From 5f4082d886c6173b9e90b9768c9a38a3bfd92c2b Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Tue, 30 May 2017 14:18:15 +0000 Subject: upstream commit sshd: pass struct ssh to auth functions; ok djm@ Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488 --- auth2-gss.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'auth2-gss.c') diff --git a/auth2-gss.c b/auth2-gss.c index 1ca835773..5bfcb9b46 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.23 2017/05/30 14:18:15 markus Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -129,7 +129,8 @@ userauth_gssapi(Authctxt *authctxt) static int input_gssapi_token(int type, u_int32_t plen, void *ctxt) { - Authctxt *authctxt = ctxt; + struct ssh *ssh = ctxt; + Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; gss_buffer_desc recv_tok; @@ -184,7 +185,8 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt) static int input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) { - Authctxt *authctxt = ctxt; + struct ssh *ssh = ctxt; + Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; gss_buffer_desc recv_tok; @@ -225,7 +227,8 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt) { - Authctxt *authctxt = ctxt; + struct ssh *ssh = ctxt; + Authctxt *authctxt = ssh->authctxt; int authenticated; if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) @@ -252,7 +255,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt) static int input_gssapi_mic(int type, u_int32_t plen, void *ctxt) { - Authctxt *authctxt = ctxt; + struct ssh *ssh = ctxt; + Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; int authenticated = 0; Buffer b; -- cgit v1.2.3 From 2ae666a8fc20b3b871b2f1b90ad65cc027336ccd Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Tue, 30 May 2017 14:23:52 +0000 Subject: upstream commit protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d --- auth2-chall.c | 7 +++--- auth2-gss.c | 22 ++++++++---------- auth2.c | 12 +++++----- channels.c | 37 +++++++++++++++--------------- channels.h | 22 +++++++++--------- clientloop.c | 12 +++++----- dispatch.c | 7 +++--- dispatch.h | 8 +++---- kex.c | 16 +++++-------- kex.h | 6 ++--- kexdhc.c | 7 +++--- kexdhs.c | 7 +++--- kexecdhc.c | 7 +++--- kexecdhs.c | 7 +++--- kexgexc.c | 12 +++++----- kexgexs.c | 12 +++++----- serverloop.c | 10 ++++----- sshconnect2.c | 72 +++++++++++++++++++++++++---------------------------------- 18 files changed, 127 insertions(+), 156 deletions(-) (limited to 'auth2-gss.c') diff --git a/auth2-chall.c b/auth2-chall.c index 80f212287..954eb4e18 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.46 2017/05/30 14:18:15 markus Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.47 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -49,7 +49,7 @@ extern ServerOptions options; static int auth2_challenge_start(Authctxt *); static int send_userauth_info_request(Authctxt *); -static int input_userauth_info_response(int, u_int32_t, void *); +static int input_userauth_info_response(int, u_int32_t, struct ssh *); #ifdef BSD_AUTH extern KbdintDevice bsdauth_device; @@ -285,9 +285,8 @@ send_userauth_info_request(Authctxt *authctxt) } static int -input_userauth_info_response(int type, u_int32_t seq, void *ctxt) +input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; KbdintAuthctxt *kbdintctxt; int authenticated = 0, res; diff --git a/auth2-gss.c b/auth2-gss.c index 5bfcb9b46..a762747d6 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.23 2017/05/30 14:18:15 markus Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.24 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -48,10 +48,10 @@ extern ServerOptions options; -static int input_gssapi_token(int type, u_int32_t plen, void *ctxt); -static int input_gssapi_mic(int type, u_int32_t plen, void *ctxt); -static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt); -static int input_gssapi_errtok(int, u_int32_t, void *); +static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh); +static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); +static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); +static int input_gssapi_errtok(int, u_int32_t, struct ssh *); /* * We only support those mechanisms that we know about (ie ones that we know @@ -127,9 +127,8 @@ userauth_gssapi(Authctxt *authctxt) } static int -input_gssapi_token(int type, u_int32_t plen, void *ctxt) +input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; @@ -183,9 +182,8 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt) } static int -input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) +input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; @@ -225,9 +223,8 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) */ static int -input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt) +input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; int authenticated; @@ -253,9 +250,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt) } static int -input_gssapi_mic(int type, u_int32_t plen, void *ctxt) +input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; int authenticated = 0; diff --git a/auth2.c b/auth2.c index 13ff95eac..cfbf9d250 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.138 2017/05/30 14:18:15 markus Exp $ */ +/* $OpenBSD: auth2.c,v 1.139 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -87,8 +87,8 @@ Authmethod *authmethods[] = { /* protocol */ -static int input_service_request(int, u_int32_t, void *); -static int input_userauth_request(int, u_int32_t, void *); +static int input_service_request(int, u_int32_t, struct ssh *); +static int input_userauth_request(int, u_int32_t, struct ssh *); /* helper */ static Authmethod *authmethod_lookup(Authctxt *, const char *); @@ -178,9 +178,8 @@ do_authentication2(Authctxt *authctxt) /*ARGSUSED*/ static int -input_service_request(int type, u_int32_t seq, void *ctxt) +input_service_request(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; u_int len; int acceptit = 0; @@ -214,9 +213,8 @@ input_service_request(int type, u_int32_t seq, void *ctxt) /*ARGSUSED*/ static int -input_userauth_request(int type, u_int32_t seq, void *ctxt) +input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; Authmethod *m = NULL; char *user, *service, *method, *style = NULL; diff --git a/channels.c b/channels.c index e7de370d4..d118d8ff7 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.362 2017/05/30 08:49:58 markus Exp $ */ +/* $OpenBSD: channels.c,v 1.363 2017/05/30 14:23:52 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2394,9 +2394,8 @@ channel_proxy_downstream(Channel *downstream) * replaces local (proxy) channel ID with downstream channel ID. */ int -channel_proxy_upstream(Channel *c, int type, u_int32_t seq, void *ctxt) +channel_proxy_upstream(Channel *c, int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = active_state; struct sshbuf *b = NULL; Channel *downstream; const u_char *cp = NULL; @@ -2476,7 +2475,7 @@ channel_proxy_upstream(Channel *c, int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -channel_input_data(int type, u_int32_t seq, void *ctxt) +channel_input_data(int type, u_int32_t seq, struct ssh *ssh) { int id; const u_char *data; @@ -2488,7 +2487,7 @@ channel_input_data(int type, u_int32_t seq, void *ctxt) c = channel_lookup(id); if (c == NULL) packet_disconnect("Received data for nonexistent channel %d.", id); - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; /* Ignore any data for non-open channels (might happen on close) */ @@ -2536,7 +2535,7 @@ channel_input_data(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -channel_input_extended_data(int type, u_int32_t seq, void *ctxt) +channel_input_extended_data(int type, u_int32_t seq, struct ssh *ssh) { int id; char *data; @@ -2549,7 +2548,7 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt) if (c == NULL) packet_disconnect("Received extended_data for bad channel %d.", id); - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; if (c->type != SSH_CHANNEL_OPEN) { logit("channel %d: ext data for non open", id); @@ -2586,7 +2585,7 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -channel_input_ieof(int type, u_int32_t seq, void *ctxt) +channel_input_ieof(int type, u_int32_t seq, struct ssh *ssh) { int id; Channel *c; @@ -2596,7 +2595,7 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt) c = channel_lookup(id); if (c == NULL) packet_disconnect("Received ieof for nonexistent channel %d.", id); - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; chan_rcvd_ieof(c); @@ -2612,14 +2611,14 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -channel_input_oclose(int type, u_int32_t seq, void *ctxt) +channel_input_oclose(int type, u_int32_t seq, struct ssh *ssh) { int id = packet_get_int(); Channel *c = channel_lookup(id); if (c == NULL) packet_disconnect("Received oclose for nonexistent channel %d.", id); - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; packet_check_eom(); chan_rcvd_oclose(c); @@ -2628,7 +2627,7 @@ channel_input_oclose(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) +channel_input_open_confirmation(int type, u_int32_t seq, struct ssh *ssh) { int id, remote_id; Channel *c; @@ -2639,7 +2638,7 @@ channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) if (c==NULL) packet_disconnect("Received open confirmation for " "unknown channel %d.", id); - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; if (c->type != SSH_CHANNEL_OPENING) packet_disconnect("Received open confirmation for " @@ -2680,7 +2679,7 @@ reason2txt(int reason) /* ARGSUSED */ int -channel_input_open_failure(int type, u_int32_t seq, void *ctxt) +channel_input_open_failure(int type, u_int32_t seq, struct ssh *ssh) { int id, reason; char *msg = NULL, *lang = NULL; @@ -2692,7 +2691,7 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt) if (c==NULL) packet_disconnect("Received open failure for " "unknown channel %d.", id); - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; if (c->type != SSH_CHANNEL_OPENING) packet_disconnect("Received open failure for " @@ -2719,7 +2718,7 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) +channel_input_window_adjust(int type, u_int32_t seq, struct ssh *ssh) { Channel *c; int id; @@ -2733,7 +2732,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) logit("Received window adjust for non-open channel %d.", id); return 0; } - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; adjust = packet_get_int(); packet_check_eom(); @@ -2747,7 +2746,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) +channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh) { Channel *c; struct channel_confirm *cc; @@ -2763,7 +2762,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) logit("channel_input_status_confirm: %d: unknown", id); return 0; } - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; packet_check_eom(); if ((cc = TAILQ_FIRST(&c->status_confirms)) == NULL) diff --git a/channels.h b/channels.h index fa38a4e71..36e5363aa 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.125 2017/05/26 19:35:50 markus Exp $ */ +/* $OpenBSD: channels.h,v 1.126 2017/05/30 14:23:52 markus Exp $ */ /* * Author: Tatu Ylonen @@ -61,6 +61,7 @@ #define CHANNEL_CANCEL_PORT_STATIC -1 +struct ssh; struct Channel; typedef struct Channel Channel; @@ -232,18 +233,19 @@ void channel_send_window_changes(void); /* mux proxy support */ int channel_proxy_downstream(Channel *mc); -int channel_proxy_upstream(Channel *, int, u_int32_t, void *); +int channel_proxy_upstream(Channel *, int, u_int32_t, struct ssh *); /* protocol handler */ -int channel_input_data(int, u_int32_t, void *); -int channel_input_extended_data(int, u_int32_t, void *); -int channel_input_ieof(int, u_int32_t, void *); -int channel_input_oclose(int, u_int32_t, void *); -int channel_input_open_confirmation(int, u_int32_t, void *); -int channel_input_open_failure(int, u_int32_t, void *); -int channel_input_window_adjust(int, u_int32_t, void *); -int channel_input_status_confirm(int, u_int32_t, void *); +int channel_input_data(int, u_int32_t, struct ssh *); +int channel_input_extended_data(int, u_int32_t, struct ssh *); +int channel_input_ieof(int, u_int32_t, struct ssh *); +int channel_input_oclose(int, u_int32_t, struct ssh *); +int channel_input_open_confirmation(int, u_int32_t, struct ssh *); +int channel_input_open_failure(int, u_int32_t, struct ssh *); +int channel_input_port_open(int, u_int32_t, struct ssh *); +int channel_input_window_adjust(int, u_int32_t, struct ssh *); +int channel_input_status_confirm(int, u_int32_t, struct ssh *); /* file descriptor handling (read/write) */ diff --git a/clientloop.c b/clientloop.c index 367b682ff..0020637e8 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.296 2017/05/03 21:08:09 naddy Exp $ */ +/* $OpenBSD: clientloop.c,v 1.297 2017/05/30 14:23:52 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -459,7 +459,7 @@ client_check_window_change(void) } static int -client_global_request_reply(int type, u_int32_t seq, void *ctxt) +client_global_request_reply(int type, u_int32_t seq, struct ssh *ssh) { struct global_confirm *gc; @@ -1642,7 +1642,7 @@ client_request_tun_fwd(int tun_mode, int local_tun, int remote_tun) /* XXXX move to generic input handler */ static int -client_input_channel_open(int type, u_int32_t seq, void *ctxt) +client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) { Channel *c = NULL; char *ctype; @@ -1698,7 +1698,7 @@ client_input_channel_open(int type, u_int32_t seq, void *ctxt) } static int -client_input_channel_req(int type, u_int32_t seq, void *ctxt) +client_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) { Channel *c = NULL; int exitval, id, reply, success = 0; @@ -1706,7 +1706,7 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt) id = packet_get_int(); c = channel_lookup(id); - if (channel_proxy_upstream(c, type, seq, ctxt)) + if (channel_proxy_upstream(c, type, seq, ssh)) return 0; rtype = packet_get_string(NULL); reply = packet_get_char(); @@ -2136,7 +2136,7 @@ client_input_hostkeys(void) } static int -client_input_global_request(int type, u_int32_t seq, void *ctxt) +client_input_global_request(int type, u_int32_t seq, struct ssh *ssh) { char *rtype; int want_reply; diff --git a/dispatch.c b/dispatch.c index 7ef9a38c7..5b2fc41ca 100644 --- a/dispatch.c +++ b/dispatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.c,v 1.29 2017/04/30 23:28:42 djm Exp $ */ +/* $OpenBSD: dispatch.c,v 1.30 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -38,9 +38,8 @@ #include "ssherr.h" int -dispatch_protocol_error(int type, u_int32_t seq, void *ctx) +dispatch_protocol_error(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = active_state; /* XXX */ int r; logit("dispatch_protocol_error: type %d seq %u", type, seq); @@ -53,7 +52,7 @@ dispatch_protocol_error(int type, u_int32_t seq, void *ctx) } int -dispatch_protocol_ignore(int type, u_int32_t seq, void *ssh) +dispatch_protocol_ignore(int type, u_int32_t seq, struct ssh *ssh) { logit("dispatch_protocol_ignore: type %d seq %u", type, seq); return 0; diff --git a/dispatch.h b/dispatch.h index cd51dbc0b..7dfc74ee3 100644 --- a/dispatch.h +++ b/dispatch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.h,v 1.12 2015/01/19 20:07:45 markus Exp $ */ +/* $OpenBSD: dispatch.h,v 1.13 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -36,10 +36,10 @@ enum { struct ssh; -typedef int dispatch_fn(int, u_int32_t, void *); +typedef int dispatch_fn(int, u_int32_t, struct ssh *); -int dispatch_protocol_error(int, u_int32_t, void *); -int dispatch_protocol_ignore(int, u_int32_t, void *); +int dispatch_protocol_error(int, u_int32_t, struct ssh *); +int dispatch_protocol_ignore(int, u_int32_t, struct ssh *); void ssh_dispatch_init(struct ssh *, dispatch_fn *); void ssh_dispatch_set(struct ssh *, int, dispatch_fn *); void ssh_dispatch_range(struct ssh *, u_int, u_int, dispatch_fn *); diff --git a/kex.c b/kex.c index 9a40759c1..cf44fbc04 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.132 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.133 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -56,7 +56,7 @@ /* prototype */ static int kex_choose_conf(struct ssh *); -static int kex_input_newkeys(int, u_int32_t, void *); +static int kex_input_newkeys(int, u_int32_t, struct ssh *); static const char *proposal_names[PROPOSAL_MAX] = { "KEX algorithms", @@ -315,9 +315,8 @@ kex_prop_free(char **proposal) /* ARGSUSED */ static int -kex_protocol_error(int type, u_int32_t seq, void *ctxt) +kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = active_state; /* XXX */ int r; error("kex protocol error: type %d seq %u", type, seq); @@ -375,9 +374,8 @@ kex_send_newkeys(struct ssh *ssh) } int -kex_input_ext_info(int type, u_int32_t seq, void *ctxt) +kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; u_int32_t i, ninfo; char *name, *val, *found; @@ -414,9 +412,8 @@ kex_input_ext_info(int type, u_int32_t seq, void *ctxt) } static int -kex_input_newkeys(int type, u_int32_t seq, void *ctxt) +kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; int r; @@ -467,9 +464,8 @@ kex_send_kexinit(struct ssh *ssh) /* ARGSUSED */ int -kex_input_kexinit(int type, u_int32_t seq, void *ctxt) +kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; const u_char *ptr; u_int i; diff --git a/kex.h b/kex.h index 13b22351f..01bb3986a 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.82 2017/05/03 21:08:09 naddy Exp $ */ +/* $OpenBSD: kex.h,v 1.83 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -181,8 +181,8 @@ int kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]); void kex_prop_free(char **); int kex_send_kexinit(struct ssh *); -int kex_input_kexinit(int, u_int32_t, void *); -int kex_input_ext_info(int, u_int32_t, void *); +int kex_input_kexinit(int, u_int32_t, struct ssh *); +int kex_input_ext_info(int, u_int32_t, struct ssh *); int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); int