diff options
author | Colin Watson <cjwatson@debian.org> | 2009-12-29 21:34:25 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2009-12-29 21:34:25 +0000 |
commit | fa585019a79ebcb4e0202b1c33f87ff1c5c9ce1c (patch) | |
tree | 28fc9a13eaab935e4de055b561b333d67387a934 /sshd.c | |
parent | 04942aa41fa94ec6f2c3ce1d348f600f31bb7c78 (diff) | |
parent | 3e2e0ac10674d77618c4c7339e18b83ced247492 (diff) |
import openssh-4.3p2-gsskex-20060223.patch
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 58 |
1 files changed, 39 insertions, 19 deletions
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.312 2005/07/25 11:59:40 markus Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.318 2005/12/24 02:27:41 djm Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -637,16 +637,8 @@ privsep_postauth(Authctxt *authctxt) | |||
637 | if (authctxt->pw->pw_uid == 0 || options.use_login) { | 637 | if (authctxt->pw->pw_uid == 0 || options.use_login) { |
638 | #endif | 638 | #endif |
639 | /* File descriptor passing is broken or root login */ | 639 | /* File descriptor passing is broken or root login */ |
640 | monitor_apply_keystate(pmonitor); | ||
641 | use_privsep = 0; | 640 | use_privsep = 0; |
642 | return; | 641 | goto skip; |
643 | } | ||
644 | |||
645 | /* Authentication complete */ | ||
646 | alarm(0); | ||
647 | if (startup_pipe != -1) { | ||
648 | close(startup_pipe); | ||
649 | startup_pipe = -1; | ||
650 | } | 642 | } |
651 | 643 | ||
652 | /* New socket pair */ | 644 | /* New socket pair */ |
@@ -673,6 +665,7 @@ privsep_postauth(Authctxt *authctxt) | |||
673 | /* Drop privileges */ | 665 | /* Drop privileges */ |
674 | do_setusercontext(authctxt->pw); | 666 | do_setusercontext(authctxt->pw); |
675 | 667 | ||
668 | skip: | ||
676 | /* It is safe now to apply the key state */ | 669 | /* It is safe now to apply the key state */ |
677 | monitor_apply_keystate(pmonitor); | 670 | monitor_apply_keystate(pmonitor); |
678 | 671 | ||
@@ -804,6 +797,7 @@ send_rexec_state(int fd, Buffer *conf) | |||
804 | * bignum iqmp " | 797 | * bignum iqmp " |
805 | * bignum p " | 798 | * bignum p " |
806 | * bignum q " | 799 | * bignum q " |
800 | * string rngseed (only if OpenSSL is not self-seeded) | ||
807 | */ | 801 | */ |
808 | buffer_init(&m); | 802 | buffer_init(&m); |
809 | buffer_put_cstring(&m, buffer_ptr(conf)); | 803 | buffer_put_cstring(&m, buffer_ptr(conf)); |
@@ -820,6 +814,10 @@ send_rexec_state(int fd, Buffer *conf) | |||
820 | } else | 814 | } else |
821 | buffer_put_int(&m, 0); | 815 | buffer_put_int(&m, 0); |
822 | 816 | ||
817 | #ifndef OPENSSL_PRNG_ONLY | ||
818 | rexec_send_rng_seed(&m); | ||
819 | #endif | ||
820 | |||
823 | if (ssh_msg_send(fd, 0, &m) == -1) | 821 | if (ssh_msg_send(fd, 0, &m) == -1) |
824 | fatal("%s: ssh_msg_send failed", __func__); | 822 | fatal("%s: ssh_msg_send failed", __func__); |
825 | 823 | ||
@@ -862,6 +860,11 @@ recv_rexec_state(int fd, Buffer *conf) | |||
862 | rsa_generate_additional_parameters( | 860 | rsa_generate_additional_parameters( |
863 | sensitive_data.server_key->rsa); | 861 | sensitive_data.server_key->rsa); |
864 | } | 862 | } |
863 | |||
864 | #ifndef OPENSSL_PRNG_ONLY | ||
865 | rexec_recv_rng_seed(&m); | ||
866 | #endif | ||
867 | |||
865 | buffer_free(&m); | 868 | buffer_free(&m); |
866 | 869 | ||
867 | debug3("%s: done", __func__); | 870 | debug3("%s: done", __func__); |
@@ -918,6 +921,9 @@ main(int ac, char **av) | |||
918 | if (geteuid() == 0 && setgroups(0, NULL) == -1) | 921 | if (geteuid() == 0 && setgroups(0, NULL) == -1) |
919 | debug("setgroups(): %.200s", strerror(errno)); | 922 | debug("setgroups(): %.200s", strerror(errno)); |
920 | 923 | ||
924 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | ||
925 | sanitise_stdfd(); | ||
926 | |||
921 | /* Initialize configuration options to their default values. */ | 927 | /* Initialize configuration options to their default values. */ |
922 | initialize_server_options(&options); | 928 | initialize_server_options(&options); |
923 | 929 | ||
@@ -1055,8 +1061,6 @@ main(int ac, char **av) | |||
1055 | drop_cray_privs(); | 1061 | drop_cray_privs(); |
1056 | #endif | 1062 | #endif |
