src - OpenBSD base system

diff options


context:
space:
mode:

author	Markus Friedl <markus@cvs.openbsd.org>	1999-11-10 22:24:02 +0000
committer	Markus Friedl <markus@cvs.openbsd.org>	1999-11-10 22:24:02 +0000
commit	fdbbe9d996f09ecbd4f5c6cdafd452dcf2a32cfd (patch)
tree	2fa144182eda9f9f7be565a2bb3ea8e80b6a4b21 /usr.bin
parent	bc9e909965e411498ba0bc784d8b3580bfceed90 (diff)

remove x11- and krb-cleanup from fatal() + krb-cleanup cleanup

Diffstat (limited to 'usr.bin')

-rw-r--r--

usr.bin/ssh/auth-krb4.c

120

-rw-r--r--

usr.bin/ssh/auth-passwd.c

-rw-r--r--

usr.bin/ssh/log-server.c

-rw-r--r--

usr.bin/ssh/ssh.h

-rw-r--r--

usr.bin/ssh/sshd.c

5 files changed, 120 insertions, 115 deletions

diff --git a/usr.bin/ssh/auth-krb4.c b/usr.bin/ssh/auth-krb4.c
index 569f0b4c3b3..a84ae7f0861 100644
--- a/usr.bin/ssh/auth-krb4.c
+++ b/usr.bin/ssh/auth-krb4.c

@@ -6,7 +6,7 @@

Kerberos v4 authentication and ticket-passing routines.

- $Id: auth-krb4.c,v 1.5 1999/11/02 19:10:14 markus Exp $

+ $Id: auth-krb4.c,v 1.6 1999/11/10 22:24:01 markus Exp $

#include "includes.h"

@@ -15,38 +15,59 @@

#include "ssh.h"

#ifdef KRB4

-int ssh_tf_init(uid_t uid)

+char *ticket = NULL;

+void

+krb4_cleanup_proc(void *ignore)

+ debug("krb4_cleanup_proc called");

+ if (ticket) {

+ (void) dest_tkt();

+ xfree(ticket);

+ ticket = NULL;

+ }

+int krb4_init(uid_t uid)

{

- extern char *ticket;

+ static int cleanup_registered = 0;

char *tkt_root = TKT_ROOT;

struct stat st;

int fd;

- /* Set unique ticket string manually since we're still root. */

- ticket = xmalloc(MAXPATHLEN);

+ if (!ticket) {

+ /* Set unique ticket string manually since we're still root. */

+ ticket = xmalloc(MAXPATHLEN);

#ifdef AFS

- if (lstat("/ticket", &st) != -1)

- tkt_root = "/ticket/";

+ if (lstat("/ticket", &st) != -1)

+ tkt_root = "/ticket/";

#endif /* AFS */

- snprintf(ticket, MAXPATHLEN, "%s%d_%d", tkt_root, uid, getpid());

- (void) krb_set_tkt_string(ticket);

- /* Make sure we own this ticket file, and we created it. */

- if (lstat(ticket, &st) == -1 && errno == ENOENT) {

- /* good, no ticket file exists. create it. */

- if ((fd = open(ticket, O_RDWR|O_CREAT|O_EXCL, 0600)) != -1) {

- close(fd);

- return 1;

- }

+ snprintf(ticket, MAXPATHLEN, "%s%d_%d", tkt_root, uid, getpid());

+ (void) krb_set_tkt_string(ticket);

+ }

+ /* Register ticket cleanup in case of fatal error. */

+ if (!cleanup_registered) {

+ fatal_add_cleanup(krb4_cleanup_proc, NULL);

+ cleanup_registered = 1;

+ }

+ /* Try to create our ticket file. */

+ if ((fd = mkstemp(ticket)) != -1) {

+ close(fd);

+ return 1;

}

- else {

- /* file exists. make sure server_user owns it (e.g. just passed ticket),

- and that it isn't a symlink, and that it is mode 600. */

+ /* Ticket file exists - make sure user owns it (just passed ticket). */

+ if (lstat(ticket, &st) != -1) {

if (st.st_mode == (S_IFREG|S_IRUSR|S_IWUSR) && st.st_uid == uid)

return 1;

}

- /* Failure. */

+ /* Failure - cancel cleanup function, leaving bad ticket for inspection. */

log("WARNING: bad ticket file %s", ticket);

+ fatal_remove_cleanup(krb4_cleanup_proc, NULL);

+ cleanup_registered = 0;

+ xfree(ticket);

+ ticket = NULL;

return 0;

}

@@ -103,8 +124,7 @@ int auth_krb4(const char *server_user, KTEXT auth, char **client)

reply.dat[0] = 0;

reply.length = 0;

}

- else

- reply.length = r;

+ else reply.length = r;

/* Clear session key. */

memset(&adat.session, 0, sizeof(&adat.session));

