diff options
| author | Dug Song <dugsong@cvs.openbsd.org> | 1999-09-29 18:16:24 +0000 |
|---|---|---|
| committer | Dug Song <dugsong@cvs.openbsd.org> | 1999-09-29 18:16:24 +0000 |
| commit | 18b0e3d63d164640aae60cdba4b8171c56a9e1f1 (patch) | |
| tree | c6a16fe7937f965dd34829c6c0effc5b80c2ba77 | |
| parent | 0d39821d0d77161333749fc800238b94cde1aef0 (diff) | |
update krb4/AFS support to ssh-1.2.27-afs-kerberos-pl1 level, clean up unused variables, update manpages
| -rw-r--r-- | usr.bin/ssh/Makefile.inc | 16 | ||||
| -rw-r--r-- | usr.bin/ssh/auth-krb4.c | 53 | ||||
| -rw-r--r-- | usr.bin/ssh/auth-passwd.c | 200 | ||||
| -rw-r--r-- | usr.bin/ssh/channels.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/config.h | 3 | ||||
| -rw-r--r-- | usr.bin/ssh/includes.h | 7 | ||||
| -rw-r--r-- | usr.bin/ssh/log-server.c | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/login.c | 8 | ||||
| -rw-r--r-- | usr.bin/ssh/packet.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/radix.c | 9 | ||||
| -rw-r--r-- | usr.bin/ssh/readconf.c | 27 | ||||
| -rw-r--r-- | usr.bin/ssh/readconf.h | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/rsa.c | 3 | ||||
| -rw-r--r-- | usr.bin/ssh/scp.c | 24 | ||||
| -rw-r--r-- | usr.bin/ssh/servconf.c | 40 | ||||
| -rw-r--r-- | usr.bin/ssh/servconf.h | 12 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-add/Makefile | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-agent/Makefile | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keygen/Makefile | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.1 | 23 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.c | 21 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.h | 13 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh/Makefile | 10 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect.c | 91 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.8 | 16 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.c | 59 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd/Makefile | 16 |
27 files changed, 312 insertions, 370 deletions
diff --git a/usr.bin/ssh/Makefile.inc b/usr.bin/ssh/Makefile.inc index ffd99f0b228..9f6045686bc 100644 --- a/usr.bin/ssh/Makefile.inc +++ b/usr.bin/ssh/Makefile.inc @@ -1,3 +1,17 @@ -CFLAGS+= -I${.OBJDIR} -I${.CURDIR}/.. -DKRB4 -I/usr/include/kerberosIV +CFLAGS+= -I${.OBJDIR} -I${.CURDIR}/.. + +.include <bsd.own.mk> # for KERBEROS and AFS + +.if (${KERBEROS} == "yes") +CFLAGS+= -DKRB4 -I/usr/include/kerberosIV +LDADD+= -lkrb +DPADD+= ${LIBKRB} +.endif + +.if (${AFS} == "yes") +CFLAGS+= -DAFS +LDADD+= -lkafs +DPADD+= ${LIBKRBAFS} +.endif USER_SHELLS = sh jsh ksh csh tcsh bash zsh ash diff --git a/usr.bin/ssh/auth-krb4.c b/usr.bin/ssh/auth-krb4.c index f6f1cbbce57..ba785786598 100644 --- a/usr.bin/ssh/auth-krb4.c +++ b/usr.bin/ssh/auth-krb4.c @@ -2,10 +2,11 @@ auth-kerberos.c - Hacked together by Dug Song <dugsong@umich.edu>. + Dug Song <dugsong@UMICH.EDU> - Kerberos authentication and ticket-passing routines. + Kerberos v4 authentication and ticket-passing routines. + $Id: auth-krb4.c,v 1.2 1999/09/29 18:16:18 dugsong Exp $ */ #include "includes.h" @@ -14,27 +15,24 @@ #include "ssh.h" #ifdef KRB4 -#include <sys/param.h> -#include <krb.h> - int ssh_tf_init(uid_t uid) { extern char *ticket; char *tkt_root = TKT_ROOT; struct stat st; int fd; - + /* Set unique ticket string manually since we're still root. */ ticket = xmalloc(MAXPATHLEN); #ifdef AFS if (lstat("/ticket", &st) != -1) tkt_root = "/ticket/"; #endif /* AFS */ - sprintf(ticket, "%.100s%d_%d", tkt_root, uid, getpid()); + snprintf(ticket, MAXPATHLEN, "%s%d_%d", tkt_root, uid, getpid()); (void) krb_set_tkt_string(ticket); /* Make sure we own this ticket file, and we created it. */ - if (lstat(ticket, &st) < 0 && errno == ENOENT) { + if (lstat(ticket, &st) == -1 && errno == ENOENT) { /* good, no ticket file exists. create it. */ if ((fd = open(ticket, O_RDWR|O_CREAT|O_EXCL, 0600)) != -1) { close(fd); @@ -48,7 +46,7 @@ int ssh_tf_init(uid_t uid) return 1; } /* Failure. */ - log("WARNING: bad ticket file %.100s", ticket); + log("WARNING: bad ticket file %s", ticket); return 0; } @@ -76,21 +74,20 @@ int auth_krb4(const char *server_user, KTEXT auth, char **client) instance[0] = '*'; instance[1] = 0; /* Get the encrypted request, challenge, and session key. */ - r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, 0, &adat, ""); - if (r != KSUCCESS) { + if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, 0, &adat, ""))) { packet_send_debug("Kerberos V4 krb_rd_req: %.100s", krb_err_txt[r]); return 0; } des_key_sched((des_cblock *)adat.session, schedule); *client = xmalloc(MAX_K_NAME_SZ); - sprintf(*client, "%.100s%.100s%.100s@%.100s", adat.pname, *adat.pinst ? "." : "", - adat.pinst, adat.prealm); + (void) snprintf(*client, MAX_K_NAME_SZ, "%s%s%s@%s", adat.pname, + *adat.pinst ? "." : "", adat.pinst, adat.prealm); /* Check ~/.klogin authorization now. */ if (kuserok(&adat, (char *)server_user) != KSUCCESS) { packet_send_debug("Kerberos V4 .klogin authorization failed!"); - log("Kerberos V4 .klogin authorization failed for %.100s to account %.100s", + log("Kerberos V4 .klogin authorization failed for %s to account %s", *client, server_user); return 0; } @@ -102,7 +99,7 @@ int auth_krb4(const char *server_user, KTEXT auth, char **client) message, admitting our failure. */ if ((r = krb_mk_priv((u_char *)&cksum, reply.dat, sizeof(cksum)+1, schedule, &adat.session, &local, &foreign)) < 0) { - packet_send_debug("Kerberos V4 mk_priv: (%d) %.100s", r, krb_err_txt[r]); + packet_send_debug("Kerberos V4 mk_priv: (%d) %s", r, krb_err_txt[r]); reply.dat[0] = 0; reply.length = 0; } @@ -121,11 +118,6 @@ int auth_krb4(const char *server_user, KTEXT auth, char **client) #endif /* KRB4 */ #ifdef AFS -#include <kafs.h> - - -#ifdef KERBEROS_TGT_PASSING - int auth_kerberos_tgt(struct passwd *pw, const char *string) { CREDENTIALS creds; @@ -141,19 +133,19 @@ int auth_kerberos_tgt(struct passwd *pw, const char *string) strcpy(creds.service, "krbtgt"); if (strcmp(creds.service, "krbtgt")) { - log("Kerberos V4 tgt (%.100s%.100s%.100s@%.100s) rejected for uid %d", + log("Kerberos V4 tgt (%s%s%s@%s) rejected for uid %d", creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm, pw->pw_uid); - packet_send_debug("Kerberos V4 tgt (%.100s%.100s%.100s@%.100s) rejected for uid %d", + packet_send_debug("Kerberos V4 tgt (%s%s%s@%s) rejected for uid %d", creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm, pw->pw_uid); goto auth_kerberos_tgt_failure; } if (!ssh_tf_init(pw->pw_uid) || (r = in_tkt(creds.pname, creds.pinst)) || - (r = save_credentials(creds.service,creds.instance,creds.realm, - creds.session,creds.lifetime,creds.kvno, - &creds.ticket_st,creds.issue_date))) { + (r = save_credentials(creds.service, creds.instance, creds.realm, + creds.session, creds.lifetime, creds.kvno, + &creds.ticket_st, creds.issue_date))) { xfree(ticket); ticket = NULL; packet_send_debug("Kerberos V4 tgt refused: couldn't save credentials"); @@ -161,7 +153,7 @@ int auth_kerberos_tgt(struct passwd *pw, const char *string) } /* Successful authentication, passed all checks. */ chown(ticket, pw->pw_uid, pw->pw_gid); - packet_send_debug("Kerberos V4 ticket accepted (%.100s.