kex_derive_keys_bn(struct ssh *, u_char *, u_int, const BIGNUM *); int kex_send_newkeys(struct ssh *); diff --git a/kexdhc.c b/kexdhc.c index ad3975f09..9864ee2ec 100644 --- a/kexdhc.c +++ b/kexdhc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhc.c,v 1.19 2016/05/02 10:26:04 djm Exp $ */ +/* $OpenBSD: kexdhc.c,v 1.20 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -49,7 +49,7 @@ #include "ssherr.h" #include "sshbuf.h" -static int input_kex_dh(int, u_int32_t, void *); +static int input_kex_dh(int, u_int32_t, struct ssh *); int kexdh_client(struct ssh *ssh) @@ -100,9 +100,8 @@ kexdh_client(struct ssh *ssh) } static int -input_kex_dh(int type, u_int32_t seq, void *ctxt) +input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; struct sshkey *server_host_key = NULL; diff --git a/kexdhs.c b/kexdhs.c index 108f66427..81ce56d7a 100644 --- a/kexdhs.c +++ b/kexdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhs.c,v 1.24 2016/05/02 10:26:04 djm Exp $ */ +/* $OpenBSD: kexdhs.c,v 1.25 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -49,7 +49,7 @@ #include "ssherr.h" #include "sshbuf.h" -static int input_kex_dh_init(int, u_int32_t, void *); +static int input_kex_dh_init(int, u_int32_t, struct ssh *); int kexdh_server(struct ssh *ssh) @@ -91,9 +91,8 @@ kexdh_server(struct ssh *ssh) } int -input_kex_dh_init(int type, u_int32_t seq, void *ctxt) +input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; struct sshkey *server_host_public, *server_host_private; diff --git a/kexecdhc.c b/kexecdhc.c index 90220ce82..d8a8b660f 100644 --- a/kexecdhc.c +++ b/kexecdhc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdhc.c,v 1.10 2015/01/26 06:10:03 djm Exp $ */ +/* $OpenBSD: kexecdhc.c,v 1.11 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -49,7 +49,7 @@ #include "ssherr.h" #include "sshbuf.h" -static int input_kex_ecdh_reply(int, u_int32_t, void *); +static int input_kex_ecdh_reply(int, u_int32_t, struct ssh *); int kexecdh_client(struct ssh *ssh) @@ -95,9 +95,8 @@ kexecdh_client(struct ssh *ssh) } static int -input_kex_ecdh_reply(int type, u_int32_t seq, void *ctxt) +input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; const EC_GROUP *group; EC_POINT *server_public = NULL; diff --git a/kexecdhs.c b/kexecdhs.c index ccdbf70b1..dc24a3af6 100644 --- a/kexecdhs.c +++ b/kexecdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdhs.c,v 1.15 2015/12/04 16:41:28 markus Exp $ */ +/* $OpenBSD: kexecdhs.c,v 1.16 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -47,7 +47,7 @@ #include "ssherr.h" #include "sshbuf.h" -static int input_kex_ecdh_init(int, u_int32_t, void *); +static int input_kex_ecdh_init(int, u_int32_t, struct ssh *); int kexecdh_server(struct ssh *ssh) @@ -58,9 +58,8 @@ kexecdh_server(struct ssh *ssh) } static int -input_kex_ecdh_init(int type, u_int32_t seq, void *ctxt) +input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; EC_POINT *client_public; EC_KEY *server_key = NULL; diff --git a/kexgexc.c b/kexgexc.c index b881c4e97..cd1128752 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexc.c,v 1.24 2017/05/16 16:56:15 djm Exp $ */ +/* $OpenBSD: kexgexc.c,v 1.25 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -51,8 +51,8 @@ #include "sshbuf.h" #include "misc.h" -static int input_kex_dh_gex_group(int, u_int32_t, void *); -static int input_kex_dh_gex_reply(int, u_int32_t, void *); +static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); +static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); int kexgex_client(struct ssh *ssh) @@ -89,9 +89,8 @@ kexgex_client(struct ssh *ssh) } static int -input_kex_dh_gex_group(int type, u_int32_t seq, void *ctxt) +input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; BIGNUM *p = NULL, *g = NULL; int r, bits; @@ -143,9 +142,8 @@ out: } static int -input_kex_dh_gex_reply(int type, u_int32_t seq, void *ctxt) +input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; struct sshkey *server_host_key = NULL; diff --git a/kexgexs.c b/kexgexs.c index 449603592..c5dd00578 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.30 2016/09/12 01:22:38 deraadt Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.31 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -54,8 +54,8 @@ #include "sshbuf.h" #include "misc.h" -static int input_kex_dh_gex_request(int, u_int32_t, void *); -static int input_kex_dh_gex_init(int, u_int32_t, void *); +static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); +static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); int kexgex_server(struct ssh *ssh) @@ -67,9 +67,8 @@ kexgex_server(struct ssh *ssh) } static int -input_kex_dh_gex_request(int type, u_int32_t seq, void *ctxt) +input_kex_dh_gex_request(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; int r; u_int min = 0, max = 0, nbits = 0; @@ -120,9 +119,8 @@ input_kex_dh_gex_request(int type, u_int32_t seq, void *ctxt) } static int -input_kex_dh_gex_init(int type, u_int32_t seq, void *ctxt) +input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; struct kex *kex = ssh->kex; BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; struct sshkey *server_host_public, *server_host_private; diff --git a/serverloop.c b/serverloop.c index 2976f5594..ea07eef23 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.191 2017/02/01 02:59:09 dtucker Exp $ */ +/* $OpenBSD: serverloop.c,v 1.192 2017/05/30 14:23:52 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -417,7 +417,7 @@ server_loop2(Authctxt *authctxt) } static int -server_input_keep_alive(int type, u_int32_t seq, void *ctxt) +server_input_keep_alive(int type, u_int32_t seq, struct ssh *ssh) { debug("Got %d/%u for keepalive", type, seq); /* @@ -579,7 +579,7 @@ server_request_session(void) } static int -server_input_channel_open(int type, u_int32_t seq, void *ctxt) +server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) { Channel *c = NULL; char *ctype; @@ -703,7 +703,7 @@ server_input_hostkeys_prove(struct sshbuf **respp) } static int -server_input_global_request(int type, u_int32_t seq, void *ctxt) +server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) { char *rtype; int want_reply; @@ -810,7 +810,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) } static int -server_input_channel_req(int type, u_int32_t seq, void *ctxt) +server_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) { Channel *c; int id, reply, success = 0; diff --git a/sshconnect2.c b/sshconnect2.c index affc5667f..dab905b58 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.260 2017/05/30 14:19:15 markus Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.261 2017/05/30 14:23:52 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -287,16 +287,16 @@ struct cauthmethod { int *batch_flag; /* flag in option struct that disables method */ }; -int input_userauth_service_accept(int, u_int32_t, void *); -int input_userauth_ext_info(int, u_int32_t, void *); -int input_userauth_success(int, u_int32_t, void *); -int input_userauth_success_unexpected(int, u_int32_t, void *); -int input_userauth_failure(int, u_int32_t, void *); -int input_userauth_banner(int, u_int32_t, void *); -int input_userauth_error(int, u_int32_t, void *); -int input_userauth_info_req(int, u_int32_t, void *); -int input_userauth_pk_ok(int, u_int32_t, void *); -int input_userauth_passwd_changereq(int, u_int32_t, void *); +int input_userauth_service_accept(int, u_int32_t, struct ssh *); +int input_userauth_ext_info(int, u_int32_t, struct ssh *); +int input_userauth_success(int, u_int32_t, struct ssh *); +int input_userauth_success_unexpected(int, u_int32_t, struct ssh *); +int input_userauth_failure(int, u_int32_t, struct ssh *); +int input_userauth_banner(int, u_int32_t, struct ssh *); +int input_userauth_error(int, u_int32_t, struct ssh *); +int input_userauth_info_req(int, u_int32_t, struct ssh *); +int input_userauth_pk_ok(int, u_int32_t, struct ssh *); +int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *); int userauth_none(Authctxt *); int userauth_pubkey(Authctxt *); @@ -306,11 +306,11 @@ int userauth_hostbased(Authctxt *); #ifdef GSSAPI int userauth_gssapi(Authctxt *authctxt); -int input_gssapi_response(int type, u_int32_t, void *); -int input_gssapi_token(int type, u_int32_t, void *); -int input_gssapi_hash(int type, u_int32_t, void *); -int input_gssapi_error(int, u_int32_t, void *); -int input_gssapi_errtok(int, u_int32_t, void *); +int input_gssapi_response(int type, u_int32_t, struct ssh *); +int input_gssapi_token(int type, u_int32_t, struct ssh *); +int input_gssapi_hash(int type, u_int32_t, struct ssh *); +int input_gssapi_error(int, u_int32_t, struct ssh *); +int input_gssapi_errtok(int, u_int32_t, struct ssh *); #endif void userauth(Authctxt *, char *); @@ -414,9 +414,8 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, /* ARGSUSED */ int -input_userauth_service_accept(int type, u_int32_t seqnr, void *ctxt) +input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; int