{

{

	/* not implemented */

	/* not implemented */

}

}

#endif /* BSM */

#endif /* BSM */

	PRIVSEP(audit_kex_body(ctos, enc, mac, comp, getpid(), getuid()));

	PRIVSEP(audit_kex_body(ctos, enc, mac, comp, getpid(), getuid()));

}

}

# ifndef CUSTOM_SSH_AUDIT_EVENTS

# ifndef CUSTOM_SSH_AUDIT_EVENTS

/*

/*

 * Null implementations of audit functions.

 * Null implementations of audit functions.

		(unsigned)geteuid(), ctos, enc, mac, compress, (long)pid,

		(unsigned)geteuid(), ctos, enc, mac, compress, (long)pid,

	        (unsigned)uid);

	        (unsigned)uid);

}

}

# endif  /* !defined CUSTOM_SSH_AUDIT_EVENTS */

# endif  /* !defined CUSTOM_SSH_AUDIT_EVENTS */

#endif /* SSH_AUDIT_EVENTS */

#endif /* SSH_AUDIT_EVENTS */

void	audit_kex(int, char *, char *, char *);

void	audit_kex(int, char *, char *, char *);

void	audit_unsupported_body(int);

void	audit_unsupported_body(int);

void	audit_kex_body(int, char *, char *, char *, pid_t, uid_t);

void	audit_kex_body(int, char *, char *, char *, pid_t, uid_t);

#endif /* _SSH_AUDIT_H */

#endif /* _SSH_AUDIT_H */

#endif

#endif

}

}

void

void

audit_kex_body(int ctos, char *enc, char *mac, char *compress, pid_t pid,

audit_kex_body(int ctos, char *enc, char *mac, char *compress, pid_t pid,

	       uid_t uid)

	       uid_t uid)

#ifdef AUDIT_CRYPTO_SESSION

#ifdef AUDIT_CRYPTO_SESSION

	char buf[AUDIT_LOG_SIZE];

	char buf[AUDIT_LOG_SIZE];

	int audit_fd, audit_ok;

	int audit_fd, audit_ok;

	Cipher *cipher = cipher_by_name(enc);

	Cipher *cipher = cipher_by_name(enc);

	snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",

	snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",

#endif

#endif

}

}

#endif /* USE_LINUX_AUDIT */

#endif /* USE_LINUX_AUDIT */

 * Red Hat author: Jan F. Chadima <jchadima@redhat.com>

 * Red Hat author: Jan F. Chadima <jchadima@redhat.com>

 */

 */

void

void

audit_unsupported(int n)

audit_unsupported(int n)

{

{

{

{

}

}

	fprintf(stderr, "\n");

	fprintf(stderr, "\n");

}

}

#endif

#endif

void	 kexecdh_client(Kex *);

void	 kexecdh_client(Kex *);

void	 kexecdh_server(Kex *);

void	 kexecdh_server(Kex *);

void

void

kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,

kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,

    BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);

    BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);

	mac->umac_ctx = NULL;

	mac->umac_ctx = NULL;

}

}

/* XXX copied from ciphers_valid */

/* XXX copied from ciphers_valid */

#define	MAC_SEP	","

#define	MAC_SEP	","

int

int

int	 mac_init(Mac *);

int	 mac_init(Mac *);

u_char	*mac_compute(Mac *, u_int32_t, u_char *, int);

u_char	*mac_compute(Mac *, u_int32_t, u_char *, int);

void	 mac_clear(Mac *);

void	 mac_clear(Mac *);

int mm_answer_audit_end_command(int, Buffer *);

int mm_answer_audit_end_command(int, Buffer *);

int mm_answer_audit_unsupported_body(int, Buffer *);

int mm_answer_audit_unsupported_body(int, Buffer *);

int mm_answer_audit_kex_body(int, Buffer *);

int mm_answer_audit_kex_body(int, Buffer *);

#endif

#endif

static Authctxt *authctxt;

static Authctxt *authctxt;

    {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},

    {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

#endif

#endif

#ifdef BSD_AUTH

#ifdef BSD_AUTH

    {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},

    {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},

    {MONITOR_REQ_AUDIT_END_COMMAND, MON_PERMIT, mm_answer_audit_end_command},

    {MONITOR_REQ_AUDIT_END_COMMAND, MON_PERMIT, mm_answer_audit_end_command},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

#endif

#endif

    {0, 0, NULL}

    {0, 0, NULL}

};

};

