mirror of
git://anongit.mindrot.org/openssh.git
synced 2025-01-09 11:09:33 +00:00
- markus@cvs.openbsd.org 2001/06/23 00:20:57
[auth2.c auth.c auth.h auth-rh-rsa.c]
*known_hosts2 is obsolete for hostbased authentication and
only used for backward compat. merge ssh1/2 hostkey check
and move it to auth.c
This commit is contained in:
Ben Lindstrom
parent
7d5ed3a07b
commit
83647ce474
@ -38,6 +38,11 @@
|
||||
- deraadt@cvs.openbsd.org 2001/06/23 00:16:16
|
||||
[scp.c]
|
||||
slightly better care
|
||||
- markus@cvs.openbsd.org 2001/06/23 00:20:57
|
||||
[auth2.c auth.c auth.h auth-rh-rsa.c]
|
||||
*known_hosts2 is obsolete for hostbased authentication and
|
||||
only used for backward compat. merge ssh1/2 hostkey check
|
||||
and move it to auth.c
|
||||
|
||||
20010622
|
||||
- (stevesk) handle systems without pw_expire and pw_change.
|
||||
@ -5722,4 +5727,4 @@
|
||||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1306 2001/06/25 04:28:30 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1307 2001/06/25 04:30:16 mouring Exp $
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth-rh-rsa.c,v 1.23 2001/04/06 21:00:04 markus Exp $");
|
||||
RCSID("$OpenBSD: auth-rh-rsa.c,v 1.24 2001/06/23 00:20:57 markus Exp $");
|
||||
|
||||
#include "packet.h"
|
||||
#include "xmalloc.h"
|
||||
@ -38,7 +38,7 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key
|
||||
extern ServerOptions options;
|
||||
const char *canonical_hostname;
|
||||
HostStatus host_status;
|
||||
Key *client_key, *found;
|
||||
Key *client_key;
|
||||
|
||||
debug("Trying rhosts with RSA host authentication for client user %.100s", client_user);
|
||||
|
||||
@ -58,37 +58,12 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key
|
||||
client_key = key_new(KEY_RSA1);
|
||||
BN_copy(client_key->rsa->e, client_host_key->e);
|
||||
BN_copy(client_key->rsa->n, client_host_key->n);
|
||||
found = key_new(KEY_RSA1);
|
||||
|
||||
/* Check if we know the host and its host key. */
|
||||
host_status = check_host_in_hostfile(_PATH_SSH_SYSTEM_HOSTFILE, canonical_hostname,
|
||||
client_key, found, NULL);
|
||||
host_status = check_key_in_hostfiles(pw, client_key, canonical_hostname,
|
||||
_PATH_SSH_SYSTEM_HOSTFILE,
|
||||
options.ignore_user_known_hosts ? _PATH_SSH_USER_HOSTFILE : NULL);
|
||||
|
||||
/* Check user host file unless ignored. */
|
||||
if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
|
||||
struct stat st;
|
||||
char *user_hostfile = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE, pw->pw_uid);
|
||||
/*
|
||||
* Check file permissions of _PATH_SSH_USER_HOSTFILE, auth_rsa()
|
||||
* did already check pw->pw_dir, but there is a race XXX
|
||||
*/
|
||||
if (options.strict_modes &&
|
||||
(stat(user_hostfile, &st) == 0) &&
|
||||
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
|
||||
(st.st_mode & 022) != 0)) {
|
||||
log("Rhosts RSA authentication refused for %.100s: bad owner or modes for %.200s",
|
||||
pw->pw_name, user_hostfile);
|
||||
} else {
|
||||
/* XXX race between stat and the following open() */
|
||||
temporarily_use_uid(pw);
|
||||
host_status = check_host_in_hostfile(user_hostfile, canonical_hostname,
|
||||
client_key, found, NULL);
|
||||
restore_uid();
|
||||
}
|
||||
xfree(user_hostfile);
|
||||
}
|
||||
key_free(client_key);
|
||||
key_free(found);
|
||||
|
||||
if (host_status != HOST_OK) {
|
||||
debug("Rhosts with RSA host authentication denied: unknown or invalid host key");
|
||||
|
||||
43
auth.c
43
auth.c
@ -23,7 +23,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth.c,v 1.23 2001/05/24 11:12:42 markus Exp $");
|
||||
RCSID("$OpenBSD: auth.c,v 1.24 2001/06/23 00:20:57 markus Exp $");
|
||||
|
||||
#ifdef HAVE_LOGIN_H
|
||||
#include <login.h>
|
||||
@ -46,6 +46,8 @@ RCSID("$OpenBSD: auth.c,v 1.23 2001/05/24 11:12:42 markus Exp $");
|
||||
#include "canohost.h"
|
||||
#include "buffer.h"
|
||||
#include "bufaux.h"
|
||||
#include "uidswap.h"
|
||||
#include "tildexpand.h"
|
||||
|
||||
/* import */
|
||||
extern ServerOptions options;
|
||||
@ -297,6 +299,45 @@ authorized_keys_file2(struct passwd *pw)
|
||||
return expand_filename(options.authorized_keys_file2, pw);
|
||||
}
|
||||
|
||||
/* return ok if key exists in sysfile or userfile */
|
||||
HostStatus
|
||||
check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
|
||||
const char *sysfile, const char *userfile)
|
||||
{
|
||||
Key *found;
|
||||
char *user_hostfile;
|
||||
struct stat st;
|
||||
int host_status;
|
||||
|
||||
/* Check if we know the host and its host key. */
|
||||
found = key_new(key->type);
|
||||
host_status = check_host_in_hostfile(sysfile, host, key, found, NULL);
|
||||
|
||||
if (host_status != HOST_OK && userfile != NULL) {
|
||||
user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
|
||||
if (options.strict_modes &&
|
||||
(stat(user_hostfile, &st) == 0) &&
|
||||
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
|
||||
(st.st_mode & 022) != 0)) {
|
||||
log("Authentication refused for %.100s: "
|
||||
"bad owner or modes for %.200s",
|
||||
pw->pw_name, user_hostfile);
|
||||
} else {
|
||||
temporarily_use_uid(pw);
|
||||
host_status = check_host_in_hostfile(user_hostfile,
|
||||
host, key, found, NULL);
|
||||
restore_uid();
|
||||
}
|
||||
xfree(user_hostfile);
|
||||
}
|
||||
key_free(found);
|
||||
|
||||
debug2("check_key_in_hostfiles: key %s for %s", host_status == HOST_OK ?
