diff options
Diffstat (limited to 'sshconnect2.c')
| -rw-r--r-- | sshconnect2.c | 65 |
1 files changed, 44 insertions, 21 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 77806595c..5bf11c085 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshconnect2.c,v 1.171 2009/03/05 07:18:19 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.180 2010/02/26 20:29:54 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
| @@ -32,6 +32,7 @@ | |||
| 32 | #include <sys/stat.h> | 32 | #include <sys/stat.h> |
| 33 | 33 | ||
| 34 | #include <errno.h> | 34 | #include <errno.h> |
| 35 | #include <fcntl.h> | ||
| 35 | #include <netdb.h> | 36 | #include <netdb.h> |
| 36 | #include <pwd.h> | 37 | #include <pwd.h> |
| 37 | #include <signal.h> | 38 | #include <signal.h> |
| @@ -204,6 +205,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
| 204 | 205 | ||
| 205 | dispatch_run(DISPATCH_BLOCK, &kex->done, kex); | 206 | dispatch_run(DISPATCH_BLOCK, &kex->done, kex); |
| 206 | 207 | ||
| 208 | if (options.use_roaming && !kex->roaming) { | ||
| 209 | debug("Roaming not allowed by server"); | ||
| 210 | options.use_roaming = 0; | ||
| 211 | } | ||
| 212 | |||
| 207 | session_id2 = kex->session_id; | 213 | session_id2 = kex->session_id; |
| 208 | session_id2_len = kex->session_id_len; | 214 | session_id2_len = kex->session_id_len; |
| 209 | 215 | ||
| @@ -262,6 +268,7 @@ struct Authmethod { | |||
| 262 | }; | 268 | }; |
| 263 | 269 | ||
| 264 | void input_userauth_success(int, u_int32_t, void *); | 270 | void input_userauth_success(int, u_int32_t, void *); |
| 271 | void input_userauth_success_unexpected(int, u_int32_t, void *); | ||
| 265 | void input_userauth_failure(int, u_int32_t, void *); | 272 | void input_userauth_failure(int, u_int32_t, void *); |
| 266 | void input_userauth_banner(int, u_int32_t, void *); | 273 | void input_userauth_banner(int, u_int32_t, void *); |
| 267 | void input_userauth_error(int, u_int32_t, void *); | 274 | void input_userauth_error(int, u_int32_t, void *); |
| @@ -472,7 +479,7 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt) | |||
| 472 | if (len > 65536) | 479 | if (len > 65536) |
| 473 | len = 65536; | 480 | len = 65536; |
| 474 | msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ | 481 | msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ |
| 475 | strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL); | 482 | strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH); |
| 476 | fprintf(stderr, "%s", msg); | 483 | fprintf(stderr, "%s", msg); |
| 477 | xfree(msg); | 484 | xfree(msg); |
| 478 | } | 485 | } |
| @@ -485,12 +492,15 @@ void | |||
| 485 | input_userauth_success(int type, u_int32_t seq, void *ctxt) | 492 | input_userauth_success(int type, u_int32_t seq, void *ctxt) |
| 486 | { | 493 | { |
| 487 | Authctxt *authctxt = ctxt; | 494 | Authctxt *authctxt = ctxt; |
| 495 | |||
| 488 | if (authctxt == NULL) | 496 | if (authctxt == NULL) |
| 489 | fatal("input_userauth_success: no authentication context"); | 497 | fatal("input_userauth_success: no authentication context"); |
| 490 | if (authctxt->authlist) { | 498 | if (authctxt->authlist) { |
| 491 | xfree(authctxt->authlist); | 499 | xfree(authctxt->authlist); |
| 492 | authctxt->authlist = NULL; | 500 | authctxt->authlist = NULL; |
| 493 | } | 501 | } |
| 502 | if (authctxt->method != NULL && authctxt->method->cleanup != NULL) | ||
