Commit 7a2073c5 authored by Ben Lindstrom's avatar Ben Lindstrom

- provos@cvs.openbsd.org 2002/03/18 17:50:31

     [auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
      auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
      session.h servconf.h serverloop.c session.c sshd.c]
     integrate privilege separated openssh; its turned off by default for now.
     work done by me and markus@

applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =)  Later project!
parent 0f345f5e
......@@ -59,6 +59,12 @@
- provos@cvs.openbsd.org 2002/03/18 17:31:54
[compress.c]
export compression streams for ssh-privsep
- provos@cvs.openbsd.org 2002/03/18 17:50:31
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
session.h servconf.h serverloop.c session.c sshd.c]
integrate privilege separated openssh; its turned off by default for now.
work done by me and markus@
20020317
- (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
......@@ -7905,4 +7911,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1942 2002/03/22 01:51:24 mouring Exp $
$Id: ChangeLog,v 1.1943 2002/03/22 02:30:41 mouring Exp $
# $Id: Makefile.in,v 1.199 2002/03/13 02:19:42 djm Exp $
# $Id: Makefile.in,v 1.200 2002/03/22 02:30:43 mouring Exp $
prefix=@prefix@
exec_prefix=@exec_prefix@
......@@ -50,11 +50,11 @@ INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS)
LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o
LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o monitor_wrap.o monitor_fdpass.o
SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o
SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o
SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o monitor_mm.o monitor.o
MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out
MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1
......
......@@ -22,12 +22,13 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-bsdauth.c,v 1.2 2001/12/19 07:18:56 deraadt Exp $");
RCSID("$OpenBSD: auth-bsdauth.c,v 1.3 2002/03/18 17:50:31 provos Exp $");
#ifdef BSD_AUTH
#include "xmalloc.h"
#include "auth.h"
#include "log.h"
#include "monitor_wrap.h"
static void *
bsdauth_init_ctx(Authctxt *authctxt)
......@@ -35,7 +36,7 @@ bsdauth_init_ctx(Authctxt *authctxt)
return authctxt;
}
static int
int
bsdauth_query(void *ctx, char **name, char **infotxt,
u_int *numprompts, char ***prompts, u_int **echo_on)
{
......@@ -76,7 +77,7 @@ bsdauth_query(void *ctx, char **name, char **infotxt,
return 0;
}
static int
int
bsdauth_respond(void *ctx, u_int numresponses, char **responses)
{
Authctxt *authctxt = ctx;
......@@ -113,4 +114,12 @@ KbdintDevice bsdauth_device = {
bsdauth_respond,
bsdauth_free_ctx
};
KbdintDevice mm_bsdauth_device = {
"bsdauth",
bsdauth_init_ctx,
mm_bsdauth_query,
mm_bsdauth_respond,
bsdauth_free_ctx
};
#endif
......@@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-options.c,v 1.21 2002/01/29 14:32:03 markus Exp $");
RCSID("$OpenBSD: auth-options.c,v 1.22 2002/03/18 17:50:31 provos Exp $");
#include "packet.h"
#include "xmalloc.h"
......@@ -20,7 +20,13 @@ RCSID("$OpenBSD: auth-options.c,v 1.21 2002/01/29 14:32:03 markus Exp $");
#include "channels.h"
#include "auth-options.h"
#include "servconf.h"
#include "bufaux.h"
#include "misc.h"
#include "monitor_wrap.h"
/* Debugging messages */
Buffer auth_debug;
int auth_debug_init;
/* Flags set authorized_keys flags */
int no_port_forwarding_flag = 0;
......@@ -36,9 +42,28 @@ struct envstring *custom_environment = NULL;
extern ServerOptions options;
void
auth_send_debug(Buffer *m)
{
char *msg;
while (buffer_len(m)) {
msg = buffer_get_string(m, NULL);
packet_send_debug("%s", msg);
xfree(msg);
}
}
void
auth_clear_options(void)
{
if (auth_debug_init)
buffer_clear(&auth_debug);
else {
buffer_init(&auth_debug);
auth_debug_init = 1;
}
no_agent_forwarding_flag = 0;
no_port_forwarding_flag = 0;
no_pty_flag = 0;
......@@ -63,6 +88,7 @@ auth_clear_options(void)
int
auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
