[gssapi-openssh.git] / openssh / auth1.c

/*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 */

#include "includes.h"
RCSID("$OpenBSD: auth1.c,v 1.40 2002/04/10 08:21:47 markus Exp $");

#include "xmalloc.h"
#include "rsa.h"
#include "ssh1.h"
#include "dispatch.h"
#include "packet.h"
#include "buffer.h"
#include "mpaux.h"
#include "log.h"
#include "servconf.h"
#include "compat.h"
#include "auth.h"
#include "channels.h"
#include "session.h"
#include "uidswap.h"
#include "monitor_wrap.h"

/* import */
extern ServerOptions options;

#ifdef GSSAPI
#ifdef GSI
#include "globus_gss_assist.h"
#endif

int     userauth_gssapi(Authctxt *authctxt);

void
auth1_gss_protocol_error(int type, u_int32_t plen, void *ctxt)
{
  Authctxt *authctxt = ctxt;
  /* Other side told us to abort, dont need to tell him */ 
  /* maybe we can us some other method. */
  if (type == SSH_MSG_AUTH_GSSAPI_ABORT) {
      log("auth1: GSSAPI aborting");
      dispatch_set(SSH_MSG_AUTH_GSSAPI_TOKEN, NULL);
      authctxt->success = 1; /* get out of loop*/
      return;
  }

  log("auth1: protocol error: type %d plen %d", type, plen);
  packet_disconnect("Protocol error during GSSAPI authentication: "
          "Unknown packet type %d", type);
}

/*
 * SSH1 GSSAPI clients may send us a user name of the form:
 *
 *   (1) username:x:SSL Subject Name
 *     or
 *   (2) username:i:SSL Subject Name
 *     or
 *   (3) username
 *
 *  if case 1, then uname is an explicit name (ssh -l uname). Keep this
 *  name always, rewrite the user parameter to be just uname. We'll pull
 *  the GSSAPI idenity out and deal with (or skip it) later.
 *  
 *  if case 2, then uname is implicit (user didn't use the -l option), so
 *  use the default gridmap mapping and replace uname with whatever
 *  the gridmap maps to. If the gridmap mapping fails, drop down
 *  to just uname
 *  
 *  if case 3, then leave it be.
 *
 *  This function may return the original pointer to the orginal string,
 *  the original pointer to a modified string, or a completely new pointer.
 */
static char *
ssh1_gssapi_parse_userstring(char *userstring)
{
  char name_type = '\0';	/* explicit 'x' or implicit 'i' */
  char *ssl_subject_name = NULL;
  char *delim = NULL;

  debug("Looking at username '%s' for gssapi-ssleay type name", userstring);
  if((delim = strchr(userstring, ':')) != NULL) {
      /* Parse and split into components */
      ssl_subject_name = strchr(delim + 1, ':');

      if (ssl_subject_name) {
	/* Successful parse, split into components */
	*delim = '\0';
	name_type = *(delim + 1);
	*ssl_subject_name = '\0';
	ssl_subject_name++;

	debug("Name parsed. type = '%c'. ssl subject name is \"%s\"",
	      name_type, ssl_subject_name);

      } else {

	debug("Don't understand name format. Letting it pass.");
      }	
  }	

#ifdef GSI
  if(ssl_subject_name) {
    char *gridmapped_name = NULL;
    switch (name_type) {
    case 'x':
      debug("explicit name given, using %s as username", userstring);
      break;

    case 'i':
      /* gridmap check */
      debug("implicit name given. gridmapping '%s'", ssl_subject_name);

      if(globus_gss_assist_gridmap(ssl_subject_name,
				     &gridmapped_name) == 0) {
	userstring = gridmapped_name;
	debug("I gridmapped and got %s", userstring);

      } else {
	debug("I gridmapped and got null, reverting to %s", userstring);
      }
      break;

    default:
      debug("Unknown name type '%c'. Ignoring.", name_type);
      break;
    }
  } else {
    debug("didn't find any :'s so I assume it's just a user name");
  }
#endif /* GSI */

  return userstring;
}
#endif

/*
 * convert ssh auth msg type into description
 */
static char *
get_authname(int type)
{
	static char buf[1024];
	switch (type) {
	case SSH_CMSG_AUTH_PASSWORD:
		return "password";
	case SSH_CMSG_AUTH_RSA:
		return "rsa";
	case SSH_CMSG_AUTH_RHOSTS_RSA:
		return "rhosts-rsa";
	case SSH_CMSG_AUTH_RHOSTS:
		return "rhosts";
	case SSH_CMSG_AUTH_TIS:
	case SSH_CMSG_AUTH_TIS_RESPONSE:
		return "challenge-response";
#if defined(KRB4) || defined(KRB5)
	case SSH_CMSG_AUTH_KERBEROS:
		return "kerberos";
#endif
#if defined(GSSAPI)
	case SSH_CMSG_AUTH_GSSAPI:
	    	return "gssapi";
#endif
	}
	snprintf(buf, sizeof buf, "bad-auth-msg-%d", type);
	return buf;
}