    {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},

    {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

#endif

#endif

    {0, 0, NULL}

    {0, 0, NULL}

};

};

    {MONITOR_REQ_AUDIT_END_COMMAND, MON_PERMIT, mm_answer_audit_end_command},

    {MONITOR_REQ_AUDIT_END_COMMAND, MON_PERMIT, mm_answer_audit_end_command},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

    {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},

#endif

#endif

    {0, 0, NULL}

    {0, 0, NULL}

};

};

	blob = buffer_get_string(&m, &bloblen);

	blob = buffer_get_string(&m, &bloblen);

	current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);

	current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);

	xfree(blob);

	xfree(blob);

	debug3("%s: Waiting for second key", __func__);

	debug3("%s: Waiting for second key", __func__);

	blob = buffer_get_string(&m, &bloblen);

	blob = buffer_get_string(&m, &bloblen);

	current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);

	current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);

	xfree(blob);

	xfree(blob);

	/* Now get sequence numbers for the packets */

	/* Now get sequence numbers for the packets */

	}

	}

	buffer_free(&m);

	buffer_free(&m);

}

}

	return 0;

	return 0;

}

}

#endif /* SSH_AUDIT_EVENTS */

#endif /* SSH_AUDIT_EVENTS */

	MONITOR_REQ_JPAKE_CHECK_CONFIRM, MONITOR_ANS_JPAKE_CHECK_CONFIRM,

	MONITOR_REQ_JPAKE_CHECK_CONFIRM, MONITOR_ANS_JPAKE_CHECK_CONFIRM,

	MONITOR_REQ_AUDIT_UNSUPPORTED, MONITOR_ANS_AUDIT_UNSUPPORTED,

	MONITOR_REQ_AUDIT_UNSUPPORTED, MONITOR_ANS_AUDIT_UNSUPPORTED,

	MONITOR_REQ_AUDIT_KEX, MONITOR_ANS_AUDIT_KEX,

	MONITOR_REQ_AUDIT_KEX, MONITOR_ANS_AUDIT_KEX,

};

};

struct mm_master;

struct mm_master;

		fatal("%s: conversion of newkeys failed", __func__);

		fatal("%s: conversion of newkeys failed", __func__);

	buffer_put_string(&m, blob, bloblen);

	buffer_put_string(&m, blob, bloblen);

	xfree(blob);

	xfree(blob);

	if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))

	if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))

		fatal("%s: conversion of newkeys failed", __func__);

		fatal("%s: conversion of newkeys failed", __func__);

	buffer_put_string(&m, blob, bloblen);

	buffer_put_string(&m, blob, bloblen);

	xfree(blob);

	xfree(blob);

	packet_get_state(MODE_OUT, &seqnr, &blocks, &packets, &bytes);

	packet_get_state(MODE_OUT, &seqnr, &blocks, &packets, &bytes);

	buffer_free(&m);

	buffer_free(&m);

}

}

#endif /* SSH_AUDIT_EVENTS */

#endif /* SSH_AUDIT_EVENTS */

void mm_audit_end_command(int, const char *);

void mm_audit_end_command(int, const char *);

void mm_audit_unsupported_body(int);

void mm_audit_unsupported_body(int);

void mm_audit_kex_body(int, char *, char *, char *, pid_t, uid_t);

void mm_audit_kex_body(int, char *, char *, char *, pid_t, uid_t);

#endif

#endif

struct Session;

struct Session;

#include <signal.h>

#include <signal.h>

#include "xmalloc.h"

#include "xmalloc.h"

#include "buffer.h"

#include "buffer.h"

#include "packet.h"

#include "packet.h"

#include "crc32.h"

#include "crc32.h"

	return active_state->connection_out;

	return active_state->connection_out;

}

}

/* Closes the connection and clears and frees internal data structures. */

/* Closes the connection and clears and frees internal data structures. */

void

void

	if (!active_state->initialized)

	if (!active_state->initialized)

		return;

		return;

	active_state->initialized = 0;

	active_state->initialized = 0;

	buffer_free(&active_state->input);

	buffer_free(&active_state->input);

	buffer_free(&active_state->output);

	buffer_free(&active_state->output);

	buffer_free(&active_state->outgoing_packet);

	buffer_free(&active_state->outgoing_packet);

		buffer_free(&active_state->compression_buffer);

		buffer_free(&active_state->compression_buffer);

		buffer_compress_uninit();

		buffer_compress_uninit();

