diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2008-03-11 22:58:25 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2008-03-11 22:58:25 +1100 |
| commit | 52358d6df32d9ae923572c43a58159d84b673631 (patch) | |
| tree | 83261a70dd007f2af900e1b22884c75b703f8b37 | |
| parent | fe1cf97ee811dc7a2bb7cea912c9292c976ab5af (diff) | |
- (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move
pam_open_session and pam_close_session into the privsep monitor, which
will ensure that pam_session_close is called as root. Patch from Tomas
Mraz.
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | auth-pam.c | 6 | ||||
| -rw-r--r-- | monitor.c | 5 | ||||
| -rw-r--r-- | session.c | 29 | ||||
| -rw-r--r-- | sshd.c | 14 |
5 files changed, 30 insertions, 32 deletions
| @@ -1,3 +1,9 @@ | |||
| 1 | 20080312 | ||
| 2 | - (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move | ||
| 3 | pam_open_session and pam_close_session into the privsep monitor, which | ||
| 4 | will ensure that pam_session_close is called as root. Patch from Tomas | ||
| 5 | Mraz. | ||
| 6 | |||
| 1 | 20080309 | 7 | 20080309 |
| 2 | - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't | 8 | - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't |
| 3 | always work for all platforms and versions, so test what we can and | 9 | always work for all platforms and versions, so test what we can and |
| @@ -3712,4 +3718,4 @@ | |||
| 3712 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 3718 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
| 3713 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 3719 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
| 3714 | 3720 | ||
| 3715 | $Id: ChangeLog,v 1.4864 2008/03/09 11:50:50 dtucker Exp $ | 3721 | $Id: ChangeLog,v 1.4865 2008/03/11 11:58:25 dtucker Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index a07f1fe77..ccdb9937e 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -598,15 +598,17 @@ static struct pam_conv store_conv = { sshpam_store_conv, NULL }; | |||
| 598 | void | 598 | void |
| 599 | sshpam_cleanup(void) | 599 | sshpam_cleanup(void) |
| 600 | { | 600 | { |
| 601 | debug("PAM: cleanup"); | 601 | if (sshpam_handle == NULL || (use_privsep && !mm_is_monitor())) |
| 602 | if (sshpam_handle == NULL) | ||
| 603 | return; | 602 | return; |
| 603 | debug("PAM: cleanup"); | ||
| 604 | pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); | 604 | pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); |
| 605 | if (sshpam_cred_established) { | 605 | if (sshpam_cred_established) { |
| 606 | debug("PAM: deleting credentials"); | ||
| 606 | pam_setcred(sshpam_handle, PAM_DELETE_CRED); | 607 | pam_setcred(sshpam_handle, PAM_DELETE_CRED); |
| 607 | sshpam_cred_established = 0; | 608 | sshpam_cred_established = 0; |
| 608 | } | 609 | } |
| 609 | if (sshpam_session_open) { | 610 | if (sshpam_session_open) { |
| 611 | debug("PAM: closing session"); | ||
| 610 | pam_close_session(sshpam_handle, PAM_SILENT); | 612 | pam_close_session(sshpam_handle, PAM_SILENT); |
| 611 | sshpam_session_open = 0; | 613 | sshpam_session_open = 0; |
| 612 | } | 614 | } |
| @@ -1547,6 +1547,11 @@ mm_answer_term(int sock, Buffer *req) | |||
| 1547 | /* The child is terminating */ | 1547 | /* The child is terminating */ |
| 1548 | session_destroy_all(&mm_session_close); | 1548 | session_destroy_all(&mm_session_close); |
| 1549 | 1549 | ||
| 1550 | #ifdef USE_PAM | ||
| 1551 | if (options.use_pam) | ||
| 1552 | sshpam_cleanup(); | ||
| 1553 | #endif | ||
| 1554 | |||
| 1550 | while (waitpid(pmonitor->m_pid, &status, 0) == -1) | 1555 | while (waitpid(pmonitor->m_pid, &status, 0) == -1) |
| 1551 | if (errno != EINTR) | 1556 | if (errno != EINTR) |
| 1552 | exit(1); | 1557 | exit(1); |
