break;
default:
- debug("%s: unhandled event %d", __func__, event);
+ debug_f("unhandled event %d", event);
}
}
#endif /* BSM */
ssh_remote_ipaddr(ssh), "sshd", 0);
break;
default:
- debug("%s: unhandled event %d", __func__, event);
+ debug_f("unhandled event %d", event);
break;
}
}
while (waitpid(thread, &status, 0) == -1) {
if (errno == EINTR)
continue;
- fatal("%s: waitpid: %s", __func__, strerror(errno));
+ fatal_f("waitpid: %s", strerror(errno));
}
return (status);
}
if (sshpam_authctxt == NULL)
fatal("PAM: sshpam_authctxt not initialized");
if (setreuid(sshpam_authctxt->pw->pw_uid, -1) == -1)
- fatal("%s: setreuid failed: %s", __func__, strerror(errno));
+ fatal_f("setreuid failed: %s", strerror(errno));
result = pam_chauthtok(pamh, flags);
if (setreuid(0, -1) == -1)
- fatal("%s: setreuid failed: %s", __func__, strerror(errno));
+ fatal_f("setreuid failed: %s", strerror(errno));
return result;
}
# define pam_chauthtok(a,b) (sshpam_chauthtok_ruid((a), (b)))
extern struct sshauthopt *auth_opts;
static int saved_port, saved_agent, saved_x11;
- debug3("%s %d", __func__, reqd);
+ debug3_f("reqd=%d", reqd);
if (sshpam_authctxt == NULL)
- fatal("%s: PAM authctxt not initialized", __func__);
+ fatal_f("PAM authctxt not initialized");
sshpam_authctxt->force_pwchange = reqd;
if (reqd) {
saved_port = auth_opts->permit_port_forwarding_flag;
u_int n, i, num_env;
int r;
- debug3("PAM: %s entering", __func__);
+ debug3_f("entering");
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
/* Import variables set by do_pam_account */
if ((r = sshbuf_get_u32(b, &n)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
if (n > INT_MAX)
- fatal("%s: invalid PAM account status %u", __func__, n);
+ fatal_f("invalid PAM account status %u", n);
sshpam_account_status = (int)n;
if ((r = sshbuf_get_u32(b, &n)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
sshpam_password_change_required(n != 0);
/* Import environment from subprocess */
if ((r = sshbuf_get_u32(b, &num_env)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
if (num_env > 1024) {
fatal_f("received %u environment variables, expected <= 1024",
num_env);
debug3("PAM: num env strings %u", num_env);
for(i = 0; i < num_env; i++) {
if ((r = sshbuf_get_cstring(b, &(sshpam_env[i]), NULL)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
}
sshpam_env[num_env] = NULL;
/* Import PAM environment from subprocess */
if ((r = sshbuf_get_u32(b, &num_env)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
if (num_env > 1024) {
fatal_f("received %u PAM env variables, expected <= 1024",
num_env);
debug("PAM: num PAM env strings %u", num_env);
for (i = 0; i < num_env; i++) {
if ((r = sshbuf_get_cstring(b, &env, NULL)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
/* Errors are not fatal here */
if ((r = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) {
error("PAM: pam_putenv: %s",
int r, i;
u_char status;
- debug3("PAM: %s entering, %d messages", __func__, n);
+ debug3_f("PAM: entering, %d messages", n);
*resp = NULL;
if (data == NULL) {
if (authctxt == NULL || authctxt->pw == NULL ||
authctxt->pw->pw_name == NULL)
