diff options
Diffstat (limited to 'auth-rhosts.c')
-rw-r--r-- | auth-rhosts.c | 57 |
1 files changed, 34 insertions, 23 deletions
diff --git a/auth-rhosts.c b/auth-rhosts.c index 500dcebb1..2f12f1347 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c | |||
@@ -16,7 +16,7 @@ | |||
16 | */ | 16 | */ |
17 | 17 | ||
18 | #include "includes.h" | 18 | #include "includes.h" |
19 | RCSID("$Id: auth-rhosts.c,v 1.5 1999/11/24 13:26:21 damien Exp $"); | 19 | RCSID("$Id: auth-rhosts.c,v 1.6 1999/11/25 00:54:57 damien Exp $"); |
20 | 20 | ||
21 | #include "packet.h" | 21 | #include "packet.h" |
22 | #include "ssh.h" | 22 | #include "ssh.h" |
@@ -24,9 +24,11 @@ RCSID("$Id: auth-rhosts.c,v 1.5 1999/11/24 13:26:21 damien Exp $"); | |||
24 | #include "uidswap.h" | 24 | #include "uidswap.h" |
25 | #include "servconf.h" | 25 | #include "servconf.h" |
26 | 26 | ||
27 | /* This function processes an rhosts-style file (.rhosts, .shosts, or | 27 | /* |
28 | /etc/hosts.equiv). This returns true if authentication can be granted | 28 | * This function processes an rhosts-style file (.rhosts, .shosts, or |
29 | based on the file, and returns zero otherwise. */ | 29 | * /etc/hosts.equiv). This returns true if authentication can be granted |
30 | * based on the file, and returns zero otherwise. | ||
31 | */ | ||
30 | 32 | ||
31 | int | 33 | int |
32 | check_rhosts_file(const char *filename, const char *hostname, | 34 | check_rhosts_file(const char *filename, const char *hostname, |
@@ -41,7 +43,6 @@ check_rhosts_file(const char *filename, const char *hostname, | |||
41 | if (!f) | 43 | if (!f) |
42 | return 0; | 44 | return 0; |
43 | 45 | ||
44 | /* Go through the file, checking every entry. */ | ||
45 | while (fgets(buf, sizeof(buf), f)) { | 46 | while (fgets(buf, sizeof(buf), f)) { |
46 | /* All three must be at least as big as buf to avoid overflows. */ | 47 | /* All three must be at least as big as buf to avoid overflows. */ |
47 | char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; | 48 | char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; |
@@ -52,13 +53,17 @@ check_rhosts_file(const char *filename, const char *hostname, | |||
52 | if (*cp == '#' || *cp == '\n' || !*cp) | 53 | if (*cp == '#' || *cp == '\n' || !*cp) |
53 | continue; | 54 | continue; |
54 | 55 | ||
55 | /* NO_PLUS is supported at least on OSF/1. We skip it (we | 56 | /* |
56 | don't ever support the plus syntax). */ | 57 | * NO_PLUS is supported at least on OSF/1. We skip it (we |
58 | * don't ever support the plus syntax). | ||
59 | */ | ||
57 | if (strncmp(cp, "NO_PLUS", 7) == 0) | 60 | if (strncmp(cp, "NO_PLUS", 7) == 0) |
58 | continue; | 61 | continue; |
59 | 62 | ||
60 | /* This should be safe because each buffer is as big as | 63 | /* |
61 | the whole string, and thus cannot be overwritten. */ | 64 | * This should be safe because each buffer is as big as the |
65 | * whole string, and thus cannot be overwritten. | ||
66 | */ | ||
62 | switch (sscanf(buf, "%s %s %s", hostbuf, userbuf, dummy)) { | 67 | switch (sscanf(buf, "%s %s %s", hostbuf, userbuf, dummy)) { |
63 | case 0: | 68 | case 0: |
64 | packet_send_debug("Found empty line in %.100s.", filename); | 69 | packet_send_debug("Found empty line in %.100s.", filename); |
@@ -135,10 +140,11 @@ check_rhosts_file(const char *filename, const char *hostname, | |||
135 | return 0; | 140 | return 0; |
136 | } | 141 | } |
137 | 142 | ||
138 | /* Tries to authenticate the user using the .shosts or .rhosts file. | 143 | /* |
139 | Returns true if authentication succeeds. If ignore_rhosts is | 144 | * Tries to authenticate the user using the .shosts or .rhosts file. Returns |