/*
 * read packets, try to authenticate the user and
 * return only if authentication is successful
 */
static void
do_authloop(Authctxt *authctxt)
{
	int authenticated = 0;
	u_int bits;
	Key *client_host_key;
	BIGNUM *n;
	char *client_user, *password;
	char info[1024];
	u_int dlen;
	u_int ulen;
	int type = 0;
	struct passwd *pw = authctxt->pw;

	debug("Attempting authentication for %s%.100s.",
	    authctxt->valid ? "" : "illegal user ", authctxt->user);

	/* If the user has no password, accept authentication immediately. */
	if (options.password_authentication &&
#if defined(KRB4) || defined(KRB5)
	    (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
#endif
	    PRIVSEP(auth_password(authctxt, ""))) {
		auth_log(authctxt, 1, "without authentication", "");
		return;
	}

	/* Indicate that authentication is needed. */
	packet_start(SSH_SMSG_FAILURE);
	packet_send();
	packet_write_wait();

	client_user = NULL;

	for (;;) {
		/* default to fail */
		authenticated = 0;

		info[0] = '\0';

		/* Get a packet from the client. */
		type = packet_read();

		/* Process the packet. */
		switch (type) {

#if defined(KRB4) || defined(KRB5)
		case SSH_CMSG_AUTH_KERBEROS:
			if (!options.kerberos_authentication) {
				verbose("Kerberos authentication disabled.");
			} else {
				char *kdata = packet_get_string(&dlen);
				packet_check_eom();

				if (kdata[0] == 4) { /* KRB_PROT_VERSION */
#ifdef KRB4
					KTEXT_ST tkt;

					tkt.length = dlen;
					if (tkt.length < MAX_KTXT_LEN)
						memcpy(tkt.dat, kdata, tkt.length);

					if (auth_krb4(authctxt, &tkt, &client_user)) {
						authenticated = 1;
						snprintf(info, sizeof(info),
						    " tktuser %.100s",
						    client_user);
					}
#endif /* KRB4 */
				} else {
#ifdef KRB5
					krb5_data tkt;
					tkt.length = dlen;
					tkt.data = kdata;

					if (auth_krb5(authctxt, &tkt, &client_user)) {
						authenticated = 1;
						snprintf(info, sizeof(info),
						    " tktuser %.100s",
						    client_user);
					}
#endif /* KRB5 */
				}
				xfree(kdata);
			}
			break;
#endif /* KRB4 || KRB5 */

#ifdef GSSAPI
		case SSH_CMSG_AUTH_GSSAPI:
			if (!options.gss_authentication) {
				verbose("GSSAPI authentication disabled.");
				break;
			}
			/*
			* GSSAPI was first added to ssh1 in ssh-1.2.27, and
			* was added to the SecurtCRT product. In order
			* to continue operating with these, we will add
			* the equivelent GSSAPI support to SSH1. 
			* Will use the gssapi routines from the ssh2 as
			* they are almost identical. But they use dispatch
			* so we need to setup the dispatch tables here 
			* auth1.c for use only by the gssapi code. 
			* Since we already have the packet, we will call
			* userauth_gssapi then start the dispatch loop.
			*/
			if (!authctxt->valid) {
			packet_disconnect("Authentication rejected for invalid user");
			}
			dispatch_init(&auth1_gss_protocol_error);
			userauth_gssapi(authctxt);
			dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
			if (authctxt->postponed) { /* failed, try other methods */
				authctxt->success = 0;
				authctxt->postponed = 0;
				break;
			}
			do_authenticated(authctxt);
			/* will only return if authenticated */
			authenticated = 1;
			break;
#endif /* GSSAPI */
			
#if defined(AFS) || defined(KRB5)
			/* XXX - punt on backward compatibility here. */
		case SSH_CMSG_HAVE_KERBEROS_TGT:
			packet_send_debug("Kerberos TGT passing disabled before authentication.");
			break;
#ifdef AFS
		case SSH_CMSG_HAVE_AFS_TOKEN:
			packet_send_debug("AFS token passing disabled before authentication.");
			break;
#endif /* AFS */
#endif /* AFS || KRB5 */

		case SSH_CMSG_AUTH_RHOSTS:
			if (!options.rhosts_authentication) {
				verbose("Rhosts authentication disabled.");
				break;
			}
			/*
			 * Get client user name.  Note that we just have to
			 * trust the client; this is one reason why rhosts
			 * authentication is insecure. (Another is
			 * IP-spoofing on a local network.)
			 */
			client_user = packet_get_string(&ulen);
			packet_check_eom();

