]> andersk Git - openssh.git/blame - sshd.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Clarify mailing list details
[openssh.git] / sshd.c
CommitLineData
8efc0c15 1/*
2
3sshd.c
4
5Author: Tatu Ylonen <ylo@cs.hut.fi>
6
7Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 All rights reserved
9
10Created: Fri Mar 17 17:09:28 1995 ylo
11
12This program is the ssh daemon. It listens for connections from clients, and
13performs authentication, executes use commands or shell, and forwards
14information to/from the application to the user client over an encrypted
15connection. This can also handle forwarding of X11, TCP/IP, and authentication
16agent connections.
17
18*/
19
20#include "includes.h"
21RCSID("$Id$");
22
23#include "xmalloc.h"
24#include "rsa.h"
25#include "ssh.h"
26#include "pty.h"
27#include "packet.h"
28#include "buffer.h"
29#include "cipher.h"
30#include "mpaux.h"
31#include "servconf.h"
32#include "uidswap.h"
33#include "compat.h"
34
f601d847 35#ifdef HAVE_MAILLOCK_H
36# include <maillock.h>
37#endif
38
8efc0c15 39#ifdef LIBWRAP
40#include <tcpd.h>
41#include <syslog.h>
42int allow_severity = LOG_INFO;
43int deny_severity = LOG_WARNING;
44#endif /* LIBWRAP */
45
46#ifndef O_NOCTTY
47#define O_NOCTTY 0
48#endif
49
8efc0c15 50/* Local Xauthority file. */
6a17f9c2 51static char *xauthfile = NULL;
8efc0c15 52
53/* Server configuration options. */
54ServerOptions options;
55
56/* Name of the server configuration file. */
57char *config_file_name = SERVER_CONFIG_FILE;
58
59/* Debug mode flag. This can be set on the command line. If debug
60 mode is enabled, extra debugging output will be sent to the system
61 log, the daemon will not go to background, and will exit after processing
62 the first connection. */
63int debug_flag = 0;
64
65/* Flag indicating that the daemon is being started from inetd. */
66int inetd_flag = 0;
67
6a17f9c2 68/* debug goes to stderr unless inetd_flag is set */
69int log_stderr = 0;
70
8efc0c15 71/* argv[0] without path. */
72char *av0;
73
74/* Saved arguments to main(). */
75char **saved_argv;
76
77/* This is set to the socket that the server is listening; this is used in
78 the SIGHUP signal handler. */
79int listen_sock;
80
81/* Flags set in auth-rsa from authorized_keys flags. These are set in
82 auth-rsa.c. */
83int no_port_forwarding_flag = 0;
84int no_agent_forwarding_flag = 0;
85int no_x11_forwarding_flag = 0;
86int no_pty_flag = 0;
87char *forced_command = NULL; /* RSA authentication "command=" option. */
88struct envstring *custom_environment = NULL;
89 /* RSA authentication "environment=" options. */
90
91/* Session id for the current session. */
92unsigned char session_id[16];
93
94/* Any really sensitive data in the application is contained in this structure.
95 The idea is that this structure could be locked into memory so that the
96 pages do not get written into swap. However, there are some problems.
97 The private key contains BIGNUMs, and we do not (in principle) have
98 access to the internals of them, and locking just the structure is not
99 very useful. Currently, memory locking is not implemented. */
100struct
101{
102 /* Private part of server key. */
103 RSA *private_key;
104
105 /* Private part of host key. */
106 RSA *host_key;
107} sensitive_data;
108
109/* Flag indicating whether the current session key has been used. This flag
110 is set whenever the key is used, and cleared when the key is regenerated. */
111int key_used = 0;
112
113/* This is set to true when SIGHUP is received. */
114int received_sighup = 0;
115
116/* Public side of the server key. This value is regenerated regularly with
117 the private key. */
118RSA *public_key;
119
120/* Prototypes for various functions defined later in this file. */
e7c0f9d5 121void do_connection();
122void do_authentication(char *user);
123void do_authloop(struct passwd *pw);
124void do_fake_authloop(char *user);
8efc0c15 125void do_authenticated(struct passwd *pw);
126void do_exec_pty(const char *command, int ptyfd, int ttyfd,
127 const char *ttyname, struct passwd *pw, const char *term,
128 const char *display, const char *auth_proto,
129 const char *auth_data);
130void do_exec_no_pty(const char *command, struct passwd *pw,
131 const char *display, const char *auth_proto,
132 const char *auth_data);
133void do_child(const char *command, struct passwd *pw, const char *term,
134 const char *display, const char *auth_proto,
135 const char *auth_data, const char *ttyname);
e7c0f9d5 136
5aecb327 137#ifdef HAVE_LIBPAM
8efc0c15 138static int pamconv(int num_msg, const struct pam_message **msg,
e7c0f9d5 139 struct pam_response **resp, void *appdata_ptr);
c75a1a66 140void do_pam_account_and_session(char *username, char *remote_user,
141 const char *remote_host);
d813bc69 142void pam_cleanup_proc(void *context);
8efc0c15 143
144static struct pam_conv conv = {
145 pamconv,
146 NULL
147};
d813bc69 148struct pam_handle_t *pamh = NULL;
149const char *pampasswd = NULL;
e1a9c08d 150char *pamconv_msg = NULL;
8efc0c15 151
152static int pamconv(int num_msg, const struct pam_message **msg,
153 struct pam_response **resp, void *appdata_ptr)
154{
155 int count = 0;
8efc0c15 156 struct pam_response *reply = NULL;
8efc0c15 157
d813bc69 158 /* PAM will free this later */
159 reply = malloc(num_msg * sizeof(*reply));
160 if (reply == NULL)
161 return PAM_CONV_ERR;
162
8efc0c15 163 for(count = 0; count < num_msg; count++)
164 {
165 switch (msg[count]->msg_style)
166 {
8efc0c15 167 case PAM_PROMPT_ECHO_OFF:
0183ea1c 168 if (pampasswd == NULL)
d813bc69 169 {
8efc0c15 170 free(reply);
d813bc69 171 return PAM_CONV_ERR;
172 }
173 reply[count].resp_retcode = PAM_SUCCESS;
174 reply[count].resp = xstrdup(pampasswd);
175 break;
176
177 case PAM_TEXT_INFO:
178 reply[count].resp_retcode = PAM_SUCCESS;
179 reply[count].resp = xstrdup("");
e1a9c08d 180
181 if (msg[count]->msg == NULL) break;
182 debug("Adding PAM message: %s", msg[count]->msg);
183 if (pamconv_msg == NULL)
184 {
185 pamconv_msg = malloc(strlen(msg[count]->msg) + 2);
186
187 if (pamconv_msg == NULL)
188 return PAM_CONV_ERR;
189
190 strncpy(pamconv_msg, msg[count]->msg, strlen(msg[count]->msg));
191 pamconv_msg[strlen(msg[count]->msg)] = '\n';
192 pamconv_msg[strlen(msg[count]->msg) + 1] = '\0';
193 } else
194 {
195 pamconv_msg = realloc(pamconv_msg, strlen(pamconv_msg) + strlen(msg[count]->msg) + 2);
196 strncat(pamconv_msg, msg[count]->msg, strlen(msg[count]->msg));
197 pamconv_msg[strlen(pamconv_msg)] = '\n';
198 pamconv_msg[strlen(pamconv_msg) + 1] = '\0';
199 }
d813bc69 200 break;
8efc0c15 201
d813bc69 202 case PAM_PROMPT_ECHO_ON:
203 case PAM_ERROR_MSG:
204 default:
205 free(reply);
206 return PAM_CONV_ERR;
207 }
8efc0c15 208 }
209
d813bc69 210 *resp = reply;
8efc0c15 211
212 return PAM_SUCCESS;
213}
214
215void pam_cleanup_proc(void *context)
216{
549b3eed 217 int pam_retval;
d813bc69 218
219 if (pamh != NULL)
220 {
549b3eed 221 pam_retval = pam_close_session((pam_handle_t *)pamh, 0);
222 if (pam_retval != PAM_SUCCESS)
223 {
224 log("Cannot close PAM session: %.200s",
225 pam_strerror((pam_handle_t *)pamh, pam_retval));
226 }
227
228 pam_retval = pam_end((pam_handle_t *)pamh, pam_retval);
229 if (pam_retval != PAM_SUCCESS)
230 {
231 log("Cannot release PAM authentication: %.200s",
232 pam_strerror((pam_handle_t *)pamh, pam_retval));
233 }
d813bc69 234 }
235}
236
c75a1a66 237void do_pam_account_and_session(char *username, char *remote_user,
238 const char *remote_host)
d813bc69 239{
549b3eed 240 int pam_retval;
241
242 if (remote_host != NULL)
d813bc69 243 {
549b3eed 244 debug("PAM setting rhost to \"%.200s\"", remote_host);
245 pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_RHOST, remote_host);
246 if (pam_retval != PAM_SUCCESS)
247 {
248 log("PAM set rhost failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
e7c0f9d5 249 do_fake_authloop(username);
549b3eed 250 }
0183ea1c 251 }
549b3eed 252
253 if (remote_user != NULL)
0183ea1c 254 {
549b3eed 255 debug("PAM setting ruser to \"%.200s\"", remote_user);
256 pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_RUSER, remote_user);
257 if (pam_retval != PAM_SUCCESS)
258 {
259 log("PAM set ruser failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
e7c0f9d5 260 do_fake_authloop(username);
549b3eed 261 }
0183ea1c 262 }
549b3eed 263
264 pam_retval = pam_acct_mgmt((pam_handle_t *)pamh, 0);
265 if (pam_retval != PAM_SUCCESS)
0183ea1c 266 {
549b3eed 267 log("PAM rejected by account configuration: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
e7c0f9d5 268 do_fake_authloop(username);
0183ea1c 269 }
d813bc69 270
549b3eed 271 pam_retval = pam_open_session((pam_handle_t *)pamh, 0);
272 if (pam_retval != PAM_SUCCESS)
d813bc69 273 {
549b3eed 274 log("PAM session setup failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
e7c0f9d5 275 do_fake_authloop(username);
d813bc69 276 }
8efc0c15 277}
5aecb327 278#endif /* HAVE_LIBPAM */
8efc0c15 279
280/* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP;
281 the effect is to reread the configuration file (and to regenerate
282 the server key). */
283
284void sighup_handler(int sig)
285{
286 received_sighup = 1;
287 signal(SIGHUP, sighup_handler);
288}
289
290/* Called from the main program after receiving SIGHUP. Restarts the
291 server. */
292
293void sighup_restart()
294{
295 log("Received SIGHUP; restarting.");
296 close(listen_sock);
297 execv(saved_argv[0], saved_argv);
298 log("RESTART FAILED: av0='%s', error: %s.", av0, strerror(errno));
299 exit(1);
300}
301
302/* Generic signal handler for terminating signals in the master daemon.
