[openssh.git] / auth2.c

/*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *      This product includes software developed by Markus Friedl.
 * 4. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
#include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.5 2000/05/01 23:13:39 djm Exp $");

#include <openssl/dsa.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>

#include "xmalloc.h"
#include "rsa.h"
#include "ssh.h"
#include "pty.h"
#include "packet.h"
#include "buffer.h"
#include "cipher.h"
#include "servconf.h"
#include "compat.h"
#include "channels.h"
#include "bufaux.h"
#include "ssh2.h"
#include "auth.h"
#include "session.h"
#include "dispatch.h"
#include "auth.h"
#include "key.h"
#include "kex.h"

#include "dsa.h"
#include "uidswap.h"

/* import */
extern ServerOptions options;
extern unsigned char *session_id2;
extern int session_id2_len;

/* protocol */

void	input_service_request(int type, int plen);
void	input_userauth_request(int type, int plen);
void	protocol_error(int type, int plen);

/* auth */
int	ssh2_auth_none(struct passwd *pw);
int	ssh2_auth_password(struct passwd *pw);
int	ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen);

/* helper */
struct passwd*	 auth_set_user(char *u, char *s);
int	user_dsa_key_allowed(struct passwd *pw, Key *key);

typedef struct Authctxt Authctxt;
struct Authctxt {
	char *user;
	char *service;
	struct passwd pw;
	int valid;
};
static Authctxt	*authctxt = NULL;
static int userauth_success = 0;

/*
 * loop until userauth_success == TRUE
 */

void
do_authentication2()
{
	/* turn off skey/kerberos, not supported by SSH2 */
#ifdef SKEY
	options.skey_authentication = 0;
#endif
#ifdef KRB4
	options.kerberos_authentication = 0;
#endif

	dispatch_init(&protocol_error);
	dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
	dispatch_run(DISPATCH_BLOCK, &userauth_success);
	do_authenticated2();
}

void
protocol_error(int type, int plen)
{
	log("auth: protocol error: type %d plen %d", type, plen);
	packet_start(SSH2_MSG_UNIMPLEMENTED);
	packet_put_int(0);
	packet_send();
	packet_write_wait();
}

void
input_service_request(int type, int plen)
{
	unsigned int len;
	int accept = 0;
	char *service = packet_get_string(&len);
	packet_done();

	if (strcmp(service, "ssh-userauth") == 0) {
		if (!userauth_success) {
			accept = 1;
			/* now we can handle user-auth requests */
			dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request);
		}
	}
	/* XXX all other service requests are denied */

	if (accept) {
		packet_start(SSH2_MSG_SERVICE_ACCEPT);
		packet_put_cstring(service);
		packet_send();
		packet_write_wait();
	} else {
		debug("bad service request %s", service);
		packet_disconnect("bad service request %s", service);
	}
	xfree(service);
}

void
input_userauth_request(int type, int plen)
{
	static void (*authlog) (const char *fmt,...) = verbose;
	static int attempt = 0;
	unsigned int len, rlen;
	int authenticated = 0;
	char *raw, *user, *service, *method, *authmsg = NULL;
	struct passwd *pw;

	if (++attempt == AUTH_FAIL_MAX)
		packet_disconnect("too many failed userauth_requests");

	raw = packet_get_raw(&rlen);
	if (plen != rlen)
		fatal("plen != rlen");
	user = packet_get_string(&len);
	service = packet_get_string(&len);
	method = packet_get_string(&len);
	debug("userauth-request for user %s service %s method %s", user, service, method);

	/* XXX we only allow the ssh-connection service */
	pw = auth_set_user(user, service);
	if (pw && strcmp(service, "ssh-connection")==0) {
		if (strcmp(method, "none") == 0) {
			authenticated =	ssh2_auth_none(pw);
		} else if (strcmp(method, "password") == 0) {
			authenticated =	ssh2_auth_password(pw);
		} else if (strcmp(method, "publickey") == 0) {
			authenticated =	ssh2_auth_pubkey(pw, raw, rlen);
		}
	}
	if (authenticated && pw && pw->pw_uid == 0 && !options.permit_root_login) {
		authenticated = 0;
		log("ROOT LOGIN REFUSED FROM %.200s",
		    get_canonical_hostname());
	}

