diff options
Diffstat (limited to 'crypto/openssh')
80 files changed, 1749 insertions, 3315 deletions
diff --git a/crypto/openssh/COPYING.Ylonen b/crypto/openssh/COPYING.Ylonen deleted file mode 100644 index 5e681ed..0000000 --- a/crypto/openssh/COPYING.Ylonen +++ /dev/null @@ -1,70 +0,0 @@ -This file is part of the ssh software, Copyright (c) 1995 Tatu Ylonen, Finland - - -COPYING POLICY AND OTHER LEGAL ISSUES - -As far as I am concerned, the code I have written for this software -can be used freely for any purpose. Any derived versions of this -software must be clearly marked as such, and if the derived work is -incompatible with the protocol description in the RFC file, it must be -called by a name other than "ssh" or "Secure Shell". - -However, I am not implying to give any licenses to any patents or -copyrights held by third parties, and the software includes parts that -are not under my direct control. As far as I know, all included -source code is used in accordance with the relevant license agreements -and can be used freely for any purpose (the GNU license being the most -restrictive); see below for details. - -[ RSA is no longer included. ] -[ IDEA is no longer included. ] -[ DES is now external. ] -[ GMP is now external. No more GNU licence. ] -[ Zlib is now external. ] -[ The make-ssh-known-hosts script is no longer included. ] -[ TSS has been removed. ] -[ MD5 is now external. ] -[ RC4 support has been removed. ] -[ Blowfish is now external. ] - -The 32-bit CRC implementation in crc32.c is due to Gary S. Brown. -Comments in the file indicate it may be used for any purpose without -restrictions. - -The 32-bit CRC compensation attack detector in deattack.c was -contributed by CORE SDI S.A. under a BSD-style license. See -http://www.core-sdi.com/english/ssh/ for details. - -Note that any information and cryptographic algorithms used in this -software are publicly available on the Internet and at any major -bookstore, scientific library, and patent office worldwide. More -information can be found e.g. at "http://www.cs.hut.fi/crypto". - -The legal status of this program is some combination of all these -permissions and restrictions. Use only at your own responsibility. -You will be responsible for any legal consequences yourself; I am not -making any claims whether possessing or using this is legal or not in -your country, and I am not taking any responsibility on your behalf. - - - NO WARRANTY - -BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - -IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. diff --git a/crypto/openssh/LICENCE b/crypto/openssh/LICENCE index 19d4c74..0e4f977 100644 --- a/crypto/openssh/LICENCE +++ b/crypto/openssh/LICENCE @@ -212,3 +212,47 @@ OpenSSH contains no GPL code. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +8) + Initial PAM adaptation was performed by ThinkSec AS and sponsored + by Enitel AS. + +9) + Further FreeBSD- and PAM-specific adaptations were performed by + ThinkSec AS and sponsored by DARPA and NAI Labs under the + following terms: + + * Copyright (c) 2002 Networks Associates Technology, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * NAI Labs, the Security Research Division of Network Associates, Inc. + * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the + * DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + +$FreeBSD$ + diff --git a/crypto/openssh/README.openssh2 b/crypto/openssh/README.openssh2 deleted file mode 100644 index 12c90aa..0000000 --- a/crypto/openssh/README.openssh2 +++ /dev/null @@ -1,44 +0,0 @@ -$Id: README.openssh2,v 1.8 2000/05/07 18:30:03 markus Exp $ - -howto: - 1) generate server key: - $ ssh-keygen -d -f /etc/ssh_host_dsa_key -N '' - 2) enable ssh2: - server: add 'Protocol 2,1' to /etc/sshd_config - client: ssh -o 'Protocol 2,1', or add to .ssh/config - 3) DSA authentication similar to RSA (add keys to ~/.ssh/authorized_keys2) - interop w/ ssh.com dsa-keys: - ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2 - and vice versa - ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub - echo Key mykey.pub >> ~/.ssh2/authorization - -works: - secsh-transport: works w/o rekey - proposal exchange, i.e. different enc/mac/comp per direction - encryption: blowfish-cbc, 3des-cbc, arcfour, cast128-cbc - mac: hmac-md5, hmac-sha1, (hmac-ripemd160) - compression: zlib, none - secsh-userauth: passwd and pubkey with DSA - secsh-connection: pty+shell or command, flow control works (window adjust) - tcp-forwarding: -L works, -R incomplete - x11-fwd - dss/dsa: host key database in ~/.ssh/known_hosts2 - client interops w/ sshd2, lshd - server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT, F-Secure SSH Client 4.0, SecureFX (secure ftp) - server supports multiple concurrent sessions (e.g. with SSH.com Windows client) -todo: - re-keying - secsh-connection features: - tcp-forwarding, agent-fwd - auth other than passwd, and DSA-pubkey: - keyboard-interactive, (PGP-pubkey?) - config - server-auth w/ old host-keys - cleanup - advanced key storage? - keynote - sftp - --markus -$Date: 2000/05/07 18:30:03 $ diff --git a/crypto/openssh/auth-chall.c b/crypto/openssh/auth-chall.c index 45e0c34..147e998 100644 --- a/crypto/openssh/auth-chall.c +++ b/crypto/openssh/auth-chall.c @@ -24,6 +24,7 @@ #include "includes.h" RCSID("$OpenBSD: auth-chall.c,v 1.8 2001/05/18 14:13:28 markus Exp $"); +RCSID("$FreeBSD$"); #include "auth.h" #include "log.h" diff --git a/crypto/openssh/auth-krb4.c b/crypto/openssh/auth-krb4.c index 1cc528a..97d2908 100644 --- a/crypto/openssh/auth-krb4.c +++ b/crypto/openssh/auth-krb4.c @@ -24,6 +24,7 @@ #include "includes.h" RCSID("$OpenBSD: auth-krb4.c,v 1.27 2002/06/11 05:46:20 mpech Exp $"); +RCSID("$FreeBSD$"); #include "ssh.h" #include "ssh1.h" diff --git a/crypto/openssh/auth-krb5.c b/crypto/openssh/auth-krb5.c index e982020..94344a6 100644 --- a/crypto/openssh/auth-krb5.c +++ b/crypto/openssh/auth-krb5.c @@ -29,6 +29,7 @@ #include "includes.h" RCSID("$OpenBSD: auth-krb5.c,v 1.8 2002/03/19 10:49:35 markus Exp $"); +RCSID("$FreeBSD$"); #include "ssh.h" #include "ssh1.h" @@ -41,9 +42,6 @@ RCSID("$OpenBSD: auth-krb5.c,v 1.8 2002/03/19 10:49:35 markus Exp $"); #ifdef KRB5 #include <krb5.h> -#ifndef HEIMDAL -#define krb5_get_err_text(context,code) error_message(code) -#endif /* !HEIMDAL */ extern ServerOptions options; @@ -96,15 +94,8 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client) goto err; fd = packet_get_connection_in(); -#ifdef HEIMDAL problem = krb5_auth_con_setaddrs_from_fd(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, &fd); -#else - problem = krb5_auth_con_genaddrs(authctxt->krb5_ctx, - authctxt->krb5_auth_ctx,fd, - KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR | - KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR); -#endif if (problem) goto err; @@ -118,14 +109,8 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client) if (problem) goto err; -#ifdef HEIMDAL problem = krb5_copy_principal(authctxt->krb5_ctx, ticket->client, &authctxt->krb5_user); -#else - problem = krb5_copy_principal(authctxt->krb5_ctx, - ticket->enc_part2->client, - &authctxt->krb5_user); -#endif if (problem) goto err; @@ -176,37 +161,13 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt) krb5_error_code problem; krb5_ccache ccache = NULL; char *pname; - krb5_creds **creds; if (authctxt->pw == NULL || authctxt->krb5_user == NULL) return (0); temporarily_use_uid(authctxt->pw); -#ifdef HEIMDAL problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache); -#else -{ - char ccname[40]; - int tmpfd; - - snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); - - if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { - log("mkstemp(): %.100s", strerror(errno)); - problem = errno; - goto fail; - } - if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { - log("fchmod(): %.100s", strerror(errno)); - close(tmpfd); - problem = errno; - goto fail; - } - close(tmpfd); - problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &ccache); -} -#endif if (problem) goto fail; @@ -215,20 +176,10 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt) if (problem) goto fail; -#ifdef HEIMDAL problem = krb5_rd_cred2(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, ccache, tgt); if (problem) goto fail; -#else - problem = krb5_rd_cred(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, - tgt, &creds, NULL); - if (problem) - goto fail; - problem = krb5_cc_store_cred(authctxt->krb5_ctx, ccache, *creds); - if (problem) - goto fail; -#endif authctxt->krb5_fwd_ccache = ccache; ccache = NULL; @@ -261,12 +212,6 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt) int auth_krb5_password(Authctxt *authctxt, const char *password) { -#ifndef HEIMDAL - krb5_creds creds; - krb5_principal server; - char ccname[40]; - int tmpfd; -#endif krb5_error_code problem; if (authctxt->pw == NULL) @@ -283,7 +228,6 @@ auth_krb5_password(Authctxt *authctxt, const char *password) if (problem) goto out; -#ifdef HEIMDAL problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &authctxt->krb5_fwd_ccache); if (problem) @@ -302,69 +246,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) if (problem) goto out; -#else - problem = krb5_get_init_creds_password(authctxt->krb5_ctx, &creds, - authctxt->krb5_user, (char *)password, NULL, NULL, 0, NULL, NULL); - if (problem) - goto out; - - problem = krb5_sname_to_principal(authctxt->krb5_ctx, NULL, NULL, - KRB5_NT_SRV_HST, &server); - if (problem) - goto out; - - restore_uid(); - problem = krb5_verify_init_creds(authctxt->krb5_ctx, &creds, server, - NULL, NULL, NULL); - krb5_free_principal(authctxt->krb5_ctx, server); - temporarily_use_uid(authctxt->pw); - if (problem) - goto out; - - if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, - authctxt->pw->pw_name)) { - problem = -1; - goto out; - } - - snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); - - if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { - log("mkstemp(): %.100s", strerror(errno)); - problem = errno; - goto out; - } - - if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { - log("fchmod(): %.100s", strerror(errno)); - close(tmpfd); - problem = errno; - goto out; - } - close(tmpfd); - - problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &authctxt->krb5_fwd_ccache); - if (problem) - goto out; - - problem = krb5_cc_initialize(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache, - authctxt->krb5_user); - if (problem) - goto out; - - problem= krb5_cc_store_cred(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache, - &creds); - if (problem) - goto out; -#endif - authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); out: restore_uid(); if (problem) { - if (authctxt->krb5_ctx != NULL && problem!=-1) + if (authctxt->krb5_ctx != NULL) debug("Kerberos password authentication failed: %s", krb5_get_err_text(authctxt->krb5_ctx, problem)); else diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c index 490990d..1b6ee19 100644 --- a/crypto/openssh/auth-pam.c +++ b/crypto/openssh/auth-pam.c @@ -25,36 +25,41 @@ #include "includes.h" #ifdef USE_PAM +#include <security/pam_appl.h> #include "ssh.h" #include "xmalloc.h" #include "log.h" -#include "auth.h" -#include "auth-pam.h" #include "servconf.h" -#include "canohost.h" #include "readpass.h" +#include "canohost.h" -extern char *__progname; - -RCSID("$Id: auth-pam.c,v 1.46 2002/05/08 02:27:56 djm Exp $"); +RCSID("$FreeBSD$"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" +#define SSHD_PAM_SERVICE "sshd" +#define PAM_STRERROR(a, b) pam_strerror((a), (b)) + +/* Callbacks */ static int do_pam_conversation(int num_msg, const struct pam_message **msg, - struct pam_response **resp, void *appdata_ptr); + struct pam_response **resp, void *appdata_ptr); +void do_pam_cleanup_proc(void *context); +void pam_msg_cat(const char *msg); /* module-local variables */ static struct pam_conv conv = { do_pam_conversation, NULL }; -static char *__pam_msg = NULL; -static pam_handle_t *__pamh = NULL; -static const char *__pampasswd = NULL; +static pam_handle_t *pamh = NULL; +static const char *pampasswd = NULL; +static char *pam_msg = NULL; +extern ServerOptions options; /* states for do_pam_conversation() */ -enum { INITIAL_LOGIN, OTHER } pamstate = INITIAL_LOGIN; +typedef enum { INITIAL_LOGIN, OTHER } pamstates; +static pamstates pamstate = INITIAL_LOGIN; /* remember whether pam_acct_mgmt() returned PAM_NEWAUTHTOK_REQD */ static int password_change_required = 0; /* remember whether the last pam_authenticate() succeeded or not */ @@ -64,19 +69,13 @@ static int was_authenticated = 0; static int session_opened = 0; static int creds_set = 0; -/* accessor which allows us to switch conversation structs according to - * the authentication method being used */ +/* + * accessor which allows us to switch conversation structs according to + * the authentication method being used + */ void do_pam_set_conv(struct pam_conv *conv) { - pam_set_item(__pamh, PAM_CONV, conv); -} - -/* start an authentication run */ -int do_pam_authenticate(int flags) -{ - int retval = pam_authenticate(__pamh, flags); - was_authenticated = (retval == PAM_SUCCESS); - return retval; + pam_set_item(pamh, PAM_CONV, conv); } /* @@ -85,10 +84,10 @@ int do_pam_authenticate(int flags) * * INITIAL_LOGIN mode simply feeds the password from the client into * PAM in response to PAM_PROMPT_ECHO_OFF, and collects output - * messages with into __pam_msg. This is used during initial + * messages with pam_msg_cat(). This is used during initial * authentication to bypass the normal PAM password prompt. * - * OTHER mode handles PAM_PROMPT_ECHO_OFF with read_passphrase() + * OTHER mode handles PAM_PROMPT_ECHO_OFF with read_passphrase(prompt, 1) * and outputs messages to stderr. This mode is used if pam_chauthtok() * is called to update expired passwords. */ @@ -102,31 +101,43 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg, /* PAM will free this later */ reply = malloc(num_msg * sizeof(*reply)); if (reply == NULL) - return PAM_CONV_ERR; + return PAM_CONV_ERR; for (count = 0; count < num_msg; count++) { - if (pamstate == INITIAL_LOGIN) { - /* - * We can't use stdio yet, queue messages for - * printing later - */ - switch(PAM_MSG_MEMBER(msg, count, msg_style)) { + switch ((*msg)[count].msg_style) { case PAM_PROMPT_ECHO_ON: - free(reply); - return PAM_CONV_ERR; - case PAM_PROMPT_ECHO_OFF: - if (__pampasswd == NULL) { + if (pamstate == INITIAL_LOGIN) { free(reply); return PAM_CONV_ERR; + } else { + fputs((*msg)[count].msg, stderr); + fgets(buf, sizeof(buf), stdin); + reply[count].resp = xstrdup(buf); + reply[count].resp_retcode = PAM_SUCCESS; + break; + } + case PAM_PROMPT_ECHO_OFF: + if (pamstate == INITIAL_LOGIN) { + if (pampasswd == NULL) { + free(reply); + return PAM_CONV_ERR; + } + reply[count].resp = xstrdup(pampasswd); + } else { + reply[count].resp = + xstrdup(read_passphrase((*msg)[count].msg, 1)); } - reply[count].resp = xstrdup(__pampasswd); reply[count].resp_retcode = PAM_SUCCESS; break; case PAM_ERROR_MSG: case PAM_TEXT_INFO: if ((*msg)[count].msg != NULL) { - message_cat(&__pam_msg, - PAM_MSG_MEMBER(msg, count, msg)); + if (pamstate == INITIAL_LOGIN) + pam_msg_cat((*msg)[count].msg); + else { + fputs((*msg)[count].msg, stderr); + fputs("\n", stderr); + } } reply[count].resp = xstrdup(""); reply[count].resp_retcode = PAM_SUCCESS; @@ -134,36 +145,6 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg, default: free(reply); return PAM_CONV_ERR; - } - } else { - /* - * stdio is connected, so interact directly - */ - switch(PAM_MSG_MEMBER(msg, count, msg_style)) { - case PAM_PROMPT_ECHO_ON: - fputs(PAM_MSG_MEMBER(msg, count, msg), stderr); - fgets(buf, sizeof(buf), stdin); - reply[count].resp = xstrdup(buf); - reply[count].resp_retcode = PAM_SUCCESS; - break; - case PAM_PROMPT_ECHO_OFF: - reply[count].resp = - read_passphrase(PAM_MSG_MEMBER(msg, count, - msg), RP_ALLOW_STDIN); - reply[count].resp_retcode = PAM_SUCCESS; - break; - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: - if ((*msg)[count].msg != NULL) - fprintf(stderr, "%s\n", - PAM_MSG_MEMBER(msg, count, msg)); - reply[count].resp = xstrdup(""); - reply[count].resp_retcode = PAM_SUCCESS; - break; - default: - free(reply); - return PAM_CONV_ERR; - } } } @@ -175,60 +156,61 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg, /* Called at exit to cleanly shutdown PAM */ void do_pam_cleanup_proc(void *context) { - int pam_retval = PAM_SUCCESS; + int pam_retval; - if (__pamh && session_opened) { - pam_retval = pam_close_session(__pamh, 0); - if (pam_retval != PAM_SUCCESS) - log("Cannot close PAM session[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + if (pamh != NULL && session_opened) { + pam_retval = pam_close_session(pamh, 0); + if (pam_retval != PAM_SUCCESS) { + log("Cannot close PAM session[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } } - if (__pamh && creds_set) { - pam_retval = pam_setcred(__pamh, PAM_DELETE_CRED); - if (pam_retval != PAM_SUCCESS) + if (pamh != NULL && creds_set) { + pam_retval = pam_setcred(pamh, PAM_DELETE_CRED); + if (pam_retval != PAM_SUCCESS) { debug("Cannot delete credentials[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } } - if (__pamh) { - pam_retval = pam_end(__pamh, pam_retval); - if (pam_retval != PAM_SUCCESS) - log("Cannot release PAM authentication[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + if (pamh != NULL) { + pam_retval = pam_end(pamh, pam_retval); + if (pam_retval != PAM_SUCCESS) { + log("Cannot release PAM authentication[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } } } /* Attempt password authentation using PAM */ int auth_pam_password(Authctxt *authctxt, const char *password) { - extern ServerOptions options; - int pam_retval; struct passwd *pw = authctxt->pw; + int pam_retval; do_pam_set_conv(&conv); /* deny if no user. */ if (pw == NULL) return 0; - if (pw->pw_uid == 0 && options.permit_root_login == PERMIT_NO_PASSWD) + if (pw->pw_uid == 0 && options.permit_root_login == 2) return 0; if (*password == '\0' && options.permit_empty_passwd == 0) return 0; - __pampasswd = password; - + pampasswd = password; + pamstate = INITIAL_LOGIN; - pam_retval = do_pam_authenticate( - options.permit_empty_passwd == 0 ? PAM_DISALLOW_NULL_AUTHTOK : 0); + pam_retval = pam_authenticate(pamh, 0); + was_authenticated = (pam_retval == PAM_SUCCESS); if (pam_retval == PAM_SUCCESS) { - debug("PAM Password authentication accepted for " - "user \"%.100s\"", pw->pw_name); + debug("PAM Password authentication accepted for user \"%.100s\"", + pw->pw_name); return 1; } else { - debug("PAM Password authentication for \"%.100s\" " - "failed[%d]: %s", pw->pw_name, pam_retval, - PAM_STRERROR(__pamh, pam_retval)); + debug("PAM Password authentication for \"%.100s\" failed[%d]: %s", + pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval)); return 0; } } @@ -239,35 +221,41 @@ int do_pam_account(char *username, char *remote_user) int pam_retval; do_pam_set_conv(&conv); + + debug("PAM setting rhost to \"%.200s\"", + get_canonical_hostname(options.verify_reverse_mapping)); + pam_retval = pam_set_item(pamh, PAM_RHOST, + get_canonical_hostname(options.verify_reverse_mapping)); + if (pam_retval != PAM_SUCCESS) { + fatal("PAM set rhost failed[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } - if (remote_user) { + if (remote_user != NULL) { debug("PAM setting ruser to \"%.200s\"", remote_user); - pam_retval = pam_set_item(__pamh, PAM_RUSER, remote_user); - if (pam_retval != PAM_SUCCESS) - fatal("PAM set ruser failed[%d]: %.200s", pam_retval, - PAM_STRERROR(__pamh, pam_retval)); + pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user); + if (pam_retval != PAM_SUCCESS) { + fatal("PAM set ruser failed[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } } - pam_retval = pam_acct_mgmt(__pamh, 0); - debug2("pam_acct_mgmt() = %d", pam_retval); + pam_retval = pam_acct_mgmt(pamh, 0); switch (pam_retval) { case PAM_SUCCESS: /* This is what we want */ break; -#if 0 case PAM_NEW_AUTHTOK_REQD: - message_cat(&__pam_msg, NEW_AUTHTOK_MSG); + pam_msg_cat(NEW_AUTHTOK_MSG); /* flag that password change is necessary */ password_change_required = 1; break; -#endif default: - log("PAM rejected by account configuration[%d]: " - "%.200s", pam_retval, PAM_STRERROR(__pamh, - pam_retval)); + log("PAM rejected by account configuration[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); return(0); } - + return(1); } @@ -280,51 +268,50 @@ void do_pam_session(char *username, const char *ttyname) if (ttyname != NULL) { debug("PAM setting tty to \"%.200s\"", ttyname); - pam_retval = pam_set_item(__pamh, PAM_TTY, ttyname); - if (pam_retval != PAM_SUCCESS) - fatal("PAM set tty failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + pam_retval = pam_set_item(pamh, PAM_TTY, ttyname); + if (pam_retval != PAM_SUCCESS) { + fatal("PAM set tty failed[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } } - pam_retval = pam_open_session(__pamh, 0); - if (pam_retval != PAM_SUCCESS) - fatal("PAM session setup failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + debug("do_pam_session: euid %u, uid %u", geteuid(), getuid()); + pam_retval = pam_open_session(pamh, 0); + if (pam_retval != PAM_SUCCESS) { + fatal("PAM session setup failed[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } session_opened = 1; } -/* Set PAM credentials */ -void do_pam_setcred(int init) +/* Set PAM credentials */ +void do_pam_setcred(void) { int pam_retval; - if (__pamh == NULL) - return; - do_pam_set_conv(&conv); - + debug("PAM establishing creds"); - pam_retval = pam_setcred(__pamh, - init ? PAM_ESTABLISH_CRED : PAM_REINITIALIZE_CRED); + pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED); if (pam_retval != PAM_SUCCESS) { if (was_authenticated) fatal("PAM setcred failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + pam_retval, PAM_STRERROR(pamh, pam_retval)); else debug("PAM setcred failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + pam_retval, PAM_STRERROR(pamh, pam_retval)); } else creds_set = 1; } /* accessor function for file scope static variable */ -int is_pam_password_change_required(void) +int pam_password_change_required(void) { return password_change_required; } -/* +/* * Have user change authentication token if pam_acct_mgmt() indicated * it was expired. This needs to be called after an interactive * session is established and the user's pty is connected to @@ -338,10 +325,16 @@ void do_pam_chauthtok(void) if (password_change_required) { pamstate = OTHER; - pam_retval = pam_chauthtok(__pamh, PAM_CHANGE_EXPIRED_AUTHTOK); - if (pam_retval != PAM_SUCCESS) - fatal("PAM pam_chauthtok failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + /* + * XXX: should we really loop forever? + */ + do { + pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); + if (pam_retval != PAM_SUCCESS) { + log("PAM pam_chauthtok failed[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } + } while (pam_retval != PAM_SUCCESS); } } @@ -353,40 +346,32 @@ void finish_pam(void) } /* Start PAM authentication for specified account */ -void start_pam(const char *user) +void start_pam(struct passwd *pw) { int pam_retval; - extern ServerOptions options; - extern u_int utmp_len; - const char *rhost; - - debug("Starting up PAM with username \"%.200s\"", user); - pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &__pamh); + debug("Starting up PAM with username \"%.200s\"", pw->pw_name); - if (pam_retval != PAM_SUCCESS) - fatal("PAM initialisation failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + pam_retval = pam_start(SSHD_PAM_SERVICE, pw->pw_name, &conv, &pamh); - rhost = get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping); - debug("PAM setting rhost to \"%.200s\"", rhost); + if (pam_retval != PAM_SUCCESS) { + fatal("PAM initialisation failed[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } - pam_retval = pam_set_item(__pamh, PAM_RHOST, rhost); - if (pam_retval != PAM_SUCCESS) - fatal("PAM set rhost failed[%d]: %.200s", pam_retval, - PAM_STRERROR(__pamh, pam_retval)); #ifdef PAM_TTY_KLUDGE /* * Some PAM modules (e.g. pam_time) require a TTY to operate, - * and will fail in various stupid ways if they don't get one. + * and will fail in various stupid ways if they don't get one. * sshd doesn't set the tty until too late in the auth process and may * not even need one (for tty-less connections) - * Kludge: Set a fake PAM_TTY + * Kludge: Set a fake PAM_TTY */ - pam_retval = pam_set_item(__pamh, PAM_TTY, "NODEVssh"); - if (pam_retval != PAM_SUCCESS) - fatal("PAM set tty failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); + pam_retval = pam_set_item(pamh, PAM_TTY, "ssh"); + if (pam_retval != PAM_SUCCESS) { + fatal("PAM set tty failed[%d]: %.200s", + pam_retval, PAM_STRERROR(pamh, pam_retval)); + } #endif /* PAM_TTY_KLUDGE */ fatal_add_cleanup(&do_pam_cleanup_proc, NULL); @@ -396,7 +381,7 @@ void start_pam(const char *user) char **fetch_pam_environment(void) { #ifdef HAVE_PAM_GETENVLIST - return(pam_getenvlist(__pamh)); + return(pam_getenvlist(pamh)); #else /* HAVE_PAM_GETENVLIST */ return(NULL); #endif /* HAVE_PAM_GETENVLIST */ @@ -406,29 +391,433 @@ char **fetch_pam_environment(void) /* or account checking to stderr */ void print_pam_messages(void) { - if (__pam_msg != NULL) - fputs(__pam_msg, stderr); + if (pam_msg != NULL) + fputs(pam_msg, stderr); } -/* Append a message to buffer */ -void message_cat(char **p, const char *a) +/* Append a message to the PAM message buffer */ +void pam_msg_cat(const char *msg) { - char *cp; - size_t new_len; + char *p; + size_t new_msg_len; + size_t pam_msg_len; + + new_msg_len = strlen(msg); + + if (pam_msg) { + pam_msg_len = strlen(pam_msg); + pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2); + p = pam_msg + pam_msg_len; + } else { + pam_msg = p = xmalloc(new_msg_len + 2); + } - new_len = strlen(a); + memcpy(p, msg, new_msg_len); + p[new_msg_len] = '\n'; + p[new_msg_len + 1] = '\0'; +} + +struct inverted_pam_userdata { + /* + * Pipe for telling whether we are doing conversation or sending + * authentication results. + */ + int statefd[2]; + int challengefd[2]; + int responsefd[2]; + + /* Whether we have sent off our challenge */ + int state; +}; - if (*p) { - size_t len = strlen(*p); +#define STATE_CONV 1 +#define STATE_AUTH_OK 2 +#define STATE_AUTH_FAIL 3 - *p = xrealloc(*p, new_len + len + 2); - cp = *p + len; - } else - *p = cp = xmalloc(new_len + 2); +int +ssh_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, + void *userdata) { + int i; + FILE *reader; + char buf[1024]; + struct pam_response *reply = NULL; + char state_to_write = STATE_CONV; /* One char to write */ + struct inverted_pam_userdata *ud = userdata; + char *response = NULL; + + /* The stdio functions are more convenient for the read half */ + reader = fdopen(ud->responsefd[0], "rb"); + if (reader == NULL) + goto protocol_failure; + + reply = malloc(num_msg * sizeof(struct pam_response)); + if (reply == NULL) + return PAM_CONV_ERR; + + if (write(ud->statefd[1], &state_to_write, 1) != 1) + goto protocol_failure; + + /* + * Re-package our data and send it off to our better half (the actual SSH + * process) + */ + if (write(ud->challengefd[1], buf, + sprintf(buf, "%d\n", num_msg)) == -1) + goto protocol_failure; + for (i = 0; i < num_msg; i++) { + if (write(ud->challengefd[1], buf, + sprintf(buf, "%d\n", msg[i]->msg_style)) == -1) + goto protocol_failure; + if (write(ud->challengefd[1], buf, + sprintf(buf, "%d\n", strlen(msg[i]->msg))) == -1) + goto protocol_failure; + if (write(ud->challengefd[1], msg[i]->msg, + strlen(msg[i]->msg)) == -1) + goto protocol_failure; + } + /* + * Read back responses. These may not be as nice as we want, as the SSH + * protocol isn't exactly a perfect fit with PAM. + */ + + for (i = 0; i < num_msg; i++) { + char buf[1024]; + char *endptr; + size_t len; /* Length of the response */ + + switch (msg[i]->msg_style) { + case PAM_PROMPT_ECHO_OFF: + case PAM_PROMPT_ECHO_ON: + if (fgets(buf, sizeof(buf), reader) == NULL) + goto protocol_failure; + len = (size_t)strtoul(buf, &endptr, 10); + /* The length is supposed to stand on a line by itself */ + if (endptr == NULL || *endptr != '\n') + goto protocol_failure; + response = malloc(len+1); + if (response == NULL) + goto protocol_failure; + if (fread(response, len, 1, reader) != 1) + goto protocol_failure; + response[len] = '\0'; + reply[i].resp = response; + response = NULL; + break; + default: + reply[i].resp = NULL; + break; + } + } + *resp = reply; + return PAM_SUCCESS; + protocol_failure: + free(reply); + return PAM_CONV_ERR; +} + +void +ipam_free_cookie(struct inverted_pam_cookie *cookie) { + struct inverted_pam_userdata *ud; + int i; + + if (cookie == NULL) + return; + ud = cookie->userdata; + cookie->userdata = NULL; + /* Free userdata if allocated */ + if (ud) { + /* Close any opened file descriptors */ + if (ud->statefd[0] != -1) + close(ud->statefd[0]); + if (ud->statefd[1] != -1) + close(ud->statefd[1]); + if (ud->challengefd[0] != -1) + close(ud->challengefd[0]); + if (ud->challengefd[1] != -1) + close(ud->challengefd[1]); + if (ud->responsefd[0] != -1) + close(ud->responsefd[0]); + if (ud->responsefd[1] != -1) + close(ud->responsefd[1]); + free(ud); + ud = NULL; + } + /* Now free the normal cookie */ + if (cookie->pid != 0 && cookie->pid != -1) { + int status; + + /* XXX Use different signal? */ + kill(cookie->pid, SIGKILL); + waitpid(cookie->pid, &status, 0); + } + for (i = 0; i < cookie->num_msg; i++) { + if (cookie->resp && cookie->resp[i]) { + free(cookie->resp[i]->resp); + free(cookie->resp[i]); + } + if (cookie->msg && cookie->msg[i]) { + free((void *)cookie->msg[i]->msg); + free(cookie->msg[i]); + } + } + free(cookie->msg); + free(cookie->resp); + free(cookie); +} + +/* + * Do first half of PAM authentication - this comes to the point where + * you get a message to send to the user. + */ +struct inverted_pam_cookie * +ipam_start_auth(const char *service, const char *username) { + struct inverted_pam_cookie *cookie; + struct inverted_pam_userdata *ud; + static struct pam_conv conv = { + ssh_conv, + NULL + }; + const char *rhost; + + cookie = malloc(sizeof(*cookie)); + if (cookie == NULL) + return NULL; + cookie->state = 0; + /* Set up the cookie so ipam_freecookie can be used on it */ + cookie->num_msg = 0; + cookie->msg = NULL; + cookie->resp = NULL; + cookie->pid = -1; + + ud = calloc(sizeof(*ud), 1); + if (ud == NULL) { + free(cookie); + return NULL; + } + cookie->userdata = ud; + ud->statefd[0] = ud->statefd[1] = -1; + ud->challengefd[0] = ud->challengefd[1] = -1; + ud->responsefd[0] = ud->responsefd[1] = -1; + + if (pipe(ud->statefd) != 0) { + ud->statefd[0] = ud->statefd[1] = -1; + ipam_free_cookie(cookie); + return NULL; + } + if (pipe(ud->challengefd) != 0) { + ud->challengefd[0] = ud->challengefd[1] = -1; + ipam_free_cookie(cookie); + return NULL; + } + if (pipe(ud->responsefd) != 0) { + ud->responsefd[0] = ud->responsefd[1] = -1; + ipam_free_cookie(cookie); + return NULL; + } + rhost = get_canonical_hostname(options.verify_reverse_mapping); + cookie->pid = fork(); + if (cookie->pid == -1) { + ipam_free_cookie(cookie); + return NULL; + } else if (cookie->pid != 0) { + int num_msgs; /* Number of messages from PAM */ + char *endptr; + char buf[1024]; + FILE *reader; + size_t num_msg; + int i; + char state; /* Which state did the connection just enter? */ + + /* We are the parent - wait for a call to the communications + function to turn up, or the challenge to be finished */ + if (read(ud->statefd[0], &state, 1) != 1) { + ipam_free_cookie(cookie); + return NULL; + } + cookie->state = state; + switch (state) { + case STATE_CONV: + /* We are running the conversation function */ + /* The stdio functions are more convenient for read */ + reader = fdopen(ud->challengefd[0], "r"); + if (reader == NULL) { + ipam_free_cookie(cookie); + return NULL; + } + if (fgets(buf, 4, reader) == NULL) { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + num_msg = (size_t)strtoul(buf, &endptr, 10); + /* The length is supposed to stand on a line by itself */ + if (endptr == NULL || *endptr != '\n') { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + cookie->msg = + malloc(sizeof(struct pam_message *) * num_msg); + cookie->resp = + malloc(sizeof(struct pam_response *) * num_msg); + if (cookie->msg == NULL || cookie->resp == NULL) { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + for (i = 0; i < num_msg; i++) { + cookie->msg[i] = + malloc(sizeof(struct pam_message)); + cookie->resp[i] = + malloc(sizeof(struct pam_response)); + if (cookie->msg[i] == NULL || + cookie->resp[i] == NULL) { + for (;;) { + free(cookie->msg[i]); + free(cookie->resp[i]); + if (i == 0) + break; + i--; + } + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + cookie->msg[i]->msg = NULL; + cookie->resp[i]->resp = NULL; + cookie->resp[i]->resp_retcode = 0; + } + /* Set up so the above will be freed on failure */ + cookie->num_msg = num_msg; + /* + * We have a an allocated response and message for + * each of the entries in the PAM structure - transfer + * the data sent to the conversation function over. + */ + for (i = 0; i < num_msg; i++) { + size_t len; + + if (fgets(buf, sizeof(buf), reader) == NULL) { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + cookie->msg[i]->msg_style = + (size_t)strtoul(buf, &endptr, 10); + if (endptr == NULL || *endptr != '\n') { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + if (fgets(buf, sizeof(buf), reader) == NULL) { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + len = (size_t)strtoul(buf, &endptr, 10); + if (endptr == NULL || *endptr != '\n') { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + cookie->msg[i]->msg = malloc(len + 1); + if (cookie->msg[i]->msg == NULL) { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + if (fread((char *)cookie->msg[i]->msg, len, 1, reader) != + 1) { + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + *(char *)&(cookie->msg[i]->msg[len]) = '\0'; + } + break; + case STATE_AUTH_OK: + case STATE_AUTH_FAIL: + break; + default: + /* Internal failure, somehow */ + fclose(reader); + ipam_free_cookie(cookie); + return NULL; + } + return cookie; + } else { + /* We are the child */ + pam_handle_t *pamh=NULL; + int retval; + char state; + + conv.appdata_ptr = ud; + retval = pam_start(service, username, &conv, &pamh); + fprintf(stderr, "pam_start returned %d\n", retval); + if (retval == PAM_SUCCESS) + retval = pam_set_item(pamh, PAM_RHOST, rhost); + /* Is user really user? */ + if (retval == PAM_SUCCESS) + retval = pam_authenticate(pamh, 0); + /* permitted access? */ + if (retval == PAM_SUCCESS) + retval = pam_acct_mgmt(pamh, 0); + /* This is where we have been authorized or not. */ + + /* Be conservative - flag as auth failure if we can't close */ + /* + * XXX This is based on example code from Linux-PAM - + * but can it really be correct to pam_end if + * pam_start failed? + */ + if (pam_end(pamh, retval) != PAM_SUCCESS) + retval = PAM_AUTH_ERR; + + /* Message to parent */ + state = retval == PAM_SUCCESS ? STATE_AUTH_OK : STATE_AUTH_FAIL; + if (write(ud->statefd[1], &state, 1) != 1) { + _exit(1); + } + /* FDs will be closed, so further communication will stop */ + _exit(0); + } +} + +/* + * Do second half of PAM authentication - cookie should now be filled + * in with the response to the challenge. + */ - memcpy(cp, a, new_len); - cp[new_len] = '\n'; - cp[new_len + 1] = '\0'; +int +ipam_complete_auth(struct inverted_pam_cookie *cookie) { + int i; + char buf[1024]; + struct inverted_pam_userdata *ud = cookie->userdata; + char state; + + /* Send over our responses */ + for (i = 0; i < cookie->num_msg; i++) { + if (cookie->msg[i]->msg_style != PAM_PROMPT_ECHO_ON && + cookie->msg[i]->msg_style != PAM_PROMPT_ECHO_OFF) + continue; + if (write(ud->responsefd[1], buf, + sprintf(buf, "%d\n", strlen(cookie->resp[i]->resp))) == -1) { + ipam_free_cookie(cookie); + return 0; + } + if (write(ud->responsefd[1], cookie->resp[i]->resp, + strlen(cookie->resp[i]->resp)) == -1) { + ipam_free_cookie(cookie); + return 0; + } + } + /* Find out what state we are changing to */ + if (read(ud->statefd[0], &state, 1) != 1) { + ipam_free_cookie(cookie); + return 0; + } + + return state == STATE_AUTH_OK ? 1 : 0; } #endif /* USE_PAM */ diff --git a/crypto/openssh/auth-pam.h b/crypto/openssh/auth-pam.h index 6b1f35ad..f1128b8 100644 --- a/crypto/openssh/auth-pam.h +++ b/crypto/openssh/auth-pam.h @@ -1,22 +1,39 @@ -/* $Id: auth-pam.h,v 1.12 2002/04/04 19:02:28 stevesk Exp $ */ - +/* + * OpenSSH PAM authentication support. + * + * $FreeBSD$ + */ +#ifndef AUTH_PAM_H +#define AUTH_PAM_H #include "includes.h" #ifdef USE_PAM +#include "auth.h" #include <pwd.h> /* For struct passwd */ -void start_pam(const char *user); +void start_pam(struct passwd *pw); void finish_pam(void); int auth_pam_password(Authctxt *authctxt, const char *password); char **fetch_pam_environment(void); -int do_pam_authenticate(int flags); int do_pam_account(char *username, char *remote_user); void do_pam_session(char *username, const char *ttyname); -void do_pam_setcred(int init); +void do_pam_setcred(void); void print_pam_messages(void); -int is_pam_password_change_required(void); +int pam_password_change_required(void); void do_pam_chauthtok(void); -void do_pam_set_conv(struct pam_conv *); -void message_cat(char **p, const char *a); + +struct inverted_pam_cookie { + int state; /* Which state have we reached? */ + pid_t pid; /* PID of child process */ + + /* Only valid in state STATE_CONV */ + int num_msg; /* Number of messages */ + struct pam_message **msg; /* Message structures */ + struct pam_response **resp; /* Response structures */ + struct inverted_pam_userdata *userdata; +}; +void ipam_free_cookie(struct inverted_pam_cookie *cookie); +struct inverted_pam_cookie *ipam_start_auth(const char *, const char *); #endif /* USE_PAM */ +#endif /* AUTH_PAM_H */ diff --git a/crypto/openssh/auth-passwd.c b/crypto/openssh/auth-passwd.c index 17bbd2c..ec1b096 100644 --- a/crypto/openssh/auth-passwd.c +++ b/crypto/openssh/auth-passwd.c @@ -37,48 +37,13 @@ #include "includes.h" RCSID("$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $"); +RCSID("$FreeBSD$"); #include "packet.h" #include "log.h" #include "servconf.h" #include "auth.h" -#if !defined(USE_PAM) && !defined(HAVE_OSF_SIA) -/* Don't need any of these headers for the PAM or SIA cases */ -# ifdef HAVE_CRYPT_H -# include <crypt.h> -# endif -# ifdef WITH_AIXAUTHENTICATE -# include <login.h> -# endif -# ifdef __hpux -# include <hpsecurity.h> -# include <prot.h> -# endif -# ifdef HAVE_SECUREWARE -# include <sys/security.h> -# include <sys/audit.h> -# include <prot.h> -# endif /* HAVE_SECUREWARE */ -# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) -# include <shadow.h> -# endif -# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) -# include <sys/label.h> -# include <sys/audit.h> -# include <pwdadj.h> -# endif -# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) -# include "md5crypt.h" -# endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */ - -# ifdef HAVE_CYGWIN -# undef ERROR -# include <windows.h> -# include <sys/cygwin.h> -# define is_winnt (GetVersion() < 0x80000000) -# endif -#endif /* !USE_PAM && !HAVE_OSF_SIA */ extern ServerOptions options; @@ -89,41 +54,13 @@ extern ServerOptions options; int auth_password(Authctxt *authctxt, const char *password) { -#if defined(USE_PAM) - if (*password == '\0' && options.permit_empty_passwd == 0) - return 0; - return auth_pam_password(authctxt, password); -#elif defined(HAVE_OSF_SIA) - if (*password == '\0' && options.permit_empty_passwd == 0) - return 0; - return auth_sia_password(authctxt, password); -#else struct passwd * pw = authctxt->pw; - char *encrypted_password; - char *pw_password; - char *salt; -#if defined(__hpux) || defined(HAVE_SECUREWARE) - struct pr_passwd *spw; -#endif /* __hpux || HAVE_SECUREWARE */ -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) - struct spwd *spw; -#endif -#if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) - struct passwd_adjunct *spw; -#endif -#ifdef WITH_AIXAUTHENTICATE - char *authmsg; - char *loginmsg; - int reenter = 1; -#endif /* deny if no user. */ if (pw == NULL) return 0; -#ifndef HAVE_CYGWIN - if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) + if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) return 0; -#endif if (*password == '\0' && options.permit_empty_passwd == 0) return 0; #ifdef KRB5 @@ -134,19 +71,6 @@ auth_password(Authctxt *authctxt, const char *password) /* Fall back to ordinary passwd authentication. */ } #endif -#ifdef HAVE_CYGWIN - if (is_winnt) { - HANDLE hToken = cygwin_logon_user(pw, password); - - if (hToken == INVALID_HANDLE_VALUE) - return 0; - cygwin_set_impersonation_token(hToken); - return 1; - } -#endif -#ifdef WITH_AIXAUTHENTICATE - return (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0); -#endif #ifdef KRB4 if (options.kerberos_authentication == 1) { int ret = auth_krb4_password(authctxt, password); @@ -161,63 +85,20 @@ auth_password(Authctxt *authctxt, const char *password) return 0; else return 1; -#endif - pw_password = pw->pw_passwd; - - /* - * Various interfaces to shadow or protected password data - */ -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) - spw = getspnam(pw->pw_name); - if (spw != NULL) - pw_password = spw->sp_pwdp; -#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ - -#if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) - if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) - pw_password = spw->pwa_passwd; -#endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */ - -#ifdef HAVE_SECUREWARE - if ((spw = getprpwnam(pw->pw_name)) != NULL) - pw_password = spw->ufld.fd_encrypt; -#endif /* HAVE_SECUREWARE */ - -#if defined(__hpux) && !defined(HAVE_SECUREWARE) - if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL) - pw_password = spw->ufld.fd_encrypt; -#endif /* defined(__hpux) && !defined(HAVE_SECUREWARE) */ - +#else /* Check for users with no password. */ - if ((password[0] == '\0') && (pw_password[0] == '\0')) + if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) return 1; - - if (pw_password[0] != '\0') - salt = pw_password; - else - salt = "xx"; - -#ifdef HAVE_MD5_PASSWORDS - if (is_md5_salt(salt)) - encrypted_password = md5_crypt(password, salt); - else - encrypted_password = crypt(password, salt); -#else /* HAVE_MD5_PASSWORDS */ -# if defined(__hpux) && !defined(HAVE_SECUREWARE) - if (iscomsec()) - encrypted_password = bigcrypt(password, salt); - else - encrypted_password = crypt(password, salt); -# else -# ifdef HAVE_SECUREWARE - encrypted_password = bigcrypt(password, salt); -# else - encrypted_password = crypt(password, salt); -# endif /* HAVE_SECUREWARE */ -# endif /* __hpux && !defined(HAVE_SECUREWARE) */ -#endif /* HAVE_MD5_PASSWORDS */ - - /* Authentication is accepted if the encrypted passwords are identical. */ - return (strcmp(encrypted_password, pw_password) == 0); -#endif /* !USE_PAM && !HAVE_OSF_SIA */ + else { + /* Encrypt the candidate password using the proper salt. */ + char *encrypted_password = crypt(password, + (pw->pw_passwd[0] && pw->pw_passwd[1]) ? + pw->pw_passwd : "xx"); + /* + * Authentication is accepted if the encrypted passwords + * are identical. + */ + return (strcmp(encrypted_password, pw->pw_passwd) == 0); + } +#endif } diff --git a/crypto/openssh/auth-rh-rsa.c b/crypto/openssh/auth-rh-rsa.c index d7848d0..e74ef3d 100644 --- a/crypto/openssh/auth-rh-rsa.c +++ b/crypto/openssh/auth-rh-rsa.c @@ -14,6 +14,7 @@ #include "includes.h" RCSID("$OpenBSD: auth-rh-rsa.c,v 1.34 2002/03/25 09:25:06 markus Exp $"); +RCSID("$FreeBSD$"); #include "packet.h" #include "uidswap.h" diff --git a/crypto/openssh/auth-rsa.c b/crypto/openssh/auth-rsa.c index 92f6277..17d7ae9 100644 --- a/crypto/openssh/auth-rsa.c +++ b/crypto/openssh/auth-rsa.c @@ -15,6 +15,7 @@ #include "includes.h" RCSID("$OpenBSD: auth-rsa.c,v 1.56 2002/06/10 16:53:06 stevesk Exp $"); +RCSID("$FreeBSD$"); #include <openssl/rsa.h> #include <openssl/md5.h> diff --git a/crypto/openssh/auth-skey.c b/crypto/openssh/auth-skey.c index eb13c5c..18243ee 100644 --- a/crypto/openssh/auth-skey.c +++ b/crypto/openssh/auth-skey.c @@ -23,10 +23,11 @@ */ #include "includes.h" RCSID("$OpenBSD: auth-skey.c,v 1.19 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #ifdef SKEY -#include <skey.h> +#include <opie.h> #include "xmalloc.h" #include "auth.h" @@ -45,9 +46,11 @@ skey_query(void *ctx, char **name, char **infotxt, Authctxt *authctxt = ctx; char challenge[1024], *p; int len; - struct skey skey; + struct opie opie; - if (skeychallenge(&skey, authctxt->user, challenge) == -1) + if (opie_haskey(authctxt->user) != 0) + return -1; + if (opiechallenge(&opie, authctxt->user, challenge) == -1) return -1; *name = xstrdup(""); @@ -73,8 +76,8 @@ skey_respond(void *ctx, u_int numresponses, char **responses) if (authctxt->valid && numresponses == 1 && - skey_haskey(authctxt->pw->pw_name) == 0 && - skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) + opie_haskey(authctxt->pw->pw_name) == 0 && + opie_passverify(authctxt->pw->pw_name, responses[0]) != -1) return 0; return -1; } diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index 066b50d..fbd1361 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -24,17 +24,9 @@ #include "includes.h" RCSID("$OpenBSD: auth.c,v 1.43 2002/05/17 14:27:55 millert Exp $"); +RCSID("$FreeBSD$"); -#ifdef HAVE_LOGIN_H -#include <login.h> -#endif -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) -#include <shadow.h> -#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ - -#ifdef HAVE_LIBGEN_H #include <libgen.h> -#endif #include "xmalloc.h" #include "match.h" @@ -75,52 +67,10 @@ allowed_user(struct passwd * pw) const char *hostname = NULL, *ipaddr = NULL; char *shell; int i; -#ifdef WITH_AIXAUTHENTICATE - char *loginmsg; -#endif /* WITH_AIXAUTHENTICATE */ -#if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ - !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) - struct spwd *spw; - - /* Shouldn't be called if pw is NULL, but better safe than sorry... */ - if (!pw || !pw->pw_name) - return 0; - -#define DAY (24L * 60 * 60) /* 1 day in seconds */ - spw = getspnam(pw->pw_name); - if (spw != NULL) { - time_t today = time(NULL) / DAY; - debug3("allowed_user: today %d sp_expire %d sp_lstchg %d" - " sp_max %d", (int)today, (int)spw->sp_expire, - (int)spw->sp_lstchg, (int)spw->sp_max); - - /* - * We assume account and password expiration occurs the - * day after the day specified. - */ - if (spw->sp_expire != -1 && today > spw->sp_expire) { - log("Account %.100s has expired", pw->pw_name); - return 0; - } - - if (spw->sp_lstchg == 0) { - log("User %.100s password has expired (root forced)", - pw->pw_name); - return 0; - } - if (spw->sp_max != -1 && - today > spw->sp_lstchg + spw->sp_max) { - log("User %.100s password has expired (password aged)", - pw->pw_name); - return 0; - } - } -#else /* Shouldn't be called if pw is NULL, but better safe than sorry... */ if (!pw || !pw->pw_name) return 0; -#endif /* * Get the shell from the password data. An empty shell field is @@ -200,24 +150,6 @@ allowed_user(struct passwd * pw) } ga_free(); } - -#ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { - if (loginmsg && *loginmsg) { - /* Remove embedded newlines (if any) */ - char *p; - for (p = loginmsg; *p; p++) { - if (*p == '\n') - *p = ' '; - } - /* Remove trailing newline */ - *--p = '\0'; - log("Login restricted for %s: %.100s", pw->pw_name, loginmsg); - } - return 0; - } -#endif /* WITH_AIXAUTHENTICATE */ - /* We found no reason not to let this user try to log on... */ return 1; } diff --git a/crypto/openssh/auth.h b/crypto/openssh/auth.h index d98547d..3fc7954 100644 --- a/crypto/openssh/auth.h +++ b/crypto/openssh/auth.h @@ -1,4 +1,5 @@ /* $OpenBSD: auth.h,v 1.39 2002/05/31 11:35:15 markus Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -132,9 +133,6 @@ int auth_krb5_password(Authctxt *authctxt, const char *password); void krb5_cleanup_proc(void *authctxt); #endif /* KRB5 */ -#include "auth-pam.h" -#include "auth2-pam.h" - Authctxt *do_authentication(void); Authctxt *do_authentication2(void); @@ -188,5 +186,5 @@ void auth_debug_reset(void); #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" -#define SKEY_PROMPT "\nS/Key Password: " +#define SKEY_PROMPT "\nOPIE Password: " #endif diff --git a/crypto/openssh/auth1.c b/crypto/openssh/auth1.c index 2ebc8d0..423c8d4 100644 --- a/crypto/openssh/auth1.c +++ b/crypto/openssh/auth1.c @@ -11,6 +11,7 @@ #include "includes.h" RCSID("$OpenBSD: auth1.c,v 1.41 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include "xmalloc.h" #include "rsa.h" @@ -24,9 +25,14 @@ RCSID("$OpenBSD: auth1.c,v 1.41 2002/06/19 00:27:55 deraadt Exp $"); #include "auth.h" #include "channels.h" #include "session.h" +#include "canohost.h" #include "uidswap.h" #include "monitor_wrap.h" +#include <login_cap.h> +#include "auth-pam.h" +#include <security/pam_appl.h> + /* import */ extern ServerOptions options; @@ -75,6 +81,16 @@ do_authloop(Authctxt *authctxt) u_int ulen; int type = 0; struct passwd *pw = authctxt->pw; +#ifdef HAVE_LOGIN_CAP + login_cap_t *lc; +#endif /* HAVE_LOGIN_CAP */ +#ifdef USE_PAM + struct inverted_pam_cookie *pam_cookie; +#endif /* USE_PAM */ + const char *from_host, *from_ip; + + from_host = get_canonical_hostname(options.verify_reverse_mapping); + from_ip = get_remote_ipaddr(); debug("Attempting authentication for %s%.100s.", authctxt->valid ? "" : "illegal user ", authctxt->user); @@ -84,7 +100,11 @@ do_authloop(Authctxt *authctxt) #if defined(KRB4) || defined(KRB5) (!options.kerberos_authentication || options.kerberos_or_local_passwd) && #endif +#ifdef USE_PAM + /* XXX PRIVSEP */ auth_pam_password(authctxt, "")) { +#else PRIVSEP(auth_password(authctxt, ""))) { +#endif auth_log(authctxt, 1, "without authentication", ""); return; } @@ -129,6 +149,7 @@ do_authloop(Authctxt *authctxt) snprintf(info, sizeof(info), " tktuser %.100s", client_user); + xfree(client_user); } #endif /* KRB4 */ } else { @@ -142,6 +163,7 @@ do_authloop(Authctxt *authctxt) snprintf(info, sizeof(info), " tktuser %.100s", client_user); + xfree(client_user); } #endif /* KRB5 */ } @@ -240,13 +262,49 @@ do_authloop(Authctxt *authctxt) password = packet_get_string(&dlen); packet_check_eom(); +#ifdef USE_PAM + /* Do PAM auth with password */ + authenticated = /* XXX PRIVSEP */ auth_pam_password(authctxt, password); +#else /* !USE_PAM */ /* Try authentication with the password. */ authenticated = PRIVSEP(auth_password(authctxt, password)); +#endif /* USE_PAM */ memset(password, 0, strlen(password)); xfree(password); break; +#ifdef USE_PAM + case SSH_CMSG_AUTH_TIS: + debug("rcvd SSH_CMSG_AUTH_TIS: Trying PAM"); + pam_cookie = ipam_start_auth("sshd", pw->pw_name); + /* We now have data available to send as a challenge */ + if (pam_cookie->num_msg != 1 || + (pam_cookie->msg[0]->msg_style != PAM_PROMPT_ECHO_OFF && + pam_cookie->msg[0]->msg_style != PAM_PROMPT_ECHO_ON)) { + /* We got several challenges or an unknown challenge type */ + ipam_free_cookie(pam_cookie); + pam_cookie = NULL; + break; + } + packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); + packet_put_string(pam_cookie->msg[0]->msg, strlen(pam_cookie->msg[0]->msg)); + packet_send(); + packet_write_wait(); + continue; + case SSH_CMSG_AUTH_TIS_RESPONSE: + debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE"); + if (pam_cookie != NULL) { + char *response = packet_get_string(&dlen); + + pam_cookie->resp[0]->resp = strdup(response); + xfree(response); + authenticated = ipam_complete_auth(pam_cookie); + ipam_free_cookie(pam_cookie); + pam_cookie = NULL; + } + break; +#elif defined(SKEY) case SSH_CMSG_AUTH_TIS: debug("rcvd SSH_CMSG_AUTH_TIS"); if (options.challenge_response_authentication == 1) { @@ -273,6 +331,12 @@ do_authloop(Authctxt *authctxt) xfree(response); } break; +#else + case SSH_CMSG_AUTH_TIS: + /* TIS Authentication is unsupported */ + log("TIS authentication unsupported."); + break; +#endif default: /* @@ -282,6 +346,26 @@ do_authloop(Authctxt *authctxt) log("Unknown message during authentication: type %d", type); break; } + +#ifdef HAVE_LOGIN_CAP + if (pw != NULL) { + lc = login_getpwclass(pw); + if (lc == NULL) + lc = login_getclassbyname(NULL, pw); + if (!auth_hostok(lc, from_host, from_ip)) { + log("Denied connection for %.200s from %.200s [%.200s].", + pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } + if (!auth_timeok(lc, time(NULL))) { + log("LOGIN %.200s REFUSED (TIME) FROM %.200s", + pw->pw_name, from_host); + packet_disconnect("Logins not available right now."); + } + login_close(lc); + lc = NULL; + } +#endif /* HAVE_LOGIN_CAP */ #ifdef BSD_AUTH if (authctxt->as) { auth_close(authctxt->as); @@ -292,28 +376,23 @@ do_authloop(Authctxt *authctxt) fatal("INTERNAL ERROR: authenticated invalid user %s", authctxt->user); -#ifdef HAVE_CYGWIN - if (authenticated && - !