303 These close the listen socket; not closing it seems to cause "Address
304 already in use" problems on some machines, which is inconvenient. */
305
306void sigterm_handler(int sig)
307{
308 log("Received signal %d; terminating.", sig);
309 close(listen_sock);
310 exit(255);
311}
312
313/* SIGCHLD handler. This is called whenever a child dies. This will then
314 reap any zombies left by exited c. */
315
316void main_sigchld_handler(int sig)
317{
318 int save_errno = errno;
319 int status;
320 wait(&status);
321 signal(SIGCHLD, main_sigchld_handler);
322 errno = save_errno;
323}
324
325/* Signal handler for the alarm after the login grace period has expired. */
326
327void grace_alarm_handler(int sig)
328{
329 /* Close the connection. */
330 packet_close();
331
332 /* Log error and exit. */
333 fatal("Timeout before authentication.");
334}
335
336/* Signal handler for the key regeneration alarm. Note that this
337 alarm only occurs in the daemon waiting for connections, and it does not
338 do anything with the private key or random state before forking. Thus there
339 should be no concurrency control/asynchronous execution problems. */
340
341void key_regeneration_alarm(int sig)
342{
343 int save_errno = errno;
344
345 /* Check if we should generate a new key. */
346 if (key_used)
347 {
348 /* This should really be done in the background. */
349 log("Generating new %d bit RSA key.", options.server_key_bits);
350
351 if (sensitive_data.private_key != NULL)
352 RSA_free(sensitive_data.private_key);
353 sensitive_data.private_key = RSA_new();
354
355 if (public_key != NULL)
356 RSA_free(public_key);
357 public_key = RSA_new();
358
359 rsa_generate_key(sensitive_data.private_key, public_key,
360 options.server_key_bits);
361 arc4random_stir();
362 key_used = 0;
363 log("RSA key generation complete.");
364 }
365
366 /* Reschedule the alarm. */
367 signal(SIGALRM, key_regeneration_alarm);
368 alarm(options.key_regeneration_time);
369 errno = save_errno;
370}
371
372/* Main program for the daemon. */
373
374int
375main(int ac, char **av)
376{
377 extern char *optarg;
378 extern int optind;
379 int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1;
380 int remote_major, remote_minor;
381 int silentrsa = 0;
382 struct sockaddr_in sin;
383 char buf[100]; /* Must not be larger than remote_version. */
384 char remote_version[100]; /* Must be at least as big as buf. */
e7c0f9d5 385 int remote_port;
8efc0c15 386 char *comment;
387 FILE *f;
388 struct linger linger;
389
390 /* Save argv[0]. */
391 saved_argv = av;
392 if (strchr(av[0], '/'))
393 av0 = strrchr(av[0], '/') + 1;
394 else
395 av0 = av[0];
396
397 /* Initialize configuration options to their default values. */
398 initialize_server_options(&options);
399
400 /* Parse command-line arguments. */
401 while ((opt = getopt(ac, av, "f:p:b:k:h:g:diqQ")) != EOF)
402 {
403 switch (opt)
404 {
405 case 'f':
406 config_file_name = optarg;
407 break;
408 case 'd':
409 debug_flag = 1;
6a17f9c2 410 options.log_level = SYSLOG_LEVEL_DEBUG;
8efc0c15 411 break;
412 case 'i':
413 inetd_flag = 1;
414 break;
415 case 'Q':
416 silentrsa = 1;
417 break;
418 case 'q':
6a17f9c2 419 options.log_level = SYSLOG_LEVEL_QUIET;
8efc0c15 420 break;
421 case 'b':
422 options.server_key_bits = atoi(optarg);
423 break;
424 case 'p':
425 options.port = atoi(optarg);
426 break;
427 case 'g':
428 options.login_grace_time = atoi(optarg);
429 break;
430 case 'k':
431 options.key_regeneration_time = atoi(optarg);
432 break;
433 case 'h':
434 options.host_key_file = optarg;
435 break;
436 case '?':
437 default:
438 fprintf(stderr, "sshd version %s\n", SSH_VERSION);
439 fprintf(stderr, "Usage: %s [options]\n", av0);
440 fprintf(stderr, "Options:\n");
441 fprintf(stderr, " -f file Configuration file (default %s/sshd_config)\n", ETCDIR);
442 fprintf(stderr, " -d Debugging mode\n");
443 fprintf(stderr, " -i Started from inetd\n");
444 fprintf(stderr, " -q Quiet (no logging)\n");
445 fprintf(stderr, " -p port Listen on the specified port (default: 22)\n");
446 fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n");
447 fprintf(stderr, " -g seconds Grace period for authentication (default: 300)\n");
448 fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n");
449 fprintf(stderr, " -h file File from which to read host key (default: %s)\n",
450 HOST_KEY_FILE);
451 exit(1);
452 }
453 }
454
455 /* check if RSA support exists */
456 if (rsa_alive() == 0) {
457 if (silentrsa == 0)
458 printf("sshd: no RSA support in libssl and libcrypto -- exiting. See ssl(8)\n");
459 log("no RSA support in libssl and libcrypto -- exiting. See ssl(8)");
460 exit(1);
461 }
462
463 /* Read server configuration options from the configuration file. */
464 read_server_config(&options, config_file_name);
465
466 /* Fill in default values for those options not explicitly set. */
467 fill_default_server_options(&options);
468
469 /* Check certain values for sanity. */
470 if (options.server_key_bits < 512 ||
471 options.server_key_bits > 32768)
472 {
473 fprintf(stderr, "Bad server key size.\n");
474 exit(1);
475 }
476 if (options.port < 1 || options.port > 65535)
477 {
478 fprintf(stderr, "Bad port number.\n");
479 exit(1);
480 }
481
482 /* Check that there are no remaining arguments. */
483 if (optind < ac)
484 {
485 fprintf(stderr, "Extra argument %s.\n", av[optind]);
486 exit(1);
487 }
488
489 /* Initialize the log (it is reinitialized below in case we forked). */
6a17f9c2 490
491 if (debug_flag && !inetd_flag)
492 log_stderr = 1;
493
494 log_init(av0, options.log_level, options.log_facility, log_stderr);
8efc0c15 495
496 debug("sshd version %.100s", SSH_VERSION);
497
498 sensitive_data.host_key = RSA_new();
499 /* Load the host key. It must have empty passphrase. */
500 if (!load_private_key(options.host_key_file, "",
501 sensitive_data.host_key, &comment))
502 {
503 if (debug_flag)
504 fprintf(stderr, "Could not load host key: %s: %s\n",
505 options.host_key_file, strerror(errno));
506 else
507 {
508 int err = errno;
6a17f9c2 509 /* force logging */
510 log_init(av0, SYSLOG_LEVEL_DEBUG, options.log_facility, log_stderr);
8efc0c15 511 error("Could not load host key: %.200s: %.100s",
512 options.host_key_file, strerror(err));
513 }
514 exit(1);
515 }
516 xfree(comment);
517
518 /* If not in debugging mode, and not started from inetd, disconnect from
519 the controlling terminal, and fork. The original process exits. */
520 if (!debug_flag && !inetd_flag)
521 {
522#ifdef TIOCNOTTY
523 int fd;
524#endif /* TIOCNOTTY */
525 if (daemon(0, 0) < 0)
526 fatal("daemon() failed: %.200s", strerror(errno));
527
528 /* Disconnect from the controlling tty. */
529#ifdef TIOCNOTTY
530 fd = open("/dev/tty", O_RDWR|O_NOCTTY);
531 if (fd >= 0)
532 {
533 (void)ioctl(fd, TIOCNOTTY, NULL);
534 close(fd);
535 }
536#endif /* TIOCNOTTY */
537 }
538
539 /* Reinitialize the log (because of the fork above). */
6a17f9c2 540 log_init(av0, options.log_level, options.log_facility, log_stderr);
8efc0c15 541
542 /* Check that server and host key lengths differ sufficiently. This is
543 necessary to make double encryption work with rsaref. Oh, I hate
544 software patents. I dont know if this can go? Niels */
545 if (options.server_key_bits >
546 BN_num_bits(sensitive_data.host_key->n) - SSH_KEY_BITS_RESERVED &&
547 options.server_key_bits <
548 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED)
549 {
550 options.server_key_bits =
551 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED;
552 debug("Forcing server key to %d bits to make it differ from host key.",
553 options.server_key_bits);
554 }
555
556 /* Do not display messages to stdout in RSA code. */
557 rsa_set_verbose(0);
558
559 /* Initialize the random number generator. */
560 arc4random_stir();
561
562 /* Chdir to the root directory so that the current disk can be unmounted
563 if desired. */
564 chdir("/");
565
566 /* Close connection cleanly after attack. */
567 cipher_attack_detected = packet_disconnect;
568
569 /* Start listening for a socket, unless started from inetd. */
570 if (inetd_flag)
571 {
572 int s1, s2;
573 s1 = dup(0); /* Make sure descriptors 0, 1, and 2 are in use. */
574 s2 = dup(s1);
575 sock_in = dup(0);
576 sock_out = dup(1);
577 /* We intentionally do not close the descriptors 0, 1, and 2 as our
578 code for setting the descriptors won\'t work if ttyfd happens to
579 be one of those. */
580 debug("inetd sockets after dupping: %d, %d", sock_in, sock_out);
581
582 public_key = RSA_new();
583 sensitive_data.private_key = RSA_new();
584 /* Generate an rsa key. */
585 log("Generating %d bit RSA key.", options.server_key_bits);
586 rsa_generate_key(sensitive_data.private_key, public_key,
587 options.server_key_bits);
588 arc4random_stir();
589 log("RSA key generation complete.");
590 }
591 else
592 {
593 /* Create socket for listening. */
594 listen_sock = socket(AF_INET, SOCK_STREAM, 0);
595 if (listen_sock < 0)
596 fatal("socket: %.100s", strerror(errno));
597
598 /* Set socket options. We try to make the port reusable and have it
599 close as fast as possible without waiting in unnecessary wait states
600 on close. */
601 setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
602 sizeof(on));
603 linger.l_onoff = 1;
604 linger.l_linger = 5;
605 setsockopt(listen_sock, SOL_SOCKET, SO_LINGER, (void *)&linger,
606 sizeof(linger));
607
608 /* Initialize the socket address. */
609 memset(&sin, 0, sizeof(sin));
610 sin.sin_family = AF_INET;
611 sin.sin_addr = options.listen_addr;
612 sin.sin_port = htons(options.port);
613
614 /* Bind the socket to the desired port. */
615 if (bind(listen_sock, (struct sockaddr *)&sin, sizeof(sin)) < 0)
616 {
617 error("bind: %.100s", strerror(errno));
618 shutdown(listen_sock, SHUT_RDWR);
619 close(listen_sock);
620 fatal("Bind to port %d failed.", options.port);
621 }
622
623 if (!debug_flag)
624 {
625 /* Record our pid in /etc/sshd_pid to make it easier to kill the
626 correct sshd. We don\'t want to do this before the bind above
627 because the bind will fail if there already is a daemon, and this
628 will overwrite any old pid in the file. */
629 f = fopen(SSH_DAEMON_PID_FILE, "w");
630 if (f)
631 {
632 fprintf(f, "%u\n", (unsigned int)getpid());
633 fclose(f);
634 }
635 }
636
637 /* Start listening on the port. */
638 log("Server listening on port %d.", options.port);
639 if (listen(listen_sock, 5) < 0)
640 fatal("listen: %.100s", strerror(errno));
641
642 public_key = RSA_new();
643 sensitive_data.private_key = RSA_new();
644 /* Generate an rsa key. */
645 log("Generating %d bit RSA key.", options.server_key_bits);
646 rsa_generate_key(sensitive_data.private_key, public_key,
647 options.server_key_bits);
648 arc4random_stir();
649 log("RSA key generation complete.");
650
651 /* Schedule server key regeneration alarm. */
652 signal(SIGALRM, key_regeneration_alarm);
653 alarm(options.key_regeneration_time);
654
655 /* Arrange to restart on SIGHUP. The handler needs listen_sock. */
656 signal(SIGHUP, sighup_handler);
657 signal(SIGTERM, sigterm_handler);
658 signal(SIGQUIT, sigterm_handler);
659
660 /* Arrange SIGCHLD to be caught. */
661 signal(SIGCHLD, main_sigchld_handler);
662
663 /* Stay listening for connections until the system crashes or the
664 daemon is killed with a signal. */
665 for (;;)
666 {
667 if (received_sighup)
668 sighup_restart();
669 /* Wait in accept until there is a connection. */
670 aux = sizeof(sin);
671 newsock = accept(listen_sock, (struct sockaddr *)&sin, &aux);
672 if (received_sighup)
673 sighup_restart();
674 if (newsock < 0)
675 {
676 if (errno == EINTR)
677 continue;
678 error("accept: %.100s", strerror(errno));
679 continue;
680 }
681
682 /* Got connection. Fork a child to handle it, unless we are in
683 debugging mode. */
684 if (debug_flag)
685 {
686 /* In debugging mode. Close the listening socket, and start
687 processing the connection without forking. */
688 debug("Server will not fork when running in debugging mode.");
689 close(listen_sock);
690 sock_in = newsock;
691 sock_out = newsock;
692 pid = getpid();
693 break;
694 }
695 else
696 {
697 /* Normal production daemon. Fork, and have the child process
698 the connection. The parent continues listening. */
699 if ((pid = fork()) == 0)
700 {
701 /* Child. Close the listening socket, and start using
702 the accepted socket. Reinitialize logging (since our
703 pid has changed). We break out of the loop to handle
704 the connection. */
705 close(listen_sock);
706 sock_in = newsock;
707 sock_out = newsock;
6a17f9c2 708 log_init(av0, options.log_level, options.log_facility, log_stderr);
8efc0c15 709 break;
710 }
711 }
712
713 /* Parent. Stay in the loop. */
714 if (pid < 0)
715 error("fork: %.100s", strerror(errno));
716 else
717 debug("Forked child %d.", pid);
718
719 /* Mark that the key has been used (it was "given" to the child). */
720 key_used = 1;
721
722 arc4random_stir();
723
724 /* Close the new socket (the child is now taking care of it). */
725 close(newsock);
726 }
727 }
728
729 /* This is the child processing a new connection. */
730
731 /* Disable the key regeneration alarm. We will not regenerate the key
732 since we are no longer in a position to give it to anyone. We will
733 not restart on SIGHUP since it no longer makes sense. */
734 alarm(0);
735 signal(SIGALRM, SIG_DFL);
736 signal(SIGHUP, SIG_DFL);
737 signal(SIGTERM, SIG_DFL);
738 signal(SIGQUIT, SIG_DFL);
739 signal(SIGCHLD, SIG_DFL);
740
741 /* Set socket options for the connection. We want the socket to close
742 as fast as possible without waiting for anything. If the connection
743 is not a socket, these will do nothing. */
744 /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */
745 linger.l_onoff = 1;
746 linger.l_linger = 5;
747 setsockopt(sock_in, SOL_SOCKET, SO_LINGER, (void *)&linger, sizeof(linger));
748
749 /* Register our connection. This turns encryption off because we do not
750 have a key. */
751 packet_set_connection(sock_in, sock_out);
752
e7c0f9d5 753 remote_port = get_remote_port();
754
8efc0c15 755 /* Check whether logins are denied from this host. */
756#ifdef LIBWRAP
757 {
758 struct request_info req;
759
760 request_init(&req, RQ_DAEMON, av0, RQ_FILE, sock_in, NULL);
761 fromhost(&req);
762
763 if (!hosts_access(&req)) {
764 close(sock_in);
765 close(sock_out);
766 refuse(&req);
767 }
e7c0f9d5 768 log("Connection from %.500s port %d", eval_client(&req), remote_port);
8efc0c15 769 }
770#else
771 /* Log the connection. */
e7c0f9d5 772 log("Connection from %.100s port %d", get_remote_ipaddr(), remote_port);
8efc0c15 773#endif /* LIBWRAP */
774
775 /* We don\'t want to listen forever unless the other side successfully
776 authenticates itself. So we set up an alarm which is cleared after
777 successful authentication. A limit of zero indicates no limit.
