diff options
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 61 |
1 files changed, 41 insertions, 20 deletions
@@ -27,7 +27,7 @@ | |||
27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
28 | */ | 28 | */ |
29 | #include "includes.h" | 29 | #include "includes.h" |
30 | RCSID("$OpenBSD: auth2.c,v 1.8 2000/05/08 17:42:24 markus Exp $"); | 30 | RCSID("$OpenBSD: auth2.c,v 1.10 2000/06/18 04:05:02 markus Exp $"); |
31 | 31 | ||
32 | #include <openssl/dsa.h> | 32 | #include <openssl/dsa.h> |
33 | #include <openssl/rsa.h> | 33 | #include <openssl/rsa.h> |
@@ -54,6 +54,7 @@ RCSID("$OpenBSD: auth2.c,v 1.8 2000/05/08 17:42:24 markus Exp $"); | |||
54 | 54 | ||
55 | #include "dsa.h" | 55 | #include "dsa.h" |
56 | #include "uidswap.h" | 56 | #include "uidswap.h" |
57 | #include "auth-options.h" | ||
57 | 58 | ||
58 | /* import */ | 59 | /* import */ |
59 | extern ServerOptions options; | 60 | extern ServerOptions options; |
@@ -69,7 +70,7 @@ void protocol_error(int type, int plen); | |||
69 | /* auth */ | 70 | /* auth */ |
70 | int ssh2_auth_none(struct passwd *pw); | 71 | int ssh2_auth_none(struct passwd *pw); |
71 | int ssh2_auth_password(struct passwd *pw); | 72 | int ssh2_auth_password(struct passwd *pw); |
72 | int ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen); | 73 | int ssh2_auth_pubkey(struct passwd *pw, char *service); |
73 | 74 | ||
74 | /* helper */ | 75 | /* helper */ |
75 | struct passwd* auth_set_user(char *u, char *s); | 76 | struct passwd* auth_set_user(char *u, char *s); |
@@ -150,17 +151,14 @@ input_userauth_request(int type, int plen) | |||
150 | { | 151 | { |
151 | static void (*authlog) (const char *fmt,...) = verbose; | 152 | static void (*authlog) (const char *fmt,...) = verbose; |
152 | static int attempt = 0; | 153 | static int attempt = 0; |
153 | unsigned int len, rlen; | 154 | unsigned int len; |
154 | int authenticated = 0; | 155 | int authenticated = 0; |
155 | char *raw, *user, *service, *method, *authmsg = NULL; | 156 | char *user, *service, *method, *authmsg = NULL; |
156 | struct passwd *pw; | 157 | struct passwd *pw; |
157 | #ifdef WITH_AIXAUTHENTICATE | 158 | #ifdef WITH_AIXAUTHENTICATE |
158 | extern char *aixloginmsg; | 159 | extern char *aixloginmsg; |
159 | #endif /* WITH_AIXAUTHENTICATE */ | 160 | #endif /* WITH_AIXAUTHENTICATE */ |
160 | 161 | ||
161 | raw = packet_get_raw(&rlen); | ||
162 | if (plen != rlen) | ||
163 | fatal("plen != rlen"); | ||
164 | user = packet_get_string(&len); | 162 | user = packet_get_string(&len); |
165 | service = packet_get_string(&len); | 163 | service = packet_get_string(&len); |
166 | method = packet_get_string(&len); | 164 | method = packet_get_string(&len); |
@@ -180,7 +178,7 @@ input_userauth_request(int type, int plen) | |||
180 | } else if (strcmp(method, "password") == 0) { | 178 | } else if (strcmp(method, "password") == 0) { |
181 | authenticated = ssh2_auth_password(pw); | 179 | authenticated = ssh2_auth_password(pw); |
182 | } else if (strcmp(method, "publickey") == 0) { | 180 | } else if (strcmp(method, "publickey") == 0) { |
183 | authenticated = ssh2_auth_pubkey(pw, raw, rlen); | 181 | authenticated = ssh2_auth_pubkey(pw, service); |
184 | } | 182 | } |
185 | } | 183 | } |
186 | if (authenticated && pw && pw->pw_uid == 0 && !options.permit_root_login) { | 184 | if (authenticated && pw && pw->pw_uid == 0 && !options.permit_root_login) { |
@@ -277,7 +275,7 @@ ssh2_auth_password(struct passwd *pw) | |||
277 | return authenticated; | 275 | return authenticated; |
278 | } | 276 | } |
279 | int | 277 | int |
280 | ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen) | 278 | ssh2_auth_pubkey(struct passwd *pw, char *service) |