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) { - packet_disconnect("Authentication rejected for uid %d.", - pw == NULL ? -1 : pw->pw_uid); - authenticated = 0; - } -#else /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed(get_authname(type))) authenticated = 0; -#endif -#ifdef USE_PAM - if (!use_privsep && authenticated && - !do_pam_account(pw->pw_name, client_user)) - authenticated = 0; -#endif + + if (pw != NULL && pw->pw_uid == 0) + log("ROOT LOGIN as '%.100s' from %.100s", + pw->pw_name, from_host ); /* Log before sending the reply */ auth_log(authctxt, authenticated, get_authname(type), info); +#ifdef USE_PAM + if (authenticated && !do_pam_account(pw->pw_name, client_user)) + authenticated = 0; +#endif + if (client_user != NULL) { xfree(client_user); client_user = NULL; @@ -322,15 +401,8 @@ do_authloop(Authctxt *authctxt) if (authenticated) return; - if (authctxt->failures++ > AUTH_FAIL_MAX) { -#ifdef WITH_AIXAUTHENTICATE - /* XXX: privsep */ - loginfailed(authctxt->user, - get_canonical_hostname(options.verify_reverse_mapping), - "ssh"); -#endif /* WITH_AIXAUTHENTICATE */ + if (authctxt->failures++ > AUTH_FAIL_MAX) packet_disconnect(AUTH_FAIL_MSG, authctxt->user); - } packet_start(SSH_SMSG_FAILURE); packet_send(); @@ -379,22 +451,20 @@ do_authentication(void) else debug("do_authentication: illegal user %s", user); - setproctitle("%s%s", authctxt->pw ? user : "unknown", - use_privsep ? " [net]" : ""); - #ifdef USE_PAM - PRIVSEP(start_pam(authctxt->pw == NULL ? "NOUSER" : user)); + if (authctxt->pw != NULL) + start_pam(authctxt->pw); #endif + setproctitle("%s%s", authctxt->pw ? user : "unknown", + use_privsep ? " [net]" : ""); /* * If we are not running as root, the user must have the same uid as - * the server. (Unless you are running Windows) + * the server. */ -#ifndef HAVE_CYGWIN if (!use_privsep && getuid() != 0 && authctxt->pw && authctxt->pw->pw_uid != getuid()) packet_disconnect("Cannot change user when server not running as root."); -#endif /* * Loop until the user has been authenticated or the connection is diff --git a/crypto/openssh/auth2-chall.c b/crypto/openssh/auth2-chall.c index f35bfb2..1db7a81 100644 --- a/crypto/openssh/auth2-chall.c +++ b/crypto/openssh/auth2-chall.c @@ -24,6 +24,7 @@ */ #include "includes.h" RCSID("$OpenBSD: auth2-chall.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include "ssh2.h" #include "auth.h" @@ -40,20 +41,20 @@ static void input_userauth_info_response(int, u_int32_t, void *); #ifdef BSD_AUTH extern KbdintDevice bsdauth_device; -#else -#ifdef SKEY +#elif defined(USE_PAM) +extern KbdintDevice pam_device; +#elif defined(SKEY) extern KbdintDevice skey_device; #endif -#endif KbdintDevice *devices[] = { #ifdef BSD_AUTH &bsdauth_device, -#else -#ifdef SKEY +#elif defined(USE_PAM) + &pam_device, +#elif defined(SKEY) &skey_device, #endif -#endif NULL }; diff --git a/crypto/openssh/auth2-pam.c b/crypto/openssh/auth2-pam.c index dd29ebd..e6a67f2 100644 --- a/crypto/openssh/auth2-pam.c +++ b/crypto/openssh/auth2-pam.c @@ -1,158 +1,333 @@ -#include "includes.h" -RCSID("$Id: auth2-pam.c,v 1.12 2002/01/22 12:43:13 djm Exp $"); +/*- + * Copyright (c) 2002 Networks Associates Technology, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * NAI Labs, the Security Research Division of Network Associates, Inc. + * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the + * DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ #ifdef USE_PAM +#include "includes.h" +RCSID("$FreeBSD$"); + #include <security/pam_appl.h> -#include "ssh.h" -#include "ssh2.h" #include "auth.h" -#include "auth-pam.h" -#include "packet.h" -#include "xmalloc.h" -#include "dispatch.h" #include "log.h" +#include "xmalloc.h" -static int do_pam_conversation_kbd_int(int num_msg, - const struct pam_message **msg, struct pam_response **resp, - void *appdata_ptr); -void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0, 0, 0, NULL}; - -static struct pam_conv conv2 = { - do_pam_conversation_kbd_int, - NULL, +struct pam_ctxt { + char *pam_user; + pid_t pam_pid; + int pam_sock; + int pam_done; }; -int -auth2_pam(Authctxt *authctxt) +static void pam_free_ctx(void *); + +/* + * Send message to parent or child. + */ +static int +pam_send(struct pam_ctxt *ctxt, char *fmt, ...) { - int retval = -1; + va_list ap; + char *mstr; + size_t len; + int r; - if (authctxt->user == NULL) - fatal("auth2_pam: internal error: no user"); + va_start(ap, fmt); + len = vasprintf(&mstr, fmt, ap); + va_end(ap); + if (mstr == NULL) + exit(1); + if (ctxt->pam_pid != 0) + debug2("to child: %s", mstr); + r = send(ctxt->pam_sock, mstr, len + 1, MSG_EOR); + free(mstr); + return (r); +} + +/* + * Peek at first byte of next message. + */ +static int +pam_peek(struct pam_ctxt *ctxt) +{ + char ch; - conv2.appdata_ptr = authctxt; - do_pam_set_conv(&conv2); + if (recv(ctxt->pam_sock, &ch, 1, MSG_PEEK) < 1) + return (-1); + return (ch); +} - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, - &input_userauth_info_response_pam); - retval = (do_pam_authenticate(0) == PAM_SUCCESS); - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); +/* + * Receive a message from parent or child. + */ +static char * +pam_receive(struct pam_ctxt *ctxt) +{ + char *buf; + size_t len; + ssize_t rlen; - return retval; + len = 64; + buf = NULL; + do { + len *= 2; + buf = xrealloc(buf, len); + rlen = recv(ctxt->pam_sock, buf, len, MSG_PEEK); + if (rlen < 1) { + xfree(buf); + return (NULL); + } + } while (rlen == len); + if (recv(ctxt->pam_sock, buf, len, 0) != rlen) { + xfree(buf); + return (NULL); + } + if (ctxt->pam_pid != 0) + debug2("from child: %s", buf); + return (buf); } +/* + * Conversation function for child process. + */ static int -do_pam_conversation_kbd_int(int num_msg, const struct pam_message **msg, - struct pam_response **resp, void *appdata_ptr) +pam_child_conv(int n, + const struct pam_message **msg, + struct pam_response **resp, + void *data) { - int i, j, done; - char *text; - - context_pam2.finished = 0; - context_pam2.num_received = 0; - context_pam2.num_expected = 0; - context_pam2.prompts = xmalloc(sizeof(int) * num_msg); - context_pam2.responses = xmalloc(sizeof(struct pam_response) * num_msg); - memset(context_pam2.responses, 0, sizeof(struct pam_response) * num_msg); - - text = NULL; - for (i = 0, context_pam2.num_expected = 0; i < num_msg; i++) { - int style = PAM_MSG_MEMBER(msg, i, msg_style); - switch (style) { - case PAM_PROMPT_ECHO_ON: + struct pam_ctxt *ctxt; + int i; + + ctxt = data; + if (n <= 0 || n > PAM_MAX_NUM_MSG) + return (PAM_CONV_ERR); + if ((*resp = calloc(n, sizeof **resp)) == NULL) + return (PAM_BUF_ERR); + for (i = 0; i < n; ++i) { + resp[i]->resp_retcode = 0; + resp[i]->resp = NULL; + switch (msg[i]->msg_style) { case PAM_PROMPT_ECHO_OFF: - context_pam2.num_expected++; + pam_send(ctxt, "p%s", msg[i]->msg); + resp[i]->resp = pam_receive(ctxt); + break; + case PAM_PROMPT_ECHO_ON: + pam_send(ctxt, "P%s", msg[i]->msg); + resp[i]->resp = pam_receive(ctxt); break; - case PAM_TEXT_INFO: case PAM_ERROR_MSG: - default: - /* Capture all these messages to be sent at once */ - message_cat(&text, PAM_MSG_MEMBER(msg, i, msg)); + /*pam_send(ctxt, "e%s", msg[i]->msg);*/ break; + case PAM_TEXT_INFO: + /*pam_send(ctxt, "i%s", msg[i]->msg);*/ + break; + default: + goto fail; } } + return (PAM_SUCCESS); + fail: + while (i) + free(resp[--i]); + free(*resp); + *resp = NULL; + return (PAM_CONV_ERR); +} - if (context_pam2.num_expected == 0) - return PAM_SUCCESS; - - packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); - packet_put_cstring(""); /* Name */ - packet_put_cstring(""); /* Instructions */ - packet_put_cstring(""); /* Language */ - packet_put_int(context_pam2.num_expected); - - for (i = 0, j = 0; i < num_msg; i++) { - int style = PAM_MSG_MEMBER(msg, i, msg_style); - - /* Skip messages which don't need a reply */ - if (style != PAM_PROMPT_ECHO_ON && style != PAM_PROMPT_ECHO_OFF) - continue; - - context_pam2.prompts[j++] = i; - if (text) { - message_cat(&text, PAM_MSG_MEMBER(msg, i, msg)); - packet_put_cstring(text); - text = NULL; - } else - packet_put_cstring(PAM_MSG_MEMBER(msg, i, msg)); - packet_put_char(style == PAM_PROMPT_ECHO_ON); - } - packet_send(); - packet_write_wait(); - - /* - * Grabbing control of execution and spinning until we get what - * we want is probably rude, but it seems to work properly, and - * the client *should* be in lock-step with us, so the loop should - * only be traversed once. - */ - while(context_pam2.finished == 0) { - done = 1; - dispatch_run(DISPATCH_BLOCK, &done, appdata_ptr); - if(context_pam2.finished == 0) - debug("extra packet during conversation"); - } +/* + * Child process. + */ +static void * +pam_child(struct pam_ctxt *ctxt) +{ + struct pam_conv pam_conv = { pam_child_conv, ctxt }; + pam_handle_t *pamh; + int pam_err; - if(context_pam2.num_received == context_pam2.num_expected) { - *resp = context_pam2.responses; - return PAM_SUCCESS; - } else - return PAM_CONV_ERR; + pam_err = pam_start("sshd", ctxt->pam_user, &pam_conv, &pamh); + if (pam_err != PAM_SUCCESS) + goto auth_fail; + pam_err = pam_authenticate(pamh, 0); + if (pam_err != PAM_SUCCESS) + goto auth_fail; + pam_send(ctxt, "=OK"); + pam_end(pamh, pam_err); + exit(0); + auth_fail: + pam_send(ctxt, "!%s", pam_strerror(pamh, pam_err)); + pam_end(pamh, pam_err); + exit(0); } -void -input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt) +static void * +pam_init_ctx(Authctxt *authctxt) { - Authctxt *authctxt = ctxt; - unsigned int nresp = 0, rlen = 0, i = 0; - char *resp; + struct pam_ctxt *ctxt; + int socks[2]; + int i; - if (authctxt == NULL) - fatal("input_userauth_info_response_pam: no authentication context"); + ctxt = xmalloc(sizeof *ctxt); + ctxt->pam_user = xstrdup(authctxt->user); + ctxt->pam_done = 0; + if (socketpair(AF_UNIX, SOCK_DGRAM, PF_UNSPEC, socks) == -1) { + error("%s: failed create sockets: %s", + __func__, strerror(errno)); + xfree(ctxt); + return (NULL); + } + if ((ctxt->pam_pid = fork()) == -1) { + error("%s: failed to fork auth-pam child: %s", + __func__, strerror(errno)); + close(socks[0]); + close(socks[1]); + xfree(ctxt); + return (NULL); + } + if (ctxt->pam_pid == 0) { + /* close everything except our end of the pipe */ + ctxt->pam_sock = socks[1]; + for (i = 0; i < getdtablesize(); ++i) + if (i != ctxt->pam_sock) + close(i); + pam_child(ctxt); + /* not reached */ + exit(1); + } + ctxt->pam_sock = socks[0]; + close(socks[1]); + return (ctxt); +} - nresp = packet_get_int(); /* Number of responses. */ - debug("got %d responses", nresp); +static int +pam_query(void *ctx, char **name, char **info, + u_int *num, char ***prompts, u_int **echo_on) +{ + struct pam_ctxt *ctxt = ctx; + char *msg; - for (i = 0; i < nresp; i++) { - int j = context_pam2.prompts[i]; + if ((msg = pam_receive(ctxt)) == NULL) + return (-1); + *name = xstrdup(""); + *info = xstrdup(""); + *prompts = xmalloc(sizeof(char *)); + *echo_on = xmalloc(sizeof(u_int)); + switch (*msg) { + case 'P': + **echo_on = 1; + case 'p': + *num = 1; + **prompts = xstrdup(msg + 1); + **echo_on = (*msg == 'P'); + break; + case '=': + *num = 0; + **echo_on = 0; + ctxt->pam_done = 1; + break; + case '!': + error("%s", msg + 1); + default: + *num = 0; + **echo_on = 0; + xfree(msg); + ctxt->pam_done = -1; + return (-1); + } + xfree(msg); + return (0); +} + +static int +pam_respond(void *ctx, u_int num, char **resp) +{ + struct pam_ctxt *ctxt = ctx; + char *msg; - resp = packet_get_string(&rlen); - context_pam2.responses[j].resp_retcode = PAM_SUCCESS; - context_pam2.responses[j].resp = xstrdup(resp); - xfree(resp); - context_pam2.num_received++; + debug2(__func__); + switch (ctxt->pam_done) { + case 1: + return (0); + case 0: + break; + default: + return (-1); + } + if (num != 1) { + error("expected one response, got %u", num); + return (-1); } + pam_send(ctxt, "%s", *resp); + switch (pam_peek(ctxt)) { + case 'P': + case 'p': + return (1); + case '=': + msg = pam_receive(ctxt); + xfree(msg); + ctxt->pam_done = 1; + return (0); + default: + msg = pam_receive(ctxt); + if (*msg == '!') + error("%s", msg + 1); + xfree(msg); + ctxt->pam_done = -1; + return (-1); + } +} - context_pam2.finished = 1; +static void +pam_free_ctx(void *ctxtp) +{ + struct pam_ctxt *ctxt = ctxtp; + int status; - packet_check_eom(); + close(ctxt->pam_sock); + kill(ctxt->pam_pid, SIGHUP); + waitpid(ctxt->pam_pid, &status, 0); + xfree(ctxt->pam_user); + xfree(ctxt); } -#endif +KbdintDevice pam_device = { + "pam", + pam_init_ctx, + pam_query, + pam_respond, + pam_free_ctx +}; + +#endif /* USE_PAM */ diff --git a/crypto/openssh/auth2-skey.c b/crypto/openssh/auth2-skey.c deleted file mode 100644 index 9de08fc..0000000 --- a/crypto/openssh/auth2-skey.c +++ /dev/null @@ -1,104 +0,0 @@ -#include "includes.h" -RCSID("$OpenBSD: auth2-skey.c,v 1.1 2000/10/11 20:14:38 markus Exp $"); - -#include "ssh.h" -#include "ssh2.h" -#include "auth.h" -#include "packet.h" -#include "xmalloc.h" -#include "dispatch.h" - -void send_userauth_into_request(Authctxt *authctxt, int echo); -void input_userauth_info_response(int type, int plen, void *ctxt); - -/* - * try skey authentication, always return -1 (= postponed) since we have to - * wait for the s/key response. - */ -int -auth2_skey(Authctxt *authctxt) -{ - send_userauth_into_request(authctxt, 0); - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &input_userauth_info_response); - return -1; -} - -void -send_userauth_into_request(Authctxt *authctxt, int echo) -{ - int retval = -1; - struct skey skey; - char challenge[SKEY_MAX_CHALLENGE]; - char *fake; - - if (authctxt->user == NULL) - fatal("send_userauth_into_request: internal error: no user"); - - /* get skey challenge */ - if (authctxt->valid) - retval = skeychallenge(&skey, authctxt->user, challenge); - - if (retval == -1) { - fake = skey_fake_keyinfo(authctxt->user); - strlcpy(challenge, fake, sizeof challenge); - } - /* send our info request */ - packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); - packet_put_cstring("S/Key Authentication"); /* Name */ - packet_put_cstring(challenge); /* Instruction */ - packet_put_cstring(""); /* Language */ - packet_put_int(1); /* Number of prompts */ - packet_put_cstring(echo ? - "Response [Echo]: ": "Response: "); /* Prompt */ - packet_put_char(echo); /* Echo */ - packet_send(); - packet_write_wait(); - memset(challenge, 'c', sizeof challenge); -} - -void -input_userauth_info_response(int type, int plen, void *ctxt) -{ - Authctxt *authctxt = ctxt; - int authenticated = 0; - unsigned int nresp, rlen; - char *resp, *method; - - if (authctxt == NULL) - fatal("input_userauth_info_response: no authentication context"); - - if (authctxt->attempt++ >= AUTH_FAIL_MAX) - packet_disconnect("too many failed userauth_requests"); - - nresp = packet_get_int(); - if (nresp == 1) { - /* we only support s/key and assume s/key for nresp == 1 */ - method = "s/key"; - resp = packet_get_string(&rlen); - packet_done(); - if (strlen(resp) == 0) { - /* - * if we received a null response, resend prompt with - * echo enabled - */ - authenticated = -1; - userauth_log(authctxt, authenticated, method); - send_userauth_into_request(authctxt, 1); - } else { - /* verify skey response */ - if (authctxt->valid && - skey_haskey(authctxt->pw->pw_name) == 0 && - skey_passcheck(authctxt->pw->pw_name, resp) != -1) { - authenticated = 1; - } else { - authenticated = 0; - } - memset(resp, 'r', rlen); - /* unregister callback */ - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); - userauth_log(authctxt, authenticated, method); - userauth_reply(authctxt, authenticated); - } - xfree(resp); - } -} diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index 6dfd91f..72fad08 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -24,6 +24,7 @@ #include "includes.h" RCSID("$OpenBSD: auth2.c,v 1.93 2002/05/31 11:35:15 markus Exp $"); +RCSID("$FreeBSD$"); #include "ssh2.h" #include "xmalloc.h" @@ -34,8 +35,13 @@ RCSID("$OpenBSD: auth2.c,v 1.93 2002/05/31 11:35:15 markus Exp $"); #include "auth.h" #include "dispatch.h" #include "pathnames.h" +#include "canohost.h" #include "monitor_wrap.h" +#ifdef HAVE_LOGIN_CAP +#include <login_cap.h> +#endif /* HAVE_LOGIN_CAP */ + /* import */ extern ServerOptions options; extern u_char *session_id2; @@ -85,10 +91,6 @@ do_authentication2(void) /* challenge-response is implemented via keyboard interactive */ if (options.challenge_response_authentication) options.kbd_interactive_authentication = 1; - if (options.pam_authentication_via_kbd_int) - options.kbd_interactive_authentication = 1; - if (use_privsep) - options.pam_authentication_via_kbd_int = 0; dispatch_init(&dispatch_protocol_error); dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); @@ -137,6 +139,15 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) Authmethod *m = NULL; char *user, *service, *method, *style = NULL; int authenticated = 0; +#ifdef HAVE_LOGIN_CAP + login_cap_t *lc; +#endif /* HAVE_LOGIN_CAP */ +#if defined(HAVE_LOGIN_CAP) + const char *from_host, *from_ip; + + from_host = get_canonical_hostname(options.verify_reverse_mapping); + from_ip = get_remote_ipaddr(); +#endif /* HAVE_LOGIN_CAP */ if (authctxt == NULL) fatal("input_userauth_request: no authctxt"); @@ -157,13 +168,11 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) authctxt->valid = 1; debug2("input_userauth_request: setting up authctxt for %s", user); #ifdef USE_PAM - PRIVSEP(start_pam(authctxt->pw->pw_name)); + start_pam(authctxt->pw); #endif } else { log("input_userauth_request: illegal user %s", user); -#ifdef USE_PAM - PRIVSEP(start_pam("NOUSER")); -#endif + authctxt->pw = NULL; } setproctitle("%s%s", authctxt->pw ? user : "unknown", use_privsep ? " [net]" : ""); @@ -178,6 +187,26 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) "(%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } + +#ifdef HAVE_LOGIN_CAP + if (authctxt->pw != NULL) { + lc = login_getpwclass(authctxt->pw); + if (lc == NULL) + lc = login_getclassbyname(NULL, authctxt->pw); + if (!auth_hostok(lc, from_host, from_ip)) { + log("Denied connection for %.200s from %.200s [%.200s].", + authctxt->pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } + if (!auth_timeok(lc, time(NULL))) { + log("LOGIN %.200s REFUSED (TIME) FROM %.200s", + authctxt->pw->pw_name, from_host); + packet_disconnect("Logins not available right now."); + } + login_close(lc); + lc = NULL; + } +#endif /* HAVE_LOGIN_CAP */ /* reset state */ auth2_challenge_stop(authctxt); authctxt->postponed = 0; @@ -188,6 +217,10 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) debug2("input_userauth_request: try method %s", method); authenticated = m->userauth(authctxt); } +#ifdef USE_PAM + if (authenticated && authctxt->user && !do_pam_account(authctxt->user, NULL)) + authenticated = 0; +#endif /* USE_PAM */ userauth_finish(authctxt, authenticated, method); xfree(service); @@ -209,12 +242,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) !auth_root_allowed(method)) authenticated = 0; -#ifdef USE_PAM - if (!use_privsep && authenticated && authctxt->user && - !do_pam_account(authctxt->user, NULL)) - authenticated = 0; -#endif /* USE_PAM */ - /* Log before sending the reply */ auth_log(authctxt, authenticated, method, " ssh2"); @@ -231,15 +258,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) /* now we can break out */ authctxt->success = 1; } else { - if (authctxt->failures++ > AUTH_FAIL_MAX) { -#ifdef WITH_AIXAUTHENTICATE - /* XXX: privsep */ - loginfailed(authctxt->user, - get_canonical_hostname(options.verify_reverse_mapping), - "ssh"); -#endif /* WITH_AIXAUTHENTICATE */ + if (authctxt->failures++ > AUTH_FAIL_MAX) packet_disconnect(AUTH_FAIL_MSG, authctxt->user); - } methods = authmethods_get(); packet_start(SSH2_MSG_USERAUTH_FAILURE); packet_put_cstring(methods); diff --git a/crypto/openssh/authfd.c b/crypto/openssh/authfd.c index a452a79..69fa660 100644 --- a/crypto/openssh/authfd.c +++ b/crypto/openssh/authfd.c @@ -36,6 +36,7 @@ #include "includes.h" RCSID("$OpenBSD: authfd.c,v 1.55 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include <openssl/evp.h> diff --git a/crypto/openssh/authfile.c b/crypto/openssh/authfile.c index 6d936de..6b63229 100644 --- a/crypto/openssh/authfile.c +++ b/crypto/openssh/authfile.c @@ -37,6 +37,7 @@ #include "includes.h" RCSID("$OpenBSD: authfile.c,v 1.49 2002/05/23 19:24:30 markus Exp $"); +RCSID("$FreeBSD$"); #include <openssl/err.h> #include <openssl/evp.h> @@ -484,9 +485,6 @@ key_perm_ok(int fd, const char *filename) * permissions of the file. if the key owned by a different user, * then we don't care. */ -#ifdef HAVE_CYGWIN - if (check_ntsec(filename)) -#endif if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); diff --git a/crypto/openssh/aux.c b/crypto/openssh/aux.c deleted file mode 100644 index 899142d..0000000 --- a/crypto/openssh/aux.c +++ /dev/null @@ -1,36 +0,0 @@ -#include "includes.h" -RCSID("$OpenBSD: aux.c,v 1.2 2000/05/17 09:47:59 markus Exp $"); - -#include "ssh.h" - -char * -chop(char *s) -{ - char *t = s; - while (*t) { - if(*t == '\n' || *t == '\r') { - *t = '\0'; - return s; - } - t++; - } - return s; - -} - -void -set_nonblock(int fd) -{ - int val; - val = fcntl(fd, F_GETFL, 0); - if (val < 0) { - error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); - return; - } - if (val & O_NONBLOCK) - return; - debug("fd %d setting O_NONBLOCK", fd); - val |= O_NONBLOCK; - if (fcntl(fd, F_SETFL, val) == -1) - error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, strerror(errno)); -} diff --git a/crypto/openssh/bufaux.c b/crypto/openssh/bufaux.c index 79f8bbd..17f0855 100644 --- a/crypto/openssh/bufaux.c +++ b/crypto/openssh/bufaux.c @@ -38,6 +38,7 @@ #include "includes.h" RCSID("$OpenBSD: bufaux.c,v 1.25 2002/04/20 09:14:58 markus Exp $"); +RCSID("$FreeBSD$"); #include <openssl/bn.h> #include "bufaux.h" @@ -157,7 +158,6 @@ buffer_get_int(Buffer *buffer) return GET_32BIT(buf); } -#ifdef HAVE_U_INT64_T u_int64_t buffer_get_int64(Buffer *buffer) { @@ -165,7 +165,6 @@ buffer_get_int64(Buffer *buffer) buffer_get(buffer, (char *) buf, 8); return GET_64BIT(buf); } -#endif /* * Stores integers in the buffer, msb first. @@ -186,7 +185,6 @@ buffer_put_int(Buffer *buffer, u_int value) buffer_append(buffer, buf, 4); } -#ifdef HAVE_U_INT64_T void buffer_put_int64(Buffer *buffer, u_int64_t value) { @@ -194,7 +192,6 @@ buffer_put_int64(Buffer *buffer, u_int64_t value) PUT_64BIT(buf, value); buffer_append(buffer, buf, 8); } -#endif /* * Returns an arbitrary binary string from the buffer. The string cannot diff --git a/crypto/openssh/canohost.c b/crypto/openssh/canohost.c index 00c499c..b0a0eb6 100644 --- a/crypto/openssh/canohost.c +++ b/crypto/openssh/canohost.c @@ -13,6 +13,7 @@ #include "includes.h" RCSID("$OpenBSD: canohost.c,v 1.32 2002/06/11 08:11:45 itojun Exp $"); +RCSID("$FreeBSD$"); #include "packet.h" #include "xmalloc.h" @@ -42,28 +43,6 @@ get_remote_hostname(int socket, int verify_reverse_mapping) debug("getpeername failed: %.100s", strerror(errno)); fatal_cleanup(); } -#ifdef IPV4_IN_IPV6 - if (from.ss_family == AF_INET6) { - struct sockaddr_in6 *from6 = (struct sockaddr_in6 *)&from; - - /* Detect IPv4 in IPv6 mapped address and convert it to */ - /* plain (AF_INET) IPv4 address */ - if (IN6_IS_ADDR_V4MAPPED(&from6->sin6_addr)) { - struct sockaddr_in *from4 = (struct sockaddr_in *)&from; - struct in_addr addr; - u_int16_t port; - - memcpy(&addr, ((char *)&from6->sin6_addr) + 12, sizeof(addr)); - port = from6->sin6_port; - - memset(&from, 0, sizeof(from)); - - from4->sin_family = AF_INET; - memcpy(&from4->sin_addr, &addr, sizeof(addr)); - from4->sin_port = port; - } - } -#endif if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0) diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index d34411e..00cf29d 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -40,6 +40,7 @@ #include "includes.h" RCSID("$OpenBSD: channels.c,v 1.175 2002/06/10 22:28:41 markus Exp $"); +RCSID("$FreeBSD$"); #include "ssh.h" #include "ssh1.h" @@ -129,7 +130,7 @@ static u_int x11_fake_data_len; #define NUM_SOCKS 10 /* AF_UNSPEC or AF_INET or AF_INET6 */ -static int IPv4or6 = AF_UNSPEC; +int IPv4or6 = AF_UNSPEC; /* helper */ static void port_open_helper(Channel *c, char *rtype); @@ -2057,11 +2058,7 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por /* Bind the socket to the address. */ if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { /* address can be in use ipv6 address is already bound */ - if (!ai->ai_next) - error("bind: %.100s", strerror(errno)); - else - verbose("bind: %.100s", strerror(errno)); - + verbose("bind: %.100s", strerror(errno)); close(sock); continue; } @@ -2180,7 +2177,6 @@ channel_input_port_forward_request(int is_root, int gateway_ports) hostname = packet_get_string(NULL); host_port = packet_get_int(); -#ifndef HAVE_CYGWIN /* * Check that an unprivileged user is not trying to forward a * privileged port. @@ -2188,7 +2184,6 @@ channel_input_port_forward_request(int is_root, int gateway_ports) if (port < IPPORT_RESERVED && !is_root) packet_disconnect("Requested forwarding of port %d but user is not root.", port); -#endif /* Initiate forwarding */ channel_setup_local_fwd_listener(port, hostname, host_port, gateway_ports); @@ -2360,29 +2355,12 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, continue; sock = socket(ai->ai_family, SOCK_STREAM, 0); if (sock < 0) { - if ((errno != EINVAL) && (errno != EAFNOSUPPORT)) { - error("socket: %.100s", strerror(errno)); - return -1; - } else { - debug("x11_create_display_inet: Socket family %d not supported", - ai->ai_family); - continue; - } - } -#ifdef IPV6_V6ONLY - if (ai->ai_family == AF_INET6) { - int on = 1; - if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) - error("setsockopt IPV6_V6ONLY: %.100s", strerror(errno)); + error("socket: %.100s", strerror(errno)); + return -1; } -#endif if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { debug("bind port %d: %.100s", port, strerror(errno)); close(sock); - - if (ai->ai_next) - continue; - for (n = 0; n < num_socks; n++) { close(socks[n]); } @@ -2390,17 +2368,8 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, break; } socks[num_socks++] = sock; -#ifndef DONT_TRY_OTHER_AF if (num_socks == NUM_SOCKS) break; -#else - if (x11_use_localhost) { - if (num_socks == NUM_SOCKS) - break; - } else { - break; - } -#endif } freeaddrinfo(aitop); if (num_socks > 0) diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h index 9ceff3e..12876d3 100644 --- a/crypto/openssh/channels.h +++ b/crypto/openssh/channels.h @@ -1,4 +1,5 @@ /* $OpenBSD: channels.h,v 1.68 2002/06/10 22:28:41 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/cipher.c b/crypto/openssh/cipher.c index b18c701..0892423 100644 --- a/crypto/openssh/cipher.c +++ b/crypto/openssh/cipher.c @@ -36,6 +36,7 @@ #include "includes.h" RCSID("$OpenBSD: cipher.c,v 1.59 2002/06/19 18:01:00 markus Exp $"); +RCSID("$FreeBSD$"); #include "xmalloc.h" #include "log.h" @@ -43,11 +44,6 @@ RCSID("$OpenBSD: cipher.c,v 1.59 2002/06/19 18:01:00 markus Exp $"); #include <openssl/md5.h> -#if OPENSSL_VERSION_NUMBER < 0x00906000L -#define SSH_OLD_EVP -#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) -#endif - #if OPENSSL_VERSION_NUMBER < 0x00907000L #include "rijndael.h" static const EVP_CIPHER *evp_rijndael(void); @@ -193,11 +189,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, int encrypt) { static int dowarn = 1; -#ifdef SSH_OLD_EVP - EVP_CIPHER *type; -#else const EVP_CIPHER *type; -#endif int klen; if (cipher->number == SSH_CIPHER_DES) { @@ -222,15 +214,6 @@ cipher_init(CipherContext *cc, Cipher *cipher, type = (*cipher->evptype)(); EVP_CIPHER_CTX_init(&cc->evp); -#ifdef SSH_OLD_EVP - if (type->key_len > 0 && type->key_len != keylen) { - debug("cipher_init: set keylen (%d -> %d)", - type->key_len, keylen); - type->key_len = keylen; - } - EVP_CipherInit(&cc->evp, type, (u_char *)key, (u_char *)iv, - (encrypt == CIPHER_ENCRYPT)); -#else if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) fatal("cipher_init: EVP_CipherInit failed for %s", @@ -245,7 +228,6 @@ cipher_init(CipherContext *cc, Cipher *cipher, if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) fatal("cipher_init: EVP_CipherInit: set key failed for %s", cipher->name); -#endif } void @@ -253,23 +235,15 @@ cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) { if (len % cc->cipher->block_size) fatal("cipher_encrypt: bad plaintext length %d", len); -#ifdef SSH_OLD_EVP - EVP_Cipher(&cc->evp, dest, (u_char *)src, len); -#else if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) fatal("evp_crypt: EVP_Cipher failed"); -#endif } void cipher_cleanup(CipherContext *cc) { -#ifdef SSH_OLD_EVP - EVP_CIPHER_CTX_cleanup(&cc->evp); -#else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); -#endif } /* @@ -340,11 +314,6 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, EVP_CIPHER_CTX_init(&c->k1); EVP_CIPHER_CTX_init(&c->k2); EVP_CIPHER_CTX_init(&c->k3); -#ifdef SSH_OLD_EVP - EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc); - EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc); - EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc); -#else if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { @@ -353,7 +322,6 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, EVP_CIPHER_CTX_set_app_data(ctx, NULL); return (0); } -#endif return (1); } static int @@ -365,16 +333,10 @@ ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) error("ssh1_3des_cbc: no context"); return (0); } -#ifdef SSH_OLD_EVP - EVP_Cipher(&c->k1, dest, (u_char *)src, len); - EVP_Cipher(&c->k2, dest, dest, len); - EVP_Cipher(&c->k3, dest, dest, len); -#else if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 || EVP_Cipher(&c->k2, dest, dest, len) == 0 || EVP_Cipher(&c->k3, dest, dest, len) == 0) return (0); -#endif return (1); } static int @@ -402,9 +364,7 @@ evp_ssh1_3des(void) ssh1_3des.init = ssh1_3des_init; ssh1_3des.cleanup = ssh1_3des_cleanup; ssh1_3des.do_cipher = ssh1_3des_cbc; -#ifndef SSH_OLD_EVP ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH; -#endif return (&ssh1_3des); } @@ -553,10 +513,8 @@ evp_rijndael(void) rijndal_cbc.init = ssh_rijndael_init; rijndal_cbc.cleanup = ssh_rijndael_cleanup; rijndal_cbc.do_cipher = ssh_rijndael_cbc; -#ifndef SSH_OLD_EVP rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT; -#endif return (&rijndal_cbc); } #endif diff --git a/crypto/openssh/cipher.h b/crypto/openssh/cipher.h index fc7f6dd..3847bda 100644 --- a/crypto/openssh/cipher.h +++ b/crypto/openssh/cipher.h @@ -1,4 +1,5 @@ /* $OpenBSD: cipher.h,v 1.33 2002/03/18 17:13:15 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c index 406b47c..3344dd6 100644 --- a/crypto/openssh/compat.c +++ b/crypto/openssh/compat.c @@ -24,6 +24,7 @@ #include "includes.h" RCSID("$OpenBSD: compat.c,v 1.63 2002/04/10 08:21:47 markus Exp $"); +RCSID("$FreeBSD$"); #include "buffer.h" #include "packet.h" diff --git a/crypto/openssh/compat.h b/crypto/openssh/compat.h index 7afca04..a0d2534 100644 --- a/crypto/openssh/compat.h +++ b/crypto/openssh/compat.h @@ -1,4 +1,5 @@ /* $OpenBSD: compat.h,v 1.32 2002/04/10 08:21:47 markus Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/dsa.c b/crypto/openssh/dsa.c deleted file mode 100644 index 4ff4b58..0000000 --- a/crypto/openssh/dsa.c +++ /dev/null @@ -1,304 +0,0 @@ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD: dsa.c,v 1.11 2000/09/07 20:27:51 deraadt Exp $"); - -#include "ssh.h" -#include "xmalloc.h" -#include "buffer.h" -#include "bufaux.h" -#include "compat.h" - -#include <openssl/bn.h> -#include <openssl/dh.h> -#include <openssl/rsa.h> -#include <openssl/dsa.h> -#include <openssl/evp.h> -#include <openssl/bio.h> -#include <openssl/pem.h> - -#include <openssl/hmac.h> -#include "kex.h" -#include "key.h" -#include "uuencode.h" - -#define INTBLOB_LEN 20 -#define SIGBLOB_LEN (2*INTBLOB_LEN) - -Key * -dsa_key_from_blob(char *blob, int blen) -{ - Buffer b; - char *ktype; - int rlen; - DSA *dsa; - Key *key; - -#ifdef DEBUG_DSS - dump_base64(stderr, blob, blen); -#endif - /* fetch & parse DSA/DSS pubkey */ - buffer_init(&b); - buffer_append(&b, blob, blen); - ktype = buffer_get_string(&b, NULL); - if (strcmp(KEX_DSS, ktype) != 0) { - error("dsa_key_from_blob: cannot handle type %s", ktype); - buffer_free(&b); - xfree(ktype); - return NULL; - } - key = key_new(KEY_DSA); - dsa = key->dsa; - buffer_get_bignum2(&b, dsa->p); - buffer_get_bignum2(&b, dsa->q); - buffer_get_bignum2(&b, dsa->g); - buffer_get_bignum2(&b, dsa->pub_key); - rlen = buffer_len(&b); - if(rlen != 0) - error("dsa_key_from_blob: remaining bytes in key blob %d", rlen); - buffer_free(&b); - xfree(ktype); - -#ifdef DEBUG_DSS - DSA_print_fp(stderr, dsa, 8); -#endif - return key; -} -int -dsa_make_key_blob(Key *key, unsigned char **blobp, unsigned int *lenp) -{ - Buffer b; - int len; - unsigned char *buf; - - if (key == NULL || key->type != KEY_DSA) - return 0; - buffer_init(&b); - buffer_put_cstring(&b, KEX_DSS); - buffer_put_bignum2(&b, key->dsa->p); - buffer_put_bignum2(&b, key->dsa->q); - buffer_put_bignum2(&b, key->dsa->g); - buffer_put_bignum2(&b, key->dsa->pub_key); - len = buffer_len(&b); - buf = xmalloc(len); - memcpy(buf, buffer_ptr(&b), len); - memset(buffer_ptr(&b), 0, len); - buffer_free(&b); - if (lenp != NULL) - *lenp = len; - if (blobp != NULL) - *blobp = buf; - return len; -} -int -dsa_sign( - Key *key, - unsigned char **sigp, int *lenp, - unsigned char *data, int datalen) -{ - unsigned char *digest; - unsigned char *ret; - DSA_SIG *sig; - EVP_MD *evp_md = EVP_sha1(); - EVP_MD_CTX md; - unsigned int rlen; - unsigned int slen; - unsigned int len; - unsigned char sigblob[SIGBLOB_LEN]; - Buffer b; - - if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) { - error("dsa_sign: no DSA key"); - return -1; - } - digest = xmalloc(evp_md->md_size); - EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, NULL); - - sig = DSA_do_sign(digest, evp_md->md_size, key->dsa); - if (sig == NULL) { - fatal("dsa_sign: cannot sign"); - } - - rlen = BN_num_bytes(sig->r); - slen = BN_num_bytes(sig->s); - if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) { - error("bad sig size %d %d", rlen, slen); - DSA_SIG_free(sig); - return -1; - } - debug("sig size %d %d", rlen, slen); - - memset(sigblob, 0, SIGBLOB_LEN); - BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); - BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); - DSA_SIG_free(sig); - - if (datafellows & SSH_BUG_SIGBLOB) { - debug("datafellows"); - ret = xmalloc(SIGBLOB_LEN); - memcpy(ret, sigblob, SIGBLOB_LEN); - if (lenp != NULL) - *lenp = SIGBLOB_LEN; - if (sigp != NULL) - *sigp = ret; - } else { - /* ietf-drafts */ - buffer_init(&b); - buffer_put_cstring(&b, KEX_DSS); - buffer_put_string(&b, sigblob, SIGBLOB_LEN); - len = buffer_len(&b); - ret = xmalloc(len); - memcpy(ret, buffer_ptr(&b), len); - buffer_free(&b); - if (lenp != NULL) - *lenp = len; - if (sigp != NULL) - *sigp = ret; - } - return 0; -} -int -dsa_verify( - Key *key, - unsigned char *signature, int signaturelen, - unsigned char *data, int datalen) -{ - Buffer b; - unsigned char *digest; - DSA_SIG *sig; - EVP_MD *evp_md = EVP_sha1(); - EVP_MD_CTX md; - unsigned char *sigblob; - char *txt; - unsigned int len; - int rlen; - int ret; - - if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) { - error("dsa_verify: no DSA key"); - return -1; - } - - if (!(datafellows & SSH_BUG_SIGBLOB) && - signaturelen == SIGBLOB_LEN) { - datafellows |= ~SSH_BUG_SIGBLOB; - log("autodetect SSH_BUG_SIGBLOB"); - } else if ((datafellows & SSH_BUG_SIGBLOB) && - signaturelen != SIGBLOB_LEN) { - log("autoremove SSH_BUG_SIGBLOB"); - datafellows &= ~SSH_BUG_SIGBLOB; - } - - debug("len %d datafellows %d", signaturelen, datafellows); - - /* fetch signature */ - if (datafellows & SSH_BUG_SIGBLOB) { - sigblob = signature; - len = signaturelen; - } else { - /* ietf-drafts */ - char *ktype; - buffer_init(&b); - buffer_append(&b, (char *) signature, signaturelen); - ktype = buffer_get_string(&b, NULL); - if (strcmp(KEX_DSS, ktype) != 0) { - error("dsa_verify: cannot handle type %s", ktype); - buffer_free(&b); - return -1; - } - sigblob = (unsigned char *)buffer_get_string(&b, &len); - rlen = buffer_len(&b); - if(rlen != 0) { - error("remaining bytes in signature %d", rlen); - buffer_free(&b); - return -1; - } - buffer_free(&b); - xfree(ktype); - } - - if (len != SIGBLOB_LEN) { - fatal("bad sigbloblen %d != SIGBLOB_LEN", len); - } - - /* parse signature */ - sig = DSA_SIG_new(); - sig->r = BN_new(); - sig->s = BN_new(); - BN_bin2bn(sigblob, INTBLOB_LEN, sig->r); - BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s); - - if (!(datafellows & SSH_BUG_SIGBLOB)) { - memset(sigblob, 0, len); - xfree(sigblob); - } - - /* sha1 the data */ - digest = xmalloc(evp_md->md_size); - EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, NULL); - - ret = DSA_do_verify(digest, evp_md->md_size, sig, key->dsa); - - memset(digest, 0, evp_md->md_size); - xfree(digest); - DSA_SIG_free(sig); - - switch (ret) { - case 1: - txt = "correct"; - break; - case 0: - txt = "incorrect"; - break; - case -1: - default: - txt = "error"; - break; - } - debug("dsa_verify: signature %s", txt); - return ret; -} - -Key * -dsa_generate_key(unsigned int bits) -{ - DSA *dsa = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL); - Key *k; - if (dsa == NULL) { - fatal("DSA_generate_parameters failed"); - } - if (!DSA_generate_key(dsa)) { - fatal("DSA_generate_keys failed"); - } - - k = key_new(KEY_EMPTY); - k->type = KEY_DSA; - k->dsa = dsa; - return k; -} diff --git a/crypto/openssh/dsa.h b/crypto/openssh/dsa.h deleted file mode 100644 index 252e788..0000000 --- a/crypto/openssh/dsa.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef DSA_H -#define DSA_H - -Key *dsa_key_from_blob(char *blob, int blen); -int dsa_make_key_blob(Key *key, unsigned char **blobp, unsigned int *lenp); - -int -dsa_sign( - Key *key, - unsigned char **sigp, int *lenp, - unsigned char *data, int datalen); - -int -dsa_verify( - Key *key, - unsigned char *signature, int signaturelen, - unsigned char *data, int datalen); - -Key * -dsa_generate_key(unsigned int bits); - -#endif diff --git a/crypto/openssh/fingerprint.c b/crypto/openssh/fingerprint.c deleted file mode 100644 index 4b0966d..0000000 --- a/crypto/openssh/fingerprint.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1999 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Markus Friedl. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$Id: fingerprint.c,v 1.6 2000/04/12 09:39:10 markus Exp $"); - -#include "ssh.h" -#include "xmalloc.h" -#include <openssl/md5.h> - -#define FPRINT "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x" - -/* - * Generate key fingerprint in ascii format. - * Based on ideas and code from Bjoern Groenvall <bg@sics.se> - */ -char * -fingerprint(BIGNUM *e, BIGNUM *n) -{ - static char retval[80]; - MD5_CTX md; - unsigned char d[16]; - unsigned char *buf; - int nlen, elen; - - nlen = BN_num_bytes(n); - elen = BN_num_bytes(e); - - buf = xmalloc(nlen + elen); - - BN_bn2bin(n, buf); - BN_bn2bin(e, buf + nlen); - - MD5_Init(&md); - MD5_Update(&md, buf, nlen + elen); - MD5_Final(d, &md); - snprintf(retval, sizeof(retval), FPRINT, - d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], - d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); - memset(buf, 0, nlen + elen); - xfree(buf); - return retval; -} diff --git a/crypto/openssh/fingerprint.h b/crypto/openssh/fingerprint.h deleted file mode 100644 index fbb0d4c..0000000 --- a/crypto/openssh/fingerprint.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 1999 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Markus Friedl. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -/* RCSID("$Id: fingerprint.h,v 1.3 1999/11/24 16:15:25 markus Exp $"); */ - -#ifndef FINGERPRINT_H -#define FINGERPRINT_H -char *fingerprint(BIGNUM * e, BIGNUM * n); -#endif diff --git a/crypto/openssh/hmac.c b/crypto/openssh/hmac.c deleted file mode 100644 index 48a1763..0000000 --- a/crypto/openssh/hmac.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD: hmac.c,v 1.4 2000/09/07 20:27:51 deraadt Exp $"); - -#include "xmalloc.h" -#include "ssh.h" -#include "getput.h" - -#include <openssl/hmac.h> - -unsigned char * -hmac( - EVP_MD *evp_md, - unsigned int seqno, - unsigned char *data, int datalen, - unsigned char *key, int keylen) -{ - HMAC_CTX c; - static unsigned char m[EVP_MAX_MD_SIZE]; - unsigned char b[4]; - - if (key == NULL) - fatal("hmac: no key"); - HMAC_Init(&c, key, keylen, evp_md); - PUT_32BIT(b, seqno); - HMAC_Update(&c, b, sizeof b); - HMAC_Update(&c, data, datalen); - HMAC_Final(&c, m, NULL); - HMAC_cleanup(&c); - return(m); -} diff --git a/crypto/openssh/hmac.h b/crypto/openssh/hmac.h deleted file mode 100644 index 281300e..0000000 --- a/crypto/openssh/hmac.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef HMAC_H -#define HMAC_H - -unsigned char * -hmac( - EVP_MD *evp_md, - unsigned int seqno, - unsigned char *data, int datalen, - unsigned char *key, int len); - -#endif diff --git a/crypto/openssh/hostfile.c b/crypto/openssh/hostfile.c index cefff8d..5b2ee4b 100644 --- a/crypto/openssh/hostfile.c +++ b/crypto/openssh/hostfile.c @@ -37,6 +37,7 @@ #include "includes.h" RCSID("$OpenBSD: hostfile.c,v 1.29 2001/12/18 10:04:21 jakob Exp $"); +RCSID("$FreeBSD$"); #include "packet.h" #include "match.h" diff --git a/crypto/openssh/includes.h b/crypto/openssh/includes.h index e20d7a5..3cef95d 100644 --- a/crypto/openssh/includes.h +++ b/crypto/openssh/includes.h @@ -1,4 +1,5 @@ /* $OpenBSD: includes.h,v 1.17 2002/01/26 16:44:22 stevesk Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -16,145 +17,51 @@ #ifndef INCLUDES_H #define INCLUDES_H -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } +#define RCSID(msg) __RCSID(msg) -#include "config.h" +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/select.h> +#include <sys/param.h> +#include <sys/ioctl.h> +#include <sys/stat.h> +#include <sys/wait.h> +#include <sys/time.h> +#include <sys/un.h> +#include <sys/resource.h> +#include <machine/endian.h> + +#include <netinet/in.h> +#include <netinet/in_systm.h> +#include <netinet/tcp.h> +#include <netinet/ip.h> +#include <arpa/inet.h> +#include <netdb.h> #include <stdio.h> #include <ctype.h> #include <errno.h> -#include <fcntl.h> /* For O_NONBLOCK */ +#include <fcntl.h> #include <signal.h> +#include <termios.h> #include <stdlib.h> #include <string.h> #include <stdarg.h> #include <pwd.h> #include <grp.h> +#include <unistd.h> #include <time.h> +#include <paths.h> #include <dirent.h> -#ifdef HAVE_LIMITS_H -# include <limits.h> /* For PATH_MAX */ -#endif -#ifdef HAVE_GETOPT_H -# include <getopt.h> -#endif -#ifdef HAVE_BSTRING_H -# include <bstring.h> -#endif -#if defined(HAVE_GLOB_H) && defined(GLOB_HAS_ALTDIRFUNC) && \ - defined(GLOB_HAS_GL_MATCHC) -# include <glob.h> -#endif -#ifdef HAVE_NETGROUP_H -# include <netgroup.h> -#endif -#if defined(HAVE_NETDB_H) -# include <netdb.h> -#endif -#ifdef HAVE_ENDIAN_H -# include <endian.h> -#endif -#ifdef HAVE_TTYENT_H -# include <ttyent.h> -#endif -#ifdef HAVE_UTIME_H -# include <utime.h> -#endif -#ifdef HAVE_MAILLOCK_H -# include <maillock.h> /* For _PATH_MAILDIR */ -#endif -#ifdef HAVE_NEXT -# include <libc.h> -#endif -#include <unistd.h> /* For STDIN_FILENO, etc */ -#include <termios.h> /* Struct winsize */ +#include "version.h" /* - *-*-nto-qnx needs these headers for strcasecmp and LASTLOG_FILE respectively + * Define this to use pipes instead of socketpairs for communicating with the + * client program. Socketpairs do not seem to work on all systems. + * Although pipes are bi-directional in FreeBSD, using pipes here will + * make <stdin> uni-directional ! */ -#ifdef HAVE_STRINGS_H -# include <strings.h> -#endif -#ifdef HAVE_LOGIN_H -# include <login.h> -#endif - -#ifdef HAVE_UTMP_H -# include <utmp.h> -#endif -#ifdef HAVE_UTMPX_H -# ifdef HAVE_TV_IN_UTMPX -# include <sys/time.h> -# endif -# include <utmpx.h> -#endif -#ifdef HAVE_LASTLOG_H -# include <lastlog.h> -#endif -#ifdef HAVE_PATHS_H -# include <paths.h> /* For _PATH_XXX */ -#endif - -#include <sys/types.h> -#include <sys/socket.h> -#include <sys/ioctl.h> -#include <sys/wait.h> -#ifdef HAVE_SYS_TIME_H -# include <sys/time.h> /* For timersub */ -#endif -#include <sys/resource.h> -#ifdef HAVE_SYS_SELECT_H -# include <sys/select.h> -#endif -#ifdef HAVE_SYS_BSDTTY_H -# include <sys/bsdtty.h> -#endif -#include <sys/param.h> /* For MAXPATHLEN and roundup() */ -#ifdef HAVE_SYS_UN_H -# include <sys/un.h> /* For sockaddr_un */ -#endif -#ifdef HAVE_SYS_BITYPES_H -# include <sys/bitypes.h> /* For u_intXX_t */ -#endif -#ifdef HAVE_SYS_CDEFS_H -# include <sys/cdefs.h> /* For __P() */ -#endif -#ifdef HAVE_SYS_STAT_H -# include <sys/stat.h> /* For S_* constants and macros */ -#endif -#ifdef HAVE_SYS_SYSMACROS_H -# include <sys/sysmacros.h> /* For MIN, MAX, etc */ -#endif -#ifdef HAVE_SYS_MMAN_H -#include <sys/mman.h> /* for MAP_ANONYMOUS */ -#endif - -#include <netinet/in_systm.h> /* For typedefs */ -#include <netinet/in.h> /* For IPv6 macros */ -#include <netinet/ip.h> /* For IPTOS macros */ -#include <netinet/tcp.h> -#include <arpa/inet.h> -#ifdef HAVE_RPC_TYPES_H -# include <rpc/types.h> /* For INADDR_LOOPBACK */ -#endif -#ifdef USE_PAM -# include <security/pam_appl.h> -#endif -#ifdef HAVE_READPASSPHRASE_H -# include <readpassphrase.h> -#endif - -#include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */ - -#include "defines.h" - -#include "version.h" -#include "openbsd-compat/openbsd-compat.h" -#include "openbsd-compat/bsd-cygwin_util.h" -#include "openbsd-compat/bsd-nextstep.h" - -#include "entropy.h" +/* #define USE_PIPES 1 */ -#endif /* INCLUDES_H */ +#endif /* INCLUDES_H */ diff --git a/crypto/openssh/key.c b/crypto/openssh/key.c index 2d850c8..610ce4a 100644 --- a/crypto/openssh/key.c +++ b/crypto/openssh/key.c @@ -33,6 +33,7 @@ */ #include "includes.h" RCSID("$OpenBSD: key.c,v 1.44 2002/05/31 13:16:48 markus Exp $"); +RCSID("$FreeBSD$"); #include <openssl/evp.h> diff --git a/crypto/openssh/log-client.c b/crypto/openssh/log-client.c deleted file mode 100644 index 505c8c3..0000000 --- a/crypto/openssh/log-client.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * Client-side versions of debug(), log(), etc. These print to stderr. - * This is a stripped down version of log-server.c. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD: log-client.c,v 1.12 2000/09/12 20:53:10 markus Exp $"); - -#include "xmalloc.h" -#include "ssh.h" - -static LogLevel log_level = SYSLOG_LEVEL_INFO; - -/* Initialize the log. - * av0 program name (should be argv[0]) - * level logging level - */ - -void -log_init(char *av0, LogLevel level, SyslogFacility ignored1, int ignored2) -{ - switch (level) { - case SYSLOG_LEVEL_QUIET: - case SYSLOG_LEVEL_ERROR: - case SYSLOG_LEVEL_FATAL: - case SYSLOG_LEVEL_INFO: - case SYSLOG_LEVEL_VERBOSE: - case SYSLOG_LEVEL_DEBUG1: - case SYSLOG_LEVEL_DEBUG2: - case SYSLOG_LEVEL_DEBUG3: - log_level = level; - break; - default: - /* unchanged */ - break; - } -} - -#define MSGBUFSIZ 1024 - -void -do_log(LogLevel level, const char *fmt, va_list args) -{ - char msgbuf[MSGBUFSIZ]; - - if (level > log_level) - return; - if (level >= SYSLOG_LEVEL_DEBUG1) - fprintf(stderr, "debug: "); - vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); - fprintf(stderr, "%s\r\n", msgbuf); -} diff --git a/crypto/openssh/log-server.c b/crypto/openssh/log-server.c deleted file mode 100644 index de3d5cf..0000000 --- a/crypto/openssh/log-server.c +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * Server-side versions of debug(), log(), etc. These normally send the output - * to the system log. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD: log-server.c,v 1.17 2000/09/12 20:53:10 markus Exp $"); - -#include <syslog.h> -#include "packet.h" -#include "xmalloc.h" -#include "ssh.h" - -static LogLevel log_level = SYSLOG_LEVEL_INFO; -static int log_on_stderr = 0; -static int log_facility = LOG_AUTH; - -/* Initialize the log. - * av0 program name (should be argv[0]) - * on_stderr print also on stderr - * level logging level - */ - -void -log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) -{ - switch (level) { - case SYSLOG_LEVEL_QUIET: - case SYSLOG_LEVEL_ERROR: - case SYSLOG_LEVEL_FATAL: - case SYSLOG_LEVEL_INFO: - case SYSLOG_LEVEL_VERBOSE: - case SYSLOG_LEVEL_DEBUG1: - case SYSLOG_LEVEL_DEBUG2: - case SYSLOG_LEVEL_DEBUG3: - log_level = level; - break; - default: - fprintf(stderr, "Unrecognized internal syslog level code %d\n", - (int) level); - exit(1); - } - switch (facility) { - case SYSLOG_FACILITY_DAEMON: - log_facility = LOG_DAEMON; - break; - case SYSLOG_FACILITY_USER: - log_facility = LOG_USER; - break; - case SYSLOG_FACILITY_AUTH: - log_facility = LOG_AUTH; - break; - case SYSLOG_FACILITY_LOCAL0: - log_facility = LOG_LOCAL0; - break; - case SYSLOG_FACILITY_LOCAL1: - log_facility = LOG_LOCAL1; - break; - case SYSLOG_FACILITY_LOCAL2: - log_facility = LOG_LOCAL2; - break; - case SYSLOG_FACILITY_LOCAL3: - log_facility = LOG_LOCAL3; - break; - case SYSLOG_FACILITY_LOCAL4: - log_facility = LOG_LOCAL4; - break; - case SYSLOG_FACILITY_LOCAL5: - log_facility = LOG_LOCAL5; - break; - case SYSLOG_FACILITY_LOCAL6: - log_facility = LOG_LOCAL6; - break; - case SYSLOG_FACILITY_LOCAL7: - log_facility = LOG_LOCAL7; - break; - default: - fprintf(stderr, "Unrecognized internal syslog facility code %d\n", - (int) facility); - exit(1); - } - log_on_stderr = on_stderr; -} - -#define MSGBUFSIZ 1024 - -void -do_log(LogLevel level, const char *fmt, va_list args) -{ - char msgbuf[MSGBUFSIZ]; - char fmtbuf[MSGBUFSIZ]; - char *txt = NULL; - int pri = LOG_INFO; - extern char *__progname; - - if (level > log_level) - return; - switch (level) { - case SYSLOG_LEVEL_ERROR: - txt = "error"; - pri = LOG_ERR; - break; - case SYSLOG_LEVEL_FATAL: - txt = "fatal"; - pri = LOG_ERR; - break; - case SYSLOG_LEVEL_INFO: - case SYSLOG_LEVEL_VERBOSE: - pri = LOG_INFO; - break; - case SYSLOG_LEVEL_DEBUG1: - txt = "debug1"; - pri = LOG_DEBUG; - break; - case SYSLOG_LEVEL_DEBUG2: - txt = "debug2"; - pri = LOG_DEBUG; - break; - case SYSLOG_LEVEL_DEBUG3: - txt = "debug3"; - pri = LOG_DEBUG; - break; - default: - txt = "internal error"; - pri = LOG_ERR; - break; - } - if (txt != NULL) { - snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt); - vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args); - } else { - vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); - } - if (log_on_stderr) { - fprintf(stderr, "%s\n", msgbuf); - } else { - openlog(__progname, LOG_PID, log_facility); - syslog(pri, "%.500s", msgbuf); - closelog(); - } -} diff --git a/crypto/openssh/login.c b/crypto/openssh/login.c deleted file mode 100644 index 1d59cd8..0000000 --- a/crypto/openssh/login.c +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * This file performs some of the things login(1) normally does. We cannot - * easily use something like login -p -h host -f user, because there are - * several different logins around, and it is hard to determined what kind of - * login the current system has. Also, we want to be able to execute commands - * on a tty. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * Copyright (c) 1999 Theo de Raadt. All rights reserved. - * Copyright (c) 1999 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD: login.c,v 1.15 2000/09/07 20:27:52 deraadt Exp $"); - -#include <util.h> -#include <utmp.h> -#include "ssh.h" - -/* - * Returns the time when the user last logged in. Returns 0 if the - * information is not available. This must be called before record_login. - * The host the user logged in from will be returned in buf. - */ - -/* - * Returns the time when the user last logged in (or 0 if no previous login - * is found). The name of the host used last time is returned in buf. - */ - -unsigned long -get_last_login_time(uid_t uid, const char *logname, - char *buf, unsigned int bufsize) -{ - struct lastlog ll; - char *lastlog; - int fd; - - lastlog = _PATH_LASTLOG; - buf[0] = '\0'; - - fd = open(lastlog, O_RDONLY); - if (fd < 0) - return 0; - lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); - if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) { - close(fd); - return 0; - } - close(fd); - if (bufsize > sizeof(ll.ll_host) + 1) - bufsize = sizeof(ll.ll_host) + 1; - strncpy(buf, ll.ll_host, bufsize - 1); - buf[bufsize - 1] = 0; - return ll.ll_time; -} - -/* - * Records that the user has logged in. I these parts of operating systems - * were more standardized. - */ - -void -record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr * addr) -{ - int fd; - struct lastlog ll; - char *lastlog; - struct utmp u; - const char *utmp, *wtmp; - - /* Construct an utmp/wtmp entry. */ - memset(&u, 0, sizeof(u)); - strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line)); - u.ut_time = time(NULL); - strncpy(u.ut_name, user, sizeof(u.ut_name)); - strncpy(u.ut_host, host, sizeof(u.ut_host)); - - /* Figure out the file names. */ - utmp = _PATH_UTMP; - wtmp = _PATH_WTMP; - - login(&u); - lastlog = _PATH_LASTLOG; - - /* Update lastlog unless actually recording a logout. */ - if (strcmp(user, "") != 0) { - /* - * It is safer to bzero the lastlog structure first because - * some systems might have some extra fields in it (e.g. SGI) - */ - memset(&ll, 0, sizeof(ll)); - - /* Update lastlog. */ - ll.ll_time = time(NULL); - strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line)); - strncpy(ll.ll_host, host, sizeof(ll.ll_host)); - fd = open(lastlog, O_RDWR); - if (fd >= 0) { - lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); - if (write(fd, &ll, sizeof(ll)) != sizeof(ll)) - log("Could not write %.100s: %.100s", lastlog, strerror(errno)); - close(fd); - } - } -} - -/* Records that the user has logged out. */ - -void -record_logout(pid_t pid, const char *ttyname) -{ - const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ - if (logout(line)) - logwtmp(line, "", ""); -} diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index 39b6248..c37da19 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -26,11 +26,12 @@ #include "includes.h" RCSID("$OpenBSD: monitor.c,v 1.16 2002/06/21 05:50:51 djm Exp $"); +RCSID("$FreeBSD$"); #include <openssl/dh.h> #ifdef SKEY -#include <skey.h> +#include <opie.h> #endif #include "ssh.h" @@ -116,10 +117,6 @@ int mm_answer_rsa_response(int, Buffer *); int mm_answer_sesskey(int, Buffer *); int mm_answer_sessid(int, Buffer *); -#ifdef USE_PAM -int mm_answer_pam_start(int, Buffer *); -#endif - static Authctxt *authctxt; static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ @@ -154,9 +151,6 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, -#ifdef USE_PAM - {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, -#endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, @@ -188,9 +182,6 @@ struct mon_table mon_dispatch_proto15[] = { {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, {MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge}, {MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response}, -#ifdef USE_PAM - {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, -#endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, @@ -199,9 +190,6 @@ struct mon_table mon_dispatch_proto15[] = { {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, #endif -#ifdef USE_PAM - {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, -#endif {0, 0, NULL} }; @@ -275,10 +263,6 @@ monitor_child_preauth(struct monitor *pmonitor) if (authctxt->pw->pw_uid == 0 && !auth_root_allowed(auth_method)) authenticated = 0; -#ifdef USE_PAM - if (!do_pam_account(authctxt->pw->pw_name, NULL)) - authenticated = 0; -#endif } if (ent->flags & MON_AUTHDECIDE) { @@ -526,9 +510,7 @@ mm_answer_pwnamallow(int socket, Buffer *m) buffer_put_cstring(m, pwent->pw_name); buffer_put_cstring(m, "*"); buffer_put_cstring(m, pwent->pw_gecos); -#ifdef HAVE_PW_CLASS_IN_PASSWD buffer_put_cstring(m, pwent->pw_class); -#endif buffer_put_cstring(m, pwent->pw_dir); buffer_put_cstring(m, pwent->pw_shell); @@ -545,9 +527,6 @@ mm_answer_pwnamallow(int socket, Buffer *m) monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); } -#ifdef USE_PAM - monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1); -#endif return (0); } @@ -678,11 +657,11 @@ mm_answer_bsdauthrespond(int socket, Buffer *m) int mm_answer_skeyquery(int socket, Buffer *m) { - struct skey skey; + struct opie opie; char challenge[1024]; int res; - res = skeychallenge(&skey, authctxt->user, challenge); + res = opiechallenge(&opie, authctxt->user, challenge); buffer_clear(m); buffer_put_int(m, res); @@ -705,8 +684,8 @@ mm_answer_skeyrespond(int socket, Buffer *m) authok = (options.challenge_response_authentication && authctxt->valid && - skey_haskey(authctxt->pw->pw_name) == 0 && - skey_passcheck(authctxt->pw->pw_name, response) != -1); + opie_haskey(authctxt->pw->pw_name) == 0 && + opie_passverify(authctxt->pw->pw_name, response) != -1); xfree(response); @@ -722,22 +701,6 @@ mm_answer_skeyrespond(int socket, Buffer *m) } #endif -#ifdef USE_PAM -int -mm_answer_pam_start(int socket, Buffer *m) -{ - char *user; - - user = buffer_get_string(m, NULL); - - start_pam(user); - - xfree(user); - - return (0); -} -#endif - static void mm_append_debug(Buffer *m) { @@ -1491,13 +1454,8 @@ mm_init_compression(struct mm_master *mm) static void monitor_socketpair(int *pair) { -#ifdef HAVE_SOCKETPAIR if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) fatal("%s: socketpair", __func__); -#else - fatal("%s: UsePrivilegeSeparation=yes not supported", - __func__); -#endif FD_CLOSEONEXEC(pair[0]); FD_CLOSEONEXEC(pair[1]); } diff --git a/crypto/openssh/mpaux.c b/crypto/openssh/mpaux.c index 0c48627..d2ef24f 100644 --- a/crypto/openssh/mpaux.c +++ b/crypto/openssh/mpaux.c @@ -14,6 +14,7 @@ #include "includes.h" RCSID("$OpenBSD: mpaux.c,v 1.16 2001/02/08 19:30:52 itojun Exp $"); +RCSID("$FreeBSD$"); #include <openssl/bn.h> #include "getput.h" diff --git a/crypto/openssh/myproposal.h b/crypto/openssh/myproposal.h index 62f5cfb..372ac7e 100644 --- a/crypto/openssh/myproposal.h +++ b/crypto/openssh/myproposal.h @@ -1,4 +1,5 @@ /* $OpenBSD: myproposal.h,v 1.14 2002/04/03 09:26:11 markus Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -24,7 +25,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1" -#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" +#define KEX_DEFAULT_PK_ALG "ssh-dss,ssh-rsa" #define KEX_DEFAULT_ENCRYPT \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \ "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se" diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h index 3ff7559..a97d082 100644 --- a/crypto/openssh/packet.h +++ b/crypto/openssh/packet.h @@ -1,4 +1,5 @@ /* $OpenBSD: packet.h,v 1.35 2002/06/19 18:01:00 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/pathnames.h b/crypto/openssh/pathnames.h index 89e22c7..2c3989c 100644 --- a/crypto/openssh/pathnames.h +++ b/crypto/openssh/pathnames.h @@ -1,4 +1,5 @@ /* $OpenBSD: pathnames.h,v 1.13 2002/05/23 19:24:30 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -13,14 +14,8 @@ */ #define ETCDIR "/etc" - -#ifndef SSHDIR #define SSHDIR ETCDIR "/ssh" -#endif - -#ifndef _PATH_SSH_PIDDIR #define _PATH_SSH_PIDDIR "/var/run" -#endif /* * System-wide file containing host keys of known hosts. This file should be @@ -43,9 +38,7 @@ /* Backwards compatibility */ #define _PATH_DH_PRIMES SSHDIR "/primes" -#ifndef _PATH_SSH_PROGRAM #define _PATH_SSH_PROGRAM "/usr/bin/ssh" -#endif /* * The process id of the daemon listening for connections is saved here to @@ -116,54 +109,20 @@ /* * Default location of askpass */ -#ifndef _PATH_SSH_ASKPASS_DEFAULT #define _PATH_SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass" -#endif /* Location of ssh-keysign for hostbased authentication */ -#ifndef _PATH_SSH_KEY_SIGN -#define _PATH_SSH_KEY_SIGN "/usr/libexec/ssh-keysign" -#endif +#define _PATH_SSH_KEY_SIGN "/usr/libexec/ssh-keysign" /* xauth for X11 forwarding */ -#ifndef _PATH_XAUTH #define _PATH_XAUTH "/usr/X11R6/bin/xauth" -#endif /* UNIX domain socket for X11 server; displaynum will replace %u */ -#ifndef _PATH_UNIX_X #define _PATH_UNIX_X "/tmp/.X11-unix/X%u" -#endif - -/* for scp */ -#ifndef _PATH_CP -#define _PATH_CP "cp" -#endif /* for sftp */ -#ifndef _PATH_SFTP_SERVER #define _PATH_SFTP_SERVER "/usr/libexec/sftp-server" -#endif +#define _PATH_LS "ls" /* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */ -#ifndef _PATH_PRIVSEP_CHROOT_DIR #define _PATH_PRIVSEP_CHROOT_DIR "/var/empty" -#endif - -#ifndef _PATH_LS -#define _PATH_LS "ls" -#endif - -/* path to login program */ -#ifndef LOGIN_PROGRAM -# ifdef LOGIN_PROGRAM_FALLBACK -# define LOGIN_PROGRAM LOGIN_PROGRAM_FALLBACK -# else -# define LOGIN_PROGRAM "/usr/bin/login" -# endif -#endif /* LOGIN_PROGRAM */ - -/* Askpass program define */ -#ifndef ASKPASS_PROGRAM -#define ASKPASS_PROGRAM "/usr/lib/ssh/ssh-askpass" -#endif /* ASKPASS_PROGRAM */ diff --git a/crypto/openssh/pty.c b/crypto/openssh/pty.c deleted file mode 100644 index 9300bd5..0000000 --- a/crypto/openssh/pty.c +++ /dev/null @@ -1,275 +0,0 @@ -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * Allocating a pseudo-terminal, and making it the controlling tty. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -#include "includes.h" -RCSID("$OpenBSD: pty.c,v 1.16 2000/09/07 21:13:37 markus Exp $"); - -#include <util.h> -#include "pty.h" -#include "ssh.h" - -/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */ -#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY) -#undef HAVE_DEV_PTMX -#endif - -#ifndef O_NOCTTY -#define O_NOCTTY 0 -#endif - -/* - * Allocates and opens a pty. Returns 0 if no pty could be allocated, or - * nonzero if a pty was successfully allocated. On success, open file - * descriptors for the pty and tty sides and the name of the tty side are - * returned (the buffer must be able to hold at least 64 characters). - */ - -int -pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) -{ -#if defined(HAVE_OPENPTY) || defined(BSD4_4) - /* openpty(3) exists in OSF/1 and some other os'es */ - char buf[64]; - int i; - - i = openpty(ptyfd, ttyfd, buf, NULL, NULL); - if (i < 0) { - error("openpty: %.100s", strerror(errno)); - return 0; - } - strlcpy(namebuf, buf, namebuflen); /* possible truncation */ - return 1; -#else /* HAVE_OPENPTY */ -#ifdef HAVE__GETPTY - /* - * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more - * pty's automagically when needed - */ - char *slave; - - slave = _getpty(ptyfd, O_RDWR, 0622, 0); - if (slave == NULL) { - error("_getpty: %.100s", strerror(errno)); - return 0; - } - strlcpy(namebuf, slave, namebuflen); - /* Open the slave side. */ - *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); - if (*ttyfd < 0) { - error("%.200s: %.100s", namebuf, strerror(errno)); - close(*ptyfd); - return 0; - } - return 1; -#else /* HAVE__GETPTY */ -#ifdef HAVE_DEV_PTMX - /* - * This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3 - * also has bsd-style ptys, but they simply do not work.) - */ - int ptm; - char *pts; - - ptm = open("/dev/ptmx", O_RDWR | O_NOCTTY); - if (ptm < 0) { - error("/dev/ptmx: %.100s", strerror(errno)); - return 0; - } - if (grantpt(ptm) < 0) { - error("grantpt: %.100s", strerror(errno)); - return 0; - } - if (unlockpt(ptm) < 0) { - error("unlockpt: %.100s", strerror(errno)); - return 0; - } - pts = ptsname(ptm); - if (pts == NULL) - error("Slave pty side name could not be obtained."); - strlcpy(namebuf, pts, namebuflen); - *ptyfd = ptm; - - /* Open the slave side. */ - *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); - if (*ttyfd < 0) { - error("%.100s: %.100s", namebuf, strerror(errno)); - close(*ptyfd); - return 0; - } - /* Push the appropriate streams modules, as described in Solaris pts(7). */ - if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) - error("ioctl I_PUSH ptem: %.100s", strerror(errno)); - if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0) - error("ioctl I_PUSH ldterm: %.100s", strerror(errno)); - if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) - error("ioctl I_PUSH ttcompat: %.100s", strerror(errno)); - return 1; -#else /* HAVE_DEV_PTMX */ -#ifdef HAVE_DEV_PTS_AND_PTC - /* AIX-style pty code. */ - const char *name; - - *ptyfd = open("/dev/ptc", O_RDWR | O_NOCTTY); - if (*ptyfd < 0) { - error("Could not open /dev/ptc: %.100s", strerror(errno)); - return 0; - } - name = ttyname(*ptyfd); - if (!name) - fatal("Open of /dev/ptc returns device for which ttyname fails."); - strlcpy(namebuf, name, namebuflen); - *ttyfd = open(name, O_RDWR | O_NOCTTY); - if (*ttyfd < 0) { - error("Could not open pty slave side %.100s: %.100s", - name, strerror(errno)); - close(*ptyfd); - return 0; - } - return 1; -#else /* HAVE_DEV_PTS_AND_PTC */ - /* BSD-style pty code. */ - char buf[64]; - int i; - const char *ptymajors = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ"; - const char *ptyminors = "0123456789abcdef"; - int num_minors = strlen(ptyminors); - int num_ptys = strlen(ptymajors) * num_minors; - - for (i = 0; i < num_ptys; i++) { - snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors], - ptyminors[i % num_minors]); - *ptyfd = open(buf, O_RDWR | O_NOCTTY); - if (*ptyfd < 0) - continue; - snprintf(namebuf, namebuflen, "/dev/tty%c%c", - ptymajors[i / num_minors], ptyminors[i % num_minors]); - - /* Open the slave side. */ - *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); - if (*ttyfd < 0) { - error("%.100s: %.100s", namebuf, strerror(errno)); - close(*ptyfd); - return 0; - } - return 1; - } - return 0; -#endif /* HAVE_DEV_PTS_AND_PTC */ -#endif /* HAVE_DEV_PTMX */ -#endif /* HAVE__GETPTY */ -#endif /* HAVE_OPENPTY */ -} - -/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */ - -void -pty_release(const char *ttyname) -{ - if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0) - error("chown %.100s 0 0 failed: %.100s", ttyname, strerror(errno)); - if (chmod(ttyname, (mode_t) 0666) < 0) - error("chmod %.100s 0666 failed: %.100s", ttyname, strerror(errno)); -} - -/* Makes the tty the processes controlling tty and sets it to sane modes. */ - -void -pty_make_controlling_tty(int *ttyfd, const char *ttyname) -{ - int fd; - - /* First disconnect from the old controlling tty. */ -#ifdef TIOCNOTTY - fd = open("/dev/tty", O_RDWR | O_NOCTTY); - if (fd >= 0) { - (void) ioctl(fd, TIOCNOTTY, NULL); - close(fd); - } -#endif /* TIOCNOTTY */ - if (setsid() < 0) - error("setsid: %.100s", strerror(errno)); - - /* - * Verify that we are successfully disconnected from the controlling - * tty. - */ - fd = open("/dev/tty", O_RDWR | O_NOCTTY); - if (fd >= 0) { - error("Failed to disconnect from controlling tty."); - close(fd); - } - /* Make it our controlling tty. */ -#ifdef TIOCSCTTY - debug("Setting controlling tty using TIOCSCTTY."); - /* - * We ignore errors from this, because HPSUX defines TIOCSCTTY, but - * returns EINVAL with these arguments, and there is absolutely no - * documentation. - */ - ioctl(*ttyfd, TIOCSCTTY, NULL); -#endif /* TIOCSCTTY */ - fd = open(ttyname, O_RDWR); - if (fd < 0) - error("%.100s: %.100s", ttyname, strerror(errno)); - else - close(fd); - - /* Verify that we now have a controlling tty. */ - fd = open("/dev/tty", O_WRONLY); - if (fd < 0) - error("open /dev/tty failed - could not set controlling tty: %.100s", - strerror(errno)); - else { - close(fd); - } -} - -/* Changes the window size associated with the pty. */ - -void -pty_change_window_size(int ptyfd, int row, int col, - int xpixel, int ypixel) -{ - struct winsize w; - w.ws_row = row; - w.ws_col = col; - w.ws_xpixel = xpixel; - w.ws_ypixel = ypixel; - (void) ioctl(ptyfd, TIOCSWINSZ, &w); -} - -void -pty_setowner(struct passwd *pw, const char *ttyname) -{ - struct group *grp; - gid_t gid; - mode_t mode; - - /* Determine the group to make the owner of the tty. */ - grp = getgrnam("tty"); - if (grp) { - gid = grp->gr_gid; - mode = S_IRUSR | S_IWUSR | S_IWGRP; - } else { - gid = pw->pw_gid; - mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH; - } - - /* Change ownership of the tty. */ - if (chown(ttyname, pw->pw_uid, gid) < 0) - fatal("chown(%.100s, %d, %d) failed: %.100s", - ttyname, pw->pw_uid, gid, strerror(errno)); - if (chmod(ttyname, mode) < 0) - fatal("chmod(%.100s, 0%o) failed: %.100s", - ttyname, mode, strerror(errno)); -} diff --git a/crypto/openssh/pty.h b/crypto/openssh/pty.h deleted file mode 100644 index 13d8e60..0000000 --- a/crypto/openssh/pty.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * Functions for allocating a pseudo-terminal and making it the controlling - * tty. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -/* RCSID("$OpenBSD: pty.h,v 1.8 2000/09/07 20:27:52 deraadt Exp $"); */ - -#ifndef PTY_H -#define PTY_H - -/* - * Allocates and opens a pty. Returns 0 if no pty could be allocated, or - * nonzero if a pty was successfully allocated. On success, open file - * descriptors for the pty and tty sides and the name of the tty side are - * returned (the buffer must be able to hold at least 64 characters). - */ -int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname, int ttynamelen); - -/* - * Releases the tty. Its ownership is returned to root, and permissions to - * 0666. - */ -void pty_release(const char *ttyname); - -/* - * Makes the tty the processes controlling tty and sets it to sane modes. - * This may need to reopen the tty to get rid of possible eavesdroppers. - */ -void pty_make_controlling_tty(int *ttyfd, const char *ttyname); - -/* Changes the window size associated with the pty. */ -void -pty_change_window_size(int ptyfd, int row, int col, - int xpixel, int ypixel); - -void pty_setowner(struct passwd *pw, const char *ttyname); - -#endif /* PTY_H */ diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index 80d99fe..ca5b27f 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -13,6 +13,7 @@ #include "includes.h" RCSID("$OpenBSD: readconf.c,v 1.100 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include "ssh.h" #include "xmalloc.h" @@ -114,6 +115,7 @@ typedef enum { oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, + oVersionAddendum, oDeprecated } OpCodes; @@ -186,6 +188,7 @@ static struct { { "smartcarddevice", oSmartcardDevice }, { "clearallforwardings", oClearAllForwardings }, { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, + { "versionaddendum", oVersionAddendum }, { NULL, oBadOption } }; @@ -199,11 +202,9 @@ add_local_forward(Options *options, u_short port, const char *host, u_short host_port) { Forward *fwd; -#ifndef HAVE_CYGWIN extern uid_t original_real_uid; if (port < IPPORT_RESERVED && original_real_uid != 0) fatal("Privileged ports can only be forwarded by root."); -#endif if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->local_forwards[options->num_local_forwards++]; @@ -669,6 +670,13 @@ parse_int: *intptr = value; break; + case oVersionAddendum: + ssh_version_set_addendum(strtok(s, "\n")); + do { + arg = strdelim(&s); + } while (arg != NULL && *arg != '\0'); + break; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -846,7 +854,7 @@ fill_default_options(Options * options) if (options->batch_mode == -1) options->batch_mode = 0; if (options->check_host_ip == -1) - options->check_host_ip = 1; + options->check_host_ip = 0; if (options->strict_host_key_checking == -1) options->strict_host_key_checking = 2; /* 2 is default */ if (options->compression == -1) diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index 92af535..9d32622 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,4 +1,5 @@ /* $OpenBSD: readconf.h,v 1.43 2002/06/08 05:17:01 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/rijndael.c b/crypto/openssh/rijndael.c index 448048e..fa05e4c 100644 --- a/crypto/openssh/rijndael.c +++ b/crypto/openssh/rijndael.c @@ -1,4 +1,5 @@ /* $OpenBSD: rijndael.