|
||||
"ok" : "not found", host);
|
||||
return host_status;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Check a given file for security. This is defined as all components
|
||||
* of the path to the file must either be owned by either the owner of
|
||||
|
||||
10
auth.h
10
auth.h
@ -21,11 +21,13 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $OpenBSD: auth.h,v 1.17 2001/05/20 17:20:35 markus Exp $
|
||||
* $OpenBSD: auth.h,v 1.18 2001/06/23 00:20:58 markus Exp $
|
||||
*/
|
||||
#ifndef AUTH_H
|
||||
#define AUTH_H
|
||||
|
||||
#include "key.h"
|
||||
#include "hostfile.h"
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
#ifdef HAVE_LOGIN_CAP
|
||||
@ -159,7 +161,6 @@ int verify_response(Authctxt *authctxt, const char *response);
|
||||
|
||||
struct passwd * auth_get_user(void);
|
||||
|
||||
|
||||
/* expand a filename - return buffer is allocated by xmalloc */
|
||||
char *expand_filename(const char *template, struct passwd *pw);
|
||||
char *authorized_keys_file(struct passwd *pw);
|
||||
@ -169,6 +170,11 @@ char *authorized_keys_file2(struct passwd *pw);
|
||||
int
|
||||
secure_filename(FILE *f, const char *file, uid_t u, char *err, size_t errlen);
|
||||
|
||||
/* helper for hostbased auth */
|
||||
HostStatus
|
||||
check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
|
||||
const char *sysfile, const char *userfile);
|
||||
|
||||
#define AUTH_FAIL_MAX 6
|
||||
#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
|
||||
#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
|
||||
|
||||
40
auth2.c
40
auth2.c
@ -23,7 +23,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth2.c,v 1.63 2001/06/22 21:55:49 markus Exp $");
|
||||
RCSID("$OpenBSD: auth2.c,v 1.64 2001/06/23 00:20:58 markus Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
@ -761,10 +761,7 @@ int
|
||||
hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
|
||||
Key *key)
|
||||
{
|
||||
Key *found;
|
||||
const char *resolvedname, *ipaddr, *lookup;
|
||||
struct stat st;
|
||||
char *user_hostfile;
|
||||
int host_status, len;
|
||||
|
||||
resolvedname = get_canonical_hostname(options.reverse_mapping_check);
|
||||
@ -792,32 +789,17 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
|
||||
}
|
||||
debug2("userauth_hostbased: access allowed by auth_rhosts2");
|
||||
|
||||
/* XXX this is copied from auth-rh-rsa.c and should be shared */
|
||||
found = key_new(key->type);
|
||||
host_status = check_host_in_hostfile(_PATH_SSH_SYSTEM_HOSTFILE2, lookup,
|
||||
key, found, NULL);
|
||||
host_status = check_key_in_hostfiles(pw, key, lookup,
|
||||
_PATH_SSH_SYSTEM_HOSTFILE,
|
||||
options.ignore_user_known_hosts ? _PATH_SSH_USER_HOSTFILE : NULL);
|
||||
|
||||
if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
|
||||
user_hostfile = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE2,
|
||||
pw->pw_uid);
|
||||
if (options.strict_modes &&
|
||||
(stat(user_hostfile, &st) == 0) &&
|
||||
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
|
||||
(st.st_mode & 022) != 0)) {
|
||||
log("Hostbased authentication refused for %.100s: "
|
||||
"bad owner or modes for %.200s",
|
||||
pw->pw_name, user_hostfile);
|
||||
} else {
|
||||
temporarily_use_uid(pw);
|
||||
host_status = check_host_in_hostfile(user_hostfile,
|
||||
lookup, key, found, NULL);
|
||||
restore_uid();
|
||||
}
|
||||
xfree(user_hostfile);
|
||||
}
|
||||
key_free(found);
|
||||
/* backward compat if no key has been found. */
|
||||
if (host_status == HOST_NEW)
|
||||
host_status = check_key_in_hostfiles(pw, key, lookup,
|
||||
_PATH_SSH_SYSTEM_HOSTFILE2,
|
||||
options.ignore_user_known_hosts ? _PATH_SSH_USER_HOSTFILE2 :
|
||||
NULL);
|
||||
|
||||
debug2("userauth_hostbased: key %s for %s", host_status == HOST_OK ?
|
||||
"ok" : "not found", lookup);
|
||||
return (host_status == HOST_OK);
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user