diff options
| author | Colin Watson <cjwatson@debian.org> | 2004-03-05 16:26:32 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2004-03-05 16:26:32 +0000 |
| commit | 9414b9d65cdc953c2436ba0a607b149e4b4cde1a (patch) | |
| tree | b17f98ded50ec565754e1a1dd6a16d7ee5739afe | |
| parent | f8e0d0cb8e77672526baf211bda0b4baae557d33 (diff) | |
Really pick up upstream fix for OpenSSH bug #808, a segfault. The previous
auth-pam.c change was in fact a different bug.
| -rw-r--r-- | auth-pam.c | 27 | ||||
| -rw-r--r-- | auth-pam.h | 2 | ||||
| -rw-r--r-- | auth1.c | 2 | ||||
| -rw-r--r-- | auth2.c | 6 | ||||
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | monitor.c | 8 | ||||
| -rw-r--r-- | monitor_wrap.c | 4 | ||||
| -rw-r--r-- | monitor_wrap.h | 2 |
8 files changed, 25 insertions, 27 deletions
diff --git a/auth-pam.c b/auth-pam.c index 15a691b11..d3186372e 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -160,7 +160,7 @@ static int sshpam_session_open = 0; | |||
| 160 | static int sshpam_cred_established = 0; | 160 | static int sshpam_cred_established = 0; |
| 161 | static int sshpam_account_status = -1; | 161 | static int sshpam_account_status = -1; |
| 162 | static char **sshpam_env = NULL; | 162 | static char **sshpam_env = NULL; |
| 163 | static int *force_pwchange; | 163 | static Authctxt *the_authctxt = NULL; |
| 164 | 164 | ||
| 165 | /* Some PAM implementations don't implement this */ | 165 | /* Some PAM implementations don't implement this */ |
| 166 | #ifndef HAVE_PAM_GETENVLIST | 166 | #ifndef HAVE_PAM_GETENVLIST |
| @@ -180,7 +180,9 @@ void | |||
| 180 | pam_password_change_required(int reqd) | 180 | pam_password_change_required(int reqd) |
| 181 | { | 181 | { |
| 182 | debug3("%s %d", __func__, reqd); | 182 | debug3("%s %d", __func__, reqd); |
| 183 | *force_pwchange = reqd; | 183 | if (the_authctxt == NULL) |
| 184 | fatal("%s: PAM authctxt not initialized", __func__); | ||
| 185 | the_authctxt->force_pwchange = reqd; | ||
| 184 | if (reqd) { | 186 | if (reqd) { |
| 185 | no_port_forwarding_flag |= 2; | 187 | no_port_forwarding_flag |= 2; |
| 186 | no_agent_forwarding_flag |= 2; | 188 | no_agent_forwarding_flag |= 2; |
| @@ -337,6 +339,9 @@ sshpam_thread(void *ctxtp) | |||
| 337 | sshpam_conv.conv = sshpam_thread_conv; | 339 | sshpam_conv.conv = sshpam_thread_conv; |
| 338 | sshpam_conv.appdata_ptr = ctxt; | 340 | sshpam_conv.appdata_ptr = ctxt; |
| 339 | 341 | ||
| 342 | if (the_authctxt == NULL) | ||
| 343 | fatal("%s: PAM authctxt not initialized", __func__); | ||
| 344 | |||
| 340 | buffer_init(&buffer); | 345 | buffer_init(&buffer); |
| 341 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, | 346 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, |
| 342 | (const void *)&sshpam_conv); | 347 | (const void *)&sshpam_conv); |
| @@ -349,7 +354,7 @@ sshpam_thread(void *ctxtp) | |||
| 349 | if (compat20) { | 354 | if (compat20) { |
| 350 | if (!do_pam_account()) | 355 | if (!do_pam_account()) |
| 351 | goto auth_fail; | 356 | goto auth_fail; |
| 352 | if (*force_pwchange) { | 357 | if (the_authctxt->force_pwchange) { |
| 353 | sshpam_err = pam_chauthtok(sshpam_handle, | 358 | sshpam_err = pam_chauthtok(sshpam_handle, |
| 354 | PAM_CHANGE_EXPIRED_AUTHTOK); | 359 | PAM_CHANGE_EXPIRED_AUTHTOK); |
