]> andersk Git - openssh.git/blobdiff - sshd.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)
[openssh.git] / sshd.c
diff --git a/sshd.c b/sshd.c
index f1f2e38b336dea25b5adfaa4459cfd82eb6c2930..04778ea99fd67b96e0d90fdc5d67ffa3271c41ac 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.346 2006/08/18 09:13:26 deraadt Exp $ */
+/* $OpenBSD: sshd.c,v 1.351 2007/05/22 10:18:52 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -65,6 +65,7 @@
 #include <grp.h>
 #include <pwd.h>
 #include <signal.h>
+#include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -243,6 +244,9 @@ Buffer cfg;
 /* message to be displayed after login */
 Buffer loginmsg;
 
+/* Unprivileged user */
+struct passwd *privsep_pw = NULL;
+
 /* Prototypes for various functions defined later in this file. */
 void destroy_sensitive_data(void);
 void demote_sensitive_data(void);
@@ -301,6 +305,7 @@ sighup_restart(void)
        logit("Received SIGHUP; restarting.");
        close_listen_socks();
        close_startup_pipes();
+       alarm(0);  /* alarm timer persists across exec */
        execv(saved_argv[0], saved_argv);
        logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
            strerror(errno));
@@ -578,7 +583,6 @@ privsep_preauth_child(void)
 {
        u_int32_t rnd[256];
        gid_t gidset[1];
-       struct passwd *pw;
        int i;
 
        /* Enable challenge-response authentication for privilege separation */
@@ -591,12 +595,6 @@ privsep_preauth_child(void)
        /* Demote the private keys to public keys. */
        demote_sensitive_data();
 
-       if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
-               fatal("Privilege separation user %s does not exist",
-                   SSH_PRIVSEP_USER);
-       memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));
-       endpwent();
-
        /* Change our root directory */
        if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
                fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
@@ -605,16 +603,16 @@ privsep_preauth_child(void)
                fatal("chdir(\"/\"): %s", strerror(errno));
 
        /* Drop our privileges */
-       debug3("privsep user:group %u:%u", (u_int)pw->pw_uid,
-           (u_int)pw->pw_gid);
+       debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
+           (u_int)privsep_pw->pw_gid);
 #if 0
        /* XXX not ready, too heavy after chroot */
-       do_setusercontext(pw);
+       do_setusercontext(privsep_pw);
 #else
-       gidset[0] = pw->pw_gid;
+       gidset[0] = privsep_pw->pw_gid;
        if (setgroups(1, gidset) < 0)
                fatal("setgroups: %.100s", strerror(errno));
-       permanently_set_uid(pw);
+       permanently_set_uid(privsep_pw);
 #endif
 }
 
@@ -1154,6 +1152,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                         * the child process the connection. The
                         * parent continues listening.
                         */
+                       platform_pre_fork();
                        if ((pid = fork()) == 0) {
                                /*
                                 * Child.  Close the listening and
@@ -1163,6 +1162,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                                 * We break out of the loop to handle
                                 * the connection.
                                 */
+                               platform_post_fork_child();
                                startup_pipe = startup_p[1];
                                close_startup_pipes();
                                close_listen_socks();
@@ -1178,6 +1178,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                        }
 
                        /* Parent.  Stay in the loop. */
+                       platform_post_fork_parent(pid);
                        if (pid < 0)
                                error("fork: %.100s", strerror(errno));
                        else
@@ -1420,6 +1421,10 @@ main(int ac, char **av)
        /* Fill in default values for those options not explicitly set. */
        fill_default_server_options(&options);
 
+       /* challenge-response is implemented via keyboard interactive */
+       if (options.challenge_response_authentication)
+               options.kbd_interactive_authentication = 1;
+
        /* set default channel AF */
        channel_set_af(options.address_family);
 
@@ -1431,6 +1436,19 @@ main(int ac, char **av)
 
        debug("sshd version %.100s", SSH_RELEASE);
 
+       /* Store privilege separation user for later use if required. */
+       if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
+               if (use_privsep || options.kerberos_authentication)
+                       fatal("Privilege separation user %s does not exist",
+                           SSH_PRIVSEP_USER);
+       } else {
+               memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
+               privsep_pw = pwcopy(privsep_pw);
+               xfree(privsep_pw->pw_passwd);
+               privsep_pw->pw_passwd = xstrdup("*");
+       }
+       endpwent();
+
        /* load private host keys */
        sensitive_data.host_keys = xcalloc(options.num_host_key_files,
            sizeof(Key *));
@@ -1500,9 +1518,6 @@ main(int ac, char **av)
        if (use_privsep) {
                struct stat st;
 
-               if (getpwnam(SSH_PRIVSEP_USER) == NULL)
-                       fatal("Privilege separation user %s does not exist",
-                           SSH_PRIVSEP_USER);
                if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) ||
                    (S_ISDIR(st.st_mode) == 0))
                        fatal("Missing privilege separation directory: %s",
@@ -1800,6 +1815,7 @@ main(int ac, char **av)
         */
        alarm(0);
        signal(SIGALRM, SIG_DFL);
+       authctxt->authenticated = 1;
        if (startup_pipe != -1) {
                close(startup_pipe);
                startup_pipe = -1;
@@ -2002,10 +2018,10 @@ do_ssh1_kex(void)
         * key is in the highest bits.
         */
        if (!rsafail) {
-               BN_mask_bits(session_key_int, sizeof(session_key) * 8);
+               (void) BN_mask_bits(session_key_int, sizeof(session_key) * 8);
                len = BN_num_bytes(session_key_int);
                if (len < 0 || (u_int)len > sizeof(session_key)) {
-                       error("do_connection: bad session key len from %s: "
+                       error("do_ssh1_kex: bad session key len from %s: "
                            "session_key_int %d > sizeof(session_key) %lu",
                            get_remote_ipaddr(), len, (u_long)sizeof(session_key));
                        rsafail++;
git-cvsimport mirror of OpenSSH
This page took 0.047297 seconds and 4 git commands to generate.