[openssh.git] / auth1.c

/*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 */

#include "includes.h"
RCSID("$OpenBSD: auth1.c,v 1.2 2000/04/29 18:11:52 markus Exp $");

#include "xmalloc.h"
#include "rsa.h"
#include "ssh.h"
#include "packet.h"
#include "buffer.h"
#include "cipher.h"
#include "mpaux.h"
#include "servconf.h"
#include "compat.h"
#include "auth.h"
#include "session.h"

/* import */
extern ServerOptions options;
extern char *forced_command;

/*
 * convert ssh auth msg type into description
 */
char *
get_authname(int type)
{
	static char buf[1024];
	switch (type) {
	case SSH_CMSG_AUTH_PASSWORD:
		return "password";
	case SSH_CMSG_AUTH_RSA:
		return "rsa";
	case SSH_CMSG_AUTH_RHOSTS_RSA:
		return "rhosts-rsa";
	case SSH_CMSG_AUTH_RHOSTS:
		return "rhosts";
#ifdef KRB4
	case SSH_CMSG_AUTH_KERBEROS:
		return "kerberos";
#endif
#ifdef SKEY
	case SSH_CMSG_AUTH_TIS_RESPONSE:
		return "s/key";
#endif
	}
	snprintf(buf, sizeof buf, "bad-auth-msg-%d", type);
	return buf;
}

/*
 * The user does not exist or access is denied,
 * but fake indication that authentication is needed.
 */
void
do_fake_authloop1(char *user)
{
	int attempt = 0;

	log("Faking authloop for illegal user %.200s from %.200s port %d",
	    user,
	    get_remote_ipaddr(),
	    get_remote_port());

#ifdef WITH_AIXAUTHENTICATE 
	loginfailed(user,get_canonical_hostname(),"ssh");
#endif /* WITH_AIXAUTHENTICATE */

	/* Indicate that authentication is needed. */
	packet_start(SSH_SMSG_FAILURE);
	packet_send();
	packet_write_wait();

	/*
	 * Keep reading packets, and always respond with a failure.  This is
	 * to avoid disclosing whether such a user really exists.
	 */
	for (attempt = 1;; attempt++) {
		/* Read a packet.  This will not return if the client disconnects. */
		int plen;
#ifndef SKEY
		(void)packet_read(&plen);
#else /* SKEY */
		int type = packet_read(&plen);
		unsigned int dlen;
		char *password, *skeyinfo;
		password = NULL;
		/* Try to send a fake s/key challenge. */
		if (options.skey_authentication == 1 &&
		    (skeyinfo = skey_fake_keyinfo(user)) != NULL) {
			if (type == SSH_CMSG_AUTH_TIS) {
				packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
				packet_put_string(skeyinfo, strlen(skeyinfo));
				packet_send();
				packet_write_wait();
				continue;
			} else if (type == SSH_CMSG_AUTH_PASSWORD &&
				   options.password_authentication &&
				   (password = packet_get_string(&dlen)) != NULL &&
				   dlen == 5 &&
				   strncasecmp(password, "s/key", 5) == 0 ) {
				packet_send_debug(skeyinfo);
			}
		}
		if (password != NULL)
			xfree(password);
#endif
		if (attempt > AUTH_FAIL_MAX)
			packet_disconnect(AUTH_FAIL_MSG, user);

		/*
		 * Send failure.  This should be indistinguishable from a
		 * failed authentication.
		 */
		packet_start(SSH_SMSG_FAILURE);
		packet_send();
		packet_write_wait();
	}
	/* NOTREACHED */
	abort();
}

/*
 * read packets and try to authenticate local user *pw.
 * return if authentication is successfull
 */
void
do_authloop(struct passwd * pw)
{
	int attempt = 0;
	unsigned int bits;
	RSA *client_host_key;
	BIGNUM *n;
	char *client_user = NULL, *password = NULL;
	char user[1024];
	unsigned int dlen;
	int plen, nlen, elen;
	unsigned int ulen;
	int type = 0;
	void (*authlog) (const char *fmt,...) = verbose;

	/* Indicate that authentication is needed. */
	packet_start(SSH_SMSG_FAILURE);
	packet_send();
	packet_write_wait();

	for (attempt = 1;; attempt++) {
		int authenticated = 0;
		strlcpy(user, "", sizeof user);

