diff options
author | Darren Tucker <dtucker@zip.com.au> | 2003-10-02 16:12:36 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2003-10-02 16:12:36 +1000 |
commit | 3e33cecf71860f73656a73b754cc7b7b9ec0b0ce (patch) | |
tree | 4c993022225dc70faeb42e23ff3323fd1deb717a /sshd.c | |
parent | b210aa2cfa546d8c31f8c725d1de3050c747bd6e (diff) |
- markus@cvs.openbsd.org 2003/09/23 20:17:11
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
ssh-agent.c sshd.c]
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 59 |
1 files changed, 36 insertions, 23 deletions
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.277 2003/09/19 11:33:09 markus Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.278 2003/09/23 20:17:11 markus Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -204,6 +204,9 @@ struct monitor *pmonitor; | |||
204 | /* message to be displayed after login */ | 204 | /* message to be displayed after login */ |
205 | Buffer loginmsg; | 205 | Buffer loginmsg; |
206 | 206 | ||
207 | /* global authentication context */ | ||
208 | Authctxt *the_authctxt = NULL; | ||
209 | |||
207 | /* Prototypes for various functions defined later in this file. */ | 210 | /* Prototypes for various functions defined later in this file. */ |
208 | void destroy_sensitive_data(void); | 211 | void destroy_sensitive_data(void); |
209 | void demote_sensitive_data(void); | 212 | void demote_sensitive_data(void); |
@@ -375,7 +378,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
375 | strlen(server_version_string)) | 378 | strlen(server_version_string)) |
376 | != strlen(server_version_string)) { | 379 | != strlen(server_version_string)) { |
377 | logit("Could not write ident string to %s", get_remote_ipaddr()); | 380 | logit("Could not write ident string to %s", get_remote_ipaddr()); |
378 | fatal_cleanup(); | 381 | cleanup_exit(255); |
379 | } | 382 | } |
380 | 383 | ||
381 | /* Read other sides version identification. */ | 384 | /* Read other sides version identification. */ |
@@ -384,7 +387,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
384 | if (atomicio(read, sock_in, &buf[i], 1) != 1) { | 387 | if (atomicio(read, sock_in, &buf[i], 1) != 1) { |
385 | logit("Did not receive identification string from %s", | 388 | logit("Did not receive identification string from %s", |
386 | get_remote_ipaddr()); | 389 | get_remote_ipaddr()); |
387 | fatal_cleanup(); | 390 | cleanup_exit(255); |
388 | } | 391 | } |
389 | if (buf[i] == '\r') { | 392 | if (buf[i] == '\r') { |
390 | buf[i] = 0; | 393 | buf[i] = 0; |
@@ -414,7 +417,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
414 | close(sock_out); | 417 | close(sock_out); |
415 | logit("Bad protocol version identification '%.100s' from %s", | 418 | logit("Bad protocol version identification '%.100s' from %s", |
416 | client_version_string, get_remote_ipaddr()); | 419 | client_version_string, get_remote_ipaddr()); |
417 | fatal_cleanup(); | 420 | cleanup_exit(255); |
418 | } | 421 | } |
419 | debug("Client protocol version %d.%d; client software version %.100s", | 422 | debug("Client protocol version %d.%d; client software version %.100s", |
420 | remote_major, remote_minor, remote_version); | 423 | remote_major, remote_minor, remote_version); |
@@ -424,13 +427,13 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
424 | if (datafellows & SSH_BUG_PROBE) { | 427 | if (datafellows & SSH_BUG_PROBE) { |
425 | logit("probed from %s with %s. Don't panic.", | 428 | logit("probed from %s with %s. Don't panic.", |
426 | get_remote_ipaddr(), client_version_string); | 429 | get_remote_ipaddr(), client_version_string); |
427 | fatal_cleanup(); | 430 | cleanup_exit(255); |
428 | } | 431 | } |
429 | 432 | ||
430 | if (datafellows & SSH_BUG_SCANNER) { | 433 | if (datafellows & SSH_BUG_SCANNER) { |
431 | logit("scanned from %s with %s. Don't panic.", | 434 | logit("scanned from %s with %s. Don't panic.", |
432 | get_remote_ipaddr(), client_version_string); | 435 | get_remote_ipaddr(), client_version_string); |
433 | fatal_cleanup(); | 436 | cleanup_exit(255); |
434 | } | 437 | } |
435 | 438 | ||
436 | mismatch = 0; | 439 | mismatch = 0; |
@@ -476,7 +479,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
476 | logit("Protocol major versions differ for %s: %.200s vs. %.200s", | 479 | logit("Protocol major versions differ for %s: %.200s vs. %.200s", |
477 | get_remote_ipaddr(), | 480 | get_remote_ipaddr(), |
478 | server_version_string, client_version_string); | 481 | server_version_string, client_version_string); |
479 | fatal_cleanup(); | 482 | cleanup_exit(255); |
480 | } | 483 | } |
481 | } | 484 | } |
482 | 485 | ||
@@ -571,10 +574,9 @@ privsep_preauth_child(void) | |||