@@ -121,8 +141,6 @@ int auth_krb4(const char *server_user, KTEXT auth, char **client)

int auth_kerberos_tgt(struct passwd *pw, const char *string)

{

CREDENTIALS creds;

- extern char *ticket;

- int r;

if (!radix_to_creds(string, &creds)) {

log("Protocol error decoding Kerberos V4 tgt");

@@ -133,37 +151,39 @@ int auth_kerberos_tgt(struct passwd *pw, const char *string)

strlcpy(creds.service, "krbtgt", sizeof creds.service);

if (strcmp(creds.service, "krbtgt")) {

- log("Kerberos V4 tgt (%s%s%s@%s) rejected for uid %d",

- creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm,

- pw->pw_uid);

- packet_send_debug("Kerberos V4 tgt (%s%s%s@%s) rejected for uid %d",

+ log("Kerberos V4 tgt (%s%s%s@%s) rejected for %s", creds.pname,

+ creds.pinst[0] ? "." : "", creds.pinst, creds.realm, pw->pw_name);

+ packet_send_debug("Kerberos V4 tgt (%s%s%s@%s) rejected for %s",

creds.pname, creds.pinst[0] ? "." : "", creds.pinst,

- creds.realm, pw->pw_uid);

+ creds.realm, pw->pw_name);

goto auth_kerberos_tgt_failure;

}

- if (!ssh_tf_init(pw->pw_uid) ||

- (r = in_tkt(creds.pname, creds.pinst)) ||

- (r = save_credentials(creds.service, creds.instance, creds.realm,

- creds.session, creds.lifetime, creds.kvno,

- &creds.ticket_st, creds.issue_date))) {

- xfree(ticket);

- ticket = NULL;

+ if (!krb4_init(pw->pw_uid))

+ goto auth_kerberos_tgt_failure;

+ if (in_tkt(creds.pname, creds.pinst) != KSUCCESS)

+ goto auth_kerberos_tgt_failure;

+ if (save_credentials(creds.service, creds.instance, creds.realm,

+ creds.session, creds.lifetime, creds.kvno,

+ &creds.ticket_st, creds.issue_date) != KSUCCESS) {

packet_send_debug("Kerberos V4 tgt refused: couldn't save credentials");

goto auth_kerberos_tgt_failure;

}

/* Successful authentication, passed all checks. */

- chown(ticket, pw->pw_uid, pw->pw_gid);

- packet_send_debug("Kerberos V4 tgt accepted (%s.%s@%s, %s%s%s@%s)",

- creds.service, creds.instance, creds.realm,

- creds.pname, creds.pinst[0] ? "." : "",

- creds.pinst, creds.realm);

+ chown(tkt_string(), pw->pw_uid, pw->pw_gid);

+ packet_send_debug("Kerberos V4 tgt accepted (%s.%s@%s, %s%s%s@%s)",

+ creds.service, creds.instance, creds.realm, creds.pname,

+ creds.pinst[0] ? "." : "", creds.pinst, creds.realm);

+ memset(&creds, 0, sizeof(creds));

packet_start(SSH_SMSG_SUCCESS);

packet_send();

packet_write_wait();

return 1;

-auth_kerberos_tgt_failure:

+ auth_kerberos_tgt_failure:

+ krb4_cleanup_proc(NULL);

memset(&creds, 0, sizeof(creds));

packet_start(SSH_SMSG_FAILURE);

packet_send();

@@ -191,10 +211,11 @@ int auth_afs_token(struct passwd *pw, const char *token_string)

uid = atoi(creds.pname + 7);

if (kafs_settoken(creds.realm, uid, &creds)) {

- log("AFS token (%s@%s) rejected for uid %d", creds.pname,

- creds.realm, uid);

- packet_send_debug("AFS token (%s@%s) rejected for uid %d", creds.pname,

- creds.realm, uid);

+ log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm,

+ pw->pw_name);

+ packet_send_debug("AFS token (%s@%s) rejected for %s", creds.pname,

+ creds.realm, pw->pw_name);

+ memset(&creds, 0, sizeof(creds));

packet_start(SSH_SMSG_FAILURE);

packet_send();

packet_write_wait();

@@ -202,6 +223,7 @@ int auth_afs_token(struct passwd *pw, const char *token_string)

}

packet_send_debug("AFS token accepted (%s@%s, %s@%s)", creds.service,

creds.realm, creds.pname, creds.realm);

+ memset(&creds, 0, sizeof(creds));

packet_start(SSH_SMSG_SUCCESS);

packet_send();

packet_write_wait();

diff --git a/usr.bin/ssh/auth-passwd.c b/usr.bin/ssh/auth-passwd.c
index 589f00b6dc7..89590b2ca59 100644
--- a/usr.bin/ssh/auth-passwd.c
+++ b/usr.bin/ssh/auth-passwd.c

@@ -15,17 +15,13 @@ the password is valid for the user.