			/* Try to authenticate using /etc/hosts.equiv and .rhosts. */
			authenticated = auth_rhosts(pw, client_user);

			snprintf(info, sizeof info, " ruser %.100s", client_user);
			break;

		case SSH_CMSG_AUTH_RHOSTS_RSA:
			if (!options.rhosts_rsa_authentication) {
				verbose("Rhosts with RSA authentication disabled.");
				break;
			}
			/*
			 * Get client user name.  Note that we just have to
			 * trust the client; root on the client machine can
			 * claim to be any user.
			 */
			client_user = packet_get_string(&ulen);

			/* Get the client host key. */
			client_host_key = key_new(KEY_RSA1);
			bits = packet_get_int();
			packet_get_bignum(client_host_key->rsa->e);
			packet_get_bignum(client_host_key->rsa->n);

			if (bits != BN_num_bits(client_host_key->rsa->n))
				verbose("Warning: keysize mismatch for client_host_key: "
				    "actual %d, announced %d",
				     BN_num_bits(client_host_key->rsa->n), bits);
			packet_check_eom();

			authenticated = auth_rhosts_rsa(pw, client_user,
			    client_host_key);
			key_free(client_host_key);

			snprintf(info, sizeof info, " ruser %.100s", client_user);
			break;

		case SSH_CMSG_AUTH_RSA:
			if (!options.rsa_authentication) {
				verbose("RSA authentication disabled.");
				break;
			}
			/* RSA authentication requested. */
			if ((n = BN_new()) == NULL)
				fatal("do_authloop: BN_new failed");
			packet_get_bignum(n);
			packet_check_eom();
			authenticated = auth_rsa(pw, n);
			BN_clear_free(n);
			break;

		case SSH_CMSG_AUTH_PASSWORD:
			if (!options.password_authentication) {
				verbose("Password authentication disabled.");
				break;
			}
			/*
			 * Read user password.  It is in plain text, but was
			 * transmitted over the encrypted channel so it is
			 * not visible to an outside observer.
			 */
			password = packet_get_string(&dlen);
			packet_check_eom();

			/* Try authentication with the password. */
			authenticated = PRIVSEP(auth_password(authctxt, password));

			memset(password, 0, strlen(password));
			xfree(password);
			break;

		case SSH_CMSG_AUTH_TIS:
			debug("rcvd SSH_CMSG_AUTH_TIS");
			if (options.challenge_response_authentication == 1) {
				char *challenge = get_challenge(authctxt);
				if (challenge != NULL) {
					debug("sending challenge '%s'", challenge);
					packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
					packet_put_cstring(challenge);
					xfree(challenge);
					packet_send();
					packet_write_wait();
					continue;
				}
			}
			break;
		case SSH_CMSG_AUTH_TIS_RESPONSE:
			debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE");
			if (options.challenge_response_authentication == 1) {
				char *response = packet_get_string(&dlen);
				debug("got response '%s'", response);
				packet_check_eom();
				authenticated = verify_response(authctxt, response);
				memset(response, 'r', dlen);
				xfree(response);
			}
			break;

		default:
			/*
			 * Any unknown messages will be ignored (and failure
			 * returned) during authentication.
			 */
			log("Unknown message during authentication: type %d", type);
			break;
		}
#ifdef BSD_AUTH
		if (authctxt->as) {
			auth_close(authctxt->as);
			authctxt->as = NULL;
		}
#endif
		if (!authctxt->valid && authenticated)
			fatal("INTERNAL ERROR: authenticated invalid user %s",
			    authctxt->user);

#ifdef HAVE_CYGWIN
		if (authenticated &&
		    !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) {
			packet_disconnect("Authentication rejected for uid %d.",
			pw == NULL ? -1 : pw->pw_uid);
			authenticated = 0;
		}
#else
		/* Special handling for root */
		if (authenticated && authctxt->pw->pw_uid == 0 &&
		    !auth_root_allowed(get_authname(type)))
			authenticated = 0;
#endif
#ifdef USE_PAM
		if (!use_privsep && authenticated && 
		    !do_pam_account(pw->pw_name, client_user))
			authenticated = 0;
#endif

		/* Log before sending the reply */
		auth_log(authctxt, authenticated, get_authname(type), info);

		if (client_user != NULL) {
			xfree(client_user);
			client_user = NULL;
		}

		if (authenticated)
			return;

		if (authctxt->failures++ > AUTH_FAIL_MAX) {
#ifdef WITH_AIXAUTHENTICATE
			loginfailed(authctxt->user,
			    get_canonical_hostname(options.verify_reverse_mapping),
			    "ssh");
#endif /* WITH_AIXAUTHENTICATE */
			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
		}

		packet_start(SSH_SMSG_FAILURE);
		packet_send();
		packet_write_wait();
	}
}

/*
 * Performs authentication of an incoming connection.  Session key has already
 * been exchanged and encryption is enabled.
 */
Authctxt *
do_authentication(void)
{
	Authctxt *authctxt;
	u_int ulen;
	char *user, *style = NULL;