		/* Get a packet from the client. */
		type = packet_read(&plen);

		/* Process the packet. */
		switch (type) {
#ifdef AFS
		case SSH_CMSG_HAVE_KERBEROS_TGT:
			if (!options.kerberos_tgt_passing) {
				/* packet_get_all(); */
				verbose("Kerberos tgt passing disabled.");
				break;
			} else {
				/* Accept Kerberos tgt. */
				char *tgt = packet_get_string(&dlen);
				packet_integrity_check(plen, 4 + dlen, type);
				if (!auth_kerberos_tgt(pw, tgt))
					verbose("Kerberos tgt REFUSED for %s", pw->pw_name);
				xfree(tgt);
			}
			continue;

		case SSH_CMSG_HAVE_AFS_TOKEN:
			if (!options.afs_token_passing || !k_hasafs()) {
				/* packet_get_all(); */
				verbose("AFS token passing disabled.");
				break;
			} else {
				/* Accept AFS token. */
				char *token_string = packet_get_string(&dlen);
				packet_integrity_check(plen, 4 + dlen, type);
				if (!auth_afs_token(pw, token_string))
					verbose("AFS token REFUSED for %s", pw->pw_name);
				xfree(token_string);
			}
			continue;
#endif /* AFS */
#ifdef KRB4
		case SSH_CMSG_AUTH_KERBEROS:
			if (!options.kerberos_authentication) {
				/* packet_get_all(); */
				verbose("Kerberos authentication disabled.");
				break;
			} else {
				/* Try Kerberos v4 authentication. */
				KTEXT_ST auth;
				char *tkt_user = NULL;
				char *kdata = packet_get_string((unsigned int *) &auth.length);
				packet_integrity_check(plen, 4 + auth.length, type);

				if (auth.length < MAX_KTXT_LEN)
					memcpy(auth.dat, kdata, auth.length);
				xfree(kdata);

				authenticated = auth_krb4(pw->pw_name, &auth, &tkt_user);

				if (authenticated) {
					snprintf(user, sizeof user, " tktuser %s", tkt_user);
					xfree(tkt_user);
				}
			}
			break;
#endif /* KRB4 */

		case SSH_CMSG_AUTH_RHOSTS:
			if (!options.rhosts_authentication) {
				verbose("Rhosts authentication disabled.");
				break;
			}
			/*
			 * Get client user name.  Note that we just have to
			 * trust the client; this is one reason why rhosts
			 * authentication is insecure. (Another is
			 * IP-spoofing on a local network.)
			 */
			client_user = packet_get_string(&ulen);
			packet_integrity_check(plen, 4 + ulen, type);

			/* Try to authenticate using /etc/hosts.equiv and
			   .rhosts. */
			authenticated = auth_rhosts(pw, client_user);

			snprintf(user, sizeof user, " ruser %s", client_user);
			break;

		case SSH_CMSG_AUTH_RHOSTS_RSA:
			if (!options.rhosts_rsa_authentication) {
				verbose("Rhosts with RSA authentication disabled.");
				break;
			}
			/*
			 * Get client user name.  Note that we just have to
			 * trust the client; root on the client machine can
			 * claim to be any user.
			 */
			client_user = packet_get_string(&ulen);

			/* Get the client host key. */
			client_host_key = RSA_new();
			if (client_host_key == NULL)
				fatal("RSA_new failed");
			client_host_key->e = BN_new();
			client_host_key->n = BN_new();
			if (client_host_key->e == NULL || client_host_key->n == NULL)
				fatal("BN_new failed");
			bits = packet_get_int();
			packet_get_bignum(client_host_key->e, &elen);
			packet_get_bignum(client_host_key->n, &nlen);

			if (bits != BN_num_bits(client_host_key->n))
				log("Warning: keysize mismatch for client_host_key: "
				    "actual %d, announced %d", BN_num_bits(client_host_key->n), bits);
			packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);

			authenticated = auth_rhosts_rsa(pw, client_user, client_host_key);
			RSA_free(client_host_key);

			snprintf(user, sizeof user, " ruser %s", client_user);
			break;

		case SSH_CMSG_AUTH_RSA:
			if (!options.rsa_authentication) {
				verbose("RSA authentication disabled.");
				break;
			}
			/* RSA authentication requested. */
			n = BN_new();
			packet_get_bignum(n, &nlen);
			packet_integrity_check(plen, nlen, type);
			authenticated = auth_rsa(pw, n);
			BN_clear_free(n);
			break;

		case SSH_CMSG_AUTH_PASSWORD:
			if (!options.password_authentication) {
				verbose("Password authentication disabled.");
				break;
			}
			/*
			 * Read user password.  It is in plain text, but was
			 * transmitted over the encrypted channel so it is
			 * not visible to an outside observer.
			 */
			password = packet_get_string(&dlen);
			packet_integrity_check(plen, 4 + dlen, type);

