]> andersk Git - openssh.git/blobdiff - sshconnect2.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- djm@cvs.openbsd.org 2008/01/19 23:09:49
[openssh.git] / sshconnect2.c
diff --git a/sshconnect2.c b/sshconnect2.c
index f6368aadd31189961d26f9c854048aef9958df77..5bb7723682496638db03c4e27ad4ecc7a86c9c07 100644 (file)
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: sshconnect2.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -23,18 +24,31 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.132 2003/11/17 11:06:07 markus Exp $");
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+
+#include <errno.h>
+#include <netdb.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
 
 #include "openbsd-compat/sys-queue.h"
 
+#include "xmalloc.h"
 #include "ssh.h"
 #include "ssh2.h"
-#include "xmalloc.h"
 #include "buffer.h"
 #include "packet.h"
 #include "compat.h"
-#include "bufaux.h"
 #include "cipher.h"
+#include "key.h"
 #include "kex.h"
 #include "myproposal.h"
 #include "sshconnect.h"
@@ -43,12 +57,13 @@ RCSID("$OpenBSD: sshconnect2.c,v 1.132 2003/11/17 11:06:07 markus Exp $");
 #include "authfd.h"
 #include "log.h"
 #include "readconf.h"
-#include "readpass.h"
+#include "misc.h"
 #include "match.h"
 #include "dispatch.h"
 #include "canohost.h"
 #include "msg.h"
 #include "pathnames.h"
+#include "uidswap.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
@@ -101,10 +116,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
            compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
        if (options.compression) {
                myproposal[PROPOSAL_COMP_ALGS_CTOS] =
-               myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib,none";
+               myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib@openssh.com,zlib,none";
        } else {
                myproposal[PROPOSAL_COMP_ALGS_CTOS] =
-               myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib";
+               myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com,zlib";
        }
        if (options.macs != NULL) {
                myproposal[PROPOSAL_MAC_ALGS_CTOS] =
@@ -115,12 +130,14 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
                    options.hostkeyalgorithms;
 
        if (options.rekey_limit)
-               packet_set_rekey_limit(options.rekey_limit);
+               packet_set_rekey_limit((u_int32_t)options.rekey_limit);
 
        /* start key exchange */
        kex = kex_setup(myproposal);
        kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
+       kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
        kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
+       kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
        kex->client_version_string=client_version_string;
        kex->server_version_string=server_version_string;
        kex->verify_host_key=&verify_host_key_callback;
@@ -351,7 +368,7 @@ void
 input_userauth_error(int type, u_int32_t seq, void *ctxt)
 {
        fatal("input_userauth_error: bad message during authentication: "
-          "type %d", type);
+           "type %d", type);
 }
 
 void
@@ -362,7 +379,7 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt)
        debug3("input_userauth_banner");
        msg = packet_get_string(NULL);
        lang = packet_get_string(NULL);
-       if (options.log_level > SYSLOG_LEVEL_QUIET)
+       if (options.log_level >= SYSLOG_LEVEL_INFO)
                fprintf(stderr, "%s", msg);
        xfree(msg);
        xfree(lang);
@@ -458,7 +475,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt)
         * moved to the end of the queue.  this also avoids confusion by
         * duplicate keys
         */
-       TAILQ_FOREACH_REVERSE(id, &authctxt->keys, next, idlist) {
+       TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) {
                if (key_equal(key, id->key)) {
                        sent = sign_and_send_pubkey(authctxt, id);
                        break;
@@ -476,12 +493,12 @@ done:
 }
 
 #ifdef GSSAPI
-int 
+int
 userauth_gssapi(Authctxt *authctxt)
 {
        Gssctxt *gssctxt = NULL;
        static gss_OID_set gss_supported = NULL;
-       static int mech = 0;
+       static u_int mech = 0;
        OM_uint32 min;
        int ok = 0;
 
@@ -493,22 +510,18 @@ userauth_gssapi(Authctxt *authctxt)
 
