diff options
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 58 |
1 files changed, 15 insertions, 43 deletions
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.57 2001/05/18 14:13:28 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.58 2001/05/20 17:20:35 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
29 | 29 | ||
@@ -666,7 +666,7 @@ authmethod_lookup(const char *name) | |||
666 | int | 666 | int |
667 | user_key_allowed(struct passwd *pw, Key *key) | 667 | user_key_allowed(struct passwd *pw, Key *key) |
668 | { | 668 | { |
669 | char line[8192], file[MAXPATHLEN]; | 669 | char line[8192], *file; |
670 | int found_key = 0; | 670 | int found_key = 0; |
671 | FILE *f; | 671 | FILE *f; |
672 | u_long linenum = 0; | 672 | u_long linenum = 0; |
@@ -680,13 +680,14 @@ user_key_allowed(struct passwd *pw, Key *key) | |||
680 | temporarily_use_uid(pw); | 680 | temporarily_use_uid(pw); |
681 | 681 | ||
682 | /* The authorized keys. */ | 682 | /* The authorized keys. */ |
683 | snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir, | 683 | file = authorized_keys_file2(pw); |
684 | _PATH_SSH_USER_PERMITTED_KEYS2); | 684 | debug("trying public key file %s", file); |
685 | 685 | ||
686 | /* Fail quietly if file does not exist */ | 686 | /* Fail quietly if file does not exist */ |
687 | if (stat(file, &st) < 0) { | 687 | if (stat(file, &st) < 0) { |
688 | /* Restore the privileged uid. */ | 688 | /* Restore the privileged uid. */ |
689 | restore_uid(); | 689 | restore_uid(); |
690 | xfree(file); | ||
690 | return 0; | 691 | return 0; |
691 | } | 692 | } |
692 | /* Open the file containing the authorized keys. */ | 693 | /* Open the file containing the authorized keys. */ |
@@ -694,48 +695,18 @@ user_key_allowed(struct passwd *pw, Key *key) | |||
694 | if (!f) { | 695 | if (!f) { |
695 | /* Restore the privileged uid. */ | 696 | /* Restore the privileged uid. */ |
696 | restore_uid(); | 697 | restore_uid(); |
698 | xfree(file); | ||
697 | return 0; | 699 | return 0; |
698 | } | 700 | } |
699 | if (options.strict_modes) { | 701 | if (options.strict_modes && |
700 | int fail = 0; | 702 | secure_filename(f, file, pw->pw_uid, line, sizeof(line)) != 0) { |
701 | char buf[1024]; | 703 | xfree(file); |
702 | /* Check open file in order to avoid open/stat races */ | 704 | fclose(f); |
703 | if (fstat(fileno(f), &st) < 0 || | 705 | log("Authentication refused: %s", line); |
704 | (st.st_uid != 0 && st.st_uid != pw->pw_uid) || | 706 | restore_uid(); |
705 | (st.st_mode & 022) != 0) { | 707 | return 0; |
706 | snprintf(buf, sizeof buf, | ||
707 | "%s authentication refused for %.100s: " | ||
708 | "bad ownership or modes for '%s'.", | ||
709 | key_type(key), pw->pw_name, file); | ||
710 | fail = 1; | ||
711 | } else { | ||
712 | /* Check path to _PATH_SSH_USER_PERMITTED_KEYS */ | ||
713 | int i; | ||
714 | static const char *check[] = { | ||
715 | "", _PATH_SSH_USER_DIR, NULL | ||
716 | }; | ||
717 | for (i = 0; check[i]; i++) { | ||
718 | snprintf(line, sizeof line, "%.500s/%.100s", | ||
719 | pw->pw_dir, check[i]); | ||
720 | if (stat(line, &st) < 0 || | ||
721 | (st.st_uid != 0 && st.st_uid != pw->pw_uid) || | ||
722 | (st.st_mode & 022) != 0) { | ||
723 | snprintf(buf, sizeof buf, | ||
724 | "%s authentication refused for %.100s: " | ||
725 | "bad ownership or modes for '%s'.", | ||
726 | key_type(key), pw->pw_name, line); | ||
727 | fail = 1; | ||
728 | break; | ||
729 | } | ||
730 | } | ||
731 | } | ||
732 | if (fail) { | ||
733 | fclose(f); | ||
734 | log("%s", buf); | ||
735 | restore_uid(); | ||
736 | return 0; | ||
737 | } | ||
738 | } | 708 | } |
709 | |||
739 | found_key = 0; | 710 | found_key = 0; |
740 | found = key_new(key->type); | 711 | found = key_new(key->type); |
741 | 712 | ||
@@ -778,6 +749,7 @@ user_key_allowed(struct passwd *pw, Key *key) | |||
778 | } | 749 | } |
779 | restore_uid(); | 750 | restore_uid(); |
780 | fclose(f); | 751 | fclose(f); |
752 | xfree(file); | ||
781 | key_free(found); | 753 | key_free(found); |
782 | if (!found_key) | 754 | if (!found_key) |
783 | debug2("key not found"); | 755 | debug2("key not found"); |