#ifdef USE_PAM
			/* Do PAM auth with password */
			authenticated = auth_pam_password(pw, password);
#else /* USE_PAM */
			/* Try authentication with the password. */
			authenticated = auth_password(pw, password);
#endif /* USE_PAM */

			memset(password, 0, strlen(password));
			xfree(password);
			break;

#ifdef SKEY
		case SSH_CMSG_AUTH_TIS:
			debug("rcvd SSH_CMSG_AUTH_TIS");
			if (options.skey_authentication == 1) {
				char *skeyinfo = skey_keyinfo(pw->pw_name);
				if (skeyinfo == NULL) {
					debug("generating fake skeyinfo for %.100s.", pw->pw_name);
					skeyinfo = skey_fake_keyinfo(pw->pw_name);
				}
				if (skeyinfo != NULL) {
					/* we send our s/key- in tis-challenge messages */
					debug("sending challenge '%s'", skeyinfo);
					packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
					packet_put_string(skeyinfo, strlen(skeyinfo));
					packet_send();
					packet_write_wait();
					continue;
				}
			}
			break;
		case SSH_CMSG_AUTH_TIS_RESPONSE:
			debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE");
			if (options.skey_authentication == 1) {
				char *response = packet_get_string(&dlen);
				debug("skey response == '%s'", response);
				packet_integrity_check(plen, 4 + dlen, type);
				authenticated = (skey_haskey(pw->pw_name) == 0 &&
						 skey_passcheck(pw->pw_name, response) != -1);
				xfree(response);
			}
			break;
#else
		case SSH_CMSG_AUTH_TIS:
			/* TIS Authentication is unsupported */
			log("TIS authentication unsupported.");
			break;
#endif

		default:
			/*
			 * Any unknown messages will be ignored (and failure
			 * returned) during authentication.
			 */
			log("Unknown message during authentication: type %d", type);
			break;
		}

		/*
		 * Check if the user is logging in as root and root logins
		 * are disallowed.
		 * Note that root login is allowed for forced commands.
		 */
		if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
			if (forced_command) {
				log("Root login accepted for forced command.");
			} else {
				authenticated = 0;
				log("ROOT LOGIN REFUSED FROM %.200s",
				    get_canonical_hostname());
			}
		}

		/* Raise logging level */
		if (authenticated ||
		    attempt == AUTH_FAIL_LOG ||
		    type == SSH_CMSG_AUTH_PASSWORD)
			authlog = log;

		authlog("%s %s for %.200s from %.200s port %d%s",
			authenticated ? "Accepted" : "Failed",
			get_authname(type),
			pw->pw_uid == 0 ? "ROOT" : pw->pw_name,
			get_remote_ipaddr(),
			get_remote_port(),
			user);

#ifdef USE_PAM
		if (authenticated) {
			if (!do_pam_account(pw->pw_name, client_user)) {
				if (client_user != NULL) {
					xfree(client_user);
					client_user = NULL;
				}
				do_fake_authloop1(pw->pw_name);
			}
			return;
		}
#else /* USE_PAM */
		if (authenticated) {
			return;
		}
#endif /* USE_PAM */

		if (client_user != NULL) {
			xfree(client_user);
			client_user = NULL;
		}

		if (attempt > AUTH_FAIL_MAX) {
#ifdef WITH_AIXAUTHENTICATE 
			loginfailed(pw->pw_name,get_canonical_hostname(),"ssh");
#endif /* WITH_AIXAUTHENTICATE */
			packet_disconnect(AUTH_FAIL_MSG, pw->pw_name);
		}

		/* Send a message indicating that the authentication attempt failed. */
		packet_start(SSH_SMSG_FAILURE);
		packet_send();
		packet_write_wait();
	}
}