	}

	}

}

}

/* Sets remote side protocol flags. */

/* Sets remote side protocol flags. */

	 */

	 */

}

}

void

void

set_newkeys(int mode)

set_newkeys(int mode)

{

{

	}

	}

	if (active_state->newkeys[mode] != NULL) {

	if (active_state->newkeys[mode] != NULL) {

		debug("set_newkeys: rekeying");

		debug("set_newkeys: rekeying");

		cipher_cleanup(cc);

		cipher_cleanup(cc);

	}

	}

	active_state->newkeys[mode] = kex_get_newkeys(mode);

	active_state->newkeys[mode] = kex_get_newkeys(mode);

	if (active_state->newkeys[mode] == NULL)

	if (active_state->newkeys[mode] == NULL)

	return (void *)active_state->newkeys[mode];

	return (void *)active_state->newkeys[mode];

}

}

/*

/*

 * Save the state for the real connection, and use a separate state when

 * Save the state for the real connection, and use a separate state when

 * resuming a suspended connection.

 * resuming a suspended connection.

void

void

packet_backup_state(void)

packet_backup_state(void)

{

{

	close(active_state->connection_in);

	close(active_state->connection_in);

	active_state->connection_in = -1;

	active_state->connection_in = -1;

	close(active_state->connection_out);

	close(active_state->connection_out);

	active_state->connection_out = -1;

	active_state->connection_out = -1;

	backup_state = active_state;

	backup_state = active_state;

}

}

/*

/*

	backup_state = active_state;

	backup_state = active_state;

	active_state = tmp;

	active_state = tmp;

	active_state->connection_in = backup_state->connection_in;

	active_state->connection_in = backup_state->connection_in;

	active_state->connection_out = backup_state->connection_out;

	active_state->connection_out = backup_state->connection_out;

	len = buffer_len(&backup_state->input);

	len = buffer_len(&backup_state->input);

	if (len > 0) {

	if (len > 0) {

		buf = buffer_ptr(&backup_state->input);

		buf = buffer_ptr(&backup_state->input);

		buffer_clear(&backup_state->input);

		buffer_clear(&backup_state->input);

		add_recv_bytes(len);

		add_recv_bytes(len);

	}

	}

}

}

void	*packet_get_input(void);

void	*packet_get_input(void);

void	*packet_get_output(void);

void	*packet_get_output(void);

#endif				/* PACKET_H */

#endif				/* PACKET_H */

	/* remove hostkey from the child's memory */

	/* remove hostkey from the child's memory */

	destroy_sensitive_data();

	destroy_sensitive_data();

	/* Force a password change */

	/* Force a password change */

	if (s->authctxt->force_pwchange) {

	if (s->authctxt->force_pwchange) {

	return (0);

	return (0);

}

}

static void

static void

privsep_postauth(Authctxt *authctxt)

privsep_postauth(Authctxt *authctxt)

{

{

		verbose("User child is on pid %ld", (long)pmonitor->m_pid);

		verbose("User child is on pid %ld", (long)pmonitor->m_pid);

		close(pmonitor->m_recvfd);

		close(pmonitor->m_recvfd);

		buffer_clear(&loginmsg);

		buffer_clear(&loginmsg);

		monitor_child_postauth(pmonitor);

		monitor_child_postauth(pmonitor);

		/* NEVERREACHED */

		/* NEVERREACHED */

	 */

	 */

	if (use_privsep) {

	if (use_privsep) {

		mm_send_keystate(pmonitor);

		mm_send_keystate(pmonitor);

		exit(0);

		exit(0);

	}

	}

	do_authenticated(authctxt);

	do_authenticated(authctxt);

	/* The connection has been terminated. */

	/* The connection has been terminated. */

	packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes);

	packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes);

	packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes);

	packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes);

	verbose("Transferred: sent %llu, received %llu bytes",

	verbose("Transferred: sent %llu, received %llu bytes",

{

{

	if (the_authctxt)

	if (the_authctxt)

		do_cleanup(the_authctxt);

		do_cleanup(the_authctxt);

#ifdef SSH_AUDIT_EVENTS

#ifdef SSH_AUDIT_EVENTS

	/* done after do_cleanup so it can cancel the PAM auth 'thread' */

	/* done after do_cleanup so it can cancel the PAM auth 'thread' */

	if ((the_authctxt == NULL || !the_authctxt->authenticated) &&

	if ((the_authctxt == NULL || !the_authctxt->authenticated) &&