#include "includes.h"

-RCSID("$Id: auth-passwd.c,v 1.8 1999/10/19 15:56:41 deraadt Exp $");

+RCSID("$Id: auth-passwd.c,v 1.9 1999/11/10 22:24:01 markus Exp $");

#include "packet.h"

#include "ssh.h"

#include "servconf.h"

#include "xmalloc.h"

-#ifdef KRB4

-extern char *ticket;

-#endif /* KRB4 */

/* Tries to authenticate the user using password. Returns true if

authentication succeeds. */

@@ -80,9 +76,9 @@ int auth_password(struct passwd *pw, const char *password)

KTEXT_ST tkt;

struct hostent *hp;

unsigned long faddr;

- char localhost[MAXHOSTNAMELEN]; /* local host name */

- char phost[INST_SZ]; /* host instance */

- char realm[REALM_SZ]; /* local Kerberos realm */

+ char localhost[MAXHOSTNAMELEN];

+ char phost[INST_SZ];

+ char realm[REALM_SZ];

int r;

/* Try Kerberos password authentication only for non-root

@@ -90,9 +86,8 @@ int auth_password(struct passwd *pw, const char *password)

if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {

/* Set up our ticket file. */

- if (!ssh_tf_init(pw->pw_uid)) {

- log("Couldn't initialize Kerberos ticket file for %s!",

- pw->pw_name);

+ if (!krb4_init(pw->pw_uid)) {

+ log("Couldn't initialize Kerberos ticket file for %s!", pw->pw_name);

goto kerberos_auth_failure;

}

/* Try to get TGT using our password. */

@@ -104,13 +99,12 @@ int auth_password(struct passwd *pw, const char *password)

goto kerberos_auth_failure;

}

/* Successful authentication. */

- chown(ticket, pw->pw_uid, pw->pw_gid);

- (void) gethostname(localhost, sizeof(localhost));

- (void) strlcpy(phost, (char *)krb_get_phost(localhost), INST_SZ);

+ chown(tkt_string(), pw->pw_uid, pw->pw_gid);

/* Now that we have a TGT, try to get a local "rcmd" ticket to

ensure that we are not talking to a bogus Kerberos server. */

+ (void) gethostname(localhost, sizeof(localhost));

+ (void) strlcpy(phost, (char *)krb_get_phost(localhost), INST_SZ);

r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33);

if (r == KSUCCESS) {

@@ -150,10 +144,10 @@ int auth_password(struct passwd *pw, const char *password)

return 1;

kerberos_auth_failure:

- (void) dest_tkt();

- xfree(ticket);

- ticket = NULL;

- if (!options.kerberos_or_local_passwd ) return 0;

+ krb4_cleanup_proc(NULL);

+ if (!options.kerberos_or_local_passwd)

+ return 0;

}

else {

/* Logging in as root or no local Kerberos realm. */

diff --git a/usr.bin/ssh/log-server.c b/usr.bin/ssh/log-server.c
index 7f303b7c521..304099a85d5 100644
--- a/usr.bin/ssh/log-server.c
+++ b/usr.bin/ssh/log-server.c

@@ -15,7 +15,7 @@ to the system log.

#include "includes.h"

-RCSID("$Id: log-server.c,v 1.5 1999/10/17 20:39:11 dugsong Exp $");

+RCSID("$Id: log-server.c,v 1.6 1999/11/10 22:24:01 markus Exp $");

#include <syslog.h>

#include "packet.h"

@@ -187,19 +187,16 @@ void fatal(const char *fmt, ...)

va_list args;

struct fatal_cleanup *cu, *next_cu;

static int fatal_called = 0;

-#if defined(KRB4)

- extern char *ticket;

-#endif /* KRB4 */

DECL_MSGBUF;

- if (log_quiet)

- exit(1);

- va_start(args, fmt);

- vsnprintf(msgbuf, MSGBUFSIZE, fmt, args);

- va_end(args);

- if (log_on_stderr)

- fprintf(stderr, "fatal: %s\n", msgbuf);

- syslog(LOG_ERR, "fatal: %.500s", msgbuf);

+ if (!log_quiet) {

+ va_start(args, fmt);

+ vsnprintf(msgbuf, MSGBUFSIZE, fmt, args);

+ va_end(args);

+ if (log_on_stderr)

+ fprintf(stderr, "fatal: %s\n", msgbuf);

+ syslog(LOG_ERR, "fatal: %.500s", msgbuf);

+ }

if (fatal_called)

exit(1);

@@ -213,21 +210,6 @@ void fatal(const char *fmt, ...)