| 355 | if (sshpam_err != PAM_SUCCESS) | 360 | if (sshpam_err != PAM_SUCCESS) |
| @@ -363,7 +368,7 @@ sshpam_thread(void *ctxtp) | |||
| 363 | #ifndef USE_POSIX_THREADS | 368 | #ifndef USE_POSIX_THREADS |
| 364 | /* Export variables set by do_pam_account */ | 369 | /* Export variables set by do_pam_account */ |
| 365 | buffer_put_int(&buffer, sshpam_account_status); | 370 | buffer_put_int(&buffer, sshpam_account_status); |
| 366 | buffer_put_int(&buffer, *force_pwchange); | 371 | buffer_put_int(&buffer, the_authctxt->force_pwchange); |
| 367 | 372 | ||
| 368 | /* Export any environment strings set in child */ | 373 | /* Export any environment strings set in child */ |
| 369 | for(i = 0; environ[i] != NULL; i++) | 374 | for(i = 0; environ[i] != NULL; i++) |
| @@ -444,11 +449,11 @@ sshpam_cleanup(void) | |||
| 444 | } | 449 | } |
| 445 | 450 | ||
| 446 | static int | 451 | static int |
| 447 | sshpam_init(const char *user) | 452 | sshpam_init(Authctxt *authctxt) |
| 448 | { | 453 | { |
| 449 | extern u_int utmp_len; | 454 | extern u_int utmp_len; |
| 450 | extern char *__progname; | 455 | extern char *__progname; |
| 451 | const char *pam_rhost, *pam_user; | 456 | const char *pam_rhost, *pam_user, *user = authctxt->user; |
| 452 | 457 | ||
| 453 | if (sshpam_handle != NULL) { | 458 | if (sshpam_handle != NULL) { |
| 454 | /* We already have a PAM context; check if the user matches */ | 459 | /* We already have a PAM context; check if the user matches */ |
| @@ -462,6 +467,8 @@ sshpam_init(const char *user) | |||
| 462 | debug("PAM: initializing for \"%s\"", user); | 467 | debug("PAM: initializing for \"%s\"", user); |
| 463 | sshpam_err = | 468 | sshpam_err = |
| 464 | pam_start(SSHD_PAM_SERVICE, user, &null_conv, &sshpam_handle); | 469 | pam_start(SSHD_PAM_SERVICE, user, &null_conv, &sshpam_handle); |
| 470 | the_authctxt = authctxt; | ||
| 471 | |||
| 465 | if (sshpam_err != PAM_SUCCESS) { | 472 | if (sshpam_err != PAM_SUCCESS) { |
| 466 | pam_end(sshpam_handle, sshpam_err); | 473 | pam_end(sshpam_handle, sshpam_err); |
| 467 | sshpam_handle = NULL; | 474 | sshpam_handle = NULL; |
| @@ -504,7 +511,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
| 504 | return NULL; | 511 | return NULL; |
| 505 | 512 | ||
| 506 | /* Initialize PAM */ | 513 | /* Initialize PAM */ |
| 507 | if (sshpam_init(authctxt->user) == -1) { | 514 | if (sshpam_init(authctxt) == -1) { |
| 508 | error("PAM: initialization failed"); | 515 | error("PAM: initialization failed"); |
| 509 | return (NULL); | 516 | return (NULL); |
| 510 | } | 517 | } |
| @@ -512,8 +519,6 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
| 512 | ctxt = xmalloc(sizeof *ctxt); | 519 | ctxt = xmalloc(sizeof *ctxt); |
| 513 | memset(ctxt, 0, sizeof(*ctxt)); | 520 | memset(ctxt, 0, sizeof(*ctxt)); |
| 514 | 521 | ||
| 515 | force_pwchange = &(authctxt->force_pwchange); | ||
| 516 | |||
| 517 | /* Start the authentication thread */ | 522 | /* Start the authentication thread */ |
| 518 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { | 523 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { |
| 519 | error("PAM: failed create sockets: %s", strerror(errno)); | 524 | error("PAM: failed create sockets: %s", strerror(errno)); |
| @@ -672,12 +677,12 @@ KbdintDevice mm_sshpam_device = { | |||
| 672 | * This replaces auth-pam.c | 677 | * This replaces auth-pam.c |
