diff options
-rw-r--r-- | ChangeLog | 19 | ||||
-rw-r--r-- | canohost.c | 30 | ||||
-rw-r--r-- | channels.c | 20 | ||||
-rw-r--r-- | mpaux.c | 12 | ||||
-rw-r--r-- | pty.c | 5 | ||||
-rw-r--r-- | ssh.1 | 6 | ||||
-rw-r--r-- | ssh.c | 5 | ||||
-rw-r--r-- | ssh.h | 6 | ||||
-rw-r--r-- | sshconnect.c | 246 | ||||
-rw-r--r-- | sshd.c | 36 | ||||
-rw-r--r-- | version.h | 2 |
11 files changed, 229 insertions, 158 deletions
@@ -1,3 +1,22 @@ | |||
1 | 19991214 | ||
2 | - OpenBSD CVS Changes | ||
3 | - [canohost.c] | ||
4 | fix get_remote_port() and friends for sshd -i; | ||
5 | Holger.Trapp@Informatik.TU-Chemnitz.DE | ||
6 | - [mpaux.c] | ||
7 | make code simpler. no need for memcpy. niels@ ok | ||
8 | - [pty.c] | ||
9 | namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org | ||
10 | fix proto; markus | ||
11 | - [ssh.1] | ||
12 | typo; mark.baushke@solipsa.com | ||
13 | - [channels.c ssh.c ssh.h sshd.c] | ||
14 | type conflict for 'extern Type *options' in channels.c; dot@dotat.at | ||
15 | - [sshconnect.c] | ||
16 | move checking of hostkey into own function. | ||
17 | - [version.h] | ||
18 | OpenSSH-1.2.1 | ||
19 | |||
1 | 19991211 | 20 | 19991211 |
2 | - Fix compilation on systems with AFS. Reported by | 21 | - Fix compilation on systems with AFS. Reported by |
3 | aloomis@glue.umd.edu | 22 | aloomis@glue.umd.edu |
diff --git a/canohost.c b/canohost.c index 4209b6ab8..e61628b77 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -14,7 +14,7 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$Id: canohost.c,v 1.4 1999/11/25 00:54:58 damien Exp $"); | 17 | RCSID("$Id: canohost.c,v 1.5 1999/12/13 23:47:15 damien Exp $"); |
18 | 18 | ||
19 | #include "packet.h" | 19 | #include "packet.h" |
20 | #include "xmalloc.h" | 20 | #include "xmalloc.h" |
@@ -143,6 +143,28 @@ check_ip_options: | |||
143 | static char *canonical_host_name = NULL; | 143 | static char *canonical_host_name = NULL; |
144 | static char *canonical_host_ip = NULL; | 144 | static char *canonical_host_ip = NULL; |
145 | 145 | ||
146 | /* Returns 1 if remote host is connected via socket, 0 if not. */ | ||
147 | |||
148 | int | ||
149 | peer_connection_is_on_socket() | ||
150 | { | ||
151 | struct sockaddr_in from; | ||
152 | int fromlen; | ||
153 | int in = packet_get_connection_in(); | ||
154 | int out = packet_get_connection_out(); | ||
155 | |||
156 | /* filedescriptors in and out are the same, so it's a socket */ | ||
157 | if (in == out) | ||
158 | return 1; | ||
159 | fromlen = sizeof(from); | ||
160 | memset(&from, 0, sizeof(from)); | ||
161 | if (getpeername(in, (struct sockaddr *) & from, &fromlen) < 0) | ||
162 | return 0; | ||
163 | if (from.sin_family != AF_INET && from.sin_family != AF_INET6) | ||
164 | return 0; | ||
165 | return 1; | ||
166 | } | ||
167 | |||
146 | /* | 168 | /* |
147 | * Return the canonical name of the host in the other side of the current | 169 | * Return the canonical name of the host in the other side of the current |
148 | * connection. The host name is cached, so it is efficient to call this | 170 | * connection. The host name is cached, so it is efficient to call this |
@@ -157,7 +179,7 @@ get_canonical_hostname() | |||
157 | return canonical_host_name; | 179 | return canonical_host_name; |
158 | 180 | ||
159 | /* Get the real hostname if socket; otherwise return UNKNOWN. */ | 181 | /* Get the real hostname if socket; otherwise return UNKNOWN. */ |
160 | if (packet_get_connection_in() == packet_get_connection_out()) | 182 | if (peer_connection_is_on_socket()) |
161 | canonical_host_name = get_remote_hostname(packet_get_connection_in()); | 183 | canonical_host_name = get_remote_hostname(packet_get_connection_in()); |
162 | else | 184 | else |
163 | canonical_host_name = xstrdup("UNKNOWN"); | 185 | canonical_host_name = xstrdup("UNKNOWN"); |
@@ -181,7 +203,7 @@ get_remote_ipaddr() | |||
181 | return canonical_host_ip; | 203 | return canonical_host_ip; |
182 | 204 | ||
183 | /* If not a socket, return UNKNOWN. */ | 205 | /* If not a socket, return UNKNOWN. */ |
184 | if (packet_get_connection_in() != packet_get_connection_out()) { | 206 | if (!peer_connection_is_on_socket()) { |