r; @@ -448,9 +447,9 @@ input_userauth_service_accept(int type, u_int32_t seqnr, void *ctxt) /* ARGSUSED */ int -input_userauth_ext_info(int type, u_int32_t seqnr, void *ctxt) +input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh) { - return kex_input_ext_info(type, seqnr, ctxt); + return kex_input_ext_info(type, seqnr, ssh); } void @@ -490,7 +489,7 @@ userauth(Authctxt *authctxt, char *authlist) /* ARGSUSED */ int -input_userauth_error(int type, u_int32_t seq, void *ctxt) +input_userauth_error(int type, u_int32_t seq, struct ssh *ssh) { fatal("input_userauth_error: bad message during authentication: " "type %d", type); @@ -499,7 +498,7 @@ input_userauth_error(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -input_userauth_banner(int type, u_int32_t seq, void *ctxt) +input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh) { char *msg, *lang; u_int len; @@ -516,9 +515,8 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -input_userauth_success(int type, u_int32_t seq, void *ctxt) +input_userauth_success(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; if (authctxt == NULL) @@ -534,9 +532,8 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt) } int -input_userauth_success_unexpected(int type, u_int32_t seq, void *ctxt) +input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; if (authctxt == NULL) @@ -549,9 +546,8 @@ input_userauth_success_unexpected(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -input_userauth_failure(int type, u_int32_t seq, void *ctxt) +input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; char *authlist = NULL; int partial; @@ -576,9 +572,8 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt) /* ARGSUSED */ int -input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) +input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; struct sshkey *key = NULL; Identity *id = NULL; @@ -764,9 +759,8 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok) /* ARGSUSED */ int -input_gssapi_response(int type, u_int32_t plen, void *ctxt) +input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; int oidlen; @@ -806,9 +800,8 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) /* ARGSUSED */ int -input_gssapi_token(int type, u_int32_t plen, void *ctxt) +input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; gss_buffer_desc recv_tok; OM_uint32 status; @@ -836,9 +829,8 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt) /* ARGSUSED */ int -input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) +input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; @@ -868,7 +860,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) /* ARGSUSED */ int -input_gssapi_error(int type, u_int32_t plen, void *ctxt) +input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) { char *msg; char *lang; @@ -939,9 +931,8 @@ userauth_passwd(Authctxt *authctxt) */ /* ARGSUSED */ int -input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) +input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; char *info, *lang, *password = NULL, *retype = NULL; char prompt[150]; @@ -1570,9 +1561,8 @@ userauth_kbdint(Authctxt *authctxt) * parse INFO_REQUEST, prompt user and send INFO_RESPONSE */ int -input_userauth_info_req(int type, u_int32_t seq, void *ctxt) +input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) { - struct ssh *ssh = ctxt; Authctxt *authctxt = ssh->authctxt; char *name, *inst, *lang, *prompt, *response; u_int num_prompts, i; -- cgit v1.2.3 From eb272ea4099fd6157846f15c129ac5727933aa69 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Tue, 30 May 2017 14:29:59 +0000 Subject: upstream commit switch auth2 to ssh_dispatch API; ok djm@ Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f --- auth.h | 10 +++++----- auth2-chall.c | 31 +++++++++++++++++-------------- auth2-gss.c | 43 ++++++++++++++++++++++--------------------- auth2-hostbased.c | 6 +++--- auth2-kbdint.c | 6 +++--- auth2-none.c | 5 ++--- auth2-passwd.c | 5 ++--- auth2-pubkey.c | 6 +++--- auth2.c | 26 +++++++++++++------------- 9 files changed, 70 insertions(+), 68 deletions(-) (limited to 'auth2-gss.c') diff --git a/auth.h b/auth.h index db80fd0c7..677935463 100644 --- a/auth.h +++ b/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.90 2017/05/30 08:52:19 markus Exp $ */ +/* $OpenBSD: auth.h,v 1.91 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -91,7 +91,7 @@ struct Authctxt { struct Authmethod { char *name; - int (*userauth)(Authctxt *authctxt); + int (*userauth)(struct ssh *); int *enabled; }; @@ -155,7 +155,7 @@ void auth_info(Authctxt *authctxt, const char *, ...) __attribute__((__nonnull__ (2))); void auth_log(Authctxt *, int, int, const char *, const char *); void auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn)); -void userauth_finish(Authctxt *, int, const char *, const char *); +void userauth_finish(struct ssh *, int, const char *, const char *); int auth_root_allowed(const char *); void userauth_send_banner(const char *); @@ -168,8 +168,8 @@ int auth2_method_allowed(Authctxt *, const char *, const char *); void privsep_challenge_enable(void); -int auth2_challenge(Authctxt *, char *); -void auth2_challenge_stop(Authctxt *); +int auth2_challenge(struct ssh *, char *); +void auth2_challenge_stop(struct ssh *); int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); int bsdauth_respond(void *, u_int, char **); int skey_query(void *, char **, char **, u_int *, char ***, u_int **); diff --git a/auth2-chall.c b/auth2-chall.c index 954eb4e18..11c8d31b3 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.47 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.48 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -47,7 +47,7 @@ /* import */ extern ServerOptions options; -static int auth2_challenge_start(Authctxt *); +static int auth2_challenge_start(struct ssh *); static int send_userauth_info_request(Authctxt *); static int input_userauth_info_response(int, u_int32_t, struct ssh *); @@ -195,8 +195,9 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) * wait for the response. */ int -auth2_challenge(Authctxt *authctxt, char *devs) +auth2_challenge(struct ssh *ssh, char *devs) { + Authctxt *authctxt = ssh->authctxt; debug("auth2_challenge: user=%s devs=%s", authctxt->user ? authctxt->user : "", devs ? devs : ""); @@ -205,15 +206,16 @@ auth2_challenge(Authctxt *authctxt, char *devs) return 0; if (authctxt->kbdintctxt == NULL) authctxt->kbdintctxt = kbdint_alloc(devs); - return auth2_challenge_start(authctxt); + return auth2_challenge_start(ssh); } /* unregister kbd-int callbacks and context */ void -auth2_challenge_stop(Authctxt *authctxt) +auth2_challenge_stop(struct ssh *ssh) { + Authctxt *authctxt = ssh->authctxt; /* unregister callback */ - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); if (authctxt->kbdintctxt != NULL) { kbdint_free(authctxt->kbdintctxt); authctxt->kbdintctxt = NULL; @@ -222,29 +224,30 @@ auth2_challenge_stop(Authctxt *authctxt) /* side effect: sets authctxt->postponed if a reply was sent*/ static int -auth2_challenge_start(Authctxt *authctxt) +auth2_challenge_start(struct ssh *ssh) { + Authctxt *authctxt = ssh->authctxt; KbdintAuthctxt *kbdintctxt = authctxt->kbdintctxt; debug2("auth2_challenge_start: devices %s", kbdintctxt->devices ? kbdintctxt->devices : ""); if (kbdint_next_device(authctxt, kbdintctxt) == 0) { - auth2_challenge_stop(authctxt); + auth2_challenge_stop(ssh); return 0; } debug("auth2_challenge_start: trying authentication method '%s'", kbdintctxt->device->name); if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) { - auth2_challenge_stop(authctxt); + auth2_challenge_stop(ssh); return 0; } if (send_userauth_info_request(authctxt) == 0) { - auth2_challenge_stop(authctxt); + auth2_challenge_stop(ssh); return 0; } - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_RESPONSE, &input_userauth_info_response); authctxt->postponed = 1; @@ -340,14 +343,14 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) devicename = kbdintctxt->device->name; if (!authctxt->postponed) { if (authenticated) { - auth2_challenge_stop(authctxt); + auth2_challenge_stop(ssh); } else { /* start next device */ /* may set authctxt->postponed */ - auth2_challenge_start(authctxt); + auth2_challenge_start(ssh); } } - userauth_finish(authctxt, authenticated, "keyboard-interactive", + userauth_finish(ssh, authenticated, "keyboard-interactive", devicename); return 0; } diff --git a/auth2-gss.c b/auth2-gss.c index a762747d6..680d5e712 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.24 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.25 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -58,8 +58,9 @@ static int input_gssapi_errtok(int, u_int32_t, struct ssh *); * how to check local user kuserok and the like) */ static int -userauth_gssapi(Authctxt *authctxt) +userauth_gssapi(struct ssh *ssh) { + Authctxt *authctxt = ssh->authctxt; gss_OID_desc