{
char tmp[1024];
const char *cp;
int i;
......@@ -75,28 +101,32 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
while (*opts && *opts != ' ' && *opts != '\t') {
cp = "no-port-forwarding";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
packet_send_debug("Port forwarding disabled.");
snprintf(tmp, sizeof(tmp), "Port forwarding disabled.");
buffer_put_cstring(&auth_debug, tmp);
no_port_forwarding_flag = 1;
opts += strlen(cp);
goto next_option;
}
cp = "no-agent-forwarding";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
packet_send_debug("Agent forwarding disabled.");
snprintf(tmp, sizeof(tmp), "Agent forwarding disabled.");
buffer_put_cstring(&auth_debug, tmp);
no_agent_forwarding_flag = 1;
opts += strlen(cp);
goto next_option;
}
cp = "no-X11-forwarding";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
packet_send_debug("X11 forwarding disabled.");
snprintf(tmp, sizeof(tmp), "X11 forwarding disabled.");
buffer_put_cstring(&auth_debug, tmp);
no_x11_forwarding_flag = 1;
opts += strlen(cp);
goto next_option;
}
cp = "no-pty";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
packet_send_debug("Pty allocation disabled.");
snprintf(tmp, sizeof(tmp), "Pty allocation disabled.");
buffer_put_cstring(&auth_debug, tmp);
no_pty_flag = 1;
opts += strlen(cp);
goto next_option;
......@@ -119,14 +149,16 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
if (!*opts) {
debug("%.100s, line %lu: missing end quote",
file, linenum);
packet_send_debug("%.100s, line %lu: missing end quote",
snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
file, linenum);
buffer_put_cstring(&auth_debug, tmp);
xfree(forced_command);
forced_command = NULL;
goto bad_option;
}
forced_command[i] = 0;
packet_send_debug("Forced command: %.900s", forced_command);
snprintf(tmp, sizeof(tmp), "Forced command: %.900s", forced_command);
buffer_put_cstring(&auth_debug, tmp);
opts++;
goto next_option;
}
......@@ -151,13 +183,15 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
if (!*opts) {
debug("%.100s, line %lu: missing end quote",
file, linenum);
packet_send_debug("%.100s, line %lu: missing end quote",
snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
file, linenum);
buffer_put_cstring(&auth_debug, tmp);
xfree(s);
goto bad_option;
}
s[i] = 0;
packet_send_debug("Adding to environment: %.900s", s);
snprintf(tmp, sizeof(tmp), "Adding to environment: %.900s", s);
buffer_put_cstring(&auth_debug, tmp);
debug("Adding to environment: %.900s", s);
opts++;
new_envstring = xmalloc(sizeof(struct envstring));
......@@ -188,8 +222,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
if (!*opts) {
debug("%.100s, line %lu: missing end quote",
file, linenum);
packet_send_debug("%.100s, line %lu: missing end quote",
snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
file, linenum);
buffer_put_cstring(&auth_debug, tmp);
xfree(patterns);
goto bad_option;
}
......@@ -202,9 +237,11 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
"correct key but not from a permitted "
"host (host=%.200s, ip=%.200s).",
pw->pw_name, remote_host, remote_ip);
packet_send_debug("Your host '%.200s' is not "
snprintf(tmp, sizeof(tmp),
"Your host '%.200s' is not "
"permitted to use this key for login.",
remote_host);
buffer_put_cstring(&auth_debug, tmp);
/* deny access */
return 0;
}
......@@ -233,8 +270,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
if (!*opts) {
debug("%.100s, line %lu: missing end quote",
file, linenum);
packet_send_debug("%.100s, line %lu: missing end quote",
snprintf(tmp, sizeof(tmp), "%.100s, line %lu: missing end quote",
file, linenum);
buffer_put_cstring(&auth_debug, tmp);
xfree(patterns);
goto bad_option;
}
......@@ -244,16 +282,18 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) {
debug("%.100s, line %lu: Bad permitopen specification "
"<%.100s>", file, linenum, patterns);
packet_send_debug("%.100s, line %lu: "
snprintf(tmp, sizeof(tmp), "%.100s, line %lu: "