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $ */ +/* $FreeBSD$ */ /** * rijndael-alg-fst.c @@ -25,8 +26,7 @@ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "includes.h" - +#include <sys/types.h> #include <stdlib.h> #include <string.h> diff --git a/crypto/openssh/rsa.c b/crypto/openssh/rsa.c index 66561a4..ae936f0 100644 --- a/crypto/openssh/rsa.c +++ b/crypto/openssh/rsa.c @@ -61,6 +61,7 @@ #include "includes.h" RCSID("$OpenBSD: rsa.c,v 1.24 2001/12/27 18:22:16 markus Exp $"); +RCSID("$FreeBSD$"); #include "rsa.h" #include "log.h" diff --git a/crypto/openssh/rsa.h b/crypto/openssh/rsa.h index 957d865..5ea6e28 100644 --- a/crypto/openssh/rsa.h +++ b/crypto/openssh/rsa.h @@ -1,4 +1,5 @@ /* $OpenBSD: rsa.h,v 1.15 2002/03/04 17:27:39 stevesk Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index fb6332c..415ecca 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -11,18 +11,13 @@ #include "includes.h" RCSID("$OpenBSD: servconf.c,v 1.111 2002/06/20 23:05:55 markus Exp $"); +RCSID("$FreeBSD$"); #if defined(KRB4) #include <krb.h> #endif #if defined(KRB5) -#ifdef HEIMDAL -#include <krb.h> -#else -/* Bodge - but then, so is using the kerberos IV KEYFILE to get a Kerberos V - * keytab */ -#define KEYFILE "/etc/krb5.keytab" -#endif +#include <krb5.h> #endif #ifdef AFS #include <kafs.h> @@ -54,11 +49,6 @@ void initialize_server_options(ServerOptions *options) { memset(options, 0, sizeof(*options)); - - /* Portable-specific options */ - options->pam_authentication_via_kbd_int = -1; - - /* Standard Options */ options->num_ports = 0; options->ports_from_cmdline = 0; options->listen_addrs = NULL; @@ -112,6 +102,7 @@ initialize_server_options(ServerOptions *options) options->macs = NULL; options->protocol = SSH_PROTO_UNKNOWN; options->gateway_ports = -1; + options->connections_period = 0; options->num_subsystems = 0; options->max_startups_begin = -1; options->max_startups_rate = -1; @@ -122,6 +113,7 @@ initialize_server_options(ServerOptions *options) options->client_alive_count_max = -1; options->authorized_keys_file = NULL; options->authorized_keys_file2 = NULL; + options->check_mail = -1; /* Needs to be accessable in many places */ use_privsep = -1; @@ -130,11 +122,6 @@ initialize_server_options(ServerOptions *options) void fill_default_server_options(ServerOptions *options) { - /* Portable-specific options */ - if (options->pam_authentication_via_kbd_int == -1) - options->pam_authentication_via_kbd_int = 0; - - /* Standard Options */ if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->num_host_key_files == 0) { @@ -144,8 +131,6 @@ fill_default_server_options(ServerOptions *options) _PATH_HOST_KEY_FILE; if (options->protocol & SSH_PROTO_2) { options->host_key_files[options->num_host_key_files++] = - _PATH_HOST_RSA_KEY_FILE; - options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE; } } @@ -158,21 +143,23 @@ fill_default_server_options(ServerOptions *options) if (options->server_key_bits == -1) options->server_key_bits = 768; if (options->login_grace_time == -1) - options->login_grace_time = 600; + options->login_grace_time = 120; if (options->key_regeneration_time == -1) options->key_regeneration_time = 3600; if (options->permit_root_login == PERMIT_NOT_SET) - options->permit_root_login = PERMIT_YES; + options->permit_root_login = PERMIT_NO; if (options->ignore_rhosts == -1) options->ignore_rhosts = 1; if (options->ignore_user_known_hosts == -1) options->ignore_user_known_hosts = 0; + if (options->check_mail == -1) + options->check_mail = 1; if (options->print_motd == -1) options->print_motd = 1; if (options->print_lastlog == -1) options->print_lastlog = 1; if (options->x11_forwarding == -1) - options->x11_forwarding = 0; + options->x11_forwarding = 1; if (options->x11_display_offset == -1) options->x11_display_offset = 10; if (options->x11_use_localhost == -1) @@ -199,9 +186,20 @@ fill_default_server_options(ServerOptions *options) options->rsa_authentication = 1; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; -#if defined(KRB4) || defined(KRB5) +#if defined(KRB4) && defined(KRB5) + if (options->kerberos_authentication == -1) + options->kerberos_authentication = + (access(KEYFILE, R_OK) == 0 || + (access(krb5_defkeyname, R_OK) == 0)); +#elif defined(KRB4) if (options->kerberos_authentication == -1) - options->kerberos_authentication = 0; + options->kerberos_authentication = (access(KEYFILE, R_OK) == 0); +#elif defined(KRB5) + if (options->kerberos_authentication == -1) + options->kerberos_authentication = + (access(krb5_defkeyname, R_OK) == 0); +#endif +#if defined(KRB4) || defined(KRB5) if (options->kerberos_or_local_passwd == -1) options->kerberos_or_local_passwd = 1; if (options->kerberos_ticket_cleanup == -1) @@ -253,27 +251,14 @@ fill_default_server_options(ServerOptions *options) if (options->authorized_keys_file == NULL) options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; - /* Turn privilege separation on by default */ + /* Turn privilege separation off by default */ if (use_privsep == -1) - use_privsep = 1; - -#if !defined(HAVE_MMAP) || !defined(MAP_ANON) - if (use_privsep && options->compression == 1) { - error("This platform does not support both privilege " - "separation and compression"); - error("Compression disabled"); - options->compression = 0; - } -#endif - + use_privsep = 0; } /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ - /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, - /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -299,6 +284,7 @@ typedef enum { sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, sUsePrivilegeSeparation, + sCheckMail, sVersionAddendum, sDeprecated } ServerOpCodes; @@ -307,9 +293,6 @@ static struct { const char *name; ServerOpCodes opcode; } keywords[] = { - /* Portable-specific options */ - { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, - /* Standard Options */ { "port", sPort }, { "hostkey", sHostKeyFile }, { "hostdsakey", sHostKeyFile }, /* alias */ @@ -342,7 +325,6 @@ static struct { { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, { "challengeresponseauthentication", sChallengeResponseAuthentication }, { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ - { "checkmail", sDeprecated }, { "listenaddress", sListenAddress }, { "printmotd", sPrintMotd }, { "printlastlog", sPrintLastLog }, @@ -376,6 +358,8 @@ static struct { { "authorizedkeysfile", sAuthorizedKeysFile }, { "authorizedkeysfile2", sAuthorizedKeysFile2 }, { "useprivilegeseparation", sUsePrivilegeSeparation}, + { "checkmail", sCheckMail }, + { "versionaddendum", sVersionAddendum }, { NULL, sBadOption } }; @@ -454,12 +438,6 @@ process_server_config_line(ServerOptions *options, char *line, charptr = NULL; opcode = parse_token(arg, filename, linenum); switch (opcode) { - /* Portable-specific options */ - case sPAMAuthenticationViaKbdInt: - intptr = &options->pam_authentication_via_kbd_int; - goto parse_flag; - - /* Standard Options */ case sBadOption: return -1; case sPort: @@ -906,6 +884,17 @@ parse_flag: arg = strdelim(&cp); break; + case sCheckMail: + intptr = &options->check_mail; + goto parse_flag; + + case sVersionAddendum: + ssh_version_set_addendum(strtok(cp, "\n")); + do { + arg = strdelim(&cp); + } while (arg != NULL && *arg != '\0'); + break; + default: fatal("%s line %d: Missing handler for opcode %s (%d)", filename, linenum, arg, opcode); diff --git a/crypto/openssh/servconf.h b/crypto/openssh/servconf.h index c94f541..862832a 100644 --- a/crypto/openssh/servconf.h +++ b/crypto/openssh/servconf.h @@ -1,4 +1,5 @@ /* $OpenBSD: servconf.h,v 1.58 2002/06/20 23:05:55 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -52,6 +53,7 @@ typedef struct { * for RhostsRsaAuth */ int print_motd; /* If true, print /etc/motd. */ int print_lastlog; /* If true, print lastlog */ + int check_mail; /* If true, check for new mail */ int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ int x11_display_offset; /* What DISPLAY number to start * searching at */ @@ -108,6 +110,7 @@ typedef struct { char *allow_groups[MAX_ALLOW_GROUPS]; u_int num_deny_groups; char *deny_groups[MAX_DENY_GROUPS]; + unsigned int connections_period; u_int num_subsystems; char *subsystem_name[MAX_SUBSYSTEMS]; @@ -130,7 +133,6 @@ typedef struct { char *authorized_keys_file; /* File containing public keys */ char *authorized_keys_file2; - int pam_authentication_via_kbd_int; } ServerOptions; void initialize_server_options(ServerOptions *); diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c index 1a148fc..9210050 100644 --- a/crypto/openssh/serverloop.c +++ b/crypto/openssh/serverloop.c @@ -36,6 +36,7 @@ #include "includes.h" RCSID("$OpenBSD: serverloop.c,v 1.102 2002/06/11 05:46:20 mpech Exp $"); +RCSID("$FreeBSD$"); #include "xmalloc.h" #include "packet.h" @@ -143,7 +144,7 @@ sigchld_handler(int sig) int save_errno = errno; debug("Received SIGCHLD."); child_terminated = 1; - mysignal(SIGCHLD, sigchld_handler); + signal(SIGCHLD, sigchld_handler); notify_parent(); errno = save_errno; } @@ -496,7 +497,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) /* Initialize the SIGCHLD kludge. */ child_terminated = 0; - mysignal(SIGCHLD, sigchld_handler); + signal(SIGCHLD, sigchld_handler); /* Initialize our global variables. */ fdin = fdin_arg; @@ -668,7 +669,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) channel_free_all(); /* We no longer want our SIGCHLD handler to be called. */ - mysignal(SIGCHLD, SIG_DFL); + signal(SIGCHLD, SIG_DFL); while ((wait_pid = waitpid(-1, &wait_status, 0)) < 0) if (errno != EINTR) @@ -740,7 +741,7 @@ server_loop2(Authctxt *authctxt) debug("Entering interactive session for SSH2."); - mysignal(SIGCHLD, sigchld_handler); + signal(SIGCHLD, sigchld_handler); child_terminated = 0; connection_in = packet_get_connection_in(); connection_out = packet_get_connection_out(); diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index 6169f33..3cd12d4 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -34,6 +34,7 @@ #include "includes.h" RCSID("$OpenBSD: session.c,v 1.138 2002/06/20 23:05:55 markus Exp $"); +RCSID("$FreeBSD$"); #include "ssh.h" #include "ssh1.h" @@ -58,10 +59,15 @@ RCSID("$OpenBSD: session.c,v 1.138 2002/06/20 23:05:55 markus Exp $"); #include "session.h" #include "monitor_wrap.h" -#ifdef HAVE_CYGWIN -#include <windows.h> -#include <sys/cygwin.h> -#define is_winnt (GetVersion() < 0x80000000) +#ifdef __FreeBSD__ +#define _PATH_CHPASS "/usr/bin/passwd" +#endif /* __FreeBSD__ */ + +#if defined(HAVE_LOGIN_CAP) || defined(USE_PAM) +#include <libgen.h> +#endif +#ifdef HAVE_LOGIN_CAP +#include <login_cap.h> #endif /* func */ @@ -75,9 +81,6 @@ void do_exec_pty(Session *, const char *); void do_exec_no_pty(Session *, const char *); void do_exec(Session *, const char *); void do_login(Session *, const char *); -#ifdef LOGIN_NEEDS_UTMPX -static void do_pre_login(Session *s); -#endif void do_child(Session *, const char *); void do_motd(void); int check_quietlogin(Session *, const char *); @@ -103,10 +106,6 @@ const char *original_command = NULL; #define MAX_SESSIONS 10 Session sessions[MAX_SESSIONS]; -#ifdef WITH_AIXAUTHENTICATE -char *aixloginmsg; -#endif /* WITH_AIXAUTHENTICATE */ - #ifdef HAVE_LOGIN_CAP login_cap_t *lc; #endif @@ -210,14 +209,6 @@ do_authenticated(Authctxt *authctxt) close(startup_pipe); startup_pipe = -1; } -#ifdef WITH_AIXAUTHENTICATE - /* We don't have a pty yet, so just label the line as "ssh" */ - if (loginsuccess(authctxt->user, - get_canonical_hostname(options.verify_reverse_mapping), - "ssh", &aixloginmsg) < 0) - aixloginmsg = NULL; -#endif /* WITH_AIXAUTHENTICATE */ - /* setup the channel layer */ if (!no_port_forwarding_flag && options.allow_tcp_forwarding) channel_permit_all_opens(); @@ -460,12 +451,8 @@ do_exec_no_pty(Session *s, const char *command) session_proctitle(s); -#if defined(USE_PAM) - do_pam_session(s->pw->pw_name, NULL); - do_pam_setcred(1); - if (is_pam_password_change_required()) - packet_disconnect("Password change required but no " - "TTY available"); +#ifdef USE_PAM + do_pam_setcred(); #endif /* USE_PAM */ /* Fork the child. */ @@ -521,10 +508,6 @@ do_exec_no_pty(Session *s, const char *command) do_child(s, command); /* NOTREACHED */ } -#ifdef HAVE_CYGWIN - if (is_winnt) - cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); -#endif if (pid < 0) packet_disconnect("fork failed: %.100s", strerror(errno)); s->pid = pid; @@ -578,10 +561,10 @@ do_exec_pty(Session *s, const char *command) ptyfd = s->ptyfd; ttyfd = s->ttyfd; -#if defined(USE_PAM) - do_pam_session(s->pw->pw_name, s->tty); - do_pam_setcred(1); -#endif +#ifdef USE_PAM + do_pam_session(s->pw->pw_name, basename(s->tty)); + do_pam_setcred(); +#endif /* USE_PAM */ /* Fork the child. */ if ((pid = fork()) == 0) { @@ -606,23 +589,13 @@ do_exec_pty(Session *s, const char *command) close(ttyfd); /* record login, etc. similar to login(1) */ -#ifndef HAVE_OSF_SIA if (!(options.use_login && command == NULL)) do_login(s, command); -# ifdef LOGIN_NEEDS_UTMPX - else - do_pre_login(s); -# endif -#endif /* Do common processing for the child, such as execing the command. */ do_child(s, command); /* NOTREACHED */ } -#ifdef HAVE_CYGWIN - if (is_winnt) - cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); -#endif if (pid < 0) packet_disconnect("fork failed: %.100s", strerror(errno)); s->pid = pid; @@ -655,34 +628,6 @@ do_exec_pty(Session *s, const char *command) } } -#ifdef LOGIN_NEEDS_UTMPX -static void -do_pre_login(Session *s) -{ - socklen_t fromlen; - struct sockaddr_storage from; - pid_t pid = getpid(); - - /* - * Get IP address of client. If the connection is not a socket, let - * the address be 0.0.0.0. - */ - memset(&from, 0, sizeof(from)); - if (packet_connection_is_on_socket()) { - fromlen = sizeof(from); - if (getpeername(packet_get_connection_in(), - (struct sockaddr *) & from, &fromlen) < 0) { - debug("getpeername: %.100s", strerror(errno)); - fatal_cleanup(); - } - } - - record_utmp_only(pid, s->tty, s->pw->pw_name, - get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), - (struct sockaddr *)&from); -} -#endif - /* * This is called to fork and execute a command. If another command is * to be forced, execute that instead. @@ -709,12 +654,24 @@ do_exec(Session *s, const char *command) void do_login(Session *s, const char *command) { +#ifndef USE_PAM char *time_string; +#endif socklen_t fromlen; struct sockaddr_storage from; struct passwd * pw = s->pw; pid_t pid = getpid(); +#ifdef __FreeBSD__ +#define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */ + struct timeval tv; + time_t warntime = DEFAULT_WARN; +#endif /* __FreeBSD__ */ +#ifdef USE_PAM + /* + * Let PAM handle utmp / wtmp. + */ +#else /* * Get IP address of client. If the connection is not a socket, let * the address be 0.0.0.0. @@ -728,38 +685,104 @@ do_login(Session *s, const char *command) fatal_cleanup(); } } - - /* Record that there was a login on that tty from the remote host. */ - if (!use_privsep) - record_login(pid, s->tty, pw->pw_name, pw->pw_uid, - get_remote_name_or_ip(utmp_len, - options.verify_reverse_mapping), - (struct sockaddr *)&from); +#endif #ifdef USE_PAM /* * If password change is needed, do it now. * This needs to occur before the ~/.hushlogin check. */ - if (is_pam_password_change_required()) { + if (pam_password_change_required()) { print_pam_messages(); do_pam_chauthtok(); } #endif +#ifdef __FreeBSD__ + if (pw->pw_change || pw->pw_expire) + (void)gettimeofday(&tv, NULL); +#ifdef HAVE_LOGIN_CAP + warntime = login_getcaptime(lc, "warnpassword", + DEFAULT_WARN, DEFAULT_WARN); +#endif /* HAVE_LOGIN_CAP */ +#ifndef USE_PAM + /* + * If the password change time is set and has passed, give the + * user a password expiry notice and chance to change it. + */ + if (pw->pw_change != 0) { + if (tv.tv_sec >= pw->pw_change) { + (void)printf( + "Sorry -- your password has expired.\n"); + log("%s Password expired - forcing change", + pw->pw_name); + if (newcommand != NULL) + xfree(newcommand); + newcommand = xstrdup(_PATH_CHPASS); + } else if (pw->pw_change - tv.tv_sec < warntime && + !check_quietlogin(s, command)) + (void)printf( + "Warning: your password expires on %s", + ctime(&pw->pw_change)); + } +#endif +#ifdef HAVE_LOGIN_CAP + warntime = login_getcaptime(lc, "warnexpire", + DEFAULT_WARN, DEFAULT_WARN); +#endif /* HAVE_LOGIN_CAP */ +#ifndef USE_PAM + if (pw->pw_expire) { + if (tv.tv_sec >= pw->pw_expire) { + (void)printf( + "Sorry -- your account has expired.\n"); + log( + "LOGIN %.200s REFUSED (EXPIRED) FROM %.200s ON TTY %.200s", + pw->pw_name, get_remote_name_or_ip(utmp_len, + options.verify_reverse_mapping), s->tty); + exit(254); + } else if (pw->pw_expire - tv.tv_sec < warntime && + !check_quietlogin(s, command)) + (void)printf( + "Warning: your account expires on %s", + ctime(&pw->pw_expire)); + } +#endif /* !USE_PAM */ +#endif /* __FreeBSD__ */ +#ifdef HAVE_LOGIN_CAP + if (!auth_ttyok(lc, basename(s->tty))) { + (void)printf("Permission denied.\n"); + log( + "LOGIN %.200s REFUSED (TTY) FROM %.200s ON TTY %.200s", + pw->pw_name, get_remote_name_or_ip(utmp_len, + options.verify_reverse_mapping), s->tty); + exit(254); + } +#endif /* HAVE_LOGIN_CAP */ - if (check_quietlogin(s, command)) - return; + /* Record that there was a login on that tty from the remote host. */ + if (!use_privsep) + record_login(pid, s->tty, pw->pw_name, pw->pw_uid, + get_remote_name_or_ip(utmp_len, + options.verify_reverse_mapping), + (struct sockaddr *)&from); #ifdef USE_PAM - if (!is_pam_password_change_required()) + if (command == NULL && options.print_lastlog && + !check_quietlogin(s, command) && + !options.use_login && !pam_password_change_required()) print_pam_messages(); -#endif /* USE_PAM */ -#ifdef WITH_AIXAUTHENTICATE - if (aixloginmsg && *aixloginmsg) - printf("%s\n", aixloginmsg); -#endif /* WITH_AIXAUTHENTICATE */ +#else /* !USE_PAM */ + /* + * If the user has logged in before, display the time of last + * login. However, don't display anything extra if a command + * has been specified (so that ssh can be used to execute + * commands on a remote machine without users knowing they + * are going to another machine). Login(1) will do this for + * us as well, so check if login(1) is used + */ - if (options.print_lastlog && s->last_login_time != 0) { + if (command == NULL && options.print_lastlog && + s->last_login_time != 0 && !check_quietlogin(s, command) && + !options.use_login) { time_string = ctime(&s->last_login_time); if (strchr(time_string, '\n')) *strchr(time_string, '\n') = 0; @@ -769,8 +792,35 @@ do_login(Session *s, const char *command) printf("Last login: %s from %s\r\n", time_string, s->hostname); } +#endif /* !USE_PAM */ - do_motd(); + if (command == NULL && !check_quietlogin(s, command) && + !options.use_login) { +#ifdef HAVE_LOGIN_CAP + const char *fname; + char buf[256]; + FILE *f; + + fname = login_getcapstr(lc, "copyright", NULL, NULL); + if (fname != NULL && (f = fopen(fname, "r")) != NULL) { + while (fgets(buf, sizeof(buf), f) != NULL) + fputs(buf, stdout); + fclose(f); + } else +#endif /* HAVE_LOGIN_CAP */ + (void)printf("%s\n\t%s %s\n", + "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", + "The Regents of the University of California. ", + "All rights reserved."); + (void)printf("\n"); + /* + * Print /etc/motd unless a command was specified or printing + * it was disabled in server options or login(1) will be + * used. Note that some machines appear to print it in + * /etc/profile or similar. + */ + do_motd(); + } } /* @@ -902,83 +952,76 @@ read_environment_file(char ***env, u_int *envsize, fclose(f); } -void copy_environment(char **source, char ***env, u_int *envsize) +#ifdef USE_PAM +/* + * Sets any environment variables which have been specified by PAM + */ +static void +do_pam_environment(char ***env, u_int *envsize) { - char *var_name, *var_val; + char *equals, var_name[512], var_val[512]; + char **pam_env; int i; - if (source == NULL) + if ((pam_env = fetch_pam_environment()) == NULL) return; - - for(i = 0; source[i] != NULL; i++) { - var_name = xstrdup(source[i]); - if ((var_val = strstr(var_name, "=")) == NULL) { - xfree(var_name); + + for(i = 0; pam_env[i] != NULL; i++) { + if ((equals = strstr(pam_env[i], "=")) == NULL) continue; - } - *var_val++ = '\0'; + + if (strlen(pam_env[i]) < (sizeof(var_name) - 1)) { + memset(var_name, '\0', sizeof(var_name)); + memset(var_val, '\0', sizeof(var_val)); + + strncpy(var_name, pam_env[i], equals - pam_env[i]); + strcpy(var_val, equals + 1); - debug3("Copy environment: %s=%s", var_name, var_val); - child_set_env(env, envsize, var_name, var_val); - - xfree(var_name); + child_set_env(env, envsize, var_name, var_val); + } } } +#endif /* USE_PAM */ static char ** -do_setup_env(Session *s, const char *shell) +do_setup_env(char **env, Session *s, const char *shell) { char buf[256]; u_int i, envsize; - char **env; struct passwd *pw = s->pw; - /* Initialize the environment. */ - envsize = 100; - env = xmalloc(envsize * sizeof(char *)); - env[0] = NULL; - -#ifdef HAVE_CYGWIN - /* - * The Windows environment contains some setting which are - * important for a running system. They must not be dropped. - */ - copy_environment(environ, &env, &envsize); -#endif + if (env == NULL) { + /* Initialize the environment. */ + envsize = 100; + env = xmalloc(envsize * sizeof(char *)); + env[0] = NULL; + } else { + for (envsize = 0; env[envsize] != NULL; ++envsize) + ; + envsize = (envsize < 100) ? 