goid = {0, NULL}; Gssctxt *ctxt = NULL; int mechs; @@ -119,8 +120,8 @@ userauth_gssapi(Authctxt *authctxt) packet_send(); free(doid); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); authctxt->postponed = 1; return (0); @@ -157,8 +158,8 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) packet_send(); } authctxt->postponed = 0; - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); - userauth_finish(authctxt, 0, "gssapi-with-mic", NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); + userauth_finish(ssh, 0, "gssapi-with-mic", NULL); } else { if (send_tok.length != 0) { packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); @@ -166,12 +167,12 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) packet_send(); } if (maj_status == GSS_S_COMPLETE) { - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); if (flags & GSS_C_INTEG_FLAG) - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_MIC, &input_gssapi_mic); else - dispatch_set( + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, &input_gssapi_exchange_complete); } @@ -207,8 +208,8 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) free(recv_tok.value); /* We can't return anything to the client, even if we wanted to */ - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); /* The client will have already moved on to the next auth */ @@ -241,11 +242,11 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); authctxt->postponed = 0; - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); - userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); + userauth_finish(ssh, authenticated, "gssapi-with-mic", NULL); return 0; } @@ -282,11 +283,11 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) free(mic.value); authctxt->postponed = 0; - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); - userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); + userauth_finish(ssh, authenticated, "gssapi-with-mic", NULL); return 0; } diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 728548396..63fe9ae65 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.29 2017/05/30 14:25:42 markus Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.30 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -57,9 +57,9 @@ extern u_char *session_id2; extern u_int session_id2_len; static int -userauth_hostbased(Authctxt *authctxt) +userauth_hostbased(struct ssh *ssh) { - struct ssh *ssh = active_state; /* XXX */ + Authctxt *authctxt = ssh->authctxt; struct sshbuf *b; struct sshkey *key = NULL; char *pkalg, *cuser, *chost, *service; diff --git a/auth2-kbdint.c b/auth2-kbdint.c index bf75c6059..86aad8ddc 100644 --- a/auth2-kbdint.c +++ b/auth2-kbdint.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-kbdint.c,v 1.7 2014/07/15 15:54:14 millert Exp $ */ +/* $OpenBSD: auth2-kbdint.c,v 1.8 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -43,7 +43,7 @@ extern ServerOptions options; static int -userauth_kbdint(Authctxt *authctxt) +userauth_kbdint(struct ssh *ssh) { int authenticated = 0; char *lang, *devs; @@ -55,7 +55,7 @@ userauth_kbdint(Authctxt *authctxt) debug("keyboard-interactive devs %s", devs); if (options.challenge_response_authentication) - authenticated = auth2_challenge(authctxt, devs); + authenticated = auth2_challenge(ssh, devs); free(devs); free(lang); diff --git a/auth2-none.c b/auth2-none.c index da6e2dd12..35d25fa63 100644 --- a/auth2-none.c +++ b/auth2-none.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-none.c,v 1.19 2017/05/30 14:27:22 markus Exp $ */ +/* $OpenBSD: auth2-none.c,v 1.20 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -60,9 +60,8 @@ extern ServerOptions options; static int none_enabled = 1; static int -userauth_none(Authctxt *authctxt) +userauth_none(struct ssh *ssh) { - struct ssh *ssh = active_state; /* XXX */ int r; none_enabled = 0; diff --git a/auth2-passwd.c b/auth2-passwd.c index d36b0cba3..5f7ba3244 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-passwd.c,v 1.13 2017/05/30 14:26:49 markus Exp $ */ +/* $OpenBSD: auth2-passwd.c,v 1.14 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -48,9 +48,8 @@ extern ServerOptions options; static int -userauth_passwd(Authctxt *authctxt) +userauth_passwd(struct ssh *ssh) { - struct ssh *ssh = active_state; /* XXX */ char *password; int authenticated = 0, r; u_char change; diff --git a/auth2-pubkey.c b/auth2-pubkey.c index a4a091113..7a6280f8d 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.64 2017/05/30 14:10:53 markus Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.65 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -75,9 +75,9 @@ extern u_char *session_id2; extern u_int session_id2_len; static int -userauth_pubkey(Authctxt *authctxt) +userauth_pubkey(struct ssh *ssh) { - struct ssh *ssh = active_state; /* XXX */ + Authctxt *authctxt = ssh->authctxt; struct sshbuf *b; struct sshkey *key = NULL; char *pkalg, *userstyle = NULL, *fp = NULL; diff --git a/auth2.c b/auth2.c index cfbf9d250..08ea2a802 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.139 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: auth2.c,v 1.140 2017/05/30 14:29:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -170,9 +170,9 @@ do_authentication2(Authctxt *authctxt) { struct ssh *ssh = active_state; /* XXX */ ssh->authctxt = authctxt; /* XXX move to caller */ - dispatch_init(&dispatch_protocol_error); - dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); - dispatch_run(DISPATCH_BLOCK, &authctxt->success, ssh); + ssh_dispatch_init(ssh, &dispatch_protocol_error); + ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_REQUEST, &input_service_request); + ssh_dispatch_run(ssh, DISPATCH_BLOCK, &authctxt->success, ssh); ssh->authctxt = NULL; } @@ -193,7 +193,7 @@ input_service_request(int type, u_int32_t seq, struct ssh *ssh) if (!authctxt->success) { acceptit = 1; /* now we can handle user-auth requests */ - dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request); } } /* XXX all other service requests are denied */ @@ -269,12 +269,12 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) authctxt->user, authctxt->service, user, service); } /* reset state */ - auth2_challenge_stop(authctxt); + auth2_challenge_stop(ssh); #ifdef GSSAPI /* XXX move to auth2_gssapi_stop() */ - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); - dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); #endif authctxt->postponed = 0; @@ -284,9 +284,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) m = authmethod_lookup(authctxt, method); if (m != NULL && authctxt->failures < options.max_authtries) { debug2("input_userauth_request: try method %s", method); - authenticated = m->userauth(authctxt); + authenticated = m->userauth(ssh); } - userauth_finish(authctxt, authenticated, method, NULL); + userauth_finish(ssh, authenticated, method, NULL); free(service); free(user); @@ -295,10 +295,10 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) } void -userauth_finish(Authctxt *authctxt, int authenticated, const char *method, +userauth_finish(struct ssh *ssh, int authenticated, const char *method, const char *submethod) { - struct ssh *ssh = active_state; /* XXX */ + Authctxt *authctxt = ssh->authctxt; char *methods; int partial = 0; @@ -354,7 +354,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method, if (authenticated == 1) { /* turn off userauth */ - dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); packet_start(SSH2_MSG_USERAUTH_SUCCESS); packet_send(); packet_write_wait(); -- cgit v1.2.3 From 8f574959272ac7fe9239c4f5d10fd913f8920ab0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 24 Jun 2017 06:34:38 +0000 Subject: upstream commit refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@ Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb --- auth.c | 62 +++++++++++++++++-------- auth.h | 48 ++++++++++++++------ auth2-gss.c | 12 ++++- auth2-hostbased.c | 8 ++-- auth2-pubkey.c | 80 ++------------------------------ auth2.c | 133 +++++++++++++++++++++++++++++++++++++++++++++++++++++- gss-serv.c | 11 ++++- monitor.c | 41 +++++++++-------- servconf.c | 13 +++++- servconf.h | 3 +- session.c | 54 +++++++++++++++++++++- ssh-gss.h | 3 +- sshd_config.5 | 10 +++- 13 files changed, 338 insertions(+), 140 deletions(-) (limited to 'auth2-gss.c') diff --git a/auth.c b/auth.c index fd8211505..96116ecfe 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.121 2017/05/30 08:52:19 markus Exp $ */ +/* $OpenBSD: auth.c,v 1.122 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -267,21 +267,41 @@ allowed_user(struct passwd * pw) return 1; } -void -auth_info(Authctxt *authctxt, const char *fmt, ...) +/* + * Formats any key left in authctxt->auth_method_key for inclusion in + * auth_log()'s message. Also includes authxtct->auth_method_info if present. + */ +static char * +format_method_key(Authctxt *authctxt) { - va_list ap; - int i; - - free(authctxt->info); - authctxt->info = NULL; + const struct sshkey *key = authctxt->auth_method_key; + const char *methinfo = authctxt->auth_method_info; + char *fp, *ret = NULL; - va_start(ap, fmt); - i = vasprintf(&authctxt->info, fmt, ap); - va_end(ap); + if (key == NULL) + return NULL; - if (i < 0 || authctxt->info == NULL) - fatal("vasprintf failed"); + if (key_is_cert(key)) { + fp = sshkey_fingerprint(key->cert->signature_key, + options.fingerprint_hash, SSH_FP_DEFAULT); + xasprintf(&ret, "%s ID %s (serial %llu) CA %s %s%s%s", + sshkey_type(key), key->cert->key_id, + (unsigned long long)key->cert->serial, + sshkey_type(key->cert->signature_key), + fp == NULL ? "(null)" : fp, + methinfo == NULL ? "" : ", ", + methinfo == NULL ? "" : methinfo); + free(fp); + } else { + fp = sshkey_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT); + xasprintf(&ret, "%s %s%s%s", sshkey_type(key), + fp == NULL ? "(null)" : fp, + methinfo == NULL ? "" : ", ", + methinfo == NULL ? "" : methinfo); + free(fp); + } + return ret; } void @@ -290,7 +310,8 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, { struct ssh *ssh = active_state; /* XXX */ void (*authlog) (const char *fmt,...) = verbose; - char *authmsg; + const char *authmsg; + char *extra = NULL; if (use_privsep && !mm_is_monitor() && !authctxt->postponed) return; @@ -309,6 +330,11 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, else authmsg = authenticated ? "Accepted" : "Failed"; + if ((extra = format_method_key(authctxt)) == NULL) { + if (authctxt->auth_method_info != NULL) + extra = xstrdup(authctxt->auth_method_info); + } + authlog("%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s", authmsg, method, @@ -317,10 +343,10 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, authctxt->user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), - authctxt->info != NULL ? ": " : "", - authctxt->info != NULL ? authctxt->info : ""); - free(authctxt->info); - authctxt->info = NULL; + extra != NULL ? ": " : "", + extra != NULL ? extra : ""); + + free(extra); #ifdef CUSTOM_FAILED_LOGIN if (authenticated == 0 && !authctxt->postponed && diff --git a/auth.h b/auth.h index 677935463..cbbc9623f 100644 --- a/auth.h +++ b/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.91 2017/05/30 14:29:59 markus Exp $ */ +/* $OpenBSD: auth.h,v 1.92 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -44,6 +44,7 @@ struct ssh; struct sshkey; +struct sshbuf; typedef struct Authctxt Authctxt; typedef struct Authmethod Authmethod; @@ -62,13 +63,17 @@ struct Authctxt { char *service; struct passwd *pw; /* set if 'valid' */ char *style; + + /* Method lists for multiple authentication */ + char **auth_methods; /* modified from server config */ + u_int num_auth_methods; + + /* Authentication method-specific data */ + void *methoddata; void *kbdintctxt; - char *info; /* Extra info for next auth_log */ #ifdef BSD_AUTH auth_session_t *as; #endif - char **auth_methods; /* modified from server config */ - u_int num_auth_methods; #ifdef KRB5 krb5_context krb5_ctx; krb5_ccache krb5_fwd_ccache; @@ -76,12 +81,20 @@ struct Authctxt { char *krb5_ticket_file; char *krb5_ccname; #endif - Buffer *loginmsg; - void *methoddata; + struct sshbuf *loginmsg; + + /* Authentication keys already used; these will be refused henceforth */ + struct sshkey **prev_keys; + u_int nprev_keys; - struct sshkey **prev_userkeys; - u_int nprev_userkeys; + /* Last used key and ancilliary information from active auth method */ + struct sshkey *auth_method_key; + char *auth_method_info; + + /* Information exposed to session */ + struct sshbuf *session_info; /* Auth info for environment */ }; + /* * Every authentication method has to handle authentication requests for * non-existing users, or for users that are not allowed to login. In this @@ -120,10 +133,18 @@ int auth_password(Authctxt *, const char *); int hostbased_key_allowed(struct passwd *, const char *, char *, struct sshkey *); int user_key_allowed(struct passwd *, struct sshkey *, int); -void pubkey_auth_info(Authctxt *, const struct sshkey *, const char *, ...) - __attribute__((__format__ (printf, 3, 4))); -void auth2_record_userkey(Authctxt *, struct sshkey *); -int auth2_userkey_already_used(Authctxt *, struct sshkey *); +int auth2_key_already_used(Authctxt *, const struct sshkey *); + +/* + * Handling auth method-specific information for logging and prevention + * of key reuse during multiple authentication. + */ +void auth2_authctxt_reset_info(Authctxt *); +void auth2_record_key(Authctxt *, int, const struct sshkey *); +void auth2_record_info(Authctxt *authctxt, const char *, ...) + __attribute__((__format__ (printf, 2, 3))) + __attribute__((__nonnull__ (2))); +void auth2_update_session_info(Authctxt *, const char *, const char *); struct stat; int auth_secure_path(const char *, struct stat *, const char *, uid_t, @@ -150,9 +171,6 @@ void disable_forwarding(void); void do_authentication2(Authctxt *); -void auth_info(Authctxt *authctxt, const char *, ...) - __attribute__((__format__ (printf, 2, 3))) - __attribute__((__nonnull__ (2))); void auth_log(Authctxt *, int, int, const char *, const char *); void auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn)); void userauth_finish(struct ssh *, int, const char *, const char *); diff --git a/auth2-gss.c b/auth2-gss.c index 680d5e712..589283b72 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.25 2017/05/30 14:29:59 markus Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.26 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -228,6 +228,7 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; int authenticated; + const char *displayname; if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) fatal("No authentication or GSSAPI context"); @@ -241,6 +242,10 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); + if ((!use_privsep || mm_is_monitor()) && + (displayname = ssh_gssapi_displayname()) != NULL) + auth2_record_info(authctxt, "%s", displayname); + authctxt->postponed = 0; ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); @@ -259,6 +264,7 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) Buffer b; gss_buffer_desc mic, gssbuf; u_int len; + const char *displayname; if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) fatal("No authentication or GSSAPI context"); @@ -282,6 +288,10 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) buffer_free(&b); free(mic.value); + if ((!use_privsep || mm_is_monitor()) && + (displayname = ssh_gssapi_displayname()) != NULL) + auth2_record_info(authctxt, "%s", displayname); + authctxt->postponed = 0; ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 63fe9ae65..92758b38c 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.30 2017/05/30 14:29:59 markus Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.31 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -137,7 +137,7 @@ userauth_hostbased(struct ssh *ssh) sshbuf_dump(b, stderr); #endif - pubkey_auth_info(authctxt, key, + auth2_record_info(authctxt, "client user \"%.100s\", client host \"%.100s\"", cuser, chost); /* test for allowed key and correct signature */ @@ -147,11 +147,11 @@ userauth_hostbased(struct ssh *ssh) sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0) authenticated = 1; + auth2_record_key(authctxt, authenticated, key); sshbuf_free(b); done: debug2("%s: authenticated %d", __func__, authenticated); - if (key != NULL) - sshkey_free(key); + sshkey_free(key); free(pkalg); free(pkblob); free(cuser); diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 5794f1f4d..1c59b5bb0 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.67 2017/05/31 10:54:00 markus Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.68 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -137,7 +137,7 @@ userauth_pubkey(struct ssh *ssh) goto done; } fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT); - if (auth2_userkey_already_used(authctxt, key)) { + if (auth2_key_already_used(authctxt, key)) { logit("refusing previously-used %s key", sshkey_type(key)); goto done; } @@ -194,7 +194,6 @@ userauth_pubkey(struct ssh *ssh) #ifdef DEBUG_PK sshbuf_dump(b, stderr); #endif - pubkey_auth_info(authctxt, key, NULL); /* test for correct signature */ authenticated = 0; @@ -202,12 +201,10 @@ userauth_pubkey(struct ssh *ssh) PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0) { authenticated = 1; - /* Record the successful key to prevent reuse */ - auth2_record_userkey(authctxt, key); - key = NULL; /* Don't free below */ } sshbuf_free(b); free(sig); + auth2_record_key(authctxt, authenticated, key); } else { debug("%s: test whether pkalg/pkblob are acceptable for %s %s", __func__, sshkey_type(key), fp); @@ -237,8 +234,7 @@ userauth_pubkey(struct ssh *ssh) auth_clear_options(); done: debug2("%s: authenticated %d pkalg %s", __func__, authenticated, pkalg); - if (key != NULL) - sshkey_free(key); + sshkey_free(key); free(userstyle); free(pkalg); free(pkblob); @@ -246,44 +242,6 @@ done: return