"Bad permitopen specification", file, linenum);
buffer_put_cstring(&auth_debug, tmp);
xfree(patterns);
goto bad_option;
}
if ((port = a2port(sport)) == 0) {
debug("%.100s, line %lu: Bad permitopen port <%.100s>",
file, linenum, sport);
packet_send_debug("%.100s, line %lu: "
snprintf(tmp, sizeof(tmp), "%.100s, line %lu: "
"Bad permitopen port", file, linenum);
buffer_put_cstring(&auth_debug, tmp);
xfree(patterns);
goto bad_option;
}
......@@ -276,14 +316,24 @@ next_option:
opts++;
/* Process the next option. */
}
if (!use_privsep)
auth_send_debug(&auth_debug);
/* grant access */
return 1;
bad_option:
log("Bad options in %.100s file, line %lu: %.50s",
file, linenum, opts);
packet_send_debug("Bad options in %.100s file, line %lu: %.50s",
snprintf(tmp, sizeof(tmp),
"Bad options in %.100s file, line %lu: %.50s",
file, linenum, opts);
buffer_put_cstring(&auth_debug, tmp);
if (!use_privsep)
auth_send_debug(&auth_debug);
/* deny access */
return 0;
}
......@@ -13,7 +13,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rh-rsa.c,v 1.31 2002/03/16 17:22:09 markus Exp $");
RCSID("$OpenBSD: auth-rh-rsa.c,v 1.32 2002/03/18 17:50:31 provos Exp $");
#include "packet.h"
#include "uidswap.h"
......@@ -25,6 +25,8 @@ RCSID("$OpenBSD: auth-rh-rsa.c,v 1.31 2002/03/16 17:22:09 markus Exp $");
#include "auth.h"
#include "canohost.h"
#include "monitor_wrap.h"
/* import */
extern ServerOptions options;
......@@ -69,7 +71,7 @@ auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key)
chost = (char *)get_canonical_hostname(options.verify_reverse_mapping);
debug("Rhosts RSA authentication: canonical host %.900s", chost);
if (!auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key)) {
if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) {
debug("Rhosts with RSA host authentication denied: unknown or invalid host key");
packet_send_debug("Your host key cannot be verified: unknown or invalid host key.");
return 0;
......
......@@ -14,7 +14,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rsa.c,v 1.51 2002/03/14 16:56:33 markus Exp $");
RCSID("$OpenBSD: auth-rsa.c,v 1.52 2002/03/18 17:50:31 provos Exp $");
#include <openssl/rsa.h>
#include <openssl/md5.h>
......@@ -32,6 +32,7 @@ RCSID("$OpenBSD: auth-rsa.c,v 1.51 2002/03/14 16:56:33 markus Exp $");
#include "servconf.h"
#include "auth.h"
#include "hostfile.h"
#include "monitor_wrap.h"
/* import */
extern ServerOptions options;
......@@ -52,7 +53,7 @@ extern u_char session_id[16];
* description of the options.
*/
static BIGNUM *
BIGNUM *
auth_rsa_generate_challenge(Key *key)
{
BIGNUM *challenge;
......@@ -70,7 +71,7 @@ auth_rsa_generate_challenge(Key *key)
return challenge;
}
static int
int
auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
{
u_char buf[32], mdbuf[16];
......@@ -113,7 +114,7 @@ auth_rsa_challenge_dialog(Key *key)
if ((encrypted_challenge = BN_new()) == NULL)
fatal("auth_rsa_challenge_dialog: BN_new() failed");
challenge = auth_rsa_generate_challenge(key);
challenge = PRIVSEP(auth_rsa_generate_challenge(key));
/* Encrypt the challenge with the public key. */
rsa_public_encrypt(encrypted_challenge, challenge, key->rsa);
......@@ -131,7 +132,7 @@ auth_rsa_challenge_dialog(Key *key)
response[i] = packet_get_char();
packet_check_eom();
success = auth_rsa_verify_response(key, challenge, response);
success = PRIVSEP(auth_rsa_verify_response(key, challenge, response));
BN_clear_free(challenge);
return (success);
}
......@@ -141,11 +142,11 @@ auth_rsa_challenge_dialog(Key *key)
* return key if login is allowed, NULL otherwise
*/
static int
int
auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
{
char line[8192], *file;
int allowed;
int allowed = 0;
u_int bits;
FILE *f;
u_long linenum = 0;
......@@ -284,7 +285,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
if (pw == NULL)
return 0;
if (auth_rsa_key_allowed(pw, client_n, &key) == 0) {
if (!PRIVSEP(auth_rsa_key_allowed(pw, client_n, &key))) {
auth_clear_options();
return (0);
}
......