185 | canonical_host_ip = xstrdup("UNKNOWN"); | 207 | canonical_host_ip = xstrdup("UNKNOWN"); |
186 | return canonical_host_ip; | 208 | return canonical_host_ip; |
187 | } | 209 | } |
@@ -232,7 +254,7 @@ get_remote_port() | |||
232 | * If the connection is not a socket, return 65535. This is | 254 | * If the connection is not a socket, return 65535. This is |
233 | * intentionally chosen to be an unprivileged port number. | 255 | * intentionally chosen to be an unprivileged port number. |
234 | */ | 256 | */ |
235 | if (packet_get_connection_in() != packet_get_connection_out()) | 257 | if (!peer_connection_is_on_socket()) |
236 | return 65535; | 258 | return 65535; |
237 | 259 | ||
238 | /* Get client socket. */ | 260 | /* Get client socket. */ |
diff --git a/channels.c b/channels.c index 328a11781..8d6d87ae3 100644 --- a/channels.c +++ b/channels.c | |||
@@ -16,7 +16,7 @@ | |||
16 | */ | 16 | */ |
17 | 17 | ||
18 | #include "includes.h" | 18 | #include "includes.h" |
19 | RCSID("$Id: channels.c,v 1.11 1999/12/07 05:47:28 damien Exp $"); | 19 | RCSID("$Id: channels.c,v 1.12 1999/12/13 23:47:15 damien Exp $"); |
20 | 20 | ||
21 | #include "ssh.h" | 21 | #include "ssh.h" |
22 | #include "packet.h" | 22 | #include "packet.h" |
@@ -877,11 +877,10 @@ channel_open_message() | |||
877 | 877 | ||
878 | void | 878 | void |
879 | channel_request_local_forwarding(u_short port, const char *host, | 879 | channel_request_local_forwarding(u_short port, const char *host, |
880 | u_short host_port) | 880 | u_short host_port, int gateway_ports) |
881 | { | 881 | { |
882 | int ch, sock, on = 1; | 882 | int ch, sock, on = 1; |
883 | struct sockaddr_in sin; | 883 | struct sockaddr_in sin; |
884 | extern Options options; | ||
885 | struct linger linger; | 884 | struct linger linger; |
886 | 885 | ||
887 | if (strlen(host) > sizeof(channels[0].path) - 1) | 886 | if (strlen(host) > sizeof(channels[0].path) - 1) |
@@ -895,7 +894,7 @@ channel_request_local_forwarding(u_short port, const char *host, | |||
895 | /* Initialize socket address. */ | 894 | /* Initialize socket address. */ |
896 | memset(&sin, 0, sizeof(sin)); | 895 | memset(&sin, 0, sizeof(sin)); |
897 | sin.sin_family = AF_INET; | 896 | sin.sin_family = AF_INET; |
898 | if (options.gateway_ports == 1) | 897 | if (gateway_ports == 1) |
899 | sin.sin_addr.s_addr = htonl(INADDR_ANY); | 898 | sin.sin_addr.s_addr = htonl(INADDR_ANY); |
900 | else | 899 | else |
901 | sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); | 900 | sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); |
@@ -983,9 +982,11 @@ channel_input_port_forward_request(int is_root) | |||
983 | if (port < IPPORT_RESERVED && !is_root) | 982 | if (port < IPPORT_RESERVED && !is_root) |
984 | packet_disconnect("Requested forwarding of port %d but user is not root.", | 983 | packet_disconnect("Requested forwarding of port %d but user is not root.", |
985 | port); | 984 | port); |
986 | 985 | /* | |
987 | /* Initiate forwarding. */ | 986 | * Initiate forwarding, |
988 | channel_request_local_forwarding(port, hostname, host_port); | 987 | * bind port to localhost only (gateway ports == 0). |
988 | */ | ||
989 | channel_request_local_forwarding(port, hostname, host_port, 0); | ||
989 | 990 | ||
990 | /* Free the argument string. */ | 991 | /* Free the argument string. */ |
991 | xfree(hostname); | 992 | xfree(hostname); |
@@ -1116,16 +1117,15 @@ fail: | |||
1116 | */ | 1117 | */ |
1117 | 1118 | ||
1118 | char * | 1119 | char * |
1119 | x11_create_display_inet(int screen_number) | 1120 | x11_create_display_inet(int screen_number, int x11_display_offset) |
1120 | { | 1121 | { |
1121 | extern ServerOptions options; | ||
1122 | int display_number, sock; | 1122 | int display_number, sock; |
1123 | u_short port; | 1123 | u_short port; |
1124 | struct sockaddr_in sin; | 1124 | struct sockaddr_in sin; |
1125 | char buf[512]; | 1125 | char buf[512]; |
1126 | char hostname[MAXHOSTNAMELEN]; | 1126 | char hostname[MAXHOSTNAMELEN]; |
1127 | 1127 | ||
1128 | for (display_number = options.x11_display_offset; | 1128 | for (display_number = x11_display_offset; |
