diff options
| author | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
| commit | c3e531b12b2335b7fa5a6bcc9a309d3c523ff64b (patch) | |
| tree | b72c0867348e7e7914d64af6fc5e25c728922e03 /session.c | |
| parent | 6b222fdf3cb54c11a446df38e027fe7acf2220cb (diff) | |
| parent | 70847d299887abb96f8703ca99db6d817b78960e (diff) | |
* New upstream release (closes: #453367).
- CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if
creation of an untrusted cookie fails; found and fixed by Jan Pechanec
(closes: #444738).
- sshd(8) in new installations defaults to SSH Protocol 2 only. Existing
installations are unchanged.
- The SSH channel window size has been increased, and both ssh(1)
sshd(8) now send window updates more aggressively. These improves
performance on high-BDP (Bandwidth Delay Product) networks.
- ssh(1) and sshd(8) now preserve MAC contexts between packets, which
saves 2 hash calls per packet and results in 12-16% speedup for
arcfour256/hmac-md5.
- A new MAC algorithm has been added, UMAC-64 (RFC4418) as
"umac-64@openssh.com". UMAC-64 has been measured to be approximately
20% faster than HMAC-MD5.
- Failure to establish a ssh(1) TunnelForward is now treated as a fatal
error when the ExitOnForwardFailure option is set.
- ssh(1) returns a sensible exit status if the control master goes away
without passing the full exit status.
- When using a ProxyCommand in ssh(1), set the outgoing hostname with
gethostname(2), allowing hostbased authentication to work.
- Make scp(1) skip FIFOs rather than hanging (closes: #246774).
- Encode non-printing characters in scp(1) filenames. These could cause
copies to be aborted with a "protocol error".
- Handle SIGINT in sshd(8) privilege separation child process to ensure
that wtmp and lastlog records are correctly updated.
- Report GSSAPI mechanism in errors, for libraries that support multiple
mechanisms.
- Improve documentation for ssh-add(1)'s -d option.
- Rearrange and tidy GSSAPI code, removing server-only code being linked
into the client.
- Delay execution of ssh(1)'s LocalCommand until after all forwardings
have been established.
- In scp(1), do not truncate non-regular files.
- Improve exit message from ControlMaster clients.
- Prevent sftp-server(8) from reading until it runs out of buffer space,
whereupon it would exit with a fatal error (closes: #365541).
- pam_end() was not being called if authentication failed
(closes: #405041).
- Manual page datestamps updated (closes: #433181).
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 28 |
1 files changed, 16 insertions, 12 deletions
| @@ -1310,7 +1310,7 @@ do_setusercontext(struct passwd *pw) | |||
| 1310 | # ifdef USE_PAM | 1310 | # ifdef USE_PAM |
| 1311 | if (options.use_pam) { | 1311 | if (options.use_pam) { |
| 1312 | do_pam_session(); | 1312 | do_pam_session(); |
| 1313 | do_pam_setcred(0); | 1313 | do_pam_setcred(use_privsep); |
| 1314 | } | 1314 | } |
| 1315 | # endif /* USE_PAM */ | 1315 | # endif /* USE_PAM */ |
| 1316 | if (setusercontext(lc, pw, pw->pw_uid, | 1316 | if (setusercontext(lc, pw, pw->pw_uid, |
| @@ -1352,7 +1352,7 @@ do_setusercontext(struct passwd *pw) | |||
| 1352 | */ | 1352 | */ |
| 1353 | if (options.use_pam) { | 1353 | if (options.use_pam) { |
| 1354 | do_pam_session(); | 1354 | do_pam_session(); |
| 1355 | do_pam_setcred(0); | 1355 | do_pam_setcred(use_privsep); |
| 1356 | } | 1356 | } |
| 1357 | # endif /* USE_PAM */ | 1357 | # endif /* USE_PAM */ |
| 1358 | # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) | 1358 | # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) |
| @@ -1361,11 +1361,11 @@ do_setusercontext(struct passwd *pw) | |||
| 1361 | # ifdef _AIX | 1361 | # ifdef _AIX |
| 1362 | aix_usrinfo(pw); | 1362 | aix_usrinfo(pw); |
| 1363 | # endif /* _AIX */ | 1363 | # endif /* _AIX */ |
| 1364 | #if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) | 1364 | #ifdef USE_LIBIAF |
| 1365 | if (set_id(pw->pw_name) != 0) { | 1365 | if (set_id(pw->pw_name) != 0) { |
| 1366 | exit(1); | 1366 | exit(1); |
| 1367 | } | 1367 | } |
| 1368 | #endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ | 1368 | #endif /* USE_LIBIAF */ |
| 1369 | /* Permanently switch to the desired uid. */ | 1369 | /* Permanently switch to the desired uid. */ |
| 1370 | permanently_set_uid(pw); | 1370 | permanently_set_uid(pw); |
| 1371 | #endif | 1371 | #endif |
| @@ -2478,8 +2478,19 @@ do_cleanup(Authctxt *authctxt) | |||
| 2478 | return; | 2478 | return; |
| 2479 | called = 1; | 2479 | called = 1; |
| 2480 | 2480 | ||
| 2481 | if (authctxt == NULL || !authctxt->authenticated) | 2481 | if (authctxt == NULL) |
| 2482 | return; | 2482 | return; |
| 2483 | |||
| 2484 | #ifdef USE_PAM | ||
| 2485 | if (options.use_pam) { | ||
| 2486 | sshpam_cleanup(); | ||
| 2487 | sshpam_thread_cleanup(); | ||
| 2488 | } | ||
| 2489 | #endif | ||
| 2490 | |||
| 2491 | if (!authctxt->authenticated) | ||
| 2492 | return; | ||
| 2493 | |||
| 2483 | #ifdef KRB5 | 2494 | #ifdef KRB5 |
| 2484 | if (options.kerberos_ticket_cleanup && | 2495 | if (options.kerberos_ticket_cleanup && |
| 2485 | authctxt->krb5_ctx) | 2496 | authctxt->krb5_ctx) |
| @@ -2491,13 +2502,6 @@ do_cleanup(Authctxt *authctxt) | |||
| 2491 | ssh_gssapi_cleanup_creds(); | 2502 | ssh_gssapi_cleanup_creds(); |
| 2492 | #endif | 2503 | #endif |
| 2493 | 2504 | ||
| 2494 | #ifdef USE_PAM | ||
| 2495 | if (options.use_pam) { | ||
| 2496 | sshpam_cleanup(); | ||
| 2497 | sshpam_thread_cleanup(); | ||
| 2498 | } | ||
| 2499 | #endif | ||
| 2500 | |||
| 2501 | /* remove agent socket */ | 2505 | /* remove agent socket */ |
| 2502 | auth_sock_cleanup_proc(authctxt->pw); | 2506 | auth_sock_cleanup_proc(authctxt->pw); |
| 2503 | 2507 | ||