......@@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-skey.c,v 1.16 2002/01/12 13:10:29 markus Exp $");
RCSID("$OpenBSD: auth-skey.c,v 1.17 2002/03/18 17:50:31 provos Exp $");
#ifdef SKEY
......@@ -30,6 +30,7 @@ RCSID("$OpenBSD: auth-skey.c,v 1.16 2002/01/12 13:10:29 markus Exp $");
#include "xmalloc.h"
#include "auth.h"
#include "monitor_wrap.h"
static void *
skey_init_ctx(Authctxt *authctxt)
......@@ -37,8 +38,6 @@ skey_init_ctx(Authctxt *authctxt)
return authctxt;
}
#define PROMPT "\nS/Key Password: "
static int
skey_query(void *ctx, char **name, char **infotxt,
u_int* numprompts, char ***prompts, u_int **echo_on)
......@@ -58,10 +57,10 @@ skey_query(void *ctx, char **name, char **infotxt,
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;
len = strlen(challenge) + strlen(PROMPT) + 1;
len = strlen(challenge) + strlen(SKEY_PROMPT) + 1;
p = xmalloc(len);
strlcpy(p, challenge, len);
strlcat(p, PROMPT, len);
strlcat(p, SKEY_PROMPT, len);
(*prompts)[0] = p;
return 0;
......@@ -93,4 +92,12 @@ KbdintDevice skey_device = {
skey_respond,
skey_free_ctx
};
KbdintDevice mm_skey_device = {
"skey",
skey_init_ctx,
mm_skey_query,
mm_skey_respond,
skey_free_ctx
};
#endif /* SKEY */
/* $OpenBSD: auth.h,v 1.33 2002/03/18 01:12:14 provos Exp $ */
/* $OpenBSD: auth.h,v 1.34 2002/03/18 17:50:31 provos Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
......@@ -129,6 +129,8 @@ void auth_log(Authctxt *, int, char *, char *);
void userauth_finish(Authctxt *, int, char *);
int auth_root_allowed(char *);
void privsep_challenge_enable(void);
int auth2_challenge(Authctxt *, char *);
void auth2_challenge_stop(Authctxt *);
......@@ -155,4 +157,5 @@ check_key_in_hostfiles(struct passwd *, Key *, const char *,
#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
#define SKEY_PROMPT "\nS/Key Password: "
#endif
......@@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth1.c,v 1.37 2002/03/18 01:12:14 provos Exp $");
RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $");
#include "xmalloc.h"
#include "rsa.h"
......@@ -26,6 +26,7 @@ RCSID("$OpenBSD: auth1.c,v 1.37 2002/03/18 01:12:14 provos Exp $");
#include "session.h"
#include "misc.h"
#include "uidswap.h"
#include "monitor_wrap.h"
/* import */
extern ServerOptions options;
......@@ -89,7 +90,7 @@ do_authloop(Authctxt *authctxt)
#elif defined(HAVE_OSF_SIA)
0) {
#else
auth_password(authctxt, "")) {
PRIVSEP(auth_password(authctxt, ""))) {
#endif
auth_log(authctxt, 1, "without authentication", "");
return;
......@@ -253,9 +254,8 @@ do_authloop(Authctxt *authctxt)
/* Do SIA auth with password */
authenticated = auth_sia_password(authctxt->user,
password);
#else /* !USE_PAM && !HAVE_OSF_SIA */
/* Try authentication with the password. */
authenticated = auth_password(authctxt, password);
authenticated = PRIVSEP(auth_password(authctxt, password));
#endif /* USE_PAM */
memset(password, 0, strlen(password));
......@@ -359,7 +359,7 @@ Authctxt *
do_authentication(void)
{
Authctxt *authctxt;
struct passwd *pw;
struct passwd *pw = NULL, *pwent;
u_int ulen;
char *p, *user, *style = NULL;
......@@ -382,17 +382,22 @@ do_authentication(void)
authctxt->style = style;
/* Verify that the user is a valid user. */
pw = getpwnamallow(user);
if (pw) {
pwent = PRIVSEP(getpwnamallow(user));
if (pwent) {
authctxt->valid = 1;
pw = pwcopy(pw);
pw = pwcopy(pwent);
} else {
debug("do_authentication: illegal user %s", user);
pw = NULL;
}
/* Free memory */
if (use_privsep && pwent != NULL)
pwfree(pwent);
authctxt->pw = pw;
setproctitle("%s", pw ? user : "unknown");
setproctitle("%s%s", pw ? user : "unknown",
use_privsep ? " [net]" : "");
#ifdef USE_PAM
start_pam(pw == NULL ? "NOUSER" : user);
......@@ -403,7 +408,7 @@ do_authentication(void)
* the server. (Unless you are running Windows)
*/
#ifndef HAVE_CYGWIN
if (getuid() != 0 && pw && pw->pw_uid != getuid())
if (!use_privsep && getuid() != 0 && pw && pw->pw_uid != getuid())
packet_disconnect("Cannot change user when server not running as root.");
#endif
......