1129 | display_number < MAX_DISPLAYS; | 1129 | display_number < MAX_DISPLAYS; |
1130 | display_number++) { | 1130 | display_number++) { |
1131 | port = 6000 + display_number; | 1131 | port = 6000 + display_number; |
@@ -15,7 +15,7 @@ | |||
15 | */ | 15 | */ |
16 | 16 | ||
17 | #include "includes.h" | 17 | #include "includes.h" |
18 | RCSID("$Id: mpaux.c,v 1.7 1999/11/24 13:26:22 damien Exp $"); | 18 | RCSID("$Id: mpaux.c,v 1.8 1999/12/13 23:47:16 damien Exp $"); |
19 | 19 | ||
20 | #include "getput.h" | 20 | #include "getput.h" |
21 | #include "xmalloc.h" | 21 | #include "xmalloc.h" |
@@ -35,17 +35,17 @@ compute_session_id(unsigned char session_id[16], | |||
35 | BIGNUM* host_key_n, | 35 | BIGNUM* host_key_n, |
36 | BIGNUM* session_key_n) | 36 | BIGNUM* session_key_n) |
37 | { | 37 | { |
38 | unsigned int host_key_bits = BN_num_bits(host_key_n); | 38 | unsigned int host_key_bytes = BN_num_bytes(host_key_n); |
39 | unsigned int session_key_bits = BN_num_bits(session_key_n); | 39 | unsigned int session_key_bytes = BN_num_bytes(session_key_n); |
40 | unsigned int bytes = (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8 + 8; | 40 | unsigned int bytes = host_key_bytes + session_key_bytes; |
41 | unsigned char *buf = xmalloc(bytes); | 41 | unsigned char *buf = xmalloc(bytes); |
42 | MD5_CTX md; | 42 | MD5_CTX md; |
43 | 43 | ||
44 | BN_bn2bin(host_key_n, buf); | 44 | BN_bn2bin(host_key_n, buf); |
45 | BN_bn2bin(session_key_n, buf + (host_key_bits + 7) / 8); | 45 | BN_bn2bin(session_key_n, buf + host_key_bytes); |
46 | memcpy(buf + (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8, cookie, 8); | ||
47 | MD5_Init(&md); | 46 | MD5_Init(&md); |
48 | MD5_Update(&md, buf, bytes); | 47 | MD5_Update(&md, buf, bytes); |
48 | MD5_Update(&md, cookie, 8); | ||
49 | MD5_Final(session_id, &md); | 49 | MD5_Final(session_id, &md); |
50 | memset(buf, 0, bytes); | 50 | memset(buf, 0, bytes); |
51 | xfree(buf); | 51 | xfree(buf); |
@@ -14,8 +14,9 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$Id: pty.c,v 1.8 1999/12/08 23:16:55 damien Exp $"); | 17 | RCSID("$Id: pty.c,v 1.9 1999/12/13 23:47:16 damien Exp $"); |
18 | 18 | ||
19 | #include <util.h> | ||
19 | #include "pty.h" | 20 | #include "pty.h" |
20 | #include "ssh.h" | 21 | #include "ssh.h" |
21 | 22 | ||
@@ -163,7 +164,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) | |||
163 | *ptyfd = open(buf, O_RDWR | O_NOCTTY); | 164 | *ptyfd = open(buf, O_RDWR | O_NOCTTY); |
164 | if (*ptyfd < 0) | 165 | if (*ptyfd < 0) |
165 | continue; | 166 | continue; |
166 | snprintf(namebuf, sizeof namebuflen, "/dev/tty%c%c", | 167 | snprintf(namebuf, namebuflen, "/dev/tty%c%c", |
167 | ptymajors[i / num_minors], ptyminors[i % num_minors]); | 168 | ptymajors[i / num_minors], ptyminors[i % num_minors]); |
168 | 169 | ||
169 | /* Open the slave side. */ | 170 | /* Open the slave side. */ |
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo | 10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: ssh.1,v 1.11 1999/12/06 00:47:29 damien Exp $ | 12 | .\" $Id: ssh.1,v 1.12 1999/12/13 23:47:16 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSH 1 | 15 | .Dt SSH 1 |
@@ -351,7 +351,7 @@ per-host basis in the configuration file. | |||
351 | Use a non-privileged port for outgoing connections. | 351 | Use a non-privileged port for outgoing connections. |
352 | This can be used if your firewall does | 352 | This can be used if your firewall does |
353 | not permit connections from privileged ports. | 353 | not permit connections from privileged ports. |
354 | Note that this option turns of | 354 | Note that this option turns off |
355 | .Cm RhostsAuthentication | 355 | .Cm RhostsAuthentication |
356 | and | 356 | and |
357 | .Cm RhostsRSAAuthentication . | 357 | .Cm RhostsRSAAuthentication . |
@@ -720,7 +720,7 @@ The default is | |||
720 | .Dq yes . | 720 | .Dq yes . |
721 | Note that setting this option to | 721 | Note that setting this option to |
722 | .Dq no | 722 | .Dq no |
723 | turns of | 723 | turns off |
724 | .Cm RhostsAuthentication | 724 | .Cm RhostsAuthentication |
