diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2005-01-20 12:43:38 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2005-01-20 12:43:38 +1100 |
| commit | 36a3d60347f23528695e550317d5ba6d63e6b0f4 (patch) | |
| tree | c48ded14f1b81d6119b45e7ae6d428604ecee02c /auth-pam.c | |
| parent | 611649ebf093bf030f2dde18103dde8c1af9226c (diff) | |
- (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about user
existence via keyboard-interactive/pam, in conjunction with previous
auth2-chall.c change; with Colin Watson and djm.
Diffstat (limited to 'auth-pam.c')
| -rw-r--r-- | auth-pam.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/auth-pam.c b/auth-pam.c index a1b26cc59..996964fcd 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -47,7 +47,7 @@ | |||
| 47 | 47 | ||
| 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
| 49 | #include "includes.h" | 49 | #include "includes.h" |
| 50 | RCSID("$Id: auth-pam.c,v 1.118 2004/10/16 08:52:44 djm Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.119 2005/01/20 01:43:39 dtucker Exp $"); |
| 51 | 51 | ||
| 52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
| 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
| @@ -186,6 +186,7 @@ static int sshpam_account_status = -1; | |||
| 186 | static char **sshpam_env = NULL; | 186 | static char **sshpam_env = NULL; |
| 187 | static Authctxt *sshpam_authctxt = NULL; | 187 | static Authctxt *sshpam_authctxt = NULL; |
| 188 | static const char *sshpam_password = NULL; | 188 | static const char *sshpam_password = NULL; |
| 189 | static char badpw[] = "\b\n\r\177INCORRECT"; | ||
| 189 | 190 | ||
| 190 | /* Some PAM implementations don't implement this */ | 191 | /* Some PAM implementations don't implement this */ |
| 191 | #ifndef HAVE_PAM_GETENVLIST | 192 | #ifndef HAVE_PAM_GETENVLIST |
| @@ -701,6 +702,12 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 701 | **prompts = NULL; | 702 | **prompts = NULL; |
| 702 | } | 703 | } |
| 703 | if (type == PAM_SUCCESS) { | 704 | if (type == PAM_SUCCESS) { |
| 705 | if (!sshpam_authctxt->valid || | ||
| 706 | (sshpam_authctxt->pw->pw_uid == 0 && | ||
| 707 | options.permit_root_login != PERMIT_YES)) | ||
| 708 | fatal("Internal error: PAM auth " | ||
| 709 | "succeeded when it should have " | ||
| 710 | "failed"); | ||
| 704 | import_environments(&buffer); | 711 | import_environments(&buffer); |
| 705 | *num = 0; | 712 | *num = 0; |
| 706 | **echo_on = 0; | 713 | **echo_on = 0; |
| @@ -746,7 +753,12 @@ sshpam_respond(void *ctx, u_int num, char **resp) | |||
| 746 | return (-1); | 753 | return (-1); |
| 747 | } | 754 | } |
| 748 | buffer_init(&buffer); | 755 | buffer_init(&buffer); |
| 749 | buffer_put_cstring(&buffer, *resp); | 756 | if (sshpam_authctxt->valid && |
| 757 | (sshpam_authctxt->pw->pw_uid != 0 || | ||
| 758 | options.permit_root_login == PERMIT_YES)) | ||
| 759 | buffer_put_cstring(&buffer, *resp); | ||
| 760 | else | ||
| 761 | buffer_put_cstring(&buffer, badpw); | ||
| 750 | if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { | 762 | if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { |
| 751 | buffer_free(&buffer); | 763 | buffer_free(&buffer); |
| 752 | return (-1); | 764 | return (-1); |
| @@ -1093,7 +1105,6 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) | |||
| 1093 | { | 1105 | { |
| 1094 | int flags = (options.permit_empty_passwd == 0 ? | 1106 | int flags = (options.permit_empty_passwd == 0 ? |
| 1095 | PAM_DISALLOW_NULL_AUTHTOK : 0); | 1107 | PAM_DISALLOW_NULL_AUTHTOK : 0); |
| 1096 | static char badpw[] = "\b\n\r\177INCORRECT"; | ||
| 1097 | 1108 | ||
| 1098 | if (!options.use_pam || sshpam_handle == NULL) | 1109 | if (!options.use_pam || sshpam_handle == NULL) |
| 1099 | fatal("PAM: %s called when PAM disabled or failed to " | 1110 | fatal("PAM: %s called when PAM disabled or failed to " |