diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 56 |
1 files changed, 37 insertions, 19 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.404 2013/07/19 07:37:48 markus Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.414 2014/01/09 23:26:48 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -319,6 +319,7 @@ static void | |||
319 | sighup_restart(void) | 319 | sighup_restart(void) |
320 | { | 320 | { |
321 | logit("Received SIGHUP; restarting."); | 321 | logit("Received SIGHUP; restarting."); |
322 | platform_pre_restart(); | ||
322 | close_listen_socks(); | 323 | close_listen_socks(); |
323 | close_startup_pipes(); | 324 | close_startup_pipes(); |
324 | alarm(0); /* alarm timer persists across exec */ | 325 | alarm(0); /* alarm timer persists across exec */ |
@@ -375,7 +376,7 @@ grace_alarm_handler(int sig) | |||
375 | */ | 376 | */ |
376 | if (getpgid(0) == getpid()) { | 377 | if (getpgid(0) == getpid()) { |
377 | signal(SIGTERM, SIG_IGN); | 378 | signal(SIGTERM, SIG_IGN); |
378 | killpg(0, SIGTERM); | 379 | kill(0, SIGTERM); |
379 | } | 380 | } |
380 | 381 | ||
381 | /* Log error and exit. */ | 382 | /* Log error and exit. */ |
@@ -401,7 +402,6 @@ generate_ephemeral_server_key(void) | |||
401 | verbose("RSA key generation complete."); | 402 | verbose("RSA key generation complete."); |
402 | 403 | ||
403 | arc4random_buf(sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); | 404 | arc4random_buf(sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); |
404 | arc4random_stir(); | ||
405 | } | 405 | } |
406 | 406 | ||
407 | /*ARGSUSED*/ | 407 | /*ARGSUSED*/ |
@@ -485,10 +485,11 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
485 | &remote_major, &remote_minor, remote_version) != 3) { | 485 | &remote_major, &remote_minor, remote_version) != 3) { |
486 | s = "Protocol mismatch.\n"; | 486 | s = "Protocol mismatch.\n"; |
487 | (void) atomicio(vwrite, sock_out, s, strlen(s)); | 487 | (void) atomicio(vwrite, sock_out, s, strlen(s)); |
488 | logit("Bad protocol version identification '%.100s' " | ||
489 | "from %s port %d", client_version_string, | ||
490 | get_remote_ipaddr(), get_remote_port()); | ||
488 | close(sock_in); | 491 | close(sock_in); |
489 | close(sock_out); | 492 | close(sock_out); |
490 | logit("Bad protocol version identification '%.100s' from %s", | ||
491 | client_version_string, get_remote_ipaddr()); | ||
492 | cleanup_exit(255); | 493 | cleanup_exit(255); |
493 | } | 494 | } |
494 | debug("Client protocol version %d.%d; client software version %.100s", | 495 | debug("Client protocol version %d.%d; client software version %.100s", |
@@ -496,17 +497,24 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
496 | 497 | ||
497 | compat_datafellows(remote_version); | 498 | compat_datafellows(remote_version); |
498 | 499 | ||
499 | if (datafellows & SSH_BUG_PROBE) { | 500 | if ((datafellows & SSH_BUG_PROBE) != 0) { |
500 | logit("probed from %s with %s. Don't panic.", | 501 | logit("probed from %s with %s. Don't panic.", |
501 | get_remote_ipaddr(), client_version_string); | 502 | get_remote_ipaddr(), client_version_string); |
502 | cleanup_exit(255); | 503 | cleanup_exit(255); |
503 | } | 504 | } |
504 | 505 | if ((datafellows & SSH_BUG_SCANNER) != 0) { | |
505 | if (datafellows & SSH_BUG_SCANNER) { | ||
506 | logit("scanned from %s with %s. Don't panic.", | 506 | logit("scanned from %s with %s. Don't panic.", |
507 | get_remote_ipaddr(), client_version_string); | 507 | get_remote_ipaddr(), client_version_string); |
508 | cleanup_exit(255); | 508 | cleanup_exit(255); |
509 | } | 509 | } |
510 | if ((datafellows & SSH_BUG_RSASIGMD5) != 0) { | ||
511 | logit("Client version \"%.100s\" uses unsafe RSA signature " | ||
512 | "scheme; disabling use of RSA keys", remote_version); | ||
513 | } | ||
514 | if ((datafellows & SSH_BUG_DERIVEKEY) != 0) { | ||
515 | fatal("Client version \"%.100s\" uses unsafe key agreement; " | ||
516 | "refusing connection", remote_version); | ||
517 | } | ||
510 | 518 | ||
511 | mismatch = 0; | 519 | mismatch = 0; |