......@@ -23,7 +23,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $");
RCSID("$OpenBSD: auth2-chall.c,v 1.17 2002/03/18 17:50:31 provos Exp $");
#include "ssh2.h"
#include "auth.h"
......@@ -310,3 +310,22 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
userauth_finish(authctxt, authenticated, method);
xfree(method);
}
void
privsep_challenge_enable(void)
{
#ifdef BSD_AUTH
extern KbdintDevice mm_bsdauth_device;
#endif
#ifdef SKEY
extern KbdintDevice mm_skey_device;
#endif
/* As long as SSHv1 has devices[0] hard coded this is fine */
#ifdef BSD_AUTH
devices[0] = &mm_bsdauth_device;
#else
#ifdef SKEY
devices[0] = &mm_skey_device;
#endif
#endif
}
......@@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.87 2002/03/18 01:12:14 provos Exp $");
RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $");
#include <openssl/evp.h>
......@@ -51,13 +51,14 @@ RCSID("$OpenBSD: auth2.c,v 1.87 2002/03/18 01:12:14 provos Exp $");
#include "hostfile.h"
#include "canohost.h"
#include "match.h"
#include "monitor_wrap.h"
/* import */
extern ServerOptions options;
extern u_char *session_id2;
extern int session_id2_len;
static Authctxt *x_authctxt = NULL;
Authctxt *x_authctxt = NULL;
static int one = 1;
typedef struct Authmethod Authmethod;
......@@ -75,8 +76,8 @@ static void input_userauth_request(int, u_int32_t, void *);
/* helper */
static Authmethod *authmethod_lookup(const char *);
static char *authmethods_get(void);
static int user_key_allowed(struct passwd *, Key *);
static int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
int user_key_allowed(struct passwd *, Key *);
int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
/* auth */
static void userauth_banner(void);
......@@ -185,7 +186,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
if (authctxt->attempt++ == 0) {
/* setup auth context */
struct passwd *pw = NULL;
pw = getpwnamallow(user);
pw = PRIVSEP(getpwnamallow(user));
if (pw && strcmp(service, "ssh-connection")==0) {
authctxt->pw = pwcopy(pw);
authctxt->valid = 1;
......@@ -199,10 +200,18 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
start_pam("NOUSER");
#endif
}
setproctitle("%s", pw ? user : "unknown");
/* Free memory */
if (use_privsep && pw != NULL)
pwfree(pw);
setproctitle("%s%s", pw ? user : "unknown",
use_privsep ? " [net]" : "");
authctxt->user = xstrdup(user);
authctxt->service = xstrdup(service);
authctxt->style = style ? xstrdup(style) : NULL;
if (use_privsep)
mm_inform_authserv(service, style);
} else if (strcmp(user, authctxt->user) != 0 ||
strcmp(service, authctxt->service) != 0) {
packet_disconnect("Change of username or service not allowed: "
......@@ -333,7 +342,7 @@ userauth_none(Authctxt *authctxt)
#elif defined(HAVE_OSF_SIA)
return 0;
#else /* !HAVE_OSF_SIA && !USE_PAM */
return auth_password(authctxt, "");
return PRIVSEP(auth_password(authctxt, ""));
#endif /* USE_PAM */
}
......@@ -358,7 +367,7 @@ userauth_passwd(Authctxt *authctxt)
#elif defined(HAVE_OSF_SIA)
auth_sia_password(authctxt->user, password) == 1)
#else /* !USE_PAM && !HAVE_OSF_SIA */
auth_password(authctxt, password) == 1)
