* New upstream release (http://www.openssh.org/txt/release-5.9).

- Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. - Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt. - The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot (closes: #75043, #429243, #599240). - ssh(1) now warns when a server refuses X11 forwarding (closes: #504757). - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace (closes: #76312). The authorized_keys2 fallback is deprecated but documented (closes: #560156). - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4 ToS/DSCP (closes: #498297). - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" (closes: #229124). - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691). - Say "required" rather than "recommended" in unprotected-private-key warning (LP: #663455).
author: Colin Watson <cjwatson@debian.org> 2011-09-06 14:56:29 +0100
committer: Colin Watson <cjwatson@debian.org> 2011-09-06 14:56:29 +0100
commit: 978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree: 89400a44e42d84937deba7864e4964d6c7734da5 /auth-rsa.c
parent: 87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent: 3a7e89697ca363de0f64e0d5704c57219294e41c (diff)
1 files changed, 39 insertions, 31 deletions
diff --git a/auth-rsa.c b/auth-rsa.c
index ec32c803f..99c4e882d 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.79 2010/12/03 23:55:27 djm Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -160,38 +160,20 @@ auth_rsa_challenge_dialog(Key *key)
        return (success);
 }
-/*
+static int
- * check if there's user key matching client_n,
+rsa_key_allowed_in_file(struct passwd *pw, char *file,
- * return key if login is allowed, NULL otherwise
+    const BIGNUM *client_n, Key **rkey)
- */
-int
-auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
 {
-        char line[SSH_MAX_PUBKEY_BYTES], *file;
+        char line[SSH_MAX_PUBKEY_BYTES];
        int allowed = 0;
        u_int bits;
        FILE *f;
        u_long linenum = 0;
        Key *key;
-        /* Temporarily use the user's uid. */
-        temporarily_use_uid(pw);
-        /* The authorized keys. */
-        file = authorized_keys_file(pw);
        debug("trying public RSA key file %s", file);
-        f = auth_openkeyfile(file, pw, options.strict_modes);
+        if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)
-        if (!f) {
+                return 0;
-                xfree(file);
-                restore_uid();
-                return (0);
-        }
-        /* Flag indicating whether the key is allowed. */
-        allowed = 0;
-        key = key_new(KEY_RSA1);
        auth_start_parse_options();
@@ -200,6 +182,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
         * found, perform a challenge-response dialog to verify that the
         * user really has the corresponding private key.
         */
+        key = key_new(KEY_RSA1);
        while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                char *cp;
                char *key_options;
@@ -237,7 +220,10 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
                }
                /* cp now points to the comment part. */
-                /* Check if the we have found the desired key (identified by its modulus). */
+                /*
+                 * Check if the we have found the desired key (identified
+                 * by its modulus).
+                 */
                if (BN_cmp(key->rsa->n, client_n) != 0)
                        continue;
@@ -266,11 +252,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
                break;
        }
-        /* Restore the privileged uid. */
-        restore_uid();
        /* Close the file. */
-        xfree(file);
        fclose(f);
        /* return key if allowed */
@@ -278,7 +260,33 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
                *rkey = key;
        else
                key_free(key);
-        return (allowed);
+        return allowed;
+}
+/*
+ * check if there's user key matching client_n,
+ * return key if login is allowed, NULL otherwise
+ */
+int
+auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
+{
+        char *file;
+        u_int i, allowed = 0;
+        temporarily_use_uid(pw);
+        for (i = 0; !allowed && i < options.num_authkeys_files; i++) {
+                file = expand_authorized_keys(
+                    options.authorized_keys_files[i], pw);