512 | switch (remote_major) { | 520 | switch (remote_major) { |
@@ -618,6 +626,7 @@ privsep_preauth_child(void) | |||
618 | arc4random_stir(); | 626 | arc4random_stir(); |
619 | arc4random_buf(rnd, sizeof(rnd)); | 627 | arc4random_buf(rnd, sizeof(rnd)); |
620 | RAND_seed(rnd, sizeof(rnd)); | 628 | RAND_seed(rnd, sizeof(rnd)); |
629 | bzero(rnd, sizeof(rnd)); | ||
621 | 630 | ||
622 | /* Demote the private keys to public keys. */ | 631 | /* Demote the private keys to public keys. */ |
623 | demote_sensitive_data(); | 632 | demote_sensitive_data(); |
@@ -656,7 +665,7 @@ privsep_preauth(Authctxt *authctxt) | |||
656 | pmonitor->m_pkex = &xxx_kex; | 665 | pmonitor->m_pkex = &xxx_kex; |
657 | 666 | ||
658 | if (use_privsep == PRIVSEP_ON) | 667 | if (use_privsep == PRIVSEP_ON) |
659 | box = ssh_sandbox_init(); | 668 | box = ssh_sandbox_init(pmonitor); |
660 | pid = fork(); | 669 | pid = fork(); |
661 | if (pid == -1) { | 670 | if (pid == -1) { |
662 | fatal("fork of unprivileged child failed"); | 671 | fatal("fork of unprivileged child failed"); |
@@ -752,6 +761,7 @@ privsep_postauth(Authctxt *authctxt) | |||
752 | arc4random_stir(); | 761 | arc4random_stir(); |
753 | arc4random_buf(rnd, sizeof(rnd)); | 762 | arc4random_buf(rnd, sizeof(rnd)); |
754 | RAND_seed(rnd, sizeof(rnd)); | 763 | RAND_seed(rnd, sizeof(rnd)); |
764 | bzero(rnd, sizeof(rnd)); | ||
755 | 765 | ||
756 | /* Drop privileges */ | 766 | /* Drop privileges */ |
757 | do_setusercontext(authctxt->pw, authctxt->role); | 767 | do_setusercontext(authctxt->pw, authctxt->role); |
@@ -787,6 +797,7 @@ list_hostkey_types(void) | |||
787 | case KEY_RSA: | 797 | case KEY_RSA: |
788 | case KEY_DSA: | 798 | case KEY_DSA: |
789 | case KEY_ECDSA: | 799 | case KEY_ECDSA: |
800 | case KEY_ED25519: | ||
790 | if (buffer_len(&b) > 0) | 801 | if (buffer_len(&b) > 0) |
791 | buffer_append(&b, ",", 1); | 802 | buffer_append(&b, ",", 1); |
792 | p = key_ssh_name(key); | 803 | p = key_ssh_name(key); |
@@ -803,6 +814,7 @@ list_hostkey_types(void) | |||
803 | case KEY_RSA_CERT: | 814 | case KEY_RSA_CERT: |
804 | case KEY_DSA_CERT: | 815 | case KEY_DSA_CERT: |
805 | case KEY_ECDSA_CERT: | 816 | case KEY_ECDSA_CERT: |
817 | case KEY_ED25519_CERT: | ||
806 | if (buffer_len(&b) > 0) | 818 | if (buffer_len(&b) > 0) |
807 | buffer_append(&b, ",", 1); | 819 | buffer_append(&b, ",", 1); |
808 | p = key_ssh_name(key); | 820 | p = key_ssh_name(key); |
@@ -830,6 +842,7 @@ get_hostkey_by_type(int type, int need_private) | |||
830 | case KEY_RSA_CERT: | 842 | case KEY_RSA_CERT: |
831 | case KEY_DSA_CERT: | 843 | case KEY_DSA_CERT: |
832 | case KEY_ECDSA_CERT: | 844 | case KEY_ECDSA_CERT: |
845 | case KEY_ED25519_CERT: | ||
833 | key = sensitive_data.host_certificates[i]; | 846 | key = sensitive_data.host_certificates[i]; |
834 | break; | 847 | break; |
835 | default: | 848 | default: |
@@ -1144,6 +1157,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1144 | struct sockaddr_storage from; | 1157 | struct sockaddr_storage from; |
1145 | socklen_t fromlen; | 1158 | socklen_t fromlen; |
1146 | pid_t pid; | 1159 | pid_t pid; |
1160 | u_char rnd[256]; | ||
1147 | 1161 | ||
1148 | /* setup fd set for accept */ | 1162 | /* setup fd set for accept */ |
1149 | fdset = NULL; | 1163 | fdset = NULL; |
@@ -1344,6 +1358,9 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1344 | * from that of the child | 1358 | * from that of the child |
1345 | */ | 1359 | */ |
1346 | arc4random_stir(); | 1360 | arc4random_stir(); |
1361 | arc4random_buf(rnd, sizeof(rnd)); | ||
1362 | RAND_seed(rnd, sizeof(rnd)); | ||
1363 | bzero(rnd, sizeof(rnd)); | ||
1347 | } | 1364 | } |
1348 | 1365 | ||
1349 | /* child process check (or debug mode) */ | 1366 | /* child process check (or debug mode) */ |
@@ -1698,6 +1715,7 @@ main(int ac, char **av) | |||
1698 | case KEY_RSA: | 1715 | case KEY_RSA: |
1699 | case KEY_DSA: | 1716 | case KEY_DSA: |
1700 | case KEY_ECDSA: | 1717 | case KEY_ECDSA: |
1718 | case KEY_ED25519: | ||
1701 | sensitive_data.have_ssh2_key = 1; | 1719 | sensitive_data.have_ssh2_key = 1; |
1702 | break; | 1720 | break; |
