diff options
author | Colin Watson <cjwatson@debian.org> | 2016-02-29 12:15:15 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-03-08 11:51:22 +0000 |
commit | 46961f5704f8e86cea3e99253faad55aef4d8f35 (patch) | |
tree | 0dd97fa4fb649a62b4639fe2674380872b1f3e98 /sshd.c | |
parent | c753fe267efb1b027424fa8706cf0385fc3d14c1 (diff) | |
parent | 85e40e87a75fb80a0bf893ac05a417d6c353537d (diff) |
New upstream release (7.2).
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 76 |
1 files changed, 39 insertions, 37 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.458 2015/08/20 22:32:42 deraadt Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.465 2016/02/15 09:47:49 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -125,7 +125,6 @@ | |||
125 | #include "ssh-gss.h" | 125 | #include "ssh-gss.h" |
126 | #endif | 126 | #endif |
127 | #include "monitor_wrap.h" | 127 | #include "monitor_wrap.h" |
128 | #include "roaming.h" | ||
129 | #include "ssh-sandbox.h" | 128 | #include "ssh-sandbox.h" |
130 | #include "version.h" | 129 | #include "version.h" |
131 | #include "ssherr.h" | 130 | #include "ssherr.h" |
@@ -453,7 +452,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
453 | options.version_addendum, newline); | 452 | options.version_addendum, newline); |
454 | 453 | ||
455 | /* Send our protocol version identification. */ | 454 | /* Send our protocol version identification. */ |
456 | if (roaming_atomicio(vwrite, sock_out, server_version_string, | 455 | if (atomicio(vwrite, sock_out, server_version_string, |
457 | strlen(server_version_string)) | 456 | strlen(server_version_string)) |
458 | != strlen(server_version_string)) { | 457 | != strlen(server_version_string)) { |
459 | logit("Could not write ident string to %s", get_remote_ipaddr()); | 458 | logit("Could not write ident string to %s", get_remote_ipaddr()); |
@@ -463,7 +462,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
463 | /* Read other sides version identification. */ | 462 | /* Read other sides version identification. */ |
464 | memset(buf, 0, sizeof(buf)); | 463 | memset(buf, 0, sizeof(buf)); |
465 | for (i = 0; i < sizeof(buf) - 1; i++) { | 464 | for (i = 0; i < sizeof(buf) - 1; i++) { |
466 | if (roaming_atomicio(read, sock_in, &buf[i], 1) != 1) { | 465 | if (atomicio(read, sock_in, &buf[i], 1) != 1) { |
467 | logit("Did not receive identification string from %s", | 466 | logit("Did not receive identification string from %s", |
468 | get_remote_ipaddr()); | 467 | get_remote_ipaddr()); |
469 | cleanup_exit(255); | 468 | cleanup_exit(255); |
@@ -648,25 +647,23 @@ privsep_preauth_child(void) | |||
648 | /* Demote the private keys to public keys. */ | 647 | /* Demote the private keys to public keys. */ |
649 | demote_sensitive_data(); | 648 | demote_sensitive_data(); |
650 | 649 | ||
651 | /* Change our root directory */ | 650 | /* Demote the child */ |
652 | if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) | 651 | if (getuid() == 0 || geteuid() == 0) { |
653 | fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, | 652 | /* Change our root directory */ |
654 | strerror(errno)); | 653 | if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) |
655 | if (chdir("/") == -1) | 654 | fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, |
656 | fatal("chdir(\"/\"): %s", strerror(errno)); | 655 | strerror(errno)); |
657 | 656 | if (chdir("/") == -1) | |
658 | /* Drop our privileges */ | 657 | fatal("chdir(\"/\"): %s", strerror(errno)); |
659 | debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, | 658 | |
660 | (u_int)privsep_pw->pw_gid); | 659 | /* Drop our privileges */ |
661 | #if 0 | 660 | debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, |
662 | /* XXX not ready, too heavy after chroot */ | 661 | (u_int)privsep_pw->pw_gid); |
663 | do_setusercontext(privsep_pw); | 662 | gidset[0] = privsep_pw->pw_gid; |
664 | #else | 663 | if (setgroups(1, gidset) < 0) |
665 | gidset[0] = privsep_pw->pw_gid; | 664 | fatal("setgroups: %.100s", strerror(errno)); |
666 | if (setgroups(1, gidset) < 0) | 665 | permanently_set_uid(privsep_pw); |
667 | fatal("setgroups: %.100s", strerror(errno)); | 666 | } |
668 | permanently_set_uid(privsep_pw); | ||
669 | #endif | ||
670 | } | 667 | } |
671 | 668 | ||
672 | static int | 669 | static int |
@@ -732,9 +729,7 @@ privsep_preauth(Authctxt *authctxt) | |||
732 | /* Arrange for logging to be sent to the monitor */ | 729 | /* Arrange for logging to be sent to the monitor */ |
733 | set_log_handler(mm_log_handler, pmonitor); | 730 | set_log_handler(mm_log_handler, pmonitor); |
734 | 731 | ||
735 | /* Demote the child */ | 732 | privsep_preauth_child(); |
736 | if (getuid() == 0 || geteuid() == 0) | ||
737 | privsep_preauth_child(); | ||
738 | setproctitle("%s", "[net]"); | 733 | setproctitle("%s", "[net]"); |
739 | if (box != NULL) | 734 | if (box != NULL) |
740 | ssh_sandbox_child(box); | 735 | ssh_sandbox_child(box); |
@@ -836,6 +831,12 @@ list_hostkey_types(void) | |||
