upstream commit

refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@ Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
author: djm@openbsd.org <djm@openbsd.org> 2017-06-24 06:34:38 +0000
committer: Damien Miller <djm@mindrot.org> 2017-06-24 16:56:11 +1000
commit: 8f574959272ac7fe9239c4f5d10fd913f8920ab0 (patch)
tree: 51ab66a6011af6459e0d4ca15a4b4b78368607a1 /session.c
parent: e2004d4bb7eb01c663dd3a3e7eb224f1ccdc9bba (diff)
1 files changed, 53 insertions, 1 deletions
diff --git a/session.c b/session.c
index 295204c6e..a2588e74b 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.289 2017/06/24 05:24:11 djm Exp $ */
+/* $OpenBSD: session.c,v 1.290 2017/06/24 06:34:38 djm Exp $ */
 /*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
@@ -94,6 +94,7 @@
 #include "kex.h"
 #include "monitor_wrap.h"
 #include "sftp.h"
+#include "atomicio.h"
 #if defined(KRB5) && defined(USE_AFS)
 #include <kafs.h>
@@ -160,6 +161,9 @@ login_cap_t *lc;
 static int is_child = 0;
 static int in_chroot = 0;
+/* File containing userauth info, if ExposeAuthInfo set */
+static char *auth_info_file = NULL;
 /* Name and directory of socket for authentication agent forwarding. */
 static char *auth_sock_name = NULL;
 static char *auth_sock_dir = NULL;
@@ -249,6 +253,40 @@ display_loginmsg(void)
        }
 }
+static void
+prepare_auth_info_file(struct passwd *pw, struct sshbuf *info)
+{
+        int fd = -1, success = 0;
+        if (!options.expose_userauth_info || info == NULL)
+                return;
+        temporarily_use_uid(pw);
+        auth_info_file = xstrdup("/tmp/sshauth.XXXXXXXXXXXXXXX");
+        if ((fd = mkstemp(auth_info_file)) == -1) {
+                error("%s: mkstemp: %s", __func__, strerror(errno));
+                goto out;
+        }
+        if (atomicio(vwrite, fd, sshbuf_mutable_ptr(info),
+            sshbuf_len(info)) != sshbuf_len(info)) {
+                error("%s: write: %s", __func__, strerror(errno));
+                goto out;
+        }
+        if (close(fd) != 0) {
+                error("%s: close: %s", __func__, strerror(errno));
+                goto out;
+        }
+        success = 1;
+ out:
+        if (!success) {
+                if (fd != -1)
+                        close(fd);
+                free(auth_info_file);
+                auth_info_file = NULL;
+        }
+        restore_uid();
+}
 void
 do_authenticated(Authctxt *authctxt)
 {
@@ -264,7 +302,10 @@ do_authenticated(Authctxt *authctxt)
        auth_debug_send();
+        prepare_auth_info_file(authctxt->pw, authctxt->session_info);
        do_authenticated2(authctxt);
        do_cleanup(authctxt);
 }
@@ -1077,6 +1118,8 @@ do_setup_env(Session *s, const char *shell)
        free(laddr);
        child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
+        if (auth_info_file != NULL)
+                child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file);
        if (s->ttyfd != -1)
                child_set_env(&env, &envsize, "SSH_TTY", s->tty);
        if (s->term)
@@ -2549,6 +2592,15 @@ do_cleanup(Authctxt *authctxt)
        /* remove agent socket */
        auth_sock_cleanup_proc(authctxt->pw);
+        /* remove userauth info */
+        if (auth_info_file != NULL) {
+                temporarily_use_uid(authctxt->pw);
+                unlink(auth_info_file);
+                restore_uid();
+                free(auth_info_file);
+                auth_info_file = NULL;
+        }
        /*
         * Cleanup ptys/utmp only if privsep is disabled,
         * or if running in monitor.