571 | #endif | 574 | #endif |
572 | } | 575 | } |
573 | 576 | ||
574 | static Authctxt * | 577 | static int |
575 | privsep_preauth(void) | 578 | privsep_preauth(Authctxt *authctxt) |
576 | { | 579 | { |
577 | Authctxt *authctxt = NULL; | ||
578 | int status; | 580 | int status; |
579 | pid_t pid; | 581 | pid_t pid; |
580 | 582 | ||
@@ -590,7 +592,7 @@ privsep_preauth(void) | |||
590 | debug2("Network child is on pid %ld", (long)pid); | 592 | debug2("Network child is on pid %ld", (long)pid); |
591 | 593 | ||
592 | close(pmonitor->m_recvfd); | 594 | close(pmonitor->m_recvfd); |
593 | authctxt = monitor_child_preauth(pmonitor); | 595 | monitor_child_preauth(authctxt, pmonitor); |
594 | close(pmonitor->m_sendfd); | 596 | close(pmonitor->m_sendfd); |
595 | 597 | ||
596 | /* Sync memory */ | 598 | /* Sync memory */ |
@@ -600,7 +602,7 @@ privsep_preauth(void) | |||
600 | while (waitpid(pid, &status, 0) < 0) | 602 | while (waitpid(pid, &status, 0) < 0) |
601 | if (errno != EINTR) | 603 | if (errno != EINTR) |
602 | break; | 604 | break; |
603 | return (authctxt); | 605 | return (1); |
604 | } else { | 606 | } else { |
605 | /* child */ | 607 | /* child */ |
606 | 608 | ||
@@ -611,17 +613,12 @@ privsep_preauth(void) | |||
611 | privsep_preauth_child(); | 613 | privsep_preauth_child(); |
612 | setproctitle("%s", "[net]"); | 614 | setproctitle("%s", "[net]"); |
613 | } | 615 | } |
614 | return (NULL); | 616 | return (0); |
615 | } | 617 | } |
616 | 618 | ||
617 | static void | 619 | static void |
618 | privsep_postauth(Authctxt *authctxt) | 620 | privsep_postauth(Authctxt *authctxt) |
619 | { | 621 | { |
620 | extern Authctxt *x_authctxt; | ||
621 | |||
622 | /* XXX - Remote port forwarding */ | ||
623 | x_authctxt = authctxt; | ||
624 | |||
625 | #ifdef DISABLE_FD_PASSING | 622 | #ifdef DISABLE_FD_PASSING |
626 | if (1) { | 623 | if (1) { |
627 | #else | 624 | #else |
@@ -804,8 +801,8 @@ main(int ac, char **av) | |||
804 | int listen_sock, maxfd; | 801 | int listen_sock, maxfd; |
805 | int startup_p[2]; | 802 | int startup_p[2]; |
806 | int startups = 0; | 803 | int startups = 0; |
807 | Authctxt *authctxt; | ||
808 | Key *key; | 804 | Key *key; |
805 | Authctxt *authctxt; | ||
809 | int ret, key_used = 0; | 806 | int ret, key_used = 0; |
810 | 807 | ||
811 | #ifdef HAVE_SECUREWARE | 808 | #ifdef HAVE_SECUREWARE |
@@ -1460,18 +1457,25 @@ main(int ac, char **av) | |||
1460 | /* prepare buffers to collect authentication messages */ | 1457 | /* prepare buffers to collect authentication messages */ |
1461 | buffer_init(&loginmsg); | 1458 | buffer_init(&loginmsg); |
1462 | 1459 | ||
1460 | /* allocate authentication context */ | ||
1461 | authctxt = xmalloc(sizeof(*authctxt)); | ||
1462 | memset(authctxt, 0, sizeof(*authctxt)); | ||
1463 | |||
1464 | /* XXX global for cleanup, access from other modules */ | ||
1465 | the_authctxt = authctxt; | ||
1466 | |||
1463 | if (use_privsep) | 1467 | if (use_privsep) |
1464 | if ((authctxt = privsep_preauth()) != NULL) | 1468 | if (privsep_preauth(authctxt) == 1) |
1465 | goto authenticated; | 1469 | goto authenticated; |
1466 | 1470 | ||
1467 | /* perform the key exchange */ | 1471 | /* perform the key exchange */ |
1468 | /* authenticate user and start session */ | 1472 | /* authenticate user and start session */ |
1469 | if (compat20) { | 1473 | if (compat20) { |
1470 | do_ssh2_kex(); | 1474 | do_ssh2_kex(); |
1471 | authctxt = do_authentication2(); | 1475 | do_authentication2(authctxt); |
1472 | } else { | 1476 | } else { |
1473 | do_ssh1_kex(); | 1477 | do_ssh1_kex(); |
1474 | authctxt = do_authentication(); | 1478 | do_authentication(authctxt); |
1475 | } | 1479 | } |
1476 | /* | 1480 | /* |
1477 | * If we use privilege separation, the unprivileged child transfers | 1481 | * If we use privilege separation, the unprivileged child transfers |
@@ -1494,7 +1498,7 @@ main(int ac, char **av) | |||
1494 | destroy_sensitive_data(); | 1498 | destroy_sensitive_data(); |
1495 | } | 1499 | } |
1496 | 1500 | ||
1497 | /* Perform session preparation. */ | 1501 | /* Start session. */ |
1498 | do_authenticated(authctxt); | 1502 | do_authenticated(authctxt); |
1499 | 1503 | ||
1500 | /* The connection has been terminated. */ | 1504 | /* The connection has been terminated. */ |
@@ -1787,3 +1791,12 @@ do_ssh2_kex(void) | |||
1787 | #endif | 1791 | #endif |
1788 | debug("KEX done"); | 1792 | debug("KEX done"); |
1789 | } | 1793 | } |
1794 | |||
1795 | /* server specific fatal cleanup */ | ||
1796 | void | ||
1797 | cleanup_exit(int i) | ||
1798 | { | ||
1799 | if (the_authctxt) | ||
1800 | do_cleanup(the_authctxt); | ||
1801 | _exit(i); | ||
1802 | } | ||