/*
 * Performs authentication of an incoming connection.  Session key has already
 * been exchanged and encryption is enabled.
 */
void
do_authentication()
{
	struct passwd *pw, pwcopy;
	int plen;
	unsigned int ulen;
	char *user;
#ifdef WITH_AIXAUTHENTICATE
	extern char *aixloginmsg;
#endif /* WITH_AIXAUTHENTICATE */

	/* Get the name of the user that we wish to log in as. */
	packet_read_expect(&plen, SSH_CMSG_USER);

	/* Get the user name. */
	user = packet_get_string(&ulen);
	packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);

	setproctitle("%s", user);

#ifdef AFS
	/* If machine has AFS, set process authentication group. */
	if (k_hasafs()) {
		k_setpag();
		k_unlog();
	}
#endif /* AFS */

	/* Verify that the user is a valid user. */
	pw = getpwnam(user);
	if (!pw || !allowed_user(pw))
		do_fake_authloop1(user);
	xfree(user);

	/* Take a copy of the returned structure. */
	memset(&pwcopy, 0, sizeof(pwcopy));
	pwcopy.pw_name = xstrdup(pw->pw_name);
	pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
	pwcopy.pw_uid = pw->pw_uid;
	pwcopy.pw_gid = pw->pw_gid;
	pwcopy.pw_dir = xstrdup(pw->pw_dir);
	pwcopy.pw_shell = xstrdup(pw->pw_shell);
	pw = &pwcopy;

#ifdef USE_PAM
	start_pam(pw);
#endif

	/*
	 * If we are not running as root, the user must have the same uid as
	 * the server.
	 */
	if (getuid() != 0 && pw->pw_uid != getuid())
		packet_disconnect("Cannot change user when server not running as root.");

	debug("Attempting authentication for %.100s.", pw->pw_name);

	/* If the user has no password, accept authentication immediately. */
	if (options.password_authentication &&
#ifdef KRB4
	    (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
#endif /* KRB4 */
#ifdef USE_PAM
	    auth_pam_password(pw, "")) {
#else /* USE_PAM */
	    auth_password(pw, "")) {
#endif /* USE_PAM */
		/* Authentication with empty password succeeded. */
		log("Login for user %s from %.100s, accepted without authentication.",
		    pw->pw_name, get_remote_ipaddr());
	} else {
		/* Loop until the user has been authenticated or the
		   connection is closed, do_authloop() returns only if
		   authentication is successfull */
		do_authloop(pw);
	}

	/* The user has been authenticated and accepted. */
#ifdef WITH_AIXAUTHENTICATE
	/* We don't have a pty yet, so just label the line as "ssh" */
	if (loginsuccess(user,get_canonical_hostname(),"ssh",&aixloginmsg) < 0)
		aixloginmsg = NULL;
#endif /* WITH_AIXAUTHENTICATE */
	packet_start(SSH_SMSG_SUCCESS);
	packet_send();
	packet_write_wait();