725 | and | 725 | and |
726 | .Cm RhostsRSAAuthentication . | 726 | .Cm RhostsRSAAuthentication . |
@@ -11,7 +11,7 @@ | |||
11 | */ | 11 | */ |
12 | 12 | ||
13 | #include "includes.h" | 13 | #include "includes.h" |
14 | RCSID("$Id: ssh.c,v 1.13 1999/12/06 00:47:29 damien Exp $"); | 14 | RCSID("$Id: ssh.c,v 1.14 1999/12/13 23:47:16 damien Exp $"); |
15 | 15 | ||
16 | #include "xmalloc.h" | 16 | #include "xmalloc.h" |
17 | #include "ssh.h" | 17 | #include "ssh.h" |
@@ -732,7 +732,8 @@ main(int ac, char **av) | |||
732 | options.local_forwards[i].host_port); | 732 | options.local_forwards[i].host_port); |
733 | channel_request_local_forwarding(options.local_forwards[i].port, | 733 | channel_request_local_forwarding(options.local_forwards[i].port, |
734 | options.local_forwards[i].host, | 734 | options.local_forwards[i].host, |
735 | options.local_forwards[i].host_port); | 735 | options.local_forwards[i].host_port, |
736 | options.gateway_ports); | ||
736 | } | 737 | } |
737 | 738 | ||
738 | /* Initiate remote TCP/IP port forwardings. */ | 739 | /* Initiate remote TCP/IP port forwardings. */ |
@@ -13,7 +13,7 @@ | |||
13 | * | 13 | * |
14 | */ | 14 | */ |
15 | 15 | ||
16 | /* RCSID("$Id: ssh.h,v 1.19 1999/12/07 04:38:32 damien Exp $"); */ | 16 | /* RCSID("$Id: ssh.h,v 1.20 1999/12/13 23:47:16 damien Exp $"); */ |
17 | 17 | ||
18 | #ifndef SSH_H | 18 | #ifndef SSH_H |
19 | #define SSH_H | 19 | #define SSH_H |
@@ -589,7 +589,7 @@ char *channel_open_message(void); | |||
589 | */ | 589 | */ |
590 | void | 590 | void |
591 | channel_request_local_forwarding(u_short port, const char *host, | 591 | channel_request_local_forwarding(u_short port, const char *host, |
592 | u_short remote_port); | 592 | u_short remote_port, int gateway_ports); |
593 | 593 | ||
594 | /* | 594 | /* |
595 | * Initiate forwarding of connections to port "port" on remote host through | 595 | * Initiate forwarding of connections to port "port" on remote host through |
@@ -633,7 +633,7 @@ char *x11_create_display(int screen); | |||
633 | * Returns a suitable value for the DISPLAY variable, or NULL if an error | 633 | * Returns a suitable value for the DISPLAY variable, or NULL if an error |
634 | * occurs. | 634 | * occurs. |
635 | */ | 635 | */ |
636 | char *x11_create_display_inet(int screen); | 636 | char *x11_create_display_inet(int screen, int x11_display_offset); |
637 | 637 | ||
638 | /* | 638 | /* |
639 | * This is called when SSH_SMSG_X11_OPEN is received. The packet contains | 639 | * This is called when SSH_SMSG_X11_OPEN is received. The packet contains |
diff --git a/sshconnect.c b/sshconnect.c index e6175f11b..d96f8e026 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -8,7 +8,7 @@ | |||
8 | */ | 8 | */ |
9 | 9 | ||
10 | #include "includes.h" | 10 | #include "includes.h" |
11 | RCSID("$Id: sshconnect.c,v 1.17 1999/12/07 04:38:32 damien Exp $"); | 11 | RCSID("$Id: sshconnect.c,v 1.18 1999/12/13 23:47:16 damien Exp $"); |
12 | 12 | ||
13 | #ifdef HAVE_OPENSSL | 13 | #ifdef HAVE_OPENSSL |
14 | #include <openssl/bn.h> | 14 | #include <openssl/bn.h> |
@@ -156,8 +156,10 @@ ssh_create_socket(uid_t original_real_uid, int privileged) | |||
156 | fatal("rresvport: %.100s", strerror(errno)); | 156 | fatal("rresvport: %.100s", strerror(errno)); |
157 | debug("Allocated local port %d.", p); | 157 | debug("Allocated local port %d.", p); |
158 | } else { | 158 | } else { |
159 | /* Just create an ordinary socket on arbitrary port. We | 159 | /* |
160 | use the user's uid to create the socket. */ | 160 | * Just create an ordinary socket on arbitrary port. We use |
161 | * the user's uid to create the socket. | ||
162 | */ | ||
161 | temporarily_use_uid(original_real_uid); | 163 | temporarily_use_uid(original_real_uid); |
162 | sock = socket(AF_INET, SOCK_STREAM, 0); | 164 | sock = socket(AF_INET, SOCK_STREAM, 0); |
163 | if (sock < 0) | 165 | if (sock < 0) |
@@ -209,9 +211,11 @@ ssh_connect(const char *host, struct sockaddr_in * hostaddr, | |||
209 | /* No host lookup made yet. */ | 211 | /* No host lookup made yet. */ |
210 | hp = NULL; | 212 | hp = NULL; |
211 | 213 | ||
