diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 108 |
1 files changed, 108 insertions, 0 deletions
@@ -117,6 +117,10 @@ | |||
117 | #include "monitor_fdpass.h" | 117 | #include "monitor_fdpass.h" |
118 | #include "version.h" | 118 | #include "version.h" |
119 | 119 | ||
120 | #ifdef USE_SECURITY_SESSION_API | ||
121 | #include <Security/AuthSession.h> | ||
122 | #endif | ||
123 | |||
120 | #ifdef LIBWRAP | 124 | #ifdef LIBWRAP |
121 | #include <tcpd.h> | 125 | #include <tcpd.h> |
122 | #include <syslog.h> | 126 | #include <syslog.h> |
@@ -1481,10 +1485,13 @@ main(int ac, char **av) | |||
1481 | logit("Disabling protocol version 1. Could not load host key"); | 1485 | logit("Disabling protocol version 1. Could not load host key"); |
1482 | options.protocol &= ~SSH_PROTO_1; | 1486 | options.protocol &= ~SSH_PROTO_1; |
1483 | } | 1487 | } |
1488 | #ifndef GSSAPI | ||
1489 | /* The GSSAPI key exchange can run without a host key */ | ||
1484 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { | 1490 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { |
1485 | logit("Disabling protocol version 2. Could not load host key"); | 1491 | logit("Disabling protocol version 2. Could not load host key"); |
1486 | options.protocol &= ~SSH_PROTO_2; | 1492 | options.protocol &= ~SSH_PROTO_2; |
1487 | } | 1493 | } |
1494 | #endif | ||
1488 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { | 1495 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { |
1489 | logit("sshd: no hostkeys available -- exiting."); | 1496 | logit("sshd: no hostkeys available -- exiting."); |
1490 | exit(1); | 1497 | exit(1); |
@@ -1759,6 +1766,60 @@ main(int ac, char **av) | |||
1759 | /* Log the connection. */ | 1766 | /* Log the connection. */ |
1760 | verbose("Connection from %.500s port %d", remote_ip, remote_port); | 1767 | verbose("Connection from %.500s port %d", remote_ip, remote_port); |
1761 | 1768 | ||
1769 | #ifdef USE_SECURITY_SESSION_API | ||
1770 | /* | ||
1771 | * Create a new security session for use by the new user login if | ||
1772 | * the current session is the root session or we are not launched | ||
1773 | * by inetd (eg: debugging mode or server mode). We do not | ||
1774 | * necessarily need to create a session if we are launched from | ||
1775 | * inetd because Panther xinetd will create a session for us. | ||
1776 | * | ||
1777 | * The only case where this logic will fail is if there is an | ||
1778 | * inetd running in a non-root session which is not creating | ||
1779 | * new sessions for us. Then all the users will end up in the | ||
1780 | * same session (bad). | ||
1781 | * | ||
1782 | * When the client exits, the session will be destroyed for us | ||
1783 | * automatically. | ||
1784 | * | ||
1785 | * We must create the session before any credentials are stored | ||
1786 | * (including AFS pags, which happens a few lines below). | ||
1787 | */ | ||
1788 | { | ||
1789 | OSStatus err = 0; | ||
1790 | SecuritySessionId sid = 0; | ||
1791 | SessionAttributeBits sattrs = 0; | ||
1792 | |||
1793 | err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); | ||
1794 | if (err) | ||
1795 | error("SessionGetInfo() failed with error %.8X", | ||
1796 | (unsigned) err); | ||
1797 | else | ||
1798 | debug("Current Session ID is %.8X / Session Attributes are %.8X", | ||
1799 | (unsigned) sid, (unsigned) sattrs); | ||
1800 | |||
1801 | if (inetd_flag && !(sattrs & sessionIsRoot)) | ||
1802 | debug("Running in inetd mode in a non-root session... " | ||
1803 | "assuming inetd created the session for us."); | ||
1804 | else { | ||
1805 | debug("Creating new security session..."); | ||
1806 | err = SessionCreate(0, sessionHasTTY | sessionIsRemote); | ||
1807 | if (err) | ||
1808 | error("SessionCreate() failed with error %.8X", | ||
1809 | (unsigned) err); | ||
1810 | |||
1811 | err = SessionGetInfo(callerSecuritySession, &sid, | ||
1812 | &sattrs); | ||
1813 | if (err) | ||
1814 | error("SessionGetInfo() failed with error %.8X", | ||
1815 | (unsigned) err); | ||
1816 | else | ||
1817 | debug("New Session ID is %.8X / Session Attributes are %.8X", | ||
1818 | (unsigned) sid, (unsigned) sattrs); | ||
1819 | } | ||
1820 | } | ||
1821 | #endif | ||
1822 | |||
1762 | /* | 1823 | /* |
1763 | * We don't want to listen forever unless the other side | 1824 | * We don't want to listen forever unless the other side |
1764 | * successfully authenticates itself. So we set up an alarm which is | 1825 | * successfully authenticates itself. So we set up an alarm which is |
@@ -2117,12 +2178,59 @@ do_ssh2_kex(void) | |||
2117 | 2178 | ||
2118 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); | 2179 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); |
2119 | 2180 | ||
2181 | #ifdef GSSAPI | ||
2182 | { | ||
2183 | char *orig; | ||
2184 | char *gss = NULL; | ||
2185 | char *newstr = NULL; | ||
2186 | orig = myproposal[PROPOSAL_KEX_ALGS]; | ||
2187 | |||
2188 | /* | ||
2189 | * If we don't have a host key, then there's no point advertising | ||
2190 | * the other key exchange algorithms | ||
2191 | */ | ||
2192 | |||
2193 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) | ||
2194 | orig = NULL; | ||
2195 | |||
2196 | if (options.gss_keyex) | ||
2197 | gss = ssh_gssapi_server_mechanisms(); | ||
2198 | else | ||
2199 | gss = NULL; | ||
2200 | |||
2201 | if (gss && orig) | ||
2202 | xasprintf(&newstr, "%s,%s", gss, orig); | ||
2203 | else if (gss) | ||
2204 | newstr = gss; | ||
2205 | else if (orig) | ||
2206 | newstr = orig; | ||
2207 | |||
2208 | /* | ||
2209 | * If we've got GSSAPI mechanisms, then we've got the 'null' host | ||
2210 | * key alg, but we can't tell people about it unless its the only | ||
2211 | * host key algorithm we support | ||
2212 | */ | ||
2213 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | ||
2214 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | ||
2215 | |||
2216 | if (newstr) | ||
2217 | myproposal[PROPOSAL_KEX_ALGS] = newstr; | ||
2218 | else | ||
2219 | fatal("No supported key exchange algorithms"); | ||
2220 | } | ||
2221 | #endif | ||
2222 | |||
2120 | /* start key exchange */ | 2223 | /* start key exchange */ |
2121 | kex = kex_setup(myproposal); | 2224 | kex = kex_setup(myproposal); |
2122 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2225 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
2123 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2226 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
2124 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2227 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2125 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2228 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2229 | #ifdef GSSAPI | ||
2230 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | ||
2231 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | ||
2232 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | ||
2233 | #endif | ||
2126 | kex->server = 1; | 2234 | kex->server = 1; |
2127 | kex->client_version_string=client_version_string; | 2235 | kex->client_version_string=client_version_string; |
2128 | kex->server_version_string=server_version_string; | 2236 | kex->server_version_string=server_version_string; |