%.100s@%.100s, %.100s%.100s%.100s@%.100s)", + packet_send_debug("Kerberos V4 tgt accepted (%s.%s@%s, %s%s%s@%s)", creds.service, creds.instance, creds.realm, creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm); @@ -178,7 +170,6 @@ auth_kerberos_tgt_failure: packet_write_wait(); return 0; } -#endif /* KERBEROS_TGT_PASSING */ int auth_afs_token(char *server_user, uid_t uid, const char *string) { @@ -199,16 +190,16 @@ int auth_afs_token(char *server_user, uid_t uid, const char *string) uid = atoi(creds.pname + 7); if (kafs_settoken(creds.realm, uid, &creds)) { - log("AFS token (%.100s@%.100s) rejected for uid %d", - creds.pname, creds.realm, uid); - packet_send_debug("AFS token (%.100s@%.100s) rejected for uid %d", creds.pname, + log("AFS token (%s@%s) rejected for uid %d", creds.pname, + creds.realm, uid); + packet_send_debug("AFS token (%s@%s) rejected for uid %d", creds.pname, creds.realm, uid); packet_start(SSH_SMSG_FAILURE); packet_send(); packet_write_wait(); return 0; } - packet_send_debug("AFS token accepted (%.100s@%.100s, %.100s@%.100s)", creds.service, + packet_send_debug("AFS token accepted (%s@%s, %s@%s)", creds.service, creds.realm, creds.pname, creds.realm); packet_start(SSH_SMSG_SUCCESS); packet_send(); diff --git a/usr.bin/ssh/auth-passwd.c b/usr.bin/ssh/auth-passwd.c index 10d21ca0bf9..2b862b747e9 100644 --- a/usr.bin/ssh/auth-passwd.c +++ b/usr.bin/ssh/auth-passwd.c @@ -15,7 +15,7 @@ the password is valid for the user. */ #include "includes.h" -RCSID("$Id: auth-passwd.c,v 1.1 1999/09/26 20:53:33 deraadt Exp $"); +RCSID("$Id: auth-passwd.c,v 1.2 1999/09/29 18:16:19 dugsong Exp $"); #ifdef HAVE_SCO_ETC_SHADOW # include <sys/security.h> @@ -50,8 +50,6 @@ static int securid_initialized = 0; #endif /* HAVE_SECURID */ #ifdef KRB4 -#include <sys/param.h> -#include <krb.h> extern char *ticket; #endif /* KRB4 */ @@ -77,12 +75,101 @@ int auth_password(const char *server_user, const char *password) if (!pw) return 0; +#if defined(KRB4) + /* Support for Kerberos v4 authentication - Dug Song <dugsong@UMICH.EDU> */ + if (options.kerberos_authentication) + { + AUTH_DAT adata; + KTEXT_ST tkt; + struct hostent *hp; + unsigned long faddr; + char localhost[MAXHOSTNAMELEN]; /* local host name */ + char phost[INST_SZ]; /* host instance */ + char realm[REALM_SZ]; /* local Kerberos realm */ + int r; + + /* Try Kerberos password authentication only for non-root + users and only if Kerberos is installed. */ + if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { + + /* Set up our ticket file. */ + if (!ssh_tf_init(pw->pw_uid)) { + log("Couldn't initialize Kerberos ticket file for %s!", + server_user); + goto kerberos_auth_failure; + } + /* Try to get TGT using our password. */ + r = krb_get_pw_in_tkt((char *)server_user, "", realm, "krbtgt", realm, + DEFAULT_TKT_LIFE, (char *)password); + if (r != INTK_OK) { + packet_send_debug("Kerberos V4 password authentication for %s " + "failed: %s", server_user, krb_err_txt[r]); + goto kerberos_auth_failure; + } + /* Successful authentication. */ + chown(ticket, pw->pw_uid, pw->pw_gid); + + (void) gethostname(localhost, sizeof(localhost)); + (void) strncpy(phost, (char *)krb_get_phost(localhost), INST_SZ); + phost[INST_SZ-1] = 0; + + /* Now that we have a TGT, try to get a local "rcmd" ticket to + ensure that we are not talking to a bogus Kerberos server. */ + r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); + + if (r == KSUCCESS) { + if (!(hp = gethostbyname(localhost))) { + log("Couldn't get local host address!"); + goto kerberos_auth_failure; + } + memmove((void *)&faddr, (void *)hp->h_addr, sizeof(faddr)); + + /* Verify our "rcmd" ticket. */ + r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, faddr, &adata, ""); + if (r == RD_AP_UNDEC) { + /* Probably didn't have a srvtab on localhost. Allow login. */ + log("Kerberos V4 TGT for %s unverifiable, no srvtab installed? " + "krb_rd_req: %s", server_user, krb_err_txt[r]); + } + else if (r != KSUCCESS) { + log("Kerberos V4 %s ticket unverifiable: %s", + KRB4_SERVICE_NAME, krb_err_txt[r]); + goto kerberos_auth_failure; + } + } + else if (r == KDC_PR_UNKNOWN) { + /* Allow login if no rcmd service exists, but log the error. */ + log("Kerberos V4 TGT for %s unverifiable: %s; %s.%s " + "not registered, or srvtab is wrong?", server_user, + krb_err_txt[r], KRB4_SERVICE_NAME, phost); + } + else { + /* TGT is bad, forget it. Possibly spoofed! */ + packet_send_debug("WARNING: Kerberos V4 TGT possibly spoofed for" + "%s: %s", server_user, krb_err_txt[r]); + goto kerberos_auth_failure; + } + + /* Authentication succeeded. */ + return 1; + + kerberos_auth_failure: + (void) dest_tkt(); + xfree(ticket); + ticket = NULL; + if (!options.kerberos_or_local_passwd ) return 0; + } + else { + /* Logging in as root or no local Kerberos realm. */ + packet_send_debug("Unable to authenticate to Kerberos."); + } + /* Fall back to ordinary passwd authentication. */ + } +#endif /* KRB4 */ + #ifdef HAVE_SECURID /* Support for Security Dynamics SecurId card. Contributed by Donald McKillican <dmckilli@qc.bell.ca>. */ -#if defined(KRB4) - if (options.kerberos_or_local_passwd) -#endif /* KRB4 */ { /* * the way we decide if this user is a securid user or not is @@ -216,9 +303,6 @@ int auth_password(const char *server_user, const char *password) #endif /* HAVE_OSF1_C2_SECURITY */ /* Check for users with no password. */ -#if defined(KRB4) - if (options.kerberos_or_local_passwd) -#endif /* KRB4 */ if (strcmp(password, "") == 0 && strcmp(correct_passwd, "") == 0) { packet_send_debug("Login permitted without a password because the account has no password."); @@ -243,101 +327,5 @@ int auth_password(const char *server_user, const char *password) #endif /* HAVE_OSF1_C2_SECURITY */ /* Authentication is accepted if the encrypted passwords are identical. */ -#if defined(KRB4) - if (options.kerberos_or_local_passwd) -#endif /* KRB4 */ - if (strcmp(encrypted_password, correct_passwd) == 0) - return 1; /* Success */ - -#if defined(KRB4) - if (options.kerberos_authentication) - { - AUTH_DAT adata; - KTEXT_ST tkt; - struct hostent *hp; - unsigned long faddr; - char localhost[MAXHOSTNAMELEN]; /* local host name */ - char phost[INST_SZ]; /* host instance */ - char realm[REALM_SZ]; /* local Kerberos realm */ - int r; - - /* Try Kerberos password authentication only for non-root - users and only if