1057 | 1063 | ||
1058 | seed_rng(); | ||
1059 | |||
1060 | sensitive_data.server_key = NULL; | 1064 | sensitive_data.server_key = NULL; |
1061 | sensitive_data.ssh1_host_key = NULL; | 1065 | sensitive_data.ssh1_host_key = NULL; |
1062 | sensitive_data.have_ssh1_key = 0; | 1066 | sensitive_data.have_ssh1_key = 0; |
@@ -1075,6 +1079,8 @@ main(int ac, char **av) | |||
1075 | if (!rexec_flag) | 1079 | if (!rexec_flag) |
1076 | buffer_free(&cfg); | 1080 | buffer_free(&cfg); |
1077 | 1081 | ||
1082 | seed_rng(); | ||
1083 | |||
1078 | /* Fill in default values for those options not explicitly set. */ | 1084 | /* Fill in default values for those options not explicitly set. */ |
1079 | fill_default_server_options(&options); | 1085 | fill_default_server_options(&options); |
1080 | 1086 | ||
@@ -1645,7 +1651,12 @@ main(int ac, char **av) | |||
1645 | debug("get_remote_port failed"); | 1651 | debug("get_remote_port failed"); |
1646 | cleanup_exit(255); | 1652 | cleanup_exit(255); |
1647 | } | 1653 | } |
1648 | remote_ip = get_remote_ipaddr(); | 1654 | |
1655 | /* | ||
1656 | * We use get_canonical_hostname with usedns = 0 instead of | ||
1657 | * get_remote_ipaddr here so IP options will be checked. | ||
1658 | */ | ||
1659 | remote_ip = get_canonical_hostname(0); | ||
1649 | 1660 | ||
1650 | #ifdef SSH_AUDIT_EVENTS | 1661 | #ifdef SSH_AUDIT_EVENTS |
1651 | audit_connection_from(remote_ip, remote_port); | 1662 | audit_connection_from(remote_ip, remote_port); |
@@ -1699,8 +1710,7 @@ main(int ac, char **av) | |||
1699 | error("SessionGetInfo() failed with error %.8X", | 1710 | error("SessionGetInfo() failed with error %.8X", |
1700 | (unsigned) err); | 1711 | (unsigned) err); |
1701 | else | 1712 | else |
1702 | debug("Current Session ID is %.8X / Session Attributes a | 1713 | debug("Current Session ID is %.8X / Session Attributes are %.8X", |
1703 | re %.8X", | ||
1704 | (unsigned) sid, (unsigned) sattrs); | 1714 | (unsigned) sid, (unsigned) sattrs); |
1705 | 1715 | ||
1706 | if (inetd_flag && !(sattrs & sessionIsRoot)) | 1716 | if (inetd_flag && !(sattrs & sessionIsRoot)) |
@@ -1719,18 +1729,17 @@ re %.8X", | |||
1719 | error("SessionGetInfo() failed with error %.8X", | 1729 | error("SessionGetInfo() failed with error %.8X", |
1720 | (unsigned) err); | 1730 | (unsigned) err); |
1721 | else | 1731 | else |
1722 | debug("New Session ID is %.8X / Session Attribut | 1732 | debug("New Session ID is %.8X / Session Attributes are %.8X", |
1723 | es are %.8X", | ||
1724 | (unsigned) sid, (unsigned) sattrs); | 1733 | (unsigned) sid, (unsigned) sattrs); |
1725 | } | 1734 | } |
1726 | } | 1735 | } |
1727 | #endif | 1736 | #endif |
1728 | 1737 | ||
1729 | /* | 1738 | /* |
1730 | * We don\'t want to listen forever unless the other side | 1739 | * We don't want to listen forever unless the other side |
1731 | * successfully authenticates itself. So we set up an alarm which is | 1740 | * successfully authenticates itself. So we set up an alarm which is |
1732 | * cleared after successful authentication. A limit of zero | 1741 | * cleared after successful authentication. A limit of zero |
1733 | * indicates no limit. Note that we don\'t set the alarm in debugging | 1742 | * indicates no limit. Note that we don't set the alarm in debugging |
1734 | * mode; it is just annoying to have the server exit just when you | 1743 | * mode; it is just annoying to have the server exit just when you |
1735 | * are about to discover the bug. | 1744 | * are about to discover the bug. |
1736 | */ | 1745 | */ |
@@ -1777,6 +1786,17 @@ es are %.8X", | |||
1777 | } | 1786 | } |
1778 | 1787 | ||
1779 | authenticated: | 1788 | authenticated: |
1789 | /* | ||
1790 | * Cancel the alarm we set to limit the time taken for | ||
1791 | * authentication. | ||
1792 | */ | ||
1793 | alarm(0); | ||
1794 | signal(SIGALRM, SIG_DFL); | ||
1795 | if (startup_pipe != -1) { | ||
1796 | close(startup_pipe); | ||
1797 | startup_pipe = -1; | ||
1798 | } | ||
1799 | |||
1780 | #ifdef SSH_AUDIT_EVENTS | 1800 | #ifdef SSH_AUDIT_EVENTS |
1781 | audit_event(SSH_AUTH_SUCCESS); | 1801 | audit_event(SSH_AUTH_SUCCESS); |
1782 | #endif | 1802 | #endif |