author	djm@openbsd.org <djm@openbsd.org>	2017-06-24 06:34:38 +0000
committer	Damien Miller <djm@mindrot.org>	2017-06-24 16:56:11 +1000
commit	8f574959272ac7fe9239c4f5d10fd913f8920ab0 (patch)
tree	51ab66a6011af6459e0d4ca15a4b4b78368607a1 /session.c
parent	e2004d4bb7eb01c663dd3a3e7eb224f1ccdc9bba (diff)

diff --git a/session.c b/session.c index 295204c6e..a2588e74b 100644 --- a/session.c +++ b/session.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: session.c,v 1.289 2017/06/24 05:24:11 djm Exp $ */	1	/* $OpenBSD: session.c,v 1.290 2017/06/24 06:34:38 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4	* All rights reserved	4	* All rights reserved
@@ -94,6 +94,7 @@
94	#include "kex.h"	94	#include "kex.h"
95	#include "monitor_wrap.h"	95	#include "monitor_wrap.h"
96	#include "sftp.h"	96	#include "sftp.h"
		97	#include "atomicio.h"
97		98
98	#if defined(KRB5) && defined(USE_AFS)	99	#if defined(KRB5) && defined(USE_AFS)
99	#include <kafs.h>	100	#include <kafs.h>
@@ -160,6 +161,9 @@ login_cap_t *lc;
160	static int is_child = 0;	161	static int is_child = 0;
161	static int in_chroot = 0;	162	static int in_chroot = 0;
162		163
		164	/* File containing userauth info, if ExposeAuthInfo set */
		165	static char *auth_info_file = NULL;
		166
163	/* Name and directory of socket for authentication agent forwarding. */	167	/* Name and directory of socket for authentication agent forwarding. */
164	static char *auth_sock_name = NULL;	168	static char *auth_sock_name = NULL;
165	static char *auth_sock_dir = NULL;	169	static char *auth_sock_dir = NULL;
@@ -249,6 +253,40 @@ display_loginmsg(void)
249	}	253	}
250	}	254	}
251		255
		256	static void
		257	prepare_auth_info_file(struct passwd pw, struct sshbuf info)
		258	{
		259	int fd = -1, success = 0;
		260
		261	if (!options.expose_userauth_info \|\| info == NULL)
		262	return;
		263
		264	temporarily_use_uid(pw);
		265	auth_info_file = xstrdup("/tmp/sshauth.XXXXXXXXXXXXXXX");
		266	if ((fd = mkstemp(auth_info_file)) == -1) {
		267	error("%s: mkstemp: %s", __func__, strerror(errno));
		268	goto out;
		269	}
		270	if (atomicio(vwrite, fd, sshbuf_mutable_ptr(info),
		271	sshbuf_len(info)) != sshbuf_len(info)) {
		272	error("%s: write: %s", __func__, strerror(errno));
		273	goto out;
		274	}
		275	if (close(fd) != 0) {
		276	error("%s: close: %s", __func__, strerror(errno));
		277	goto out;
		278	}
		279	success = 1;
		280	out:
		281	if (!success) {
		282	if (fd != -1)
		283	close(fd);
		284	free(auth_info_file);
		285	auth_info_file = NULL;
		286	}
		287	restore_uid();
		288	}
		289
252	void	290	void
253	do_authenticated(Authctxt *authctxt)	291	do_authenticated(Authctxt *authctxt)
254	{	292	{
@@ -264,7 +302,10 @@ do_authenticated(Authctxt *authctxt)
264		302
265	auth_debug_send();	303	auth_debug_send();
266		304
		305	prepare_auth_info_file(authctxt->pw, authctxt->session_info);
		306
267	do_authenticated2(authctxt);	307	do_authenticated2(authctxt);
		308
268	do_cleanup(authctxt);	309	do_cleanup(authctxt);
269	}	310	}
270		311
@@ -1077,6 +1118,8 @@ do_setup_env(Session s, const char shell)
1077	free(laddr);	1118	free(laddr);
1078	child_set_env(&env, &envsize, "SSH_CONNECTION", buf);	1119	child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
1079		1120
		1121	if (auth_info_file != NULL)
		1122	child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file);
1080	if (s->ttyfd != -1)	1123	if (s->ttyfd != -1)
1081	child_set_env(&env, &envsize, "SSH_TTY", s->tty);	1124	child_set_env(&env, &envsize, "SSH_TTY", s->tty);
1082	if (s->term)	1125	if (s->term)
@@ -2549,6 +2592,15 @@ do_cleanup(Authctxt *authctxt)
2549	/* remove agent socket */	2592	/* remove agent socket */
2550	auth_sock_cleanup_proc(authctxt->pw);	2593	auth_sock_cleanup_proc(authctxt->pw);
2551		2594
		2595	/* remove userauth info */
		2596	if (auth_info_file != NULL) {
		2597	temporarily_use_uid(authctxt->pw);
		2598	unlink(auth_info_file);
		2599	restore_uid();
		2600	free(auth_info_file);
		2601	auth_info_file = NULL;
		2602	}
		2603
2552	/*	2604	/*
2553	* Cleanup ptys/utmp only if privsep is disabled,	2605	* Cleanup ptys/utmp only if privsep is disabled,
2554	* or if running in monitor.	2606	* or if running in monitor.