diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 110 |
1 files changed, 110 insertions, 0 deletions
@@ -125,6 +125,10 @@ | |||
125 | #include "version.h" | 125 | #include "version.h" |
126 | #include "ssherr.h" | 126 | #include "ssherr.h" |
127 | 127 | ||
128 | #ifdef USE_SECURITY_SESSION_API | ||
129 | #include <Security/AuthSession.h> | ||
130 | #endif | ||
131 | |||
128 | #ifndef O_NOCTTY | 132 | #ifndef O_NOCTTY |
129 | #define O_NOCTTY 0 | 133 | #define O_NOCTTY 0 |
130 | #endif | 134 | #endif |
@@ -1815,10 +1819,13 @@ main(int ac, char **av) | |||
1815 | logit("Disabling protocol version 1. Could not load host key"); | 1819 | logit("Disabling protocol version 1. Could not load host key"); |
1816 | options.protocol &= ~SSH_PROTO_1; | 1820 | options.protocol &= ~SSH_PROTO_1; |
1817 | } | 1821 | } |
1822 | #ifndef GSSAPI | ||
1823 | /* The GSSAPI key exchange can run without a host key */ | ||
1818 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { | 1824 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { |
1819 | logit("Disabling protocol version 2. Could not load host key"); | 1825 | logit("Disabling protocol version 2. Could not load host key"); |
1820 | options.protocol &= ~SSH_PROTO_2; | 1826 | options.protocol &= ~SSH_PROTO_2; |
1821 | } | 1827 | } |
1828 | #endif | ||
1822 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { | 1829 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { |
1823 | logit("sshd: no hostkeys available -- exiting."); | 1830 | logit("sshd: no hostkeys available -- exiting."); |
1824 | exit(1); | 1831 | exit(1); |
@@ -2132,6 +2139,60 @@ main(int ac, char **av) | |||
2132 | remote_ip, remote_port, | 2139 | remote_ip, remote_port, |
2133 | get_local_ipaddr(sock_in), get_local_port()); | 2140 | get_local_ipaddr(sock_in), get_local_port()); |
2134 | 2141 | ||
2142 | #ifdef USE_SECURITY_SESSION_API | ||
2143 | /* | ||
2144 | * Create a new security session for use by the new user login if | ||
2145 | * the current session is the root session or we are not launched | ||
2146 | * by inetd (eg: debugging mode or server mode). We do not | ||
2147 | * necessarily need to create a session if we are launched from | ||
2148 | * inetd because Panther xinetd will create a session for us. | ||
2149 | * | ||
2150 | * The only case where this logic will fail is if there is an | ||
2151 | * inetd running in a non-root session which is not creating | ||
2152 | * new sessions for us. Then all the users will end up in the | ||
2153 | * same session (bad). | ||
2154 | * | ||
2155 | * When the client exits, the session will be destroyed for us | ||
2156 | * automatically. | ||
2157 | * | ||
2158 | * We must create the session before any credentials are stored | ||
2159 | * (including AFS pags, which happens a few lines below). | ||
2160 | */ | ||
2161 | { | ||
2162 | OSStatus err = 0; | ||
2163 | SecuritySessionId sid = 0; | ||
2164 | SessionAttributeBits sattrs = 0; | ||
2165 | |||
2166 | err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); | ||
2167 | if (err) | ||
2168 | error("SessionGetInfo() failed with error %.8X", | ||
2169 | (unsigned) err); | ||
2170 | else | ||
2171 | debug("Current Session ID is %.8X / Session Attributes are %.8X", | ||
2172 | (unsigned) sid, (unsigned) sattrs); | ||
2173 | |||
2174 | if (inetd_flag && !(sattrs & sessionIsRoot)) | ||
2175 | debug("Running in inetd mode in a non-root session... " | ||
2176 | "assuming inetd created the session for us."); | ||
2177 | else { | ||
2178 | debug("Creating new security session..."); | ||