        /* Check to see if the mechanism is usable before we offer it */
        while (mech < gss_supported->count && !ok) {
-               if (gssctxt)
-                       ssh_gssapi_delete_ctx(&gssctxt);
-               ssh_gssapi_build_ctx(&gssctxt);
-               ssh_gssapi_set_oid(gssctxt, &gss_supported->elements[mech]);
-
                /* My DER encoding requires length<128 */
                if (gss_supported->elements[mech].length < 128 &&
-                   !GSS_ERROR(ssh_gssapi_import_name(gssctxt,
-                   authctxt->host))) {
+                   ssh_gssapi_check_mechanism(&gssctxt, 
+                   &gss_supported->elements[mech], authctxt->host)) {
                        ok = 1; /* Mechanism works */
                } else {
                        mech++;
                }
        }
 
-       if (!ok) return 0;
+       if (!ok)
+               return 0;
 
        authctxt->methoddata=(void *)gssctxt;
 
@@ -543,10 +556,11 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok)
        Authctxt *authctxt = ctxt;
        Gssctxt *gssctxt = authctxt->methoddata;
        gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
-       gss_buffer_desc gssbuf, mic;
+       gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
+       gss_buffer_desc gssbuf;
        OM_uint32 status, ms, flags;
        Buffer b;
-       
+
        status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
            recv_tok, &send_tok, &flags);
 
@@ -555,12 +569,12 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok)
                        packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK);
                else
                        packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
-                       
+
                packet_put_string(send_tok.value, send_tok.length);
                packet_send();
                gss_release_buffer(&ms, &send_tok);
        }
-       
+
        if (status == GSS_S_COMPLETE) {
                /* send either complete or MIC, depending on mechanism */
                if (!(flags & GSS_C_INTEG_FLAG)) {
@@ -572,21 +586,21 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok)
 
                        gssbuf.value = buffer_ptr(&b);
                        gssbuf.length = buffer_len(&b);
-                       
+
                        status = ssh_gssapi_sign(gssctxt, &gssbuf, &mic);
-                       
+
                        if (!GSS_ERROR(status)) {
                                packet_start(SSH2_MSG_USERAUTH_GSSAPI_MIC);
                                packet_put_string(mic.value, mic.length);
-                               
+
                                packet_send();
                        }
-                               
+
                        buffer_free(&b);
                        gss_release_buffer(&ms, &mic);
-               }          
+               }
        }
-       
+
        return status;
 }
 
@@ -677,7 +691,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
 
        /* Stick it into GSSAPI and see what it says */
        status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
-                                    &recv_tok, &send_tok, NULL);
+           &recv_tok, &send_tok, NULL);
 
        xfree(recv_tok.value);
        gss_release_buffer(&ms, &send_tok);
@@ -699,7 +713,7 @@ input_gssapi_error(int type, u_int32_t plen, void *ctxt)
 
        packet_check_eom();
 
-       debug("Server GSSAPI Error:\n%s\n", msg);
+       debug("Server GSSAPI Error:\n%s", msg);
        xfree(msg);
        xfree(lang);
 }
@@ -960,14 +974,16 @@ load_identity_file(char *filename)
 {
        Key *private;
        char prompt[300], *passphrase;
-       int quit, i;
+       int perm_ok, quit, i;
        struct stat st;
 