212 | /* Try to connect several times. On some machines, the first time | 214 | /* |
213 | will sometimes fail. In general socket code appears to behave | 215 | * Try to connect several times. On some machines, the first time |
214 | quite magically on many machines. */ | 216 | * will sometimes fail. In general socket code appears to behave |
217 | * quite magically on many machines. | ||
218 | */ | ||
215 | for (attempt = 0; attempt < connection_attempts; attempt++) { | 219 | for (attempt = 0; attempt < connection_attempts; attempt++) { |
216 | if (attempt > 0) | 220 | if (attempt > 0) |
217 | debug("Trying again..."); | 221 | debug("Trying again..."); |
@@ -1087,39 +1091,21 @@ read_yes_or_no(const char *prompt, int defval) | |||
1087 | } | 1091 | } |
1088 | 1092 | ||
1089 | /* | 1093 | /* |
1090 | * Starts a dialog with the server, and authenticates the current user on the | 1094 | * check whether the supplied host key is valid, return only if ok. |
1091 | * server. This does not need any extra privileges. The basic connection | ||
1092 | * to the server must already have been established before this is called. | ||
1093 | * User is the remote user; if it is NULL, the current local user name will | ||
1094 | * be used. Anonymous indicates that no rhosts authentication will be used. | ||
1095 | * If login fails, this function prints an error and never returns. | ||
1096 | * This function does not require super-user privileges. | ||
1097 | */ | 1095 | */ |
1096 | |||
1098 | void | 1097 | void |
1099 | ssh_login(int host_key_valid, | 1098 | check_host_key(char *host, |
1100 | RSA *own_host_key, | 1099 | struct sockaddr_in *hostaddr, |
1101 | const char *orighost, | 1100 | RSA *host_key) |
1102 | struct sockaddr_in *hostaddr, | ||
1103 | uid_t original_real_uid) | ||
1104 | { | 1101 | { |
1105 | int i, type; | 1102 | RSA *file_key; |
1106 | struct passwd *pw; | 1103 | char *ip = NULL; |
1107 | BIGNUM *key; | ||
1108 | RSA *host_key, *file_key; | ||
1109 | RSA *public_key; | ||
1110 | int bits, rbits; | ||
1111 | unsigned char session_key[SSH_SESSION_KEY_LENGTH]; | ||
1112 | const char *server_user, *local_user; | ||
1113 | char *cp, *host, *ip = NULL; | ||
1114 | char hostline[1000], *hostp; | 1104 | char hostline[1000], *hostp; |
1115 | unsigned char check_bytes[8]; | ||
1116 | unsigned int supported_ciphers, supported_authentications, protocol_flags; | ||
1117 | HostStatus host_status; | 1105 | HostStatus host_status; |
1118 | HostStatus ip_status; | 1106 | HostStatus ip_status; |
1119 | int host_ip_differ = 0; | 1107 | int host_ip_differ = 0; |
1120 | int local = (ntohl(hostaddr->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; | 1108 | int local = (ntohl(hostaddr->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; |
1121 | int payload_len, clen, sum_len = 0; | ||
1122 | u_int32_t rand = 0; | ||
1123 | 1109 | ||
1124 | /* | 1110 | /* |
1125 | * Turn off check_host_ip for proxy connects, since | 1111 | * Turn off check_host_ip for proxy connects, since |
@@ -1131,88 +1117,14 @@ ssh_login(int host_key_valid, | |||
1131 | if (options.check_host_ip) | 1117 | if (options.check_host_ip) |
1132 | ip = xstrdup(inet_ntoa(hostaddr->sin_addr)); | 1118 | ip = xstrdup(inet_ntoa(hostaddr->sin_addr)); |
1133 | 1119 | ||
1134 | /* Convert the user-supplied hostname into all lowercase. */ | 1120 | /* |
1135 | host = xstrdup(orighost); | 1121 | * Store the host key from the known host file in here so that we can |
1136 | for (cp = host; *cp; cp++) | 1122 | * compare it with the key for the IP address. |
1137 | if (isupper(*cp)) | 1123 | */ |
1138 | *cp = tolower(*cp); | ||
1139 | |||
1140 | /* Exchange protocol version identification strings with the server. */ | ||
1141 | ssh_exchange_identification(); | ||
1142 | |||
1143 | /* Put the connection into non-blocking mode. */ | ||
1144 | packet_set_nonblocking(); | ||
1145 | |||
1146 | /* Get local user name. Use it as server user if no user name was given. */ | ||
1147 | pw = getpwuid(original_real_uid); | ||
1148 | if (!pw) | ||
1149 | fatal("User id %d not found from user database.", original_real_uid); | ||
