diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 123 |
1 files changed, 118 insertions, 5 deletions
@@ -86,6 +86,10 @@ RCSID("$OpenBSD: sshd.c,v 1.312 2005/07/25 11:59:40 markus Exp $"); | |||
86 | #include "monitor_wrap.h" | 86 | #include "monitor_wrap.h" |
87 | #include "monitor_fdpass.h" | 87 | #include "monitor_fdpass.h" |
88 | 88 | ||
89 | #ifdef USE_SECURITY_SESSION_API | ||
90 | #include <Security/AuthSession.h> | ||
91 | #endif | ||
92 | |||
89 | #ifdef LIBWRAP | 93 | #ifdef LIBWRAP |
90 | #include <tcpd.h> | 94 | #include <tcpd.h> |
91 | #include <syslog.h> | 95 | #include <syslog.h> |
@@ -1117,10 +1121,13 @@ main(int ac, char **av) | |||
1117 | logit("Disabling protocol version 1. Could not load host key"); | 1121 | logit("Disabling protocol version 1. Could not load host key"); |
1118 | options.protocol &= ~SSH_PROTO_1; | 1122 | options.protocol &= ~SSH_PROTO_1; |
1119 | } | 1123 | } |
1124 | #ifndef GSSAPI | ||
1125 | /* The GSSAPI key exchange can run without a host key */ | ||
1120 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { | 1126 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { |
1121 | logit("Disabling protocol version 2. Could not load host key"); | 1127 | logit("Disabling protocol version 2. Could not load host key"); |
1122 | options.protocol &= ~SSH_PROTO_2; | 1128 | options.protocol &= ~SSH_PROTO_2; |
1123 | } | 1129 | } |
1130 | #endif | ||
1124 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { | 1131 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { |
1125 | logit("sshd: no hostkeys available -- exiting."); | 1132 | logit("sshd: no hostkeys available -- exiting."); |
1126 | exit(1); | 1133 | exit(1); |
@@ -1663,6 +1670,62 @@ main(int ac, char **av) | |||
1663 | /* Log the connection. */ | 1670 | /* Log the connection. */ |
1664 | verbose("Connection from %.500s port %d", remote_ip, remote_port); | 1671 | verbose("Connection from %.500s port %d", remote_ip, remote_port); |
1665 | 1672 | ||
1673 | #ifdef USE_SECURITY_SESSION_API | ||
1674 | /* | ||
1675 | * Create a new security session for use by the new user login if | ||
1676 | * the current session is the root session or we are not launched | ||
1677 | * by inetd (eg: debugging mode or server mode). We do not | ||
1678 | * necessarily need to create a session if we are launched from | ||
1679 | * inetd because Panther xinetd will create a session for us. | ||
1680 | * | ||
1681 | * The only case where this logic will fail is if there is an | ||
1682 | * inetd running in a non-root session which is not creating | ||
1683 | * new sessions for us. Then all the users will end up in the | ||
1684 | * same session (bad). | ||
1685 | * | ||
1686 | * When the client exits, the session will be destroyed for us | ||
1687 | * automatically. | ||
1688 | * | ||
1689 | * We must create the session before any credentials are stored | ||
1690 | * (including AFS pags, which happens a few lines below). | ||
1691 | */ | ||
1692 | { | ||
1693 | OSStatus err = 0; | ||
1694 | SecuritySessionId sid = 0; | ||
1695 | SessionAttributeBits sattrs = 0; | ||
1696 | |||
1697 | err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); | ||
1698 | if (err) | ||
1699 | error("SessionGetInfo() failed with error %.8X", | ||
1700 | (unsigned) err); | ||
1701 | else | ||
1702 | debug("Current Session ID is %.8X / Session Attributes a | ||
1703 | re %.8X", | ||
1704 | (unsigned) sid, (unsigned) sattrs); | ||
1705 | |||
1706 | if (inetd_flag && !(sattrs & sessionIsRoot)) | ||
1707 | debug("Running in inetd mode in a non-root session... " | ||
1708 | "assuming inetd created the session for us."); | ||
1709 | else { | ||
1710 | debug("Creating new security session..."); | ||