	/* Get the name of the user that we wish to log in as. */
	packet_read_expect(SSH_CMSG_USER);

	/* Get the user name. */
	user = packet_get_string(&ulen);
	packet_check_eom();

#ifdef GSSAPI
	/* Parse GSSAPI identity from userstring */
	user = ssh1_gssapi_parse_userstring(user);
#endif /* GSSAPI */

	if ((style = strchr(user, ':')) != NULL)
		*style++ = '\0';

#ifdef KRB5
	/* XXX - SSH.com Kerberos v5 braindeath. */
	if ((datafellows & SSH_BUG_K5USER) &&
	    options.kerberos_authentication) {
		char *p;
		if ((p = strchr(user, '@')) != NULL)
			*p = '\0';
	}
#endif

	authctxt = authctxt_new();
	authctxt->user = user;
	authctxt->style = style;

	/* Verify that the user is a valid user. */
	if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL)
		authctxt->valid = 1;
	else
		debug("do_authentication: illegal user %s", user);

	setproctitle("%s%s", authctxt->pw ? user : "unknown",
	    use_privsep ? " [net]" : "");

#ifdef USE_PAM
	PRIVSEP(start_pam(authctxt->pw == NULL ? "NOUSER" : user));
#endif

	/*
	 * If we are not running as root, the user must have the same uid as
	 * the server. (Unless you are running Windows)
	 */
#ifndef HAVE_CYGWIN
	if (!use_privsep && getuid() != 0 && authctxt->pw &&
	    authctxt->pw->pw_uid != getuid())
		packet_disconnect("Cannot change user when server not running as root.");
#endif

	/*
	 * Loop until the user has been authenticated or the connection is
	 * closed, do_authloop() returns only if authentication is successful
	 */
	do_authloop(authctxt);

	/* The user has been authenticated and accepted. */
	packet_start(SSH_SMSG_SUCCESS);
	packet_send();
	packet_write_wait();

