- markus@cvs.openbsd.org 2001/04/12 19:15:26

[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
author: Ben Lindstrom <mouring@eviladmin.org> 2001-04-12 23:34:34 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-04-12 23:34:34 +0000
commit: 5eabda303aa26c77e4c383230db9ce9d9175e580 (patch)
tree: a084d793ff9789b41920bb259c7ff309d21eba24 /ssh.c
parent: 0998872972ec9a059204344cf0bec64123b3e28c (diff)
1 files changed, 32 insertions, 10 deletions
diff --git a/ssh.c b/ssh.c
index 5c08de820..f14fbac23 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.111 2001/04/12 14:29:09 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.112 2001/04/12 19:15:25 markus Exp $");
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -130,8 +130,11 @@ struct sockaddr_storage hostaddr;
 */
 volatile int received_window_change_signal = 0;
-/* Host private key. */
+/* Private host keys. */
-Key *host_private_key = NULL;
+struct {
+        Key     **keys;
+        int     nkeys;
+} sensitive_data;
 /* Original real UID. */
 uid_t original_real_uid;
@@ -646,9 +649,18 @@ main(int ac, char **av)
         * authentication. This must be done before releasing extra
         * privileges, because the file is only readable by root.
         */
-        if (ok && (options.protocol & SSH_PROTO_1)) {
+        sensitive_data.nkeys = 0;
-                host_private_key = key_load_private_type(KEY_RSA1,
+        sensitive_data.keys = NULL;
+        if (ok && (options.rhosts_rsa_authentication ||
+            options.hostbased_authentication)) {
+                sensitive_data.nkeys = 3;
+                sensitive_data.keys = xmalloc(sensitive_data.nkeys*sizeof(Key));
+                sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
                    _PATH_HOST_KEY_FILE, "", NULL);
+                sensitive_data.keys[1] = key_load_private_type(KEY_DSA,
+                    _PATH_HOST_DSA_KEY_FILE, "", NULL);
+                sensitive_data.keys[2] = key_load_private_type(KEY_RSA,
+                    _PATH_HOST_RSA_KEY_FILE, "", NULL);
        }
        /*
         * Get rid of any extra privileges that we may have.  We will no
@@ -707,11 +719,21 @@ main(int ac, char **av)
            tilde_expand_filename(options.user_hostfile2, original_real_uid);
        /* Log into the remote system.  This never returns if the login fails. */
-        ssh_login(host_private_key, host, (struct sockaddr *)&hostaddr, pw);
+        ssh_login(sensitive_data.keys, sensitive_data.nkeys,
+            host, (struct sockaddr *)&hostaddr, pw);
-        /* We no longer need the host private key.  Clear it now. */
-        if (host_private_key != NULL)
+        /* We no longer need the private host keys.  Clear them now. */
-                key_free(host_private_key);     /* Destroys contents safely */
+        if (sensitive_data.nkeys != 0) {
+                for (i = 0; i < sensitive_data.nkeys; i++) {
+                        if (sensitive_data.keys[i] != NULL) {
+                                /* Destroys contents safely */
+                                debug3("clear hostkey %d", i);
+                                key_free(sensitive_data.keys[i]);
+                                sensitive_data.keys[i] = NULL;
+                        }
+                }
+                xfree(sensitive_data.keys);
+        }
        exit_status = compat20 ? ssh_session2() : ssh_session();
        packet_close();
author	Ben Lindstrom <mouring@eviladmin.org>	2001-04-12 23:34:34 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-04-12 23:34:34 +0000
