[openssh.git] / auth-options.c

/*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 * RSA-based authentication.  This code determines whether to admit a login
 * based on RSA authentication.  This file also contains functions to check
 * validity of the host key.
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 */

#include "includes.h"
RCSID("$OpenBSD: auth-options.c,v 1.5 2000/10/09 21:32:34 markus Exp $");

#include "ssh.h"
#include "packet.h"
#include "xmalloc.h"
#include "match.h"

/* Flags set authorized_keys flags */
int no_port_forwarding_flag = 0;
int no_agent_forwarding_flag = 0;
int no_x11_forwarding_flag = 0;
int no_pty_flag = 0;

/* "command=" option. */
char *forced_command = NULL;

/* "environment=" options. */
struct envstring *custom_environment = NULL;

void
auth_clear_options(void)
{
	no_agent_forwarding_flag = 0;
	no_port_forwarding_flag = 0;
	no_pty_flag = 0;
	no_x11_forwarding_flag = 0;
	while (custom_environment) {
		struct envstring *ce = custom_environment;
		custom_environment = ce->next;
		xfree(ce->s);
		xfree(ce);
	}
	if (forced_command) {
		xfree(forced_command);
		forced_command = NULL;
	}
}

/* return 1 if access is granted, 0 if not. side effect: sets key option flags */
int
auth_parse_options(struct passwd *pw, char *options, unsigned long linenum)
{
	const char *cp;
	if (!options)
		return 1;

	/* reset options */
	auth_clear_options();