| 503 | authctxt->method->cleanup(authctxt); | ||
| 494 | if (authctxt->methoddata) { | 504 | if (authctxt->methoddata) { |
| 495 | xfree(authctxt->methoddata); | 505 | xfree(authctxt->methoddata); |
| 496 | authctxt->methoddata = NULL; | 506 | authctxt->methoddata = NULL; |
| @@ -498,6 +508,18 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt) | |||
| 498 | authctxt->success = 1; /* break out */ | 508 | authctxt->success = 1; /* break out */ |
| 499 | } | 509 | } |
| 500 | 510 | ||
| 511 | void | ||
| 512 | input_userauth_success_unexpected(int type, u_int32_t seq, void *ctxt) | ||
| 513 | { | ||
| 514 | Authctxt *authctxt = ctxt; | ||
| 515 | |||
| 516 | if (authctxt == NULL) | ||
| 517 | fatal("%s: no authentication context", __func__); | ||
| 518 | |||
| 519 | fatal("Unexpected authentication success during %s.", | ||
| 520 | authctxt->method->name); | ||
| 521 | } | ||
| 522 | |||
| 501 | /* ARGSUSED */ | 523 | /* ARGSUSED */ |
| 502 | void | 524 | void |
| 503 | input_userauth_failure(int type, u_int32_t seq, void *ctxt) | 525 | input_userauth_failure(int type, u_int32_t seq, void *ctxt) |
| @@ -892,6 +914,8 @@ userauth_passwd(Authctxt *authctxt) | |||
| 892 | static int attempt = 0; | 914 | static int attempt = 0; |
| 893 | char prompt[150]; | 915 | char prompt[150]; |
| 894 | char *password; | 916 | char *password; |
| 917 | const char *host = options.host_key_alias ? options.host_key_alias : | ||
| 918 | authctxt->host; | ||
| 895 | 919 | ||
| 896 | if (attempt++ >= options.number_of_password_prompts) | 920 | if (attempt++ >= options.number_of_password_prompts) |
| 897 | return 0; | 921 | return 0; |
| @@ -900,7 +924,7 @@ userauth_passwd(Authctxt *authctxt) | |||
| 900 | error("Permission denied, please try again."); | 924 | error("Permission denied, please try again."); |
| 901 | 925 | ||
| 902 | snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", | 926 | snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", |
| 903 | authctxt->server_user, authctxt->host); | 927 | authctxt->server_user, host); |
| 904 | password = read_passphrase(prompt, 0); | 928 | password = read_passphrase(prompt, 0); |
| 905 | packet_start(SSH2_MSG_USERAUTH_REQUEST); | 929 | packet_start(SSH2_MSG_USERAUTH_REQUEST); |
| 906 | packet_put_cstring(authctxt->server_user); | 930 | packet_put_cstring(authctxt->server_user); |
| @@ -929,6 +953,8 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) | |||
| 929 | Authctxt *authctxt = ctxt; | 953 | Authctxt *authctxt = ctxt; |
| 930 | char *info, *lang, *password = NULL, *retype = NULL; | 954 | char *info, *lang, *password = NULL, *retype = NULL; |
| 931 | char prompt[150]; | 955 | char prompt[150]; |
| 956 | const char *host = options.host_key_alias ? options.host_key_alias : | ||
| 957 | authctxt->host; | ||
| 932 | 958 | ||
| 933 | debug2("input_userauth_passwd_changereq"); | 959 | debug2("input_userauth_passwd_changereq"); |
| 934 | 960 | ||
| @@ -949,7 +975,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) | |||
| 949 | packet_put_char(1); /* additional info */ | 975 | packet_put_char(1); /* additional info */ |
| 950 | snprintf(prompt, sizeof(prompt), | 976 | snprintf(prompt, sizeof(prompt), |
| 951 | "Enter %.30s@%.128s's old password: ", | 977 | "Enter %.30s@%.128s's old password: ", |
| 952 | authctxt->server_user, authctxt->host); | 978 | authctxt->server_user, host); |