Kerberos is installed. */ - if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { - - /* Set up our ticket file. */ - if (!ssh_tf_init(pw->pw_uid)) { - log("Couldn't initialize Kerberos ticket file for %.100s!", - server_user); - goto kerberos_auth_failure; - } - /* Try to get TGT using our password. */ - r = krb_get_pw_in_tkt(server_user, "", realm, "krbtgt", realm, - DEFAULT_TKT_LIFE, password); - if (r != INTK_OK) { - packet_send_debug("Kerberos V4 password authentication for %.100s " - "failed: %.100s", server_user, krb_err_txt[r]); - goto kerberos_auth_failure; - } - /* Successful authentication. */ - chown(ticket, pw->pw_uid, pw->pw_gid); - - (void) gethostname(localhost, sizeof(localhost)); - (void) strncpy(phost, (char *)krb_get_phost(localhost), INST_SZ); - phost[INST_SZ-1] = 0; - - /* Now that we have a TGT, try to get a local "rcmd" ticket to - ensure that we are not talking to a bogus Kerberos server. */ - r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); - - if (r == KSUCCESS) { - if (!(hp = gethostbyname(localhost))) { - log("Couldn't get local host address!"); - goto kerberos_auth_failure; - } - memmove((void *)&faddr, (void *)hp->h_addr, sizeof(faddr)); - - /* Verify our "rcmd" ticket. */ - r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, faddr, &adata, ""); - if (r == RD_AP_UNDEC) { - /* Probably didn't have a srvtab on localhost. Allow login. */ - log("Kerberos V4 TGT for %.100s unverifiable, no srvtab? " - "krb_rd_req: %.100s", server_user, krb_err_txt[r]); - } - else if (r != KSUCCESS) { - log("Kerberos V4 %.100s ticket unverifiable: %.100s", - KRB4_SERVICE_NAME, krb_err_txt[r]); - goto kerberos_auth_failure; - } - } - else if (r == KDC_PR_UNKNOWN) { - /* Allow login if no rcmd service exists, but log the error. */ - log("Kerberos V4 TGT for %.100s unverifiable: %.100s; %.100s.%.100s " - "not registered, or srvtab is wrong?", server_user, - krb_err_txt[r], KRB4_SERVICE_NAME, phost); - } - else { - /* TGT is bad, forget it. Possibly spoofed. */ - packet_send_debug("WARNING: Kerberos V4 TGT possibly spoofed for" - "%.100s: %.100s", server_user, krb_err_txt[r]); - goto kerberos_auth_failure; - } - - /* Authentication succeeded. */ - return 1; - - kerberos_auth_failure: - (void) dest_tkt(); - xfree(ticket); - ticket = NULL; - if (!options.kerberos_or_local_passwd ) return 0; - } - else /* Logging in as root or no local Kerberos realm. */ - packet_send_debug("Unable to authenticate to Kerberos."); - - /* Fall back to ordinary passwd authentication. */ - } -#endif /* KRB4 */ - - return 0; /* Fail */ + return (strcmp(encrypted_password, correct_passwd) == 0); } diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index a990bbd1088..92316549d7f 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -16,7 +16,7 @@ arbitrary tcp/ip connections, and the authentication agent connection. */ #include "includes.h" -RCSID("$Id: channels.c,v 1.4 1999/09/29 00:10:16 deraadt Exp $"); +RCSID("$Id: channels.c,v 1.5 1999/09/29 18:16:19 dugsong Exp $"); #ifndef HAVE_GETHOSTNAME #include <sys/utsname.h> @@ -1347,7 +1347,7 @@ void x11_request_forwarding_with_spoofing(const char *proto, const char *data) char *new_data; int screen_number; const char *cp; - u_int32_t rand; + u_int32_t rand = 0; cp = getenv("DISPLAY"); if (cp) diff --git a/usr.bin/ssh/config.h b/usr.bin/ssh/config.h index 848930f9813..3c846117070 100644 --- a/usr.bin/ssh/config.h +++ b/usr.bin/ssh/config.h @@ -226,9 +226,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } This can be done at configure time with the --with-afs argument. */ /* #undef AFS */ -/* Define this if you want to enable nonstandard krb4 TGT forwarding. */ -/* #undef KERBEROS_TGT_PASSING */ - /* Define this if you want to add optional compression support. */ #define WITH_ZLIB 1 diff --git a/usr.bin/ssh/includes.h b/usr.bin/ssh/includes.h index 67ee5551d75..bf125e2430e 100644 --- a/usr.bin/ssh/includes.h +++ b/usr.bin/ssh/includes.h @@ -13,7 +13,7 @@ This file includes most of the needed system headers. */ -/* RCSID("$Id: includes.h,v 1.2 1999/09/29 12:59:13 provos Exp $"); */ +/* RCSID("$Id: includes.h,v 1.3 1999/09/29 18:16:19 dugsong Exp $"); */ #ifndef INCLUDES_H #define INCLUDES_H @@ -56,6 +56,7 @@ YOU_LOSE #if defined(bsd_44) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__PARAGON__) #include <sys/param.h> #include <machine/endian.h> +#include <netgroup.h> #endif #if defined(linux) #include <endian.h> @@ -69,10 +70,6 @@ YOU_LOSE #include <assert.h> #include <signal.h> -#ifdef sparc -#undef HAVE_SYS_IOCTL_H -#endif - #ifdef HAVE_SYS_IOCTL_H #include <sys/ioctl.h> #endif /* HAVE_SYS_IOCTL_H */ diff --git a/usr.bin/ssh/log-server.c b/usr.bin/ssh/log-server.c index a5086b5df91..3967df2b45e 100644 --- a/usr.bin/ssh/log-server.c +++ b/usr.bin/ssh/log-server.c @@ -15,7 +15,7 @@ to the system log. */ #include "includes.h" -RCSID("$Id: log-server.c,v 1.1 1999/09/26 20:53:36 deraadt Exp $"); +RCSID("$Id: log-server.c,v 1.2 1999/09/29 18:16:19 dugsong Exp $"); #include <syslog.h> #ifdef NEED_SYS_SYSLOG_H @@ -228,8 +228,7 @@ void fatal(const char *fmt, ...) if (ticket) { if (strcmp(ticket,"none")) - /* ticket -> FILE:path */ - unlink(ticket + 5); + unlink(ticket); else ticket = NULL; } diff --git a/usr.bin/ssh/login.c b/usr.bin/ssh/login.c index 6386d45f99f..5fe7cfccba2 100644 --- a/usr.bin/ssh/login.c +++ b/usr.bin/ssh/login.c @@ -18,8 +18,11 @@ on a tty. */ #include "includes.h" -RCSID("$Id: login.c,v 1.1 1999/09/26 20:53:36 deraadt Exp $"); +RCSID("$Id: login.c,v 1.2 1999/09/29 18:16:19 dugsong Exp $"); +#ifdef HAVE_LIBUTIL_LOGIN +#include <util.h> +#endif /* HAVE_LIBUTIL_LOGIN */ #ifdef HAVE_UTMP_H #include <utmp.h> #ifdef HAVE_LASTLOG_H @@ -174,8 +177,7 @@ void record_login(int pid, const char *ttyname, const char *user, uid_t uid, #endif /* HAVE_LASTLOG_H || HAVE_LASTLOG */ #if defined(HAVE_UTMP_H) && !defined(HAVE_UTMPX_H) - struct utmp u, u2; - off_t offset; + struct utmp u; const char *utmp, *wtmp; /* Construct an utmp/wtmp entry. */ diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index 47594bb47ec..b4d31acfc16 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -15,7 +15,7 @@ with the other side. This same code is used both on client and server side. */ #include "includes.h" -RCSID("$Id: packet.c,v 1.2 1999/09/28 04:45:36 provos Exp $"); +RCSID("$Id: packet.c,v 1.3 1999/09/29 18:16:19 dugsong Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -313,7 +313,7 @@ packet_send() char buf[8], *cp; int i, padding, len; unsigned long checksum; - u_int32_t rand; + u_int32_t rand = 0; #ifdef WITH_ZLIB /* If using packet compression, compress the payload of the outgoing diff --git a/usr.bin/ssh/radix.c b/usr.bin/ssh/radix.c index ca1b82a72db..c1564383693 100644 --- a/usr.bin/ssh/radix.c +++ b/usr.bin/ssh/radix.c @@ -5,14 +5,13 @@ Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991 and placed in the public domain. - dugsong@UMICH.EDU + Dug Song <dugsong@UMICH.EDU> */ #include "includes.h" #ifdef AFS #include <krb.h> -#include <kafs.h> char six2pr[64] = { 'A','B','C','D','E','F','G','H','I','J','K','L','M', @@ -52,7 +51,7 @@ int uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded) int uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize) { /* single character decode */ -#define DEC(c) pr2six[c] +#define DEC(c) pr2six[(unsigned char)c] #define MAXVAL 63 static int first = 1; @@ -75,7 +74,7 @@ int uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize) If this would decode into more bytes than would fit into the output buffer, adjust the number of input bytes downwards. */ bufin = bufcoded; - while (pr2six[(unsigned char)*(bufin++)] <= MAXVAL); + while (DEC(*(bufin++)) <= MAXVAL); nprbytes = bufin - bufcoded - 1; nbytesdecoded = ((nprbytes+3)/4) * 3; if (nbytesdecoded > outbufsize) @@ -91,7 +90,7 @@ int uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize) nprbytes -= 4; } if (nprbytes & 03) { - if (pr2six[bufin[-2]] > MAXVAL) + if (DEC(bufin[-2]) > MAXVAL) nbytesdecoded -= 2; else nbytesdecoded -= 1; diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 46ab3c7e125..6f6f9d6c2cc 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -14,7 +14,7 @@ Functions for reading the configuration files. */ #include "includes.h" -RCSID("$Id: readconf.c,v 1.4 1999/09/29 17:52:12 deraadt Exp $"); +RCSID("$Id: readconf.c,v 1.5 1999/09/29 18:16:19 dugsong Exp $"); #include "ssh.h" #include "cipher.h" @@ -93,11 +93,8 @@ typedef enum #ifdef KRB4 oKerberosAuthentication, #endif /* KRB4 */ -#ifdef KERBEROS_TGT_PASSING - oKerberosTgtPassing, -#endif #ifdef AFS - oAFSTokenPassing, + oKerberosTgtPassing, oAFSTokenPassing, #endif oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, @@ -123,10 +120,8 @@ static struct #ifdef KRB4 { "kerberosauthentication", oKerberosAuthentication }, #endif /* KRB4 */ -#ifdef KERBEROS_TGT_PASSING - { "kerberostgtpassing", oKerberosTgtPassing }, -#endif #ifdef AFS + { "kerberostgtpassing", oKerberosTgtPassing }, { "afstokenpassing", oAFSTokenPassing }, #endif { "fallbacktorsh", oFallBackToRsh }, @@ -287,13 +282,11 @@ void process_config_line(Options *options, const char *host, goto parse_flag; #endif /* KRB4 */ -#ifdef KERBEROS_TGT_PASSING +#ifdef AFS case oKerberosTgtPassing: intptr = &options->kerberos_tgt_passing; goto parse_flag; -#endif -#ifdef AFS case oAFSTokenPassing: intptr = &options->afs_token_passing; goto parse_flag; @@ -574,10 +567,8 @@ void initialize_options(Options *options) #ifdef KRB4 options->kerberos_authentication = -1; #endif -#ifdef KERBEROS_TGT_PASSING - options->kerberos_tgt_passing = -1; -#endif #ifdef AFS + options->kerberos_tgt_passing = -1; options->afs_token_passing = -1; #endif options->password_authentication = -1; @@ -625,15 +616,13 @@ void fill_default_options(Options *options) #ifdef KRB4 if (options->kerberos_authentication == -1) options->kerberos_authentication = 1; -#endif -#ifdef KERBEROS_TGT_PASSING +#endif /* KRB4 */ +#ifdef AFS if (options->kerberos_tgt_passing == -1) options->kerberos_tgt_passing = 1; -#endif -#ifdef AFS if (options->afs_token_passing == -1) options->afs_token_passing = 1; -#endif +#endif /* AFS */ if (options->password_authentication == -1) options->password_authentication = 1; if (options->rhosts_rsa_authentication == -1) diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h index 079e20325a4..4e416728f92 100644 --- a/usr.bin/ssh/readconf.h +++ b/usr.bin/ssh/readconf.h @@ -13,7 +13,7 @@ Functions for reading the configuration file. */ -/* RCSID("$Id: readconf.h,v 1.2 1999/09/29 00:10:16 deraadt Exp $"); */ +/* RCSID("$Id: readconf.h,v 1.3 1999/09/29 18:16:20 dugsong Exp $"); */ #ifndef READCONF_H #define READCONF_H @@ -40,10 +40,8 @@ typedef struct #ifdef KRB4 int kerberos_authentication; /* Try Kerberos authentication. */ #endif -#ifdef KERBEROS_TGT_PASSING - int kerberos_tgt_passing; /* Try Kerberos tgt passing. */ -#endif #ifdef AFS + int kerberos_tgt_passing; /* Try Kerberos tgt passing. */ int afs_token_passing; /* Try AFS token passing. */ #endif int password_authentication; /* Try password authentication. */ diff --git a/usr.bin/ssh/rsa.c b/usr.bin/ssh/rsa.c index 2b3d565ac33..ac219a5b4e3 100644 --- a/usr.bin/ssh/rsa.c +++ b/usr.bin/ssh/rsa.c @@ -35,7 +35,7 @@ Description of the RSA algorithm can be found e.g. from the following sources: */ #include "includes.h" -RCSID("$Id: rsa.c,v 1.2 1999/09/29 06:15:00 deraadt Exp $"); +RCSID("$Id: rsa.c,v 1.3 1999/09/29 18:16:20 dugsong Exp $"); #include "rsa.h" #include "ssh.h" @@ -47,7 +47,6 @@ int rsa_alive() { RSA *key; - extern char *__progname; key = RSA_generate_key(32, 3, NULL, NULL); if (key == NULL) diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c index 8ab7174840f..e6667029eff 100644 --- a/usr.bin/ssh/scp.c +++ b/usr.bin/ssh/scp.c @@ -42,11 +42,11 @@ and ssh has the necessary privileges.) * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: scp.c,v 1.1 1999/09/26 20:53:37 deraadt Exp $ + * $Id: scp.c,v 1.2 1999/09/29 18:16:20 dugsong Exp $ */ #include "includes.h" -RCSID("$Id: scp.c,v 1.1 1999/09/26 20:53:37 deraadt Exp $"); +RCSID("$Id: scp.c,v 1.2 1999/09/29 18:16:20 dugsong Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -78,11 +78,6 @@ struct utimbuf #define STDERR_FILENO 2 #endif -#if defined(KERBEROS_TGT_PASSING) || defined(AFS) -/* This is set to non-zero to disable authentication forwarding. */ -int nofwd = 0; -#endif - /* This is set to non-zero to enable verbose mode. */ int verbose = 0; @@ -153,10 +148,6 @@ int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) args[i++] = "-C"; if (batchmode) args[i++] = "-oBatchMode yes"; -#if defined(KERBEROS_TGT_PASSING) || defined(AFS) - if (nofwd) - args[i++] = "-k"; -#endif if (cipher != NULL) { args[i++] = "-c"; @@ -251,11 +242,7 @@ main(argc, argv) extern int optind; fflag = tflag = 0; -#if defined(KERBEROS_TGT_PASSING) || defined(AFS) - while ((ch = getopt(argc, argv, "kdfprtvBCc:i:P:")) != EOF) -#else while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:")) != EOF) -#endif switch(ch) { /* User-visible flags. */ case 'p': pflag = 1; @@ -267,11 +254,6 @@ main(argc, argv) iamrecursive = 1; break; /* Server options. */ -#if defined(KERBEROS_TGT_PASSING) || defined(AFS) - case 'k': - nofwd = 1; - break; -#endif case 'd': targetshouldbedirectory = 1; break; @@ -975,7 +957,7 @@ run_err(const char *fmt, ...) * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: scp.c,v 1.1 1999/09/26 20:53:37 deraadt Exp $ + * $Id: scp.c,v 1.2 1999/09/29 18:16:20 dugsong Exp $ */ char * diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index aef557bb0f8..fd32e82755f 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -12,7 +12,7 @@ Created: Mon Aug 21 15:48:58 1995 ylo */ #include "includes.h" -RCSID("$Id: servconf.c,v 1.3 1999/09/29 00:10:16 deraadt Exp $"); +RCSID("$Id: servconf.c,v 1.4 1999/09/29 18:16:20 dugsong Exp $"); #include "ssh.h" #include "servconf.h" @@ -46,14 +46,10 @@ void initialize_server_options(ServerOptions *options) #ifdef KRB4 options->kerberos_authentication = -1; options->kerberos_or_local_passwd = -1; -#endif -#if defined(KRB4) || defined(AFS) options->kerberos_ticket_cleanup = -1; #endif -#ifdef KERBEROS_TGT_PASSING - options->kerberos_tgt_passing = -1; -#endif #ifdef AFS + options->kerberos_tgt_passing = -1; options->afs_token_passing = -1; #endif options->password_authentication = -1; @@ -116,19 +112,15 @@ void fill_default_server_options(ServerOptions *options) options->kerberos_authentication = 1; if (options->kerberos_or_local_passwd == -1) options->kerberos_or_local_passwd = 0; -#endif -#if defined(KRB4) || defined(AFS) if (options->kerberos_ticket_cleanup == -1) options->kerberos_ticket_cleanup = 1; -#endif -#ifdef KERBEROS_TGT_PASSING +#endif /* KRB4 */ +#ifdef AFS if (options->kerberos_tgt_passing == -1) options->kerberos_tgt_passing = 0; -#endif -#ifdef AFS if (options->afs_token_passing == -1) options->afs_token_passing = 1; -#endif +#endif /* AFS */ if (options->password_authentication == -1) options->password_authentication = 1; if (options->permit_empty_passwd == -1) @@ -144,16 +136,10 @@ typedef enum sPermitRootLogin, sQuietMode, sFascistLogging, sLogFacility, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, #ifdef KRB4 - sKerberosAuthentication, sKerberosOrLocalPasswd, -#endif -#if defined(KRB4) || defined(AFS) - sKerberosTicketCleanup, -#endif -#ifdef KERBEROS_TGT_PASSING - sKerberosTgtPassing, + sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, #endif #ifdef AFS - sAFSTokenPassing, + sKerberosTgtPassing, sAFSTokenPassing, #endif sPasswordAuthentication, sAllowHosts, sDenyHosts, sListenAddress, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, @@ -182,14 +168,10 @@ static struct #ifdef KRB4 { "kerberosauthentication", sKerberosAuthentication }, { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, -#endif -#if defined(KRB4) || defined(AFS) { "kerberosticketcleanup", sKerberosTicketCleanup }, #endif -#ifdef KERBEROS_TGT_PASSING - { "kerberostgtpassing", sKerberosTgtPassing }, -#endif #ifdef AFS + { "kerberostgtpassing", sKerberosTgtPassing }, { "afstokenpassing", sAFSTokenPassing }, #endif { "passwordauthentication", sPasswordAuthentication }, @@ -396,21 +378,17 @@ void read_server_config(ServerOptions *options, const char *filename) case sKerberosOrLocalPasswd: intptr = &options->kerberos_or_local_passwd; goto parse_flag; -#endif -#if defined(KRB4) || defined(AFS) case sKerberosTicketCleanup: intptr = &options->kerberos_ticket_cleanup; goto parse_flag; #endif -#ifdef KERBEROS_TGT_PASSING +#ifdef AFS case sKerberosTgtPassing: intptr = &options->kerberos_tgt_passing; goto parse_flag; -#endif -#ifdef AFS case sAFSTokenPassing: intptr = &options->afs_token_passing; goto parse_flag; diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h index f5413d6bbe1..71d9be8832e 100644 --- a/usr.bin/ssh/servconf.h +++ b/usr.bin/ssh/servconf.h @@ -13,7 +13,7 @@ Definitions for server configuration data and for the functions reading it. */ -/* RCSID("$Id: servconf.h,v 1.2 1999/09/28 07:56:47 deraadt Exp $"); */ +/* RCSID("$Id: servconf.h,v 1.3 1999/09/29 18:16:20 dugsong Exp $"); */ #ifndef SERVCONF_H #define SERVCONF_H @@ -45,15 +45,13 @@ typedef struct int rsa_authentication; /* If true, permit RSA authentication. */ #ifdef KRB4 int kerberos_authentication; /* If true, permit Kerberos authentication. */ - int kerberos_or_local_passwd; -#endif -#if defined(KRB4) || defined(AFS) + int kerberos_or_local_passwd; /* If true, permit kerberos and any other + password authentication mechanism, such + as SecurID or /etc/passwd */ int kerberos_ticket_cleanup; /* If true, destroy ticket file on logout. */ #endif -#ifdef KERBEROS_TGT_PASSING - int kerberos_tgt_passing; /* If true, permit Kerberos tgt passing. */ -#endif #ifdef AFS + int kerberos_tgt_passing; /* If true, permit Kerberos tgt passing. */ int afs_token_passing; /* If true, permit AFS token passing. */ #endif int password_authentication; /* If true, permit password authentication. */ diff --git a/usr.bin/ssh/ssh-add/Makefile b/usr.bin/ssh/ssh-add/Makefile index 73ab77826c0..b40858b8e77 100644 --- a/usr.bin/ssh/ssh-add/Makefile +++ b/usr.bin/ssh/ssh-add/Makefile @@ -4,8 +4,8 @@ PROG= ssh-add BINOWN= root BINMODE=555 BINDIR= /usr/bin -LDADD= -lkrb -lcrypto -ldes -lutil -lz -DPADD= ${LIBKRB} ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} +LDADD= -lcrypto -ldes -lutil -lz +DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= ssh-add.1 SRCS= ssh-add.c log-client.c readpass.c rsa.c ssh_md5.c buffer.c \ diff --git a/usr.bin/ssh/ssh-agent/Makefile b/usr.bin/ssh/ssh-agent/Makefile index 8306e1a36cf..e39b07c457c 100644 --- a/usr.bin/ssh/ssh-agent/Makefile +++ b/usr.bin/ssh/ssh-agent/Makefile @@ -4,8 +4,8 @@ PROG= ssh-agent BINOWN= root BINMODE=555 BINDIR= /usr/bin -LDADD= -lkrb -lcrypto -ldes -lutil -lz -DPADD= ${LIBKRB} ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} +LDADD= -lcrypto -ldes -lutil -lz +DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= ssh-agent.1 SRCS= ssh-agent.c log-client.c rsa.c ssh_md5.c buffer.c \ diff --git a/usr.bin/ssh/ssh-keygen/Makefile b/usr.bin/ssh/ssh-keygen/Makefile index b0dcbdce4a2..42620bc8b9b 100644 --- a/usr.bin/ssh/ssh-keygen/Makefile +++ b/usr.bin/ssh/ssh-keygen/Makefile @@ -4,8 +4,8 @@ PROG= ssh-keygen BINOWN= root BINMODE=555 BINDIR= /usr/bin -LDADD= -lkrb -lcrypto -ldes -lutil -lz -DPADD= ${LIBKRB} ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} +LDADD= -lcrypto -ldes -lutil -lz +DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= ssh-keygen.1 SRCS= ssh-keygen.c log-client.c readpass.c rsa.c ssh_md5.c \ diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index 19999b4c2cc..37b972ddfcd 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 21:55:14 1995 ylo .\" -.\" $Id: ssh.1,v 1.3 1999/09/29 00:10:16 deraadt Exp $ +.\" $Id: ssh.1,v 1.4 1999/09/29 18:16:20 dugsong Exp $ .