#ifdef USE_PAM
		if (authenticated && !do_pam_account(pw->pw_name, NULL))
			authenticated = 0;
#endif /* USE_PAM */

	/* XXX todo: check if multiple auth methods are needed */
	if (authenticated == 1) {
		authmsg = "Accepted";
		/* turn off userauth */
		dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
		packet_start(SSH2_MSG_USERAUTH_SUCCESS);
		packet_send();
		packet_write_wait();
		/* now we can break out */
		userauth_success = 1;
	} else if (authenticated == 0) {
		authmsg = "Failed";
		packet_start(SSH2_MSG_USERAUTH_FAILURE);
		packet_put_cstring("publickey,password");	/* XXX dynamic */
		packet_put_char(0);				/* XXX partial success, unused */
		packet_send();
		packet_write_wait();
	} else {
		authmsg = "Postponed";
	}
	/* Raise logging level */
	if (authenticated == 1||
	    attempt == AUTH_FAIL_LOG ||
	    strcmp(method, "password") == 0)
		authlog = log;

	authlog("%s %s for %.200s from %.200s port %d ssh2",
		authmsg,
		method,
		pw && pw->pw_uid == 0 ? "ROOT" : user,
		get_remote_ipaddr(),
		get_remote_port());

	xfree(service);
	xfree(user);
	xfree(method);
}

int
ssh2_auth_none(struct passwd *pw)
{
	packet_done();
#ifdef USE_PAM
	return auth_pam_password(pw, "");
#else /* USE_PAM */
	return auth_password(pw, "");
#endif /* USE_PAM */
}
int
ssh2_auth_password(struct passwd *pw)
{
	char *password;
	int authenticated = 0;
	int change;
	unsigned int len;
	change = packet_get_char();
	if (change)
		log("password change not supported");
	password = packet_get_string(&len);
	packet_done();
	if (options.password_authentication &&
#ifdef USE_PAM
	    auth_pam_password(pw, password) == 1)
#else /* USE_PAM */
	    auth_password(pw, password) == 1)
#endif /* USE_PAM */
		authenticated = 1;
	memset(password, 0, len);
	xfree(password);
	return authenticated;
}
int
ssh2_auth_pubkey(struct passwd *pw, unsigned char *raw, unsigned int rlen)
{
	Buffer b;
	Key *key;
	char *pkalg, *pkblob, *sig;
	unsigned int alen, blen, slen;
	int have_sig;
	int authenticated = 0;

	if (options.rsa_authentication == 0) {
		debug("pubkey auth disabled");
		return 0;
	}
	have_sig = packet_get_char();
	pkalg = packet_get_string(&alen);
	if (strcmp(pkalg, KEX_DSS) != 0) {
		xfree(pkalg);
		log("bad pkalg %s", pkalg);	/*XXX*/
		return 0;
	}
	pkblob = packet_get_string(&blen);
	key = dsa_key_from_blob(pkblob, blen);
	if (key != NULL) {
		if (have_sig) {
			sig = packet_get_string(&slen);
			packet_done();
			buffer_init(&b);
			buffer_append(&b, session_id2, session_id2_len);
			buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
			if (slen + 4 > rlen)
				fatal("bad rlen/slen");
			buffer_append(&b, raw, rlen - slen - 4);
#ifdef DEBUG_DSS
			buffer_dump(&b);
#endif
			/* test for correct signature */
			if (user_dsa_key_allowed(pw, key) &&
			    dsa_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1)
				authenticated = 1;
			buffer_clear(&b);
			xfree(sig);
		} else {
			packet_done();
			debug("test key...");
			/* test whether pkalg/pkblob are acceptable */
			/* XXX fake reply and always send PK_OK ? */
			if (user_dsa_key_allowed(pw, key)) {
				packet_start(SSH2_MSG_USERAUTH_PK_OK);
				packet_put_string(pkalg, alen);
				packet_put_string(pkblob, blen);
				packet_send();
				packet_write_wait();
				authenticated = -1;
			}
		}
		key_free(key);
	}
	xfree(pkalg);
	xfree(pkblob);
	return authenticated;
}

