summaryrefslogtreecommitdiff
path: root/sshd.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshd.c')
-rw-r--r--sshd.c58
1 files changed, 39 insertions, 19 deletions
diff --git a/sshd.c b/sshd.c
index da0b26587..1eac32797 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
42 */ 42 */
43 43
44#include "includes.h" 44#include "includes.h"
45RCSID("$OpenBSD: sshd.c,v 1.312 2005/07/25 11:59:40 markus Exp $"); 45RCSID("$OpenBSD: sshd.c,v 1.318 2005/12/24 02:27:41 djm Exp $");
46 46
47#include <openssl/dh.h> 47#include <openssl/dh.h>
48#include <openssl/bn.h> 48#include <openssl/bn.h>
@@ -637,16 +637,8 @@ privsep_postauth(Authctxt *authctxt)
637 if (authctxt->pw->pw_uid == 0 || options.use_login) { 637 if (authctxt->pw->pw_uid == 0 || options.use_login) {
638#endif 638#endif
639 /* File descriptor passing is broken or root login */ 639 /* File descriptor passing is broken or root login */
640 monitor_apply_keystate(pmonitor);
641 use_privsep = 0; 640 use_privsep = 0;
642 return; 641 goto skip;
643 }
644
645 /* Authentication complete */
646 alarm(0);
647 if (startup_pipe != -1) {
648 close(startup_pipe);
649 startup_pipe = -1;
650 } 642 }
651 643
652 /* New socket pair */ 644 /* New socket pair */
@@ -673,6 +665,7 @@ privsep_postauth(Authctxt *authctxt)
673 /* Drop privileges */ 665 /* Drop privileges */
674 do_setusercontext(authctxt->pw); 666 do_setusercontext(authctxt->pw);
675 667
668 skip:
676 /* It is safe now to apply the key state */ 669 /* It is safe now to apply the key state */
677 monitor_apply_keystate(pmonitor); 670 monitor_apply_keystate(pmonitor);
678 671
@@ -804,6 +797,7 @@ send_rexec_state(int fd, Buffer *conf)
804 * bignum iqmp " 797 * bignum iqmp "
805 * bignum p " 798 * bignum p "
806 * bignum q " 799 * bignum q "
800 * string rngseed (only if OpenSSL is not self-seeded)
807 */ 801 */
808 buffer_init(&m); 802 buffer_init(&m);
809 buffer_put_cstring(&m, buffer_ptr(conf)); 803 buffer_put_cstring(&m, buffer_ptr(conf));
@@ -820,6 +814,10 @@ send_rexec_state(int fd, Buffer *conf)
820 } else 814 } else
821 buffer_put_int(&m, 0); 815 buffer_put_int(&m, 0);
822 816
817#ifndef OPENSSL_PRNG_ONLY
818 rexec_send_rng_seed(&m);
819#endif
820
823 if (ssh_msg_send(fd, 0, &m) == -1) 821 if (ssh_msg_send(fd, 0, &m) == -1)
824 fatal("%s: ssh_msg_send failed", __func__); 822 fatal("%s: ssh_msg_send failed", __func__);
825 823
@@ -862,6 +860,11 @@ recv_rexec_state(int fd, Buffer *conf)
862 rsa_generate_additional_parameters( 860 rsa_generate_additional_parameters(
863 sensitive_data.server_key->rsa); 861 sensitive_data.server_key->rsa);
864 } 862 }
863
864#ifndef OPENSSL_PRNG_ONLY
865 rexec_recv_rng_seed(&m);
866#endif
867
865 buffer_free(&m); 868 buffer_free(&m);
866 869
867 debug3("%s: done", __func__); 870 debug3("%s: done", __func__);
@@ -918,6 +921,9 @@ main(int ac, char **av)
918 if (geteuid() == 0 && setgroups(0, NULL) == -1) 921 if (geteuid() == 0 && setgroups(0, NULL) == -1)
919 debug("setgroups(): %.200s", strerror(errno)); 922 debug("setgroups(): %.200s", strerror(errno));
920 923
924 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
925 sanitise_stdfd();
926
921 /* Initialize configuration options to their default values. */ 927 /* Initialize configuration options to their default values. */
922 initialize_server_options(&options); 928 initialize_server_options(&options);
923 929
@@ -1055,8 +1061,6 @@ main(int ac, char **av)
1055 drop_cray_privs(); 1061 drop_cray_privs();
1056#endif 1062#endif
1057 1063
1058 seed_rng();
1059
1060 sensitive_data.server_key = NULL; 1064 sensitive_data.server_key = NULL;
1061 sensitive_data.ssh1_host_key = NULL; 1065 sensitive_data.ssh1_host_key = NULL;
1062 sensitive_data.have_ssh1_key = 0; 1066 sensitive_data.have_ssh1_key = 0;
@@ -1075,6 +1079,8 @@ main(int ac, char **av)
1075 if (!rexec_flag) 1079 if (!rexec_flag)
1076 buffer_free(&cfg); 1080 buffer_free(&cfg);
1077 1081
1082 seed_rng();
1083
1078 /* Fill in default values for those options not explicitly set. */ 1084 /* Fill in default values for those options not explicitly set. */
1079 fill_default_server_options(&options); 1085 fill_default_server_options(&options);
1080 1086
@@ -1645,7 +1651,12 @@ main(int ac, char **av)
1645 debug("get_remote_port failed"); 1651 debug("get_remote_port failed");
1646 cleanup_exit(255); 1652 cleanup_exit(255);
1647 } 1653 }
1648 remote_ip = get_remote_ipaddr(); 1654
1655 /*
1656 * We use get_canonical_hostname with usedns = 0 instead of
1657 * get_remote_ipaddr here so IP options will be checked.
