diff options
author | Damien Miller <djm@mindrot.org> | 2008-03-07 18:31:24 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2008-03-07 18:31:24 +1100 |
commit | 76e95daad1f38e0ba8e7bf0554cadd6e3aaf5235 (patch) | |
tree | d578b6faed195267a3b5d6dd036a1862c3ca79a3 | |
parent | 757a38a43b0820c3fb13dfbd0ab7d8e1f5a6eee1 (diff) |
- djm@cvs.openbsd.org 2008/02/13 22:38:17
[servconf.h session.c sshd.c]
rekey arc4random and OpenSSL RNG in postauth child
closefrom fds > 2 before shell/command execution
ok markus@
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | servconf.h | 5 | ||||
-rw-r--r-- | session.c | 9 | ||||
-rw-r--r-- | sshd.c | 13 |
4 files changed, 26 insertions, 8 deletions
@@ -4,6 +4,11 @@ | |||
4 | [ssh.1 sshd.8 sshd_config.5] | 4 | [ssh.1 sshd.8 sshd_config.5] |
5 | bump Mdocdate for pages committed in "febuary", necessary because | 5 | bump Mdocdate for pages committed in "febuary", necessary because |
6 | of a typo in rcs.c; | 6 | of a typo in rcs.c; |
7 | - djm@cvs.openbsd.org 2008/02/13 22:38:17 | ||
8 | [servconf.h session.c sshd.c] | ||
9 | rekey arc4random and OpenSSL RNG in postauth child | ||
10 | closefrom fds > 2 before shell/command execution | ||
11 | ok markus@ | ||
7 | 12 | ||
8 | 20080302 | 13 | 20080302 |
9 | - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect | 14 | - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect |
@@ -3664,4 +3669,4 @@ | |||
3664 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 3669 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
3665 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 3670 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
3666 | 3671 | ||
3667 | $Id: ChangeLog,v 1.4851 2008/03/07 07:27:58 djm Exp $ | 3672 | $Id: ChangeLog,v 1.4852 2008/03/07 07:31:24 djm Exp $ |
diff --git a/servconf.h b/servconf.h index 81a68be89..5b88067db 100644 --- a/servconf.h +++ b/servconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.h,v 1.81 2008/02/08 23:24:08 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.82 2008/02/13 22:38:17 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -36,6 +36,9 @@ | |||
36 | 36 | ||
37 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ | 37 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ |
38 | 38 | ||
39 | /* Magic name for internal sftp-server */ | ||
40 | #define INTERNAL_SFTP_NAME "internal-sftp" | ||
41 | |||
39 | typedef struct { | 42 | typedef struct { |
40 | u_int num_ports; | 43 | u_int num_ports; |
41 | u_int ports_from_cmdline; | 44 | u_int ports_from_cmdline; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.227 2008/02/10 10:54:29 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.228 2008/02/13 22:38:17 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -94,9 +94,6 @@ | |||
94 | #include <kafs.h> | 94 | #include <kafs.h> |
95 | #endif | 95 | #endif |
96 | 96 | ||
97 | /* Magic name for internal sftp-server */ | ||
98 | #define INTERNAL_SFTP_NAME "internal-sftp" | ||
99 | |||
100 | /* func */ | 97 | /* func */ |
101 | 98 | ||
102 | Session *session_new(void); | 99 | Session *session_new(void); |
@@ -491,6 +488,8 @@ do_exec_no_pty(Session *s, const char *command) | |||
491 | cray_init_job(s->pw); /* set up cray jid and tmpdir */ | 488 | cray_init_job(s->pw); /* set up cray jid and tmpdir */ |
492 | #endif | 489 | #endif |
493 | 490 | ||
491 | closefrom(STDERR_FILENO + 1); | ||
492 | |||
494 | /* Do processing for the child (exec command etc). */ | 493 | /* Do processing for the child (exec command etc). */ |
495 | do_child(s, command); | 494 | do_child(s, command); |
496 | /* NOTREACHED */ | 495 | /* NOTREACHED */ |
@@ -611,6 +610,8 @@ do_exec_pty(Session *s, const char *command) | |||
611 | # endif | 610 | # endif |
612 | #endif | 611 | #endif |
613 | 612 | ||
613 | closefrom(STDERR_FILENO + 1); | ||
614 | |||
614 | /* Do common processing for the child, such as execing the command. */ | 615 | /* Do common processing for the child, such as execing the command. */ |
615 | do_child(s, command); | 616 | do_child(s, command); |
616 | /* NOTREACHED */ | 617 | /* NOTREACHED */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.353 2007/12/31 15:27:04 dtucker Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.354 2008/02/13 22:38:17 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -585,11 +585,12 @@ privsep_preauth_child(void) | |||
585 | { | 585 | { |
586 | u_int32_t rnd[256]; | 586 | u_int32_t rnd[256]; |
587 | gid_t gidset[1]; | 587 | gid_t gidset[1]; |
588 | int i; | 588 | u_int i; |
589 | 589 | ||
590 | /* Enable challenge-response authentication for privilege separation */ | 590 | /* Enable challenge-response authentication for privilege separation */ |
591 | privsep_challenge_enable(); | 591 | privsep_challenge_enable(); |
592 | 592 | ||
593 | arc4random_stir(); | ||
593 | for (i = 0; i < 256; i++) | 594 | for (i = 0; i < 256; i++) |
594 | rnd[i] = arc4random(); | 595 | rnd[i] = arc4random(); |
595 | RAND_seed(rnd, sizeof(rnd)); | 596 | RAND_seed(rnd, sizeof(rnd)); |
@@ -664,6 +665,9 @@ privsep_preauth(Authctxt *authctxt) | |||
664 | static void | 665 | static void |
665 | privsep_postauth(Authctxt *authctxt) | 666 | privsep_postauth(Authctxt *authctxt) |
666 | { | 667 | { |
668 | u_int32_t rnd[256]; | ||
669 | u_int i; | ||
670 | |||
667 | #ifdef DISABLE_FD_PASSING | 671 | #ifdef DISABLE_FD_PASSING |
668 | if (1) { | 672 | if (1) { |
669 | #else | 673 | #else |
@@ -695,6 +699,11 @@ privsep_postauth(Authctxt *authctxt) | |||
695 | /* Demote the private keys to public keys. */ | 699 | /* Demote the private keys to public keys. */ |
696 | demote_sensitive_data(); | 700 | demote_sensitive_data(); |
697 | 701 | ||
702 | arc4random_stir(); | ||
703 | for (i = 0; i < 256; i++) | ||
704 | rnd[i] = arc4random(); | ||
705 | RAND_seed(rnd, sizeof(rnd)); | ||
706 | |||
698 | /* Drop privileges */ | 707 | /* Drop privileges */ |
699 | do_setusercontext(authctxt->pw); | 708 | do_setusercontext(authctxt->pw); |
700 | 709 | ||