	return (authctxt);
}
Commit	Line	Data
3c0ef626	1	/*
	2	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	3	* All rights reserved
	4	*
	5	* As far as I am concerned, the code I have written for this software
	6	* can be used freely for any purpose. Any derived versions of this
	7	* software must be clearly marked as such, and if the derived work is
	8	* incompatible with the protocol description in the RFC file, it must be
	9	* called by a name other than "ssh" or "Secure Shell".
	10	*/
	11
	12	#include "includes.h"
510132b6	13	RCSID("$OpenBSD: auth1.c,v 1.40 2002/04/10 08:21:47 markus Exp $");
3c0ef626	14
	15	#include "xmalloc.h"
	16	#include "rsa.h"
	17	#include "ssh1.h"
099f4607	18	#include "dispatch.h"
3c0ef626	19	#include "packet.h"
	20	#include "buffer.h"
	21	#include "mpaux.h"
	22	#include "log.h"
	23	#include "servconf.h"
	24	#include "compat.h"
	25	#include "auth.h"
1e608e42	26	#include "channels.h"
3c0ef626	27	#include "session.h"
3c0ef626	28	#include "uidswap.h"
510132b6	29	#include "monitor_wrap.h"
3c0ef626	30
	31	/* import */
	32	extern ServerOptions options;
	33
099f4607	34	#ifdef GSSAPI
feefe038	35	#ifdef GSI
	36	#include "globus_gss_assist.h"
	37	#endif
	38
755621a1	39	int userauth_gssapi(Authctxt *authctxt);
755621a1	40
099f4607	41	void
	42	auth1_gss_protocol_error(int type, u_int32_t plen, void *ctxt)
	43	{
	44	Authctxt *authctxt = ctxt;
	45	/* Other side told us to abort, dont need to tell him */
	46	/* maybe we can us some other method. */
	47	if (type == SSH_MSG_AUTH_GSSAPI_ABORT) {
	48	log("auth1: GSSAPI aborting");
	49	dispatch_set(SSH_MSG_AUTH_GSSAPI_TOKEN, NULL);
	50	authctxt->success = 1; /* get out of loop*/
	51	return;
	52	}
	53
	54	log("auth1: protocol error: type %d plen %d", type, plen);
	55	packet_disconnect("Protocol error during GSSAPI authentication: "
	56	"Unknown packet type %d", type);
	57	}
755621a1	58
	59	/*
	60	* SSH1 GSSAPI clients may send us a user name of the form:
	61	*
	62	* (1) username:x:SSL Subject Name
	63	* or
	64	* (2) username:i:SSL Subject Name
	65	* or
	66	* (3) username
	67	*
	68	* if case 1, then uname is an explicit name (ssh -l uname). Keep this
	69	* name always, rewrite the user parameter to be just uname. We'll pull
	70	* the GSSAPI idenity out and deal with (or skip it) later.
	71	*
	72	* if case 2, then uname is implicit (user didn't use the -l option), so
	73	* use the default gridmap mapping and replace uname with whatever
	74	* the gridmap maps to. If the gridmap mapping fails, drop down
	75	* to just uname
	76	*
	77	* if case 3, then leave it be.
	78	*
	79	* This function may return the original pointer to the orginal string,
	80	* the original pointer to a modified string, or a completely new pointer.
	81	*/
	82	static char *
	83	ssh1_gssapi_parse_userstring(char *userstring)
	84	{
	85	char name_type = '\0'; /* explicit 'x' or implicit 'i' */
	86	char *ssl_subject_name = NULL;
	87	char *delim = NULL;
	88
	89	debug("Looking at username '%s' for gssapi-ssleay type name", userstring);
	90	if((delim = strchr(userstring, ':')) != NULL) {
	91	/* Parse and split into components */
	92	ssl_subject_name = strchr(delim + 1, ':');
	93
	94	if (ssl_subject_name) {
	95	/* Successful parse, split into components */
	96	*delim = '\0';
	97	name_type = *(delim + 1);
	98	*ssl_subject_name = '\0';
	99	ssl_subject_name++;
	100
	101	debug("Name parsed. type = '%c'. ssl subject name is \"%s\"",
	102	name_type, ssl_subject_name);
	103
	104	} else {
	105
	106	debug("Don't understand name format. Letting it pass.");
	107	}
	108	}
	109
	110	#ifdef GSI
	111	if(ssl_subject_name) {
	112	char *gridmapped_name = NULL;
	113	switch (name_type) {
	114	case 'x':
	115	debug("explicit name given, using %s as username", userstring);
	116	break;
	117
	118	case 'i':
	119	/* gridmap check */
	120	debug("implicit name given. gridmapping '%s'", ssl_subject_name);
	121
122	if(globus_gss_assist_gridmap(ssl_subject_name,
123	&gridmapped_name) == 0) {
124	userstring = gridmapped_name;
125	debug("I gridmapped and got %s", userstring);
126
127	} else {
128	debug("I gridmapped and got null, reverting to %s", userstring);
129	}
130	break;
131
132	default:
133	debug("Unknown name type '%c'. Ignoring.", name_type);
134	break;
135	}
136	} else {
137	debug("didn't find any :'s so I assume it's just a user name");
138	}
139	#endif /* GSI */