(unsigned long)cu->proc, (unsigned long)cu->context);

(*cu->proc)(cu->context);

}

-#if defined(KRB4)

- /* If you forwarded a ticket you get one shot for proper

- authentication. */

- /* If tgt was passed unlink file */

- if (ticket)

- {

- if (strcmp(ticket,"none"))

- unlink(ticket);

- else

- ticket = NULL;

- }

-#endif /* KRB4 */

- /* If local XAUTHORITY was created, remove it. */

- if (xauthfile) unlink(xauthfile);

exit(1);

}

diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h
index 62b1ca3188e..abf3303fad6 100644
--- a/usr.bin/ssh/ssh.h
+++ b/usr.bin/ssh/ssh.h

@@ -13,7 +13,7 @@ Generic header file for ssh.

-/* RCSID("$Id: ssh.h,v 1.16 1999/11/02 19:10:15 markus Exp $"); */

+/* RCSID("$Id: ssh.h,v 1.17 1999/11/10 22:24:01 markus Exp $"); */

#ifndef SSH_H

#define SSH_H

@@ -402,7 +402,7 @@ void fatal(const char *fmt, ...);

from the function. */

void fatal_add_cleanup(void (*proc)(void *context), void *context);

-/* Removes a cleanup frunction to be called at fatal(). */

+/* Removes a cleanup function to be called at fatal(). */

void fatal_remove_cleanup(void (*proc)(void *context), void *context);

/*---------------- definitions for channels ------------------*/

@@ -518,9 +518,6 @@ void x11_request_forwarding(void);

This should be called in the client only. */

void x11_request_forwarding_with_spoofing(const char *proto, const char *data);

-/* Local Xauthority file (server only). */

-extern char *xauthfile;

/* Sends a message to the server to request authentication fd forwarding. */

void auth_request_forwarding(void);

@@ -567,7 +564,8 @@ struct envstring {

0 if the client could not be authenticated, and 1 if authentication was

successful. This may exit if there is a serious protocol violation. */

int auth_krb4(const char *server_user, KTEXT auth, char **client);

-int ssh_tf_init(uid_t uid);

+int krb4_init(uid_t uid);

+void krb4_cleanup_proc(void *ignore);

#ifdef AFS

#include <kafs.h>

diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 01673fcf358..00cadebc4d7 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c

@@ -18,7 +18,7 @@ agent connections.

#include "includes.h"

-RCSID("$Id: sshd.c,v 1.45 1999/11/03 23:31:03 markus Exp $");

+RCSID("$Id: sshd.c,v 1.46 1999/11/10 22:24:01 markus Exp $");

#include "xmalloc.h"

#include "rsa.h"

@@ -43,12 +43,8 @@ int deny_severity = LOG_WARNING;

#define O_NOCTTY 0

#endif

-#ifdef KRB4

-char *ticket = NULL;

-#endif /* KRB4 */

/* Local Xauthority file. */

-char *xauthfile = NULL;

+static char *xauthfile = NULL;

/* Server configuration options. */

ServerOptions options;

@@ -1381,6 +1377,19 @@ do_authentication(char *user, int privileged_port)

do_authenticated(pw);

}

+/* Remove local Xauthority file. */

+static void

+xauthfile_cleanup_proc(void *ignore)

+ debug("xauthfile_cleanup_proc called");

+ if (xauthfile != NULL) {

+ unlink(xauthfile);

+ xfree(xauthfile);

+ xauthfile = NULL;

+ }

/* Prepares for an interactive session. This is called after the user has

been successfully authenticated. During this message exchange, pseudo

terminals are allocated, X11, TCP/IP, and authentication agent forwardings

@@ -1536,6 +1545,7 @@ void do_authenticated(struct passwd *pw)

if ((xauthfd = mkstemp(xauthfile)) != -1) {

fchown(xauthfd, pw->pw_uid, pw->pw_gid);

close(xauthfd);

+ fatal_add_cleanup(xauthfile_cleanup_proc, NULL);

}

else {

xfree(xauthfile);

@@ -1764,11 +1774,6 @@ void pty_cleanup_proc(void *context)

debug("pty_cleanup_proc called");

-#if defined(KRB4)

- /* Destroy user's ticket cache file. */

- (void) dest_tkt();

-#endif /* KRB4 */

/* Record that the user has logged out. */

record_logout(cu->pid, cu->ttyname);

@@ -2167,10 +2172,14 @@ void do_child(const char *command, struct passwd *pw, const char *term,

child_set_env(&env, &envsize, "DISPLAY", display);

#ifdef KRB4

- if (ticket)

- child_set_env(&env, &envsize, "KRBTKFILE", ticket);

+ {

+ extern char *ticket;

+ if (ticket)

+ child_set_env(&env, &envsize, "KRBTKFILE", ticket);

+ }

#endif /* KRB4 */

/* Set XAUTHORITY to always be a local file. */

if (xauthfile)

child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);