778 Note that we don\'t set the alarm in debugging mode; it is just annoying
779 to have the server exit just when you are about to discover the bug. */
780 signal(SIGALRM, grace_alarm_handler);
781 if (!debug_flag)
782 alarm(options.login_grace_time);
783
784 /* Send our protocol version identification. */
785 snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n",
786 PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION);
787 if (write(sock_out, buf, strlen(buf)) != strlen(buf))
788 fatal("Could not write ident string.");
789
790 /* Read other side\'s version identification. */
791 for (i = 0; i < sizeof(buf) - 1; i++)
792 {
793 if (read(sock_in, &buf[i], 1) != 1)
794 fatal("Did not receive ident string.");
795 if (buf[i] == '\r')
796 {
797 buf[i] = '\n';
798 buf[i + 1] = 0;
799 break;
800 }
801 if (buf[i] == '\n')
802 {
803 /* buf[i] == '\n' */
804 buf[i + 1] = 0;
805 break;
806 }
807 }
808 buf[sizeof(buf) - 1] = 0;
809
810 /* Check that the versions match. In future this might accept several
811 versions and set appropriate flags to handle them. */
812 if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor,
813 remote_version) != 3)
814 {
815 const char *s = "Protocol mismatch.\n";
816 (void) write(sock_out, s, strlen(s));
817 close(sock_in);
818 close(sock_out);
819 fatal("Bad protocol version identification: %.100s", buf);
820 }
821 debug("Client protocol version %d.%d; client software version %.100s",
822 remote_major, remote_minor, remote_version);
823 if (remote_major != PROTOCOL_MAJOR)
824 {
825 const char *s = "Protocol major versions differ.\n";
826 (void) write(sock_out, s, strlen(s));
827 close(sock_in);
828 close(sock_out);
829 fatal("Protocol major versions differ: %d vs. %d",
830 PROTOCOL_MAJOR, remote_major);
831 }
832
833 /* Check that the client has sufficiently high software version. */
834 if (remote_major == 1 && remote_minor < 3)
835 packet_disconnect("Your ssh version is too old and is no longer supported. Please install a newer version.");
836
837 if (remote_major == 1 && remote_minor == 3) {
838 enable_compat13();
839 if (strcmp(remote_version, "OpenSSH-1.1") != 0) {
840 debug("Agent forwarding disabled, remote version is not compatible.");
841 no_agent_forwarding_flag = 1;
842 }
843 }
844
e7c0f9d5 845 /* Check that the connection comes from a privileged port.
846 Rhosts- and Rhosts-RSA-Authentication only make sense
847 from priviledged programs.
848 Of course, if the intruder has root access on his local machine,
849 he can connect from any port. So do not use these authentication
850 methods from machines that you do not trust. */
851 if (remote_port >= IPPORT_RESERVED ||
852 remote_port < IPPORT_RESERVED / 2)
853 {
854 options.rhosts_authentication = 0;
855 options.rhosts_rsa_authentication = 0;
856 }
857
8efc0c15 858 packet_set_nonblocking();
859
e7c0f9d5 860 /* Handle the connection. */
861 do_connection();
8efc0c15 862
863#ifdef KRB4
864 /* Cleanup user's ticket cache file. */
865 if (options.kerberos_ticket_cleanup)
866 (void) dest_tkt();
867#endif /* KRB4 */
868
869 /* Cleanup user's local Xauthority file. */
870 if (xauthfile) unlink(xauthfile);
871
872 /* The connection has been terminated. */
873 log("Closing connection to %.100s", inet_ntoa(sin.sin_addr));
874
5aecb327 875#ifdef HAVE_LIBPAM
d813bc69 876 {
877 int retval;
878
879 if (pamh != NULL)
880 {
549b3eed 881 debug("Closing PAM session.");
d813bc69 882 retval = pam_close_session((pam_handle_t *)pamh, 0);
8efc0c15 883
549b3eed 884 debug("Terminating PAM library.");
d813bc69 885 if (pam_end((pam_handle_t *)pamh, retval) != PAM_SUCCESS)
886 log("Cannot release PAM authentication.");
8efc0c15 887
d813bc69 888 fatal_remove_cleanup(&pam_cleanup_proc, NULL);
889 }
890 }
5aecb327 891#endif /* HAVE_LIBPAM */
8efc0c15 892
893 packet_close();
894
895 exit(0);
896}
897
898/* Process an incoming connection. Protocol version identifiers have already
899 been exchanged. This sends server key and performs the key exchange.
900 Server and host keys will no longer be needed after this functions. */
901
e7c0f9d5 902void
903do_connection()
8efc0c15 904{
a61d322f 905 int i, len;
8efc0c15 906 BIGNUM *session_key_int;
907 unsigned char session_key[SSH_SESSION_KEY_LENGTH];
908 unsigned char check_bytes[8];
909 char *user;
910 unsigned int cipher_type, auth_mask, protocol_flags;
911 int plen, slen;
912 u_int32_t rand = 0;
913
914 /* Generate check bytes that the client must send back in the user packet
915 in order for it to be accepted; this is used to defy ip spoofing
916 attacks. Note that this only works against somebody doing IP spoofing
917 from a remote machine; any machine on the local network can still see
918 outgoing packets and catch the random cookie. This only affects
919 rhosts authentication, and this is one of the reasons why it is
920 inherently insecure. */
921 for (i = 0; i < 8; i++) {
922 if (i % 4 == 0)
923 rand = arc4random();
924 check_bytes[i] = rand & 0xff;
925 rand >>= 8;
926 }
927
928 /* Send our public key. We include in the packet 64 bits of random
929 data that must be matched in the reply in order to prevent IP spoofing. */
930 packet_start(SSH_SMSG_PUBLIC_KEY);
931 for (i = 0; i < 8; i++)
932 packet_put_char(check_bytes[i]);
933
934 /* Store our public server RSA key. */
935 packet_put_int(BN_num_bits(public_key->n));
936 packet_put_bignum(public_key->e);
937 packet_put_bignum(public_key->n);
938
939 /* Store our public host RSA key. */
940 packet_put_int(BN_num_bits(sensitive_data.host_key->n));
941 packet_put_bignum(sensitive_data.host_key->e);
942 packet_put_bignum(sensitive_data.host_key->n);
943
944 /* Put protocol flags. */
945 packet_put_int(SSH_PROTOFLAG_HOST_IN_FWD_OPEN);
946
947 /* Declare which ciphers we support. */
948 packet_put_int(cipher_mask());
949
950 /* Declare supported authentication types. */
951 auth_mask = 0;
952 if (options.rhosts_authentication)
953 auth_mask |= 1 << SSH_AUTH_RHOSTS;
954 if (options.rhosts_rsa_authentication)
955 auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA;
956 if (options.rsa_authentication)
957 auth_mask |= 1 << SSH_AUTH_RSA;
958#ifdef KRB4
959 if (options.kerberos_authentication)
960 auth_mask |= 1 << SSH_AUTH_KERBEROS;
961#endif
962#ifdef AFS
963 if (options.kerberos_tgt_passing)
964 auth_mask |= 1 << SSH_PASS_KERBEROS_TGT;
965 if (options.afs_token_passing)
966 auth_mask |= 1 << SSH_PASS_AFS_TOKEN;
967#endif
968 if (options.password_authentication)
969 auth_mask |= 1 << SSH_AUTH_PASSWORD;
970 packet_put_int(auth_mask);
971
972 /* Send the packet and wait for it to be sent. */
973 packet_send();
974 packet_write_wait();
975
976 debug("Sent %d bit public key and %d bit host key.",
977 BN_num_bits(public_key->n), BN_num_bits(sensitive_data.host_key->n));
978
979 /* Read clients reply (cipher type and session key). */
980 packet_read_expect(&plen, SSH_CMSG_SESSION_KEY);
981
982 /* Get cipher type. */
983 cipher_type = packet_get_char();
984
985 /* Get check bytes from the packet. These must match those we sent earlier
986 with the public key packet. */
987 for (i = 0; i < 8; i++)
988 if (check_bytes[i] != packet_get_char())
989 packet_disconnect("IP Spoofing check bytes do not match.");
990
991 debug("Encryption type: %.200s", cipher_name(cipher_type));
992
993 /* Get the encrypted integer. */
994 session_key_int = BN_new();
995 packet_get_bignum(session_key_int, &slen);
996
997 /* Get protocol flags. */
998 protocol_flags = packet_get_int();
999 packet_set_protocol_flags(protocol_flags);
1000
1001 packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY);
1002
1003 /* Decrypt it using our private server key and private host key (key with
1004 larger modulus first). */
1005 if (BN_cmp(sensitive_data.private_key->n, sensitive_data.host_key->n) > 0)
1006 {
1007 /* Private key has bigger modulus. */
e1a9c08d 1008 if (BN_num_bits(sensitive_data.private_key->n) <
1009 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) {
1010 fatal("do_connection: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
1011 BN_num_bits(sensitive_data.private_key->n),
1012 BN_num_bits(sensitive_data.host_key->n),
1013 SSH_KEY_BITS_RESERVED);
1014 }
1015
8efc0c15 1016 rsa_private_decrypt(session_key_int, session_key_int,
1017 sensitive_data.private_key);
1018 rsa_private_decrypt(session_key_int, session_key_int,
1019 sensitive_data.host_key);
1020 }
1021 else
1022 {
1023 /* Host key has bigger modulus (or they are equal). */