- fatal("%s: PAM authctxt user not initialized", __func__);
+ fatal_f("PAM authctxt user not initialized");
if ((sshpam_err = pam_get_item(sshpam_handle, PAM_USER,
(sshpam_const void **) &pam_user)) != PAM_SUCCESS)
sshpam_conv.appdata_ptr = ctxt;
if (sshpam_authctxt == NULL)
- fatal("%s: PAM authctxt not initialized", __func__);
+ fatal_f("PAM authctxt not initialized");
if ((buffer = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
(const void *)&sshpam_conv);
}
if ((r = sshbuf_put_cstring(buffer, "OK")) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
/* Export variables set by do_pam_account */
if ((r = sshbuf_put_u32(buffer, sshpam_account_status)) != 0 ||
(r = sshbuf_put_u32(buffer, sshpam_authctxt->force_pwchange)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
/* Export any environment strings set in child */
for (i = 0; environ[i] != NULL; i++) {
/* Count */
if (i > INT_MAX)
- fatal("%s: too many environment strings", __func__);
+ fatal_f("too many environment strings");
}
if ((r = sshbuf_put_u32(buffer, i)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
for (i = 0; environ[i] != NULL; i++) {
if ((r = sshbuf_put_cstring(buffer, environ[i])) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
}
/* Export any environment strings set by PAM in child */
env_from_pam = pam_getenvlist(sshpam_handle);
for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) {
/* Count */
if (i > INT_MAX)
- fatal("%s: too many PAM environment strings", __func__);
+ fatal_f("too many PAM environment strings");
}
if ((r = sshbuf_put_u32(buffer, i)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) {
if ((r = sshbuf_put_cstring(buffer, env_from_pam[i])) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
}
#endif /* UNSUPPORTED_POSIX_THREADS_HACK */
auth_fail:
if ((r = sshbuf_put_cstring(buffer,
pam_strerror(sshpam_handle, sshpam_err))) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
/* XXX - can't do much about an error here */
if (sshpam_err == PAM_ACCT_EXPIRED)
ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, buffer);
{
struct pam_ctxt *ctxt = cleanup_ctxt;
- debug3("PAM: %s entering", __func__);
+ debug3_f("entering");
if (ctxt != NULL && ctxt->pam_thread != 0) {
pthread_cancel(ctxt->pam_thread);
pthread_join(ctxt->pam_thread, NULL);
sshpam_null_conv(int n, sshpam_const struct pam_message **msg,
struct pam_response **resp, void *data)
{
- debug3("PAM: %s entering, %d messages", __func__, n);
+ debug3_f("PAM: entering, %d messages", n);
return (PAM_CONV_ERR);
}
struct pam_response *reply;
int r, i;
- debug3("PAM: %s called with %d messages", __func__, n);
+ debug3_f("PAM: called with %d messages", n);
*resp = NULL;
if (n <= 0 || n > PAM_MAX_NUM_MSG)
auth_info = xstrdup("");
else if ((auth_info = sshbuf_dup_string(
sshpam_authctxt->session_info)) == NULL)
- fatal("%s: sshbuf_dup_string failed", __func__);
+ fatal_f("sshbuf_dup_string failed");
debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
struct pam_ctxt *ctxt;
int result, socks[2];
- debug3("PAM: %s entering", __func__);
+ debug3_f("entering");
/*
* Refuse to start if we don't have PAM enabled or do_pam_account
* has previously failed.
