summaryrefslogtreecommitdiff
path: root/auth-rhosts.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2015-08-19 14:23:51 +0100
committerColin Watson <cjwatson@debian.org>2015-08-19 16:48:11 +0100
commit0f0841b2d28b7463267d4d91577e72e3340a1d3a (patch)
treeba55fcd2b6e2cc22b30f5afb561dbb3da4c8b6c7 /auth-rhosts.c
parentf2a5f5dae656759efb0b76c3d94890b65c197a02 (diff)
parent8698446b972003b63dfe5dcbdb86acfe986afb85 (diff)
New upstream release (6.8p1).
Diffstat (limited to 'auth-rhosts.c')
-rw-r--r--auth-rhosts.c64
1 files changed, 42 insertions, 22 deletions
diff --git a/auth-rhosts.c b/auth-rhosts.c
index 11fcca643..2ff2cffa9 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-rhosts.c,v 1.45 2014/07/15 15:54:14 millert Exp $ */ 1/* $OpenBSD: auth-rhosts.c,v 1.46 2014/12/23 22:42:48 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -57,7 +57,8 @@ check_rhosts_file(const char *filename, const char *hostname,
57 const char *server_user) 57 const char *server_user)
58{ 58{
59 FILE *f; 59 FILE *f;
60 char buf[1024]; /* Must not be larger than host, user, dummy below. */ 60#define RBUFLN 1024
61 char buf[RBUFLN];/* Must not be larger than host, user, dummy below. */
61 int fd; 62 int fd;
62 struct stat st; 63 struct stat st;
63 64
@@ -80,8 +81,9 @@ check_rhosts_file(const char *filename, const char *hostname,
80 return 0; 81 return 0;
81 } 82 }
82 while (fgets(buf, sizeof(buf), f)) { 83 while (fgets(buf, sizeof(buf), f)) {
83 /* All three must be at least as big as buf to avoid overflows. */ 84 /* All three must have length >= buf to avoid overflows. */
84 char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; 85 char hostbuf[RBUFLN], userbuf[RBUFLN], dummy[RBUFLN];
86 char *host, *user, *cp;
85 int negated; 87 int negated;
86 88
87 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) 89 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
@@ -140,8 +142,8 @@ check_rhosts_file(const char *filename, const char *hostname,
140 /* Check for empty host/user names (particularly '+'). */ 142 /* Check for empty host/user names (particularly '+'). */
141 if (!host[0] || !user[0]) { 143 if (!host[0] || !user[0]) {
142 /* We come here if either was '+' or '-'. */ 144 /* We come here if either was '+' or '-'. */
143 auth_debug_add("Ignoring wild host/user names in %.100s.", 145 auth_debug_add("Ignoring wild host/user names "
144 filename); 146 "in %.100s.", filename);
145 continue; 147 continue;
146 } 148 }
147 /* Verify that host name matches. */ 149 /* Verify that host name matches. */
@@ -149,7 +151,8 @@ check_rhosts_file(const char *filename, const char *hostname,
149 if (!innetgr(host + 1, hostname, NULL, NULL) && 151 if (!innetgr(host + 1, hostname, NULL, NULL) &&
150 !innetgr(host + 1, ipaddr, NULL, NULL)) 152 !innetgr(host + 1, ipaddr, NULL, NULL))
151 continue; 153 continue;
152 } else if (strcasecmp(host, hostname) && strcmp(host, ipaddr) != 0) 154 } else if (strcasecmp(host, hostname) &&
155 strcmp(host, ipaddr) != 0)
153 continue; /* Different hostname. */ 156 continue; /* Different hostname. */
154 157
155 /* Verify that user name matches. */ 158 /* Verify that user name matches. */
@@ -208,7 +211,8 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
208 /* Switch to the user's uid. */ 211 /* Switch to the user's uid. */
209 temporarily_use_uid(pw); 212 temporarily_use_uid(pw);
210 /* 213 /*
211 * Quick check: if the user has no .shosts or .rhosts files, return 214 * Quick check: if the user has no .shosts or .rhosts files and
215 * no system hosts.equiv/shosts.equiv files exist then return
212 * failure immediately without doing costly lookups from name 216 * failure immediately without doing costly lookups from name
213 * servers. 217 * servers.
