diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 110 |
1 files changed, 110 insertions, 0 deletions
@@ -120,6 +120,10 @@ | |||
120 | #include "roaming.h" | 120 | #include "roaming.h" |
121 | #include "version.h" | 121 | #include "version.h" |
122 | 122 | ||
123 | #ifdef USE_SECURITY_SESSION_API | ||
124 | #include <Security/AuthSession.h> | ||
125 | #endif | ||
126 | |||
123 | #ifdef LIBWRAP | 127 | #ifdef LIBWRAP |
124 | #include <tcpd.h> | 128 | #include <tcpd.h> |
125 | #include <syslog.h> | 129 | #include <syslog.h> |
@@ -1531,10 +1535,13 @@ main(int ac, char **av) | |||
1531 | logit("Disabling protocol version 1. Could not load host key"); | 1535 | logit("Disabling protocol version 1. Could not load host key"); |
1532 | options.protocol &= ~SSH_PROTO_1; | 1536 | options.protocol &= ~SSH_PROTO_1; |
1533 | } | 1537 | } |
1538 | #ifndef GSSAPI | ||
1539 | /* The GSSAPI key exchange can run without a host key */ | ||
1534 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { | 1540 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { |
1535 | logit("Disabling protocol version 2. Could not load host key"); | 1541 | logit("Disabling protocol version 2. Could not load host key"); |
1536 | options.protocol &= ~SSH_PROTO_2; | 1542 | options.protocol &= ~SSH_PROTO_2; |
1537 | } | 1543 | } |
1544 | #endif | ||
1538 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { | 1545 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { |
1539 | logit("sshd: no hostkeys available -- exiting."); | 1546 | logit("sshd: no hostkeys available -- exiting."); |
1540 | exit(1); | 1547 | exit(1); |
@@ -1818,6 +1825,60 @@ main(int ac, char **av) | |||
1818 | /* Log the connection. */ | 1825 | /* Log the connection. */ |
1819 | verbose("Connection from %.500s port %d", remote_ip, remote_port); | 1826 | verbose("Connection from %.500s port %d", remote_ip, remote_port); |
1820 | 1827 | ||
1828 | #ifdef USE_SECURITY_SESSION_API | ||
1829 | /* | ||
1830 | * Create a new security session for use by the new user login if | ||
1831 | * the current session is the root session or we are not launched | ||
1832 | * by inetd (eg: debugging mode or server mode). We do not | ||
1833 | * necessarily need to create a session if we are launched from | ||
1834 | * inetd because Panther xinetd will create a session for us. | ||
1835 | * | ||
1836 | * The only case where this logic will fail is if there is an | ||
1837 | * inetd running in a non-root session which is not creating | ||
1838 | * new sessions for us. Then all the users will end up in the | ||
1839 | * same session (bad). | ||
1840 | * | ||
1841 | * When the client exits, the session will be destroyed for us | ||
1842 | * automatically. | ||
1843 | * | ||
1844 | * We must create the session before any credentials are stored | ||
1845 | * (including AFS pags, which happens a few lines below). | ||
1846 | */ | ||
1847 | { | ||
1848 | OSStatus err = 0; | ||
1849 | SecuritySessionId sid = 0; | ||
1850 | SessionAttributeBits sattrs = 0; | ||
1851 | |||
1852 | err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); | ||
1853 | if (err) | ||
1854 | error("SessionGetInfo() failed with error %.8X", | ||
1855 | (unsigned) err); | ||
1856 | else | ||
1857 | debug("Current Session ID is %.8X / Session Attributes are %.8X", | ||
1858 | (unsigned) sid, (unsigned) sattrs); | ||
1859 | |||
1860 | if (inetd_flag && !(sattrs & sessionIsRoot)) | ||
1861 | debug("Running in inetd mode in a non-root session... " | ||
1862 | "assuming inetd created the session for us."); | ||
1863 | else { | ||
1864 | debug("Creating new security session..."); | ||
1865 | err = SessionCreate(0, sessionHasTTY | sessionIsRemote); | ||
1866 | if (err) | ||
1867 | error("SessionCreate() failed with error %.8X", | ||
1868 | (unsigned) err); | ||
1869 | |||
1870 | err = SessionGetInfo(callerSecuritySession, &sid, | ||
1871 | &sattrs); | ||
1872 | if (err) | ||
1873 | error("SessionGetInfo() failed with error %.8X", | ||
1874 | (unsigned) err); | ||
1875 | else | ||
1876 | debug("New Session ID is %.8X / Session Attributes are %.8X", | ||
1877 | (unsigned) sid, (unsigned) sattrs); | ||
1878 | } | ||
1879 | } | ||
1880 | #endif | ||
1881 | |||
1821 | /* | 1882 | /* |
1822 | * We don't want to listen forever unless the other side | 1883 | * We don't want to listen forever unless the other side |
1823 | * successfully authenticates itself. So we set up an alarm which is | 1884 | * successfully authenticates itself. So we set up an alarm which is |
@@ -2195,12 +2256,61 @@ do_ssh2_kex(void) | |||
2195 | 2256 | ||
2196 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); | 2257 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); |
2197 | 2258 | ||
2259 | #ifdef GSSAPI | ||
2260 | { | ||
2261 | char *orig; | ||
2262 | char *gss = NULL; | ||
2263 | char *newstr = NULL; | ||
2264 | orig = myproposal[PROPOSAL_KEX_ALGS]; | ||
2265 | |||
2266 | /* | ||
2267 | * If we don't have a host key, then there's no point advertising | ||
2268 | * the other key exchange algorithms | ||
2269 | */ | ||
2270 | |||
2271 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) | ||
2272 | orig = NULL; | ||
2273 | |||
2274 | if (options.gss_keyex) | ||
2275 | gss = ssh_gssapi_server_mechanisms(); | ||
2276 | else | ||
2277 | gss = NULL; | ||
2278 | |||
2279 | if (gss && orig) | ||
2280 | xasprintf(&newstr, "%s,%s", gss, orig); | ||
2281 | else if (gss) | ||
2282 | newstr = gss; | ||
2283 | else if (orig) | ||
2284 | newstr = orig; | ||
2285 | |||
2286 | /* | ||
2287 | * If we've got GSSAPI mechanisms, then we've got the 'null' host | ||
2288 | * key alg, but we can't tell people about it unless its the only | ||
2289 | * host key algorithm we support | ||
2290 | */ | ||
2291 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | ||
2292 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | ||
2293 | |||
2294 | if (newstr) | ||
2295 | myproposal[PROPOSAL_KEX_ALGS] = newstr; | ||
2296 | else | ||
2297 | fatal("No supported key exchange algorithms"); | ||
2298 | } | ||
2299 | #endif | ||
2300 | |||
2198 | /* start key exchange */ | 2301 | /* start key exchange */ |
2199 | kex = kex_setup(myproposal); | 2302 | kex = kex_setup(myproposal); |
2200 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2303 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
2201 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2304 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
2202 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2305 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2203 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2306 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2307 | #ifdef GSSAPI | ||
2308 | if (options.gss_keyex) { | ||
2309 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | ||
2310 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | ||
2311 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | ||
2312 | } | ||
2313 | #endif | ||
2204 | kex->server = 1; | 2314 | kex->server = 1; |
2205 | kex->client_version_string=client_version_string; | 2315 | kex->client_version_string=client_version_string; |
2206 | kex->server_version_string=server_version_string; | 2316 | kex->server_version_string=server_version_string; |