/* set and get current user */

struct passwd*
auth_get_user(void)
{
	return (authctxt != NULL && authctxt->valid) ? &authctxt->pw : NULL;
}

struct passwd*
auth_set_user(char *u, char *s)
{
	struct passwd *pw, *copy;

	if (authctxt == NULL) {
		authctxt = xmalloc(sizeof(*authctxt));
		authctxt->valid = 0;
		authctxt->user = xstrdup(u);
		authctxt->service = xstrdup(s);
		setproctitle("%s", u);
		pw = getpwnam(u);
		if (!pw || !allowed_user(pw)) {
			log("auth_set_user: illegal user %s", u);
			return NULL;
		}
#ifdef USE_PAM
		start_pam(pw);
#endif
		copy = &authctxt->pw;
		memset(copy, 0, sizeof(*copy));
		copy->pw_name = xstrdup(pw->pw_name);
		copy->pw_passwd = xstrdup(pw->pw_passwd);
		copy->pw_uid = pw->pw_uid;
		copy->pw_gid = pw->pw_gid;
		copy->pw_dir = xstrdup(pw->pw_dir);
		copy->pw_shell = xstrdup(pw->pw_shell);
		authctxt->valid = 1;
	} else {
		if (strcmp(u, authctxt->user) != 0 ||
		    strcmp(s, authctxt->service) != 0) {
			log("auth_set_user: missmatch: (%s,%s)!=(%s,%s)",
			    u, s, authctxt->user, authctxt->service);
			return NULL;
		}
	}
	return auth_get_user();
}

/* return 1 if user allows given key */
int
user_dsa_key_allowed(struct passwd *pw, Key *key)
{
	char line[8192], file[1024];
	int found_key = 0;
	unsigned int bits = -1;
	FILE *f;
	unsigned long linenum = 0;
	struct stat st;
	Key *found;

	/* Temporarily use the user's uid. */
	temporarily_use_uid(pw->pw_uid);

	/* The authorized keys. */
	snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir,
	    SSH_USER_PERMITTED_KEYS2);

	/* Fail quietly if file does not exist */
	if (stat(file, &st) < 0) {
		/* Restore the privileged uid. */
		restore_uid();
		return 0;
	}
	/* Open the file containing the authorized keys. */
	f = fopen(file, "r");
	if (!f) {
		/* Restore the privileged uid. */
		restore_uid();
		return 0;
	}
	if (options.strict_modes) {
		int fail = 0;
		char buf[1024];
		/* Check open file in order to avoid open/stat races */
		if (fstat(fileno(f), &st) < 0 ||
		    (st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
		    (st.st_mode & 022) != 0) {
			snprintf(buf, sizeof buf, "DSA authentication refused for %.100s: "
			    "bad ownership or modes for '%s'.", pw->pw_name, file);
			fail = 1;
		} else {
			/* Check path to SSH_USER_PERMITTED_KEYS */
			int i;
			static const char *check[] = {
				"", SSH_USER_DIR, NULL
			};
			for (i = 0; check[i]; i++) {
				snprintf(line, sizeof line, "%.500s/%.100s",
				    pw->pw_dir, check[i]);
				if (stat(line, &st) < 0 ||
				    (st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
				    (st.st_mode & 022) != 0) {
					snprintf(buf, sizeof buf,
					    "DSA authentication refused for %.100s: "
					    "bad ownership or modes for '%s'.",
					    pw->pw_name, line);
					fail = 1;
					break;
				}
			}
		}
		if (fail) {
			log(buf);
			fclose(f);
			restore_uid();
			return 0;
		}
	}
	found_key = 0;
	found = key_new(KEY_DSA);