214 */ 218 */
@@ -223,27 +227,38 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
223 /* Switch back to privileged uid. */ 227 /* Switch back to privileged uid. */
224 restore_uid(); 228 restore_uid();
225 229
226 /* Deny if The user has no .shosts or .rhosts file and there are no system-wide files. */ 230 /*
231 * Deny if The user has no .shosts or .rhosts file and there
232 * are no system-wide files.
233 */
227 if (!rhosts_files[rhosts_file_index] && 234 if (!rhosts_files[rhosts_file_index] &&
228 stat(_PATH_RHOSTS_EQUIV, &st) < 0 && 235 stat(_PATH_RHOSTS_EQUIV, &st) < 0 &&
229 stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) 236 stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) {
237 debug3("%s: no hosts access files exist", __func__);
230 return 0; 238 return 0;
239 }
231 240
232 /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ 241 /*
233 if (pw->pw_uid != 0) { 242 * If not logging in as superuser, try /etc/hosts.equiv and
243 * shosts.equiv.
244 */
245 if (pw->pw_uid == 0)
246 debug3("%s: root user, ignoring system hosts files", __func__);
247 else {
234 if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, 248 if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr,
235 client_user, pw->pw_name)) { 249 client_user, pw->pw_name)) {
236 auth_debug_add("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", 250 auth_debug_add("Accepted for %.100s [%.100s] by "
237 hostname, ipaddr); 251 "/etc/hosts.equiv.", hostname, ipaddr);
238 return 1; 252 return 1;
239 } 253 }
240 if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, 254 if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr,
241 client_user, pw->pw_name)) { 255 client_user, pw->pw_name)) {
242 auth_debug_add("Accepted for %.100s [%.100s] by %.100s.", 256 auth_debug_add("Accepted for %.100s [%.100s] by "
243 hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); 257 "%.100s.", hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV);
244 return 1; 258 return 1;
245 } 259 }
246 } 260 }
261
247 /* 262 /*
248 * Check that the home directory is owned by root or the user, and is 263 * Check that the home directory is owned by root or the user, and is
249 * not group or world writable. 264 * not group or world writable.
@@ -288,20 +303,25 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
288 auth_debug_add("Bad file modes for %.200s", buf); 303 auth_debug_add("Bad file modes for %.200s", buf);
289 continue; 304 continue;
290 } 305 }
291 /* Check if we have been configured to ignore .rhosts and .shosts files. */ 306 /*
307 * Check if we have been configured to ignore .rhosts
308 * and .shosts files.
309 */
292 if (options.ignore_rhosts) { 310 if (options.ignore_rhosts) {
293 auth_debug_add("Server has been configured to ignore %.100s.", 311 auth_debug_add("Server has been configured to "
294 rhosts_files[rhosts_file_index]); 312 "ignore %.100s.", rhosts_files[rhosts_file_index]);
295 continue; 313 continue;
296 } 314 }
297 /* Check if authentication is permitted by the file. */ 315 /* Check if authentication is permitted by the file. */
298 if (check_rhosts_file(buf, hostname, ipaddr, client_user, pw->pw_name)) { 316 if (check_rhosts_file(buf, hostname, ipaddr,
317 client_user, pw->pw_name)) {
299 auth_debug_add("Accepted by %.100s.", 318 auth_debug_add("Accepted by %.100s.",
300 rhosts_files[rhosts_file_index]); 319 rhosts_files[rhosts_file_index]);
301 /* Restore the privileged uid. */ 320 /* Restore the privileged uid. */
302 restore_uid(); 321 restore_uid();
303 auth_debug_add("Accepted host %s ip %s client_user %s server_user %s", 322 auth_debug_add("Accepted host %s ip %s client_user "
304 hostname, ipaddr, client_user, pw->pw_name); 323 "%s server_user %s", hostname, ipaddr,
324 client_user, pw->pw_name);
305 return 1; 325 return 1;
306 } 326 }
307 } 327 }
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 08:52:25 +0000