        if (stat(filename, &st) < 0) {
                debug3("no such identity: %s", filename);
                return NULL;
        }
-       private = key_load_private_type(KEY_UNSPEC, filename, "", NULL);
+       private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok);
+       if (!perm_ok)
+               return NULL;
        if (private == NULL) {
                if (options.batch_mode)
                        return NULL;
@@ -976,8 +992,8 @@ load_identity_file(char *filename)
                for (i = 0; i < options.number_of_password_prompts; i++) {
                        passphrase = read_passphrase(prompt, 0);
                        if (strcmp(passphrase, "") != 0) {
-                               private = key_load_private_type(KEY_UNSPEC, filename,
-                                   passphrase, NULL);
+                               private = key_load_private_type(KEY_UNSPEC,
+                                   filename, passphrase, NULL, NULL);
                                quit = 0;
                        } else {
                                debug2("no passphrase given, try next key");
@@ -1020,8 +1036,7 @@ pubkey_prepare(Authctxt *authctxt)
                if (key && key->type == KEY_RSA1)
                        continue;
                options.identity_keys[i] = NULL;
-               id = xmalloc(sizeof(*id));
-               memset(id, 0, sizeof(*id));
+               id = xcalloc(1, sizeof(*id));
                id->key = key;
                id->filename = xstrdup(options.identity_files[i]);
                TAILQ_INSERT_TAIL(&files, id, next);
@@ -1033,7 +1048,7 @@ pubkey_prepare(Authctxt *authctxt)
                    key = ssh_get_next_identity(ac, &comment, 2)) {
                        found = 0;
                        TAILQ_FOREACH(id, &files, next) {
-                               /* agent keys from the config file are preferred */ 
+                               /* agent keys from the config file are preferred */
                                if (key_equal(key, id->key)) {
                                        key_free(key);
                                        xfree(comment);
@@ -1044,9 +1059,8 @@ pubkey_prepare(Authctxt *authctxt)
                                        break;
                                }
                        }
-                       if (!found) {
-                               id = xmalloc(sizeof(*id));
-                               memset(id, 0, sizeof(*id));
+                       if (!found && !options.identities_only) {
+                               id = xcalloc(1, sizeof(*id));
                                id->key = key;
                                id->filename = comment;
                                id->ac = ac;
@@ -1242,8 +1256,7 @@ ssh_keysign(Key *key, u_char **sigp, u_int *lenp,
                return -1;
        }
        if (pid == 0) {
-               seteuid(getuid());
-               setuid(getuid());
+               permanently_drop_suid(getuid());
                close(from[0]);
                if (dup2(from[1], STDOUT_FILENO) < 0)
                        fatal("ssh_keysign: dup2: %s", strerror(errno));
@@ -1267,7 +1280,7 @@ ssh_keysign(Key *key, u_char **sigp, u_int *lenp,
 
        if (ssh_msg_recv(from[0], &b) < 0) {
                error("ssh_keysign: no reply");
-               buffer_clear(&b);
+               buffer_free(&b);
                return -1;
        }
        close(from[0]);
@@ -1279,11 +1292,11 @@ ssh_keysign(Key *key, u_char **sigp, u_int *lenp,
 
        if (buffer_get_char(&b) != version) {
                error("ssh_keysign: bad version");
-               buffer_clear(&b);
+               buffer_free(&b);
                return -1;
        }
        *sigp = buffer_get_string(&b, lenp);
-       buffer_clear(&b);
+       buffer_free(&b);
 
        return 0;
 }
@@ -1295,7 +1308,7 @@ userauth_hostbased(Authctxt *authctxt)
        Sensitive *sensitive = authctxt->sensitive;
        Buffer b;
        u_char *signature, *blob;
-       char *chost, *pkalg, *p;
+       char *chost, *pkalg, *p, myname[NI_MAXHOST];
        const char *service;
        u_int blen, slen;
        int ok, i, len, found = 0;
@@ -1319,16 +1332,24 @@ userauth_hostbased(Authctxt *authctxt)
                return 0;
        }
        /* figure out a name for the client host */
-       p = get_local_name(packet_get_connection_in());
+       p = NULL;
+       if (packet_connection_is_on_socket())
+               p = get_local_name(packet_get_connection_in());
+       if (p == NULL) {
+               if (gethostname(myname, sizeof(myname)) == -1) {
+                       verbose("userauth_hostbased: gethostname: %s", 
+                           strerror(errno));
+               } else
+                       p = xstrdup(myname);
+       }
        if (p == NULL) {
                error("userauth_hostbased: cannot get local ipaddr/name");
                key_free(private);
+               xfree(blob);
                return 0;
        }
        len = strlen(p) + 2;
-       chost = xmalloc(len);
-       strlcpy(chost, p, len);
-       strlcat(chost, ".", len);
+       xasprintf(&chost, "%s.", p);
        debug2("userauth_hostbased: chost %s", chost);
        xfree(p);
 
@@ -1361,6 +1382,7 @@ userauth_hostbased(Authctxt *authctxt)
                error("key_sign failed");
                xfree(chost);
                xfree(pkalg);
+               xfree(blob);
                return 0;
        }
        packet_start(SSH2_MSG_USERAUTH_REQUEST);
@@ -1376,6 +1398,7 @@ userauth_hostbased(Authctxt *authctxt)
        xfree(signature);
        xfree(chost);
        xfree(pkalg);
+       xfree(blob);
 
        packet_send();
        return 1;
git-cvsimport mirror of OpenSSH
This page took 0.085586 seconds and 4 git commands to generate.