	/* Perform session preparation. */
	do_authenticated(pw);
}
Commit	Line	Data
a306f2dd	1	/*
	2	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	3	* All rights reserved
	4	*/
	5
	6	#include "includes.h"
0b242b12	7	RCSID("$OpenBSD: auth1.c,v 1.2 2000/04/29 18:11:52 markus Exp $");
a306f2dd	8
	9	#include "xmalloc.h"
	10	#include "rsa.h"
	11	#include "ssh.h"
	12	#include "packet.h"
	13	#include "buffer.h"
	14	#include "cipher.h"
	15	#include "mpaux.h"
	16	#include "servconf.h"
	17	#include "compat.h"
	18	#include "auth.h"
	19	#include "session.h"
	20
	21	/* import */
	22	extern ServerOptions options;
	23	extern char *forced_command;
	24
	25	/*
	26	* convert ssh auth msg type into description
	27	*/
	28	char *
	29	get_authname(int type)
	30	{
	31	static char buf[1024];
	32	switch (type) {
	33	case SSH_CMSG_AUTH_PASSWORD:
	34	return "password";
	35	case SSH_CMSG_AUTH_RSA:
	36	return "rsa";
	37	case SSH_CMSG_AUTH_RHOSTS_RSA:
	38	return "rhosts-rsa";
	39	case SSH_CMSG_AUTH_RHOSTS:
	40	return "rhosts";
	41	#ifdef KRB4
	42	case SSH_CMSG_AUTH_KERBEROS:
	43	return "kerberos";
	44	#endif
	45	#ifdef SKEY
	46	case SSH_CMSG_AUTH_TIS_RESPONSE:
	47	return "s/key";
	48	#endif
	49	}
	50	snprintf(buf, sizeof buf, "bad-auth-msg-%d", type);
	51	return buf;
	52	}
	53
	54	/*
	55	* The user does not exist or access is denied,
	56	* but fake indication that authentication is needed.
	57	*/
	58	void
	59	do_fake_authloop1(char *user)
	60	{
	61	int attempt = 0;
	62
	63	log("Faking authloop for illegal user %.200s from %.200s port %d",
	64	user,
	65	get_remote_ipaddr(),
	66	get_remote_port());
	67
	68	#ifdef WITH_AIXAUTHENTICATE
c1ef8333	69	loginfailed(user,get_canonical_hostname(),"ssh");
a306f2dd	70	#endif /* WITH_AIXAUTHENTICATE */
	71
	72	/* Indicate that authentication is needed. */
	73	packet_start(SSH_SMSG_FAILURE);
	74	packet_send();
	75	packet_write_wait();
	76
	77	/*
	78	* Keep reading packets, and always respond with a failure. This is
	79	* to avoid disclosing whether such a user really exists.
	80	*/
	81	for (attempt = 1;; attempt++) {
	82	/* Read a packet. This will not return if the client disconnects. */
	83	int plen;
	84	#ifndef SKEY
	85	(void)packet_read(&plen);
	86	#else /* SKEY */
	87	int type = packet_read(&plen);
	88	unsigned int dlen;
	89	char password, skeyinfo;
	90	password = NULL;
	91	/* Try to send a fake s/key challenge. */
	92	if (options.skey_authentication == 1 &&
	93	(skeyinfo = skey_fake_keyinfo(user)) != NULL) {
	94	if (type == SSH_CMSG_AUTH_TIS) {
	95	packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
	96	packet_put_string(skeyinfo, strlen(skeyinfo));
	97	packet_send();
	98	packet_write_wait();
	99	continue;
	100	} else if (type == SSH_CMSG_AUTH_PASSWORD &&
	101	options.password_authentication &&
	102	(password = packet_get_string(&dlen)) != NULL &&
	103	dlen == 5 &&
	104	strncasecmp(password, "s/key", 5) == 0 ) {
	105	packet_send_debug(skeyinfo);
	106	}
	107	}
	108	if (password != NULL)
	109	xfree(password);
	110	#endif
	111	if (attempt > AUTH_FAIL_MAX)
	112	packet_disconnect(AUTH_FAIL_MSG, user);
	113
	114	/*
	115	* Send failure. This should be indistinguishable from a
	116	* failed authentication.
	117	*/
	118	packet_start(SSH_SMSG_FAILURE);
	119	packet_send();
	120	packet_write_wait();
	121	}
	122	/* NOTREACHED */
	123	abort();
	124	}
	125
	126	/*
	127	* read packets and try to authenticate local user *pw.
	128	* return if authentication is successfull
	129	*/
	130	void
	131	do_authloop(struct passwd * pw)
	132	{
	133	int attempt = 0;
134	unsigned int bits;
135	RSA *client_host_key;
136	BIGNUM *n;
137	char client_user = NULL, password = NULL;
138	char user[1024];
139	unsigned int dlen;
140	int plen, nlen, elen;
141	unsigned int ulen;