size_t len, mlen, nmesg = 0;
int r;
- debug3("PAM: %s entering", __func__);
+ debug3_f("entering");
if ((buffer = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
*name = xstrdup("");
*info = xstrdup("");
*prompts = xmalloc(sizeof(char *));
fatal_f("too many query messages");
if ((r = sshbuf_get_u8(buffer, &type)) != 0 ||
(r = sshbuf_get_cstring(buffer, &msg, &mlen)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
switch (type) {
case PAM_PROMPT_ECHO_ON:
case PAM_PROMPT_ECHO_OFF:
size_t i, l = wire_password != NULL ? strlen(wire_password) : 0;
if (l >= INT_MAX)
- fatal("%s: password length too long: %zu", __func__, l);
+ fatal_f("password length too long: %zu", l);
ret = malloc(l + 1);
if (ret == NULL)
char *fake;
int r;
- debug2("PAM: %s entering, %u responses", __func__, num);
+ debug2_f("PAM: entering, %u responses", num);
switch (ctxt->pam_done) {
case 1:
sshpam_authenticated = 1;
return (-1);
}
if ((buffer = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
if (sshpam_authctxt->valid &&
(sshpam_authctxt->pw->pw_uid != 0 ||
options.permit_root_login == PERMIT_YES)) {
if ((r = sshbuf_put_cstring(buffer, *resp)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
} else {
fake = fake_password(*resp);
if ((r = sshbuf_put_cstring(buffer, fake)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
free(fake);
}
if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) {
{
struct pam_ctxt *ctxt = ctxtp;
- debug3("PAM: %s entering", __func__);
+ debug3_f("entering");
sshpam_thread_cleanup();
free(ctxt);
/*
u_int
do_pam_account(void)
{
- debug("%s: called", __func__);
+ debug_f("called");
if (sshpam_account_status != -1)
return (sshpam_account_status);
struct pam_response *reply;
int i;
- debug3("PAM: %s called with %d messages", __func__, n);
+ debug3_f("PAM: called with %d messages", n);
*resp = NULL;
int r, i;
size_t len;
- debug3("PAM: %s called with %d messages", __func__, n);
+ debug3_f("PAM: called with %d messages", n);
*resp = NULL;
if ((r = sshbuf_putf(loginmsg,
"Your account will expire in %lld day%s.\n", daysleft,
daysleft == 1 ? "" : "s")) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
}
return 0;
if ((r = sshbuf_putf(loginmsg,
"Your password will expire in %d day%s.\n", daysleft,
daysleft == 1 ? "" : "s")) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
}
return 0;
(r = sshpkt_put_cstring(ssh, "")) != 0 || /* language, unused */
(r = sshpkt_send(ssh)) != 0)
fatal_fr(r, "send packet");
- debug("%s: sent", __func__);
+ debug_f("sent");
}
static void
struct stat sbuf;
if (strlcpy(path, display, pathlen) >= pathlen) {
- error("%s: display path too long", __func__);
+ error_f("display path too long");
return 0;
}
if (display[0] != '/')
endttyent();
if (NULL == ty) {
- logit("%s: tty not found", __func__);
+ logit_f("tty not found");
return (0);
}
#else /* FIXME */
pos = (off_t)tty * sizeof(struct utmp);
if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
- logit("%s: lseek: %s", __func__, strerror(errno));
+ logit_f("lseek: %s", strerror(errno));
close(fd);
return (0);
}
memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
- logit("%s: lseek: %s", __func__, strerror(errno));
+ logit_f("lseek: %s", strerror(errno));
close(fd);
return (0);
}
construct_utmp(li, &ut);
# ifdef UTMP_USE_LIBRARY
if (!utmp_write_library(li, &ut)) {
- logit("%s: utmp_write_library() failed", __func__);
+ logit_f("utmp_write_library() failed");
return (0);
}
# else
if (!utmp_write_direct(li, &ut)) {
- logit("%s: utmp_write_direct() failed", __func__);
+ logit_f("utmp_write_direct() failed");
return (0);
}
# endif
construct_utmp(li, &ut);
# ifdef UTMP_USE_LIBRARY
if (!utmp_write_library(li, &ut)) {
- logit("%s: utmp_write_library() failed", __func__);
+ logit_f("utmp_write_library() failed");
return (0);
}
# else
if (!utmp_write_direct(li, &ut)) {
