diff options
Diffstat (limited to 'crypto/openssh/monitor_wrap.c')
| -rw-r--r-- | crypto/openssh/monitor_wrap.c | 59 |
1 files changed, 34 insertions, 25 deletions
diff --git a/crypto/openssh/monitor_wrap.c b/crypto/openssh/monitor_wrap.c index 1bff5e8..f98bdcc 100644 --- a/crypto/openssh/monitor_wrap.c +++ b/crypto/openssh/monitor_wrap.c @@ -1,3 +1,4 @@ +/* $OpenBSD: monitor_wrap.c,v 1.54 2006/08/12 20:46:46 miod Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -25,19 +26,32 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_wrap.c,v 1.40 2005/05/24 17:32:43 avsm Exp $"); -RCSID("$FreeBSD$"); +__RCSID("$FreeBSD$"); + +#include <sys/types.h> +#include <sys/uio.h> + +#include <errno.h> +#include <pwd.h> +#include <signal.h> +#include <stdarg.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> #include <openssl/bn.h> #include <openssl/dh.h> +#include "xmalloc.h" #include "ssh.h" #include "dh.h" +#include "buffer.h" +#include "key.h" +#include "cipher.h" #include "kex.h" +#include "hostfile.h" #include "auth.h" #include "auth-options.h" -#include "buffer.h" -#include "bufaux.h" #include "packet.h" #include "mac.h" #include "log.h" @@ -49,21 +63,18 @@ RCSID("$FreeBSD$"); #include "zlib.h" #endif #include "monitor.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" -#include "xmalloc.h" #include "atomicio.h" #include "monitor_fdpass.h" -#include "getput.h" +#include "misc.h" #include "servconf.h" -#include "auth.h" #include "channels.h" #include "session.h" -#ifdef GSSAPI -#include "ssh-gss.h" -#endif - /* Imports */ extern int compat20; extern Newkeys *newkeys[]; @@ -92,7 +103,7 @@ mm_request_send(int sock, enum monitor_reqtype type, Buffer *m) debug3("%s entering: type %d", __func__, type); - PUT_32BIT(buf, mlen + 1); + put_u32(buf, mlen + 1); buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf)) fatal("%s: write: %s", __func__, strerror(errno)); @@ -113,7 +124,7 @@ mm_request_receive(int sock, Buffer *m) cleanup_exit(255); fatal("%s: read: %s", __func__, strerror(errno)); } - msg_len = GET_32BIT(buf); + msg_len = get_u32(buf); if (msg_len > 256 * 1024) fatal("%s: read: bad msg_len %d", __func__, msg_len); buffer_clear(m); @@ -638,7 +649,7 @@ mm_send_keystate(struct monitor *monitor) } int -mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) +mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) { Buffer m; char *p, *msg; @@ -777,8 +788,11 @@ mm_sshpam_query(void *ctx, char **name, char **info, *name = buffer_get_string(&m, NULL); *info = buffer_get_string(&m, NULL); *num = buffer_get_int(&m); - *prompts = xmalloc((*num + 1) * sizeof(char *)); - *echo_on = xmalloc((*num + 1) * sizeof(u_int)); + if (*num > PAM_MAX_NUM_MSG) + fatal("%s: recieved %u PAM messages, expected <= %u", + __func__, *num, PAM_MAX_NUM_MSG); + *prompts = xcalloc((*num + 1), sizeof(char *)); + *echo_on = xcalloc((*num + 1), sizeof(u_int)); for (i = 0; i < *num; ++i) { (*prompts)[i] = buffer_get_string(&m, NULL); (*echo_on)[i] = buffer_get_int(&m); @@ -861,8 +875,8 @@ mm_chall_setup(char **name, char **infotxt, u_int *numprompts, *name = xstrdup(""); *infotxt = xstrdup(""); *numprompts = 1; - *prompts = xmalloc(*numprompts * sizeof(char *)); - *echo_on = xmalloc(*numprompts * sizeof(u_int)); + *prompts = xcalloc(*numprompts, sizeof(char *)); + *echo_on = xcalloc(*numprompts, sizeof(u_int)); (*echo_on)[0] = 0; } @@ -929,9 +943,8 @@ mm_skey_query(void *ctx, char **name, char **infotxt, u_int *numprompts, char ***prompts, u_int **echo_on) { Buffer m; - int len; u_int success; - char *p, *challenge; + char *challenge; debug3("%s: entering", __func__); @@ -955,11 +968,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt, mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); - len = strlen(challenge) + strlen(SKEY_PROMPT) + 1; - p = xmalloc(len); - strlcpy(p, challenge, len); - strlcat(p, SKEY_PROMPT, len); - (*prompts)[0] = p; + xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); xfree(challenge); return (0); |