1658 */
1659 remote_ip = get_canonical_hostname(0);
1649 1660
1650#ifdef SSH_AUDIT_EVENTS 1661#ifdef SSH_AUDIT_EVENTS
1651 audit_connection_from(remote_ip, remote_port); 1662 audit_connection_from(remote_ip, remote_port);
@@ -1699,8 +1710,7 @@ main(int ac, char **av)
1699 error("SessionGetInfo() failed with error %.8X", 1710 error("SessionGetInfo() failed with error %.8X",
1700 (unsigned) err); 1711 (unsigned) err);
1701 else 1712 else
1702 debug("Current Session ID is %.8X / Session Attributes a 1713 debug("Current Session ID is %.8X / Session Attributes are %.8X",
1703re %.8X",
1704 (unsigned) sid, (unsigned) sattrs); 1714 (unsigned) sid, (unsigned) sattrs);
1705 1715
1706 if (inetd_flag && !(sattrs & sessionIsRoot)) 1716 if (inetd_flag && !(sattrs & sessionIsRoot))
@@ -1719,18 +1729,17 @@ re %.8X",
1719 error("SessionGetInfo() failed with error %.8X", 1729 error("SessionGetInfo() failed with error %.8X",
1720 (unsigned) err); 1730 (unsigned) err);
1721 else 1731 else
1722 debug("New Session ID is %.8X / Session Attribut 1732 debug("New Session ID is %.8X / Session Attributes are %.8X",
1723es are %.8X",
1724 (unsigned) sid, (unsigned) sattrs); 1733 (unsigned) sid, (unsigned) sattrs);
1725 } 1734 }
1726 } 1735 }
1727#endif 1736#endif
1728 1737
1729 /* 1738 /*
1730 * We don\'t want to listen forever unless the other side 1739 * We don't want to listen forever unless the other side
1731 * successfully authenticates itself. So we set up an alarm which is 1740 * successfully authenticates itself. So we set up an alarm which is
1732 * cleared after successful authentication. A limit of zero 1741 * cleared after successful authentication. A limit of zero
1733 * indicates no limit. Note that we don\'t set the alarm in debugging 1742 * indicates no limit. Note that we don't set the alarm in debugging
1734 * mode; it is just annoying to have the server exit just when you 1743 * mode; it is just annoying to have the server exit just when you
1735 * are about to discover the bug. 1744 * are about to discover the bug.
1736 */ 1745 */
@@ -1777,6 +1786,17 @@ es are %.8X",
1777 } 1786 }
1778 1787
1779 authenticated: 1788 authenticated:
1789 /*
1790 * Cancel the alarm we set to limit the time taken for
1791 * authentication.
1792 */
1793 alarm(0);
1794 signal(SIGALRM, SIG_DFL);
1795 if (startup_pipe != -1) {
1796 close(startup_pipe);
1797 startup_pipe = -1;
1798 }
1799
1780#ifdef SSH_AUDIT_EVENTS 1800#ifdef SSH_AUDIT_EVENTS
1781 audit_event(SSH_AUTH_SUCCESS); 1801 audit_event(SSH_AUTH_SUCCESS);
1782#endif 1802#endif