	while (fgets(line, sizeof(line), f)) {
		char *cp;
		linenum++;
		/* Skip leading whitespace, empty and comment lines. */
		for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
			;
		if (!*cp || *cp == '\n' || *cp == '#')
			continue;
		bits = key_read(found, &cp);
		if (bits == 0)
			continue;
		if (key_equal(found, key)) {
			found_key = 1;
			debug("matching key found: file %s, line %ld",
			    file, linenum);
			break;
		}
	}
	restore_uid();
	fclose(f);
	key_free(found);
	return found_key;
}
Commit	Line	Data
a306f2dd	1	/*
	2	* Copyright (c) 2000 Markus Friedl. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	* 1. Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* 2. Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	* 3. All advertising materials mentioning features or use of this software
	13	* must display the following acknowledgement:
	14	* This product includes software developed by Markus Friedl.
	15	* 4. The name of the author may not be used to endorse or promote products
	16	* derived from this software without specific prior written permission.
	17	*
	18	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	19	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	20	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	21	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	22	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	23	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	24	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	25	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	26	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	27	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	28	*/
	29	#include "includes.h"
0fbe8c74	30	RCSID("$OpenBSD: auth2.c,v 1.5 2000/05/01 23:13:39 djm Exp $");
a306f2dd	31
	32	#include <openssl/dsa.h>
	33	#include <openssl/rsa.h>
	34	#include <openssl/evp.h>
	35
	36	#include "xmalloc.h"
	37	#include "rsa.h"
	38	#include "ssh.h"
	39	#include "pty.h"
	40	#include "packet.h"
	41	#include "buffer.h"
	42	#include "cipher.h"
	43	#include "servconf.h"
	44	#include "compat.h"
	45	#include "channels.h"
	46	#include "bufaux.h"
	47	#include "ssh2.h"
	48	#include "auth.h"
	49	#include "session.h"
	50	#include "dispatch.h"
	51	#include "auth.h"
	52	#include "key.h"
	53	#include "kex.h"
	54
	55	#include "dsa.h"
	56	#include "uidswap.h"
	57
	58	/* import */
	59	extern ServerOptions options;
	60	extern unsigned char *session_id2;
	61	extern int session_id2_len;
	62
	63	/* protocol */
	64
	65	void input_service_request(int type, int plen);
	66	void input_userauth_request(int type, int plen);
	67	void protocol_error(int type, int plen);
	68
	69	/* auth */
	70	int ssh2_auth_none(struct passwd *pw);
	71	int ssh2_auth_password(struct passwd *pw);
	72	int ssh2_auth_pubkey(struct passwd pw, unsigned char raw, unsigned int rlen);
	73
	74	/* helper */
	75	struct passwd* auth_set_user(char u, char s);
	76	int user_dsa_key_allowed(struct passwd pw, Key key);
	77
	78	typedef struct Authctxt Authctxt;
	79	struct Authctxt {
	80	char *user;
	81	char *service;
	82	struct passwd pw;
	83	int valid;
	84	};
	85	static Authctxt *authctxt = NULL;
	86	static int userauth_success = 0;
	87
	88	/*
	89	* loop until userauth_success == TRUE
	90	*/
	91
	92	void
	93	do_authentication2()
	94	{
3189621b	95	/* turn off skey/kerberos, not supported by SSH2 */
