxt = authctxt; - s->pw = authctxt->pw; - res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); - if (res == 0) - goto error; - fatal_add_cleanup(session_pty_cleanup, (void *)s); - pty_setowner(authctxt->pw, s->tty); - - buffer_put_int(m, 1); - buffer_put_cstring(m, s->tty); - mm_request_send(socket, MONITOR_ANS_PTY, m); - - mm_send_fd(mm_sendfd, s->ptyfd); - mm_send_fd(mm_sendfd, s->ttyfd); - return (0); - - error: - if (s != NULL) - session_close(s); - buffer_put_int(m, 0); - mm_request_send(socket, MONITOR_ANS_PTY, m); - return (0); -} - -int -mm_answer_term(int socket, Buffer *req) -{ - debug3("%s: tearing down sessions", __FUNCTION__); - - /* The child is terminating */ - session_destroy_all(); - - return (1); -} - -void -mm_apply_keystate(struct mm_master *mm) -{ - /* XXX - delegate to child? */ - set_newkeys(MODE_IN); - set_newkeys(MODE_OUT); - - packet_set_keycontext(MODE_OUT, child_state.keyout); - xfree(child_state.keyout); - packet_set_keycontext(MODE_IN, child_state.keyin); - xfree(child_state.keyin); - - memcpy(&incoming_stream, &child_state.incoming, - sizeof(incoming_stream)); - memcpy(&outgoing_stream, &child_state.outgoing, - sizeof(outgoing_stream)); - - /* Update with new address */ - mm_init_compression(mm); -} - -/* This function requries careful sanity checking */ - -void -mm_get_keystate(int socket) -{ - Buffer m; - u_char *blob, *p; - u_int bloblen, plen; - - debug3("%s: Waiting for new keys", __FUNCTION__); - - buffer_init(&m); - mm_request_receive_expect(socket, MONITOR_REQ_KEYEXPORT, &m); - - blob = buffer_get_string(&m, &bloblen); - current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); - xfree(blob); - - debug3("%s: Waiting for second key", __FUNCTION__); - blob = buffer_get_string(&m, &bloblen); - current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen); - xfree(blob); - - /* Now get sequence numbers for the packets */ - packet_set_seqnr(MODE_OUT, buffer_get_int(&m)); - packet_set_seqnr(MODE_IN, buffer_get_int(&m)); - - /* Get the key context */ - child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen); - child_state.keyin = buffer_get_string(&m, &child_state.keyinlen); - - debug3("%s: Getting compression state", __FUNCTION__); - /* Get compression state */ - p = buffer_get_string(&m, &plen); - if (plen != sizeof(child_state.outgoing)) - fatal("%s: bad request size", __FUNCTION__); - memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); - xfree(p); - - p = buffer_get_string(&m, &plen); - if (plen != sizeof(child_state.incoming)) - fatal("%s: bad request size", __FUNCTION__); - memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); - xfree(p); - - buffer_free(&m); -} - - -/* Allocation functions for zlib */ -void * -mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) -{ - void *address; - - address = mm_malloc(mm, size * ncount); - - return (address); -} - -void -mm_zfree(struct mm_master *mm, void *address) -{ - mm_free(mm, address); -} - -void -mm_init_compression(struct mm_master *mm) -{ - outgoing_stream.zalloc = (alloc_func)mm_zalloc; - outgoing_stream.zfree = (free_func)mm_zfree; - outgoing_stream.opaque = mm; - - incoming_stream.zalloc = (alloc_func)mm_zalloc; - incoming_stream.zfree = (free_func)mm_zfree; - incoming_stream.opaque = mm; -} diff --git a/monitor.h b/monitor.h deleted file mode 100644 index 7568603f..00000000 --- a/monitor.