- logit("%s: utmp_write_direct() failed", __func__);
+ logit_f("utmp_write_direct() failed");
return (0);
}
# endif
return (utmp_perform_logout(li));
default:
- logit("%s: invalid type field", __func__);
+ logit_f("invalid type field");
return (0);
}
}
static int
utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
{
- logit("%s: not implemented!", __func__);
+ logit_f("not implemented!");
return (0);
}
# endif /* UTMPX_USE_LIBRARY */
construct_utmpx(li, &utx);
# ifdef UTMPX_USE_LIBRARY
if (!utmpx_write_library(li, &utx)) {
- logit("%s: utmp_write_library() failed", __func__);
+ logit_f("utmp_write_library() failed");
return (0);
}
# else
if (!utmpx_write_direct(li, &utx)) {
- logit("%s: utmp_write_direct() failed", __func__);
+ logit_f("utmp_write_direct() failed");
return (0);
}
# endif
case LTYPE_LOGOUT:
return (utmpx_perform_logout(li));
default:
- logit("%s: invalid type field", __func__);
+ logit_f("invalid type field");
return (0);
}
}
case LTYPE_LOGOUT:
return (wtmp_perform_logout(li));
default:
- logit("%s: invalid type field", __func__);
+ logit_f("invalid type field");
return (0);
}
}
case LTYPE_LOGOUT:
return (wtmpx_perform_logout(li));
default:
- logit("%s: invalid type field", __func__);
+ logit_f("invalid type field");
return (0);
}
}
case LTYPE_LOGOUT:
return (wtmpdb_perform_logout(li));
default:
- logit("%s: invalid type field", __func__);
+ logit_f("invalid type field");
return (0);
}
}
(void)line_stripname(line, li->line, sizeof(line));
if (!logout(line))
- logit("%s: logout() returned an error", __func__);
+ logit_f("logout() returned an error");
# ifdef HAVE_LOGWTMP
else
logwtmp(line, "", "");
case LTYPE_LOGOUT:
return (syslogin_perform_logout(li));
default:
- logit("%s: Invalid type field", __func__);
+ logit_f("Invalid type field");
return (0);
}
}
close(fd);
return (1);
default:
- logit("%s: Invalid type field", __func__);
+ logit_f("Invalid type field");
return (0);
}
}
#if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
int on = 1;
- debug3("%s: set socket %d IPV6_V6ONLY", __func__, s);
+ debug3_f("set socket %d IPV6_V6ONLY", s);
if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1)
error("setsockopt IPV6_V6ONLY: %s", strerror(errno));
#endif
fatal_fr(r, "assemble PAM");
#endif
- debug3("%s: sending result %d", __func__, authenticated);
debug3_f("sending result %d", authenticated);
mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m);
mm_answer_pam_start(struct ssh *ssh, int sock, struct sshbuf *m)
{
if (!options.use_pam)
- fatal("UsePAM not set, but ended up in %s anyway", __func__);
+ fatal_f("UsePAM not set, but ended up in %s anyway", __func__);
start_pam(ssh);
int r;
if (!options.use_pam)
- fatal("%s: PAM not enabled", __func__);
+ fatal_f("PAM not enabled");
ret = do_pam_account();
if ((r = sshbuf_put_u32(m, ret)) != 0 ||
(r = sshbuf_put_stringb(m, loginmsg)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);
u_int ok = 0;
int r;
- debug3("%s", __func__);
+ debug3_f("entering");
if (!options.kbd_interactive_authentication)
- fatal("%s: kbd-int authentication not enabled", __func__);
+ fatal_f("kbd-int authentication not enabled");
if (sshpam_ctxt != NULL)
- fatal("%s: already called", __func__);
+ fatal_f("already called");
sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
sshpam_authok = NULL;
sshbuf_reset(m);
ok = 1;
}
if ((r = sshbuf_put_u32(m, ok)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m);
return (0);
}
u_int i, num = 0, *echo_on = 0;
int r, ret;
- debug3("%s", __func__);
+ debug3_f("entering");
sshpam_authok = NULL;
if (sshpam_ctxt == NULL)
- fatal("%s: no context", __func__);
+ fatal_f("no context");
ret = (sshpam_device.query)(sshpam_ctxt, &name, &info,
&num, &prompts, &echo_on);
if (ret == 0 && num == 0)
(r = sshbuf_put_cstring(m, info)) != 0 ||