1150 | local_user = xstrdup(pw->pw_name); | ||
1151 | server_user = options.user ? options.user : local_user; | ||
1152 | |||
1153 | debug("Waiting for server public key."); | ||
1154 | |||
1155 | /* Wait for a public key packet from the server. */ | ||
1156 | packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY); | ||
1157 | |||
1158 | /* Get check bytes from the packet. */ | ||
1159 | for (i = 0; i < 8; i++) | ||
1160 | check_bytes[i] = packet_get_char(); | ||
1161 | |||
1162 | /* Get the public key. */ | ||
1163 | public_key = RSA_new(); | ||
1164 | bits = packet_get_int();/* bits */ | ||
1165 | public_key->e = BN_new(); | ||
1166 | packet_get_bignum(public_key->e, &clen); | ||
1167 | sum_len += clen; | ||
1168 | public_key->n = BN_new(); | ||
1169 | packet_get_bignum(public_key->n, &clen); | ||
1170 | sum_len += clen; | ||
1171 | |||
1172 | rbits = BN_num_bits(public_key->n); | ||
1173 | if (bits != rbits) { | ||
1174 | log("Warning: Server lies about size of server public key: " | ||
1175 | "actual size is %d bits vs. announced %d.", rbits, bits); | ||
1176 | log("Warning: This may be due to an old implementation of ssh."); | ||
1177 | } | ||
1178 | /* Get the host key. */ | ||
1179 | host_key = RSA_new(); | ||
1180 | bits = packet_get_int();/* bits */ | ||
1181 | host_key->e = BN_new(); | ||
1182 | packet_get_bignum(host_key->e, &clen); | ||
1183 | sum_len += clen; | ||
1184 | host_key->n = BN_new(); | ||
1185 | packet_get_bignum(host_key->n, &clen); | ||
1186 | sum_len += clen; | ||
1187 | |||
1188 | rbits = BN_num_bits(host_key->n); | ||
1189 | if (bits != rbits) { | ||
1190 | log("Warning: Server lies about size of server host key: " | ||
1191 | "actual size is %d bits vs. announced %d.", rbits, bits); | ||
1192 | log("Warning: This may be due to an old implementation of ssh."); | ||
1193 | } | ||
1194 | /* Store the host key from the known host file in here so that we | ||
1195 | can compare it with the key for the IP address. */ | ||
1196 | file_key = RSA_new(); | 1124 | file_key = RSA_new(); |
1197 | file_key->n = BN_new(); | 1125 | file_key->n = BN_new(); |
1198 | file_key->e = BN_new(); | 1126 | file_key->e = BN_new(); |
1199 | 1127 | ||
1200 | /* Get protocol flags. */ | ||
1201 | protocol_flags = packet_get_int(); | ||
1202 | packet_set_protocol_flags(protocol_flags); | ||
1203 | |||
1204 | supported_ciphers = packet_get_int(); | ||
1205 | supported_authentications = packet_get_int(); | ||
1206 | |||
1207 | debug("Received server public key (%d bits) and host key (%d bits).", | ||
1208 | BN_num_bits(public_key->n), BN_num_bits(host_key->n)); | ||
1209 | |||
1210 | packet_integrity_check(payload_len, | ||
1211 | 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, | ||
1212 | SSH_SMSG_PUBLIC_KEY); | ||
1213 | |||
1214 | compute_session_id(session_id, check_bytes, host_key->n, public_key->n); | ||
1215 | |||
1216 | /* | 1128 | /* |
1217 | * Check if the host key is present in the user\'s list of known | 1129 | * Check if the host key is present in the user\'s list of known |
1218 | * hosts or in the systemwide list. | 1130 | * hosts or in the systemwide list. |
@@ -1372,9 +1284,121 @@ ssh_login(int host_key_valid, | |||
1372 | */ | 1284 | */ |
1373 | break; | 1285 | break; |
1374 | } | 1286 | } |
1375 | |||
1376 | if (options.check_host_ip) | 1287 | if (options.check_host_ip) |
1377 | xfree(ip); | 1288 | xfree(ip); |
1289 | } | ||
1290 | |||
1291 | /* | ||
1292 | * Starts a dialog with the server, and authenticates the current user on the | ||
1293 | * server. This does not need any extra privileges. The basic connection | ||
1294 | * to the server must already have been established before this is called. | ||
1295 | * User is the remote user; if it is NULL, the current local user name will | ||
1296 | * be used. Anonymous indicates that no rhosts authentication will be used. | ||
1297 | * If login fails, this function prints an error and never returns. | ||
1298 | * This function does not require super-user privileges. | ||
1299 | */ | ||
1300 | void | ||
1301 | ssh_login(int host_key_valid, | ||