8cb940db	96	#ifdef SKEY
3189621b	97	options.skey_authentication = 0;
8cb940db	98	#endif
8cb940db	99	#ifdef KRB4
3189621b	100	options.kerberos_authentication = 0;
8cb940db	101	#endif
3189621b	102
a306f2dd	103	dispatch_init(&protocol_error);
	104	dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
	105	dispatch_run(DISPATCH_BLOCK, &userauth_success);
	106	do_authenticated2();
	107	}
	108
	109	void
	110	protocol_error(int type, int plen)
	111	{
	112	log("auth: protocol error: type %d plen %d", type, plen);
	113	packet_start(SSH2_MSG_UNIMPLEMENTED);
	114	packet_put_int(0);
	115	packet_send();
	116	packet_write_wait();
	117	}
	118
	119	void
	120	input_service_request(int type, int plen)
	121	{
	122	unsigned int len;
	123	int accept = 0;
	124	char *service = packet_get_string(&len);
	125	packet_done();
	126
	127	if (strcmp(service, "ssh-userauth") == 0) {
	128	if (!userauth_success) {
	129	accept = 1;
	130	/* now we can handle user-auth requests */
	131	dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request);
	132	}
	133	}
	134	/* XXX all other service requests are denied */
	135
	136	if (accept) {
	137	packet_start(SSH2_MSG_SERVICE_ACCEPT);
	138	packet_put_cstring(service);
	139	packet_send();
	140	packet_write_wait();
	141	} else {
	142	debug("bad service request %s", service);
	143	packet_disconnect("bad service request %s", service);
	144	}
	145	xfree(service);
	146	}
	147
	148	void
	149	input_userauth_request(int type, int plen)
	150	{
	151	static void (authlog) (const char fmt,...) = verbose;
	152	static int attempt = 0;
	153	unsigned int len, rlen;
	154	int authenticated = 0;
	155	char raw, user, service, method, *authmsg = NULL;
	156	struct passwd *pw;
	157
	158	if (++attempt == AUTH_FAIL_MAX)
	159	packet_disconnect("too many failed userauth_requests");
	160
	161	raw = packet_get_raw(&rlen);
	162	if (plen != rlen)
	163	fatal("plen != rlen");
	164	user = packet_get_string(&len);
	165	service = packet_get_string(&len);
	166	method = packet_get_string(&len);
167	debug("userauth-request for user %s service %s method %s", user, service, method);
168
169	/* XXX we only allow the ssh-connection service */
170	pw = auth_set_user(user, service);
171	if (pw && strcmp(service, "ssh-connection")==0) {
172	if (strcmp(method, "none") == 0) {
173	authenticated = ssh2_auth_none(pw);
174	} else if (strcmp(method, "password") == 0) {
175	authenticated = ssh2_auth_password(pw);
176	} else if (strcmp(method, "publickey") == 0) {
177	authenticated = ssh2_auth_pubkey(pw, raw, rlen);
178	}
179	}
180	if (authenticated && pw && pw->pw_uid == 0 && !options.permit_root_login) {
181	authenticated = 0;
182	log("ROOT LOGIN REFUSED FROM %.200s",
183	get_canonical_hostname());
184	}
185
186	#ifdef USE_PAM
187	if (authenticated && !do_pam_account(pw->pw_name, NULL))
188	authenticated = 0;
189	#endif /* USE_PAM */
190
191	/* XXX todo: check if multiple auth methods are needed */
192	if (authenticated == 1) {
193	authmsg = "Accepted";
194	/* turn off userauth */
195	dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
196	packet_start(SSH2_MSG_USERAUTH_SUCCESS);
197	packet_send();
198	packet_write_wait();
199	/* now we can break out */
200	userauth_success = 1;
201	} else if (authenticated == 0) {
202	authmsg = "Failed";
203	packet_start(SSH2_MSG_USERAUTH_FAILURE);
204	packet_put_cstring("publickey,password"); /* XXX dynamic */