| 673 | */ | 678 | */ |
| 674 | void | 679 | void |
| 675 | start_pam(const char *user) | 680 | start_pam(Authctxt *authctxt) |
| 676 | { | 681 | { |
| 677 | if (!options.use_pam) | 682 | if (!options.use_pam) |
| 678 | fatal("PAM: initialisation requested when UsePAM=no"); | 683 | fatal("PAM: initialisation requested when UsePAM=no"); |
| 679 | 684 | ||
| 680 | if (sshpam_init(user) == -1) | 685 | if (sshpam_init(authctxt) == -1) |
| 681 | fatal("PAM: initialisation failed"); | 686 | fatal("PAM: initialisation failed"); |
| 682 | } | 687 | } |
| 683 | 688 | ||
diff --git a/auth-pam.h b/auth-pam.h index 4bc8d6955..f3aad063b 100644 --- a/auth-pam.h +++ b/auth-pam.h | |||
| @@ -31,7 +31,7 @@ | |||
| 31 | # define SSHD_PAM_SERVICE __progname | 31 | # define SSHD_PAM_SERVICE __progname |
| 32 | #endif | 32 | #endif |
| 33 | 33 | ||
| 34 | void start_pam(const char *); | 34 | void start_pam(Authctxt *); |
| 35 | void finish_pam(void); | 35 | void finish_pam(void); |
| 36 | u_int do_pam_account(void); | 36 | u_int do_pam_account(void); |
| 37 | void do_pam_session(void); | 37 | void do_pam_session(void); |
| @@ -307,7 +307,7 @@ do_authentication(Authctxt *authctxt) | |||
| 307 | 307 | ||
| 308 | #ifdef USE_PAM | 308 | #ifdef USE_PAM |
| 309 | if (options.use_pam) | 309 | if (options.use_pam) |
| 310 | PRIVSEP(start_pam(user)); | 310 | PRIVSEP(start_pam(authctxt)); |
| 311 | #endif | 311 | #endif |
| 312 | 312 | ||
| 313 | /* | 313 | /* |
| @@ -150,24 +150,24 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
| 150 | if (authctxt->attempt++ == 0) { | 150 | if (authctxt->attempt++ == 0) { |
| 151 | /* setup auth context */ | 151 | /* setup auth context */ |
| 152 | authctxt->pw = PRIVSEP(getpwnamallow(user)); | 152 | authctxt->pw = PRIVSEP(getpwnamallow(user)); |
| 153 | authctxt->user = xstrdup(user); | ||
| 153 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { | 154 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { |
| 154 | authctxt->valid = 1; | 155 | authctxt->valid = 1; |
| 155 | debug2("input_userauth_request: setting up authctxt for %s", user); | 156 | debug2("input_userauth_request: setting up authctxt for %s", user); |
| 156 | #ifdef USE_PAM | 157 | #ifdef USE_PAM |
| 157 | if (options.use_pam) | 158 | if (options.use_pam) |
| 158 | PRIVSEP(start_pam(authctxt->pw->pw_name)); | 159 | PRIVSEP(start_pam(authctxt)); |
| 159 | #endif | 160 | #endif |
| 160 | } else { | 161 | } else { |
| 161 | logit("input_userauth_request: illegal user %s", user); | 162 | logit("input_userauth_request: illegal user %s", user); |
| 162 | authctxt->pw = fakepw(); | 163 | authctxt->pw = fakepw(); |
| 163 | #ifdef USE_PAM | 164 | #ifdef USE_PAM |
| 164 | if (options.use_pam) | 165 | if (options.use_pam) |
| 165 | PRIVSEP(start_pam(user)); | 166 | PRIVSEP(start_pam(authctxt)); |
| 166 | #endif | 167 | #endif |
| 167 | } | 168 | } |
| 168 | setproctitle("%s%s", authctxt->pw ? user : "unknown", | 169 | setproctitle("%s%s", authctxt->pw ? user : "unknown", |
| 169 | use_privsep ? " [net]" : ""); | 170 | use_privsep ? " [net]" : ""); |
| 170 | authctxt->user = xstrdup(user); | ||
| 171 | authctxt->service = xstrdup(service); | 171 | authctxt->service = xstrdup(service); |
| 172 | authctxt->style = style ? xstrdup(style) : NULL; | 172 | authctxt->style = style ? xstrdup(style) : NULL; |
