diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 110 |
1 files changed, 110 insertions, 0 deletions
@@ -120,6 +120,10 @@ | |||
120 | #include "roaming.h" | 120 | #include "roaming.h" |
121 | #include "version.h" | 121 | #include "version.h" |
122 | 122 | ||
123 | #ifdef USE_SECURITY_SESSION_API | ||
124 | #include <Security/AuthSession.h> | ||
125 | #endif | ||
126 | |||
123 | #ifdef LIBWRAP | 127 | #ifdef LIBWRAP |
124 | #include <tcpd.h> | 128 | #include <tcpd.h> |
125 | #include <syslog.h> | 129 | #include <syslog.h> |
@@ -1586,10 +1590,13 @@ main(int ac, char **av) | |||
1586 | logit("Disabling protocol version 1. Could not load host key"); | 1590 | logit("Disabling protocol version 1. Could not load host key"); |
1587 | options.protocol &= ~SSH_PROTO_1; | 1591 | options.protocol &= ~SSH_PROTO_1; |
1588 | } | 1592 | } |
1593 | #ifndef GSSAPI | ||
1594 | /* The GSSAPI key exchange can run without a host key */ | ||
1589 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { | 1595 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { |
1590 | logit("Disabling protocol version 2. Could not load host key"); | 1596 | logit("Disabling protocol version 2. Could not load host key"); |
1591 | options.protocol &= ~SSH_PROTO_2; | 1597 | options.protocol &= ~SSH_PROTO_2; |
1592 | } | 1598 | } |
1599 | #endif | ||
1593 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { | 1600 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { |
1594 | logit("sshd: no hostkeys available -- exiting."); | 1601 | logit("sshd: no hostkeys available -- exiting."); |
1595 | exit(1); | 1602 | exit(1); |
@@ -1918,6 +1925,60 @@ main(int ac, char **av) | |||
1918 | /* Log the connection. */ | 1925 | /* Log the connection. */ |
1919 | verbose("Connection from %.500s port %d", remote_ip, remote_port); | 1926 | verbose("Connection from %.500s port %d", remote_ip, remote_port); |
1920 | 1927 | ||
1928 | #ifdef USE_SECURITY_SESSION_API | ||
1929 | /* | ||
1930 | * Create a new security session for use by the new user login if | ||
1931 | * the current session is the root session or we are not launched | ||
1932 | * by inetd (eg: debugging mode or server mode). We do not | ||
1933 | * necessarily need to create a session if we are launched from | ||
1934 | * inetd because Panther xinetd will create a session for us. | ||
1935 | * | ||
1936 | * The only case where this logic will fail is if there is an | ||
1937 | * inetd running in a non-root session which is not creating | ||
1938 | * new sessions for us. Then all the users will end up in the | ||
1939 | * same session (bad). | ||
1940 | * | ||
1941 | * When the client exits, the session will be destroyed for us | ||
1942 | * automatically. | ||
1943 | * | ||
1944 | * We must create the session before any credentials are stored | ||
1945 | * (including AFS pags, which happens a few lines below). | ||
1946 | */ | ||
1947 | { | ||
1948 | OSStatus err = 0; | ||
1949 | SecuritySessionId sid = 0; | ||
1950 | SessionAttributeBits sattrs = 0; | ||
1951 | |||
1952 | err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); | ||
1953 | if (err) | ||
1954 | error("SessionGetInfo() failed with error %.8X", | ||
1955 | (unsigned) err); | ||
1956 | else | ||
1957 | debug("Current Session ID is %.8X / Session Attributes are %.8X", | ||
1958 | (unsigned) sid, (unsigned) sattrs); | ||
1959 | |||
1960 | if (inetd_flag && !(sattrs & sessionIsRoot)) | ||
1961 | debug("Running in inetd mode in a non-root session... " | ||
1962 | "assuming inetd created the session for us."); | ||
1963 | else { | ||
1964 | debug("Creating new security session..."); | ||
1965 | err = SessionCreate(0, sessionHasTTY | sessionIsRemote); | ||
1966 | if (err) | ||
1967 | error("SessionCreate() failed with error %.8X", | ||
1968 | (unsigned) err); | ||
1969 | |||
1970 | err = SessionGetInfo(callerSecuritySession, &sid, | ||
1971 | &sattrs); | ||
1972 | if (err) | ||
1973 | error("SessionGetInfo() failed with error %.8X", | ||
1974 | (unsigned) err); | ||
1975 | else | ||
1976 | debug("New Session ID is %.8X / Session Attributes are %.8X", | ||
1977 | (unsigned) sid, (unsigned) sattrs); | ||
1978 | } | ||
1979 | } | ||
1980 | #endif | ||
1981 | |||
1921 | /* | 1982 | /* |
1922 | * We don't want to listen forever unless the other side | 1983 | * We don't want to listen forever unless the other side |
1923 | * successfully authenticates itself. So we set up an alarm which is | 1984 | * successfully authenticates itself. So we set up an alarm which is |
@@ -2296,12 +2357,61 @@ do_ssh2_kex(void) | |||
2296 | 2357 | ||
2297 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); | 2358 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); |
2298 | 2359 | ||
2360 | #ifdef GSSAPI | ||
2361 | { | ||
2362 | char *orig; | ||
2363 | char *gss = NULL; | ||
2364 | char *newstr = NULL; | ||
2365 | orig = myproposal[PROPOSAL_KEX_ALGS]; | ||
2366 | |||
2367 | /* | ||
2368 | * If we don't have a host key, then there's no point advertising | ||
2369 | * the other key exchange algorithms | ||
2370 | */ | ||
2371 | |||
2372 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) | ||
2373 | orig = NULL; | ||
2374 | |||
2375 | if (options.gss_keyex) | ||
2376 | gss = ssh_gssapi_server_mechanisms(); | ||
2377 | else | ||
2378 | gss = NULL; | ||
2379 | |||
2380 | if (gss && orig) | ||
2381 | xasprintf(&newstr, "%s,%s", gss, orig); | ||
2382 | else if (gss) | ||
2383 | newstr = gss; | ||
2384 | else if (orig) | ||
2385 | newstr = orig; | ||
2386 | |||
2387 | /* | ||
2388 | * If we've got GSSAPI mechanisms, then we've got the 'null' host | ||
2389 | * key alg, but we can't tell people about it unless its the only | ||
2390 | * host key algorithm we support | ||
2391 | */ | ||
2392 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | ||
2393 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | ||
2394 | |||
2395 | if (newstr) | ||
2396 | myproposal[PROPOSAL_KEX_ALGS] = newstr; | ||
2397 | else | ||
2398 | fatal("No supported key exchange algorithms"); | ||
2399 | } | ||
2400 | #endif | ||
2401 | |||
2299 | /* start key exchange */ | 2402 | /* start key exchange */ |
2300 | kex = kex_setup(myproposal); | 2403 | kex = kex_setup(myproposal); |
2301 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2404 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
2302 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2405 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
2303 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2406 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2304 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2407 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2408 | #ifdef GSSAPI | ||
2409 | if (options.gss_keyex) { | ||
2410 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | ||
2411 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | ||
2412 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | ||
2413 | } | ||
2414 | #endif | ||
2305 | kex->server = 1; | 2415 | kex->server = 1; |
2306 | kex->client_version_string=client_version_string; | 2416 | kex->client_version_string=client_version_string; |
2307 | kex->server_version_string=server_version_string; | 2417 | kex->server_version_string=server_version_string; |