140 | true, only /etc/hosts.equiv will be considered (.rhosts and .shosts | 145 | * true if authentication succeeds. If ignore_rhosts is true, only |
141 | are ignored). */ | 146 | * /etc/hosts.equiv will be considered (.rhosts and .shosts are ignored). |
147 | */ | ||
142 | 148 | ||
143 | int | 149 | int |
144 | auth_rhosts(struct passwd *pw, const char *client_user) | 150 | auth_rhosts(struct passwd *pw, const char *client_user) |
@@ -150,11 +156,13 @@ auth_rhosts(struct passwd *pw, const char *client_user) | |||
150 | static const char *rhosts_files[] = {".shosts", ".rhosts", NULL}; | 156 | static const char *rhosts_files[] = {".shosts", ".rhosts", NULL}; |
151 | unsigned int rhosts_file_index; | 157 | unsigned int rhosts_file_index; |
152 | 158 | ||
153 | /* Quick check: if the user has no .shosts or .rhosts files, | ||
154 | return failure immediately without doing costly lookups from | ||
155 | name servers. */ | ||
156 | /* Switch to the user's uid. */ | 159 | /* Switch to the user's uid. */ |
157 | temporarily_use_uid(pw->pw_uid); | 160 | temporarily_use_uid(pw->pw_uid); |
161 | /* | ||
162 | * Quick check: if the user has no .shosts or .rhosts files, return | ||
163 | * failure immediately without doing costly lookups from name | ||
164 | * servers. | ||
165 | */ | ||
158 | for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; | 166 | for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; |
159 | rhosts_file_index++) { | 167 | rhosts_file_index++) { |
160 | /* Check users .rhosts or .shosts. */ | 168 | /* Check users .rhosts or .shosts. */ |
@@ -172,7 +180,6 @@ auth_rhosts(struct passwd *pw, const char *client_user) | |||
172 | stat(SSH_HOSTS_EQUIV, &st) < 0) | 180 | stat(SSH_HOSTS_EQUIV, &st) < 0) |
173 | return 0; | 181 | return 0; |
174 | 182 | ||
175 | /* Get the name, address, and port of the remote host. */ | ||
176 | hostname = get_canonical_hostname(); | 183 | hostname = get_canonical_hostname(); |
177 | ipaddr = get_remote_ipaddr(); | 184 | ipaddr = get_remote_ipaddr(); |
178 | 185 | ||
@@ -191,8 +198,10 @@ auth_rhosts(struct passwd *pw, const char *client_user) | |||
191 | return 1; | 198 | return 1; |
192 | } | 199 | } |
193 | } | 200 | } |
194 | /* Check that the home directory is owned by root or the user, and | 201 | /* |
195 | is not group or world writable. */ | 202 | * Check that the home directory is owned by root or the user, and is |
203 | * not group or world writable. | ||
204 | */ | ||
196 | if (stat(pw->pw_dir, &st) < 0) { | 205 | if (stat(pw->pw_dir, &st) < 0) { |
197 | log("Rhosts authentication refused for %.100s: no home directory %.200s", | 206 | log("Rhosts authentication refused for %.100s: no home directory %.200s", |
198 | pw->pw_name, pw->pw_dir); | 207 | pw->pw_name, pw->pw_dir); |
@@ -221,10 +230,12 @@ auth_rhosts(struct passwd *pw, const char *client_user) | |||
221 | if (stat(buf, &st) < 0) | 230 | if (stat(buf, &st) < 0) |
222 | continue; | 231 | continue; |
223 | 232 | ||
224 | /* Make sure that the file is either owned by the user or | 233 | /* |
225 | by root, and make sure it is not writable by anyone but | 234 | * Make sure that the file is either owned by the user or by |
226 | the owner. This is to help avoid novices accidentally | 235 | * root, and make sure it is not writable by anyone but the |
227 | allowing access to their account by anyone. */ | 236 | * owner. This is to help avoid novices accidentally |
237 | * allowing access to their account by anyone. | ||
238 | */ | ||
228 | if (options.strict_modes && | 239 | if (options.strict_modes && |
229 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || | 240 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
230 | (st.st_mode & 022) != 0)) { | 241 | (st.st_mode & 022) != 0)) { |