| 953 | password = read_passphrase(prompt, 0); | 979 | password = read_passphrase(prompt, 0); |
| 954 | packet_put_cstring(password); | 980 | packet_put_cstring(password); |
| 955 | memset(password, 0, strlen(password)); | 981 | memset(password, 0, strlen(password)); |
| @@ -958,7 +984,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) | |||
| 958 | while (password == NULL) { | 984 | while (password == NULL) { |
| 959 | snprintf(prompt, sizeof(prompt), | 985 | snprintf(prompt, sizeof(prompt), |
| 960 | "Enter %.30s@%.128s's new password: ", | 986 | "Enter %.30s@%.128s's new password: ", |
| 961 | authctxt->server_user, authctxt->host); | 987 | authctxt->server_user, host); |
| 962 | password = read_passphrase(prompt, RP_ALLOW_EOF); | 988 | password = read_passphrase(prompt, RP_ALLOW_EOF); |
| 963 | if (password == NULL) { | 989 | if (password == NULL) { |
| 964 | /* bail out */ | 990 | /* bail out */ |
| @@ -966,7 +992,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) | |||
| 966 | } | 992 | } |
| 967 | snprintf(prompt, sizeof(prompt), | 993 | snprintf(prompt, sizeof(prompt), |
| 968 | "Retype %.30s@%.128s's new password: ", | 994 | "Retype %.30s@%.128s's new password: ", |
| 969 | authctxt->server_user, authctxt->host); | 995 | authctxt->server_user, host); |
| 970 | retype = read_passphrase(prompt, 0); | 996 | retype = read_passphrase(prompt, 0); |
| 971 | if (strcmp(password, retype) != 0) { | 997 | if (strcmp(password, retype) != 0) { |
| 972 | memset(password, 0, strlen(password)); | 998 | memset(password, 0, strlen(password)); |
| @@ -1334,7 +1360,7 @@ load_identity_file(char *filename) | |||
| 1334 | { | 1360 | { |
| 1335 | Key *private; | 1361 | Key *private; |
| 1336 | char prompt[300], *passphrase; | 1362 | char prompt[300], *passphrase; |
| 1337 | int perm_ok, quit, i; | 1363 | int perm_ok = 0, quit, i; |
| 1338 | struct stat st; | 1364 | struct stat st; |
| 1339 | 1365 | ||
| 1340 | if (stat(filename, &st) < 0) { | 1366 | if (stat(filename, &st) < 0) { |
| @@ -1395,6 +1421,8 @@ pubkey_prepare(Authctxt *authctxt) | |||
| 1395 | key = options.identity_keys[i]; | 1421 | key = options.identity_keys[i]; |
| 1396 | if (key && key->type == KEY_RSA1) | 1422 | if (key && key->type == KEY_RSA1) |
| 1397 | continue; | 1423 | continue; |
| 1424 | if (key && key->cert && key->cert->type != SSH2_CERT_TYPE_USER) | ||
| 1425 | continue; | ||
| 1398 | options.identity_keys[i] = NULL; | 1426 | options.identity_keys[i] = NULL; |
| 1399 | id = xcalloc(1, sizeof(*id)); | 1427 | id = xcalloc(1, sizeof(*id)); |
| 1400 | id->key = key; | 1428 | id->key = key; |
| @@ -1598,7 +1626,7 @@ ssh_keysign(Key *key, u_char **sigp, u_int *lenp, | |||
| 1598 | debug2("ssh_keysign called"); | 1626 | debug2("ssh_keysign called"); |
| 1599 | 1627 | ||
| 1600 | if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) { | 1628 | if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) { |
| 1601 | error("ssh_keysign: no installed: %s", strerror(errno)); | 1629 | error("ssh_keysign: not installed: %s", strerror(errno)); |
| 1602 | return -1; | 1630 | return -1; |
| 1603 | } | 1631 | } |
| 1604 | if (fflush(stdout) != 0) | 1632 | if (fflush(stdout) != 0) |
| @@ -1616,6 +1644,8 @@ ssh_keysign(Key *key, u_char **sigp, u_int *lenp, | |||
| 1616 | return -1; | 1644 | return -1; |
| 1617 | } | 1645 | } |
| 1618 | if (pid == 0) { | 1646 | if (pid == 0) { |
| 1647 | /* keep the socket on exec */ | ||