140
141	return userstring;
142	}
099f4607	143	#endif
099f4607	144
3c0ef626	145	/*
	146	* convert ssh auth msg type into description
	147	*/
	148	static char *
	149	get_authname(int type)
	150	{
	151	static char buf[1024];
	152	switch (type) {
	153	case SSH_CMSG_AUTH_PASSWORD:
	154	return "password";
	155	case SSH_CMSG_AUTH_RSA:
	156	return "rsa";
	157	case SSH_CMSG_AUTH_RHOSTS_RSA:
	158	return "rhosts-rsa";
	159	case SSH_CMSG_AUTH_RHOSTS:
	160	return "rhosts";
	161	case SSH_CMSG_AUTH_TIS:
	162	case SSH_CMSG_AUTH_TIS_RESPONSE:
	163	return "challenge-response";
	164	#if defined(KRB4) \|\| defined(KRB5)
	165	case SSH_CMSG_AUTH_KERBEROS:
	166	return "kerberos";
099f4607	167	#endif
	168	#if defined(GSSAPI)
	169	case SSH_CMSG_AUTH_GSSAPI:
	170	return "gssapi";
3c0ef626	171	#endif
	172	}
	173	snprintf(buf, sizeof buf, "bad-auth-msg-%d", type);
	174	return buf;
	175	}
	176
	177	/*
	178	* read packets, try to authenticate the user and
	179	* return only if authentication is successful
	180	*/
	181	static void
	182	do_authloop(Authctxt *authctxt)
	183	{
	184	int authenticated = 0;
	185	u_int bits;
1e608e42	186	Key *client_host_key;
3c0ef626	187	BIGNUM *n;
	188	char client_user, password;
	189	char info[1024];
	190	u_int dlen;
3c0ef626	191	u_int ulen;
	192	int type = 0;
	193	struct passwd *pw = authctxt->pw;
	194
	195	debug("Attempting authentication for %s%.100s.",
1e608e42	196	authctxt->valid ? "" : "illegal user ", authctxt->user);
3c0ef626	197
	198	/* If the user has no password, accept authentication immediately. */
	199	if (options.password_authentication &&
	200	#if defined(KRB4) \|\| defined(KRB5)
	201	(!options.kerberos_authentication \|\| options.kerberos_or_local_passwd) &&
	202	#endif
510132b6	203	PRIVSEP(auth_password(authctxt, ""))) {
3c0ef626	204	auth_log(authctxt, 1, "without authentication", "");
	205	return;
	206	}
	207
	208	/* Indicate that authentication is needed. */
	209	packet_start(SSH_SMSG_FAILURE);
	210	packet_send();
	211	packet_write_wait();
	212
	213	client_user = NULL;
	214
	215	for (;;) {
	216	/* default to fail */
	217	authenticated = 0;
	218
	219	info[0] = '\0';
	220
	221	/* Get a packet from the client. */
1e608e42	222	type = packet_read();
3c0ef626	223
	224	/* Process the packet. */
	225	switch (type) {
	226
	227	#if defined(KRB4) \|\| defined(KRB5)
	228	case SSH_CMSG_AUTH_KERBEROS:
	229	if (!options.kerberos_authentication) {
	230	verbose("Kerberos authentication disabled.");
	231	} else {
	232	char *kdata = packet_get_string(&dlen);
1e608e42	233	packet_check_eom();
1e608e42	234
3c0ef626	235	if (kdata[0] == 4) { /* KRB_PROT_VERSION */
	236	#ifdef KRB4
	237	KTEXT_ST tkt;
1e608e42	238
3c0ef626	239	tkt.length = dlen;
	240	if (tkt.length < MAX_KTXT_LEN)
	241	memcpy(tkt.dat, kdata, tkt.length);
1e608e42	242
3c0ef626	243	if (auth_krb4(authctxt, &tkt, &client_user)) {
	244	authenticated = 1;
	245	snprintf(info, sizeof(info),
	246	" tktuser %.100s",
	247	client_user);
	248	}
	249	#endif /* KRB4 */
	250	} else {
	251	#ifdef KRB5
	252	krb5_data tkt;
	253	tkt.length = dlen;
	254	tkt.data = kdata;
1e608e42	255
3c0ef626	256	if (auth_krb5(authctxt, &tkt, &client_user)) {
	257	authenticated = 1;
	258	snprintf(info, sizeof(info),
	259	" tktuser %.100s",
	260	client_user);
	261	}
	262	#endif /* KRB5 */
	263	}
	264	xfree(kdata);
	265	}
	266	break;
	267	#endif /* KRB4 \|\| KRB5 */
0b582e46	268
0b582e46	269	#ifdef GSSAPI
099f4607	270	case SSH_CMSG_AUTH_GSSAPI:
	271	if (!options.gss_authentication) {
	272	verbose("GSSAPI authentication disabled.");
	273	break;
	274	}
	275	/*
	276	* GSSAPI was first added to ssh1 in ssh-1.2.27, and
	277	* was added to the SecurtCRT product. In order
	278	* to continue operating with these, we will add
	279	* the equivelent GSSAPI support to SSH1.
	280	* Will use the gssapi routines from the ssh2 as
	281	* they are almost identical. But they use dispatch
	282	* so we need to setup the dispatch tables here
	283	* auth1.c for use only by the gssapi code.
	284	* Since we already have the packet, we will call
	285	* userauth_gssapi then start the dispatch loop.
	286	*/
	287	if (!authctxt->valid) {
	288	packet_disconnect("Authentication rejected for invalid user");
	289	}
	290	dispatch_init(&auth1_gss_protocol_error);
	291	userauth_gssapi(authctxt);
	292	dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