e1a9c08d 1024 if (BN_num_bits(sensitive_data.host_key->n) <
1025 BN_num_bits(sensitive_data.private_key->n) + SSH_KEY_BITS_RESERVED) {
1026 fatal("do_connection: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d",
1027 BN_num_bits(sensitive_data.host_key->n),
1028 BN_num_bits(sensitive_data.private_key->n),
1029 SSH_KEY_BITS_RESERVED);
1030 }
8efc0c15 1031 rsa_private_decrypt(session_key_int, session_key_int,
1032 sensitive_data.host_key);
1033 rsa_private_decrypt(session_key_int, session_key_int,
1034 sensitive_data.private_key);
1035 }
1036
1037 /* Compute session id for this session. */
1038 compute_session_id(session_id, check_bytes,
8efc0c15 1039 sensitive_data.host_key->n,
8efc0c15 1040 sensitive_data.private_key->n);
1041
1042 /* Extract session key from the decrypted integer. The key is in the
1043 least significant 256 bits of the integer; the first byte of the
1044 key is in the highest bits. */
1045 BN_mask_bits(session_key_int, sizeof(session_key) * 8);
a61d322f 1046 len = BN_num_bytes(session_key_int);
e35c1dc2 1047 if (len < 0 || len > sizeof(session_key))
a61d322f 1048 fatal("do_connection: bad len: session_key_int %d > sizeof(session_key) %d",
1049 len, sizeof(session_key));
1050 memset(session_key, 0, sizeof(session_key));
1051 BN_bn2bin(session_key_int, session_key + sizeof(session_key) - len);
8efc0c15 1052
1053 /* Xor the first 16 bytes of the session key with the session id. */
1054 for (i = 0; i < 16; i++)
1055 session_key[i] ^= session_id[i];
1056
1057 /* Destroy the decrypted integer. It is no longer needed. */
1058 BN_clear_free(session_key_int);
1059
1060 /* Set the session key. From this on all communications will be
1061 encrypted. */
4d195447 1062 packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, cipher_type);
8efc0c15 1063
1064 /* Destroy our copy of the session key. It is no longer needed. */
1065 memset(session_key, 0, sizeof(session_key));
1066
1067 debug("Received session key; encryption turned on.");
1068
1069 /* Send an acknowledgement packet. Note that this packet is sent
1070 encrypted. */
1071 packet_start(SSH_SMSG_SUCCESS);
1072 packet_send();
1073 packet_write_wait();
1074
1075 /* Get the name of the user that we wish to log in as. */
1076 packet_read_expect(&plen, SSH_CMSG_USER);
1077
1078 /* Get the user name. */
1079 {
1080 int ulen;
1081 user = packet_get_string(&ulen);
1082 packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);
1083 }
1084
1085 /* Destroy the private and public keys. They will no longer be needed. */
1086 RSA_free(public_key);
1087 RSA_free(sensitive_data.private_key);
1088 RSA_free(sensitive_data.host_key);
1089
1090 setproctitle("%s", user);
1091 /* Do the authentication. */
e7c0f9d5 1092 do_authentication(user);
8efc0c15 1093}
1094
1095/* Check if the user is allowed to log in via ssh. If user is listed in
1096 DenyUsers or user's primary group is listed in DenyGroups, false will
1097 be returned. If AllowUsers isn't empty and user isn't listed there, or
1098 if AllowGroups isn't empty and user isn't listed there, false will be
1099 returned. Otherwise true is returned.
1100 XXX This function should also check if user has a valid shell */
1101
1102static int
1103allowed_user(struct passwd *pw)
1104{
1105 struct group *grp;
1106 int i;
1107
1108 /* Shouldn't be called if pw is NULL, but better safe than sorry... */
1109 if (!pw)
1110 return 0;
1111
1112 /* XXX Should check for valid login shell */
1113
1114 /* Return false if user is listed in DenyUsers */
1115 if (options.num_deny_users > 0)
1116 {
1117 if (!pw->pw_name)
1118 return 0;
1119 for (i = 0; i < options.num_deny_users; i++)
1120 if (match_pattern(pw->pw_name, options.deny_users[i]))
1121 return 0;
1122 }
1123
1124 /* Return false if AllowUsers isn't empty and user isn't listed there */
1125 if (options.num_allow_users > 0)
1126 {
1127 if (!pw->pw_name)
1128 return 0;
1129 for (i = 0; i < options.num_allow_users; i++)
1130 if (match_pattern(pw->pw_name, options.allow_users[i]))
1131 break;
1132 /* i < options.num_allow_users iff we break for loop */
1133 if (i >= options.num_allow_users)
1134 return 0;
1135 }
1136
1137 /* Get the primary group name if we need it. Return false if it fails */
1138 if (options.num_deny_groups > 0 || options.num_allow_groups > 0 )
1139 {
1140 grp = getgrgid(pw->pw_gid);
1141 if (!grp)
1142 return 0;
1143
1144 /* Return false if user's group is listed in DenyGroups */
1145 if (options.num_deny_groups > 0)
1146 {
1147 if (!grp->gr_name)
1148 return 0;
1149 for (i = 0; i < options.num_deny_groups; i++)
1150 if (match_pattern(grp->gr_name, options.deny_groups[i]))
1151 return 0;
1152 }
1153
1154 /* Return false if AllowGroups isn't empty and user's group isn't
1155 listed there */
1156 if (options.num_allow_groups > 0)
1157 {
1158 if (!grp->gr_name)
1159 return 0;
1160 for (i = 0; i < options.num_allow_groups; i++)
1161 if (match_pattern(grp->gr_name, options.allow_groups[i]))
1162 break;
1163 /* i < options.num_allow_groups iff we break for loop */
1164 if (i >= options.num_allow_groups)
1165 return 0;
1166 }
1167 }
1168
1169 /* We found no reason not to let this user try to log on... */
1170 return 1;
1171}
1172
1173/* Performs authentication of an incoming connection. Session key has already
1174 been exchanged and encryption is enabled. User is the user name to log
e7c0f9d5 1175 in as (received from the client). */
8efc0c15 1176
1177void
e7c0f9d5 1178do_authentication(char *user)
8efc0c15 1179{
8efc0c15 1180 struct passwd *pw, pwcopy;
e7c0f9d5 1181
8efc0c15 1182#ifdef AFS
1183 /* If machine has AFS, set process authentication group. */
1184 if (k_hasafs()) {
1185 k_setpag();
1186 k_unlog();
1187 }
1188#endif /* AFS */
1189
1190 /* Verify that the user is a valid user. */
1191 pw = getpwnam(user);
8efc0c15 1192 if (!pw || !allowed_user(pw))
e7c0f9d5 1193 do_fake_authloop(user);
1194
8efc0c15 1195 /* Take a copy of the returned structure. */
1196 memset(&pwcopy, 0, sizeof(pwcopy));
1197 pwcopy.pw_name = xstrdup(pw->pw_name);
1198 pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
1199 pwcopy.pw_uid = pw->pw_uid;
1200 pwcopy.pw_gid = pw->pw_gid;
1201 pwcopy.pw_dir = xstrdup(pw->pw_dir);
1202 pwcopy.pw_shell = xstrdup(pw->pw_shell);
1203 pw = &pwcopy;
1204
5aecb327 1205#ifdef HAVE_LIBPAM
c75a1a66 1206 {
1207 int pam_retval;
1208
1209 debug("Starting up PAM with username \"%.200s\"", pw->pw_name);
e7c0f9d5 1210
c75a1a66 1211 pam_retval = pam_start("sshd", pw->pw_name, &conv, (pam_handle_t**)&pamh);
1212 if (pam_retval != PAM_SUCCESS)
1213 fatal("PAM initialisation failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
e7c0f9d5 1214
c75a1a66 1215 fatal_add_cleanup(&pam_cleanup_proc, NULL);
1216 }
5aecb327 1217#endif
0183ea1c 1218
8efc0c15 1219 /* If we are not running as root, the user must have the same uid as the
1220 server. */
1221 if (getuid() != 0 && pw->pw_uid != getuid())
1222 packet_disconnect("Cannot change user when server not running as root.");
1223
1224 debug("Attempting authentication for %.100s.", user);
1225
1226 /* If the user has no password, accept authentication immediately. */
1227 if (options.password_authentication &&
1228#ifdef KRB4
1229 (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
1230#endif /* KRB4 */
1231 auth_password(pw, ""))
1232 {
1233 /* Authentication with empty password succeeded. */
1234 debug("Login for user %.100s accepted without authentication.", user);
e7c0f9d5 1235 } else {
1236 /* Loop until the user has been authenticated or the connection is closed,
1237 do_authloop() returns only if authentication is successfull */
1238 do_authloop(pw);
8efc0c15 1239 }
e7c0f9d5 1240
1241 /* XXX log unified auth message */
1242
1243 /* Check if the user is logging in as root and root logins are disallowed. */
1244 if (pw->pw_uid == 0 && !options.permit_root_login)
8efc0c15 1245 {
e7c0f9d5 1246 if (forced_command)
1247 log("Root login accepted for forced command.");
1248 else
1249 packet_disconnect("ROOT LOGIN REFUSED FROM %.200s",
1250 get_canonical_hostname());
8efc0c15 1251 }
1252
e7c0f9d5 1253 /* The user has been authenticated and accepted. */
1254 packet_start(SSH_SMSG_SUCCESS);
1255 packet_send();
1256 packet_write_wait();
8efc0c15 1257
e7c0f9d5 1258 /* Perform session preparation. */
1259 do_authenticated(pw);
1260}
8efc0c15 1261
e7c0f9d5 1262#define MAX_AUTH_FAILURES 5
1263
1264/* read packets and try to authenticate local user *pw.
