- djm@cvs.openbsd.org 2008/04/04 06:44:26

[openssh.git] / sshd.c

diff --git a/sshd.c b/sshd.c
index 27c38ba53168fa3dda6e2a3cbd3e72533f6c5c35..5dfc2b185bf815ce09ac19e27319f21d9ed6845d 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.353 2007/12/31 15:27:04 dtucker Exp $ */
+/* $OpenBSD: sshd.c,v 1.355 2008/02/14 13:10:31 mbalmer Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -75,6 +75,8 @@
 #include <openssl/bn.h>
 #include <openssl/md5.h>
 #include <openssl/rand.h>
+#include "openbsd-compat/openssl-compat.h"
+
 #ifdef HAVE_SECUREWARE
 #include <sys/security.h>
 #include <prot.h>
@@ -120,8 +122,8 @@
 #ifdef LIBWRAP
 #include <tcpd.h>
 #include <syslog.h>
-int allow_severity = LOG_INFO;
-int deny_severity = LOG_WARNING;
+int allow_severity;
+int deny_severity;
 #endif /* LIBWRAP */
 
 #ifndef O_NOCTTY
@@ -583,11 +585,12 @@ privsep_preauth_child(void)
 {
        u_int32_t rnd[256];
        gid_t gidset[1];
-       int i;
+       u_int i;
 
        /* Enable challenge-response authentication for privilege separation */
        privsep_challenge_enable();
 
+       arc4random_stir();
        for (i = 0; i < 256; i++)
                rnd[i] = arc4random();
        RAND_seed(rnd, sizeof(rnd));
@@ -662,6 +665,9 @@ privsep_preauth(Authctxt *authctxt)
 static void
 privsep_postauth(Authctxt *authctxt)
 {
+       u_int32_t rnd[256];
+       u_int i;
+
 #ifdef DISABLE_FD_PASSING
        if (1) {
 #else
@@ -693,6 +699,11 @@ privsep_postauth(Authctxt *authctxt)
        /* Demote the private keys to public keys. */
        demote_sensitive_data();
 
+       arc4random_stir();
+       for (i = 0; i < 256; i++)
+               rnd[i] = arc4random();
+       RAND_seed(rnd, sizeof(rnd));
+
        /* Drop privileges */
        do_setusercontext(authctxt->pw);
 
@@ -1376,7 +1387,7 @@ main(int ac, char **av)
        }
        if (rexeced_flag || inetd_flag)
                rexec_flag = 0;
-       if (rexec_flag && (av[0] == NULL || *av[0] != '/'))
+       if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/')))
                fatal("sshd re-exec requires execution with an absolute path");
        if (rexeced_flag)
                closefrom(REEXEC_MIN_FREE_FD);
@@ -1745,6 +1756,8 @@ main(int ac, char **av)
        audit_connection_from(remote_ip, remote_port);
 #endif
 #ifdef LIBWRAP
+       allow_severity = options.log_facility|LOG_INFO;
+       deny_severity = options.log_facility|LOG_WARNING;
        /* Check whether logins are denied from this host. */
        if (packet_connection_is_on_socket()) {
                struct request_info req;
@@ -1834,6 +1847,20 @@ main(int ac, char **av)
        audit_event(SSH_AUTH_SUCCESS);
 #endif
 
+#ifdef GSSAPI
+       if (options.gss_authentication) {
+               temporarily_use_uid(authctxt->pw);
+               ssh_gssapi_storecreds();
+               restore_uid();
+       }
+#endif
+#ifdef USE_PAM
+       if (options.use_pam) {
+               do_pam_setcred(1);
+               do_pam_session();
+       }
+#endif
+
        /*
         * In privilege separation, we fork another child and prepare
         * file descriptor passing.