(r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 ||
(r = sshbuf_put_u32(m, num)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
free(name);
free(info);
for (i = 0; i < num; ++i) {
if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 ||
(r = sshbuf_put_u32(m, echo_on[i])) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
free(prompts[i]);
}
free(prompts);
u_int i, num;
int r, ret;
- debug3("%s", __func__);
+ debug3_f("entering");
if (sshpam_ctxt == NULL)
- fatal("%s: no context", __func__);
+ fatal_f("no context");
sshpam_authok = NULL;
if ((r = sshbuf_get_u32(m, &num)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
if (num > PAM_MAX_NUM_MSG) {
fatal_f("Too many PAM messages, got %u, expected <= %u",
num, (unsigned)PAM_MAX_NUM_MSG);
}
sshbuf_reset(m);
if ((r = sshbuf_put_u32(m, ret)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
auth_method = "keyboard-interactive";
auth_submethod = "pam";
{
int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
- debug3("%s", __func__);
+ debug3_f("entering");
if (sshpam_ctxt == NULL)
- fatal("%s: no context", __func__);
+ fatal_f("no context");
(sshpam_device.free_ctx)(sshpam_ctxt);
sshpam_ctxt = sshpam_authok = NULL;
sshbuf_reset(m);
ssh_audit_event_t event;
int r;
- debug3("%s entering", __func__);
+ debug3_f("entering");
if ((r = sshbuf_get_u32(m, &n)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
event = (ssh_audit_event_t)n;
switch (event) {
case SSH_AUTH_FAIL_PUBKEY:
char *cmd;
int r;
- debug3("%s entering", __func__);
+ debug3_f("entering");
if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
/* sanity check command, if so how? */
audit_run_command(cmd);
free(cmd);
}
return 0;
#else
- error("%s: file descriptor passing not supported", __func__);
+ error_f("file descriptor passing not supported");
return -1;
#endif
}
{
struct sshbuf *m;
- debug3("%s entering", __func__);
+ debug3_f("entering");
if (!options.use_pam)
- fatal("UsePAM=no, but ended up in %s anyway", __func__);
+ fatal_f("UsePAM=no, but ended up in %s anyway", __func__);
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, m);
sshbuf_free(m);
size_t msglen;
int r;
- debug3("%s entering", __func__);
+ debug3_f("entering");
if (!options.use_pam)
- fatal("UsePAM=no, but ended up in %s anyway", __func__);
+ fatal_f("UsePAM=no, but ended up in %s anyway", __func__);
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, m);
mm_request_receive_expect(pmonitor->m_recvfd,
if ((r = sshbuf_get_u32(m, &ret)) != 0 ||
(r = sshbuf_get_cstring(m, &msg, &msglen)) != 0 ||
(r = sshbuf_put(loginmsg, msg, msglen)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
free(msg);
sshbuf_free(m);
- debug3("%s returning %d", __func__, ret);
+ debug3_f("returning %d", ret);
return (ret);
}
struct sshbuf *m;
int r, success;
- debug3("%s", __func__);
+ debug3_f("entering");
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, m);
- debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__);
+ debug3_f("waiting for MONITOR_ANS_PAM_INIT_CTX");
mm_request_receive_expect(pmonitor->m_recvfd,
MONITOR_ANS_PAM_INIT_CTX, m);
if ((r = sshbuf_get_u32(m, &success)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
if (success == 0) {
- debug3("%s: pam_init_ctx failed", __func__);
+ debug3_f("pam_init_ctx failed");
sshbuf_free(m);
return (NULL);
}
u_int i, n;
int r, ret;
- debug3("%s", __func__);
+ debug3_f("entering");
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, m);
- debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__);
+ debug3_f("waiting for MONITOR_ANS_PAM_QUERY");
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, m);
if ((r = sshbuf_get_u32(m, &ret)) != 0 ||
(r = sshbuf_get_cstring(m, name, NULL)) != 0 ||
(r = sshbuf_get_cstring(m, info, NULL)) != 0 ||
(r = sshbuf_get_u32(m, &n)) != 0 ||
