diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 110 |
1 files changed, 110 insertions, 0 deletions
@@ -120,6 +120,10 @@ | |||
120 | #include "roaming.h" | 120 | #include "roaming.h" |
121 | #include "version.h" | 121 | #include "version.h" |
122 | 122 | ||
123 | #ifdef USE_SECURITY_SESSION_API | ||
124 | #include <Security/AuthSession.h> | ||
125 | #endif | ||
126 | |||
123 | #ifdef LIBWRAP | 127 | #ifdef LIBWRAP |
124 | #include <tcpd.h> | 128 | #include <tcpd.h> |
125 | #include <syslog.h> | 129 | #include <syslog.h> |
@@ -1590,10 +1594,13 @@ main(int ac, char **av) | |||
1590 | logit("Disabling protocol version 1. Could not load host key"); | 1594 | logit("Disabling protocol version 1. Could not load host key"); |
1591 | options.protocol &= ~SSH_PROTO_1; | 1595 | options.protocol &= ~SSH_PROTO_1; |
1592 | } | 1596 | } |
1597 | #ifndef GSSAPI | ||
1598 | /* The GSSAPI key exchange can run without a host key */ | ||
1593 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { | 1599 | if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { |
1594 | logit("Disabling protocol version 2. Could not load host key"); | 1600 | logit("Disabling protocol version 2. Could not load host key"); |
1595 | options.protocol &= ~SSH_PROTO_2; | 1601 | options.protocol &= ~SSH_PROTO_2; |
1596 | } | 1602 | } |
1603 | #endif | ||
1597 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { | 1604 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { |
1598 | logit("sshd: no hostkeys available -- exiting."); | 1605 | logit("sshd: no hostkeys available -- exiting."); |
1599 | exit(1); | 1606 | exit(1); |
@@ -1922,6 +1929,60 @@ main(int ac, char **av) | |||
1922 | /* Log the connection. */ | 1929 | /* Log the connection. */ |
1923 | verbose("Connection from %.500s port %d", remote_ip, remote_port); | 1930 | verbose("Connection from %.500s port %d", remote_ip, remote_port); |
1924 | 1931 | ||
1932 | #ifdef USE_SECURITY_SESSION_API | ||
1933 | /* | ||
1934 | * Create a new security session for use by the new user login if | ||
1935 | * the current session is the root session or we are not launched | ||
1936 | * by inetd (eg: debugging mode or server mode). We do not | ||
1937 | * necessarily need to create a session if we are launched from | ||
1938 | * inetd because Panther xinetd will create a session for us. | ||
1939 | * | ||
1940 | * The only case where this logic will fail is if there is an | ||
1941 | * inetd running in a non-root session which is not creating | ||
1942 | * new sessions for us. Then all the users will end up in the | ||
1943 | * same session (bad). | ||
1944 | * | ||
1945 | * When the client exits, the session will be destroyed for us | ||
1946 | * automatically. | ||
1947 | * | ||
1948 | * We must create the session before any credentials are stored | ||
1949 | * (including AFS pags, which happens a few lines below). | ||
1950 | */ | ||
1951 | { | ||
1952 | OSStatus err = 0; | ||
1953 | SecuritySessionId sid = 0; | ||
1954 | SessionAttributeBits sattrs = 0; | ||
1955 | |||
1956 | err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); | ||
1957 | if (err) | ||
1958 | error("SessionGetInfo() failed with error %.8X", | ||
1959 | (unsigned) err); | ||
1960 | else | ||
1961 | debug("Current Session ID is %.8X / Session Attributes are %.8X", | ||
1962 | (unsigned) sid, (unsigned) sattrs); | ||
1963 | |||
1964 | if (inetd_flag && !(sattrs & sessionIsRoot)) | ||
1965 | debug("Running in inetd mode in a non-root session... " | ||
1966 | "assuming inetd created the session for us."); | ||
1967 | else { | ||
1968 | debug("Creating new security session..."); | ||
1969 | err = SessionCreate(0, sessionHasTTY | sessionIsRemote); | ||
1970 | if (err) | ||
1971 | error("SessionCreate() failed with error %.8X", | ||
1972 | (unsigned) err); | ||
1973 | |||
1974 | err = SessionGetInfo(callerSecuritySession, &sid, | ||
1975 | &sattrs); | ||
1976 | if (err) | ||
1977 | error("SessionGetInfo() failed with error %.8X", | ||
1978 | (unsigned) err); | ||
1979 | else | ||
1980 | debug("New Session ID is %.8X / Session Attributes are %.8X", | ||
1981 | (unsigned) sid, (unsigned) sattrs); | ||
1982 | } | ||
1983 | } | ||
1984 | #endif | ||
1985 | |||
1925 | /* | 1986 | /* |
1926 | * We don't want to listen forever unless the other side | 1987 | * We don't want to listen forever unless the other side |
1927 | * successfully authenticates itself. So we set up an alarm which is | 1988 | * successfully authenticates itself. So we set up an alarm which is |
@@ -2303,6 +2364,48 @@ do_ssh2_kex(void) | |||
2303 | 2364 | ||
2304 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); | 2365 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); |
2305 | 2366 | ||
2367 | #ifdef GSSAPI | ||
2368 | { | ||
2369 | char *orig; | ||
2370 | char *gss = NULL; | ||
2371 | char *newstr = NULL; | ||
2372 | orig = myproposal[PROPOSAL_KEX_ALGS]; | ||
2373 | |||
2374 | /* | ||
2375 | * If we don't have a host key, then there's no point advertising | ||
2376 | * the other key exchange algorithms | ||
2377 | */ | ||
2378 | |||
2379 | if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) | ||
2380 | orig = NULL; | ||
2381 | |||
2382 | if (options.gss_keyex) | ||
2383 | gss = ssh_gssapi_server_mechanisms(); | ||
2384 | else | ||
2385 | gss = NULL; | ||
2386 | |||
2387 | if (gss && orig) | ||
2388 | xasprintf(&newstr, "%s,%s", gss, orig); | ||
2389 | else if (gss) | ||
2390 | newstr = gss; | ||
2391 | else if (orig) | ||
2392 | newstr = orig; | ||
2393 | |||
2394 | /* | ||
2395 | * If we've got GSSAPI mechanisms, then we've got the 'null' host | ||
2396 | * key alg, but we can't tell people about it unless its the only | ||
2397 | * host key algorithm we support | ||
2398 | */ | ||
2399 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | ||
2400 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | ||
2401 | |||
2402 | if (newstr) | ||
2403 | myproposal[PROPOSAL_KEX_ALGS] = newstr; | ||
2404 | else | ||
2405 | fatal("No supported key exchange algorithms"); | ||
2406 | } | ||
2407 | #endif | ||
2408 | |||
2306 | /* start key exchange */ | 2409 | /* start key exchange */ |
2307 | kex = kex_setup(myproposal); | 2410 | kex = kex_setup(myproposal); |
2308 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2411 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
@@ -2310,6 +2413,13 @@ do_ssh2_kex(void) | |||
2310 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2413 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2311 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2414 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2312 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 2415 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
2416 | #ifdef GSSAPI | ||
2417 | if (options.gss_keyex) { | ||
2418 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | ||
2419 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | ||
2420 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | ||
2421 | } | ||
2422 | #endif | ||
2313 | kex->server = 1; | 2423 | kex->server = 1; |
2314 | kex->client_version_string=client_version_string; | 2424 | kex->client_version_string=client_version_string; |
2315 | kex->server_version_string=server_version_string; | 2425 | kex->server_version_string=server_version_string; |