836 | buffer_append(&b, ",", 1); | 831 | buffer_append(&b, ",", 1); |
837 | p = key_ssh_name(key); | 832 | p = key_ssh_name(key); |
838 | buffer_append(&b, p, strlen(p)); | 833 | buffer_append(&b, p, strlen(p)); |
834 | |||
835 | /* for RSA we also support SHA2 signatures */ | ||
836 | if (key->type == KEY_RSA) { | ||
837 | p = ",rsa-sha2-512,rsa-sha2-256"; | ||
838 | buffer_append(&b, p, strlen(p)); | ||
839 | } | ||
839 | break; | 840 | break; |
840 | } | 841 | } |
841 | /* If the private key has a cert peer, then list that too */ | 842 | /* If the private key has a cert peer, then list that too */ |
@@ -1271,8 +1272,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1271 | for (;;) { | 1272 | for (;;) { |
1272 | if (received_sighup) | 1273 | if (received_sighup) |
1273 | sighup_restart(); | 1274 | sighup_restart(); |
1274 | if (fdset != NULL) | 1275 | free(fdset); |
1275 | free(fdset); | ||
1276 | fdset = xcalloc(howmany(maxfd + 1, NFDBITS), | 1276 | fdset = xcalloc(howmany(maxfd + 1, NFDBITS), |
1277 | sizeof(fd_mask)); | 1277 | sizeof(fd_mask)); |
1278 | 1278 | ||
@@ -1492,6 +1492,8 @@ main(int ac, char **av) | |||
1492 | Authctxt *authctxt; | 1492 | Authctxt *authctxt; |
1493 | struct connection_info *connection_info = get_connection_info(0, 0); | 1493 | struct connection_info *connection_info = get_connection_info(0, 0); |
1494 | 1494 | ||
1495 | ssh_malloc_init(); /* must be called before any mallocs */ | ||
1496 | |||
1495 | #ifdef HAVE_SECUREWARE | 1497 | #ifdef HAVE_SECUREWARE |
1496 | (void)set_auth_parameters(ac, av); | 1498 | (void)set_auth_parameters(ac, av); |
1497 | #endif | 1499 | #endif |
@@ -1552,7 +1554,7 @@ main(int ac, char **av) | |||
1552 | no_daemon_flag = 1; | 1554 | no_daemon_flag = 1; |
1553 | break; | 1555 | break; |
1554 | case 'E': | 1556 | case 'E': |
1555 | logfile = xstrdup(optarg); | 1557 | logfile = optarg; |
1556 | /* FALLTHROUGH */ | 1558 | /* FALLTHROUGH */ |
1557 | case 'e': | 1559 | case 'e': |
1558 | log_stderr = 1; | 1560 | log_stderr = 1; |
@@ -1654,10 +1656,8 @@ main(int ac, char **av) | |||
1654 | #endif | 1656 | #endif |
1655 | 1657 | ||
1656 | /* If requested, redirect the logs to the specified logfile. */ | 1658 | /* If requested, redirect the logs to the specified logfile. */ |
1657 | if (logfile != NULL) { | 1659 | if (logfile != NULL) |
1658 | log_redirect_stderr_to(logfile); | 1660 | log_redirect_stderr_to(logfile); |
1659 | free(logfile); | ||
1660 | } | ||
1661 | /* | 1661 | /* |
1662 | * Force logging to stderr until we have loaded the private host | 1662 | * Force logging to stderr until we have loaded the private host |
1663 | * key (unless started from inetd) | 1663 | * key (unless started from inetd) |
@@ -2619,24 +2619,26 @@ do_ssh1_kex(void) | |||
2619 | 2619 | ||
2620 | int | 2620 | int |
2621 | sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen, | 2621 | sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen, |
2622 | const u_char *data, size_t dlen, u_int flag) | 2622 | const u_char *data, size_t dlen, const char *alg, u_int flag) |
2623 | { | 2623 | { |
2624 | int r; | 2624 | int r; |
2625 | u_int xxx_slen, xxx_dlen = dlen; | 2625 | u_int xxx_slen, xxx_dlen = dlen; |
2626 | 2626 | ||
2627 | if (privkey) { | 2627 | if (privkey) { |
2628 | if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen) < 0)) | 2628 | if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen, |
2629 | alg) < 0)) | ||
2629 | fatal("%s: key_sign failed", __func__); | 2630 | fatal("%s: key_sign failed", __func__); |
2630 | if (slen) | 2631 | if (slen) |
2631 | *slen = xxx_slen; | 2632 | *slen = xxx_slen; |
2632 | } else if (use_privsep) { | 2633 | } else if (use_privsep) { |
2633 | if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen) < 0) | 2634 | if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen, |
2635 | alg) < 0) | ||
2634 | fatal("%s: pubkey_sign failed", __func__); | 2636 | fatal("%s: pubkey_sign failed", __func__); |
2635 | if (slen) | 2637 | if (slen) |
2636 | *slen = xxx_slen; | 2638 | *slen = xxx_slen; |
2637 | } else { | 2639 | } else { |
2638 | if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen, | 2640 | if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen, |
2639 | data, dlen, datafellows)) != 0) | 2641 | data, dlen, alg, datafellows)) != 0) |
2640 | fatal("%s: ssh_agent_sign failed: %s", | 2642 | fatal("%s: ssh_agent_sign failed: %s", |
2641 | __func__, ssh_err(r)); | 2643 | __func__, ssh_err(r)); |
2642 | } | 2644 | } |
@@ -2669,7 +2671,7 @@ do_ssh2_kex(void) | |||
2669 | } | 2671 | } |
2670 | 2672 | ||
2671 | if (options.rekey_limit || options.rekey_interval) | 2673 | if (options.rekey_limit || options.rekey_interval) |
2672 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, | 2674 | packet_set_rekey_limits(options.rekey_limit, |
2673 | (time_t)options.rekey_interval); | 2675 | (time_t)options.rekey_interval); |
2674 | 2676 | ||
2675 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( | 2677 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( |