* Update to current GSSAPI patch from

http://www.sxw.org.uk/computing/patches/openssh-4.3p2-gsskex-20060223.patch (closes: #352042).
author: Colin Watson <cjwatson@debian.org> 2006-05-12 09:46:51 +0000
committer: Colin Watson <cjwatson@debian.org> 2006-05-12 09:46:51 +0000
commit: 2a3e00306c9b3b4db71a777a7c3ccb70e470c675 (patch)
tree: f00af0128b0ac750d739384f111000c1c97007e4 /sshd.c
parent: 2ee73b36b9a35daeaa4b065046882dc1f5f551b6 (diff)
1 files changed, 64 insertions, 1 deletions
diff --git a/sshd.c b/sshd.c
index df6d1e374..85b679d5e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -86,6 +86,10 @@ RCSID("$OpenBSD: sshd.c,v 1.318 2005/12/24 02:27:41 djm Exp $");
 #include "monitor_wrap.h"
 #include "monitor_fdpass.h"
+#ifdef USE_SECURITY_SESSION_API
+#include <Security/AuthSession.h>
+#endif
 #ifdef LIBWRAP
 #include <tcpd.h>
 #include <syslog.h>
@@ -1129,6 +1133,7 @@ main(int ac, char **av)
                options.protocol &= ~SSH_PROTO_1;
        }
 #ifndef GSSAPI
+        /* The GSSAPI key exchange can run without a host key */
        if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) {
                logit("Disabling protocol version 2. Could not load host key");
                options.protocol &= ~SSH_PROTO_2;
@@ -1681,6 +1686,60 @@ main(int ac, char **av)
        /* Log the connection. */
        verbose("Connection from %.500s port %d", remote_ip, remote_port);
+#ifdef USE_SECURITY_SESSION_API
+        /*
+         * Create a new security session for use by the new user login if
+         * the current session is the root session or we are not launched
+         * by inetd (eg: debugging mode or server mode).  We do not
+         * necessarily need to create a session if we are launched from
+         * inetd because Panther xinetd will create a session for us.
+         *
+         * The only case where this logic will fail is if there is an
+         * inetd running in a non-root session which is not creating
+         * new sessions for us.  Then all the users will end up in the
+         * same session (bad).
+         *
+         * When the client exits, the session will be destroyed for us
+         * automatically.
+         *
+         * We must create the session before any credentials are stored
+         * (including AFS pags, which happens a few lines below).
+         */
+        {
+                OSStatus err = 0;
+                SecuritySessionId sid = 0;
+                SessionAttributeBits sattrs = 0;
+                err = SessionGetInfo(callerSecuritySession, &sid, &sattrs);
+                if (err)
+                        error("SessionGetInfo() failed with error %.8X",
+                            (unsigned) err);
+                else
+                        debug("Current Session ID is %.8X / Session Attributes are %.8X",
+                            (unsigned) sid, (unsigned) sattrs);
+                if (inetd_flag && !(sattrs & sessionIsRoot))
+                        debug("Running in inetd mode in a non-root session... "
+                            "assuming inetd created the session for us.");
+                else {
+                        debug("Creating new security session...");
+                        err = SessionCreate(0, sessionHasTTY | sessionIsRemote);
+                        if (err)
+                                error("SessionCreate() failed with error %.8X",
+                                    (unsigned) err);
+                        err = SessionGetInfo(callerSecuritySession, &sid, 
+                            &sattrs);
+                        if (err)
+                                error("SessionGetInfo() failed with error %.8X",
+                                    (unsigned) err);
+                        else
+                                debug("New Session ID is %.8X / Session Attributes are %.8X",
+                                    (unsigned) sid, (unsigned) sattrs);
+                }
+        }
+#endif
        /*
         * We don't want to listen forever unless the other side
         * successfully authenticates itself.  So we set up an alarm which is
@@ -2051,7 +2110,10 @@ do_ssh2_kex(void)
        if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)
                orig = NULL;
-        gss = ssh_gssapi_server_mechanisms();
+        if (options.gss_keyex)
+                gss = ssh_gssapi_server_mechanisms();
+        else
+                gss = NULL;
        if (gss && orig) {
                int len = strlen(orig) + strlen(gss) + 2;
@@ -2084,6 +2146,7 @@ do_ssh2_kex(void)
        kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
 #ifdef GSSAPI
        kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
+        kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
 #endif
        kex->server = 1;
        kex->client_version_string=client_version_string;
author	Colin Watson <cjwatson@debian.org>	2006-05-12 09:46:51 +0000