1265 return if authentication is successfull */
1266void
1267do_authloop(struct passwd *pw)
1268{
1269 int authentication_failures = 0;
4d195447 1270 unsigned int bits;
e7c0f9d5 1271 BIGNUM *client_host_key_e, *client_host_key_n;
1272 BIGNUM *n;
c75a1a66 1273 char *client_user = NULL, *password = NULL;
e7c0f9d5 1274 int plen, dlen, nlen, ulen, elen;
c75a1a66 1275#ifdef HAVE_LIBPAM
1276 int pam_retval;
1277#endif /* HAVE_LIBPAM */
e7c0f9d5 1278
1279 /* Indicate that authentication is needed. */
1280 packet_start(SSH_SMSG_FAILURE);
1281 packet_send();
1282 packet_write_wait();
1283
1284 for (;;) {
1285 int authenticated = 0;
1286
1287 /* Get a packet from the client. */
1288 int type = packet_read(&plen);
1289
1290 /* Process the packet. */
1291 switch (type)
1292 {
1293#ifdef AFS
1294 case SSH_CMSG_HAVE_KERBEROS_TGT:
1295 if (!options.kerberos_tgt_passing)
1296 {
8efc0c15 1297 /* packet_get_all(); */
e7c0f9d5 1298 log("Kerberos tgt passing disabled.");
8efc0c15 1299 break;
1300 }
e7c0f9d5 1301 else {
1302 /* Accept Kerberos tgt. */
1303 char *tgt = packet_get_string(&dlen);
1304 packet_integrity_check(plen, 4 + dlen, type);
1305 if (!auth_kerberos_tgt(pw, tgt))
1306 debug("Kerberos tgt REFUSED for %s", pw->pw_name);
1307 xfree(tgt);
1308 }
1309 continue;
1310
1311 case SSH_CMSG_HAVE_AFS_TOKEN:
1312 if (!options.afs_token_passing || !k_hasafs()) {
1313 /* packet_get_all(); */
1314 log("AFS token passing disabled.");
1315 break;
1316 }
1317 else {
1318 /* Accept AFS token. */
1319 char *token_string = packet_get_string(&dlen);
1320 packet_integrity_check(plen, 4 + dlen, type);
1321 if (!auth_afs_token(pw, token_string))
1322 debug("AFS token REFUSED for %s", pw->pw_name);
1323 xfree(token_string);
1324 }
1325 continue;
8efc0c15 1326#endif /* AFS */
8efc0c15 1327
e7c0f9d5 1328#ifdef KRB4
1329 case SSH_CMSG_AUTH_KERBEROS:
1330 if (!options.kerberos_authentication)
1331 {
1332 /* packet_get_all(); */
1333 log("Kerberos authentication disabled.");
1334 break;
8efc0c15 1335 }
e7c0f9d5 1336 else {
1337 /* Try Kerberos v4 authentication. */
1338 KTEXT_ST auth;
1339 char *tkt_user = NULL;
1340 char *kdata = packet_get_string((unsigned int *)&auth.length);
1341 packet_integrity_check(plen, 4 + auth.length, type);
1342
1343 if (auth.length < MAX_KTXT_LEN)
1344 memcpy(auth.dat, kdata, auth.length);
1345 xfree(kdata);
8efc0c15 1346
e7c0f9d5 1347 authenticated = auth_krb4(pw->pw_name, &auth, &tkt_user);
1348
1349 log("Kerberos authentication %s%s for account %s from %s",
1350 authenticated ? "accepted " : "failed",
1351 tkt_user != NULL ? tkt_user : "",
1352 pw->pw_name, get_canonical_hostname());
1353 if (authenticated)
1354 xfree(tkt_user);
1355 }
1356 break;
1357#endif /* KRB4 */
1358
1359 case SSH_CMSG_AUTH_RHOSTS:
1360 if (!options.rhosts_authentication)
8efc0c15 1361 {
e7c0f9d5 1362 log("Rhosts authentication disabled.");
1363 break;
8efc0c15 1364 }
e7c0f9d5 1365
1366 /* Get client user name. Note that we just have to trust the client;
1367 this is one reason why rhosts authentication is insecure.
1368 (Another is IP-spoofing on a local network.) */
1369 client_user = packet_get_string(&dlen);
1370 packet_integrity_check(plen, 4 + dlen, type);
1371
1372 /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
1373 authenticated = auth_rhosts(pw, client_user);
8efc0c15 1374
e7c0f9d5 1375 log("Rhosts authentication %s for %.100s, remote %.100s on %.700s.",
1376 authenticated ? "accepted" : "failed",
1377 pw->pw_name, client_user, get_canonical_hostname());
5aecb327 1378#ifndef HAVE_LIBPAM
e7c0f9d5 1379 xfree(client_user);
5aecb327 1380#endif /* HAVE_LIBPAM */
e7c0f9d5 1381 break;
1382
1383 case SSH_CMSG_AUTH_RHOSTS_RSA:
1384 if (!options.rhosts_rsa_authentication)
8efc0c15 1385 {
e7c0f9d5 1386 log("Rhosts with RSA authentication disabled.");
1387 break;
8efc0c15 1388 }
e7c0f9d5 1389
1390 /* Get client user name. Note that we just have to trust
1391 the client; root on the client machine can claim to be
1392 any user. */
1393 client_user = packet_get_string(&ulen);
1394
1395 /* Get the client host key. */
1396 client_host_key_e = BN_new();
1397 client_host_key_n = BN_new();
4d195447 1398 bits = packet_get_int();
e7c0f9d5 1399 packet_get_bignum(client_host_key_e, &elen);
1400 packet_get_bignum(client_host_key_n, &nlen);
4d195447 1401
1402 if (bits != BN_num_bits(client_host_key_n))
1403 error("Warning: keysize mismatch for client_host_key: "
1404 "actual %d, announced %s", BN_num_bits(client_host_key_n), bits);
e7c0f9d5 1405
1406 packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
1407
4d195447 1408 authenticated = auth_rhosts_rsa(pw, client_user,
e7c0f9d5 1409 client_host_key_e, client_host_key_n);
1410 log("Rhosts authentication %s for %.100s, remote %.100s.",
1411 authenticated ? "accepted" : "failed",
1412 pw->pw_name, client_user);
5aecb327 1413#ifndef HAVE_LIBPAM
e7c0f9d5 1414 xfree(client_user);
5aecb327 1415#endif /* HAVE_LIBPAM */
e7c0f9d5 1416 BN_clear_free(client_host_key_e);
1417 BN_clear_free(client_host_key_n);
1418 break;
1419
1420 case SSH_CMSG_AUTH_RSA:
1421 if (!options.rsa_authentication)
8efc0c15 1422 {
e7c0f9d5 1423 log("RSA authentication disabled.");
1424 break;
8efc0c15 1425 }
e7c0f9d5 1426
1427 /* RSA authentication requested. */
1428 n = BN_new();
1429 packet_get_bignum(n, &nlen);
1430 packet_integrity_check(plen, nlen, type);
1431 authenticated = auth_rsa(pw, n);
1432 BN_clear_free(n);
1433 log("RSA authentication %s for %.100s.",
1434 authenticated ? "accepted" : "failed",
1435 pw->pw_name);
1436 break;
1437
1438 case SSH_CMSG_AUTH_PASSWORD:
1439 if (!options.password_authentication)
8efc0c15 1440 {
e7c0f9d5 1441 log("Password authentication disabled.");
1442 break;
8efc0c15 1443 }
e7c0f9d5 1444
1445 /* Read user password. It is in plain text, but was transmitted
1446 over the encrypted channel so it is not visible to an outside
1447 observer. */
1448 password = packet_get_string(&dlen);
1449 packet_integrity_check(plen, 4 + dlen, type);
1450
5aecb327 1451#ifdef HAVE_LIBPAM
c75a1a66 1452 /* Do PAM auth with password */
e7c0f9d5 1453 pampasswd = password;
c75a1a66 1454 pam_retval = pam_authenticate((pam_handle_t *)pamh, 0);
e7c0f9d5 1455 if (pam_retval == PAM_SUCCESS)
1456 {
c75a1a66 1457 log("PAM Password authentication accepted for user \"%.100s\"", pw->pw_name);
e7c0f9d5 1458 authenticated = 1;
1459 break;
1460 }
c75a1a66 1461
1462 log("PAM Password authentication for \"%.100s\" failed: %s",
1463 pw->pw_name, pam_strerror((pam_handle_t *)pamh, pam_retval));
e7c0f9d5 1464 break;
5aecb327 1465#else /* HAVE_LIBPAM */
e7c0f9d5 1466 /* Try authentication with the password. */
1467 authenticated = auth_password(pw, password);
8efc0c15 1468
e7c0f9d5 1469 memset(password, 0, strlen(password));
1470 xfree(password);
8efc0c15 1471 break;
e7c0f9d5 1472#endif /* HAVE_LIBPAM */
1473
1474 case SSH_CMSG_AUTH_TIS:
1475 /* TIS Authentication is unsupported */
1476 log("TIS authentication disabled.");
1477 break;
1478
1479 default:
1480 /* Any unknown messages will be ignored (and failure returned)
1481 during authentication. */
1482 log("Unknown message during authentication: type %d", type);
1483 break; /* Respond with a failure message. */
8efc0c15 1484 }
e35c1dc2 1485
e7c0f9d5 1486 if (authenticated)
1487 break;
1488 if (++authentication_failures >= MAX_AUTH_FAILURES)
1489 packet_disconnect("Too many authentication failures for %.100s from %.200s",
1490 pw->pw_name, get_canonical_hostname());
1491 /* Send a message indicating that the authentication attempt failed. */
1492 packet_start(SSH_SMSG_FAILURE);
1493 packet_send();
1494 packet_write_wait();
1495 }
8efc0c15 1496
5aecb327 1497#ifdef HAVE_LIBPAM
e7c0f9d5 1498 do_pam_account_and_session(pw->pw_name, client_user, get_canonical_hostname());
d813bc69 1499
1500 /* Clean up */
1501 if (client_user != NULL)
1502 xfree(client_user);
1503
1504 if (password != NULL)
1505 {
1506 memset(password, 0, strlen(password));
1507 xfree(password);
1508 }
5aecb327 1509#endif /* HAVE_LIBPAM */
8efc0c15 1510}
1511
e7c0f9d5 1512/* The user does not exist or access is denied,
1513 but fake indication that authentication is needed. */
1514void
1515do_fake_authloop(char *user)
0183ea1c 1516{
1517 int authentication_failures = 0;
e7c0f9d5 1518
1519 /* Indicate that authentication is needed. */
0183ea1c 1520 packet_start(SSH_SMSG_FAILURE);
1521 packet_send();
1522 packet_write_wait();
1523
1524 /* Keep reading packets, and always respond with a failure. This is to
1525 avoid disclosing whether such a user really exists. */
e7c0f9d5 1526 for (;;)
0183ea1c 1527 {
e7c0f9d5 1528 /* Read a packet. This will not return if the client disconnects. */
1529 int plen;
1530 int type = packet_read(&plen);
1531#ifdef SKEY
1532 int passw_len;
1533 char *password, *skeyinfo;
1534 if (options.password_authentication &&
1535 options.skey_authentication == 1 &&
1536 type == SSH_CMSG_AUTH_PASSWORD &&
1537 (password = packet_get_string(&passw_len)) != NULL &&
1538 passw_len == 5 &&
1539 strncasecmp(password, "s/key", 5) == 0 &&
1540 (skeyinfo = skey_fake_keyinfo(user)) != NULL ){
1541 /* Send a fake s/key challenge. */
1542 packet_send_debug(skeyinfo);
1543 }
1544#endif
1545 if (++authentication_failures >= MAX_AUTH_FAILURES)
1546 packet_disconnect("Too many authentication failures for %.100s from %.200s",
1547 user, get_canonical_hostname());
1548 /* Send failure. This should be indistinguishable from a failed
1549 authentication. */
1550 packet_start(SSH_SMSG_FAILURE);
1551 packet_send();
1552 packet_write_wait();
0183ea1c 1553 }
0183ea1c 1554 /*NOTREACHED*/
1555 abort();
1556}
1557
e7c0f9d5 1558
6a17f9c2 1559/* Remove local Xauthority file. */
1560static void
1561xauthfile_cleanup_proc(void *ignore)
1562{
1563 debug("xauthfile_cleanup_proc called");
1564
1565 if (xauthfile != NULL) {
1566 unlink(xauthfile);
1567 xfree(xauthfile);
1568 xauthfile = NULL;
1569 }
1570}
1571
8efc0c15 1572/* Prepares for an interactive session. This is called after the user has