commit	5eabda303aa26c77e4c383230db9ce9d9175e580 (patch)
tree	a084d793ff9789b41920bb259c7ff309d21eba24 /ssh.c
parent	0998872972ec9a059204344cf0bec64123b3e28c (diff)

diff --git a/ssh.c b/ssh.c index 5c08de820..f14fbac23 100644 --- a/ssh.c +++ b/ssh.c
@@ -39,7 +39,7 @@
39	*/	39	*/
40		40
41	#include "includes.h"	41	#include "includes.h"
42	RCSID("$OpenBSD: ssh.c,v 1.111 2001/04/12 14:29:09 markus Exp $");	42	RCSID("$OpenBSD: ssh.c,v 1.112 2001/04/12 19:15:25 markus Exp $");
43		43
44	#include <openssl/evp.h>	44	#include <openssl/evp.h>
45	#include <openssl/err.h>	45	#include <openssl/err.h>
@@ -130,8 +130,11 @@ struct sockaddr_storage hostaddr;
130	*/	130	*/
131	volatile int received_window_change_signal = 0;	131	volatile int received_window_change_signal = 0;
132		132
133	/* Host private key. */	133	/* Private host keys. */
134	Key *host_private_key = NULL;	134	struct {
		135	Key **keys;
		136	int nkeys;
		137	} sensitive_data;
135		138
136	/* Original real UID. */	139	/* Original real UID. */
137	uid_t original_real_uid;	140	uid_t original_real_uid;
@@ -646,9 +649,18 @@ main(int ac, char **av)
646	* authentication. This must be done before releasing extra	649	* authentication. This must be done before releasing extra
647	* privileges, because the file is only readable by root.	650	* privileges, because the file is only readable by root.
648	*/	651	*/
649	if (ok && (options.protocol & SSH_PROTO_1)) {	652	sensitive_data.nkeys = 0;
650	host_private_key = key_load_private_type(KEY_RSA1,	653	sensitive_data.keys = NULL;
		654	if (ok && (options.rhosts_rsa_authentication \|\|
		655	options.hostbased_authentication)) {
		656	sensitive_data.nkeys = 3;
		657	sensitive_data.keys = xmalloc(sensitive_data.nkeys*sizeof(Key));
		658	sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
651	_PATH_HOST_KEY_FILE, "", NULL);	659	_PATH_HOST_KEY_FILE, "", NULL);
		660	sensitive_data.keys[1] = key_load_private_type(KEY_DSA,
		661	_PATH_HOST_DSA_KEY_FILE, "", NULL);
		662	sensitive_data.keys[2] = key_load_private_type(KEY_RSA,
		663	_PATH_HOST_RSA_KEY_FILE, "", NULL);
652	}	664	}
653	/*	665	/*
654	* Get rid of any extra privileges that we may have. We will no	666	* Get rid of any extra privileges that we may have. We will no
@@ -707,11 +719,21 @@ main(int ac, char **av)
707	tilde_expand_filename(options.user_hostfile2, original_real_uid);	719	tilde_expand_filename(options.user_hostfile2, original_real_uid);
708		720
709	/* Log into the remote system. This never returns if the login fails. */	721	/* Log into the remote system. This never returns if the login fails. */
710	ssh_login(host_private_key, host, (struct sockaddr *)&hostaddr, pw);	722	ssh_login(sensitive_data.keys, sensitive_data.nkeys,
711		723	host, (struct sockaddr *)&hostaddr, pw);
712	/* We no longer need the host private key. Clear it now. */	724
713	if (host_private_key != NULL)	725	/* We no longer need the private host keys. Clear them now. */
714	key_free(host_private_key); /* Destroys contents safely */	726	if (sensitive_data.nkeys != 0) {
		727	for (i = 0; i < sensitive_data.nkeys; i++) {
		728	if (sensitive_data.keys[i] != NULL) {
		729	/* Destroys contents safely */
		730	debug3("clear hostkey %d", i);
		731	key_free(sensitive_data.keys[i]);
		732	sensitive_data.keys[i] = NULL;
		733	}
		734	}
		735	xfree(sensitive_data.keys);
		736	}
715		737
716	exit_status = compat20 ? ssh_session2() : ssh_session();	738	exit_status = compat20 ? ssh_session2() : ssh_session();
717	packet_close();	739	packet_close();