(r = sshbuf_get_u32(m, num)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
- debug3("%s: pam_query returned %d", __func__, ret);
+ fatal_fr(r, "buffer error");
+ debug3_f("pam_query returned %d", ret);
sshpam_set_maxtries_reached(n);
if (*num > PAM_MAX_NUM_MSG)
fatal("%s: received %u PAM messages, expected <= %u",
for (i = 0; i < *num; ++i) {
if ((r = sshbuf_get_cstring(m, &((*prompts)[i]), NULL)) != 0 ||
(r = sshbuf_get_u32(m, &((*echo_on)[i]))) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
}
sshbuf_free(m);
return (ret);
u_int n, i;
int r, ret;
- debug3("%s", __func__);
+ debug3_f("entering");
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
if ((r = sshbuf_put_u32(m, num)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
for (i = 0; i < num; ++i) {
if ((r = sshbuf_put_cstring(m, resp[i])) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
}
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, m);
- debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__);
+ debug3_f("waiting for MONITOR_ANS_PAM_RESPOND");
mm_request_receive_expect(pmonitor->m_recvfd,
MONITOR_ANS_PAM_RESPOND, m);
if ((r = sshbuf_get_u32(m, &n)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
ret = (int)n; /* XXX */
- debug3("%s: pam_respond returned %d", __func__, ret);
+ debug3_f("pam_respond returned %d", ret);
sshbuf_free(m);
return (ret);
}
{
struct sshbuf *m;
- debug3("%s", __func__);
+ debug3_f("entering");
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, m);
- debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__);
+ debug3_f("waiting for MONITOR_ANS_PAM_FREE_CTX");
mm_request_receive_expect(pmonitor->m_recvfd,
MONITOR_ANS_PAM_FREE_CTX, m);
sshbuf_free(m);
struct sshbuf *m;
int r;
- debug3("%s entering", __func__);
+ debug3_f("entering");
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
if ((r = sshbuf_put_u32(m, event)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, m);
sshbuf_free(m);
struct sshbuf *m;
int r;
- debug3("%s entering command %s", __func__, command);
+ debug3_f("entering command %s", command);
if ((m = sshbuf_new()) == NULL)
- fatal("%s: sshbuf_new failed", __func__);
+ fatal_f("sshbuf_new failed");
if ((r = sshbuf_put_cstring(m, command)) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m);
sshbuf_free(m);
{
struct ssh_sandbox *box;
- debug3("%s: preparing capsicum sandbox", __func__);
+ debug3_f("preparing capsicum sandbox");
box = xcalloc(1, sizeof(*box));
box->m_recvfd = monitor->m_recvfd;
box->m_log_sendfd = monitor->m_log_sendfd;
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
if (cap_rights_limit(box->m_recvfd, &rights) < 0 &&
errno != ENOSYS)
- fatal("%s: failed to limit the network socket", __func__);
+ fatal_f("failed to limit the network socket");
cap_rights_init(&rights, CAP_WRITE);
if (cap_rights_limit(box->m_log_sendfd, &rights) < 0 &&
errno != ENOSYS)
- fatal("%s: failed to limit the logging socket", __func__);
+ fatal_f("failed to limit the logging socket");
if (cap_enter() < 0 && errno != ENOSYS)
- fatal("%s: failed to enter capability mode", __func__);
+ fatal_f("failed to enter capability mode");
}
* Strictly, we don't need to maintain any state here but we need
* to return non-NULL to satisfy the API.
*/
- debug3("%s: preparing Darwin sandbox", __func__);
+ debug3_f("preparing Darwin sandbox");
box = xcalloc(1, sizeof(*box));
return box;
}
char *errmsg;
struct rlimit rl_zero;
- debug3("%s: starting Darwin sandbox", __func__);
+ debug3_f("starting Darwin sandbox");
if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED,
&errmsg) == -1)
- fatal("%s: sandbox_init: %s", __func__, errmsg);
+ fatal_f("sandbox_init: %s", errmsg);
/*
* The kSBXProfilePureComputation still allows sockets, so
* Strictly, we don't need to maintain any state here but we need
* to return non-NULL to satisfy the API.