1573 been successfully authenticated. During this message exchange, pseudo
1574 terminals are allocated, X11, TCP/IP, and authentication agent forwardings
1575 are requested, etc. */
1576
1577void do_authenticated(struct passwd *pw)
1578{
1579 int type;
1580 int compression_level = 0, enable_compression_after_reply = 0;
1581 int have_pty = 0, ptyfd = -1, ttyfd = -1, xauthfd = -1;
1582 int row, col, xpixel, ypixel, screen;
1583 char ttyname[64];
1584 char *command, *term = NULL, *display = NULL, *proto = NULL, *data = NULL;
1585 struct group *grp;
1586 gid_t tty_gid;
1587 mode_t tty_mode;
1588 int n_bytes;
1589
1590 /* Cancel the alarm we set to limit the time taken for authentication. */
1591 alarm(0);
1592
1593 /* Inform the channel mechanism that we are the server side and that
1594 the client may request to connect to any port at all. (The user could
1595 do it anyway, and we wouldn\'t know what is permitted except by the
1596 client telling us, so we can equally well trust the client not to request
1597 anything bogus.) */
1598 channel_permit_all_opens();
1599
1600 /* We stay in this loop until the client requests to execute a shell or a
1601 command. */
1602 while (1)
1603 {
1604 int plen, dlen;
1605
1606 /* Get a packet from the client. */
1607 type = packet_read(&plen);
1608
1609 /* Process the packet. */
1610 switch (type)
1611 {
1612 case SSH_CMSG_REQUEST_COMPRESSION:
1613 packet_integrity_check(plen, 4, type);
1614 compression_level = packet_get_int();
1615 if (compression_level < 1 || compression_level > 9)
1616 {
1617 packet_send_debug("Received illegal compression level %d.",
1618 compression_level);
1619 goto fail;
1620 }
1621 /* Enable compression after we have responded with SUCCESS. */
1622 enable_compression_after_reply = 1;
1623 break;
1624
1625 case SSH_CMSG_REQUEST_PTY:
1626 if (no_pty_flag)
1627 {
1628 debug("Allocating a pty not permitted for this authentication.");
1629 goto fail;
1630 }
1631 if (have_pty)
1632 packet_disconnect("Protocol error: you already have a pty.");
1633
1634 debug("Allocating pty.");
1635
1636 /* Allocate a pty and open it. */
1637 if (!pty_allocate(&ptyfd, &ttyfd, ttyname))
1638 {
1639 error("Failed to allocate pty.");
1640 goto fail;
1641 }
1642
1643 /* Determine the group to make the owner of the tty. */
1644 grp = getgrnam("tty");
1645 if (grp)
1646 {
1647 tty_gid = grp->gr_gid;
1648 tty_mode = S_IRUSR|S_IWUSR|S_IWGRP;
1649 }
1650 else
1651 {
1652 tty_gid = pw->pw_gid;
1653 tty_mode = S_IRUSR|S_IWUSR|S_IWGRP|S_IWOTH;
1654 }
1655
1656 /* Change ownership of the tty. */
1657 if (chown(ttyname, pw->pw_uid, tty_gid) < 0)
1658 fatal("chown(%.100s, %d, %d) failed: %.100s",
1659 ttyname, pw->pw_uid, tty_gid, strerror(errno));
1660 if (chmod(ttyname, tty_mode) < 0)
1661 fatal("chmod(%.100s, 0%o) failed: %.100s",
1662 ttyname, tty_mode, strerror(errno));
1663
1664 /* Get TERM from the packet. Note that the value may be of arbitrary
1665 length. */
1666
1667 term = packet_get_string(&dlen);
1668 packet_integrity_check(dlen, strlen(term), type);
1669 /* packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); */
1670 /* Remaining bytes */
1671 n_bytes = plen - (4 + dlen + 4*4);
1672
1673 if (strcmp(term, "") == 0)
1674 term = NULL;
1675
1676 /* Get window size from the packet. */
1677 row = packet_get_int();
1678 col = packet_get_int();
1679 xpixel = packet_get_int();
1680 ypixel = packet_get_int();
1681 pty_change_window_size(ptyfd, row, col, xpixel, ypixel);
1682
1683 /* Get tty modes from the packet. */
1684 tty_parse_modes(ttyfd, &n_bytes);
1685 packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type);
1686
1687 /* Indicate that we now have a pty. */
1688 have_pty = 1;
1689 break;
1690
1691 case SSH_CMSG_X11_REQUEST_FORWARDING:
1692 if (!options.x11_forwarding)
1693 {
1694 packet_send_debug("X11 forwarding disabled in server configuration file.");
1695 goto fail;
1696 }
1697#ifdef XAUTH_PATH
1698 if (no_x11_forwarding_flag)
1699 {
1700 packet_send_debug("X11 forwarding not permitted for this authentication.");
1701 goto fail;
1702 }
1703 debug("Received request for X11 forwarding with auth spoofing.");
1704 if (display)
1705 packet_disconnect("Protocol error: X11 display already set.");
1706 {
1707 int proto_len, data_len;
1708 proto = packet_get_string(&proto_len);
1709 data = packet_get_string(&data_len);
1710 packet_integrity_check(plen, 4+proto_len + 4+data_len + 4, type);
1711 }
1712 if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER)
1713 screen = packet_get_int();
1714 else
1715 screen = 0;
1716 display = x11_create_display_inet(screen);
1717 if (!display)
1718 goto fail;
1719
1720 /* Setup to always have a local .Xauthority. */
1721 xauthfile = xmalloc(MAXPATHLEN);
1722 snprintf(xauthfile, MAXPATHLEN, "/tmp/XauthXXXXXX");
1723
1724 if ((xauthfd = mkstemp(xauthfile)) != -1) {
1725 fchown(xauthfd, pw->pw_uid, pw->pw_gid);
1726 close(xauthfd);
6a17f9c2 1727 fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
8efc0c15 1728 }
1729 else {
1730 xfree(xauthfile);
1731 xauthfile = NULL;
1732 }
1733 break;
1734#else /* XAUTH_PATH */
1735 /* No xauth program; we won't accept forwarding with spoofing. */
1736 packet_send_debug("No xauth program; cannot forward with spoofing.");
1737 goto fail;
1738#endif /* XAUTH_PATH */
1739
1740 case SSH_CMSG_AGENT_REQUEST_FORWARDING:
1741 if (no_agent_forwarding_flag)
1742 {
1743 debug("Authentication agent forwarding not permitted for this authentication.");
1744 goto fail;
1745 }
1746 debug("Received authentication agent forwarding request.");
1747 auth_input_request_forwarding(pw);
1748 break;
1749
1750 case SSH_CMSG_PORT_FORWARD_REQUEST:
1751 if (no_port_forwarding_flag)
1752 {
1753 debug("Port forwarding not permitted for this authentication.");
1754 goto fail;
1755 }
1756 debug("Received TCP/IP port forwarding request.");
1757 channel_input_port_forward_request(pw->pw_uid == 0);
1758 break;
1759
1760 case SSH_CMSG_EXEC_SHELL:
1761 /* Set interactive/non-interactive mode. */
1762 packet_set_interactive(have_pty || display != NULL,
1763 options.keepalives);
1764
1765 if (forced_command != NULL)
1766 goto do_forced_command;
1767 debug("Forking shell.");
1768 packet_integrity_check(plen, 0, type);
1769 if (have_pty)
1770 do_exec_pty(NULL, ptyfd, ttyfd, ttyname, pw, term, display, proto,
1771 data);
1772 else
1773 do_exec_no_pty(NULL, pw, display, proto, data);
1774 return;
1775
1776 case SSH_CMSG_EXEC_CMD:
1777 /* Set interactive/non-interactive mode. */
1778 packet_set_interactive(have_pty || display != NULL,
1779 options.keepalives);
1780
1781 if (forced_command != NULL)
1782 goto do_forced_command;
1783 /* Get command from the packet. */
1784 {
1785 int dlen;
1786 command = packet_get_string(&dlen);
1787 debug("Executing command '%.500s'", command);
1788 packet_integrity_check(plen, 4 + dlen, type);
1789 }
1790 if (have_pty)
1791 do_exec_pty(command, ptyfd, ttyfd, ttyname, pw, term, display,
1792 proto, data);
1793 else
1794 do_exec_no_pty(command, pw, display, proto, data);
1795 xfree(command);
1796 return;
1797
1798 case SSH_CMSG_MAX_PACKET_SIZE:
1799 debug("The server does not support limiting packet size.");
1800 goto fail;
1801
1802 default:
1803 /* Any unknown messages in this phase are ignored, and a failure
1804 message is returned. */
1805 log("Unknown packet type received after authentication: %d", type);
1806 goto fail;
1807 }
1808
1809 /* The request was successfully processed. */
1810 packet_start(SSH_SMSG_SUCCESS);
1811 packet_send();
1812 packet_write_wait();
1813
1814 /* Enable compression now that we have replied if appropriate. */
1815 if (enable_compression_after_reply)
1816 {
1817 enable_compression_after_reply = 0;
1818 packet_start_compression(compression_level);
1819 }
1820
1821 continue;
1822
1823 fail:
1824 /* The request failed. */
1825 packet_start(SSH_SMSG_FAILURE);
1826 packet_send();
1827 packet_write_wait();
1828 continue;
1829
1830 do_forced_command:
1831 /* There is a forced command specified for this login. Execute it. */
1832 debug("Executing forced command: %.900s", forced_command);
1833 if (have_pty)
1834 do_exec_pty(forced_command, ptyfd, ttyfd, ttyname, pw, term, display,
1835 proto, data);
1836 else
1837 do_exec_no_pty(forced_command, pw, display, proto, data);
1838 return;
1839 }
1840}
1841
1842/* This is called to fork and execute a command when we have no tty. This
1843 will call do_child from the child, and server_loop from the parent after
1844 setting up file descriptors and such. */
1845
1846void do_exec_no_pty(const char *command, struct passwd *pw,
1847 const char *display, const char *auth_proto,
1848 const char *auth_data)
1849{
1850 int pid;
1851
1852#ifdef USE_PIPES
1853 int pin[2], pout[2], perr[2];
1854 /* Allocate pipes for communicating with the program. */
1855 if (pipe(pin) < 0 || pipe(pout) < 0 || pipe(perr) < 0)
1856 packet_disconnect("Could not create pipes: %.100s",
1857 strerror(errno));
1858#else /* USE_PIPES */
1859 int inout[2], err[2];
1860 /* Uses socket pairs to communicate with the program. */
1861 if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0 ||
1862 socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0)
1863 packet_disconnect("Could not create socket pairs: %.100s",
1864 strerror(errno));
1865#endif /* USE_PIPES */
1866
1867 setproctitle("%s@notty", pw->pw_name);
1868
1869 /* Fork the child. */
1870 if ((pid = fork()) == 0)
1871 {
1872 /* Child. Reinitialize the log since the pid has changed. */
6a17f9c2 1873 log_init(av0, options.log_level, options.log_facility, log_stderr);
8efc0c15 1874
1875 /* Create a new session and process group since the 4.4BSD setlogin()
1876 affects the entire process group. */
1877 if (setsid() < 0)
1878 error("setsid failed: %.100s", strerror(errno));
1879
1880#ifdef USE_PIPES
1881 /* Redirect stdin. We close the parent side of the socket pair,
1882 and make the child side the standard input. */
1883 close(pin[1]);