142	int type = 0;
143	void (authlog) (const char fmt,...) = verbose;
144
145	/* Indicate that authentication is needed. */
146	packet_start(SSH_SMSG_FAILURE);
147	packet_send();
148	packet_write_wait();
149
150	for (attempt = 1;; attempt++) {
151	int authenticated = 0;
152	strlcpy(user, "", sizeof user);
153
154	/* Get a packet from the client. */
155	type = packet_read(&plen);
156
157	/* Process the packet. */
158	switch (type) {
159	#ifdef AFS
160	case SSH_CMSG_HAVE_KERBEROS_TGT:
161	if (!options.kerberos_tgt_passing) {
162	/* packet_get_all(); */
163	verbose("Kerberos tgt passing disabled.");
164	break;
165	} else {
166	/* Accept Kerberos tgt. */
167	char *tgt = packet_get_string(&dlen);
168	packet_integrity_check(plen, 4 + dlen, type);
169	if (!auth_kerberos_tgt(pw, tgt))
170	verbose("Kerberos tgt REFUSED for %s", pw->pw_name);
171	xfree(tgt);
172	}
173	continue;
174
175	case SSH_CMSG_HAVE_AFS_TOKEN:
176	if (!options.afs_token_passing \|\| !k_hasafs()) {
177	/* packet_get_all(); */
178	verbose("AFS token passing disabled.");
179	break;
180	} else {
181	/* Accept AFS token. */
182	char *token_string = packet_get_string(&dlen);
183	packet_integrity_check(plen, 4 + dlen, type);
184	if (!auth_afs_token(pw, token_string))
185	verbose("AFS token REFUSED for %s", pw->pw_name);
186	xfree(token_string);
187	}
188	continue;
189	#endif /* AFS */
190	#ifdef KRB4
191	case SSH_CMSG_AUTH_KERBEROS:
192	if (!options.kerberos_authentication) {
193	/* packet_get_all(); */
194	verbose("Kerberos authentication disabled.");
195	break;
196	} else {
197	/* Try Kerberos v4 authentication. */
198	KTEXT_ST auth;
199	char *tkt_user = NULL;
200	char kdata = packet_get_string((unsigned int ) &auth.length);
201	packet_integrity_check(plen, 4 + auth.length, type);
202
203	if (auth.length < MAX_KTXT_LEN)
204	memcpy(auth.dat, kdata, auth.length);
205	xfree(kdata);
206
207	authenticated = auth_krb4(pw->pw_name, &auth, &tkt_user);
208
209	if (authenticated) {
210	snprintf(user, sizeof user, " tktuser %s", tkt_user);
211	xfree(tkt_user);
212	}
213	}
214	break;
215	#endif /* KRB4 */
216
217	case SSH_CMSG_AUTH_RHOSTS:
218	if (!options.rhosts_authentication) {
219	verbose("Rhosts authentication disabled.");
220	break;
221	}
222	/*
223	* Get client user name. Note that we just have to
224	* trust the client; this is one reason why rhosts
225	* authentication is insecure. (Another is
226	* IP-spoofing on a local network.)
227	*/
228	client_user = packet_get_string(&ulen);
229	packet_integrity_check(plen, 4 + ulen, type);
230
231	/* Try to authenticate using /etc/hosts.equiv and
232	.rhosts. */
233	authenticated = auth_rhosts(pw, client_user);
234
235	snprintf(user, sizeof user, " ruser %s", client_user);
236	break;
237
238	case SSH_CMSG_AUTH_RHOSTS_RSA:
239	if (!options.rhosts_rsa_authentication) {
240	verbose("Rhosts with RSA authentication disabled.");
241	break;
242	}
243	/*
244	* Get client user name. Note that we just have to
245	* trust the client; root on the client machine can
246	* claim to be any user.
247	*/
248	client_user = packet_get_string(&ulen);
249
250	/* Get the client host key. */
251	client_host_key = RSA_new();
252	if (client_host_key == NULL)
253	fatal("RSA_new failed");
254	client_host_key->e = BN_new();
255	client_host_key->n = BN_new();
256	if (client_host_key->e == NULL \|\| client_host_key->n == NULL)
257	fatal("BN_new failed");
258	bits = packet_get_int();
259	packet_get_bignum(client_host_key->e, &elen);
260	packet_get_bignum(client_host_key->n, &nlen);
261
262	if (bits != BN_num_bits(client_host_key->n))
0b242b12	263	log("Warning: keysize mismatch for client_host_key: "
0b242b12	264	"actual %d, announced %d", BN_num_bits(client_host_key->n), bits);