*/
- debug3("%s: preparing seccomp filter sandbox", __func__);
+ debug3_f("preparing seccomp filter sandbox");
box = xcalloc(1, sizeof(*box));
return box;
}
struct sigaction act;
sigset_t mask;
- debug3("%s: installing SIGSYS handler", __func__);
+ debug3_f("installing SIGSYS handler");
memset(&act, 0, sizeof(act));
sigemptyset(&mask);
sigaddset(&mask, SIGSYS);
act.sa_sigaction = &ssh_sandbox_violation;
act.sa_flags = SA_SIGINFO;
if (sigaction(SIGSYS, &act, NULL) == -1)
- fatal("%s: sigaction(SIGSYS): %s", __func__, strerror(errno));
+ fatal_f("sigaction(SIGSYS): %s", strerror(errno));
if (sigprocmask(SIG_UNBLOCK, &mask, NULL) == -1)
fatal("%s: sigprocmask(SIGSYS): %s",
__func__, strerror(errno));
ssh_sandbox_child_debugging();
#endif /* SANDBOX_SECCOMP_FILTER_DEBUG */
- debug3("%s: setting PR_SET_NO_NEW_PRIVS", __func__);
+ debug3_f("setting PR_SET_NO_NEW_PRIVS");
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1) {
debug("%s: prctl(PR_SET_NO_NEW_PRIVS): %s",
__func__, strerror(errno));
nnp_failed = 1;
}
- debug3("%s: attaching seccomp filter program", __func__);
+ debug3_f("attaching seccomp filter program");
if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &preauth_program) == -1)
debug("%s: prctl(PR_SET_SECCOMP): %s",
__func__, strerror(errno));
int
pkcs11_init(int interactive)
{
- error("%s: dlopen() not supported", __func__);
+ error_f("dlopen() not supported");
return (-1);
}
pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp,
char ***labelsp)
{
- error("%s: dlopen() not supported", __func__);
+ error_f("dlopen() not supported");
return (-1);
}
void
pkcs11_terminate(void)
{
- error("%s: dlopen() not supported", __func__);
+ error_f("dlopen() not supported");
}
#endif /* ENABLE_PKCS11 */
RAND_seed(rnd, sizeof(rnd));
/* give libcrypto a chance to notice the PID change */
if ((RAND_bytes((u_char *)rnd, 1)) != 1)
- fatal("%s: RAND_bytes failed", __func__);
+ fatal_f("RAND_bytes failed");
#endif
explicit_bzero(rnd, sizeof(rnd));
#ifdef WITH_OPENSSL
RAND_seed(rnd, sizeof(rnd));
if ((RAND_bytes((u_char *)rnd, 1)) != 1)
- fatal("%s: RAND_bytes failed", __func__);
+ fatal_f("RAND_bytes failed");
#endif
explicit_bzero(rnd, sizeof(rnd));
}
if (time_string != NULL) {
if ((r = sshbuf_put(loginmsg,
time_string, strlen(time_string))) != 0)
- fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ fatal_fr(r, "buffer error");
free(time_string);
}
# else
/* Determine the group to make the owner of the tty. */
grp = getgrnam("tty");
if (grp == NULL)
- debug("%s: no tty group", __func__);
+ debug_f("no tty group");
gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid;
mode = (grp != NULL) ? 0620 : 0600;
* as well.
*/
if (setuid(getuid()) == -1)
- fatal("%s: setuid failed: %s", __func__, strerror(errno));
+ fatal_f("setuid failed: %s", strerror(errno));
if (setgid(getgid()) == -1)
- fatal("%s: setgid failed: %s", __func__, strerror(errno));
+ fatal_f("setgid failed: %s", strerror(errno));
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
if (setgroups(saved_egroupslen, saved_egroups) == -1)
/* Try restoration of GID if changed (test clearing of saved gid) */
if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
(setgid(old_gid) != -1 || setegid(old_gid) != -1))
- fatal("%s: was able to restore old [e]gid", __func__);
+ fatal_f("was able to restore old [e]gid");
#endif
/* Verify GID drop was successful */
/* Try restoration of UID if changed (test clearing of saved uid) */
if (old_uid != pw->pw_uid &&
(setuid(old_uid) != -1 || seteuid(old_uid) != -1))
- fatal("%s: was able to restore old [e]uid", __func__);
+ fatal_f("was able to restore old [e]uid");
#endif
/* Verify UID drop was successful */
projects / thirdparty / openssh-portable.git / commitdiff