	293	if (authctxt->postponed) { /* failed, try other methods */
	294	authctxt->success = 0;
	295	authctxt->postponed = 0;
	296	break;
	297	}
	298	do_authenticated(authctxt);
	299	/* will only return if authenticated */
	300	authenticated = 1;
	301	break;
0b582e46	302	#endif /* GSSAPI */
3c0ef626	303
	304	#if defined(AFS) \|\| defined(KRB5)
	305	/* XXX - punt on backward compatibility here. */
	306	case SSH_CMSG_HAVE_KERBEROS_TGT:
	307	packet_send_debug("Kerberos TGT passing disabled before authentication.");
	308	break;
	309	#ifdef AFS
	310	case SSH_CMSG_HAVE_AFS_TOKEN:
	311	packet_send_debug("AFS token passing disabled before authentication.");
	312	break;
	313	#endif /* AFS */
	314	#endif /* AFS \|\| KRB5 */
1e608e42	315
3c0ef626	316	case SSH_CMSG_AUTH_RHOSTS:
	317	if (!options.rhosts_authentication) {
	318	verbose("Rhosts authentication disabled.");
	319	break;
	320	}
	321	/*
	322	* Get client user name. Note that we just have to
	323	* trust the client; this is one reason why rhosts
	324	* authentication is insecure. (Another is
	325	* IP-spoofing on a local network.)
	326	*/
	327	client_user = packet_get_string(&ulen);
1e608e42	328	packet_check_eom();
3c0ef626	329
	330	/* Try to authenticate using /etc/hosts.equiv and .rhosts. */
	331	authenticated = auth_rhosts(pw, client_user);
	332
	333	snprintf(info, sizeof info, " ruser %.100s", client_user);
	334	break;
	335
	336	case SSH_CMSG_AUTH_RHOSTS_RSA:
	337	if (!options.rhosts_rsa_authentication) {
	338	verbose("Rhosts with RSA authentication disabled.");
	339	break;
	340	}
	341	/*
	342	* Get client user name. Note that we just have to
	343	* trust the client; root on the client machine can
	344	* claim to be any user.
	345	*/
	346	client_user = packet_get_string(&ulen);
	347
	348	/* Get the client host key. */
1e608e42	349	client_host_key = key_new(KEY_RSA1);
3c0ef626	350	bits = packet_get_int();
1e608e42	351	packet_get_bignum(client_host_key->rsa->e);
1e608e42	352	packet_get_bignum(client_host_key->rsa->n);
3c0ef626	353
1e608e42	354	if (bits != BN_num_bits(client_host_key->rsa->n))
3c0ef626	355	verbose("Warning: keysize mismatch for client_host_key: "
1e608e42	356	"actual %d, announced %d",
	357	BN_num_bits(client_host_key->rsa->n), bits);
	358	packet_check_eom();
3c0ef626	359
1e608e42	360	authenticated = auth_rhosts_rsa(pw, client_user,
	361	client_host_key);
	362	key_free(client_host_key);
3c0ef626	363
	364	snprintf(info, sizeof info, " ruser %.100s", client_user);
	365	break;
	366
	367	case SSH_CMSG_AUTH_RSA:
	368	if (!options.rsa_authentication) {
	369	verbose("RSA authentication disabled.");
	370	break;
	371	}
	372	/* RSA authentication requested. */
1e608e42	373	if ((n = BN_new()) == NULL)
	374	fatal("do_authloop: BN_new failed");
	375	packet_get_bignum(n);
	376	packet_check_eom();
3c0ef626	377	authenticated = auth_rsa(pw, n);
	378	BN_clear_free(n);
	379	break;
	380
	381	case SSH_CMSG_AUTH_PASSWORD:
	382	if (!options.password_authentication) {
	383	verbose("Password authentication disabled.");
	384	break;
	385	}
	386	/*
	387	* Read user password. It is in plain text, but was
	388	* transmitted over the encrypted channel so it is
	389	* not visible to an outside observer.
	390	*/
	391	password = packet_get_string(&dlen);
1e608e42	392	packet_check_eom();
3c0ef626	393
3c0ef626	394	/* Try authentication with the password. */
510132b6	395	authenticated = PRIVSEP(auth_password(authctxt, password));
3c0ef626	396
	397	memset(password, 0, strlen(password));
	398	xfree(password);
	399	break;
	400
	401	case SSH_CMSG_AUTH_TIS:
	402	debug("rcvd SSH_CMSG_AUTH_TIS");
	403	if (options.challenge_response_authentication == 1) {
	404	char *challenge = get_challenge(authctxt);
	405	if (challenge != NULL) {
	406	debug("sending challenge '%s'", challenge);
	407	packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
	408	packet_put_cstring(challenge);
	409	xfree(challenge);
	410	packet_send();
	411	packet_write_wait();
	412	continue;
	413	}
	414	}
	415	break;
	416	case SSH_CMSG_AUTH_TIS_RESPONSE:
	417	debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE");
	418	if (options.challenge_response_authentication == 1) {
	419	char *response = packet_get_string(&dlen);
	420	debug("got response '%s'", response);
1e608e42	421	packet_check_eom();
3c0ef626	422	authenticated = verify_response(authctxt, response);