\" .Dd September 25, 1999 .Dt SSH 1 @@ -24,7 +24,7 @@ .Op Ar command .Pp .Nm ssh -.Op Fl gknqtvxXC +.Op Fl agknqtvxXC .Op Fl c Ar blowfish|idea|des|3des|none .Op Fl e Ar escape_char .Op Fl i Ar identity_file @@ -250,6 +250,9 @@ option (see below) can be used to prevent logins to machines whose host key is not known or has changed. .Sh OPTIONS .Bl -tag -width Ds +.It Fl a +Disables forwarding of the authentication agent connection. This may +also be specified on a per-host basis in the configuration file. .It Fl c Ar blowfish|idea|des|3des|none Selects the cipher to use for encrypting the session. .Ar 3des @@ -299,7 +302,7 @@ configuration files). .It Fl g Allows remote hosts to connect to local forwarded ports. .It Fl k -Disables forwarding of Kerberos tickets / AFS tokens. This may +Disables forwarding of Kerberos tickets and AFS tokens. This may also be specified on a per-host basis in the configuration file. .It Fl l Ar login_name Specifies the user to log in as on the remote machine. This may also @@ -557,10 +560,18 @@ To disable keepalives, the value should be set to .Dq no in both the server and the client configuration files. .It Cm KerberosAuthentication -Specifies whether Kerberos authentication will be used. +Specifies whether Kerberos authentication will be used. The argument to +this keyword must be +.Dq yes +or +.Dq no . .It Cm KerberosTgtPassing -Specifies whether a Kerberos TGT will be forwarded to the server. -Note that TGT forwarding is normally not enabled in the server. +Specifies whether a Kerberos TGT will be forwarded to the server. This +will only work if the Kerberos server is actually an AFS kaserver. The +argument to this keyword must be +.Dq yes +or +.Dq no . .It Cm LocalForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel to given host:port from the remote machine. The diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 23003bc489b..0ff702eba61 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -18,7 +18,7 @@ Modified to work with SSL by Niels Provos <provos@citi.umich.edu> in Canada. */ #include "includes.h" -RCSID("$Id: ssh.c,v 1.8 1999/09/29 12:16:35 provos Exp $"); +RCSID("$Id: ssh.c,v 1.9 1999/09/29 18:16:20 dugsong Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -88,9 +88,9 @@ usage() fprintf(stderr, " -l user Log in using this user name.\n"); fprintf(stderr, " -n Redirect input from /dev/null.\n"); fprintf(stderr, " -a Disable authentication agent forwarding.\n"); -#if defined(KERBEROS_TGT_PASSING) || defined(AFS) - fprintf(stderr, " This also disables passing of AFS tokens/Kerberos tickets.\n"); -#endif /* KERBEROS_TGT_PASSING || AFS */ +#ifdef AFS + fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n"); +#endif /* AFS */ fprintf(stderr, " -x Disable X11 connection forwarding.\n"); fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); @@ -179,7 +179,7 @@ main(int ac, char **av) struct stat st; struct passwd *pw, pwcopy; int interactive = 0, dummy; - uid_t original_real_uid; + static uid_t original_real_uid; uid_t original_effective_uid; int plen; @@ -298,14 +298,13 @@ main(int ac, char **av) case 'a': options.forward_agent = 0; -#ifdef KERBEROS_TGT_PASSING - options.kerberos_tgt_passing = 0; -#endif + break; #ifdef AFS + case 'k': + options.kerberos_tgt_passing = 0; options.afs_token_passing = 0; -#endif break; - +#endif case 'i': if (stat(optarg, &st) < 0) { @@ -726,7 +725,7 @@ main(int ac, char **av) otherwise for the local connection. */ if (!got_data) { - u_int32_t rand; + u_int32_t rand = 0; strcpy(proto, "MIT-MAGIC-COOKIE-1"); for (i = 0; i < 16; i++) { diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h index 8c62180e4a4..95f95a74732 100644 --- a/usr.bin/ssh/ssh.h +++ b/usr.bin/ssh/ssh.h @@ -13,7 +13,7 @@ Generic header file for ssh. */ -/* RCSID("$Id: ssh.h,v 1.3 1999/09/28 04:45:37 provos Exp $"); */ +/* RCSID("$Id: ssh.h,v 1.4 1999/09/29 18:16:21 dugsong Exp $"); */ #ifndef SSH_H #define SSH_H @@ -586,13 +586,22 @@ struct envstring { #ifdef KRB4 #include <krb.h> -int ssh_tf_init(uid_t uid); +/* Performs Kerberos v4 mutual authentication with the client. This returns + 0 if the client could not be authenticated, and 1 if authentication was + successful. This may exit if there is a serious protocol violation. */ int auth_krb4(const char *server_user, KTEXT auth, char **client); +int ssh_tf_init(uid_t uid); + +#ifdef AFS +#include <kafs.h> + +/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */ int auth_kerberos_tgt(struct passwd *pw, const char *string); int auth_afs_token(char *server_user, uid_t uid, const char *string); int creds_to_radix(CREDENTIALS *creds, unsigned char *buf); int radix_to_creds(const char *buf, CREDENTIALS *creds); +#endif /* AFS */ #endif /* KRB4 */ diff --git a/usr.bin/ssh/ssh/Makefile b/usr.bin/ssh/ssh/Makefile index 6d131b806c9..301b8710c14 100644 --- a/usr.bin/ssh/ssh/Makefile +++ b/usr.bin/ssh/ssh/Makefile @@ -4,8 +4,8 @@ PROG= ssh BINOWN= root BINMODE=4555 BINDIR= /usr/bin -LDADD= -lkrb -lcrypto -ldes -lutil -lz -DPADD= ${LIBKRB} ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} +LDADD= -lcrypto -ldes -lutil -lz +DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= ssh.1 LINKS= ${BINDIR}/ssh ${BINDIR}/slogin MLINKS= ssh.1 slogin.1 @@ -16,6 +16,12 @@ SRCS= ssh.c sshconnect.c log-client.c readconf.c hostfile.c readpass.c \ authfd.c authfile.c crc32.c match.c mpaux.c minfd.c cipher.c \ compress.c +.include <bsd.own.mk> # for AFS + +.if (${AFS} == "yes") +SRCS+= radix.c +.endif + gen_minfd: gen_minfd.c minfd.o: minfd.h minfd.h: gen_minfd diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 1f276f08fc5..d40ca7a4d5c 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -15,7 +15,7 @@ login (authentication) dialog. */ #include "includes.h" -RCSID("$Id: sshconnect.c,v 1.4 1999/09/29 15:52:55 provos Exp $"); +RCSID("$Id: sshconnect.c,v 1.5 1999/09/29 18:16:21 dugsong Exp $"); #include <ssl/bn.h> #include "xmalloc.h" @@ -28,19 +28,6 @@ RCSID("$Id: sshconnect.c,v 1.4 1999/09/29 15:52:55 provos Exp $"); #include "mpaux.h" #include "uidswap.h" -#ifdef KRB4 -#include <krb.h> -#ifdef AFS -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4 -#include <sys/ioctl.h> -#endif -#ifdef HAVE_SYS_FILIO_H -#include <sys/filio.h> -#endif -#include <kafs.h> -#endif /* AFS */ -#endif /* KRB4 */ - /* Session id for the current session. */ unsigned char session_id[16]; @@ -158,7 +145,6 @@ int ssh_create_socket(uid_t original_real_uid, int privileged) bind our own socket to a privileged port. */ if (privileged) { - struct sockaddr_in sin; int p = IPPORT_RESERVED - 1; sock = rresvport(&p); @@ -690,23 +676,21 @@ int try_kerberos_authentication() char inst[INST_SZ]; char *realm; CREDENTIALS cred; - int r, type; + int r, type, plen; Key_schedule schedule; u_long checksum, cksum; MSG_DAT msg_data; struct sockaddr_in local, foreign; struct stat st; - int plen; /* Don't do anything if we don't have any tickets. */ if (stat(tkt_string(), &st) < 0) return 0; - debug("Trying Kerberos authentication."); strncpy(inst, (char *) krb_get_phost(get_canonical_hostname()), INST_SZ); realm = (char *)krb_realmofhost(get_canonical_hostname()); if (!realm) { - debug("Kerberos V4: no realm for %.100s", get_canonical_hostname()); + debug("Kerberos V4: no realm for %s", get_canonical_hostname()); return 0; } /* This can really be anything. */ @@ -714,13 +698,13 @@ int try_kerberos_authentication() r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum); if (r != KSUCCESS) { - debug("Kerberos V4 krb_mk_req failed: %.100s", krb_err_txt[r]); + debug("Kerberos V4 krb_mk_req failed: %s", krb_err_txt[r]); return 0; } /* Get session key to decrypt the server's reply with. */ r = krb_get_cred(KRB4_SERVICE_NAME, inst, realm, &cred); if (r != KSUCCESS) { - debug("get_cred failed: %.100s", krb_err_txt[r]); + debug("get_cred failed: %s", krb_err_txt[r]); return 0; } des_key_sched((des_cblock *)cred.session, schedule); @@ -731,20 +715,20 @@ int try_kerberos_authentication() packet_send(); packet_write_wait(); - /* zero the buffer */ + /* Zero the buffer. */ (void) memset(auth.dat, 0, MAX_KTXT_LEN); r = sizeof(local); memset(&local, 0, sizeof(local)); if (getsockname(packet_get_connection_in(), (struct sockaddr *) &local, &r) < 0) - debug("getsockname failed: %.100s", strerror(errno)); + debug("getsockname failed: %s", strerror(errno)); r = sizeof(foreign); memset(&foreign, 0, sizeof(foreign)); if (getpeername(packet_get_connection_in(), (struct sockaddr *)&foreign, &r) < 0) - debug("getpeername failed: %.100s", strerror(errno)); + debug("getpeername failed: %s", strerror(errno)); /* Get server reply. */ type = packet_read(&plen); @@ -770,10 +754,10 @@ int try_kerberos_authentication() r = krb_rd_priv(auth.dat, auth.length, schedule, &cred.session, &foreign, &local, &msg_data); if (r != KSUCCESS) { - debug("Kerberos V4 krb_rd_priv failed: %.100s", krb_err_txt[r]); + debug("Kerberos V4 krb_rd_priv failed: %s", krb_err_txt[r]); packet_disconnect("Kerberos V4 challenge failed!"); } - /* fetch the (incremented) checksum that we supplied in the request */ + /* Fetch the (incremented) checksum that we supplied in the request. */ (void)memcpy((char *)&cksum, (char *)msg_data.app_data, sizeof(cksum)); cksum = ntohl(cksum); @@ -794,31 +778,29 @@ int try_kerberos_authentication() #endif /* KRB4 */ #ifdef AFS - -#ifdef KERBEROS_TGT_PASSING int send_kerberos_tgt() { CREDENTIALS *creds; char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; - int r, plen, type; + int r, type, plen; unsigned char buffer[8192]; struct stat st; /* Don't do anything if we don't have any tickets. */ if (stat(tkt_string(), &st) < 0) return 0; - creds = xmalloc(sizeof(CREDENTIALS)); + creds = xmalloc(sizeof(*creds)); - if ((r=krb_get_tf_fullname(TKT_FILE,pname,pinst,prealm)) != KSUCCESS) { - debug("Kerberos V4 tf_fullname failed: %.100s",krb_err_txt[r]); + if ((r = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm)) != KSUCCESS) { + debug("Kerberos V4 tf_fullname failed: %s",krb_err_txt[r]); return 0; -} - if ((r=krb_get_cred("krbtgt", prealm, prealm, creds)) != GC_OK) { - debug("Kerberos V4 get_cred failed: %.100s", krb_err_txt[r]); + } + if ((r = krb_get_cred("krbtgt", prealm, prealm, creds)) != GC_OK) { + debug("Kerberos V4 get_cred failed: %s", krb_err_txt[r]); return 0; } if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) { - debug("Kerberos V4 ticket expired: %.100s", TKT_FILE); + debug("Kerberos V4 ticket expired: %s", TKT_FILE); return 0; } @@ -831,24 +813,21 @@ int send_kerberos_tgt() packet_write_wait(); type = packet_read(&plen); - + if (type == SSH_SMSG_FAILURE) - debug("Kerberos TGT for realm %.100s rejected.", prealm); + debug("Kerberos TGT for realm %s rejected.", prealm); else if (type != SSH_SMSG_SUCCESS) packet_disconnect("Protocol error on Kerberos TGT response: %d", type); return 1; } -#endif /* KERBEROS_TGT_PASSING */ -/* Forwards our AFS tokens to the server. */ void send_afs_tokens(void) { CREDENTIALS creds; struct ViceIoctl parms; struct ClearToken ct; - int i, type; - int len, plen; + int i, type, len, plen; char buf[2048], *p, *server_cell; unsigned char buffer[8192]; @@ -885,7 +864,7 @@ void send_afs_tokens(void) creds.issue_date = ct.BeginTimestamp; creds.lifetime = krb_time_to_life(creds.issue_date, ct.EndTimestamp); creds.kvno = ct.AuthHandle; - sprintf(creds.pname, "AFS ID %d", ct.ViceId); + snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId); creds.pinst[0] = '\0'; /* Encode token, ship it off. */ @@ -899,7 +878,7 @@ void send_afs_tokens(void) type = packet_read(&plen); if (type == SSH_SMSG_FAILURE) - debug("AFS token for cell %.100s rejected.", server_cell); + debug("AFS token for cell %s rejected.", server_cell); else if (type != SSH_SMSG_SUCCESS) packet_disconnect("Protocol error on AFS token response: %d", type); } @@ -1022,7 +1001,6 @@ void ssh_login(int host_key_valid, Options *options, uid_t original_real_uid) { int i, type; - char buf[1024]; char *password; struct passwd *pw; BIGNUM *key; @@ -1031,12 +1009,11 @@ void ssh_login(int host_key_valid, unsigned char session_key[SSH_SESSION_KEY_LENGTH]; const char *server_user, *local_user; char *cp, *host; - struct stat st; unsigned char check_bytes[8]; unsigned int supported_ciphers, supported_authentications, protocol_flags; HostStatus host_status; int payload_len, clen, sum_len = 0; - u_int32_t rand; + u_int32_t rand = 0; /* Convert the user-supplied hostname into all lowercase. */ host = xstrdup(orighost); @@ -1315,17 +1292,16 @@ void ssh_login(int host_key_valid, packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type); -#ifdef KERBEROS_TGT_PASSING +#ifdef AFS /* Try Kerberos tgt passing if the server supports it. */ if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && - options->kerberos_tgt_passing) { - if (options->cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); - (void)send_kerberos_tgt(); - } -#endif /* KERBEROS_TGT_PASSING */ - -#ifdef AFS + options->kerberos_tgt_passing) + { + if (options->cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); + (void)send_kerberos_tgt(); + } + /* Try AFS token passing if the server supports it. */ if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) && options->afs_token_passing && k_hasafs()) { @@ -1335,10 +1311,11 @@ void ssh_login(int host_key_valid, } #endif /* AFS */ -#if defined(KRB4) +#ifdef KRB4 if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && options->kerberos_authentication) { + debug("Trying Kerberos authentication."); if (try_kerberos_authentication()) { /* The server should respond with success or failure. */ type = packet_read(&payload_len); diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8 index 8635376a5a4..5740feaeda1 100644 --- a/usr.bin/ssh/sshd.8 +++ b/usr.bin/ssh/sshd.8 @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 21:55:14 1995 ylo .\" -.\" $Id: sshd.8,v 1.2 1999/09/26 22:30:06 deraadt Exp $ +.\" $Id: sshd.8,v 1.3 1999/09/29 18:16:21 dugsong Exp $ .