281 | { | 279 | { |
282 | Buffer b; | 280 | Buffer b; |
283 | Key *key; | 281 | Key *key; |
@@ -290,10 +288,6 @@ ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen) | |||
290 | debug("pubkey auth disabled"); | 288 | debug("pubkey auth disabled"); |
291 | return 0; | 289 | return 0; |
292 | } | 290 | } |
293 | if (datafellows & SSH_BUG_PUBKEYAUTH) { | ||
294 | log("bug compatibility with ssh-2.0.13 pubkey not implemented"); | ||
295 | return 0; | ||
296 | } | ||
297 | have_sig = packet_get_char(); | 291 | have_sig = packet_get_char(); |
298 | pkalg = packet_get_string(&alen); | 292 | pkalg = packet_get_string(&alen); |
299 | if (strcmp(pkalg, KEX_DSS) != 0) { | 293 | if (strcmp(pkalg, KEX_DSS) != 0) { |
@@ -309,10 +303,18 @@ ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen) | |||
309 | packet_done(); | 303 | packet_done(); |
310 | buffer_init(&b); | 304 | buffer_init(&b); |
311 | buffer_append(&b, session_id2, session_id2_len); | 305 | buffer_append(&b, session_id2, session_id2_len); |
306 | |||
307 | /* reconstruct packet */ | ||
312 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 308 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
313 | if (slen + 4 > rlen) | 309 | buffer_put_cstring(&b, pw->pw_name); |
314 | fatal("bad rlen/slen"); | 310 | buffer_put_cstring(&b, |
315 | buffer_append(&b, raw, rlen - slen - 4); | 311 | datafellows & SSH_BUG_PUBKEYAUTH ? |
312 | "ssh-userauth" : | ||
313 | service); | ||
314 | buffer_put_cstring(&b, "publickey"); | ||
315 | buffer_put_char(&b, have_sig); | ||
316 | buffer_put_cstring(&b, KEX_DSS); | ||
317 | buffer_put_string(&b, pkblob, blen); | ||
316 | #ifdef DEBUG_DSS | 318 | #ifdef DEBUG_DSS |
317 | buffer_dump(&b); | 319 | buffer_dump(&b); |
318 | #endif | 320 | #endif |
@@ -471,17 +473,36 @@ user_dsa_key_allowed(struct passwd *pw, Key *key) | |||
471 | found = key_new(KEY_DSA); | 473 | found = key_new(KEY_DSA); |
472 | 474 | ||
473 | while (fgets(line, sizeof(line), f)) { | 475 | while (fgets(line, sizeof(line), f)) { |
474 | char *cp; | 476 | char *cp, *options = NULL; |
475 | linenum++; | 477 | linenum++; |
476 | /* Skip leading whitespace, empty and comment lines. */ | 478 | /* Skip leading whitespace, empty and comment lines. */ |
477 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 479 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
478 | ; | 480 | ; |
479 | if (!*cp || *cp == '\n' || *cp == '#') | 481 | if (!*cp || *cp == '\n' || *cp == '#') |
480 | continue; | 482 | continue; |
483 | |||
481 | bits = key_read(found, &cp); | 484 | bits = key_read(found, &cp); |
482 | if (bits == 0) | 485 | if (bits == 0) { |
483 | continue; | 486 | /* no key? check if there are options for this key */ |
484 | if (key_equal(found, key)) { | 487 | int quoted = 0; |
488 | options = cp; | ||
489 | for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { | ||
490 | if (*cp == '\\' && cp[1] == '"') | ||
491 | cp++; /* Skip both */ | ||
492 | else if (*cp == '"') | ||
493 | quoted = !quoted; | ||
494 | } | ||
495 | /* Skip remaining whitespace. */ | ||
496 | for (; *cp == ' ' || *cp == '\t'; cp++) | ||
497 | ; | ||
498 | bits = key_read(found, &cp); | ||
499 | if (bits == 0) { | ||
500 | /* still no key? advance to next line*/ | ||
501 | continue; | ||
502 | } | ||
503 | } | ||
504 | if (key_equal(found, key) && | ||
505 | auth_parse_options(pw, options, linenum) == 1) { | ||
485 | found_key = 1; | 506 | found_key = 1; |
486 | debug("matching key found: file %s, line %ld", | 507 | debug("matching key found: file %s, line %ld", |
487 | file, linenum); | 508 | file, linenum); |