	while (*options && *options != ' ' && *options != '\t') {
		cp = "no-port-forwarding";
		if (strncmp(options, cp, strlen(cp)) == 0) {
			packet_send_debug("Port forwarding disabled.");
			no_port_forwarding_flag = 1;
			options += strlen(cp);
			goto next_option;
		}
		cp = "no-agent-forwarding";
		if (strncmp(options, cp, strlen(cp)) == 0) {
			packet_send_debug("Agent forwarding disabled.");
			no_agent_forwarding_flag = 1;
			options += strlen(cp);
			goto next_option;
		}
		cp = "no-X11-forwarding";
		if (strncmp(options, cp, strlen(cp)) == 0) {
			packet_send_debug("X11 forwarding disabled.");
			no_x11_forwarding_flag = 1;
			options += strlen(cp);
			goto next_option;
		}
		cp = "no-pty";
		if (strncmp(options, cp, strlen(cp)) == 0) {
			packet_send_debug("Pty allocation disabled.");
			no_pty_flag = 1;
			options += strlen(cp);
			goto next_option;
		}
		cp = "command=\"";
		if (strncmp(options, cp, strlen(cp)) == 0) {
			int i;
			options += strlen(cp);
			forced_command = xmalloc(strlen(options) + 1);
			i = 0;
			while (*options) {
				if (*options == '"')
					break;
				if (*options == '\\' && options[1] == '"') {
					options += 2;
					forced_command[i++] = '"';
					continue;
				}
				forced_command[i++] = *options++;
			}
			if (!*options) {
				debug("%.100s, line %lu: missing end quote",
				    SSH_USER_PERMITTED_KEYS, linenum);
				packet_send_debug("%.100s, line %lu: missing end quote",
				    SSH_USER_PERMITTED_KEYS, linenum);
				continue;
			}
			forced_command[i] = 0;
			packet_send_debug("Forced command: %.900s", forced_command);
			options++;
			goto next_option;
		}
		cp = "environment=\"";
		if (strncmp(options, cp, strlen(cp)) == 0) {
			int i;
			char *s;
			struct envstring *new_envstring;
			options += strlen(cp);
			s = xmalloc(strlen(options) + 1);
			i = 0;
			while (*options) {
				if (*options == '"')
					break;
				if (*options == '\\' && options[1] == '"') {
					options += 2;
					s[i++] = '"';
					continue;
				}
				s[i++] = *options++;
			}
			if (!*options) {
				debug("%.100s, line %lu: missing end quote",
				    SSH_USER_PERMITTED_KEYS, linenum);
				packet_send_debug("%.100s, line %lu: missing end quote",
				    SSH_USER_PERMITTED_KEYS, linenum);
				continue;
			}
			s[i] = 0;
			packet_send_debug("Adding to environment: %.900s", s);
			debug("Adding to environment: %.900s", s);
			options++;
			new_envstring = xmalloc(sizeof(struct envstring));
			new_envstring->s = s;
			new_envstring->next = custom_environment;
			custom_environment = new_envstring;
			goto next_option;
		}
		cp = "from=\"";
		if (strncmp(options, cp, strlen(cp)) == 0) {
			int mname, mip;
			char *patterns = xmalloc(strlen(options) + 1);
			int i;
			options += strlen(cp);
			i = 0;
			while (*options) {
				if (*options == '"')
					break;
				if (*options == '\\' && options[1] == '"') {
					options += 2;
					patterns[i++] = '"';
					continue;
				}
				patterns[i++] = *options++;
			}
			if (!*options) {
				debug("%.100s, line %lu: missing end quote",
				    SSH_USER_PERMITTED_KEYS, linenum);
				packet_send_debug("%.100s, line %lu: missing end quote",
				    SSH_USER_PERMITTED_KEYS, linenum);
				continue;
			}
			patterns[i] = 0;
			options++;
			/*
			 * Deny access if we get a negative
			 * match for the hostname or the ip
			 * or if we get not match at all
			 */
			mname = match_hostname(get_canonical_hostname(),
			    patterns, strlen(patterns));
			mip = match_hostname(get_remote_ipaddr(),
			    patterns, strlen(patterns));
			xfree(patterns);
			if (mname == -1 || mip == -1 ||
			    (mname != 1 && mip != 1)) {
				log("Authentication tried for %.100s with correct key but not from a permitted host (host=%.200s, ip=%.200s).",
				    pw->pw_name, get_canonical_hostname(),
				    get_remote_ipaddr());
				packet_send_debug("Your host '%.200s' is not permitted to use this key for login.",
				get_canonical_hostname());
				/* deny access */
				return 0;
			}
			/* Host name matches. */
			goto next_option;
		}
next_option:
		/*
		 * Skip the comma, and move to the next option
		 * (or break out if there are no more).
		 */
		if (!*options)
			fatal("Bugs in auth-options.c option processing.");
		if (*options == ' ' || *options == '\t')
			break;		/* End of options. */
		if (*options != ',')
			goto bad_option;
		options++;
		/* Process the next option. */
	}
	/* grant access */
	return 1;

bad_option:
	log("Bad options in %.100s file, line %lu: %.50s",
	    SSH_USER_PERMITTED_KEYS, linenum, options);
	packet_send_debug("Bad options in %.100s file, line %lu: %.50s",
	    SSH_USER_PERMITTED_KEYS, linenum, options);
	/* deny access */
	return 0;
}
Commit	Line	Data
bcbf86ec	1	/*
	2	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	4	* All rights reserved
	5	* RSA-based authentication. This code determines whether to admit a login
	6	* based on RSA authentication. This file also contains functions to check
	7	* validity of the host key.
	8	*
	9	* As far as I am concerned, the code I have written for this software
	10	* can be used freely for any purpose. Any derived versions of this
	11	* software must be clearly marked as such, and if the derived work is
	12	* incompatible with the protocol description in the RFC file, it must be
	13	* called by a name other than "ssh" or "Secure Shell".
	14	*/
	15
38c295d6	16	#include "includes.h"
94ec8c6b	17	RCSID("$OpenBSD: auth-options.c,v 1.5 2000/10/09 21:32:34 markus Exp $");
38c295d6	18
	19	#include "ssh.h"
	20	#include "packet.h"
	21	#include "xmalloc.h"
	22	#include "match.h"
	23
	24	/* Flags set authorized_keys flags */
	25	int no_port_forwarding_flag = 0;
	26	int no_agent_forwarding_flag = 0;
	27	int no_x11_forwarding_flag = 0;
	28	int no_pty_flag = 0;
	29
	30	/* "command=" option. */
	31	char *forced_command = NULL;
	32
	33	/* "environment=" options. */
	34	struct envstring *custom_environment = NULL;
	35
94ec8c6b	36	void
	37	auth_clear_options(void)
	38	{
	39	no_agent_forwarding_flag = 0;
	40	no_port_forwarding_flag = 0;
	41	no_pty_flag = 0;
	42	no_x11_forwarding_flag = 0;
	43	while (custom_environment) {
	44	struct envstring *ce = custom_environment;
	45	custom_environment = ce->next;
	46	xfree(ce->s);
	47	xfree(ce);
	48	}
	49	if (forced_command) {
	50	xfree(forced_command);
	51	forced_command = NULL;
	52	}
	53	}
	54
38c295d6	55	/* return 1 if access is granted, 0 if not. side effect: sets key option flags */
	56	int
	57	auth_parse_options(struct passwd pw, char options, unsigned long linenum)
	58	{
	59	const char *cp;
	60	if (!options)
	61	return 1;
94ec8c6b	62
	63	/* reset options */
	64	auth_clear_options();
	65
38c295d6	66	while (options && options != ' ' && *options != '\t') {
	67	cp = "no-port-forwarding";
	68	if (strncmp(options, cp, strlen(cp)) == 0) {
	69	packet_send_debug("Port forwarding disabled.");
	70	no_port_forwarding_flag = 1;
	71	options += strlen(cp);
	72	goto next_option;
	73	}
	74	cp = "no-agent-forwarding";
	75	if (strncmp(options, cp, strlen(cp)) == 0) {
	76	packet_send_debug("Agent forwarding disabled.");
	77	no_agent_forwarding_flag = 1;
	78	options += strlen(cp);
	79	goto next_option;
	80	}
	81	cp = "no-X11-forwarding";
	82	if (strncmp(options, cp, strlen(cp)) == 0) {
	83	packet_send_debug("X11 forwarding disabled.");
	84	no_x11_forwarding_flag = 1;
	85	options += strlen(cp);
	86	goto next_option;
	87	}
	88	cp = "no-pty";
	89	if (strncmp(options, cp, strlen(cp)) == 0) {
	90	packet_send_debug("Pty allocation disabled.");
	91	no_pty_flag = 1;
	92	options += strlen(cp);
	93	goto next_option;
	94	}
	95	cp = "command=\"";
	96	if (strncmp(options, cp, strlen(cp)) == 0) {
	97	int i;
	98	options += strlen(cp);
	99	forced_command = xmalloc(strlen(options) + 1);
	100	i = 0;
	101	while (*options) {
	102	if (*options == '"')
	103	break;
	104	if (*options == '\\' && options[1] == '"') {
	105	options += 2;
	106	forced_command[i++] = '"';
	107	continue;
	108	}
	109	forced_command[i++] = *options++;
	110	}
	111	if (!*options) {
	112	debug("%.100s, line %lu: missing end quote",