1884 if (dup2(pin[0], 0) < 0)
1885 perror("dup2 stdin");
1886 close(pin[0]);
1887
1888 /* Redirect stdout. */
1889 close(pout[0]);
1890 if (dup2(pout[1], 1) < 0)
1891 perror("dup2 stdout");
1892 close(pout[1]);
1893
1894 /* Redirect stderr. */
1895 close(perr[0]);
1896 if (dup2(perr[1], 2) < 0)
1897 perror("dup2 stderr");
1898 close(perr[1]);
1899#else /* USE_PIPES */
1900 /* Redirect stdin, stdout, and stderr. Stdin and stdout will use the
1901 same socket, as some programs (particularly rdist) seem to depend
1902 on it. */
1903 close(inout[1]);
1904 close(err[1]);
1905 if (dup2(inout[0], 0) < 0) /* stdin */
1906 perror("dup2 stdin");
1907 if (dup2(inout[0], 1) < 0) /* stdout. Note: same socket as stdin. */
1908 perror("dup2 stdout");
1909 if (dup2(err[0], 2) < 0) /* stderr */
1910 perror("dup2 stderr");
1911#endif /* USE_PIPES */
1912
1913 /* Do processing for the child (exec command etc). */
1914 do_child(command, pw, NULL, display, auth_proto, auth_data, NULL);
1915 /*NOTREACHED*/
1916 }
1917 if (pid < 0)
1918 packet_disconnect("fork failed: %.100s", strerror(errno));
1919#ifdef USE_PIPES
1920 /* We are the parent. Close the child sides of the pipes. */
1921 close(pin[0]);
1922 close(pout[1]);
1923 close(perr[1]);
1924
1925 /* Enter the interactive session. */
1926 server_loop(pid, pin[1], pout[0], perr[0]);
1927 /* server_loop has closed pin[1], pout[1], and perr[1]. */
1928#else /* USE_PIPES */
1929 /* We are the parent. Close the child sides of the socket pairs. */
1930 close(inout[0]);
1931 close(err[0]);
1932
1933 /* Enter the interactive session. Note: server_loop must be able to handle
1934 the case that fdin and fdout are the same. */
1935 server_loop(pid, inout[1], inout[1], err[1]);
1936 /* server_loop has closed inout[1] and err[1]. */
1937#endif /* USE_PIPES */
1938}
1939
1940struct pty_cleanup_context
1941{
1942 const char *ttyname;
1943 int pid;
1944};
1945
1946/* Function to perform cleanup if we get aborted abnormally (e.g., due to a
1947 dropped connection). */
1948
1949void pty_cleanup_proc(void *context)
1950{
1951 struct pty_cleanup_context *cu = context;
1952
1953 debug("pty_cleanup_proc called");
1954
8efc0c15 1955 /* Record that the user has logged out. */
1956 record_logout(cu->pid, cu->ttyname);
1957
1958 /* Release the pseudo-tty. */
1959 pty_release(cu->ttyname);
1960}
1961
1962/* This is called to fork and execute a command when we have a tty. This
1963 will call do_child from the child, and server_loop from the parent after
1964 setting up file descriptors, controlling tty, updating wtmp, utmp,
1965 lastlog, and other such operations. */
1966
1967void do_exec_pty(const char *command, int ptyfd, int ttyfd,
1968 const char *ttyname, struct passwd *pw, const char *term,
1969 const char *display, const char *auth_proto,
1970 const char *auth_data)
1971{
1972 int pid, fdout;
1973 const char *hostname;
1974 time_t last_login_time;
1975 char buf[100], *time_string;
1976 FILE *f;
1977 char line[256];
1978 struct stat st;
1979 int quiet_login;
1980 struct sockaddr_in from;
1981 int fromlen;
1982 struct pty_cleanup_context cleanup_context;
1983
1984 /* Get remote host name. */
1985 hostname = get_canonical_hostname();
1986
1987 /* Get the time when the user last logged in. Buf will be set to contain
1988 the hostname the last login was from. */
1989 if(!options.use_login) {
1990 last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
1991 buf, sizeof(buf));
1992 }
1993
1994 setproctitle("%s@%s", pw->pw_name, strrchr(ttyname, '/') + 1);
1995
1996 /* Fork the child. */
1997 if ((pid = fork()) == 0)
1998 {
1999 pid = getpid();
2000
2001 /* Child. Reinitialize the log because the pid has changed. */
6a17f9c2 2002 log_init(av0, options.log_level, options.log_facility, log_stderr);
8efc0c15 2003
2004 /* Close the master side of the pseudo tty. */
2005 close(ptyfd);
2006
2007 /* Make the pseudo tty our controlling tty. */
2008 pty_make_controlling_tty(&ttyfd, ttyname);
2009
2010 /* Redirect stdin from the pseudo tty. */
2011 if (dup2(ttyfd, fileno(stdin)) < 0)
2012 error("dup2 stdin failed: %.100s", strerror(errno));
2013
2014 /* Redirect stdout to the pseudo tty. */
2015 if (dup2(ttyfd, fileno(stdout)) < 0)
2016 error("dup2 stdin failed: %.100s", strerror(errno));
2017
2018 /* Redirect stderr to the pseudo tty. */
2019 if (dup2(ttyfd, fileno(stderr)) < 0)
2020 error("dup2 stdin failed: %.100s", strerror(errno));
2021
2022 /* Close the extra descriptor for the pseudo tty. */
2023 close(ttyfd);
2024
2025 /* Get IP address of client. This is needed because we want to record
2026 where the user logged in from. If the connection is not a socket,
2027 let the ip address be 0.0.0.0. */
2028 memset(&from, 0, sizeof(from));
2029 if (packet_get_connection_in() == packet_get_connection_out())
2030 {
2031 fromlen = sizeof(from);
2032 if (getpeername(packet_get_connection_in(),
e7c0f9d5 2033 (struct sockaddr *)&from, &fromlen) < 0) {
2034 debug("getpeername: %.100s", strerror(errno));
2035 fatal_cleanup();
2036 }
8efc0c15 2037 }
2038
2039 /* Record that there was a login on that terminal. */
2040 record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
2041 &from);
2042
2043 /* Check if .hushlogin exists. */
2044 snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir);
2045 quiet_login = stat(line, &st) >= 0;
e1a9c08d 2046
2047#ifdef HAVE_LIBPAM
2048 /* output the results of the pamconv() */
2049 if (!quiet_login && pamconv_msg != NULL)
2050 fprintf(stderr, pamconv_msg);
2051#endif
2052
8efc0c15 2053 /* If the user has logged in before, display the time of last login.
2054 However, don't display anything extra if a command has been
2055 specified (so that ssh can be used to execute commands on a remote
2056 machine without users knowing they are going to another machine).
2057 Login(1) will do this for us as well, so check if login(1) is used */
2058 if (command == NULL && last_login_time != 0 && !quiet_login &&
2059 !options.use_login)
2060 {
2061 /* Convert the date to a string. */
2062 time_string = ctime(&last_login_time);
2063 /* Remove the trailing newline. */
2064 if (strchr(time_string, '\n'))
2065 *strchr(time_string, '\n') = 0;
2066 /* Display the last login time. Host if displayed if known. */
2067 if (strcmp(buf, "") == 0)
2068 printf("Last login: %s\r\n", time_string);
2069 else
2070 printf("Last login: %s from %s\r\n", time_string, buf);
2071 }
2072
2073 /* Print /etc/motd unless a command was specified or printing it was
2074 disabled in server options or login(1) will be used. Note that
2075 some machines appear to print it in /etc/profile or similar. */
2076 if (command == NULL && options.print_motd && !quiet_login &&
2077 !options.use_login)
2078 {
2079 /* Print /etc/motd if it exists. */
2080 f = fopen("/etc/motd", "r");
2081 if (f)
2082 {
2083 while (fgets(line, sizeof(line), f))
2084 fputs(line, stdout);
2085 fclose(f);
2086 }
2087 }
2088
2089 /* Do common processing for the child, such as execing the command. */
2090 do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
2091 /*NOTREACHED*/
2092 }
2093 if (pid < 0)
2094 packet_disconnect("fork failed: %.100s", strerror(errno));
2095 /* Parent. Close the slave side of the pseudo tty. */
2096 close(ttyfd);
2097
2098 /* Create another descriptor of the pty master side for use as the standard
2099 input. We could use the original descriptor, but this simplifies code
2100 in server_loop. The descriptor is bidirectional. */
2101 fdout = dup(ptyfd);
2102 if (fdout < 0)
2103 packet_disconnect("dup failed: %.100s", strerror(errno));
2104
2105 /* Add a cleanup function to clear the utmp entry and record logout time
2106 in case we call fatal() (e.g., the connection gets closed). */
2107 cleanup_context.pid = pid;
2108 cleanup_context.ttyname = ttyname;
2109 fatal_add_cleanup(pty_cleanup_proc, (void *)&cleanup_context);
2110
2111 /* Enter interactive session. */
2112 server_loop(pid, ptyfd, fdout, -1);
2113 /* server_loop has not closed ptyfd and fdout. */
2114
2115 /* Cancel the cleanup function. */
2116 fatal_remove_cleanup(pty_cleanup_proc, (void *)&cleanup_context);
2117
2118 /* Record that the user has logged out. */
2119 record_logout(pid, ttyname);
2120
2121 /* Release the pseudo-tty. */
2122 pty_release(ttyname);
2123
2124 /* Close the server side of the socket pairs. We must do this after the
2125 pty cleanup, so that another process doesn't get this pty while we're
2126 still cleaning up. */
2127 close(ptyfd);
2128 close(fdout);
2129}
2130
2131/* Sets the value of the given variable in the environment. If the variable
2132 already exists, its value is overriden. */
2133
2134void child_set_env(char ***envp, unsigned int *envsizep, const char *name,
2135 const char *value)
2136{
2137 unsigned int i, namelen;
2138 char **env;
2139
2140 /* Find the slot where the value should be stored. If the variable already
2141 exists, we reuse the slot; otherwise we append a new slot at the end
2142 of the array, expanding if necessary. */
2143 env = *envp;
2144 namelen = strlen(name);
2145 for (i = 0; env[i]; i++)
2146 if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=')
2147 break;
2148 if (env[i])
2149 {
2150 /* Name already exists. Reuse the slot. */
2151 xfree(env[i]);
2152 }
2153 else
2154 {
2155 /* New variable. Expand the array if necessary. */
2156 if (i >= (*envsizep) - 1)
2157 {
2158 (*envsizep) += 50;
2159 env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
2160 }
2161
2162 /* Need to set the NULL pointer at end of array beyond the new
2163 slot. */
2164 env[i + 1] = NULL;
2165 }
2166
2167 /* Allocate space and format the variable in the appropriate slot. */
2168 env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1);
2169 snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value);
2170}
2171
2172/* Reads environment variables from the given file and adds/overrides them
2173 into the environment. If the file does not exist, this does nothing.
