diff options
Diffstat (limited to 'auth.c')
| -rw-r--r-- | auth.c | 56 |
1 files changed, 21 insertions, 35 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth.c,v 1.133 2018/09/12 01:19:12 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -50,6 +50,7 @@ | |||
| 50 | #include <unistd.h> | 50 | #include <unistd.h> |
| 51 | #include <limits.h> | 51 | #include <limits.h> |
| 52 | #include <netdb.h> | 52 | #include <netdb.h> |
| 53 | #include <time.h> | ||
| 53 | 54 | ||
| 54 | #include "xmalloc.h" | 55 | #include "xmalloc.h" |
| 55 | #include "match.h" | 56 | #include "match.h" |
| @@ -96,9 +97,8 @@ static struct sshbuf *auth_debug; | |||
| 96 | * Otherwise true is returned. | 97 | * Otherwise true is returned. |
| 97 | */ | 98 | */ |
| 98 | int | 99 | int |
| 99 | allowed_user(struct passwd * pw) | 100 | allowed_user(struct ssh *ssh, struct passwd * pw) |
| 100 | { | 101 | { |
| 101 | struct ssh *ssh = active_state; /* XXX */ | ||
| 102 | struct stat st; | 102 | struct stat st; |
| 103 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 103 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
| 104 | u_int i; | 104 | u_int i; |
| @@ -258,7 +258,7 @@ allowed_user(struct passwd * pw) | |||
| 258 | } | 258 | } |
| 259 | 259 | ||
| 260 | #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER | 260 | #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER |
| 261 | if (!sys_auth_allowed_user(pw, &loginmsg)) | 261 | if (!sys_auth_allowed_user(pw, loginmsg)) |
| 262 | return 0; | 262 | return 0; |
| 263 | #endif | 263 | #endif |
| 264 | 264 | ||
| @@ -308,10 +308,10 @@ format_method_key(Authctxt *authctxt) | |||
| 308 | } | 308 | } |
| 309 | 309 | ||
| 310 | void | 310 | void |
| 311 | auth_log(Authctxt *authctxt, int authenticated, int partial, | 311 | auth_log(struct ssh *ssh, int authenticated, int partial, |
| 312 | const char *method, const char *submethod) | 312 | const char *method, const char *submethod) |
| 313 | { | 313 | { |
| 314 | struct ssh *ssh = active_state; /* XXX */ | 314 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
| 315 | int level = SYSLOG_LEVEL_VERBOSE; | 315 | int level = SYSLOG_LEVEL_VERBOSE; |
| 316 | const char *authmsg; | 316 | const char *authmsg; |
| 317 | char *extra = NULL; | 317 | char *extra = NULL; |
| @@ -356,26 +356,26 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, | |||
| 356 | (strcmp(method, "password") == 0 || | 356 | (strcmp(method, "password") == 0 || |
| 357 | strncmp(method, "keyboard-interactive", 20) == 0 || | 357 | strncmp(method, "keyboard-interactive", 20) == 0 || |
| 358 | strcmp(method, "challenge-response") == 0)) | 358 | strcmp(method, "challenge-response") == 0)) |
| 359 | record_failed_login(authctxt->user, | 359 | record_failed_login(ssh, authctxt->user, |
| 360 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 360 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
| 361 | # ifdef WITH_AIXAUTHENTICATE | 361 | # ifdef WITH_AIXAUTHENTICATE |
| 362 | if (authenticated) | 362 | if (authenticated) |
| 363 | sys_auth_record_login(authctxt->user, | 363 | sys_auth_record_login(authctxt->user, |
| 364 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", | 364 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", |
| 365 | &loginmsg); | 365 | loginmsg); |
| 366 | # endif | 366 | # endif |
| 367 | #endif | 367 | #endif |
| 368 | #ifdef SSH_AUDIT_EVENTS | 368 | #ifdef SSH_AUDIT_EVENTS |
| 369 | if (authenticated == 0 && !authctxt->postponed) | 369 | if (authenticated == 0 && !authctxt->postponed) |
| 370 | audit_event(audit_classify_auth(method)); | 370 | audit_event(ssh, audit_classify_auth(method)); |
| 371 | #endif | 371 | #endif |
| 372 | } | 372 | } |
| 373 | 373 | ||
| 374 | 374 | ||
| 375 | void | 375 | void |
| 376 | auth_maxtries_exceeded(Authctxt *authctxt) | 376 | auth_maxtries_exceeded(struct ssh *ssh) |
| 377 | { | 377 | { |
| 378 | struct ssh *ssh = active_state; /* XXX */ | 378 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
| 379 | 379 | ||
| 380 | error("maximum authentication attempts exceeded for " | 380 | error("maximum authentication attempts exceeded for " |
| 381 | "%s%.100s from %.200s port %d ssh2", | 381 | "%s%.100s from %.200s port %d ssh2", |
| @@ -383,7 +383,7 @@ auth_maxtries_exceeded(Authctxt *authctxt) | |||
| 383 | authctxt->user, | 383 | authctxt->user, |
| 384 | ssh_remote_ipaddr(ssh), | 384 | ssh_remote_ipaddr(ssh), |
| 385 | ssh_remote_port(ssh)); | 385 | ssh_remote_port(ssh)); |
| 386 | packet_disconnect("Too many authentication failures"); | 386 | ssh_packet_disconnect(ssh, "Too many authentication failures"); |
| 387 | /* NOTREACHED */ | 387 | /* NOTREACHED */ |
| 388 | } | 388 | } |