authenticated; } -void -pubkey_auth_info(Authctxt *authctxt, const struct sshkey *key, - const char *fmt, ...) -{ - char *fp, *extra; - va_list ap; - int i; - - extra = NULL; - if (fmt != NULL) { - va_start(ap, fmt); - i = vasprintf(&extra, fmt, ap); - va_end(ap); - if (i < 0 || extra == NULL) - fatal("%s: vasprintf failed", __func__); - } - - if (sshkey_is_cert(key)) { - fp = sshkey_fingerprint(key->cert->signature_key, - options.fingerprint_hash, SSH_FP_DEFAULT); - auth_info(authctxt, "%s ID %s (serial %llu) CA %s %s%s%s", - sshkey_type(key), key->cert->key_id, - (unsigned long long)key->cert->serial, - sshkey_type(key->cert->signature_key), - fp == NULL ? "(null)" : fp, - extra == NULL ? "" : ", ", extra == NULL ? "" : extra); - free(fp); - } else { - fp = sshkey_fingerprint(key, options.fingerprint_hash, - SSH_FP_DEFAULT); - auth_info(authctxt, "%s %s%s%s", sshkey_type(key), - fp == NULL ? "(null)" : fp, - extra == NULL ? "" : ", ", extra == NULL ? "" : extra); - free(fp); - } - free(extra); -} - /* * Splits 's' into an argument vector. Handles quoted string and basic * escape characters (\\, \", \'). Caller must free the argument vector @@ -1148,36 +1106,6 @@ user_key_allowed(struct passwd *pw, struct sshkey *key, int auth_attempt) return success; } -/* Records a public key in the list of previously-successful keys */ -void -auth2_record_userkey(Authctxt *authctxt, struct sshkey *key) -{ - struct sshkey **tmp; - - if (authctxt->nprev_userkeys >= INT_MAX || - (tmp = recallocarray(authctxt->prev_userkeys, - authctxt->nprev_userkeys, authctxt->nprev_userkeys + 1, - sizeof(*tmp))) == NULL) - fatal("%s: recallocarray failed", __func__); - authctxt->prev_userkeys = tmp; - authctxt->prev_userkeys[authctxt->nprev_userkeys] = key; - authctxt->nprev_userkeys++; -} - -/* Checks whether a key has already been used successfully for authentication */ -int -auth2_userkey_already_used(Authctxt *authctxt, struct sshkey *key) -{ - u_int i; - - for (i = 0; i < authctxt->nprev_userkeys; i++) { - if (sshkey_equal_public(key, authctxt->prev_userkeys[i])) { - return 1; - } - } - return 0; -} - Authmethod method_pubkey = { "publickey", userauth_pubkey, diff --git a/auth2.c b/auth2.c index cb4c2fd5d..862e09960 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.142 2017/05/31 07:00:13 markus Exp $ */ +/* $OpenBSD: auth2.c,v 1.143 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -30,6 +30,7 @@ #include #include +#include #include #include #include @@ -55,6 +56,7 @@ #include "ssh-gss.h" #endif #include "monitor_wrap.h" +#include "ssherr.h" /* import */ extern ServerOptions options; @@ -277,6 +279,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); #endif + auth2_authctxt_reset_info(authctxt); authctxt->postponed = 0; authctxt->server_caused_failure = 0; @@ -327,6 +330,10 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, /* Log before sending the reply */ auth_log(authctxt, authenticated, partial, method, submethod); + /* Update information exposed to session */ + if (authenticated || partial) + auth2_update_session_info(authctxt, method, submethod); + if (authctxt->postponed) return; @@ -624,4 +631,128 @@ auth2_update_methods_lists(Authctxt *authctxt, const char *method, return 0; } +/* Reset method-specific information */ +void auth2_authctxt_reset_info(Authctxt *authctxt) +{ + sshkey_free(authctxt->auth_method_key); + free(authctxt->auth_method_info); + authctxt->auth_method_key = NULL; + authctxt->auth_method_info = NULL; +} + +/* Record auth method-specific information for logs */ +void +auth2_record_info(Authctxt *authctxt, const char *fmt, ...) +{ + va_list ap; + int i; + + free(authctxt->auth_method_info); + authctxt->auth_method_info = NULL; + + va_start(ap, fmt); + i = vasprintf(&authctxt->auth_method_info, fmt, ap); + va_end(ap); + + if (i < 0 || authctxt->auth_method_info == NULL) + fatal("%s: vasprintf failed", __func__); +} + +/* + * Records a public key used in authentication. This is used for logging + * and to ensure that the same key is not subsequently accepted again for + * multiple authentication. + */ +void +auth2_record_key(Authctxt *authctxt, int authenticated, + const struct sshkey *key) +{ + struct sshkey **tmp, *dup; + int r; + + if ((r = sshkey_demote(key, &dup)) != 0) + fatal("%s: copy key: %s", __func__, ssh_err(r)); + sshkey_free(authctxt->auth_method_key); + authctxt->auth_method_key = dup; + + if (!authenticated) + return; + + /* If authenticated, make sure we don't accept this key again */ + if ((r = sshkey_demote(key, &dup)) != 0) + fatal("%s: copy key: %s", __func__, ssh_err(r)); + if (authctxt->nprev_keys >= INT_MAX || + (tmp = recallocarray(authctxt->prev_keys, authctxt->nprev_keys, + authctxt->nprev_keys + 1, sizeof(*authctxt->prev_keys))) == NULL) + fatal("%s: reallocarray failed", __func__); + authctxt->prev_keys = tmp; + authctxt->prev_keys[authctxt->nprev_keys] = dup; + authctxt->nprev_keys++; + +} + +/* Checks whether a key has already been previously used for authentication */ +int +auth2_key_already_used(Authctxt *authctxt, const struct sshkey *key) +{ + u_int i; + char *fp; + + for (i = 0; i < authctxt->nprev_keys; i++) { + if (sshkey_equal_public(key, authctxt->prev_keys[i])) { + fp = sshkey_fingerprint(authctxt->prev_keys[i], + options.fingerprint_hash, SSH_FP_DEFAULT); + debug3("%s: key already used: %s %s", __func__, + sshkey_type(authctxt->prev_keys[i]), + fp == NULL ? "UNKNOWN" : fp); + free(fp); + return 1; + } + } + return 0; +} + +/* + * Updates authctxt->session_info with details of authentication. Should be + * whenever an authentication method succeeds. + */ +void +auth2_update_session_info(Authctxt *authctxt, const char *method, + const char *submethod) +{ + int r; + + if (authctxt->session_info == NULL) { + if ((authctxt->session_info = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new", __func__); + } + + /* Append method[/submethod] */ + if ((r = sshbuf_putf(authctxt->session_info, "%s%s%s", + method, submethod == NULL ? "" : "/", + submethod == NULL ? "" : submethod)) != 0) + fatal("%s: append method: %s", __func__, ssh_err(r)); + + /* Append key if present */ + if (authctxt->auth_method_key != NULL) { + if ((r = sshbuf_put_u8(authctxt->session_info, ' ')) != 0 || + (r = sshkey_format_text(authctxt->auth_method_key, + authctxt->session_info)) != 0) + fatal("%s: append key: %s", __func__, ssh_err(r)); + } + + if (authctxt->auth_method_info != NULL) { + /* Ensure no ambiguity here */ + if (strchr(authctxt->auth_method_info, '\n') != NULL) + fatal("%s: auth_method_info contains \\n", __func__); + if ((r = sshbuf_put_u8(authctxt->session_info, ' ')) != 0 || + (r = sshbuf_putf(authctxt->session_info, "%s", + authctxt->auth_method_info)) != 0) { + fatal("%s: append method info: %s", + __func__, ssh_err(r)); + } + } + if ((r = sshbuf_put_u8(authctxt->session_info, '\n')) != 0) + fatal("%s: append: %s", __func__, ssh_err(r)); +} diff --git a/gss-serv.c b/gss-serv.c index 53993d674..6cae720e5 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.29 2015/05/22 03:50:02 djm Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.30 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -393,4 +393,13 @@ ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) return (ctx->major); } +/* Privileged */ +const char *ssh_gssapi_displayname(void) +{ + if (gssapi_client.displayname.length == 0 || + gssapi_client.displayname.value == NULL) + return NULL; + return (char *)gssapi_client.displayname.value; +} + #endif diff --git a/monitor.c b/monitor.c index 8897f6a82..8a7897bde 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.171 2017/05/31 10:04:29 markus Exp $ */ +/* $OpenBSD: monitor.c,v 1.172 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -308,6 +308,8 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) partial = 0; auth_method = "unknown"; auth_submethod = NULL; + auth2_authctxt_reset_info(authctxt); + authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1); /* Special handling for multiple required authentications */ @@ -347,6 +349,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) auth_method, auth_submethod); if (!partial && !authenticated) authctxt->failures++; + if (authenticated || partial) { + auth2_update_session_info(authctxt, + auth_method, auth_submethod); + } } } @@ -1147,12 +1153,11 @@ mm_answer_keyallowed(int sock, Buffer *m) switch (type) { case MM_USERKEY: allowed = options.pubkey_authentication && - !auth2_userkey_already_used(authctxt, key) && + !auth2_key_already_used(authctxt, key) && match_pattern_list(sshkey_ssh_name(key), options.pubkey_key_types, 0) == 1 && user_key_allowed(authctxt->pw, key, pubkey_auth_attempt); - pubkey_auth_info(authctxt, key, NULL); auth_method = "publickey"; if (options.pubkey_authentication && (!pubkey_auth_attempt || allowed != 1)) @@ -1160,11 +1165,12 @@ mm_answer_keyallowed(int sock, Buffer *m) break; case MM_HOSTKEY: allowed = options.hostbased_authentication && + !auth2_key_already_used(authctxt, key) && match_pattern_list(sshkey_ssh_name(key), options.hostbased_key_types, 0) == 1 && hostbased_key_allowed(authctxt->pw, cuser, chost, key); - pubkey_auth_info(authctxt, key, + auth2_record_info(authctxt, "client user \"%.100s\", client host \"%.100s\"", cuser, chost); auth_method = "hostbased"; @@ -1175,11 +1181,10 @@ mm_answer_keyallowed(int sock, Buffer *m) } } - debug3("%s: key %p is %s", - __func__, key, allowed ? "allowed" : "not allowed"); + debug3("%s: key is %s", __func__, allowed ? "allowed" : "not allowed"); - if (key != NULL) - key_free(key); + auth2_record_key(authctxt, 0, key); + sshkey_free(key); /* clear temporarily storage (used by verify) */ monitor_reset_key_state(); @@ -1353,10 +1358,12 @@ mm_answer_keyverify(int sock, struct sshbuf *m) switch (key_blobtype) { case MM_USERKEY: valid_data = monitor_valid_userblob(data, datalen); + auth_method = "publickey"; break; case MM_HOSTKEY: valid_data = monitor_valid_hostbasedblob(data, datalen, hostbased_cuser, hostbased_chost); + auth_method = "hostbased"; break; default: valid_data = 0; @@ -1367,23 +1374,17 @@ mm_answer_keyverify(int sock, struct sshbuf *m) ret = sshkey_verify(key, signature, signaturelen, data, datalen, active_state->compat); - debug3("%s: key %p signature %s", - __func__, key, (ret == 0) ? "verified" : "unverified"); - - /* If auth was successful then record key to ensure it isn't reused */ - if (ret == 0 && key_blobtype == MM_USERKEY) - auth2_record_userkey(authctxt, key); - else - sshkey_free(key); + debug3("%s: %s %p signature %s", __func__, auth_method, key, + (ret == 0) ? "verified" : "unverified"); + auth2_record_key(authctxt, ret == 0, key); free(blob); free(signature); free(data); - auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased"; - monitor_reset_key_state(); + sshkey_free(key); sshbuf_reset(m); /* encode ret != 0 as positive integer, since we're sending u32 */ @@ -1799,6 +1800,7 @@ int mm_answer_gss_userok(int sock, Buffer *m) { int authenticated; + const char *displayname; if (!options.gss_authentication) fatal("%s: GSSAPI authentication not enabled", __func__); @@ -1813,6 +1815,9 @@ mm_answer_gss_userok(int sock, Buffer *m) auth_method = "gssapi-with-mic"; + if ((displayname = ssh_gssapi_displayname()) != NULL) + auth2_record_info(authctxt, "%s", displayname); + /* Monitor loop will terminate if authenticated */ return (authenticated); } diff --git a/servconf.c b/servconf.c index a112798e4..ed1fc71cf 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.308 2017/05/17 01:24:17 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.309 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -164,6 +164,7 @@ initialize_server_options(ServerOptions *options) options->version_addendum = NULL; options->fingerprint_hash = -1; options->disable_forwarding = -1; + options->expose_userauth_info = -1; } /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ @@ -333,6 +334,8 @@ fill_default_server_options(ServerOptions *options) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; if (options->disable_forwarding == -1) options->disable_forwarding = 0; + if (options->expose_userauth_info == -1) + options->expose_userauth_info = 0; assemble_algorithms(options); @@ -418,6 +421,7 @@ typedef enum { sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, sStreamLocalBindMask, sStreamLocalBindUnlink, sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, + sExposeAuthInfo, sDeprecated, sIgnore, sUnsupported } ServerOpCodes; @@ -561,6 +565,7 @@ static struct { { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, + { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, { NULL, sBadOption, 0 } }; @@ -1835,6 +1840,10 @@ process_server_config_line(ServerOptions *options, char *line, options->fingerprint_hash = value; break; + case sExposeAuthInfo: + intptr = &options->expose_userauth_info; + goto parse_flag; + case sDeprecated: case sIgnore: case sUnsupported: @@ -1973,6 +1982,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(allow_streamlocal_forwarding); M_CP_INTOPT(allow_agent_forwarding); M_CP_INTOPT(disable_forwarding); + M_CP_INTOPT(expose_userauth_info); M_CP_INTOPT(permit_tun); M_CP_INTOPT(fwd_opts.gateway_ports); M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); @@ -2272,6 +2282,7 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); + dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); /* string arguments */ dump_cfg_string(sPidFile, o->pid_file); diff --git a/servconf.h b/servconf.h index 5853a9747..c2848a765 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.123 2016/11/30 03:00:05 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.124 2017/06/24 06:34:38 djm Exp $ */ /* * Author: Tatu Ylonen @@ -189,6 +189,7 @@ typedef struct { char *auth_methods[MAX_AUTH_METHODS]; int fingerprint_hash; + int expose_userauth_info; } ServerOptions; /* Information about the incoming connection as used by Match */ diff --git a/session.c b/session.c index 295204c6e..a2588e74b 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.289 2017/06/24 05:24:11 djm Exp $ */ +/* $OpenBSD: session.c,v 1.290 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -94,6 +94,7 @@ #include "kex.h" #include "monitor_wrap.h" #include "sftp.h" +#include "atomicio.h" #if defined(KRB5) && defined(USE_AFS) #include @@ -160,6 +161,9 @@ login_cap_t *lc; static int is_child = 0; static int in_chroot = 0; +/* File containing userauth info, if ExposeAuthInfo set */ +static char *auth_info_file = NULL; + /* Name and directory of socket for authentication agent forwarding. */ static char *auth_sock_name = NULL; static char *auth_sock_dir = NULL; @@ -249,6 +253,40 @@ display_loginmsg(void) } } +static void +prepare_auth_info_file(struct passwd *pw, struct sshbuf *info) +{ + int fd = -1, success = 0; + + if (!options.expose_userauth_info || info == NULL) + return; + + temporarily_use_uid(pw); + auth_info_file = xstrdup("/tmp/sshauth.XXXXXXXXXXXXXXX"); + if ((fd = mkstemp(auth_info_file)) == -1) { + error("%s: mkstemp: %s", __func__, strerror(errno)); + goto out; + } + if (atomicio(vwrite, fd, sshbuf_mutable_ptr(info), + sshbuf_len(info)) != sshbuf_len(info)) { + error("%s: write: %s", __func__, strerror(errno)); + goto out; + } + if (close(fd) != 0) { + error("%s: close: %s", __func__, strerror(errno)); + goto out; + } + success = 1; + out: + if (!success) { + if (fd != -1) + close(fd); + free(auth_info_file); + auth_info_file = NULL; + } + restore_uid(); +} + void do_authenticated(Authctxt *authctxt) { @@ -264,7 +302,10 @@ do_authenticated(Authctxt *authctxt) auth_debug_send(); + prepare_auth_info_file(authctxt->pw, authctxt->session_info); + do_authenticated2(authctxt); + do_cleanup(authctxt); } @@ -1077,6 +1118,8 @@ do_setup_env(Session *s, const char *shell) free(laddr); child_set_env(&env, &envsize, "SSH_CONNECTION", buf); + if (auth_info_file != NULL) + child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file); if (s->ttyfd != -1) child_set_env(&env, &envsize, "SSH_TTY", s->tty); if (s->term) @@ -2549,6 +2592,15 @@ do_cleanup(Authctxt *authctxt) /* remove agent socket */ auth_sock_cleanup_proc(authctxt->pw); + /* remove userauth info */ + if (auth_info_file != NULL) { + temporarily_use_uid(authctxt->pw); + unlink(auth_info_file); + restore_uid(); + free(auth_info_file); + auth_info_file = NULL; + } + /* * Cleanup ptys/utmp only if privsep is disabled, * or if running in monitor. diff --git a/ssh-gss.h b/ssh-gss.h index a99d7f08b..6593e422d 100644 --- a/ssh-gss.h +++ b/ssh-gss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-gss.h,v 1.11 2014/02/26 20:28:44 djm Exp $ */ +/* $OpenBSD: ssh-gss.h,v 1.12 2017/06/24 06:34:38 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. * @@ -128,6 +128,7 @@ OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); void ssh_gssapi_do_child(char ***, u_int *); void ssh_gssapi_cleanup_creds(void); void ssh_gssapi_storecreds(void); +const char *ssh_gssapi_displayname(void); #endif /* GSSAPI */ diff --git a/sshd_config.5 b/sshd_config.5 index 7b4cb1d9a..cfe1db82a 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.245 2017/05/17 01:24:17 djm Exp $ -.Dd $Mdocdate: May 17 2017 $ +.\" $OpenBSD: sshd_config.5,v 1.246 2017/06/24 06:34:38 djm Exp $ +.Dd $Mdocdate: June 24 2017 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -564,6 +564,12 @@ Disables all forwarding features, including X11, TCP and StreamLocal. This option overrides all other forwarding-related options and may simplify restricted configurations. +.It Cm ExposeAuthInfo +Enables writing a file containing a list of authentication methods and +public credentials (e.g. keys) used to authenticate the user. +The location of the file is exposed to the user session though the +.Ev SSH_AUTH_INFO +enviornment variable. .It Cm FingerprintHash Specifies the hash algorithm used when logging key fingerprints. Valid options are: -- cgit v1.2.3