PRIVSEP(auth_password(authctxt, password)) == 1)
#endif /* USE_PAM */
authenticated = 1;
memset(password, 0, len);
......@@ -468,8 +477,10 @@ userauth_pubkey(Authctxt *authctxt)
buffer_dump(&b);
#endif
/* test for correct signature */
if (user_key_allowed(authctxt->pw, key) &&
key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1)
authenticated = 0;
if (PRIVSEP(user_key_allowed(authctxt->pw, key)) &&
PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
buffer_len(&b))) == 1)
authenticated = 1;
buffer_clear(&b);
xfree(sig);
......@@ -485,7 +496,7 @@ userauth_pubkey(Authctxt *authctxt)
* if a user is not allowed to login. is this an
* issue? -markus
*/
if (user_key_allowed(authctxt->pw, key)) {
if (PRIVSEP(user_key_allowed(authctxt->pw, key))) {
packet_start(SSH2_MSG_USERAUTH_PK_OK);
packet_put_string(pkalg, alen);
packet_put_string(pkblob, blen);
......@@ -573,8 +584,10 @@ userauth_hostbased(Authctxt *authctxt)
buffer_dump(&b);
#endif
/* test for allowed key and correct signature */
if (hostbased_key_allowed(authctxt->pw, cuser, chost, key) &&
key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1)
authenticated = 0;
if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
buffer_len(&b))) == 1)
authenticated = 1;
buffer_clear(&b);
......@@ -731,7 +744,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
}
/* check whether given key is in .ssh/authorized_keys* */
static int
int
user_key_allowed(struct passwd *pw, Key *key)
{
int success;
......@@ -751,7 +764,7 @@ user_key_allowed(struct passwd *pw, Key *key)
}
/* return 1 if given hostkey is allowed */
static int
int
hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
Key *key)
{
......
......@@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: kex.c,v 1.47 2002/02/28 15:46:33 markus Exp $");
RCSID("$OpenBSD: kex.c,v 1.48 2002/03/18 17:50:31 provos Exp $");
#include <openssl/crypto.h>
......@@ -40,9 +40,15 @@ RCSID("$OpenBSD: kex.c,v 1.47 2002/02/28 15:46:33 markus Exp $");
#include "mac.h"
#include "match.h"
#include "dispatch.h"
#include "monitor.h"
#define KEX_COOKIE_LEN 16
/* Use privilege separation for sshd */
int use_privsep;
struct monitor *monitor;
/* prototype */
static void kex_kexinit_finish(Kex *);
static void kex_choose_conf(Kex *);
......
/* $OpenBSD: kex.h,v 1.29 2002/02/14 23:41:01 markus Exp $ */
/* $OpenBSD: kex.h,v 1.30 2002/03/18 17:50:31 provos Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
......@@ -111,6 +111,7 @@ struct Kex {
char *server_version_string;
int (*verify_host_key)(Key *);
Key *(*load_host_key)(int);
int (*host_key_index)(Key *);
};
Kex *kex_setup(char *[PROPOSAL_MAX]);
......
......@@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: kexdh.c,v 1.17 2002/02/28 15:46:33 markus Exp $");
RCSID("$OpenBSD: kexdh.c,v 1.18 2002/03/18 17:50:31 provos Exp $");
#include <openssl/crypto.h>
#include <openssl/bn.h>
......@@ -37,6 +37,7 @@ RCSID("$OpenBSD: kexdh.c,v 1.17 2002/02/28 15:46:33 markus Exp $");
#include "packet.h"
#include "dh.h"
#include "ssh2.h"
#include "monitor_wrap.h"
static u_char *
kex_dh_hash(
......@@ -275,7 +276,7 @@ kexdh_server(Kex *kex)