| 1648 | fcntl(packet_get_connection_in(), F_SETFD, 0); | ||
| 1619 | permanently_drop_suid(getuid()); | 1649 | permanently_drop_suid(getuid()); |
| 1620 | close(from[0]); | 1650 | close(from[0]); |
| 1621 | if (dup2(from[1], STDOUT_FILENO) < 0) | 1651 | if (dup2(from[1], STDOUT_FILENO) < 0) |
| @@ -1668,10 +1698,10 @@ userauth_hostbased(Authctxt *authctxt) | |||
| 1668 | Sensitive *sensitive = authctxt->sensitive; | 1698 | Sensitive *sensitive = authctxt->sensitive; |
| 1669 | Buffer b; | 1699 | Buffer b; |
| 1670 | u_char *signature, *blob; | 1700 | u_char *signature, *blob; |
| 1671 | char *chost, *pkalg, *p, myname[NI_MAXHOST]; | 1701 | char *chost, *pkalg, *p; |
| 1672 | const char *service; | 1702 | const char *service; |
| 1673 | u_int blen, slen; | 1703 | u_int blen, slen; |
| 1674 | int ok, i, len, found = 0; | 1704 | int ok, i, found = 0; |
| 1675 | 1705 | ||
| 1676 | /* check for a useful key */ | 1706 | /* check for a useful key */ |
| 1677 | for (i = 0; i < sensitive->nkeys; i++) { | 1707 | for (i = 0; i < sensitive->nkeys; i++) { |
| @@ -1692,23 +1722,13 @@ userauth_hostbased(Authctxt *authctxt) | |||
| 1692 | return 0; | 1722 | return 0; |
| 1693 | } | 1723 | } |
| 1694 | /* figure out a name for the client host */ | 1724 | /* figure out a name for the client host */ |
| 1695 | p = NULL; | 1725 | p = get_local_name(packet_get_connection_in()); |
| 1696 | if (packet_connection_is_on_socket()) | ||
| 1697 | p = get_local_name(packet_get_connection_in()); | ||
| 1698 | if (p == NULL) { | ||
| 1699 | if (gethostname(myname, sizeof(myname)) == -1) { | ||
| 1700 | verbose("userauth_hostbased: gethostname: %s", | ||
| 1701 | strerror(errno)); | ||
| 1702 | } else | ||
| 1703 | p = xstrdup(myname); | ||
| 1704 | } | ||
| 1705 | if (p == NULL) { | 1726 | if (p == NULL) { |
| 1706 | error("userauth_hostbased: cannot get local ipaddr/name"); | 1727 | error("userauth_hostbased: cannot get local ipaddr/name"); |
| 1707 | key_free(private); | 1728 | key_free(private); |
| 1708 | xfree(blob); | 1729 | xfree(blob); |
| 1709 | return 0; | 1730 | return 0; |
| 1710 | } | 1731 | } |
| 1711 | len = strlen(p) + 2; | ||
| 1712 | xasprintf(&chost, "%s.", p); | 1732 | xasprintf(&chost, "%s.", p); |
| 1713 | debug2("userauth_hostbased: chost %s", chost); | 1733 | debug2("userauth_hostbased: chost %s", chost); |
| 1714 | xfree(p); | 1734 | xfree(p); |
| @@ -1819,6 +1839,8 @@ userauth_jpake(Authctxt *authctxt) | |||
| 1819 | /* Expect step 1 packet from peer */ | 1839 | /* Expect step 1 packet from peer */ |
| 1820 | dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1, | 1840 | dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1, |
| 1821 | input_userauth_jpake_server_step1); | 1841 | input_userauth_jpake_server_step1); |
| 1842 | dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, | ||
| 1843 | &input_userauth_success_unexpected); | ||
| 1822 | 1844 | ||
| 1823 | return 1; | 1845 | return 1; |
| 1824 | } | 1846 | } |
| @@ -1831,6 +1853,7 @@ userauth_jpake_cleanup(Authctxt *authctxt) | |||
| 1831 | jpake_free(authctxt->methoddata); | 1853 | jpake_free(authctxt->methoddata); |
| 1832 | authctxt->methoddata = NULL; | 1854 | authctxt->methoddata = NULL; |
| 1833 | } | 1855 | } |
| 1856 | dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); | ||
| 1834 | } | 1857 | } |
| 1835 | #endif /* JPAKE */ | 1858 | #endif /* JPAKE */ |
| 1836 | 1859 | ||