	423	memset(response, 'r', dlen);
	424	xfree(response);
	425	}
	426	break;
	427
	428	default:
	429	/*
	430	* Any unknown messages will be ignored (and failure
	431	* returned) during authentication.
	432	*/
	433	log("Unknown message during authentication: type %d", type);
	434	break;
	435	}
	436	#ifdef BSD_AUTH
	437	if (authctxt->as) {
	438	auth_close(authctxt->as);
	439	authctxt->as = NULL;
	440	}
	441	#endif
	442	if (!authctxt->valid && authenticated)
	443	fatal("INTERNAL ERROR: authenticated invalid user %s",
	444	authctxt->user);
	445
	446	#ifdef HAVE_CYGWIN
	447	if (authenticated &&
1e608e42	448	!check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) {
3c0ef626	449	packet_disconnect("Authentication rejected for uid %d.",
1e608e42	450	pw == NULL ? -1 : pw->pw_uid);
3c0ef626	451	authenticated = 0;
	452	}
	453	#else
	454	/* Special handling for root */
	455	if (authenticated && authctxt->pw->pw_uid == 0 &&
	456	!auth_root_allowed(get_authname(type)))
	457	authenticated = 0;
	458	#endif
	459	#ifdef USE_PAM
510132b6	460	if (!use_privsep && authenticated &&
510132b6	461	!do_pam_account(pw->pw_name, client_user))
3c0ef626	462	authenticated = 0;
	463	#endif
	464
	465	/* Log before sending the reply */
	466	auth_log(authctxt, authenticated, get_authname(type), info);
	467
	468	if (client_user != NULL) {
	469	xfree(client_user);
	470	client_user = NULL;
	471	}
	472
	473	if (authenticated)
	474	return;
	475
	476	if (authctxt->failures++ > AUTH_FAIL_MAX) {
	477	#ifdef WITH_AIXAUTHENTICATE
	478	loginfailed(authctxt->user,
1e608e42	479	get_canonical_hostname(options.verify_reverse_mapping),
3c0ef626	480	"ssh");
	481	#endif /* WITH_AIXAUTHENTICATE */
	482	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
	483	}
	484
	485	packet_start(SSH_SMSG_FAILURE);
	486	packet_send();
	487	packet_write_wait();
	488	}
	489	}
	490
	491	/*
	492	* Performs authentication of an incoming connection. Session key has already
	493	* been exchanged and encryption is enabled.
	494	*/
510132b6	495	Authctxt *
1e608e42	496	do_authentication(void)
3c0ef626	497	{
3c0ef626	498	Authctxt *authctxt;
3c0ef626	499	u_int ulen;
510132b6	500	char user, style = NULL;
3c0ef626	501
3c0ef626	502	/* Get the name of the user that we wish to log in as. */
1e608e42	503	packet_read_expect(SSH_CMSG_USER);
3c0ef626	504
	505	/* Get the user name. */
	506	user = packet_get_string(&ulen);
1e608e42	507	packet_check_eom();
3c0ef626	508
755621a1	509	#ifdef GSSAPI
96c41595	510	/* Parse GSSAPI identity from userstring */
96c41595	511	user = ssh1_gssapi_parse_userstring(user);
0b582e46	512	#endif /* GSSAPI */
3c0ef626	513
	514	if ((style = strchr(user, ':')) != NULL)
	515	*style++ = '\0';
	516
510132b6	517	#ifdef KRB5
3c0ef626	518	/* XXX - SSH.com Kerberos v5 braindeath. */
510132b6	519	if ((datafellows & SSH_BUG_K5USER) &&
	520	options.kerberos_authentication) {
	521	char *p;
	522	if ((p = strchr(user, '@')) != NULL)
	523	*p = '\0';
	524	}
	525	#endif
1e608e42	526
3c0ef626	527	authctxt = authctxt_new();
	528	authctxt->user = user;
	529	authctxt->style = style;
	530
	531	/* Verify that the user is a valid user. */
510132b6	532	if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL)
3c0ef626	533	authctxt->valid = 1;
510132b6	534	else
3c0ef626	535	debug("do_authentication: illegal user %s", user);
3c0ef626	536
510132b6	537	setproctitle("%s%s", authctxt->pw ? user : "unknown",
510132b6	538	use_privsep ? " [net]" : "");
3c0ef626	539
3c0ef626	540	#ifdef USE_PAM
510132b6	541	PRIVSEP(start_pam(authctxt->pw == NULL ? "NOUSER" : user));
3c0ef626	542	#endif
	543
	544	/*
	545	* If we are not running as root, the user must have the same uid as
	546	* the server. (Unless you are running Windows)
	547	*/
	548	#ifndef HAVE_CYGWIN
510132b6	549	if (!use_privsep && getuid() != 0 && authctxt->pw &&
510132b6	550	authctxt->pw->pw_uid != getuid())
3c0ef626	551	packet_disconnect("Cannot change user when server not running as root.");
	552	#endif
	553
	554	/*
	555	* Loop until the user has been authenticated or the connection is
	556	* closed, do_authloop() returns only if authentication is successful
	557	*/
	558	do_authloop(authctxt);
	559
	560	/* The user has been authenticated and accepted. */
	561	packet_start(SSH_SMSG_SUCCESS);
	562	packet_send();
	563	packet_write_wait();
	564
510132b6	565	return (authctxt);
3c0ef626	566	}