+                allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey);
+                xfree(file);
+        }
+        restore_uid();
+        return allowed;
 }
 /*
author	Colin Watson <cjwatson@debian.org>	2011-09-06 14:56:29 +0100
committer	Colin Watson <cjwatson@debian.org>	2011-09-06 14:56:29 +0100
commit	978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree	89400a44e42d84937deba7864e4964d6c7734da5 /auth-rsa.c
parent	87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent	3a7e89697ca363de0f64e0d5704c57219294e41c (diff)

diff --git a/auth-rsa.c b/auth-rsa.c index ec32c803f..99c4e882d 100644 --- a/auth-rsa.c +++ b/auth-rsa.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: auth-rsa.c,v 1.79 2010/12/03 23:55:27 djm Exp $ */	1	/* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -160,38 +160,20 @@ auth_rsa_challenge_dialog(Key *key)
160	return (success);	160	return (success);
161	}	161	}
162		162
163	/*	163	static int
164	* check if there's user key matching client_n,	164	rsa_key_allowed_in_file(struct passwd pw, char file,
165	* return key if login is allowed, NULL otherwise	165	const BIGNUM client_n, Key *rkey)
166	*/
167
168	int
169	auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
170	{	166	{
171	char line[SSH_MAX_PUBKEY_BYTES], *file;	167	char line[SSH_MAX_PUBKEY_BYTES];
172	int allowed = 0;	168	int allowed = 0;
173	u_int bits;	169	u_int bits;
174	FILE *f;	170	FILE *f;
175	u_long linenum = 0;	171	u_long linenum = 0;
176	Key *key;	172	Key *key;
177		173
178	/* Temporarily use the user's uid. */
179	temporarily_use_uid(pw);
180
181	/* The authorized keys. */
182	file = authorized_keys_file(pw);
183	debug("trying public RSA key file %s", file);	174	debug("trying public RSA key file %s", file);
184	f = auth_openkeyfile(file, pw, options.strict_modes);	175	if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)
185	if (!f) {	176	return 0;
186	xfree(file);
187	restore_uid();
188	return (0);
189	}
190
191	/* Flag indicating whether the key is allowed. */
192	allowed = 0;
193
194	key = key_new(KEY_RSA1);
195		177
196	auth_start_parse_options();	178	auth_start_parse_options();
197		179
@@ -200,6 +182,7 @@ auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
200	* found, perform a challenge-response dialog to verify that the	182	* found, perform a challenge-response dialog to verify that the
201	* user really has the corresponding private key.	183	* user really has the corresponding private key.
202	*/	184	*/
		185	key = key_new(KEY_RSA1);
203	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {	186	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
204	char *cp;	187	char *cp;
205	char *key_options;	188	char *key_options;
@@ -237,7 +220,10 @@ auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
237	}	220	}
238	/* cp now points to the comment part. */	221	/* cp now points to the comment part. */
239		222
240	/* Check if the we have found the desired key (identified by its modulus). */	223	/*
		224	* Check if the we have found the desired key (identified
		225	* by its modulus).
		226	*/
241	if (BN_cmp(key->rsa->n, client_n) != 0)	227	if (BN_cmp(key->rsa->n, client_n) != 0)
242	continue;	228	continue;
243		229
@@ -266,11 +252,7 @@ auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
266	break;	252	break;
267	}	253	}
268		254
269	/* Restore the privileged uid. */
270	restore_uid();
271
272	/* Close the file. */	255	/* Close the file. */
273	xfree(file);
274	fclose(f);	256	fclose(f);
275		257
276	/* return key if allowed */	258	/* return key if allowed */
@@ -278,7 +260,33 @@ auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
278	*rkey = key;	260	*rkey = key;
279	else	261	else
280	key_free(key);	262	key_free(key);
281	return (allowed);	263
		264	return allowed;
		265	}
		266
		267	/*
		268	* check if there's user key matching client_n,
		269	* return key if login is allowed, NULL otherwise
		270	*/
		271
		272	int
		273	auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
		274	{
		275	char *file;
		276	u_int i, allowed = 0;
		277
		278	temporarily_use_uid(pw);
		279
		280	for (i = 0; !allowed && i < options.num_authkeys_files; i++) {
		281	file = expand_authorized_keys(
		282	options.authorized_keys_files[i], pw);
		283	allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey);
		284	xfree(file);
		285	}
		286
		287	restore_uid();
		288
		289	return allowed;
282	}	290	}
283		291
284	/*	292	/*