1703 | } | 1721 | } |
@@ -1867,9 +1885,6 @@ main(int ac, char **av) | |||
1867 | /* Reinitialize the log (because of the fork above). */ | 1885 | /* Reinitialize the log (because of the fork above). */ |
1868 | log_init(__progname, options.log_level, options.log_facility, log_stderr); | 1886 | log_init(__progname, options.log_level, options.log_facility, log_stderr); |
1869 | 1887 | ||
1870 | /* Initialize the random number generator. */ | ||
1871 | arc4random_stir(); | ||
1872 | |||
1873 | /* Chdir to the root directory so that the current disk can be | 1888 | /* Chdir to the root directory so that the current disk can be |
1874 | unmounted if desired. */ | 1889 | unmounted if desired. */ |
1875 | if (chdir("/") == -1) | 1890 | if (chdir("/") == -1) |
@@ -1945,13 +1960,14 @@ main(int ac, char **av) | |||
1945 | dup2(STDIN_FILENO, STDOUT_FILENO); | 1960 | dup2(STDIN_FILENO, STDOUT_FILENO); |
1946 | if (startup_pipe == -1) | 1961 | if (startup_pipe == -1) |
1947 | close(REEXEC_STARTUP_PIPE_FD); | 1962 | close(REEXEC_STARTUP_PIPE_FD); |
1948 | else | 1963 | else if (startup_pipe != REEXEC_STARTUP_PIPE_FD) { |
1949 | dup2(startup_pipe, REEXEC_STARTUP_PIPE_FD); | 1964 | dup2(startup_pipe, REEXEC_STARTUP_PIPE_FD); |
1965 | close(startup_pipe); | ||
1966 | startup_pipe = REEXEC_STARTUP_PIPE_FD; | ||
1967 | } | ||
1950 | 1968 | ||
1951 | dup2(config_s[1], REEXEC_CONFIG_PASS_FD); | 1969 | dup2(config_s[1], REEXEC_CONFIG_PASS_FD); |
1952 | close(config_s[1]); | 1970 | close(config_s[1]); |
1953 | if (startup_pipe != -1) | ||
1954 | close(startup_pipe); | ||
1955 | 1971 | ||
1956 | execv(rexec_argv[0], rexec_argv); | 1972 | execv(rexec_argv[0], rexec_argv); |
1957 | 1973 | ||
@@ -1962,8 +1978,6 @@ main(int ac, char **av) | |||
1962 | options.log_facility, log_stderr); | 1978 | options.log_facility, log_stderr); |
1963 | 1979 | ||
1964 | /* Clean up fds */ | 1980 | /* Clean up fds */ |
1965 | startup_pipe = REEXEC_STARTUP_PIPE_FD; | ||
1966 | close(config_s[1]); | ||
1967 | close(REEXEC_CONFIG_PASS_FD); | 1981 | close(REEXEC_CONFIG_PASS_FD); |
1968 | newsock = sock_out = sock_in = dup(STDIN_FILENO); | 1982 | newsock = sock_out = sock_in = dup(STDIN_FILENO); |
1969 | if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { | 1983 | if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { |
@@ -2045,7 +2059,9 @@ main(int ac, char **av) | |||
2045 | #endif /* LIBWRAP */ | 2059 | #endif /* LIBWRAP */ |
2046 | 2060 | ||
2047 | /* Log the connection. */ | 2061 | /* Log the connection. */ |
2048 | verbose("Connection from %.500s port %d", remote_ip, remote_port); | 2062 | verbose("Connection from %s port %d on %s port %d", |
2063 | remote_ip, remote_port, | ||
2064 | get_local_ipaddr(sock_in), get_local_port()); | ||
2049 | 2065 | ||
2050 | #ifdef USE_SECURITY_SESSION_API | 2066 | #ifdef USE_SECURITY_SESSION_API |
2051 | /* | 2067 | /* |
@@ -2503,7 +2519,8 @@ do_ssh2_kex(void) | |||
2503 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, | 2519 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, |
2504 | (time_t)options.rekey_interval); | 2520 | (time_t)options.rekey_interval); |
2505 | 2521 | ||
2506 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); | 2522 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( |
2523 | list_hostkey_types()); | ||
2507 | 2524 | ||
2508 | #ifdef GSSAPI | 2525 | #ifdef GSSAPI |
2509 | { | 2526 | { |
@@ -2554,6 +2571,7 @@ do_ssh2_kex(void) | |||
2554 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2571 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2555 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2572 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2556 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 2573 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
2574 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | ||
2557 | #ifdef GSSAPI | 2575 | #ifdef GSSAPI |
2558 | if (options.gss_keyex) { | 2576 | if (options.gss_keyex) { |
2559 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 2577 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |