From 17d4d9d9fbc8fb80e322f94d95eecc604588a474 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 17 Apr 2015 04:32:31 +0000 Subject: upstream commit don't call record_login() in monitor when UseLogin is enabled; bz#278 reported by drk AT sgi.com; ok dtucker --- monitor.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index bab6ce87e..fb3ea6753 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.145 2015/02/20 22:17:21 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.146 2015/04/17 04:32:31 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1474,6 +1474,9 @@ mm_record_login(Session *s, struct passwd *pw) socklen_t fromlen; struct sockaddr_storage from; + if (options.use_login) + return; + /* * Get IP address of client. If the connection is not a socket, let * the address be 0.0.0.0. -- cgit v1.2.3 From 734226b4480a6c736096c729fcf6f391400599c7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 27 Apr 2015 01:52:30 +0000 Subject: upstream commit fix compilation with OPENSSL=no; ok dtucker@ --- monitor.c | 2 +- packet.c | 18 ++++++++++-------- ssh-keygen.c | 5 ++--- 3 files changed, 13 insertions(+), 12 deletions(-) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index fb3ea6753..6908a0a6b 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.146 2015/04/17 04:32:31 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.147 2015/04/27 01:52:30 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl diff --git a/packet.c b/packet.c index ec2cbd30e..4922573ab 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.210 2015/03/24 20:10:08 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.211 2015/04/27 01:52:30 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -792,7 +792,9 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx, void ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) { -#ifdef WITH_SSH1 +#ifndef WITH_SSH1 + fatal("no SSH protocol 1 support"); +#else /* WITH_SSH1 */ struct session_state *state = ssh->state; const struct sshcipher *cipher = cipher_by_number(number); int r; @@ -2733,13 +2735,14 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v) return sshbuf_put_stringb(ssh->state->outgoing_packet, v); } -#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) +#ifdef WITH_OPENSSL +#ifdef OPENSSL_HAS_ECC int sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g) { return sshbuf_put_ec(ssh->state->outgoing_packet, v, g); } -#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +#endif /* OPENSSL_HAS_ECC */ #ifdef WITH_SSH1 int @@ -2749,7 +2752,6 @@ sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v) } #endif /* WITH_SSH1 */ -#ifdef WITH_OPENSSL int sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) { @@ -2801,13 +2803,14 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp) return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp); } -#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) +#ifdef WITH_OPENSSL +#ifdef OPENSSL_HAS_ECC int sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g) { return sshbuf_get_ec(ssh->state->incoming_packet, v, g); } -#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +#endif /* OPENSSL_HAS_ECC */ #ifdef WITH_SSH1 int @@ -2817,7 +2820,6 @@ sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v) } #endif /* WITH_SSH1 */ -#ifdef WITH_OPENSSL int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) { diff --git a/ssh-keygen.c b/ssh-keygen.c index ad9f3026b..2c0543c96 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.270 2015/04/24 01:36:01 deraadt Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.271 2015/04/27 01:52:30 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -183,8 +183,7 @@ static void type_bits_valid(int type, const char *name, u_int32_t *bitsp) { #ifdef WITH_OPENSSL - u_int maxbits; - int nid; + u_int maxbits, nid; #endif if (type == KEY_UNSPEC) -- cgit v1.2.3 From e661a86353e11592c7ed6a847e19a83609f49e77 