100 : envsize + 50; + env = xrealloc(env, envsize * sizeof(char *)); + } if (!options.use_login) { /* Set basic environment. */ child_set_env(&env, &envsize, "USER", pw->pw_name); child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); child_set_env(&env, &envsize, "HOME", pw->pw_dir); -#ifdef HAVE_LOGIN_CAP - (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH); - child_set_env(&env, &envsize, "PATH", getenv("PATH")); -#else /* HAVE_LOGIN_CAP */ -# ifndef HAVE_CYGWIN - /* - * There's no standard path on Windows. The path contains - * important components pointing to the system directories, - * needed for loading shared libraries. So the path better - * remains intact here. - */ -# ifdef SUPERUSER_PATH - child_set_env(&env, &envsize, "PATH", - s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH); -# else +#ifndef HAVE_LOGIN_CAP child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); -# endif /* SUPERUSER_PATH */ -# endif /* HAVE_CYGWIN */ -#endif /* HAVE_LOGIN_CAP */ snprintf(buf, sizeof buf, "%.200s/%.50s", _PATH_MAILDIR, pw->pw_name); child_set_env(&env, &envsize, "MAIL", buf); +#endif /* !HAVE_LOGIN_CAP */ /* Normal systems set SHELL by default. */ child_set_env(&env, &envsize, "SHELL", shell); } if (getenv("TZ")) +#ifdef HAVE_LOGIN_CAP + if (options.use_login) +#endif /* HAVE_LOGIN_CAP */ child_set_env(&env, &envsize, "TZ", getenv("TZ")); /* Set custom environment options from RSA authentication. */ @@ -1012,18 +1055,6 @@ do_setup_env(Session *s, const char *shell) if (original_command) child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", original_command); - -#ifdef _AIX - { - char *cp; - - if ((cp = getenv("AUTHSTATE")) != NULL) - child_set_env(&env, &envsize, "AUTHSTATE", cp); - if ((cp = getenv("KRB5CCNAME")) != NULL) - child_set_env(&env, &envsize, "KRB5CCNAME", cp); - read_environment_file(&env, &envsize, "/etc/environment"); - } -#endif #ifdef KRB4 if (s->authctxt->krb4_ticket_file) child_set_env(&env, &envsize, "KRBTKFILE", @@ -1034,9 +1065,10 @@ do_setup_env(Session *s, const char *shell) child_set_env(&env, &envsize, "KRB5CCNAME", s->authctxt->krb5_ticket_file); #endif + #ifdef USE_PAM /* Pull in any environment variables that may have been set by PAM. */ - copy_environment(fetch_pam_environment(), &env, &envsize); + do_pam_environment(&env, &envsize); #endif /* USE_PAM */ if (auth_sock_name != NULL) @@ -1149,30 +1181,47 @@ do_nologin(struct passwd *pw) } /* Set login name, uid, gid, and groups. */ -void +char ** do_setusercontext(struct passwd *pw) { -#ifdef HAVE_CYGWIN - if (is_winnt) { -#else /* HAVE_CYGWIN */ - if (getuid() == 0 || geteuid() == 0) { -#endif /* HAVE_CYGWIN */ -#ifdef HAVE_SETPCRED - setpcred(pw->pw_name); -#endif /* HAVE_SETPCRED */ + char **env = NULL; #ifdef HAVE_LOGIN_CAP - if (setusercontext(lc, pw, pw->pw_uid, - (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { - perror("unable to set user context"); - exit(1); - } -#else -# if defined(HAVE_GETLUID) && defined(HAVE_SETLUID) - /* Sets login uid for accounting */ - if (getluid() == -1 && setluid(pw->pw_uid) == -1) - error("setluid: %s", strerror(errno)); -# endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */ + char buf[256]; + char **tmpenv; + u_int envsize; + extern char **environ; + /* Initialize the environment. */ + envsize = 100; + env = xmalloc(envsize * sizeof(char *)); + env[0] = NULL; + + child_set_env(&env, &envsize, "PATH", + (pw->pw_uid == 0) ? + _PATH_STDPATH : _PATH_DEFPATH); + + snprintf(buf, sizeof buf, "%.200s/%.50s", + _PATH_MAILDIR, pw->pw_name); + child_set_env(&env, &envsize, "MAIL", buf); + + if (getenv("TZ")) + child_set_env(&env, &envsize, "TZ", getenv("TZ")); + + /* Save parent environment */ + tmpenv = environ; + /* Switch to env */ + environ = env; + + if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETALL) < 0) + fatal("setusercontext failed: %s", strerror(errno)); + + /* NOTE: Modified environment now passed to env! */ + env = environ; + /* Restore parent environment */ + environ = tmpenv; + +#else /* !HAVE_LOGIN_CAP */ + if (getuid() == 0 || geteuid() == 0) { if (setlogin(pw->pw_name) < 0) error("setlogin failed: %s", strerror(errno)); if (setgid(pw->pw_gid) < 0) { @@ -1185,23 +1234,14 @@ do_setusercontext(struct passwd *pw) exit(1); } endgrent(); -# ifdef USE_PAM - /* - * PAM credentials may take the form of supplementary groups. - * These will have been wiped by the above initgroups() call. - * Reestablish them here. - */ - do_pam_setcred(0); -# endif /* USE_PAM */ -# if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) - irix_setusercontext(pw); -# endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ + /* Permanently switch to the desired uid. */ permanently_set_uid(pw); -#endif } if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); +#endif /* HAVE_LOGIN_CAP */ + return env; } static void @@ -1209,15 +1249,8 @@ launch_login(struct passwd *pw, const char *hostname) { /* Launch login(1). */ - execl(LOGIN_PROGRAM, "login", "-h", hostname, -#ifdef xxxLOGIN_NEEDS_TERM - (s->term ? s->term : "unknown"), -#endif /* LOGIN_NEEDS_TERM */ -#ifdef LOGIN_NO_ENDOPT - "-p", "-f", pw->pw_name, (char *)NULL); -#else + execl("/usr/bin/login", "login", "-h", hostname, "-p", "-f", "--", pw->pw_name, (char *)NULL); -#endif /* Login couldn't be executed, die. */ @@ -1234,11 +1267,15 @@ void do_child(Session *s, const char *command) { extern char **environ; - char **env; + char **env = NULL; char *argv[10]; const char *shell, *shell0, *hostname = NULL; struct passwd *pw = s->pw; u_int i; + int ttyfd = s->ttyfd; +#ifdef HAVE_LOGIN_CAP + int lc_requirehome, lc_nocheckmail; +#endif /* remove hostkey from the child's memory */ destroy_sensitive_data(); @@ -1252,17 +1289,8 @@ do_child(Session *s, const char *command) * switch, so we let login(1) to this for us. */ if (!options.use_login) { -#ifdef HAVE_OSF_SIA - session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); - if (!check_quietlogin(s, command)) - do_motd(); -#else /* HAVE_OSF_SIA */ do_nologin(pw); -# ifdef _AIX - aix_usrinfo(pw, s->tty, s->ttyfd); -# endif /* _AIX */ - do_setusercontext(pw); -#endif /* HAVE_OSF_SIA */ + env = do_setusercontext(pw); } /* @@ -1274,7 +1302,7 @@ do_child(Session *s, const char *command) shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); #endif - env = do_setup_env(s, shell); + env = do_setup_env(env, s, shell); /* we have to stash the hostname before we close our socket. */ if (options.use_login) @@ -1306,13 +1334,19 @@ do_child(Session *s, const char *command) */ endpwent(); +#ifdef HAVE_LOGIN_CAP + lc_requirehome = login_getcapbool(lc, "requirehome", 0); + lc_nocheckmail = login_getcapbool(lc, "nocheckmail", 0); + login_close(lc); +#endif + /* * Close any extra open file descriptors so that we don\'t have them * hanging around in clients. Note that we want to do this after * initgroups, because at least on Solaris 2.3 it leaves file * descriptors open. */ - for (i = 3; i < 64; i++) + for (i = 3; i < getdtablesize(); i++) close(i); /* @@ -1338,7 +1372,7 @@ do_child(Session *s, const char *command) fprintf(stderr, "Could not chdir to home directory %s: %s\n", pw->pw_dir, strerror(errno)); #ifdef HAVE_LOGIN_CAP - if (login_getcapbool(lc, "requirehome", 0)) + if (lc_requirehome) exit(1); #endif } @@ -1378,6 +1412,29 @@ do_child(Session *s, const char *command) exit(1); } + /* + * Check for mail if we have a tty and it was enabled + * in server options. + */ + if (ttyfd != -1 && options.check_mail +#ifdef HAVE_LOGIN_CAP + && !lc_nocheckmail +#endif + ) { + char *mailbox; + struct stat mailstat; + + mailbox = getenv("MAIL"); + if (mailbox != NULL) { + if (stat(mailbox, &mailstat) != 0 || mailstat.st_size == 0) + ; + else if (mailstat.st_mtime < mailstat.st_atime) + printf("You have mail.\n"); + else + printf("You have new mail.\n"); + } + } + /* Execute the shell. */ argv[0] = argv0; argv[1] = NULL; @@ -1761,7 +1818,7 @@ session_pty_cleanup2(void *session) /* Record that the user has logged out. */ if (s->pid != 0) - record_logout(s->pid, s->tty, s->pw->pw_name); + record_logout(s->pid, s->tty); /* Release the pseudo-tty. */ if (getuid() == 0) @@ -1803,11 +1860,7 @@ session_exit_message(Session *s, int status) } else if (WIFSIGNALED(status)) { channel_request_start(s->chanid, "exit-signal", 0); packet_put_int(WTERMSIG(status)); -#ifdef WCOREDUMP packet_put_char(WCOREDUMP(status)); -#else /* WCOREDUMP */ - packet_put_char(0); -#endif /* WCOREDUMP */ packet_put_cstring(""); packet_put_cstring(""); packet_send(); @@ -1993,23 +2046,8 @@ session_setup_x11fwd(Session *s) s->display = xstrdup(display); s->auth_display = xstrdup(auth_display); } else { -#ifdef IPADDR_IN_DISPLAY - struct hostent *he; - struct in_addr my_addr; - - he = gethostbyname(hostname); - if (he == NULL) { - error("Can't get IP address for X11 DISPLAY."); - packet_send_debug("Can't get IP address for X11 DISPLAY."); - return 0; - } - memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); - snprintf(display, sizeof display, "%.50s:%d.%d", inet_ntoa(my_addr), - s->display_number, s->screen); -#else snprintf(display, sizeof display, "%.400s:%d.%d", hostname, s->display_number, s->screen); -#endif s->display = xstrdup(display); s->auth_display = xstrdup(display); } diff --git a/crypto/openssh/session.h b/crypto/openssh/session.h index 2a7e4b2..2c8b60e 100644 --- a/crypto/openssh/session.h +++ b/crypto/openssh/session.h @@ -1,4 +1,5 @@ /* $OpenBSD: session.h,v 1.17 2002/03/29 18:59:32 markus Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -67,5 +68,5 @@ void session_pty_cleanup2(void *); Session *session_new(void); Session *session_by_tty(char *); void session_close(Session *); -void do_setusercontext(struct passwd *); +char **do_setusercontext(struct passwd *); #endif diff --git a/crypto/openssh/ssh-add.c b/crypto/openssh/ssh-add.c index 176fd85..3680c06 100644 --- a/crypto/openssh/ssh-add.c +++ b/crypto/openssh/ssh-add.c @@ -36,6 +36,7 @@ #include "includes.h" RCSID("$OpenBSD: ssh-add.c,v 1.61 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include <openssl/evp.h> @@ -50,12 +51,6 @@ RCSID("$OpenBSD: ssh-add.c,v 1.61 2002/06/19 00:27:55 deraadt Exp $"); #include "readpass.h" #include "misc.h" -#ifdef HAVE___PROGNAME -extern char *__progname; -#else -char *__progname; -#endif - /* argv0 */ extern char *__progname; @@ -307,10 +302,6 @@ main(int argc, char **argv) char *sc_reader_id = NULL; int i, ch, deleting = 0, ret = 0; - __progname = get_progname(argv[0]); - init_rng(); - seed_rng(); - SSLeay_add_all_algorithms(); /* At first, get a connection to the authentication agent. */ diff --git a/crypto/openssh/ssh-agent.c b/crypto/openssh/ssh-agent.c index c3a9077..4fc0f23 100644 --- a/crypto/openssh/ssh-agent.c +++ b/crypto/openssh/ssh-agent.c @@ -34,8 +34,9 @@ */ #include "includes.h" -#include "openbsd-compat/fake-queue.h" +#include <sys/queue.h> RCSID("$OpenBSD: ssh-agent.c,v 1.95 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include <openssl/evp.h> #include <openssl/md5.h> @@ -100,11 +101,7 @@ char socket_dir[1024]; int locked = 0; char *lock_passwd = NULL; -#ifdef HAVE___PROGNAME extern char *__progname; -#else -char *__progname; -#endif static void idtab_init(void) @@ -929,12 +926,7 @@ main(int ac, char **av) { int sock, c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0, ch, nalloc; struct sockaddr_un sunaddr; -#ifdef HAVE_SETRLIMIT struct rlimit rlim; -#endif -#ifdef HAVE_CYGWIN - int prev_mask; -#endif pid_t pid; char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; char *agentsocket = NULL; @@ -943,15 +935,7 @@ main(int ac, char **av) SSLeay_add_all_algorithms(); - __progname = get_progname(av[0]); - init_rng(); - seed_rng(); - -#ifdef __GNU_LIBRARY__ - while ((ch = getopt(ac, av, "+cdksa:")) != -1) { -#else /* __GNU_LIBRARY__ */ while ((ch = getopt(ac, av, "cdksa:")) != -1) { -#endif /* __GNU_LIBRARY__ */ switch (ch) { case 'c': if (s_flag) @@ -1041,19 +1025,11 @@ main(int ac, char **av) memset(&sunaddr, 0, sizeof(sunaddr)); sunaddr.sun_family = AF_UNIX; strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path)); -#ifdef HAVE_CYGWIN - prev_mask = umask(0177); -#endif - if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) { + sunaddr.sun_len = SUN_LEN(&sunaddr) + 1; + if (bind(sock, (struct sockaddr *)&sunaddr, sunaddr.sun_len) < 0) { perror("bind"); -#ifdef HAVE_CYGWIN - umask(prev_mask); -#endif cleanup_exit(1); } -#ifdef HAVE_CYGWIN - umask(prev_mask); -#endif if (listen(sock, 5) < 0) { perror("listen"); cleanup_exit(1); @@ -1110,14 +1086,12 @@ main(int ac, char **av) close(1); close(2); -#ifdef HAVE_SETRLIMIT /* deny core dumps, since memory contains unencrypted private keys */ rlim.rlim_cur = rlim.rlim_max = 0; if (setrlimit(RLIMIT_CORE, &rlim) < 0) { error("setrlimit RLIMIT_CORE: %s", strerror(errno)); cleanup_exit(1); } -#endif skip: fatal_add_cleanup(cleanup_socket, NULL); diff --git a/crypto/openssh/ssh-keyscan.c b/crypto/openssh/ssh-keyscan.c index 333a38e..13e5a58 100644 --- a/crypto/openssh/ssh-keyscan.c +++ b/crypto/openssh/ssh-keyscan.c @@ -8,8 +8,10 @@ #include "includes.h" RCSID("$OpenBSD: ssh-keyscan.c,v 1.36 2002/06/16 21:30:58 itojun Exp $"); +RCSID("$FreeBSD$"); -#include "openbsd-compat/fake-queue.h" +#include <sys/queue.h> +#include <errno.h> #include <openssl/bn.h> @@ -29,13 +31,7 @@ RCSID("$OpenBSD: ssh-keyscan.c,v 1.36 2002/06/16 21:30:58 itojun Exp $"); #include "atomicio.h" #include "misc.h" -/* Flag indicating whether IPv4 or IPv6. This can be set on the command line. - Default value is AF_UNSPEC means both IPv4 and IPv6. */ -#ifdef IPV4_DEFAULT -int IPv4or6 = AF_INET; -#else -int IPv4or6 = AF_UNSPEC; -#endif +extern int IPv4or6; int ssh_port = SSH_DEFAULT_PORT; @@ -53,11 +49,7 @@ int timeout = 5; int maxfd; #define MAXCON (maxfd - 10) -#ifdef HAVE___PROGNAME extern char *__progname; -#else -char *__progname; -#endif fd_set *read_wait; size_t read_wait_size; int ncon; @@ -207,7 +199,6 @@ Linebuf_getline(Linebuf * lb) static int fdlim_get(int hard) { -#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) struct rlimit rlfd; if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) @@ -216,30 +207,19 @@ fdlim_get(int hard) return 10000; else return hard ? rlfd.rlim_max : rlfd.rlim_cur; -#elif defined (HAVE_SYSCONF) - return sysconf (_SC_OPEN_MAX); -#else - return 10000; -#endif } static int fdlim_set(int lim) { -#if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE) struct rlimit rlfd; -#endif if (lim <= 0) return (-1); -#if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE) if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) return (-1); rlfd.rlim_cur = lim; if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0) return (-1); -#elif defined (HAVE_SETDTABLESIZE) - setdtablesize(lim); -#endif return (0); } @@ -699,9 +679,6 @@ main(int argc, char **argv) extern int optind; extern char *optarg; - __progname = get_progname(argv[0]); - init_rng(); - seed_rng(); TAILQ_INIT(&tq); if (argc <= 1) diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index 8ada41f..230e48e 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -35,6 +35,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $OpenBSD: ssh.1,v 1.158 2002/06/20 19:56:07 stevesk Exp $ +.\" $FreeBSD$ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -99,7 +100,7 @@ depending on the protocol version used: First, if the machine the user logs in from is listed in .Pa /etc/hosts.equiv or -.Pa /etc/shosts.equiv +.Pa /etc/ssh/shosts.equiv on the remote machine, and the user names are the same on both sides, the user is immediately permitted to log in. Second, if @@ -123,7 +124,7 @@ It means that if the login would be permitted by .Pa $HOME/.shosts , .Pa /etc/hosts.equiv , or -.Pa /etc/shosts.equiv , +.Pa /etc/ssh/shosts.equiv , and if additionally the server can verify the client's host key (see .Pa /etc/ssh/ssh_known_hosts @@ -330,6 +331,7 @@ The user should not manually set .Ev DISPLAY . Forwarding of X11 connections can be configured on the command line or in configuration files. +Take note that X11 forwarding can represent a security hazard. .Pp The .Ev DISPLAY @@ -666,7 +668,7 @@ It is automatically set by to point to a value of the form .Dq hostname:n where hostname indicates -the host where the shell runs, and n is an integer >= 1. +the host where the shell runs, and n is an integer \*(>= 1. .Nm uses this special value to forward X11 connections over the secure channel. @@ -893,7 +895,8 @@ or .Xr rsh 1 . .It Pa /etc/hosts.equiv This file is used during -.Pa \&.rhosts authentication. +.Pa \&.rhosts +authentication. It contains canonical hosts names, one per line (the full format is described on the @@ -905,7 +908,7 @@ same. Additionally, successful RSA host authentication is normally required. This file should only be writable by root. -.It Pa /etc/shosts.equiv +.It Pa /etc/ssh/shosts.equiv This file is processed exactly as .Pa /etc/hosts.equiv . This file may be useful to permit logins using diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index 24ee541..cf01550 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -41,6 +41,7 @@ #include "includes.h" RCSID("$OpenBSD: ssh.c,v 1.179 2002/06/12 01:09:52 markus Exp $"); +RCSID("$FreeBSD$"); #include <openssl/evp.h> #include <openssl/err.h> @@ -73,19 +74,11 @@ RCSID("$OpenBSD: ssh.c,v 1.179 2002/06/12 01:09:52 markus Exp $"); #include "scard.h" #endif -#ifdef HAVE___PROGNAME extern char *__progname; -#else -char *__progname; -#endif /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. Default value is AF_UNSPEC means both IPv4 and IPv6. */ -#ifdef IPV4_DEFAULT -int IPv4or6 = AF_INET; -#else -int IPv4or6 = AF_UNSPEC; -#endif +extern int IPv4or6; /* Flag indicating whether debug mode is on. This can be set on the command line. */ int debug_flag = 0; @@ -220,9 +213,6 @@ main(int ac, char **av) extern int optind, optreset; extern char *optarg; - __progname = get_progname(av[0]); - init_rng(); - /* * Save the original real uid. It will be needed later (uid-swapping * may clobber the real uid). @@ -230,7 +220,6 @@ main(int ac, char **av) original_real_uid = getuid(); original_effective_uid = geteuid(); -#ifdef HAVE_SETRLIMIT /* If we are installed setuid root be careful to not drop core. */ if (original_real_uid != original_effective_uid) { struct rlimit rlim; @@ -238,11 +227,10 @@ main(int ac, char **av) if (setrlimit(RLIMIT_CORE, &rlim) < 0) fatal("setrlimit failed: %.100s", strerror(errno)); } -#endif /* Get user data. */ pw = getpwuid(original_real_uid); if (!pw) { - log("You don't exist, go away!"); + log("unknown user %d", original_real_uid); exit(1); } /* Take a copy of the returned structure. */ @@ -592,21 +580,30 @@ again: /* reinit */ log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1); - seed_rng(); - if (options.user == NULL) options.user = xstrdup(pw->pw_name); if (options.hostname != NULL) host = options.hostname; + /* Find canonic host name. */ + if (strchr(host, '.') == 0) { + struct addrinfo hints; + struct addrinfo *ai = NULL; + int errgai; + memset(&hints, 0, sizeof(hints)); + hints.ai_family = IPv4or6; + hints.ai_flags = AI_CANONNAME; + hints.ai_socktype = SOCK_STREAM; + errgai = getaddrinfo(host, NULL, &hints, &ai); + if (errgai == 0) { + if (ai->ai_canonname != NULL) + host = xstrdup(ai->ai_canonname); + freeaddrinfo(ai); + } + } /* Disable rhosts authentication if not running as root. */ -#ifdef HAVE_CYGWIN - /* Ignore uid if running under Windows */ - if (!options.use_privileged_port) { -#else if (original_effective_uid != 0 || !options.use_privileged_port) { -#endif debug("Rhosts Authentication disabled, " "originating port will not be trusted."); options.rhosts_authentication = 0; @@ -615,11 +612,7 @@ again: if (ssh_connect(host, &hostaddr, options.port, IPv4or6, options.connection_attempts, -#ifdef HAVE_CYGWIN - options.use_privileged_port, -#else original_effective_uid == 0 && options.use_privileged_port, -#endif options.proxy_command) != 0) exit(1); diff --git a/crypto/openssh/ssh.h b/crypto/openssh/ssh.h index e23bb1d..fd9fd50 100644 --- a/crypto/openssh/ssh.h +++ b/crypto/openssh/ssh.h @@ -1,4 +1,5 @@ /* $OpenBSD: ssh.h,v 1.70 2002/06/03 12:04:07 deraadt Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -15,16 +16,6 @@ #ifndef SSH_H #define SSH_H -#include <netinet/in.h> /* For struct sockaddr_in */ -#include <pwd.h> /* For struct pw */ -#include <stdarg.h> /* For va_list */ -#include <syslog.h> /* For LOG_AUTH and friends */ -#include <sys/socket.h> /* For struct sockaddr_storage */ -#include "openbsd-compat/fake-socket.h" /* For struct sockaddr_storage */ -#ifdef HAVE_SYS_SELECT_H -# include <sys/select.h> -#endif - /* Cipher used for encrypting authentication files. */ #define SSH_AUTHFILE_CIPHER SSH_CIPHER_3DES @@ -60,10 +51,6 @@ */ #define SSH_SERVICE_NAME "ssh" -#if defined(USE_PAM) && !defined(SSHD_PAM_SERVICE) -# define SSHD_PAM_SERVICE __progname -#endif - /* * Name of the environment variable containing the pathname of the * authentication socket. @@ -104,11 +91,13 @@ * sshd will change its privileges to this user and its * primary group. */ -#ifndef SSH_PRIVSEP_USER #define SSH_PRIVSEP_USER "sshd" -#endif /* Minimum modulus size (n) for RSA keys. */ #define SSH_RSA_MINIMUM_MODULUS_SIZE 768 +#ifdef USE_PAM +#include "auth-pam.h" +#endif /* USE_PAM */ + #endif /* SSH_H */ diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index ef31d43..ab6206e 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -1,4 +1,5 @@ # $OpenBSD: ssh_config,v 1.15 2002/06/20 20:03:34 stevesk Exp $ +# $FreeBSD$ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -33,3 +34,4 @@ # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ +# VersionAddendum FreeBSD-20020402 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 53cb0fe..9ae6c78 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -35,6 +35,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $OpenBSD: ssh_config.5,v 1.1 2002/06/20 19:56:07 stevesk Exp $ +.\" $FreeBSD$ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -583,6 +584,9 @@ having to remember to give the user name on the command line. Specifies a file to use for the user host key database instead of .Pa $HOME/.ssh/known_hosts . +.It Cm VersionAddendum +Specifies a string to append to the regular version string to identify +OS- or site-specific modifications. .It Cm XAuthLocation Specifies the location of the .Xr xauth 1 diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index 9b4c388..707a9c0 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -14,6 +14,7 @@ #include "includes.h" RCSID("$OpenBSD: sshconnect.c,v 1.125 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include <openssl/bn.h> @@ -42,10 +43,6 @@ extern char *__progname; extern uid_t original_real_uid; extern uid_t original_effective_uid; -#ifndef INET6_ADDRSTRLEN /* for non IPv6 machines */ -#define INET6_ADDRSTRLEN 46 -#endif - static const char * sockaddr_ntop(struct sockaddr *sa, socklen_t salen) { @@ -501,7 +498,6 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, HostStatus host_status; HostStatus ip_status; int local = 0, host_ip_differ = 0; - int salen; char ntop[NI_MAXHOST]; char msg[1024]; int len, host_line, ip_line; @@ -520,16 +516,13 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, case AF_INET: local = (ntohl(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; - salen = sizeof(struct sockaddr_in); break; case AF_INET6: local = IN6_IS_ADDR_LOOPBACK( &(((struct sockaddr_in6 *)hostaddr)->sin6_addr)); - salen = sizeof(struct sockaddr_in6); break; default: local = 0; - salen = sizeof(struct sockaddr_storage); break; } if (options.no_host_authentication_for_localhost == 1 && local && @@ -544,7 +537,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, * using a proxy command */ if (options.proxy_command == NULL) { - if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop), + if (getnameinfo(hostaddr, hostaddr->sa_len, ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0) fatal("check_host_key: getnameinfo failed"); ip = xstrdup(ntop); diff --git a/crypto/openssh/sshconnect.h b/crypto/openssh/sshconnect.h index 0be30fe..47bbfd5 100644 --- a/crypto/openssh/sshconnect.h +++ b/crypto/openssh/sshconnect.h @@ -1,4 +1,5 @@ /* $OpenBSD: sshconnect.h,v 1.17 2002/06/19 00:27:55 deraadt Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c index e28b7fc..3cb2d18 100644 --- a/crypto/openssh/sshconnect1.c +++ b/crypto/openssh/sshconnect1.c @@ -14,6 +14,7 @@ #include "includes.h" RCSID("$OpenBSD: sshconnect1.c,v 1.51 2002/05/23 19:24:30 markus Exp $"); +RCSID("$FreeBSD$"); #include <openssl/bn.h> #include <openssl/md5.h> @@ -23,9 +24,6 @@ RCSID("$OpenBSD: sshconnect1.c,v 1.51 2002/05/23 19:24:30 markus Exp $"); #endif #ifdef KRB5 #include <krb5.h> -#ifndef HEIMDAL -#define krb5_get_err_text(context,code) error_message(code) -#endif /* !HEIMDAL */ #endif #ifdef AFS #include <kafs.h> @@ -524,23 +522,6 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) ret = 0; goto out; } - - problem = krb5_auth_con_init(*context, auth_context); - if (problem) { - debug("Kerberos v5: krb5_auth_con_init failed"); - ret = 0; - goto out; - } - -#ifndef HEIMDAL - problem = krb5_auth_con_setflags(*context, *auth_context, - KRB5_AUTH_CONTEXT_RET_TIME); - if (problem) { - debug("Keberos v5: krb5_auth_con_setflags failed"); - ret = 0; - goto out; - } -#endif tkfile = krb5_cc_default_name(*context); if (strncmp(tkfile, "FILE:", 5) == 0) @@ -617,11 +598,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) if (reply != NULL) krb5_free_ap_rep_enc_part(*context, reply); if (ap.length > 0) -#ifdef HEIMDAL krb5_data_free(&ap); -#else - krb5_free_data_contents(*context, &ap); -#endif return (ret); } @@ -634,11 +611,7 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context) krb5_data outbuf; krb5_ccache ccache = NULL; krb5_creds creds; -#ifdef HEIMDAL krb5_kdc_flags flags; -#else - int forwardable; -#endif const char *remotehost; memset(&creds, 0, sizeof(creds)); @@ -646,13 +619,7 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context) fd = packet_get_connection_in(); -#ifdef HEIMDAL problem = krb5_auth_con_setaddrs_from_fd(context, auth_context, &fd); -#else - problem = krb5_auth_con_genaddrs(context, auth_context, fd, - KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR | - KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR); -#endif if (problem) goto out; @@ -664,35 +631,23 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context) if (problem) goto out; - remotehost = get_canonical_hostname(1); - -#ifdef HEIMDAL problem = krb5_build_principal(context, &creds.server, strlen(creds.client->realm), creds.client->realm, "krbtgt", creds.client->realm, NULL); -#else - problem = krb5_build_principal(context, &creds.server, - creds.client->realm.length, creds.client->realm.data, - "host", remotehost, NULL); -#endif if (problem) goto out; creds.times.endtime = 0; -#ifdef HEIMDAL flags.i = 0; flags.b.forwarded = 1; flags.b.forwardable = krb5_config_get_bool(context, NULL, "libdefaults", "forwardable", NULL); + + remotehost = get_canonical_hostname(1); + problem = krb5_get_forwarded_creds(context, auth_context, ccache, flags.i, remotehost, &creds, &outbuf); -#else - forwardable = 1; - problem = krb5_fwd_tgt_creds(context, auth_context, remotehost, - creds.client, creds.server, ccache, forwardable, &outbuf); -#endif - if (problem) goto out; diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c index 7f28ab5..7ecbe74 100644 --- a/crypto/openssh/sshconnect2.c +++ b/crypto/openssh/sshconnect2.c @@ -24,6 +24,7 @@ #include "includes.h" RCSID("$OpenBSD: sshconnect2.c,v 1.104 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$FreeBSD$"); #include "ssh.h" #include "ssh2.h" @@ -472,7 +473,7 @@ userauth_passwd(Authctxt *authctxt) * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST */ void -input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) +input_userauth_passwd_changereq(int type, uint32_t seqnr, void *ctxt) { Authctxt *authctxt = ctxt; char *info, *lang, *password = NULL, *retype = NULL; diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index 22f8143..7bc85bd 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -35,6 +35,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $OpenBSD: sshd.8,v 1.184 2002/06/20 19:56:07 stevesk Exp $ +.