2179 | err = SessionCreate(0, sessionHasTTY | sessionIsRemote); | ||
2180 | if (err) | ||
2181 | error("SessionCreate() failed with error %.8X", | ||
2182 | (unsigned) err); | ||
2183 | |||
2184 | err = SessionGetInfo(callerSecuritySession, &sid, | ||
2185 | &sattrs); | ||
2186 | if (err) | ||
2187 | error("SessionGetInfo() failed with error %.8X", | ||
2188 | (unsigned) err); | ||
2189 | else | ||
2190 | debug("New Session ID is %.8X / Session Attributes are %.8X", | ||
2191 | (unsigned) sid, (unsigned) sattrs); | ||
2192 | } | ||
2193 | } | ||
2194 | #endif | ||
2195 | |||
2135 | /* | 2196 | /* |
2136 | * We don't want to listen forever unless the other side | 2197 | * We don't want to listen forever unless the other side |
2137 | * successfully authenticates itself. So we set up an alarm which is | 2198 | * successfully authenticates itself. So we set up an alarm which is |
@@ -2561,6 +2622,48 @@ do_ssh2_kex(void) | |||
2561 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( | 2622 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( |
2562 | list_hostkey_types()); | 2623 | list_hostkey_types()); |
2563 | 2624 | ||
2625 | #ifdef GSSAPI | ||
2626 | { | ||
2627 | char *orig; | ||
2628 | char *gss = NULL; | ||
2629 | char *newstr = NULL; | ||
2630 | orig = myproposal[PROPOSAL_KEX_ALGS]; | ||
2631 | |||
2632 | /* | ||
2633 | * If we don't have a host key, then there's no point advertising | ||
2634 | * the other key exchange algorithms | ||
2635 | */ | ||
2636 | |||
2637 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) | ||
2638 | orig = NULL; | ||
2639 | |||
2640 | if (options.gss_keyex) | ||
2641 | gss = ssh_gssapi_server_mechanisms(); | ||
2642 | else | ||
2643 | gss = NULL; | ||
2644 | |||
2645 | if (gss && orig) | ||
2646 | xasprintf(&newstr, "%s,%s", gss, orig); | ||
2647 | else if (gss) | ||
2648 | newstr = gss; | ||
2649 | else if (orig) | ||
2650 | newstr = orig; | ||
2651 | |||
2652 | /* | ||
2653 | * If we've got GSSAPI mechanisms, then we've got the 'null' host | ||
2654 | * key alg, but we can't tell people about it unless its the only | ||
2655 | * host key algorithm we support | ||
2656 | */ | ||
2657 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | ||
2658 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | ||
2659 | |||
2660 | if (newstr) | ||
2661 | myproposal[PROPOSAL_KEX_ALGS] = newstr; | ||
2662 | else | ||
2663 | fatal("No supported key exchange algorithms"); | ||
2664 | } | ||
2665 | #endif | ||
2666 | |||
2564 | /* start key exchange */ | 2667 | /* start key exchange */ |
2565 | if ((r = kex_setup(active_state, myproposal)) != 0) | 2668 | if ((r = kex_setup(active_state, myproposal)) != 0) |
2566 | fatal("kex_setup: %s", ssh_err(r)); | 2669 | fatal("kex_setup: %s", ssh_err(r)); |
@@ -2575,6 +2678,13 @@ do_ssh2_kex(void) | |||
2575 | # endif | 2678 | # endif |
2576 | #endif | 2679 | #endif |
2577 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 2680 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
2681 | #ifdef GSSAPI | ||
2682 | if (options.gss_keyex) { | ||
2683 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | ||
2684 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | ||
2685 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | ||
2686 | } | ||
2687 | #endif | ||
2578 | kex->server = 1; | 2688 | kex->server = 1; |
2579 | kex->client_version_string=client_version_string; | 2689 | kex->client_version_string=client_version_string; |
2580 | kex->server_version_string=server_version_string; | 2690 | kex->server_version_string=server_version_string; |