\" .Dd September 25, 1999 .Dt SSHD 8 @@ -165,9 +165,9 @@ and empty lines are interpreted as comments. The following keywords are possible. .Bl -tag -width Ds .It Cm AFSTokenPassing -Specifies whether to accept AFS tokens passed from the client. Default -is +Specifies whether an AFS token may be forwarded to the server. Default is .Dq yes . +.Pp .It Cm AllowHosts This keyword can be followed by any number of host name patterns, separated by spaces. If specified, login is allowed only from hosts @@ -232,7 +232,8 @@ in both the server and the client configuration files. Specifies whether Kerberos authentication is allowed. This can be in the form of a Kerberos ticket, or if PasswordAuthentication is yes, the password provided by the user will be validated through -the Kerberos KDC / AFS kaserver / DCE Security Server. Default is yes. +the Kerberos KDC. Default is +.Dq yes . .It Cm KerberosOrLocalPasswd If set then if password authentication through Kerberos fails then the password will be validated via any additional local mechanism @@ -242,10 +243,13 @@ or SecurID. Default is .Dq no . .It Cm KerberosTgtPassing Specifies whether a Kerberos TGT may be forwarded to the server. -Default is no, TGT forwarding does only work with the AFS kaserver. +Default is +.Dq no , +as this only works when the Kerberos KDC is actually an AFS kaserver. .It Cm KerberosTicketCleanup Specifies whether to automatically destroy the user's -ticket cache file on logout. Default is yes. +ticket cache file on logout. Default is +.Dq yes . .It Cm KeyRegenerationInterval The server key is automatically regenerated after this many seconds (if it has been used). The purpose of regeneration is to prevent diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 172942d3973..3d0d4a49e2f 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.4 1999/09/29 17:42:10 deraadt Exp $"); +RCSID("$Id: sshd.c,v 1.5 1999/09/29 18:16:21 dugsong Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -66,12 +66,7 @@ int deny_severity = LOG_WARNING; #endif #ifdef KRB4 -#include <sys/param.h> -#include <krb.h> char *ticket = NULL; -#ifdef AFS -#include <kafs.h> -#endif /* AFS */ #endif /* KRB4 */ /* Local Xauthority file. */ @@ -794,7 +789,7 @@ void do_connection(int privileged_port) char *user; unsigned int cipher_type, auth_mask, protocol_flags; int plen, slen; - u_int32_t rand; + u_int32_t rand = 0; /* Generate check bytes that the client must send back in the user packet in order for it to be accepted; this is used to defy ip spoofing @@ -844,11 +839,9 @@ void do_connection(int privileged_port) if (options.kerberos_authentication && (access(KEYFILE, R_OK) == 0)) auth_mask |= 1 << SSH_AUTH_KERBEROS; #endif -#ifdef KERBEROS_TGT_PASSING +#ifdef AFS if (options.kerberos_tgt_passing) auth_mask |= 1 << SSH_PASS_KERBEROS_TGT; -#endif -#ifdef AFS if (options.afs_token_passing && k_hasafs()) auth_mask |= 1 << SSH_PASS_AFS_TOKEN; #endif @@ -1066,25 +1059,25 @@ do_authentication(char *user, int privileged_port) switch (type) { -#ifdef KERBEROS_TGT_PASSING +#ifdef AFS case SSH_CMSG_HAVE_KERBEROS_TGT: if (!options.kerberos_tgt_passing) { + /* packet_get_all(); */ log("Kerberos tgt passing disabled."); break; } - /* Accept Kerberos tgt. */ - { + else { + /* Accept Kerberos tgt. */ int dlen; - char *data = packet_get_string(&dlen); + char *tgt = packet_get_string(&dlen); packet_integrity_check(plen, 4 + dlen, type); - if (!auth_kerberos_tgt(pw, data)) - debug("Kerberos tgt REFUSED for %.100s", user); + if (!auth_kerberos_tgt(pw, tgt)) + debug("Kerberos tgt REFUSED for %s", user); + xfree(tgt); } continue; -#endif /* KERBEROS_TGT_PASSING */ - -#ifdef AFS + case SSH_CMSG_HAVE_AFS_TOKEN: if (!options.afs_token_passing || !k_hasafs()) { /* packet_get_all(); */ @@ -1097,7 +1090,7 @@ do_authentication(char *user, int privileged_port) char *token_string = packet_get_string(&dlen); packet_integrity_check(plen, 4 + dlen, type); if (!auth_afs_token(user, pw->pw_uid, token_string)) - debug("AFS token REFUSED for %.100s", user); + debug("AFS token REFUSED for %s", user); xfree(token_string); continue; } @@ -1107,31 +1100,33 @@ do_authentication(char *user, int privileged_port) case SSH_CMSG_AUTH_KERBEROS: if (!options.kerberos_authentication) { + /* packet_get_all(); */ log("Kerberos authentication disabled."); break; } - { + else { /* Try Kerberos v4 authentication. */ KTEXT_ST auth; char *tkt_user = NULL; char *kdata = packet_get_string((unsigned int *)&auth.length); packet_integrity_check(plen, 4 + auth.length, type); - memcpy(auth.dat, kdata, auth.length); + if (auth.length < MAX_KTXT_LEN) + memcpy(auth.dat, kdata, auth.length); xfree(kdata); - + if (auth_krb4(user, &auth, &tkt_user)) { /* Client has successfully authenticated to us. */ - log("Kerberos authentication accepted %.100s for account " - "%.100s from %.200s", tkt_user, user, - get_canonical_hostname()); + log("Kerberos authentication accepted %s for account " + "%s from %s", tkt_user, user, get_canonical_hostname()); /* authentication_type = SSH_AUTH_KERBEROS; */ authenticated = 1; xfree(tkt_user); - break; } - log("Kerberos authentication failed for account " - "%.100s from %.200s", user, get_canonical_hostname()); + else { + log("Kerberos authentication failed for account " + "%s from %s", user, get_canonical_hostname()); + } } break; #endif /* KRB4 */ @@ -1698,10 +1693,10 @@ void pty_cleanup_proc(void *context) debug("pty_cleanup_proc called"); -#if defined(KRB4) || defined(AFS) +#if defined(KRB4) /* Destroy user's ticket cache file. */ (void) dest_tkt(); -#endif /* KRB4 || AFS */ +#endif /* KRB4 */ /* Record that the user has logged out. */ record_logout(cu->pid, cu->ttyname); @@ -2212,7 +2207,7 @@ void do_child(const char *command, struct passwd *pw, const char *term, if (display) child_set_env(&env, &envsize, "DISPLAY", display); -#ifdef KRB4 /* XXX - how to make these coexist? */ +#ifdef KRB4 if (ticket) child_set_env(&env, &envsize, "KRBTKFILE", ticket); #endif /* KRB4 */ diff --git a/usr.bin/ssh/sshd/Makefile b/usr.bin/ssh/sshd/Makefile index 98b830e22ac..ca6eab1d419 100644 --- a/usr.bin/ssh/sshd/Makefile +++ b/usr.bin/ssh/sshd/Makefile @@ -4,17 +4,27 @@ PROG= sshd BINOWN= root BINMODE=555 BINDIR= /usr/sbin -LDADD= -lkrb -lcrypto -ldes -lutil -lz -DPADD= ${LIBKRB} ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} +LDADD= -lcrypto -ldes -lutil -lz +DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= sshd.8 SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ - auth-krb4.c pty.c log-server.c login.c hostfile.c canohost.c \ + pty.c log-server.c login.c hostfile.c canohost.c \ servconf.c tildexpand.c uidswap.c serverloop.c rsa.c \ ssh_md5.c buffer.c packet.c xmalloc.c ttymodes.c channels.c bufaux.c \ authfd.c authfile.c crc32.c match.c mpaux.c minfd.c cipher.c \ compress.c +.include <bsd.own.mk> # for KERBEROS and AFS + +.if (${KERBEROS} == "yes") +SRCS+= auth-krb4.c +.endif + +.if (${AFS} == "yes") +SRCS+= radix.c +.endif + gen_minfd: gen_minfd.c minfd.o: minfd.h |