1302 | RSA *own_host_key, | ||
1303 | const char *orighost, | ||
1304 | struct sockaddr_in *hostaddr, | ||
1305 | uid_t original_real_uid) | ||
1306 | { | ||
1307 | int i, type; | ||
1308 | struct passwd *pw; | ||
1309 | BIGNUM *key; | ||
1310 | RSA *host_key; | ||
1311 | RSA *public_key; | ||
1312 | int bits, rbits; | ||
1313 | unsigned char session_key[SSH_SESSION_KEY_LENGTH]; | ||
1314 | const char *server_user, *local_user; | ||
1315 | char *host, *cp; | ||
1316 | unsigned char check_bytes[8]; | ||
1317 | unsigned int supported_ciphers, supported_authentications; | ||
1318 | unsigned int server_flags, client_flags; | ||
1319 | int payload_len, clen, sum_len = 0; | ||
1320 | u_int32_t rand = 0; | ||
1321 | |||
1322 | /* Convert the user-supplied hostname into all lowercase. */ | ||
1323 | host = xstrdup(orighost); | ||
1324 | for (cp = host; *cp; cp++) | ||
1325 | if (isupper(*cp)) | ||
1326 | *cp = tolower(*cp); | ||
1327 | |||
1328 | /* Exchange protocol version identification strings with the server. */ | ||
1329 | ssh_exchange_identification(); | ||
1330 | |||
1331 | /* Put the connection into non-blocking mode. */ | ||
1332 | packet_set_nonblocking(); | ||
1333 | |||
1334 | /* Get local user name. Use it as server user if no user name was given. */ | ||
1335 | pw = getpwuid(original_real_uid); | ||
1336 | if (!pw) | ||
1337 | fatal("User id %d not found from user database.", original_real_uid); | ||
1338 | local_user = xstrdup(pw->pw_name); | ||
1339 | server_user = options.user ? options.user : local_user; | ||
1340 | |||
1341 | debug("Waiting for server public key."); | ||
1342 | |||
1343 | /* Wait for a public key packet from the server. */ | ||
1344 | packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY); | ||
1345 | |||
1346 | /* Get check bytes from the packet. */ | ||
1347 | for (i = 0; i < 8; i++) | ||
1348 | check_bytes[i] = packet_get_char(); | ||
1349 | |||
1350 | /* Get the public key. */ | ||
1351 | public_key = RSA_new(); | ||
1352 | bits = packet_get_int();/* bits */ | ||
1353 | public_key->e = BN_new(); | ||
1354 | packet_get_bignum(public_key->e, &clen); | ||
1355 | sum_len += clen; | ||
1356 | public_key->n = BN_new(); | ||
1357 | packet_get_bignum(public_key->n, &clen); | ||
1358 | sum_len += clen; | ||
1359 | |||
1360 | rbits = BN_num_bits(public_key->n); | ||
1361 | if (bits != rbits) { | ||
1362 | log("Warning: Server lies about size of server public key: " | ||
1363 | "actual size is %d bits vs. announced %d.", rbits, bits); | ||
1364 | log("Warning: This may be due to an old implementation of ssh."); | ||
1365 | } | ||
1366 | /* Get the host key. */ | ||
1367 | host_key = RSA_new(); | ||
1368 | bits = packet_get_int();/* bits */ | ||
1369 | host_key->e = BN_new(); | ||
1370 | packet_get_bignum(host_key->e, &clen); | ||
1371 | sum_len += clen; | ||
1372 | host_key->n = BN_new(); | ||
1373 | packet_get_bignum(host_key->n, &clen); | ||
1374 | sum_len += clen; | ||
1375 | |||
1376 | rbits = BN_num_bits(host_key->n); | ||
1377 | if (bits != rbits) { | ||
1378 | log("Warning: Server lies about size of server host key: " | ||
1379 | "actual size is %d bits vs. announced %d.", rbits, bits); | ||
1380 | log("Warning: This may be due to an old implementation of ssh."); | ||
1381 | } | ||
1382 | |||
1383 | /* Get protocol flags. */ | ||
1384 | server_flags = packet_get_int(); | ||
1385 | packet_set_protocol_flags(server_flags); | ||
1386 | |||
1387 | supported_ciphers = packet_get_int(); | ||
1388 | supported_authentications = packet_get_int(); | ||
1389 | |||
1390 | debug("Received server public key (%d bits) and host key (%d bits).", | ||
1391 | BN_num_bits(public_key->n), BN_num_bits(host_key->n)); | ||
1392 | |||
1393 | packet_integrity_check(payload_len, | ||
1394 | 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, | ||
1395 | SSH_SMSG_PUBLIC_KEY); | ||
1396 | |||
1397 | check_host_key(host, hostaddr, host_key); | ||
1398 | |||
1399 | client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN; | ||
1400 | |||
1401 | compute_session_id(session_id, check_bytes, host_key->n, public_key->n); | ||
1378 | 1402 | ||
