diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 65 |
1 files changed, 64 insertions, 1 deletions
@@ -86,6 +86,10 @@ RCSID("$OpenBSD: sshd.c,v 1.318 2005/12/24 02:27:41 djm Exp $"); | |||
86 | #include "monitor_wrap.h" | 86 | #include "monitor_wrap.h" |
87 | #include "monitor_fdpass.h" | 87 | #include "monitor_fdpass.h" |
88 | 88 | ||
89 | #ifdef USE_SECURITY_SESSION_API | ||
90 | #include <Security/AuthSession.h> | ||
91 | #endif | ||
92 | |||
89 | #ifdef LIBWRAP | 93 | #ifdef LIBWRAP |
90 | #include <tcpd.h> | 94 | #include <tcpd.h> |
91 | #include <syslog.h> | 95 | #include <syslog.h> |
@@ -1129,6 +1133,7 @@ main(int ac, char **av) | |||
1129 | options.protocol &= ~SSH_PROTO_1; | 1133 | options.protocol &= ~SSH_PROTO_1; |
1130 | } | 1134 | } |
1131 | #ifndef GSSAPI | 1135 | #ifndef GSSAPI |
1136 | /* The GSSAPI key exchange can run without a host key */ | ||
1132 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { | 1137 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { |
1133 | logit("Disabling protocol version 2. Could not load host key"); | 1138 | logit("Disabling protocol version 2. Could not load host key"); |
1134 | options.protocol &= ~SSH_PROTO_2; | 1139 | options.protocol &= ~SSH_PROTO_2; |
@@ -1681,6 +1686,60 @@ main(int ac, char **av) | |||
1681 | /* Log the connection. */ | 1686 | /* Log the connection. */ |
1682 | verbose("Connection from %.500s port %d", remote_ip, remote_port); | 1687 | verbose("Connection from %.500s port %d", remote_ip, remote_port); |
1683 | 1688 | ||
1689 | #ifdef USE_SECURITY_SESSION_API | ||
1690 | /* | ||
1691 | * Create a new security session for use by the new user login if | ||
1692 | * the current session is the root session or we are not launched | ||
1693 | * by inetd (eg: debugging mode or server mode). We do not | ||
1694 | * necessarily need to create a session if we are launched from | ||
1695 | * inetd because Panther xinetd will create a session for us. | ||
1696 | * | ||
1697 | * The only case where this logic will fail is if there is an | ||
1698 | * inetd running in a non-root session which is not creating | ||
1699 | * new sessions for us. Then all the users will end up in the | ||
1700 | * same session (bad). | ||
1701 | * | ||
1702 | * When the client exits, the session will be destroyed for us | ||
1703 | * automatically. | ||
1704 | * | ||
1705 | * We must create the session before any credentials are stored | ||
1706 | * (including AFS pags, which happens a few lines below). | ||
1707 | */ | ||
1708 | { | ||
1709 | OSStatus err = 0; | ||
1710 | SecuritySessionId sid = 0; | ||
1711 | SessionAttributeBits sattrs = 0; | ||
1712 | |||
1713 | err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); | ||
1714 | if (err) | ||
1715 | error("SessionGetInfo() failed with error %.8X", | ||
1716 | (unsigned) err); | ||
1717 | else | ||
1718 | debug("Current Session ID is %.8X / Session Attributes are %.8X", | ||
1719 | (unsigned) sid, (unsigned) sattrs); | ||
1720 | |||
1721 | if (inetd_flag && !(sattrs & sessionIsRoot)) | ||
1722 | debug("Running in inetd mode in a non-root session... " | ||
1723 | "assuming inetd created the session for us."); | ||
1724 | else { | ||
1725 | debug("Creating new security session..."); | ||
1726 | err = SessionCreate(0, sessionHasTTY | sessionIsRemote); | ||
1727 | if (err) | ||
1728 | error("SessionCreate() failed with error %.8X", | ||
1729 | (unsigned) err); | ||
1730 | |||
1731 | err = SessionGetInfo(callerSecuritySession, &sid, | ||
1732 | &sattrs); | ||
1733 | if (err) | ||
1734 | error("SessionGetInfo() failed with error %.8X", | ||
1735 | (unsigned) err); | ||
1736 | else | ||
1737 | debug("New Session ID is %.8X / Session Attributes are %.8X", | ||
1738 | (unsigned) sid, (unsigned) sattrs); | ||
1739 | } | ||
1740 | } | ||
1741 | #endif | ||
1742 | |||
1684 | /* | 1743 | /* |
1685 | * We don't want to listen forever unless the other side | 1744 | * We don't want to listen forever unless the other side |
1686 | * successfully authenticates itself. So we set up an alarm which is | 1745 | * successfully authenticates itself. So we set up an alarm which is |
@@ -2051,7 +2110,10 @@ do_ssh2_kex(void) | |||
2051 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) | 2110 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) |
2052 | orig = NULL; | 2111 | orig = NULL; |
2053 | 2112 | ||
2054 | gss = ssh_gssapi_server_mechanisms(); | 2113 | if (options.gss_keyex) |
2114 | gss = ssh_gssapi_server_mechanisms(); | ||
2115 | else | ||
2116 | gss = NULL; | ||
2055 | 2117 | ||
2056 | if (gss && orig) { | 2118 | if (gss && orig) { |
2057 | int len = strlen(orig) + strlen(gss) + 2; | 2119 | int len = strlen(orig) + strlen(gss) + 2; |
@@ -2084,6 +2146,7 @@ do_ssh2_kex(void) | |||
2084 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2146 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2085 | #ifdef GSSAPI | 2147 | #ifdef GSSAPI |
2086 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 2148 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
2149 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | ||
2087 | #endif | 2150 | #endif |
2088 | kex->server = 1; | 2151 | kex->server = 1; |
2089 | kex->client_version_string=client_version_string; | 2152 | kex->client_version_string=client_version_string; |