a306f2dd	265	packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
	266
	267	authenticated = auth_rhosts_rsa(pw, client_user, client_host_key);
	268	RSA_free(client_host_key);
	269
	270	snprintf(user, sizeof user, " ruser %s", client_user);
	271	break;
	272
	273	case SSH_CMSG_AUTH_RSA:
	274	if (!options.rsa_authentication) {
	275	verbose("RSA authentication disabled.");
	276	break;
	277	}
	278	/* RSA authentication requested. */
	279	n = BN_new();
	280	packet_get_bignum(n, &nlen);
	281	packet_integrity_check(plen, nlen, type);
	282	authenticated = auth_rsa(pw, n);
	283	BN_clear_free(n);
	284	break;
	285
	286	case SSH_CMSG_AUTH_PASSWORD:
	287	if (!options.password_authentication) {
	288	verbose("Password authentication disabled.");
	289	break;
	290	}
	291	/*
	292	* Read user password. It is in plain text, but was
	293	* transmitted over the encrypted channel so it is
	294	* not visible to an outside observer.
	295	*/
	296	password = packet_get_string(&dlen);
	297	packet_integrity_check(plen, 4 + dlen, type);
	298
	299	#ifdef USE_PAM
	300	/* Do PAM auth with password */
	301	authenticated = auth_pam_password(pw, password);
	302	#else /* USE_PAM */
	303	/* Try authentication with the password. */
	304	authenticated = auth_password(pw, password);
	305	#endif /* USE_PAM */
	306
	307	memset(password, 0, strlen(password));
	308	xfree(password);
	309	break;
	310
	311	#ifdef SKEY
	312	case SSH_CMSG_AUTH_TIS:
	313	debug("rcvd SSH_CMSG_AUTH_TIS");
	314	if (options.skey_authentication == 1) {
	315	char *skeyinfo = skey_keyinfo(pw->pw_name);
	316	if (skeyinfo == NULL) {
	317	debug("generating fake skeyinfo for %.100s.", pw->pw_name);
	318	skeyinfo = skey_fake_keyinfo(pw->pw_name);
	319	}
	320	if (skeyinfo != NULL) {
	321	/* we send our s/key- in tis-challenge messages */
	322	debug("sending challenge '%s'", skeyinfo);
	323	packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
	324	packet_put_string(skeyinfo, strlen(skeyinfo));
	325	packet_send();
	326	packet_write_wait();
	327	continue;
	328	}
329	}
330	break;
331	case SSH_CMSG_AUTH_TIS_RESPONSE:
332	debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE");
333	if (options.skey_authentication == 1) {
334	char *response = packet_get_string(&dlen);
335	debug("skey response == '%s'", response);
336	packet_integrity_check(plen, 4 + dlen, type);
337	authenticated = (skey_haskey(pw->pw_name) == 0 &&
338	skey_passcheck(pw->pw_name, response) != -1);
339	xfree(response);
340	}
341	break;
342	#else
343	case SSH_CMSG_AUTH_TIS:
344	/* TIS Authentication is unsupported */
345	log("TIS authentication unsupported.");
346	break;
347	#endif
348
349	default:
350	/*
351	* Any unknown messages will be ignored (and failure
352	* returned) during authentication.
353	*/
354	log("Unknown message during authentication: type %d", type);
355	break;
356	}
357
358	/*
359	* Check if the user is logging in as root and root logins
360	* are disallowed.
361	* Note that root login is allowed for forced commands.
362	*/
363	if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
364	if (forced_command) {
365	log("Root login accepted for forced command.");
366	} else {
367	authenticated = 0;
368	log("ROOT LOGIN REFUSED FROM %.200s",
369	get_canonical_hostname());
370	}
371	}
372
373	/* Raise logging level */
374	if (authenticated \|\|
375	attempt == AUTH_FAIL_LOG \|\|
376	type == SSH_CMSG_AUTH_PASSWORD)
377	authlog = log;
378
379	authlog("%s %s for %.200s from %.200s port %d%s",
380	authenticated ? "Accepted" : "Failed",
381	get_authname(type),
382	pw->pw_uid == 0 ? "ROOT" : pw->pw_name,
383	get_remote_ipaddr(),
384	get_remote_port(),
385	user);
386
387	#ifdef USE_PAM
388	if (authenticated) {
389	if (!do_pam_account(pw->pw_name, client_user)) {
390	if (client_user != NULL) {