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright 2002 Niels Provos <provos@citi.umich.edu> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _MONITOR_H_ -#define _MONITOR_H_ - -enum monitor_reqtype { - MONITOR_REQ_MODULI, MONITOR_ANS_MODULI, - MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV, - MONITOR_REQ_SIGN, MONITOR_ANS_SIGN, - MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM, - MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD, - MONITOR_REQ_KEYALLOWED, MONITOR_ANS_KEYALLOWED, - MONITOR_REQ_KEYVERIFY, MONITOR_ANS_KEYVERIFY, - MONITOR_REQ_KEYEXPORT, - MONITOR_REQ_PTY, MONITOR_ANS_PTY, - MONITOR_REQ_TERM -}; - -struct monitor_req { - enum monitor_reqtype type; - void *address; - size_t size; -}; - -void monitor_socketpair(int *pair); - -struct Authctxt; -struct Authctxt *monitor_child_preauth(int); -void monitor_child_postauth(int); - -struct mon_table; -int monitor_read(int, struct mon_table *); - -#endif /* _MONITOR_H_ */ diff --git a/monitor_fdpass.c b/monitor_fdpass.c deleted file mode 100644 index 46087ae6..00000000 --- a/monitor_fdpass.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright 2001 Niels Provos <provos@citi.umich.edu> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD$"); - -#include <sys/uio.h> - -#include "ssh.h" -#include "log.h" -#include "xmalloc.h" -#include "misc.h" -#include "monitor_fdpass.h" - -void -mm_send_fd(int socket, int fd) -{ - struct msghdr msg; - char tmp[CMSG_SPACE(sizeof(int))]; - struct cmsghdr *cmsg; - struct iovec vec; - char ch; - - memset(&msg, 0, sizeof(msg)); - msg.msg_control = (caddr_t)tmp; - msg.msg_controllen = CMSG_LEN(sizeof(int)); - cmsg = CMSG_FIRSTHDR(&msg); - cmsg->cmsg_len = CMSG_LEN(sizeof(int)); - cmsg->cmsg_level = SOL_SOCKET; - cmsg->cmsg_type = SCM_RIGHTS; - *(int *)CMSG_DATA(cmsg) = fd; - - vec.iov_base = &ch; - vec.iov_len = 1; - msg.msg_iov = &vec; - msg.msg_iovlen = 1; - - if (sendmsg(socket, &msg, 0) == -1) - fatal("%s: sendmsg(%d)", __FUNCTION__, fd); -} - -int -mm_receive_fd(int socket) -{ - struct msghdr msg; - char tmp[CMSG_SPACE(sizeof(int))]; - struct cmsghdr *cmsg; - struct iovec vec; - char ch; - - memset(&msg, 0, sizeof(msg)); - vec.iov_base = &ch; - vec.iov_len = 1; - msg.msg_iov = &vec; - msg.msg_iovlen = 1; - msg.msg_control = tmp; - msg.msg_controllen = sizeof(tmp); - - if (recvmsg(socket, &msg, 0) == -1) - fatal("%s: recvmsg", __FUNCTION__); - - cmsg = CMSG_FIRSTHDR(&msg); - if (cmsg->cmsg_type != SCM_RIGHTS) - fatal("%s: expected type %d got %d", __FUNCTION__, - SCM_RIGHTS, cmsg->cmsg_type); - return (*(int *)CMSG_DATA(cmsg)); -} diff --git a/monitor_fdpass.h b/monitor_fdpass.h deleted file mode 100644 index cb6b71c9..00000000 --- a/monitor_fdpass.h +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright 2002 Niels Provos <provos@citi.umich.edu> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _MM_FDPASS_H_ -#define _MM_FDPASS_H_ - -void mm_send_fd(int, int); -int mm_receive_fd(int); - -#endif /* _MM_FDPASS_H_ */ diff --git a/monitor_mm.c b/monitor_mm.c deleted file mode 100644 index 111c97d9..00000000 --- a/monitor_mm.c +++ /dev/null @@ -1,329 +0,0 @@ -/* - * Copyright 2001 Niels Provos <provos@citi.umich.edu> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD$"); - -#include <sys/mman.h> - -#include "ssh.h" -#include "xmalloc.h" -#include "log.h" -#include "monitor_mm.h" - -static int -mm_compare(struct mm_share *a, struct mm_share *b) -{ - return (a->address - b->address); -} - -RB_GENERATE(mmtree, mm_share, next, mm_compare); - -static struct mm_share * -mm_make_entry(struct mm_master *mm, struct mmtree *head, - void *address, size_t size) -{ - struct mm_share *tmp, *tmp2; - - if (mm->mmalloc == NULL) - tmp = xmalloc(sizeof(struct mm_share)); - else - tmp = mm_xmalloc(mm->mmalloc, sizeof(struct mm_share)); - tmp->address = address; - tmp->size = size; - - tmp2 = RB_INSERT(mmtree, head, tmp); - if (tmp2 != NULL) - fatal("mm_make_entry(%p): double address %p->%p(%d)", - mm, tmp2, address, size); - - return (tmp); -} - -/* Creates a shared memory area of a certain size */ - -struct mm_master * -mm_create(struct mm_master *mmalloc, size_t size) -{ - void *address; - struct mm_master *mm; - - if (mmalloc == NULL) - mm = xmalloc(sizeof(struct mm_master)); - else - mm = mm_xmalloc(mmalloc, sizeof(struct mm_master)); - - /* - * If the memory map has a mm_master it can be completely - * shared including authentication between the child - * and the client. - */ - mm->mmalloc = mmalloc; - - address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, - -1, 0); - if (address == MAP_FAILED) - fatal("mmap(%d)", size); - - mm->address = address; - mm->size = size; - - RB_INIT(&mm->rb_free); - RB_INIT(&mm->rb_allocated); - - mm_make_entry(mm, &mm->rb_free, address, size); - - return (mm); -} - -/* Frees either the allocated or the free list */ - -void -mm_freelist(struct mm_master *mmalloc, struct mmtree *head) -{ - struct mm_share *mms, *next; - - for (mms = RB_ROOT(head); mms; mms = next) { - next = RB_NEXT(mmtree, head, mms); - RB_REMOVE(mmtree, head, mms); - if (mmalloc == NULL) - xfree(mms); - else - mm_free(mmalloc, mms); - } -} - -/* Destroys a memory mapped area */ - -void -mm_destroy(struct mm_master *mm) -{ - mm_freelist(mm->mmalloc, &mm->rb_free); - mm_freelist(mm->mmalloc, &mm->rb_allocated); - - if (munmap(mm->address, mm->size) == -1) - fatal("munmap(%p, %d)", mm->address, mm->size); - if (mm->mmalloc == NULL) - xfree(mm); - else - mm_free(mm->mmalloc, mm); -} - -void * -mm_xmalloc(struct mm_master *mm, size_t size) -{ - void *address; - - address = mm_malloc(mm, size); - if (address == NULL) - fatal("%s: mm_malloc(%d)", __FUNCTION__, size); - return (address); -} - - -/* Allocates data from a memory mapped area */ - -void * -mm_malloc(struct mm_master *mm, size_t size) -{ - struct mm_share *mms, *tmp; - - if (size == 0) - fatal("mm_malloc: try to allocate 0 space"); - - size = ((size + MM_MINSIZE - 1) / MM_MINSIZE) * MM_MINSIZE; - - RB_FOREACH(mms, mmtree, &mm->rb_free) { - if (mms->size >= size) - break; - } - - if (mms == NULL) - return (NULL); - - /* Debug */ - memset(mms->address, 0xd0, size); - - tmp = mm_make_entry(mm, &mm->rb_allocated, mms->address, size); - - /* Does not change order in RB tree */ - mms->size -= size; - mms->address = (u_char *)mms->address + size; - - if (mms->size == 0) { - RB_REMOVE(mmtree, &mm->rb_free, mms); - if (mm->mmalloc == NULL) - xfree(mms); - else - mm_free(mm->mmalloc, mms); - } - - return (tmp->address); -} - -/* Frees memory in a memory mapped area */ - -void -mm_free(struct mm_master *mm, void *address) -{ - struct mm_share *mms, *prev, tmp; - - tmp.address = address; - mms = RB_FIND(mmtree, &mm->rb_allocated, &tmp); - if (mms == NULL) - fatal("mm_free(%p): can not find %p", mm, address); - - /* Debug */ - memset(mms->address, 0xd0, mms->size); - - /* Remove from allocated list and insert in free list */ - RB_REMOVE(mmtree, &mm->rb_allocated, mms); - if (RB_INSERT(mmtree, &mm->rb_free, mms) != NULL) - fatal("mm_free(%p): double address %p", mm, address); - - /* Find previous entry */ - prev = mms; - if (RB_LEFT(prev, next)) { - prev = RB_LEFT(prev, next); - while (RB_RIGHT(prev, next)) - prev = RB_RIGHT(prev, next); - } else { - if (RB_PARENT(prev, next) && - (prev == RB_RIGHT(RB_PARENT(prev, next), next))) - prev = RB_PARENT(prev, next); - else { - while (RB_PARENT(prev, next) && - (prev == RB_LEFT(RB_PARENT(prev, next), next))) - prev = RB_PARENT(prev, next); - prev = RB_PARENT(prev, next); - } - } - - /* Check if range does not overlap */ - if (prev != NULL && MM_ADDRESS_END(prev) > address) - fatal("mm_free: memory corruption: %p(%d) > %p", - prev->address, prev->size, address); - - /* See if we can merge backwards */ - if (prev != NULL && MM_ADDRESS_END(prev) == address) { - prev->size += mms->size; - RB_REMOVE(mmtree, &mm->rb_free, mms); - if (mm->mmalloc == NULL) - xfree(mms); - else< |