94ec8c6b	113	SSH_USER_PERMITTED_KEYS, linenum);
38c295d6	114	packet_send_debug("%.100s, line %lu: missing end quote",
94ec8c6b	115	SSH_USER_PERMITTED_KEYS, linenum);
38c295d6	116	continue;
	117	}
	118	forced_command[i] = 0;
	119	packet_send_debug("Forced command: %.900s", forced_command);
	120	options++;
	121	goto next_option;
	122	}
	123	cp = "environment=\"";
	124	if (strncmp(options, cp, strlen(cp)) == 0) {
	125	int i;
	126	char *s;
	127	struct envstring *new_envstring;
	128	options += strlen(cp);
	129	s = xmalloc(strlen(options) + 1);
	130	i = 0;
	131	while (*options) {
	132	if (*options == '"')
	133	break;
	134	if (*options == '\\' && options[1] == '"') {
	135	options += 2;
	136	s[i++] = '"';
	137	continue;
	138	}
	139	s[i++] = *options++;
	140	}
	141	if (!*options) {
	142	debug("%.100s, line %lu: missing end quote",
94ec8c6b	143	SSH_USER_PERMITTED_KEYS, linenum);
38c295d6	144	packet_send_debug("%.100s, line %lu: missing end quote",
94ec8c6b	145	SSH_USER_PERMITTED_KEYS, linenum);
38c295d6	146	continue;
	147	}
	148	s[i] = 0;
	149	packet_send_debug("Adding to environment: %.900s", s);
	150	debug("Adding to environment: %.900s", s);
	151	options++;
	152	new_envstring = xmalloc(sizeof(struct envstring));
	153	new_envstring->s = s;
	154	new_envstring->next = custom_environment;
	155	custom_environment = new_envstring;
	156	goto next_option;
	157	}
	158	cp = "from=\"";
	159	if (strncmp(options, cp, strlen(cp)) == 0) {
	160	int mname, mip;
	161	char *patterns = xmalloc(strlen(options) + 1);
	162	int i;
	163	options += strlen(cp);
	164	i = 0;
	165	while (*options) {
	166	if (*options == '"')
	167	break;
	168	if (*options == '\\' && options[1] == '"') {
	169	options += 2;
	170	patterns[i++] = '"';
	171	continue;
	172	}
	173	patterns[i++] = *options++;
	174	}
	175	if (!*options) {
	176	debug("%.100s, line %lu: missing end quote",
	177	SSH_USER_PERMITTED_KEYS, linenum);
	178	packet_send_debug("%.100s, line %lu: missing end quote",
	179	SSH_USER_PERMITTED_KEYS, linenum);
	180	continue;
	181	}
	182	patterns[i] = 0;
	183	options++;
	184	/*
	185	* Deny access if we get a negative
	186	* match for the hostname or the ip
	187	* or if we get not match at all
	188	*/
	189	mname = match_hostname(get_canonical_hostname(),
	190	patterns, strlen(patterns));
	191	mip = match_hostname(get_remote_ipaddr(),
	192	patterns, strlen(patterns));
	193	xfree(patterns);
	194	if (mname == -1 \|\| mip == -1 \|\|
	195	(mname != 1 && mip != 1)) {
	196	log("Authentication tried for %.100s with correct key but not from a permitted host (host=%.200s, ip=%.200s).",
	197	pw->pw_name, get_canonical_hostname(),
	198	get_remote_ipaddr());
	199	packet_send_debug("Your host '%.200s' is not permitted to use this key for login.",
	200	get_canonical_hostname());
38c295d6	201	/* deny access */
	202	return 0;
	203	}
	204	/* Host name matches. */
	205	goto next_option;
	206	}
	207	next_option:
	208	/*
	209	* Skip the comma, and move to the next option
	210	* (or break out if there are no more).
	211	*/
	212	if (!*options)
	213	fatal("Bugs in auth-options.c option processing.");
	214	if (options == ' ' \|\| options == '\t')
	215	break; /* End of options. */
	216	if (*options != ',')
	217	goto bad_option;
	218	options++;
	219	/* Process the next option. */
	220	}
	221	/* grant access */
	222	return 1;
	223
	224	bad_option:
	225	log("Bad options in %.100s file, line %lu: %.50s",
	226	SSH_USER_PERMITTED_KEYS, linenum, options);
	227	packet_send_debug("Bad options in %.100s file, line %lu: %.50s",
	228	SSH_USER_PERMITTED_KEYS, linenum, options);
	229	/* deny access */
	230	return 0;
	231	}