391	xfree(client_user);
392	client_user = NULL;
393	}
394	do_fake_authloop1(pw->pw_name);
395	}
396	return;
397	}
398	#else /* USE_PAM */
399	if (authenticated) {
400	return;
401	}
402	#endif /* USE_PAM */
403
404	if (client_user != NULL) {
405	xfree(client_user);
406	client_user = NULL;
407	}
408
c1ef8333	409	if (attempt > AUTH_FAIL_MAX) {
	410	#ifdef WITH_AIXAUTHENTICATE
	411	loginfailed(pw->pw_name,get_canonical_hostname(),"ssh");
	412	#endif /* WITH_AIXAUTHENTICATE */
a306f2dd	413	packet_disconnect(AUTH_FAIL_MSG, pw->pw_name);
c1ef8333	414	}
a306f2dd	415
	416	/* Send a message indicating that the authentication attempt failed. */
	417	packet_start(SSH_SMSG_FAILURE);
	418	packet_send();
	419	packet_write_wait();
	420	}
	421	}
	422
	423	/*
	424	* Performs authentication of an incoming connection. Session key has already
	425	* been exchanged and encryption is enabled.
	426	*/
	427	void
	428	do_authentication()
	429	{
	430	struct passwd *pw, pwcopy;
	431	int plen;
	432	unsigned int ulen;
	433	char *user;
	434	#ifdef WITH_AIXAUTHENTICATE
c1ef8333	435	extern char *aixloginmsg;
a306f2dd	436	#endif /* WITH_AIXAUTHENTICATE */
	437
	438	/* Get the name of the user that we wish to log in as. */
	439	packet_read_expect(&plen, SSH_CMSG_USER);
	440
	441	/* Get the user name. */
	442	user = packet_get_string(&ulen);
	443	packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);
	444
	445	setproctitle("%s", user);
	446
	447	#ifdef AFS
	448	/* If machine has AFS, set process authentication group. */
	449	if (k_hasafs()) {
	450	k_setpag();
	451	k_unlog();
	452	}
	453	#endif /* AFS */
	454
	455	/* Verify that the user is a valid user. */
	456	pw = getpwnam(user);
	457	if (!pw \|\| !allowed_user(pw))
	458	do_fake_authloop1(user);
	459	xfree(user);
	460
	461	/* Take a copy of the returned structure. */
	462	memset(&pwcopy, 0, sizeof(pwcopy));
	463	pwcopy.pw_name = xstrdup(pw->pw_name);
	464	pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
	465	pwcopy.pw_uid = pw->pw_uid;
	466	pwcopy.pw_gid = pw->pw_gid;
	467	pwcopy.pw_dir = xstrdup(pw->pw_dir);
	468	pwcopy.pw_shell = xstrdup(pw->pw_shell);
	469	pw = &pwcopy;
	470
	471	#ifdef USE_PAM
	472	start_pam(pw);
	473	#endif
	474
	475	/*
	476	* If we are not running as root, the user must have the same uid as
	477	* the server.
	478	*/
	479	if (getuid() != 0 && pw->pw_uid != getuid())
	480	packet_disconnect("Cannot change user when server not running as root.");
	481
	482	debug("Attempting authentication for %.100s.", pw->pw_name);
	483
	484	/* If the user has no password, accept authentication immediately. */
	485	if (options.password_authentication &&
	486	#ifdef KRB4
	487	(!options.kerberos_authentication \|\| options.kerberos_or_local_passwd) &&
	488	#endif /* KRB4 */
	489	#ifdef USE_PAM
	490	auth_pam_password(pw, "")) {
	491	#else /* USE_PAM */
	492	auth_password(pw, "")) {
	493	#endif /* USE_PAM */
	494	/* Authentication with empty password succeeded. */
	495	log("Login for user %s from %.100s, accepted without authentication.",
	496	pw->pw_name, get_remote_ipaddr());
	497	} else {
	498	/* Loop until the user has been authenticated or the
	499	connection is closed, do_authloop() returns only if
500	authentication is successfull */
501	do_authloop(pw);
502	}
503
504	/* The user has been authenticated and accepted. */
505	#ifdef WITH_AIXAUTHENTICATE
c1ef8333	506	/* We don't have a pty yet, so just label the line as "ssh" */
	507	if (loginsuccess(user,get_canonical_hostname(),"ssh",&aixloginmsg) < 0)
	508	aixloginmsg = NULL;
a306f2dd	509	#endif /* WITH_AIXAUTHENTICATE */
	510	packet_start(SSH_SMSG_SUCCESS);
	511	packet_send();
	512	packet_write_wait();
	513
	514	/* Perform session preparation. */
	515	do_authenticated(pw);
	516	}