committer	Colin Watson <cjwatson@debian.org>	2006-05-12 09:46:51 +0000
commit	2a3e00306c9b3b4db71a777a7c3ccb70e470c675 (patch)
tree	f00af0128b0ac750d739384f111000c1c97007e4 /sshd.c
parent	2ee73b36b9a35daeaa4b065046882dc1f5f551b6 (diff)

diff --git a/sshd.c b/sshd.c index df6d1e374..85b679d5e 100644 --- a/sshd.c +++ b/sshd.c
@@ -86,6 +86,10 @@ RCSID("$OpenBSD: sshd.c,v 1.318 2005/12/24 02:27:41 djm Exp $");
86	#include "monitor_wrap.h"	86	#include "monitor_wrap.h"
87	#include "monitor_fdpass.h"	87	#include "monitor_fdpass.h"
88		88
		89	#ifdef USE_SECURITY_SESSION_API
		90	#include <Security/AuthSession.h>
		91	#endif
		92
89	#ifdef LIBWRAP	93	#ifdef LIBWRAP
90	#include <tcpd.h>	94	#include <tcpd.h>
91	#include <syslog.h>	95	#include <syslog.h>
@@ -1129,6 +1133,7 @@ main(int ac, char **av)
1129	options.protocol &= ~SSH_PROTO_1;	1133	options.protocol &= ~SSH_PROTO_1;
1130	}	1134	}
1131	#ifndef GSSAPI	1135	#ifndef GSSAPI
		1136	/* The GSSAPI key exchange can run without a host key */
1132	if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) {	1137	if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) {
1133	logit("Disabling protocol version 2. Could not load host key");	1138	logit("Disabling protocol version 2. Could not load host key");
1134	options.protocol &= ~SSH_PROTO_2;	1139	options.protocol &= ~SSH_PROTO_2;
@@ -1681,6 +1686,60 @@ main(int ac, char **av)
1681	/* Log the connection. */	1686	/* Log the connection. */
1682	verbose("Connection from %.500s port %d", remote_ip, remote_port);	1687	verbose("Connection from %.500s port %d", remote_ip, remote_port);
1683		1688
		1689	#ifdef USE_SECURITY_SESSION_API
		1690	/*
		1691	* Create a new security session for use by the new user login if
		1692	* the current session is the root session or we are not launched
		1693	* by inetd (eg: debugging mode or server mode). We do not
		1694	* necessarily need to create a session if we are launched from
		1695	* inetd because Panther xinetd will create a session for us.
		1696	*
		1697	* The only case where this logic will fail is if there is an
		1698	* inetd running in a non-root session which is not creating
		1699	* new sessions for us. Then all the users will end up in the
		1700	* same session (bad).
		1701	*
		1702	* When the client exits, the session will be destroyed for us
		1703	* automatically.
		1704	*
		1705	* We must create the session before any credentials are stored
		1706	* (including AFS pags, which happens a few lines below).
		1707	*/
		1708	{
		1709	OSStatus err = 0;
		1710	SecuritySessionId sid = 0;
		1711	SessionAttributeBits sattrs = 0;
		1712
		1713	err = SessionGetInfo(callerSecuritySession, &sid, &sattrs);
		1714	if (err)
		1715	error("SessionGetInfo() failed with error %.8X",
		1716	(unsigned) err);
		1717	else
		1718	debug("Current Session ID is %.8X / Session Attributes are %.8X",
		1719	(unsigned) sid, (unsigned) sattrs);
		1720
		1721	if (inetd_flag && !(sattrs & sessionIsRoot))
		1722	debug("Running in inetd mode in a non-root session... "
		1723	"assuming inetd created the session for us.");
		1724	else {
		1725	debug("Creating new security session...");
		1726	err = SessionCreate(0, sessionHasTTY \| sessionIsRemote);
		1727	if (err)
		1728	error("SessionCreate() failed with error %.8X",
		1729	(unsigned) err);
		1730
		1731	err = SessionGetInfo(callerSecuritySession, &sid,
		1732	&sattrs);
		1733	if (err)
		1734	error("SessionGetInfo() failed with error %.8X",
		1735	(unsigned) err);
		1736	else
		1737	debug("New Session ID is %.8X / Session Attributes are %.8X",
		1738	(unsigned) sid, (unsigned) sattrs);
		1739	}
		1740	}
		1741	#endif
		1742
1684	/*	1743	/*
1685	* We don't want to listen forever unless the other side	1744	* We don't want to listen forever unless the other side
1686	* successfully authenticates itself. So we set up an alarm which is	1745	* successfully authenticates itself. So we set up an alarm which is
@@ -2051,7 +2110,10 @@ do_ssh2_kex(void)
2051	if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)	2110	if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)
2052	orig = NULL;	2111	orig = NULL;
2053		2112
2054	gss = ssh_gssapi_server_mechanisms();	2113	if (options.gss_keyex)
		2114	gss = ssh_gssapi_server_mechanisms();
		2115	else
		2116	gss = NULL;
2055		2117
2056	if (gss && orig) {	2118	if (gss && orig) {
2057	int len = strlen(orig) + strlen(gss) + 2;	2119	int len = strlen(orig) + strlen(gss) + 2;
@@ -2084,6 +2146,7 @@ do_ssh2_kex(void)
2084	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	2146	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
2085	#ifdef GSSAPI	2147	#ifdef GSSAPI
2086	kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;	2148	kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
		2149	kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
2087	#endif	2150	#endif
2088	kex->server = 1;	2151	kex->server = 1;
2089	kex->client_version_string=client_version_string;	2152	kex->client_version_string=client_version_string;