205	packet_put_char(0); /* XXX partial success, unused */
206	packet_send();
207	packet_write_wait();
208	} else {
209	authmsg = "Postponed";
210	}
211	/* Raise logging level */
212	if (authenticated == 1\|\|
213	attempt == AUTH_FAIL_LOG \|\|
214	strcmp(method, "password") == 0)
215	authlog = log;
216
217	authlog("%s %s for %.200s from %.200s port %d ssh2",
218	authmsg,
219	method,
220	pw && pw->pw_uid == 0 ? "ROOT" : user,
221	get_remote_ipaddr(),
222	get_remote_port());
223
224	xfree(service);
225	xfree(user);
226	xfree(method);
227	}
228
229	int
230	ssh2_auth_none(struct passwd *pw)
231	{
232	packet_done();
233	#ifdef USE_PAM
234	return auth_pam_password(pw, "");
235	#else /* USE_PAM */
236	return auth_password(pw, "");
237	#endif /* USE_PAM */
238	}
239	int
240	ssh2_auth_password(struct passwd *pw)
241	{
242	char *password;
243	int authenticated = 0;
244	int change;
245	unsigned int len;
246	change = packet_get_char();
247	if (change)
248	log("password change not supported");
249	password = packet_get_string(&len);
250	packet_done();
251	if (options.password_authentication &&
252	#ifdef USE_PAM
253	auth_pam_password(pw, password) == 1)
254	#else /* USE_PAM */
255	auth_password(pw, password) == 1)
256	#endif /* USE_PAM */
257	authenticated = 1;
258	memset(password, 0, len);
259	xfree(password);
260	return authenticated;
261	}
262	int
263	ssh2_auth_pubkey(struct passwd pw, unsigned char raw, unsigned int rlen)
264	{
265	Buffer b;
266	Key *key;
267	char pkalg, pkblob, *sig;
268	unsigned int alen, blen, slen;
269	int have_sig;
270	int authenticated = 0;
271
272	if (options.rsa_authentication == 0) {
273	debug("pubkey auth disabled");
274	return 0;
275	}
276	have_sig = packet_get_char();
277	pkalg = packet_get_string(&alen);
278	if (strcmp(pkalg, KEX_DSS) != 0) {
279	xfree(pkalg);
280	log("bad pkalg %s", pkalg); /XXX/
281	return 0;
282	}
283	pkblob = packet_get_string(&blen);
284	key = dsa_key_from_blob(pkblob, blen);
285	if (key != NULL) {
286	if (have_sig) {
287	sig = packet_get_string(&slen);
288	packet_done();
289	buffer_init(&b);
290	buffer_append(&b, session_id2, session_id2_len);
291	buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
292	if (slen + 4 > rlen)
293	fatal("bad rlen/slen");
294	buffer_append(&b, raw, rlen - slen - 4);
295	#ifdef DEBUG_DSS
296	buffer_dump(&b);
297	#endif
298	/* test for correct signature */
299	if (user_dsa_key_allowed(pw, key) &&
300	dsa_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1)
301	authenticated = 1;
302	buffer_clear(&b);
303	xfree(sig);
304	} else {
305	packet_done();
306	debug("test key...");
307	/* test whether pkalg/pkblob are acceptable */
308	/* XXX fake reply and always send PK_OK ? */
309	if (user_dsa_key_allowed(pw, key)) {
310	packet_start(SSH2_MSG_USERAUTH_PK_OK);
311	packet_put_string(pkalg, alen);
312	packet_put_string(pkblob, blen);
313	packet_send();
314	packet_write_wait();
315	authenticated = -1;
316	}
317	}
318	key_free(key);
319	}
320	xfree(pkalg);
321	xfree(pkblob);
322	return authenticated;
323	}
324
325	/* set and get current user */
326
327	struct passwd*
328	auth_get_user(void)
329	{
330	return (authctxt != NULL && authctxt->valid) ? &authctxt->pw : NULL;
331	}
332
333	struct passwd*
334	auth_set_user(char u, char s)
335	{
336	struct passwd pw, copy;
337
338	if (authctxt == NULL) {
339	authctxt = xmalloc(sizeof(*authctxt));