1711 | err = SessionCreate(0, sessionHasTTY | sessionIsRemote); | ||
1712 | if (err) | ||
1713 | error("SessionCreate() failed with error %.8X", | ||
1714 | (unsigned) err); | ||
1715 | |||
1716 | err = SessionGetInfo(callerSecuritySession, &sid, | ||
1717 | &sattrs); | ||
1718 | if (err) | ||
1719 | error("SessionGetInfo() failed with error %.8X", | ||
1720 | (unsigned) err); | ||
1721 | else | ||
1722 | debug("New Session ID is %.8X / Session Attribut | ||
1723 | es are %.8X", | ||
1724 | (unsigned) sid, (unsigned) sattrs); | ||
1725 | } | ||
1726 | } | ||
1727 | #endif | ||
1728 | |||
1666 | /* | 1729 | /* |
1667 | * We don\'t want to listen forever unless the other side | 1730 | * We don\'t want to listen forever unless the other side |
1668 | * successfully authenticates itself. So we set up an alarm which is | 1731 | * successfully authenticates itself. So we set up an alarm which is |
@@ -2006,13 +2069,63 @@ do_ssh2_kex(void) | |||
2006 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); | 2069 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); |
2007 | 2070 | ||
2008 | /* start key exchange */ | 2071 | /* start key exchange */ |
2009 | kex = kex_setup(myproposal); | 2072 | |
2010 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2073 | #ifdef GSSAPI |
2074 | { | ||
2075 | char *orig; | ||
2076 | char *gss = NULL; | ||
2077 | char *newstr = NULL; | ||
2078 | orig = myproposal[PROPOSAL_KEX_ALGS]; | ||
2079 | |||
2080 | /* | ||
2081 | * If we don't have a host key, then there's no point advertising | ||
2082 | * the other key exchange algorithms | ||
2083 | */ | ||
2084 | |||
2085 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) | ||
2086 | orig = NULL; | ||
2087 | |||
2088 | if (options.gss_keyex) | ||
2089 | gss = ssh_gssapi_server_mechanisms(); | ||
2090 | else | ||
2091 | gss = NULL; | ||
2092 | |||
2093 | if (gss && orig) { | ||
2094 | int len = strlen(orig) + strlen(gss) + 2; | ||
2095 | newstr = xmalloc(len); | ||
2096 | snprintf(newstr, len, "%s,%s", gss, orig); | ||
2097 | } else if (gss) { | ||
2098 | newstr = gss; | ||
2099 | } else if (orig) { | ||
2100 | newstr = orig; | ||
2101 | } | ||
2102 | /* | ||
2103 | * If we've got GSSAPI mechanisms, then we've got the 'null' host | ||
2104 | * key alg, but we can't tell people about it unless its the only | ||
2105 | * host key algorithm we support | ||
2106 | */ | ||
2107 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | ||
2108 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | ||
2109 | |||
2110 | if (newstr) | ||
2111 | myproposal[PROPOSAL_KEX_ALGS] = newstr; | ||
2112 | else | ||
2113 | fatal("No supported key exchange algorithms"); | ||
2114 | } | ||
2115 | #endif | ||
2116 | |||
2117 | /* start key exchange */ | ||
2118 | kex = kex_setup(myproposal); | ||
2119 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | ||
2011 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2120 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
2012 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2121 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2013 | kex->server = 1; | 2122 | #ifdef GSSAPI |
2014 | kex->client_version_string=client_version_string; | 2123 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
2015 | kex->server_version_string=server_version_string; | 2124 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; |
2125 | #endif | ||
2126 | kex->server = 1; | ||
2127 | kex->client_version_string=client_version_string; | ||
2128 | kex->server_version_string=server_version_string; | ||
2016 | kex->load_host_key=&get_hostkey_by_type; | 2129 | kex->load_host_key=&get_hostkey_by_type; |
2017 | kex->host_key_index=&get_hostkey_index; | 2130 | kex->host_key_index=&get_hostkey_index; |
2018 | 2131 | ||