2174 Otherwise, it must consist of empty lines, comments (line starts with '#')
2175 and assignments of the form name=value. No other forms are allowed. */
2176
2177void read_environment_file(char ***env, unsigned int *envsize,
2178 const char *filename)
2179{
2180 FILE *f;
2181 char buf[4096];
2182 char *cp, *value;
2183
2184 /* Open the environment file. */
2185 f = fopen(filename, "r");
2186 if (!f)
2187 return; /* Not found. */
2188
2189 /* Process each line. */
2190 while (fgets(buf, sizeof(buf), f))
2191 {
2192 /* Skip leading whitespace. */
2193 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
2194 ;
2195
2196 /* Ignore empty and comment lines. */
2197 if (!*cp || *cp == '#' || *cp == '\n')
2198 continue;
2199
2200 /* Remove newline. */
2201 if (strchr(cp, '\n'))
2202 *strchr(cp, '\n') = '\0';
2203
2204 /* Find the equals sign. Its lack indicates badly formatted line. */
2205 value = strchr(cp, '=');
2206 if (value == NULL)
2207 {
2208 fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);
2209 continue;
2210 }
2211
2212 /* Replace the equals sign by nul, and advance value to the value
2213 string. */
2214 *value = '\0';
2215 value++;
2216
2217 /* Set the value in environment. */
2218 child_set_env(env, envsize, cp, value);
2219 }
2220
2221 fclose(f);
2222}
2223
2224/* Performs common processing for the child, such as setting up the
2225 environment, closing extra file descriptors, setting the user and group
2226 ids, and executing the command or shell. */
2227
2228void do_child(const char *command, struct passwd *pw, const char *term,
2229 const char *display, const char *auth_proto,
2230 const char *auth_data, const char *ttyname)
2231{
2232 const char *shell, *cp = NULL;
2233 char buf[256];
2234 FILE *f;
2235 unsigned int envsize, i;
2236 char **env;
2237 extern char **environ;
2238 struct stat st;
2239 char *argv[10];
2240
e1a9c08d 2241#ifndef HAVE_LIBPAM /* pam_nologin handles this */
8efc0c15 2242 /* Check /etc/nologin. */
2243 f = fopen("/etc/nologin", "r");
2244 if (f)
2245 { /* /etc/nologin exists. Print its contents and exit. */
2246 while (fgets(buf, sizeof(buf), f))
2247 fputs(buf, stderr);
2248 fclose(f);
2249 if (pw->pw_uid != 0)
2250 exit(254);
2251 }
e35c1dc2 2252#endif /* HAVE_LIBPAM */
2253
2254#ifdef HAVE_SETLOGIN
2255 /* Set login name in the kernel. */
2256 if (setlogin(pw->pw_name) < 0)
2257 error("setlogin failed: %s", strerror(errno));
2258#endif /* HAVE_SETLOGIN */
8efc0c15 2259
8efc0c15 2260 /* Set uid, gid, and groups. */
2261 /* Login(1) does this as well, and it needs uid 0 for the "-h" switch,
2262 so we let login(1) to this for us. */
2263 if(!options.use_login) {
2264 if (getuid() == 0 || geteuid() == 0)
2265 {
2266 if (setgid(pw->pw_gid) < 0)
2267 {
2268 perror("setgid");
2269 exit(1);
2270 }
2271 /* Initialize the group list. */
2272 if (initgroups(pw->pw_name, pw->pw_gid) < 0)
2273 {
2274 perror("initgroups");
2275 exit(1);
2276 }
2277 endgrent();
2278
2279 /* Permanently switch to the desired uid. */
2280 permanently_set_uid(pw->pw_uid);
2281 }
2282
2283 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
2284 fatal("Failed to set uids to %d.", (int)pw->pw_uid);
2285 }
2286
2287 /* Get the shell from the password data. An empty shell field is legal,
2288 and means /bin/sh. */
2289 shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
2290
2291#ifdef AFS
2292 /* Try to get AFS tokens for the local cell. */
2293 if (k_hasafs()) {
2294 char cell[64];
2295
2296 if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0)
2297 krb_afslog(cell, 0);
2298
2299 krb_afslog(0, 0);
2300 }
2301#endif /* AFS */
2302
2303 /* Initialize the environment. In the first part we allocate space for
2304 all environment variables. */
2305 envsize = 100;
2306 env = xmalloc(envsize * sizeof(char *));
2307 env[0] = NULL;
2308
2309 if(!options.use_login) {
2310 /* Set basic environment. */
2311 child_set_env(&env, &envsize, "USER", pw->pw_name);
2312 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
2313 child_set_env(&env, &envsize, "HOME", pw->pw_dir);
2314 child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
2315
2316 snprintf(buf, sizeof buf, "%.200s/%.50s",
2317 _PATH_MAILDIR, pw->pw_name);
2318 child_set_env(&env, &envsize, "MAIL", buf);
2319
2320 /* Normal systems set SHELL by default. */
2321 child_set_env(&env, &envsize, "SHELL", shell);
2322 }
2323
2324 /* Let it inherit timezone if we have one. */
2325 if (getenv("TZ"))
2326 child_set_env(&env, &envsize, "TZ", getenv("TZ"));
2327
2328 /* Set custom environment options from RSA authentication. */
2329 while (custom_environment)
2330 {
2331 struct envstring *ce = custom_environment;
2332 char *s = ce->s;
2333 int i;
2334 for (i = 0; s[i] != '=' && s[i]; i++)
2335 ;
2336 if (s[i] == '=')
2337 {
2338 s[i] = 0;
2339 child_set_env(&env, &envsize, s, s + i + 1);
2340 }
2341 custom_environment = ce->next;
2342 xfree(ce->s);
2343 xfree(ce);
2344 }
2345
2346 /* Set SSH_CLIENT. */
2347 snprintf(buf, sizeof buf, "%.50s %d %d",
2348 get_remote_ipaddr(), get_remote_port(), options.port);
2349 child_set_env(&env, &envsize, "SSH_CLIENT", buf);
2350
2351 /* Set SSH_TTY if we have a pty. */
2352 if (ttyname)
2353 child_set_env(&env, &envsize, "SSH_TTY", ttyname);
2354
2355 /* Set TERM if we have a pty. */
2356 if (term)
2357 child_set_env(&env, &envsize, "TERM", term);
2358
2359 /* Set DISPLAY if we have one. */
2360 if (display)
2361 child_set_env(&env, &envsize, "DISPLAY", display);
2362
2363#ifdef KRB4
6a17f9c2 2364 {
e35c1dc2 2365 extern char *ticket;
2366
2367 if (ticket)
2368 child_set_env(&env, &envsize, "KRBTKFILE", ticket);
6a17f9c2 2369 }
8efc0c15 2370#endif /* KRB4 */
2371
bb0dd7f6 2372#ifdef HAVE_LIBPAM
2373 /* Pull in any environment variables that may have been set by PAM. */
2374 {
2375 char *equal_sign, var_name[256], var_val[256];
2376 long this_var;
50da1126 2377 char **pam_env = pam_getenvlist((pam_handle_t *)pamh);
bb0dd7f6 2378 for(this_var = 0; pam_env && pam_env[this_var]; this_var++)
2379 {
242588e6 2380 if(strlen(pam_env[this_var]) < (sizeof(var_name) - 1))
bb0dd7f6 2381 if((equal_sign = strstr(pam_env[this_var], "=")) != NULL)
2382 {
2383 memset(var_name, 0, sizeof(var_name));
2384 memset(var_val, 0, sizeof(var_val));
2385 strncpy(var_name, pam_env[this_var],
2386 equal_sign - pam_env[this_var]);
2387 strcpy(var_val, equal_sign + 1);
2388 child_set_env(&env, &envsize, var_name, var_val);
2389 }
2390 }
2391 }
2392#endif /* HAVE_LIBPAM */
2393
8efc0c15 2394 /* Set XAUTHORITY to always be a local file. */
2395 if (xauthfile)
2396 child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
2397
2398 /* Set variable for forwarded authentication connection, if we have one. */
2399 if (auth_get_socket_name() != NULL)
2400 child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
2401 auth_get_socket_name());
e35c1dc2 2402
8efc0c15 2403 /* Read $HOME/.ssh/environment. */
2404 if(!options.use_login) {
2405 snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir);
2406 read_environment_file(&env, &envsize, buf);
2407 }
2408
2409 /* If debugging, dump the environment to stderr. */
2410 if (debug_flag)
2411 {
2412 fprintf(stderr, "Environment:\n");
2413 for (i = 0; env[i]; i++)
2414 fprintf(stderr, " %.200s\n", env[i]);
2415 }
2416
2417 /* Close the connection descriptors; note that this is the child, and the
2418 server will still have the socket open, and it is important that we
2419 do not shutdown it. Note that the descriptors cannot be closed before
2420 building the environment, as we call get_remote_ipaddr there. */
2421 if (packet_get_connection_in() == packet_get_connection_out())
2422 close(packet_get_connection_in());
2423 else
2424 {
2425 close(packet_get_connection_in());
2426 close(packet_get_connection_out());
2427 }
2428 /* Close all descriptors related to channels. They will still remain
2429 open in the parent. */
2430 channel_close_all();
2431
2432 /* Close any extra file descriptors. Note that there may still be
2433 descriptors left by system functions. They will be closed later. */
2434 endpwent();
2435 endhostent();
2436
2437 /* Close any extra open file descriptors so that we don\'t have them
2438 hanging around in clients. Note that we want to do this after
2439 initgroups, because at least on Solaris 2.3 it leaves file descriptors
2440 open. */
2441 for (i = 3; i < 64; i++)
2442 close(i);
2443
2444 /* Change current directory to the user\'s home directory. */
2445 if (chdir(pw->pw_dir) < 0)
2446 fprintf(stderr, "Could not chdir to home directory %s: %s\n",
2447 pw->pw_dir, strerror(errno));
2448
2449 /* Must take new environment into use so that .ssh/rc, /etc/sshrc and
2450 xauth are run in the proper environment. */
2451 environ = env;
2452
2453 /* Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first
2454 in this order). */
2455 if(!options.use_login) {
2456 if (stat(SSH_USER_RC, &st) >= 0)
2457 {
2458 if (debug_flag)
2459 fprintf(stderr, "Running /bin/sh %s\n", SSH_USER_RC);
2460
2461 f = popen("/bin/sh " SSH_USER_RC, "w");
2462 if (f)
2463 {
2464 if (auth_proto != NULL && auth_data != NULL)
2465 fprintf(f, "%s %s\n", auth_proto, auth_data);
2466 pclose(f);
2467 }
2468 else
2469 fprintf(stderr, "Could not run %s\n", SSH_USER_RC);
2470 }
2471 else
2472 if (stat(SSH_SYSTEM_RC, &st) >= 0)
2473 {
2474 if (debug_flag)
2475 fprintf(stderr, "Running /bin/sh %s\n", SSH_SYSTEM_RC);
2476
2477 f = popen("/bin/sh " SSH_SYSTEM_RC, "w");
2478 if (f)
2479 {
2480 if (auth_proto != NULL && auth_data != NULL)
2481 fprintf(f, "%s %s\n", auth_proto, auth_data);
2482 pclose(f);
2483 }
2484 else
2485 fprintf(stderr, "Could not run %s\n", SSH_SYSTEM_RC);
2486 }
2487#ifdef XAUTH_PATH
2488 else
2489 {
2490 /* Add authority data to .Xauthority if appropriate. */
2491 if (auth_proto != NULL && auth_data != NULL)
2492 {
2493 if (debug_flag)
2494 fprintf(stderr, "Running %.100s add %.100s %.100s %.100s\n",
2495 XAUTH_PATH, display, auth_proto, auth_data);
2496
2497 f = popen(XAUTH_PATH " -q -", "w");
2498 if (f)
2499 {
2500 fprintf(f, "add %s %s %s\n", display, auth_proto, auth_data);
2501 fclose(f);
2502 }
2503 else
2504 fprintf(stderr, "Could not run %s -q -\n", XAUTH_PATH);
2505 }
2506 }
2507#endif /* XAUTH_PATH */
2508
2509 /* Get the last component of the shell name. */
2510 cp = strrchr(shell, '/');
2511 if (cp)
2512 cp++;
2513 else
2514 cp = shell;
2515 }
2516
2517 /* If we have no command, execute the shell. In this case, the shell name
2518 to be passed in argv[0] is preceded by '-' to indicate that this is
2519 a login shell. */
2520 if (!command)
2521 {
2522 if(!options.use_login) {
2523 char buf[256];
2524
2525 /* Check for mail if we have a tty and it was enabled in server options. */
2526 if (ttyname && options.check_mail) {
2527 char *mailbox;
2528 struct stat mailstat;
2529 mailbox = getenv("MAIL");
2530 if(mailbox != NULL) {
2531 if(stat(mailbox, &mailstat) != 0 || mailstat.st_size == 0) {
2532 printf("No mail.\n");
2533 } else if(mailstat.st_mtime < mailstat.st_atime) {
2534 printf("You have mail.\n");
2535 } else {
2536 printf("You have new mail.\n");
2537 }
2538 }
2539 }
2540 /* Start the shell. Set initial character to '-'. */
2541 buf[0] = '-';
2542 strncpy(buf + 1, cp, sizeof(buf) - 1);
2543 buf[sizeof(buf) - 1] = 0;
2544 /* Execute the shell. */
2545 argv[0] = buf;
2546 argv[1] = NULL;
2547 execve(shell, argv, env);
2548 /* Executing the shell failed. */
2549 perror(shell);
2550 exit(1);
2551
2552 } else {
2553 /* Launch login(1). */
2554
e1a9c08d 2555 execl(LOGIN_PROGRAM, "login", "-h", get_remote_ipaddr(), "-p", "-f", "--", pw->pw_name, NULL);
8efc0c15 2556
2557 /* Login couldn't be executed, die. */
2558
2559 perror("login");
2560 exit(1);
2561 }
2562 }
2563
2564 /* Execute the command using the user's shell. This uses the -c option
2565 to execute the command. */
2566 argv[0] = (char *)cp;
2567 argv[1] = "-c";
2568 argv[2] = (char *)command;
2569 argv[3] = NULL;
2570 execve(shell, argv, env);
2571 perror(shell);
2572 exit(1);
2573}
git-cvsimport mirror of OpenSSH
This page took 0.589592 seconds and 5 git commands to generate.