340	authctxt->valid = 0;
341	authctxt->user = xstrdup(u);
342	authctxt->service = xstrdup(s);
343	setproctitle("%s", u);
344	pw = getpwnam(u);
345	if (!pw \|\| !allowed_user(pw)) {
346	log("auth_set_user: illegal user %s", u);
347	return NULL;
348	}
349	#ifdef USE_PAM
350	start_pam(pw);
351	#endif
352	copy = &authctxt->pw;
353	memset(copy, 0, sizeof(*copy));
354	copy->pw_name = xstrdup(pw->pw_name);
355	copy->pw_passwd = xstrdup(pw->pw_passwd);
356	copy->pw_uid = pw->pw_uid;
357	copy->pw_gid = pw->pw_gid;
358	copy->pw_dir = xstrdup(pw->pw_dir);
359	copy->pw_shell = xstrdup(pw->pw_shell);
360	authctxt->valid = 1;
361	} else {
362	if (strcmp(u, authctxt->user) != 0 \|\|
363	strcmp(s, authctxt->service) != 0) {
364	log("auth_set_user: missmatch: (%s,%s)!=(%s,%s)",
365	u, s, authctxt->user, authctxt->service);
366	return NULL;
367	}
368	}
369	return auth_get_user();
370	}
371
372	/* return 1 if user allows given key */
373	int
374	user_dsa_key_allowed(struct passwd pw, Key key)
375	{
376	char line[8192], file[1024];
377	int found_key = 0;
378	unsigned int bits = -1;
379	FILE *f;
380	unsigned long linenum = 0;
381	struct stat st;
382	Key *found;
383
384	/* Temporarily use the user's uid. */
385	temporarily_use_uid(pw->pw_uid);
386
387	/* The authorized keys. */
388	snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir,
389	SSH_USER_PERMITTED_KEYS2);
390
391	/* Fail quietly if file does not exist */
392	if (stat(file, &st) < 0) {
393	/* Restore the privileged uid. */
394	restore_uid();
395	return 0;
396	}
397	/* Open the file containing the authorized keys. */
398	f = fopen(file, "r");
399	if (!f) {
400	/* Restore the privileged uid. */
401	restore_uid();
402	return 0;
403	}
404	if (options.strict_modes) {
405	int fail = 0;
406	char buf[1024];
407	/* Check open file in order to avoid open/stat races */
408	if (fstat(fileno(f), &st) < 0 \|\|
409	(st.st_uid != 0 && st.st_uid != pw->pw_uid) \|\|
410	(st.st_mode & 022) != 0) {
411	snprintf(buf, sizeof buf, "DSA authentication refused for %.100s: "
412	"bad ownership or modes for '%s'.", pw->pw_name, file);
413	fail = 1;
414	} else {
415	/* Check path to SSH_USER_PERMITTED_KEYS */
416	int i;
417	static const char *check[] = {
418	"", SSH_USER_DIR, NULL
419	};
420	for (i = 0; check[i]; i++) {
421	snprintf(line, sizeof line, "%.500s/%.100s",
422	pw->pw_dir, check[i]);
423	if (stat(line, &st) < 0 \|\|
424	(st.st_uid != 0 && st.st_uid != pw->pw_uid) \|\|
425	(st.st_mode & 022) != 0) {
426	snprintf(buf, sizeof buf,
427	"DSA authentication refused for %.100s: "
428	"bad ownership or modes for '%s'.",
429	pw->pw_name, line);
430	fail = 1;
431	break;
432	}
433	}
434	}
435	if (fail) {
436	log(buf);
437	fclose(f);
438	restore_uid();
439	return 0;
440	}
441	}
442	found_key = 0;
443	found = key_new(KEY_DSA);
444
445	while (fgets(line, sizeof(line), f)) {
446	char *cp;
447	linenum++;
448	/* Skip leading whitespace, empty and comment lines. */
449	for (cp = line; cp == ' ' \|\| cp == '\t'; cp++)
450	;
451	if (!cp \|\| cp == '\n' \|\| *cp == '#')
452	continue;
453	bits = key_read(found, &cp);
454	if (bits == 0)
455	continue;
456	if (key_equal(found, key)) {
457	found_key = 1;
458	debug("matching key found: file %s, line %ld",
459	file, linenum);
460	break;
461	}
462	}
463	restore_uid();
464	fclose(f);
465	key_free(found);
466	return found_key;
467	}