\" $FreeBSD$ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -65,7 +66,7 @@ install and use as possible. .Nm is the daemon that listens for connections from clients. It is normally started at boot from -.Pa /etc/rc . +.Pa /etc/rc.network . It forks a new daemon for each incoming connection. The forked daemons handle @@ -340,8 +341,9 @@ section). If the login is on a tty, records login time. .It Checks -.Pa /etc/nologin ; -if it exists, prints contents and quits +.Pa /etc/nologin and +.Pa /var/run/nologin ; +if one exists, it prints the contents and quits (unless root). .It Changes to run with normal user privileges. @@ -359,11 +361,12 @@ If exists, runs it; else if .Pa /etc/ssh/sshrc exists, runs -it; otherwise runs xauth. +it; otherwise runs +.Xr xauth 1 . The .Dq rc files are given the X11 -authentication protocol and cookie in standard input. +authentication protocol and cookie (if applicable) in standard input. .It Runs user's shell or command. .El @@ -498,7 +501,7 @@ command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hu permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 .Sh SSH_KNOWN_HOSTS FILE FORMAT The -.Pa /etc/ssh/ssh_known_hosts , +.Pa /etc/ssh/ssh_known_hosts and .Pa $HOME/.ssh/known_hosts files contain host public keys for all known hosts. @@ -576,7 +579,7 @@ really used for anything; they are provided for the convenience of the user so their contents can be copied to known hosts files. These files are created using .Xr ssh-keygen 1 . -.It Pa /etc/moduli +.It Pa /etc/ssh/moduli Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". .It Pa /var/run/sshd.pid Contains the process ID of the @@ -679,7 +682,7 @@ The only valid use for user names that I can think of is in negative entries. .Pp Note that this warning also applies to rsh/rlogin. -.It Pa /etc/shosts.equiv +.It Pa /etc/ssh/shosts.equiv This is processed exactly as .Pa /etc/hosts.equiv . However, this file may be useful in environments that want to run both @@ -692,7 +695,9 @@ and assignment lines of the form name=value. The file should be writable only by the user; it need not be readable by anyone else. .It Pa $HOME/.ssh/rc -If this file exists, it is run with /bin/sh after reading the +If this file exists, it is run with +.Pa /bin/sh +after reading the environment files but before starting the user's shell or command. It must not produce any output on stdout; stderr must be used instead. diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index feea3ce..fb6cf98 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -43,15 +43,12 @@ #include "includes.h" RCSID("$OpenBSD: sshd.c,v 1.246 2002/06/20 23:05:56 markus Exp $"); +RCSID("$FreeBSD$"); #include <openssl/dh.h> #include <openssl/bn.h> #include <openssl/md5.h> #include <openssl/rand.h> -#ifdef HAVE_SECUREWARE -#include <sys/security.h> -#include <prot.h> -#endif #include "ssh.h" #include "ssh1.h" @@ -66,6 +63,9 @@ RCSID("$OpenBSD: sshd.c,v 1.246 2002/06/20 23:05:56 markus Exp $"); #include "uidswap.h" #include "compat.h" #include "buffer.h" +#include <poll.h> +#include <time.h> + #include "cipher.h" #include "kex.h" #include "key.h" @@ -96,11 +96,7 @@ int deny_severity = LOG_WARNING; #define O_NOCTTY 0 #endif -#ifdef HAVE___PROGNAME extern char *__progname; -#else -char *__progname; -#endif /* Server configuration options. */ ServerOptions options; @@ -112,11 +108,7 @@ char *config_file_name = _PATH_SERVER_CONFIG_FILE; * Flag indicating whether IPv4 or IPv6. This can be set on the command line. * Default value is AF_UNSPEC means both IPv4 and IPv6. */ -#ifdef IPV4_DEFAULT -int IPv4or6 = AF_INET; -#else -int IPv4or6 = AF_UNSPEC; -#endif +extern int IPv4or6; /* * Debug mode flag. This can be set on the command line. If debug @@ -140,7 +132,6 @@ int log_stderr = 0; /* Saved arguments to main(). */ char **saved_argv; -int saved_argc; /* * The sockets that the server is listening; this is used in the SIGHUP @@ -790,14 +781,7 @@ main(int ac, char **av) Key *key; int ret, key_used = 0; -#ifdef HAVE_SECUREWARE - (void)set_auth_parameters(ac, av); -#endif - __progname = get_progname(av[0]); - init_rng(); - /* Save argv. */ - saved_argc = ac; saved_argv = av; /* Initialize configuration options to their default values. */ @@ -911,15 +895,6 @@ main(int ac, char **av) SYSLOG_FACILITY_AUTH : options.log_facility, !inetd_flag); -#ifdef _CRAY - /* Cray can define user privs drop all prives now! - * Not needed on PRIV_SU systems! - */ - drop_cray_privs(); -#endif - - seed_rng(); - /* Read server configuration options from the configuration file. */ read_server_config(&options, config_file_name); @@ -1018,16 +993,6 @@ main(int ac, char **av) if (test_flag) exit(0); - /* - * Clear out any supplemental groups we may have inherited. This - * prevents inadvertent creation of files with bad modes (in the - * portable version at least, it's certainly possible for PAM - * to create a file, and we can't control the code in every - * module which might be used). - */ - if (setgroups(0, NULL) < 0) - debug("setgroups() failed: %.200s", strerror(errno)); - /* Initialize the log (it is reinitialized below in case we forked). */ if (debug_flag && !inetd_flag) log_stderr = 1; @@ -1125,9 +1090,8 @@ main(int ac, char **av) /* Bind the socket to the desired port. */ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0) { - if (!ai->ai_next) - error("Bind to port %s on %s failed: %.200s.", - strport, ntop, strerror(errno)); + error("Bind to port %s on %s failed: %.200s.", + strport, ntop, strerror(errno)); close(listen_sock); continue; } @@ -1169,7 +1133,7 @@ main(int ac, char **av) * fail if there already is a daemon, and this will * overwrite any old pid in the file. */ - f = fopen(options.pid_file, "wb"); + f = fopen(options.pid_file, "w"); if (f) { fprintf(f, "%ld\n", (long) getpid()); fclose(f); @@ -1349,11 +1313,8 @@ main(int ac, char **av) * setlogin() affects the entire process group. We don't * want the child to be able to affect the parent. */ -#if 0 - /* XXX: this breaks Solaris */ if (setsid() < 0) error("setsid: %.100s", strerror(errno)); -#endif /* * Disable the key regeneration alarm. We will not regenerate the @@ -1366,7 +1327,7 @@ main(int ac, char **av) signal(SIGTERM, SIG_DFL); signal(SIGQUIT, SIG_DFL); signal(SIGCHLD, SIG_DFL); - signal(SIGINT, SIG_DFL); + signal(SIGPIPE, SIG_IGN); /* * Set socket options for the connection. We want the socket to diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index d57346b..3f39deb 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -1,15 +1,19 @@ # $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $ +# $FreeBSD$ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. +# Note that some of FreeBSD's defaults differ from OpenBSD's, and +# FreeBSD has a few additional options. + +#VersionAddendum FreeBSD-20020402 + #Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 @@ -32,8 +36,8 @@ # Authentication: -#LoginGraceTime 600 -#PermitRootLogin yes +#LoginGraceTime 120 +#PermitRootLogin no #StrictModes yes #RSAAuthentication yes @@ -69,18 +73,15 @@ # Kerberos TGT Passing only works with the AFS kaserver #KerberosTgtPassing no -# Set this to 'yes' to enable PAM keyboard-interactive authentication -# Warning: enabling this may bypass the setting of 'PasswordAuthentication' -#PAMAuthenticationViaKbdInt yes - -#X11Forwarding no +#X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #KeepAlive yes #UseLogin no -#UsePrivilegeSeparation yes +#CheckMail yes +#UsePrivilegeSeparation no #Compression yes #MaxStartups 10 diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 1aecd48..826c34c 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -35,6 +35,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $OpenBSD: sshd_config.5,v 1.3 2002/06/20 23:37:12 markus Exp $ +.\" $FreeBSD$ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 .Os @@ -131,6 +132,9 @@ All authentication styles from are supported. The default is .Dq yes . +Note that OPIE authentication is enabled only if +.Cm PasswordAuthentication +is allowed, too. .It Cm Ciphers Specifies the ciphers allowed for protocol version 2. Multiple ciphers must be comma-separated. @@ -140,6 +144,12 @@ The default is ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc'' .Ed +.It Cm CheckMail +Specifies whether +.Nm +should notify the user of new mail for interactive logins. +The default is +.Dq yes . .It Cm ClientAliveInterval Sets a timeout interval in seconds after which if no data has been received from the client, @@ -266,7 +276,7 @@ or .Pp .Pa /etc/hosts.equiv and -.Pa /etc/shosts.equiv +.Pa /etc/ssh/shosts.equiv are still used. The default is .Dq yes . @@ -305,10 +315,6 @@ To disable keepalives, the value should be set to .It Cm KerberosAuthentication Specifies whether Kerberos authentication is allowed. This can be in the form of a Kerberos ticket, or if -.It Cm PAMAuthenticationViaKbdInt -Specifies whether PAM challenge response authentication is allowed. This -allows the use of most PAM challenge response authentication modules, but -it will allow password authentication regardless of whether .Cm PasswordAuthentication is yes, the password provided by the user will be validated through the Kerberos KDC. @@ -383,7 +389,7 @@ options must precede this option for non port qualified addresses. The server disconnects after this time if the user has not successfully logged in. If the value is 0, there is no time limit. -The default is 600 (seconds). +The default is 120 (seconds). .It Cm LogLevel Gives the verbosity level that is used when logging messages from .Nm sshd . @@ -444,7 +450,7 @@ The argument must be or .Dq no . The default is -.Dq yes . +.Dq no . .Pp If this option is set to .Dq without-password @@ -511,18 +517,23 @@ The default is .Dq yes . Note that this option applies to protocol version 2 only. .It Cm RhostsAuthentication -Specifies whether authentication using rhosts or /etc/hosts.equiv +Specifies whether authentication using rhosts or +.Pa /etc/hosts.equiv files is sufficient. Normally, this method should not be permitted because it is insecure. .Cm RhostsRSAAuthentication should be used instead, because it performs RSA-based host authentication in addition -to normal rhosts or /etc/hosts.equiv authentication. +to normal rhosts or +.Pa /etc/hosts.equiv +authentication. The default is .Dq no . This option applies to protocol version 1 only. .It Cm RhostsRSAAuthentication -Specifies whether rhosts or /etc/hosts.equiv authentication together +Specifies whether rhosts or +.Pa /etc/hosts.equiv +authentication together with successful RSA host authentication is allowed. The default is .Dq no . @@ -535,6 +546,9 @@ This option applies to protocol version 1 only. .It Cm ServerKeyBits Defines the number of bits in the ephemeral protocol version 1 server key. The minimum value is 512, and the default is 768. +.It Cm SkeyAuthentication +Backward-compatibility alias for +.Cm ChallengeResponseAuthentication . .It Cm StrictModes Specifies whether .Nm sshd @@ -597,6 +611,9 @@ the resolved host name for the remote IP address maps back to the very same IP address. The default is .Dq no . +.It Cm VersionAddendum +Specifies a string to append to the regular version string to identify +OS- or site-specific modifications. .It Cm X11DisplayOffset Specifies the first display number available for .Nm sshd Ns 's diff --git a/crypto/openssh/sshlogin.c b/crypto/openssh/sshlogin.c index 78c51ab..7b987e9 100644 --- a/crypto/openssh/sshlogin.c +++ b/crypto/openssh/sshlogin.c @@ -40,8 +40,12 @@ #include "includes.h" RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $"); +RCSID("$FreeBSD$"); -#include "loginrec.h" +#include <libutil.h> +#include <utmp.h> +#include "sshlogin.h" +#include "log.h" /* * Returns the time when the user last logged in. Returns 0 if the @@ -53,11 +57,27 @@ u_long get_last_login_time(uid_t uid, const char *logname, char *buf, u_int bufsize) { - struct logininfo li; + struct lastlog ll; + char *lastlog; + int fd; - login_get_lastlog(&li, uid); - strlcpy(buf, li.hostname, bufsize); - return li.tv_sec; + lastlog = _PATH_LASTLOG; + buf[0] = '\0'; + + fd = open(lastlog, O_RDONLY); + if (fd < 0) + return 0; + lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); + if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) { + close(fd); + return 0; + } + close(fd); + if (bufsize > sizeof(ll.ll_host) + 1) + bufsize = sizeof(ll.ll_host) + 1; + strncpy(buf, ll.ll_host, bufsize - 1); + buf[bufsize - 1] = 0; + return ll.ll_time; } /* @@ -69,36 +89,49 @@ void record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, const char *host, struct sockaddr * addr) { - struct logininfo *li; + int fd; + struct lastlog ll; + char *lastlog; + struct utmp u; - li = login_alloc_entry(pid, user, host, ttyname); - login_set_addr(li, addr, sizeof(struct sockaddr)); - login_login(li); - login_free_entry(li); -} + /* Construct an utmp/wtmp entry. */ + memset(&u, 0, sizeof(u)); + strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line)); + u.ut_time = time(NULL); + strncpy(u.ut_name, user, sizeof(u.ut_name)); + strncpy(u.ut_host, host, sizeof(u.ut_host)); -#ifdef LOGIN_NEEDS_UTMPX -void -record_utmp_only(pid_t pid, const char *ttyname, const char *user, - const char *host, struct sockaddr * addr) -{ - struct logininfo *li; + login(&u); + lastlog = _PATH_LASTLOG; + + /* Update lastlog unless actually recording a logout. */ + if (strcmp(user, "") != 0) { + /* + * It is safer to bzero the lastlog structure first because + * some systems might have some extra fields in it (e.g. SGI) + */ + memset(&ll, 0, sizeof(ll)); - li = login_alloc_entry(pid, user, host, ttyname); - login_set_addr(li, addr, sizeof(struct sockaddr)); - login_utmp_only(li); - login_free_entry(li); + /* Update lastlog. */ + ll.ll_time = time(NULL); + strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line)); + strncpy(ll.ll_host, host, sizeof(ll.ll_host)); + fd = open(lastlog, O_RDWR); + if (fd >= 0) { + lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); + if (write(fd, &ll, sizeof(ll)) != sizeof(ll)) + log("Could not write %.100s: %.100s", lastlog, strerror(errno)); + close(fd); + } + } } -#endif /* Records that the user has logged out. */ void -record_logout(pid_t pid, const char *ttyname, const char *user) +record_logout(pid_t pid, const char *ttyname) { - struct logininfo *li; - - li = login_alloc_entry(pid, user, NULL, ttyname); - login_logout(li); - login_free_entry(li); + const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ + if (logout(line)) + logwtmp(line, "", ""); } diff --git a/crypto/openssh/sshpty.c b/crypto/openssh/sshpty.c index a7e7e27..53fb075 100644 --- a/crypto/openssh/sshpty.c +++ b/crypto/openssh/sshpty.c @@ -13,27 +13,17 @@ #include "includes.h" RCSID("$OpenBSD: sshpty.c,v 1.4 2001/12/19 07:18:56 deraadt Exp $"); +RCSID("$FreeBSD$"); -#ifdef HAVE_UTIL_H -# include <util.h> -#endif /* HAVE_UTIL_H */ - +#include <libutil.h> #include "sshpty.h" #include "log.h" -#include "misc.h" /* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */ #if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY) #undef HAVE_DEV_PTMX #endif -#ifdef HAVE_PTY_H -# include <pty.h> -#endif -#if defined(HAVE_DEV_PTMX) && defined(HAVE_SYS_STROPTS_H) -# include <sys/stropts.h> -#endif - #ifndef O_NOCTTY #define O_NOCTTY 0 #endif @@ -50,19 +40,15 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) { #if defined(HAVE_OPENPTY) || defined(BSD4_4) /* openpty(3) exists in OSF/1 and some other os'es */ - char *name; + char buf[64]; int i; - i = openpty(ptyfd, ttyfd, NULL, NULL, NULL); + i = openpty(ptyfd, ttyfd, buf, NULL, NULL); if (i < 0) { error("openpty: %.100s", strerror(errno)); return 0; } - name = ttyname(*ttyfd); - if (!name) - fatal("openpty returns device for which ttyname fails."); - - strlcpy(namebuf, name, namebuflen); /* possible truncation */ + strlcpy(namebuf, buf, namebuflen); /* possible truncation */ return 1; #else /* HAVE_OPENPTY */ #ifdef HAVE__GETPTY @@ -87,26 +73,23 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) } return 1; #else /* HAVE__GETPTY */ -#if defined(HAVE_DEV_PTMX) +#ifdef HAVE_DEV_PTMX /* * This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3 * also has bsd-style ptys, but they simply do not work.) */ int ptm; char *pts; - mysig_t old_signal; ptm = open("/dev/ptmx", O_RDWR | O_NOCTTY); if (ptm < 0) { error("/dev/ptmx: %.100s", strerror(errno)); return 0; } - old_signal = mysignal(SIGCHLD, SIG_DFL); if (grantpt(ptm) < 0) { error("grantpt: %.100s", strerror(errno)); return 0; } - mysignal(SIGCHLD, old_signal); if (unlockpt(ptm) < 0) { error("unlockpt: %.100s", strerror(errno)); return 0; @@ -124,20 +107,13 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) close(*ptyfd); return 0; } -#ifndef HAVE_CYGWIN - /* - * Push the appropriate streams modules, as described in Solaris pts(7). - * HP-UX pts(7) doesn't have ttcompat module. - */ + /* Push the appropriate streams modules, as described in Solaris pts(7). */ if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) error("ioctl I_PUSH ptem: %.100s", strerror(errno)); if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0) error("ioctl I_PUSH ldterm: %.100s", strerror(errno)); -#ifndef __hpux if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) error("ioctl I_PUSH ttcompat: %.100s", strerror(errno)); -#endif -#endif return 1; #else /* HAVE_DEV_PTMX */ #ifdef HAVE_DEV_PTS_AND_PTC @@ -162,36 +138,6 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) } return 1; #else /* HAVE_DEV_PTS_AND_PTC */ -#ifdef _CRAY - char buf[64]; - int i; - int highpty; - -#ifdef _SC_CRAY_NPTY - highpty = sysconf(_SC_CRAY_NPTY); - if (highpty == -1) - highpty = 128; -#else - highpty = 128; -#endif - - for (i = 0; i < highpty; i++) { - snprintf(buf, sizeof(buf), "/dev/pty/%03d", i); - *ptyfd = open(buf, O_RDWR|O_NOCTTY); - if (*ptyfd < 0) - continue; - snprintf(namebuf, namebuflen, "/dev/ttyp%03d", i); - /* Open the slave side. */ - *ttyfd = open(namebuf, O_RDWR|O_NOCTTY); - if (*ttyfd < 0) { - error("%.100s: %.100s", namebuf, strerror(errno)); - close(*ptyfd); - return 0; - } - return 1; - } - return 0; -#else /* BSD-style pty code. */ char buf[64]; int i; @@ -199,24 +145,16 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) const char *ptyminors = "0123456789abcdef"; int num_minors = strlen(ptyminors); int num_ptys = strlen(ptymajors) * num_minors; - struct termios tio; for (i = 0; i < num_ptys; i++) { snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors], ptyminors[i % num_minors]); + *ptyfd = open(buf, O_RDWR | O_NOCTTY); + if (*ptyfd < 0) + continue; snprintf(namebuf, namebuflen, "/dev/tty%c%c", ptymajors[i / num_minors], ptyminors[i % num_minors]); - *ptyfd = open(buf, O_RDWR | O_NOCTTY); - if (*ptyfd < 0) { - /* Try SCO style naming */ - snprintf(buf, sizeof buf, "/dev/ptyp%d", i); - snprintf(namebuf, namebuflen, "/dev/ttyp%d", i); - *ptyfd = open(buf, O_RDWR | O_NOCTTY); - if (*ptyfd < 0) - continue; - } - /* Open the slave side. */ *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); if (*ttyfd < 0) { @@ -224,23 +162,9 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) close(*ptyfd); return 0; } - /* set tty modes to a sane state for broken clients */ - if (tcgetattr(*ptyfd, &tio) < 0) - log("Getting tty modes for pty failed: %.100s", strerror(errno)); - else { - tio.c_lflag |= (ECHO | ISIG | ICANON); - tio.c_oflag |= (OPOST | ONLCR); - tio.c_iflag |= ICRNL; - - /* Set the new modes for the terminal. */ - if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0) - log("Setting tty modes for pty failed: %.100s", strerror(errno)); - } - return 1; } return 0; -#endif /* CRAY */ #endif /* HAVE_DEV_PTS_AND_PTC */ #endif /* HAVE_DEV_PTMX */ #endif /* HAVE__GETPTY */ @@ -264,33 +188,6 @@ void pty_make_controlling_tty(int *ttyfd, const char *ttyname) { int fd; -#ifdef USE_VHANGUP - void *old; -#endif /* USE_VHANGUP */ - -#ifdef _CRAY - if (setsid() < 0) - error("setsid: %.100s", strerror(errno)); - - fd = open(ttyname, O_RDWR|O_NOCTTY); - if (fd != -1) { - mysignal(SIGHUP, SIG_IGN); - ioctl(fd, TCVHUP, (char *)NULL); - mysignal(SIGHUP, SIG_DFL); - setpgid(0, 0); - close(fd); - } else { - error("Failed to disconnect from controlling tty."); - } - - debug("Setting controlling tty using TCSETCTTY."); - ioctl(*ttyfd, TCSETCTTY, NULL); - fd = open("/dev/tty", O_RDWR); - if (fd < 0) - error("%.100s: %.100s", ttyname, strerror(errno)); - close(*ttyfd); - *ttyfd = fd; -#else /* _CRAY */ /* First disconnect from the old controlling tty. */ #ifdef TIOCNOTTY @@ -318,26 +215,12 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) if (ioctl(*ttyfd, TIOCSCTTY, NULL) < 0) error("ioctl(TIOCSCTTY): %.100s", strerror(errno)); #endif /* TIOCSCTTY */ -#ifdef HAVE_NEWS4 - if (setpgrp(0,0) < 0) - error("SETPGRP %s",strerror(errno)); -#endif /* HAVE_NEWS4 */ -#ifdef USE_VHANGUP - old = mysignal(SIGHUP, SIG_IGN); - vhangup(); - mysignal(SIGHUP, old); -#endif /* USE_VHANGUP */ fd = open(ttyname, O_RDWR); - if (fd < 0) { + if (fd < 0) error("%.100s: %.100s", ttyname, strerror(errno)); - } else { -#ifdef USE_VHANGUP - close(*ttyfd); - *ttyfd = fd; -#else /* USE_VHANGUP */ + else close(fd); -#endif /* USE_VHANGUP */ - } + /* Verify that we now have a controlling tty. */ fd = open(_PATH_TTY, O_WRONLY); if (fd < 0) @@ -346,7 +229,6 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) else { close(fd); } -#endif /* _CRAY */ } /* Changes the window size associated with the pty. */ diff --git a/crypto/openssh/util.c b/crypto/openssh/util.c deleted file mode 100644 index 1a591a6..0000000 --- a/crypto/openssh/util.c +++ /dev/null @@ -1,96 +0,0 @@ -/* $OpenBSD: util.c,v 1.6 2000/10/27 07:32:19 markus Exp $ */ - -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD: util.c,v 1.6 2000/10/27 07:32:19 markus Exp $"); - -#include "ssh.h" - -char * -chop(char *s) -{ - char *t = s; - while (*t) { - if(*t == '\n' || *t == '\r') { - *t = '\0'; - return s; - } - t++; - } - return s; - -} - -void -set_nonblock(int fd) -{ - int val; - val = fcntl(fd, F_GETFL, 0); - if (val < 0) { - error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); - return; - } - if (val & O_NONBLOCK) { - debug("fd %d IS O_NONBLOCK", fd); - return; - } - debug("fd %d setting O_NONBLOCK", fd); - val |= O_NONBLOCK; - if (fcntl(fd, F_SETFL, val) == -1) - if (errno != ENODEV) - error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", - fd, strerror(errno)); -} - -/* Characters considered whitespace in strsep calls. */ -#define WHITESPACE " \t\r\n" - -char * -strdelim(char **s) -{ - char *old; - int wspace = 0; - - if (*s == NULL) - return NULL; - - old = *s; - - *s = strpbrk(*s, WHITESPACE "="); - if (*s == NULL) - return (old); - - /* Allow only one '=' to be skipped */ - if (*s[0] == '=') - wspace = 1; - *s[0] = '\0'; - - *s += strspn(*s + 1, WHITESPACE) + 1; - if (*s[0] == '=' && !wspace) - *s += strspn(*s + 1, WHITESPACE) + 1; - - return (old); -} diff --git a/crypto/openssh/version.c b/crypto/openssh/version.c new file mode 100644 index 0000000..392f5ea --- /dev/null +++ b/crypto/openssh/version.c @@ -0,0 +1,59 @@ +/*- + * Copyright (c) 2001 Brian Fundakowski Feldman + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include "includes.h" +#include "version.h" +#include "xmalloc.h" + +RCSID("$FreeBSD$"); + +static char *version = NULL; + +const char * +ssh_version_get(void) { + + if (version == NULL) + version = xstrdup(SSH_VERSION_BASE " " SSH_VERSION_ADDENDUM); + return (version); +} + +void +ssh_version_set_addendum(const char *add) { + char *newvers; + size_t size; + + if (add != NULL) { + size = strlen(SSH_VERSION_BASE) + 1 + strlen(add) + 1; + newvers = xmalloc(size); + snprintf(newvers, size, "%s %s", SSH_VERSION_BASE, add); + } else { + newvers = xstrdup(SSH_VERSION_BASE); + } + if (version != NULL) + xfree(version); + version = newvers; +} diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index fcd853d..93b15ff 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -1,4 +1,12 @@ /* $OpenBSD: version.h,v 1.33 2002/06/21 15:41:20 markus Exp $ */ +/* $FreeBSD$ */ -#define SSH_VERSION "OpenSSH_3.3" +#ifndef SSH_VERSION +#define SSH_VERSION (ssh_version_get()) +#define SSH_VERSION_BASE "OpenSSH_3.3" +#define SSH_VERSION_ADDENDUM "FreeBSD-20020623" + +const char *ssh_version_get(void); +void ssh_version_set_addendum(const char *add); +#endif /* SSH_VERSION */ |