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 4 May 2015 06:10:48 +0000 Subject: upstream commit Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@ --- auth2-hostbased.c | 5 ++--- auth2-pubkey.c | 6 +++--- clientloop.c | 5 ++--- compat.c | 5 ++--- groupaccess.c | 6 ++---- hostfile.c | 4 ++-- match.c | 14 ++++++-------- match.h | 6 +++--- monitor.c | 11 +++++------ readconf.c | 16 +++++++--------- servconf.c | 9 +++------ ssh.c | 8 +++----- sshconnect2.c | 5 ++--- sshkey.c | 2 +- 14 files changed, 43 insertions(+), 59 deletions(-) (limited to 'monitor.c') diff --git a/auth2-hostbased.c b/auth2-hostbased.c index eebfe8fc3..e2327cf77 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.24 2015/01/28 22:36:00 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.25 2015/05/04 06:10:48 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -109,8 +109,7 @@ userauth_hostbased(Authctxt *authctxt) goto done; } if (match_pattern_list(sshkey_ssh_name(key), - options.hostbased_key_types, - strlen(options.hostbased_key_types), 0) != 1) { + options.hostbased_key_types, 0) != 1) { logit("%s: key type %s not in HostbasedAcceptedKeyTypes", __func__, sshkey_type(key)); goto done; diff --git a/auth2-pubkey.c b/auth2-pubkey.c index d943efa1e..e103b70af 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.47 2015/02/17 00:14:05 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.49 2015/05/04 06:10:48 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -127,8 +127,8 @@ userauth_pubkey(Authctxt *authctxt) logit("refusing previously-used %s key", key_type(key)); goto done; } - if (match_pattern_list(sshkey_ssh_name(key), options.pubkey_key_types, - strlen(options.pubkey_key_types), 0) != 1) { + if (match_pattern_list(sshkey_ssh_name(key), + options.pubkey_key_types, 0) != 1) { logit("%s: key type %s not in PubkeyAcceptedKeyTypes", __func__, sshkey_ssh_name(key)); goto done; diff --git a/clientloop.c b/clientloop.c index a9c8a90f0..040deb992 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.272 2015/02/25 19:54:02 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.273 2015/05/04 06:10:48 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2352,8 +2352,7 @@ client_input_hostkeys(void) /* Check that the key is accepted in HostkeyAlgorithms */ if (options.hostkeyalgorithms != NULL && match_pattern_list(sshkey_ssh_name(key), - options.hostkeyalgorithms, - strlen(options.hostkeyalgorithms), 0) != 1) { + options.hostkeyalgorithms, 0) != 1) { debug3("%s: %s key not permitted by HostkeyAlgorithms", __func__, sshkey_ssh_name(key)); continue; diff --git a/compat.c b/compat.c index 7836a86be..337bbe01e 100644 --- a/compat.c +++ b/compat.c @@ -192,8 +192,7 @@ compat_datafellows(const char *version) /* process table, return first match */ for (i = 0; check[i].pat; i++) { - if (match_pattern_list(version, check[i].pat, - strlen(check[i].pat), 0) == 1) { + if (match_pattern_list(version, check[i].pat, 0) == 1) { debug("match: %s pat %s compat 0x%08x", version, check[i].pat, check[i].bugs); datafellows = check[i].bugs; /* XXX for now */ @@ -251,7 +250,7 @@ filter_proposal(char *proposal, const char *filter) buffer_init(&b); tmp = orig_prop = xstrdup(proposal); while ((cp = strsep(&tmp, ",")) != NULL) { - if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) { + if (match_pattern_list(cp, filter, 0) != 1) { if (buffer_len(&b) > 0) buffer_append(&b, ",", 1); buffer_append(&b, cp, strlen(cp)); diff --git a/groupaccess.c b/groupaccess.c index 4fca04471..2518c8487 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.c,v 1.15 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: groupaccess.c,v 1.16 2015/05/04 06:10:48 djm Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -97,11 +97,9 @@ int ga_match_pattern_list(const char *group_pattern) { int i, found = 0; - size_t len = strlen(group_pattern); for (i = 0; i < ngroups; i++) { - switch (match_pattern_list(groups_byname[i], - group_pattern, len, 0)) { + switch (match_pattern_list(groups_byname[i], group_pattern, 0)) { case -1: return 0; /* Negated match wins */ case 0: diff --git a/hostfile.c b/hostfile.c index d9fdcb872..2850a4793 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.65 2015/03/31 22:57:06 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.66 2015/05/04 06:10:48 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -663,7 +663,7 @@ match_maybe_hashed(const char *host, const char *names, int *was_hashed) return nlen == strlen(hashed_host) && strncmp(hashed_host, names, nlen) == 0; } - return match_hostname(host, names, nlen) == 1; + return match_hostname(host, names) == 1; } int diff --git a/match.c b/match.c index c35e32896..913b6bae0 100644 --- a/match.c +++ b/match.c @@ -1,4 +1,4 @@ -/* $OpenBSD: match.c,v 1.29 2013/11/20 20:54:10 deraadt Exp $ */ +/* $OpenBSD: match.c,v 1.30 2015/05/04 06:10:48 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -115,15 +115,13 @@ match_pattern(const char *s, const char *pattern) * indicate negation). Returns -1 if negation matches, 1 if there is * a positive match, 0 if there is no match at all. */ - int -match_pattern_list(const char *string, const char *pattern, u_int len, - int dolower) +match_pattern_list(const char *string, const char *pattern, int dolower) { char sub[1024]; int negated; int got_positive; - u_int i, subi; + u_int i, subi, len = strlen(pattern); got_positive = 0; for (i = 0; i < len;) { @@ -177,9 +175,9 @@ match_pattern_list(const char *string, const char *pattern, u_int len, * a positive match, 0 if there is no match at all. */ int -match_hostname(const char *host, const char *pattern, u_int len) +match_hostname(const char *host, const char *pattern) { - return match_pattern_list(host, pattern, len, 1); + return match_pattern_list(host, pattern, 1); } /* @@ -200,7 +198,7 @@ match_host_and_ip(const char *host, const char *ipaddr, return 0; /* negative hostname match */ - if ((mhost = match_hostname(host, patterns, strlen(patterns))) == -1) + if ((mhost = match_hostname(host, patterns)) == -1) return 0; /* no match at all */ if (mhost == 0 && mip == 0) diff --git a/match.h b/match.h index 3d7f70fc0..db97ca8f7 100644 --- a/match.h +++ b/match.h @@ -1,4 +1,4 @@ -/* $OpenBSD: match.h,v 1.15 2010/02/26 20:29:54 djm Exp $ */ +/* $OpenBSD: match.h,v 1.16 2015/05/04 06:10:48 djm Exp $ */ /* * Author: Tatu Ylonen @@ -15,8 +15,8 @@ #define MATCH_H int match_pattern(const char *, const char *); -int match_pattern_list(const char *, const char *, u_int, int); -int match_hostname(const char *, const char *, u_int); +int match_pattern_list(const char *, const char *, int); +int match_hostname(const char *, const char *); int match_host_and_ip(const char *, const char *, const char *); int match_user(const char *, const char *, const char *, const char *); char *match_list(const char *, const char *, u_int *); diff --git a/monitor.c b/monitor.c index 6908a0a6b..d0ee4f7a6 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.147 2015/04/27 01:52:30 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.149 2015/05/04 06:10:48 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1215,9 +1215,9 @@ mm_answer_keyallowed(int sock, Buffer *m) allowed = options.pubkey_authentication && !auth2_userkey_already_used(authctxt, key) && match_pattern_list(sshkey_ssh_name(key), - options.pubkey_key_types, - strlen(options.pubkey_key_types), 0) == 1 && - user_key_allowed(authctxt->pw, key); + options.pubkey_key_types, 0) == 1 && + user_key_allowed(authctxt->pw, key, + pubkey_auth_attempt); pubkey_auth_info(authctxt, key, NULL); auth_method = "publickey"; if (options.pubkey_authentication && allowed != 1) @@ -1226,8 +1226,7 @@ mm_answer_keyallowed(int sock, Buffer *m) case MM_HOSTKEY: allowed = options.hostbased_authentication && match_pattern_list(sshkey_ssh_name(key), - options.hostbased_key_types, - strlen(options.hostbased_key_types), 0) == 1 && + options.hostbased_key_types, 0) == 1 && hostbased_key_allowed(authctxt->pw, cuser, chost, key); pubkey_auth_info(authctxt, key, diff --git a/readconf.c b/readconf.c index 66090e305..f40ec8f22 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.234 2015/04/24 01:36:00 deraadt Exp $ */ +/* $OpenBSD: readconf.c,v 1.235 2015/05/04 06:10:48 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -492,7 +492,6 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria; const char *ruser; int r, port, this_result, result = 1, attributes = 0, negate; - size_t len; char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; /* @@ -545,25 +544,24 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, result = -1; goto out; } - len = strlen(arg); if (strcasecmp(attrib, "host") == 0) { criteria = xstrdup(host); - r = match_hostname(host, arg, len) == 1; + r = match_hostname(host, arg) == 1; if (r == (negate ? 1 : 0)) this_result = result = 0; } else if (strcasecmp(attrib, "originalhost") == 0) { criteria = xstrdup(original_host); - r = match_hostname(original_host, arg, len) == 1; + r = match_hostname(original_host, arg) == 1; if (r == (negate ? 1 : 0)) this_result = result = 0; } else if (strcasecmp(attrib, "user") == 0) { criteria = xstrdup(ruser); - r = match_pattern_list(ruser, arg, len, 0) == 1; + r = match_pattern_list(ruser, arg, 0) == 1; if (r == (negate ? 1 : 0)) this_result = result = 0; } else if (strcasecmp(attrib, "localuser") == 0) { criteria = xstrdup(pw->pw_name); - r = match_pattern_list(pw->pw_name, arg, len, 0) == 1; + r = match_pattern_list(pw->pw_name, arg, 0) == 1; if (r == (negate ? 1 : 0)) this_result = result = 0; } else if (strcasecmp(attrib, "exec") == 0) { @@ -665,8 +663,8 @@ parse_token(const char *cp, const char *filename, int linenum, for (i = 0; keywords[i].name; i++) if (strcmp(cp, keywords[i].name) == 0) return keywords[i].opcode; - if (ignored_unknown != NULL && match_pattern_list(cp, ignored_unknown, - strlen(ignored_unknown), 1) == 1) + if (ignored_unknown != NULL && + match_pattern_list(cp, ignored_unknown, 1) == 1) return oIgnoredUnknownOption; error("%s: line %d: Bad configuration option: %s", filename, linenum, cp); diff --git a/servconf.c b/servconf.c index 29457b833..c0291947b 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,4 @@ - -/* $OpenBSD: servconf.c,v 1.266 2015/04/29 03:48:56 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.269 2015/05/04 06:10:48 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -754,7 +753,6 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) { int result = 1, attributes = 0, port; char *arg, *attrib, *cp = *condition; - size_t len; if (ci == NULL) debug3("checking syntax for 'Match %s'", cp); @@ -781,13 +779,12 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) error("Missing Match criteria for %s", attrib); return -1; } - len = strlen(arg); if (strcasecmp(attrib, "user") == 0) { if (ci == NULL || ci->user == NULL) { result = 0; continue; } - if (match_pattern_list(ci->user, arg, len, 0) != 1) + if (match_pattern_list(ci->user, arg, 0) != 1) result = 0; else debug("user %.100s matched 'User %.100s' at " @@ -808,7 +805,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) result = 0; continue; } - if (match_hostname(ci->host, arg, len) != 1) + if (match_hostname(ci->host, arg) != 1) result = 0; else debug("connection from %.100s matched 'Host " diff --git a/ssh.c b/ssh.c index ae4092544..3fd5a941f 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.417 2015/04/17 13:16:48 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.418 2015/05/04 06:10:48 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -356,10 +356,8 @@ check_follow_cname(char **namep, const char *cname) debug3("%s: check \"%s\" CNAME \"%s\"", __func__, *namep, cname); for (i = 0; i < options.num_permitted_cnames; i++) { rule = options.permitted_cnames + i; - if (match_pattern_list(*namep, rule->source_list, - strlen(rule->source_list), 1) != 1 || - match_pattern_list(cname, rule->target_list, - strlen(rule->target_list), 1) != 1) + if (match_pattern_list(*namep, rule->source_list, 1) != 1 || + match_pattern_list(cname, rule->target_list, 1) != 1) continue; verbose("Canonicalized DNS aliased hostname " "\"%s\" => \"%s\"", *namep, cname); diff --git a/sshconnect2.c b/sshconnect2.c index ba56f6433..fcaed6b01 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.223 2015/01/30 11:43:14 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.224 2015/05/04 06:10:48 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1610,8 +1610,7 @@ userauth_hostbased(Authctxt *authctxt) continue; if (match_pattern_list( sshkey_ssh_name(authctxt->sensitive->keys[i]), - authctxt->active_ktype, - strlen(authctxt->active_ktype), 0) != 1) + authctxt->active_ktype, 0) != 1) continue; /* we take and free the key */ private = authctxt->sensitive->keys[i]; diff --git a/sshkey.c b/sshkey.c index a36004671..83985ca54 100644 --- a/sshkey.c +++ b/sshkey.c @@ -251,7 +251,7 @@ sshkey_names_valid2(const char *names, int allow_wildcard) if (kt->type == KEY_RSA1) continue; if (match_pattern_list(kt->name, - p, strlen(p), 0) != 0) + p, 0) != 0) break; } if (kt->type != -1) -- cgit v1.2.3 From 179be0f5e62f1f492462571944e45a3da660d82b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 1 May 2015 03:23:51 +0000 Subject: upstream commit prevent authorized_keys options picked up on public key tests without a corresponding private key authentication being applied to other authentication methods. Reported by halex@, ok markus@ --- auth.h | 2 +- auth2-pubkey.c | 6 +++--- monitor.c | 6 ++++-- monitor_wrap.c | 15 +++++++++------ monitor_wrap.h | 6 +++--- 5 files changed, 20 insertions(+), 15 deletions(-) (limited to 'monitor.c') diff --git a/auth.h b/auth.h index cc4086b36..8b27575b0 100644 --- a/auth.h +++ b/auth.h @@ -126,7 +126,7 @@ int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); -int user_key_allowed(struct passwd *, Key *); +int user_key_allowed(struct passwd *, Key *, int); void pubkey_auth_info(Authctxt *, const Key *, const char *, ...) __attribute__((__format__ (printf, 3, 4))); void auth2_record_userkey(Authctxt *, struct sshkey *); diff --git a/auth2-pubkey.c b/auth2-pubkey.c index e103b70af..f96e843c2 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -169,7 +169,7 @@ userauth_pubkey(Authctxt *authctxt) /* test for correct signature */ authenticated = 0; - if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && + if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) && PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b))) == 1) { authenticated = 1; @@ -191,7 +191,7 @@ userauth_pubkey(Authctxt *authctxt) * if a user is not allowed to login. is this an * issue? -markus */ - if (PRIVSEP(user_key_allowed(authctxt->pw, key))) { + if (PRIVSEP(user_key_allowed(authctxt->pw, key, 0))) { packet_start(SSH2_MSG_USERAUTH_PK_OK); packet_put_string(pkalg, alen); packet_put_string(pkblob, blen); @@ -671,7 +671,7 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key) * Check whether key authenticates and authorises the user. */ int -user_key_allowed(struct passwd *pw, Key *key) +user_key_allowed(struct passwd *pw, Key *key, int auth_attempt) { u_int success, i; char *file; diff --git a/monitor.c b/monitor.c index d0ee4f7a6..f520c978f 100644 --- a/monitor.c +++ b/monitor.c @@ -1185,7 +1185,7 @@ mm_answer_keyallowed(int sock, Buffer *m) Key *key; char *cuser, *chost; u_char *blob; - u_int bloblen; + u_int bloblen, pubkey_auth_attempt; enum mm_keytype type = 0; int allowed = 0; @@ -1195,6 +1195,7 @@ mm_answer_keyallowed(int sock, Buffer *m) cuser = buffer_get_string(m, NULL); chost = buffer_get_string(m, NULL); blob = buffer_get_string(m, &bloblen); + pubkey_auth_attempt = buffer_get_int(m); key = key_from_blob(blob, bloblen); @@ -1220,7 +1221,8 @@ mm_answer_keyallowed(int sock, Buffer *m) pubkey_auth_attempt); pubkey_auth_info(authctxt, key, NULL); auth_method = "publickey"; - if (options.pubkey_authentication && allowed != 1) + if (options.pubkey_authentication && + (!pubkey_auth_attempt || allowed != 1)) auth_clear_options(); break; case MM_HOSTKEY: diff --git a/monitor_wrap.c b/monitor_wrap.c index d39d491c2..e6217b3d4 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.84 2015/02/16 22:13:32 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.85 2015/05/01 03:23:51 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -371,16 +371,17 @@ mm_auth_password(Authctxt *authctxt, char *password) } int -mm_user_key_allowed(struct passwd *pw, Key *key) +mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt) { - return (mm_key_allowed(MM_USERKEY, NULL, NULL, key)); + return (mm_key_allowed(MM_USERKEY, NULL, NULL, key, + pubkey_auth_attempt)); } int mm_hostbased_key_allowed(struct passwd *pw, char *user, char *host, Key *key) { - return (mm_key_allowed(MM_HOSTKEY, user, host, key)); + return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); } int @@ -390,13 +391,14 @@ mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user, int ret; key->type = KEY_RSA; /* XXX hack for key_to_blob */ - ret = mm_key_allowed(MM_RSAHOSTKEY, user, host, key); + ret = mm_key_allowed(MM_RSAHOSTKEY, user, host, key, 0); key->type = KEY_RSA1; return (ret); } int -mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) +mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key, + int pubkey_auth_attempt) { Buffer m; u_char *blob; @@ -414,6 +416,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) buffer_put_cstring(&m, user ? user : ""); buffer_put_cstring(&m, host ? host : ""); buffer_put_string(&m, blob, len); + buffer_put_int(&m, pubkey_auth_attempt); free(blob); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); diff --git a/monitor_wrap.h b/monitor_wrap.h index e18784ac4..de4a08f99 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.26 2015/02/16 22:13:32 djm Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.27 2015/05/01 03:23:51 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -45,8 +45,8 @@ void mm_inform_authserv(char *, char *); struct passwd *mm_getpwnamallow(const char *); char *mm_auth2_read_banner(void); int mm_auth_password(struct Authctxt *, char *); -int mm_key_allowed(enum mm_keytype, char *, char *, Key *); -int mm_user_key_allowed(struct passwd *, Key *); +int mm_key_allowed(enum mm_keytype, char *, char *, Key *, int); +int mm_user_key_allowed(struct passwd *, Key *, int); int mm_hostbased_key_allowed(struct passwd *, char *, char *, Key *); int mm_auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int); -- cgit v1.2.3 From 9488538a726951e82b3a4374f3c558d72c80a89b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Jun 2015 23:42:16 +0000 Subject: upstream commit Don't count successful partial authentication as failures in monitor; this may have caused the monitor to refuse multiple authentications that would otherwise have successfully completed; ok markus@ Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3 --- monitor.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index f520c978f..b4109657e 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.149 2015/05/04 06:10:48 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.150 2015/06/22 23:42:16 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -404,7 +404,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(authctxt, authenticated, partial, auth_method, auth_submethod); - if (!authenticated) + if (!partial && !authenticated) authctxt->failures++; } } -- cgit v1.2.3