| 389 | 389 | ||
| @@ -437,7 +437,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw) | |||
| 437 | * Ensure that filename starts anchored. If not, be backward | 437 | * Ensure that filename starts anchored. If not, be backward |
| 438 | * compatible and prepend the '%h/' | 438 | * compatible and prepend the '%h/' |
| 439 | */ | 439 | */ |
| 440 | if (*file == '/') | 440 | if (path_absolute(file)) |
| 441 | return (file); | 441 | return (file); |
| 442 | 442 | ||
| 443 | i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file); | 443 | i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file); |
| @@ -558,9 +558,8 @@ auth_openprincipals(const char *file, struct passwd *pw, int strict_modes) | |||
| 558 | } | 558 | } |
| 559 | 559 | ||
| 560 | struct passwd * | 560 | struct passwd * |
| 561 | getpwnamallow(const char *user) | 561 | getpwnamallow(struct ssh *ssh, const char *user) |
| 562 | { | 562 | { |
| 563 | struct ssh *ssh = active_state; /* XXX */ | ||
| 564 | #ifdef HAVE_LOGIN_CAP | 563 | #ifdef HAVE_LOGIN_CAP |
| 565 | extern login_cap_t *lc; | 564 | extern login_cap_t *lc; |
| 566 | #ifdef BSD_AUTH | 565 | #ifdef BSD_AUTH |
| @@ -568,8 +567,9 @@ getpwnamallow(const char *user) | |||
| 568 | #endif | 567 | #endif |
| 569 | #endif | 568 | #endif |
| 570 | struct passwd *pw; | 569 | struct passwd *pw; |
| 571 | struct connection_info *ci = get_connection_info(1, options.use_dns); | 570 | struct connection_info *ci; |
| 572 | 571 | ||
| 572 | ci = get_connection_info(ssh, 1, options.use_dns); | ||
| 573 | ci->user = user; | 573 | ci->user = user; |
| 574 | parse_server_match_config(&options, ci); | 574 | parse_server_match_config(&options, ci); |
| 575 | log_change_level(options.log_level); | 575 | log_change_level(options.log_level); |
| @@ -584,32 +584,19 @@ getpwnamallow(const char *user) | |||
| 584 | #if defined(_AIX) && defined(HAVE_SETAUTHDB) | 584 | #if defined(_AIX) && defined(HAVE_SETAUTHDB) |
| 585 | aix_restoreauthdb(); | 585 | aix_restoreauthdb(); |
| 586 | #endif | 586 | #endif |
| 587 | #ifdef HAVE_CYGWIN | ||
| 588 | /* | ||
| 589 | * Windows usernames are case-insensitive. To avoid later problems | ||
| 590 | * when trying to match the username, the user is only allowed to | ||
| 591 | * login if the username is given in the same case as stored in the | ||
| 592 | * user database. | ||
| 593 | */ | ||
| 594 | if (pw != NULL && strcmp(user, pw->pw_name) != 0) { | ||
| 595 | logit("Login name %.100s does not match stored username %.100s", | ||
| 596 | user, pw->pw_name); | ||
| 597 | pw = NULL; | ||
| 598 | } | ||
| 599 | #endif | ||
| 600 | if (pw == NULL) { | 587 | if (pw == NULL) { |
| 601 | logit("Invalid user %.100s from %.100s port %d", | 588 | logit("Invalid user %.100s from %.100s port %d", |
| 602 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 589 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
| 603 | #ifdef CUSTOM_FAILED_LOGIN | 590 | #ifdef CUSTOM_FAILED_LOGIN |
| 604 | record_failed_login(user, | 591 | record_failed_login(ssh, user, |
| 605 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 592 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
| 606 | #endif | 593 | #endif |
| 607 | #ifdef SSH_AUDIT_EVENTS | 594 | #ifdef SSH_AUDIT_EVENTS |
| 608 | audit_event(SSH_INVALID_USER); | 595 | audit_event(ssh, SSH_INVALID_USER); |
| 609 | #endif /* SSH_AUDIT_EVENTS */ | 596 | #endif /* SSH_AUDIT_EVENTS */ |
| 610 | return (NULL); | 597 | return (NULL); |
| 611 | } | 598 | } |
| 612 | if (!allowed_user(pw)) | 599 | if (!allowed_user(ssh, pw)) |
| 613 | return (NULL); | 600 | return (NULL); |
| 614 | #ifdef HAVE_LOGIN_CAP | 601 | #ifdef HAVE_LOGIN_CAP |
| 615 | if ((lc = login_getclass(pw->pw_class)) == NULL) { | 602 | if ((lc = login_getclass(pw->pw_class)) == NULL) { |
| @@ -688,9 +675,8 @@ auth_debug_add(const char *fmt,...) | |||
| 688 | } | 675 | } |
| 689 | 676 | ||
| 690 | void | 677 | void |
| 691 | auth_debug_send(void) | 678 | auth_debug_send(struct ssh *ssh) |
| 692 | { | 679 | { |
| 693 | struct ssh *ssh = active_state; /* XXX */ | ||
| 694 | char *msg; | 680 | char *msg; |
| 695 | int r; | 681 | int r; |
| 696 | 682 | ||
| @@ -893,7 +879,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
| 893 | * If executing an explicit binary, then verify the it exists | 879 | * If executing an explicit binary, then verify the it exists |
| 894 | * and appears safe-ish to execute | 880 | * and appears safe-ish to execute |
| 895 | */ | 881 | */ |
| 896 | if (*av[0] != '/') { | 882 | if (!path_absolute(av[0])) { |
| 897 | error("%s path is not absolute", tag); | 883 | error("%s path is not absolute", tag); |
| 898 | return 0; | 884 | return 0; |
| 899 | } | 885 | } |