| 173 | if (use_privsep) | 173 | if (use_privsep) |
diff --git a/debian/changelog b/debian/changelog index 2bb0f227a..4e4ca2fb4 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -27,6 +27,7 @@ openssh (1:3.8p1-1) UNRELEASED; urgency=low | |||
| 27 | * Darren Tucker: | 27 | * Darren Tucker: |
| 28 | - Reset signal status when starting pam auth thread, prevent hanging | 28 | - Reset signal status when starting pam auth thread, prevent hanging |
| 29 | during PAM keyboard-interactive authentications. | 29 | during PAM keyboard-interactive authentications. |
| 30 | - Fix a non-security-critical segfault in PAM authentication. | ||
| 30 | 31 | ||
| 31 | -- Colin Watson <cjwatson@debian.org> Tue, 23 Sep 2003 19:22:38 +0100 | 32 | -- Colin Watson <cjwatson@debian.org> Tue, 23 Sep 2003 19:22:38 +0100 |
| 32 | 33 | ||
| @@ -782,16 +782,10 @@ mm_answer_skeyrespond(int socket, Buffer *m) | |||
| 782 | int | 782 | int |
| 783 | mm_answer_pam_start(int socket, Buffer *m) | 783 | mm_answer_pam_start(int socket, Buffer *m) |
| 784 | { | 784 | { |
| 785 | char *user; | ||
| 786 | |||
| 787 | if (!options.use_pam) | 785 | if (!options.use_pam) |
| 788 | fatal("UsePAM not set, but ended up in %s anyway", __func__); | 786 | fatal("UsePAM not set, but ended up in %s anyway", __func__); |
| 789 | 787 | ||
| 790 | user = buffer_get_string(m, NULL); | 788 | start_pam(authctxt); |
| 791 | |||
| 792 | start_pam(user); | ||
| 793 | |||
| 794 | xfree(user); | ||
| 795 | 789 | ||
| 796 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1); | 790 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1); |
| 797 | 791 | ||
diff --git a/monitor_wrap.c b/monitor_wrap.c index e7c15cecd..b1b1c3a61 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
| @@ -686,7 +686,7 @@ mm_session_pty_cleanup2(Session *s) | |||
| 686 | 686 | ||
| 687 | #ifdef USE_PAM | 687 | #ifdef USE_PAM |
| 688 | void | 688 | void |
| 689 | mm_start_pam(char *user) | 689 | mm_start_pam(Authctxt *authctxt) |
| 690 | { | 690 | { |
| 691 | Buffer m; | 691 | Buffer m; |
| 692 | 692 | ||
| @@ -695,8 +695,6 @@ mm_start_pam(char *user) | |||
| 695 | fatal("UsePAM=no, but ended up in %s anyway", __func__); | 695 | fatal("UsePAM=no, but ended up in %s anyway", __func__); |
| 696 | 696 | ||
| 697 | buffer_init(&m); | 697 | buffer_init(&m); |
| 698 | buffer_put_cstring(&m, user); | ||
| 699 | |||
| 700 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, &m); | 698 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, &m); |
| 701 | 699 | ||
| 702 | buffer_free(&m); | 700 | buffer_free(&m); |
diff --git a/monitor_wrap.h b/monitor_wrap.h index 55be10b19..2170b1324 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h | |||
| @@ -66,7 +66,7 @@ OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); | |||
| 66 | #endif | 66 | #endif |
| 67 | 67 | ||
| 68 | #ifdef USE_PAM | 68 | #ifdef USE_PAM |
| 69 | void mm_start_pam(char *); | 69 | void mm_start_pam(struct Authctxt *); |
| 70 | u_int mm_do_pam_account(void); | 70 | u_int mm_do_pam_account(void); |
| 71 | void *mm_sshpam_init_ctx(struct Authctxt *); | 71 | void *mm_sshpam_init_ctx(struct Authctxt *); |
| 72 | int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **); | 72 | int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **); |