1379 | /* Generate a session key. */ | 1403 | /* Generate a session key. */ |
1380 | arc4random_stir(); | 1404 | arc4random_stir(); |
@@ -1465,7 +1489,7 @@ ssh_login(int host_key_valid, | |||
1465 | packet_put_bignum(key); | 1489 | packet_put_bignum(key); |
1466 | 1490 | ||
1467 | /* Send protocol flags. */ | 1491 | /* Send protocol flags. */ |
1468 | packet_put_int(SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN); | 1492 | packet_put_int(client_flags); |
1469 | 1493 | ||
1470 | /* Send the packet now. */ | 1494 | /* Send the packet now. */ |
1471 | packet_send(); | 1495 | packet_send(); |
@@ -11,7 +11,7 @@ | |||
11 | */ | 11 | */ |
12 | 12 | ||
13 | #include "includes.h" | 13 | #include "includes.h" |
14 | RCSID("$Id: sshd.c,v 1.37 1999/12/08 23:31:37 damien Exp $"); | 14 | RCSID("$Id: sshd.c,v 1.38 1999/12/13 23:47:16 damien Exp $"); |
15 | 15 | ||
16 | #include <poll.h> | 16 | #include <poll.h> |
17 | 17 | ||
@@ -960,7 +960,7 @@ do_connection() | |||
960 | unsigned char check_bytes[8]; | 960 | unsigned char check_bytes[8]; |
961 | char *user; | 961 | char *user; |
962 | unsigned int cipher_type, auth_mask, protocol_flags; | 962 | unsigned int cipher_type, auth_mask, protocol_flags; |
963 | int plen, slen; | 963 | int plen, slen, ulen; |
964 | u_int32_t rand = 0; | 964 | u_int32_t rand = 0; |
965 | 965 | ||
966 | /* | 966 | /* |
@@ -1139,11 +1139,8 @@ do_connection() | |||
1139 | packet_read_expect(&plen, SSH_CMSG_USER); | 1139 | packet_read_expect(&plen, SSH_CMSG_USER); |
1140 | 1140 | ||
1141 | /* Get the user name. */ | 1141 | /* Get the user name. */ |
1142 | { | 1142 | user = packet_get_string(&ulen); |
1143 | int ulen; | 1143 | packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); |
1144 | user = packet_get_string(&ulen); | ||
1145 | packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); | ||
1146 | } | ||
1147 | 1144 | ||
1148 | /* Destroy the private and public keys. They will no longer be needed. */ | 1145 | /* Destroy the private and public keys. They will no longer be needed. */ |
1149 | RSA_free(public_key); | 1146 | RSA_free(public_key); |
@@ -1646,15 +1643,22 @@ do_fake_authloop(char *user) | |||
1646 | #ifdef SKEY | 1643 | #ifdef SKEY |
1647 | int dlen; | 1644 | int dlen; |
1648 | char *password, *skeyinfo; | 1645 | char *password, *skeyinfo; |
1649 | if (options.password_authentication && | 1646 | /* Try to send a fake s/key challenge. */ |
1650 | options.skey_authentication == 1 && | 1647 | if (options.skey_authentication == 1 && |
1651 | type == SSH_CMSG_AUTH_PASSWORD && | ||
1652 | (password = packet_get_string(&dlen)) != NULL && | ||
1653 | dlen == 5 && | ||
1654 | strncasecmp(password, "s/key", 5) == 0 && | ||
1655 | (skeyinfo = skey_fake_keyinfo(user)) != NULL) { | 1648 | (skeyinfo = skey_fake_keyinfo(user)) != NULL) { |
1656 | /* Send a fake s/key challenge. */ | 1649 | if (type == SSH_CMSG_AUTH_TIS) { |
1657 | packet_send_debug(skeyinfo); | 1650 | packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); |
1651 | packet_put_string(skeyinfo, strlen(skeyinfo)); | ||
1652 | packet_send(); | ||
1653 | packet_write_wait(); | ||
1654 | continue; | ||
1655 | } else if (type == SSH_CMSG_AUTH_PASSWORD && | ||
1656 | options.password_authentication && | ||
1657 | (password = packet_get_string(&dlen)) != NULL && | ||
1658 | dlen == 5 && | ||
1659 | strncasecmp(password, "s/key", 5) == 0 ) { | ||
1660 | packet_send_debug(skeyinfo); | ||
1661 | } | ||
1658 | } | 1662 | } |
1659 | #endif | 1663 | #endif |
1660 | if (attempt > AUTH_FAIL_MAX) | 1664 | if (attempt > AUTH_FAIL_MAX) |
@@ -1836,7 +1840,7 @@ do_authenticated(struct passwd * pw) | |||
1836 | screen = packet_get_int(); | 1840 | screen = packet_get_int(); |
1837 | else | 1841 | else |
1838 | screen = 0; | 1842 | screen = 0; |
1839 | display = x11_create_display_inet(screen); | 1843 | display = x11_create_display_inet(screen, options.x11_display_offset); |
1840 | if (!display) | 1844 | if (!display) |
1841 | goto fail; | 1845 | goto fail; |
1842 | 1846 | ||
@@ -1 +1 @@ | |||
#define SSH_VERSION "OpenSSH-1.2" | #define SSH_VERSION "OpenSSH-1.2.1" | ||