| @@ -428,11 +428,6 @@ do_exec_no_pty(Session *s, const char *command) | |||
| 428 | 428 | ||
| 429 | session_proctitle(s); | 429 | session_proctitle(s); |
| 430 | 430 | ||
| 431 | #if defined(USE_PAM) | ||
| 432 | if (options.use_pam && !use_privsep) | ||
| 433 | do_pam_setcred(1); | ||
| 434 | #endif /* USE_PAM */ | ||
| 435 | |||
| 436 | /* Fork the child. */ | 431 | /* Fork the child. */ |
| 437 | if ((pid = fork()) == 0) { | 432 | if ((pid = fork()) == 0) { |
| 438 | is_child = 1; | 433 | is_child = 1; |
| @@ -563,14 +558,6 @@ do_exec_pty(Session *s, const char *command) | |||
| 563 | ptyfd = s->ptyfd; | 558 | ptyfd = s->ptyfd; |
| 564 | ttyfd = s->ttyfd; | 559 | ttyfd = s->ttyfd; |
| 565 | 560 | ||
| 566 | #if defined(USE_PAM) | ||
| 567 | if (options.use_pam) { | ||
| 568 | do_pam_set_tty(s->tty); | ||
| 569 | if (!use_privsep) | ||
| 570 | do_pam_setcred(1); | ||
| 571 | } | ||
| 572 | #endif | ||
| 573 | |||
| 574 | /* Fork the child. */ | 561 | /* Fork the child. */ |
| 575 | if ((pid = fork()) == 0) { | 562 | if ((pid = fork()) == 0) { |
| 576 | is_child = 1; | 563 | is_child = 1; |
| @@ -1373,16 +1360,8 @@ do_setusercontext(struct passwd *pw) | |||
| 1373 | # ifdef __bsdi__ | 1360 | # ifdef __bsdi__ |
| 1374 | setpgid(0, 0); | 1361 | setpgid(0, 0); |
| 1375 | # endif | 1362 | # endif |
| 1376 | #ifdef GSSAPI | ||
| 1377 | if (options.gss_authentication) { | ||
| 1378 | temporarily_use_uid(pw); | ||
| 1379 | ssh_gssapi_storecreds(); | ||
| 1380 | restore_uid(); | ||
| 1381 | } | ||
| 1382 | #endif | ||
| 1383 | # ifdef USE_PAM | 1363 | # ifdef USE_PAM |
| 1384 | if (options.use_pam) { | 1364 | if (options.use_pam) { |
| 1385 | do_pam_session(); | ||
| 1386 | do_pam_setcred(use_privsep); | 1365 | do_pam_setcred(use_privsep); |
| 1387 | } | 1366 | } |
| 1388 | # endif /* USE_PAM */ | 1367 | # endif /* USE_PAM */ |
| @@ -1410,13 +1389,6 @@ do_setusercontext(struct passwd *pw) | |||
| 1410 | exit(1); | 1389 | exit(1); |
| 1411 | } | 1390 | } |
| 1412 | endgrent(); | 1391 | endgrent(); |
| 1413 | # ifdef GSSAPI | ||
| 1414 | if (options.gss_authentication) { | ||
| 1415 | temporarily_use_uid(pw); | ||
| 1416 | ssh_gssapi_storecreds(); | ||
| 1417 | restore_uid(); | ||
| 1418 | } | ||
| 1419 | # endif | ||
| 1420 | # ifdef USE_PAM | 1392 | # ifdef USE_PAM |
| 1421 | /* | 1393 | /* |
| 1422 | * PAM credentials may take the form of supplementary groups. | 1394 | * PAM credentials may take the form of supplementary groups. |
| @@ -1424,7 +1396,6 @@ do_setusercontext(struct passwd *pw) | |||
| 1424 | * Reestablish them here. | 1396 | * Reestablish them here. |
| 1425 | */ | 1397 | */ |
| 1426 | if (options.use_pam) { | 1398 | if (options.use_pam) { |
| 1427 | do_pam_session(); | ||
| 1428 | do_pam_setcred(use_privsep); | 1399 | do_pam_setcred(use_privsep); |
| 1429 | } | 1400 | } |
| 1430 | # endif /* USE_PAM */ | 1401 | # endif /* USE_PAM */ |
| @@ -1847,6 +1847,20 @@ main(int ac, char **av) | |||
| 1847 | audit_event(SSH_AUTH_SUCCESS); | 1847 | audit_event(SSH_AUTH_SUCCESS); |
| 1848 | #endif | 1848 | #endif |
| 1849 | 1849 | ||
| 1850 | #ifdef GSSAPI | ||
| 1851 | if (options.gss_authentication) { | ||
| 1852 | temporarily_use_uid(authctxt->pw); | ||
| 1853 | ssh_gssapi_storecreds(); | ||
| 1854 | restore_uid(); | ||
| 1855 | } | ||
| 1856 | #endif | ||
| 1857 | #ifdef USE_PAM | ||
| 1858 | if (options.use_pam) { | ||
| 1859 | do_pam_setcred(1); | ||
| 1860 | do_pam_session(); | ||
| 1861 | } | ||
| 1862 | #endif | ||
| 1863 | |||
| 1850 | /* | 1864 | /* |
| 1851 | * In privilege separation, we fork another child and prepare | 1865 | * In privilege separation, we fork another child and prepare |
| 1852 | * file descriptor passing. | 1866 | * file descriptor passing. |