auth.c (181097) | auth.c (181111) |
---|---|
1/* $OpenBSD: auth.c,v 1.75 2006/08/03 03:34:41 deraadt Exp $ */ | 1/* $OpenBSD: auth.c,v 1.79 2008/07/02 12:03:51 dtucker Exp $ */ |
2/* 3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 9 unchanged lines hidden (view full) --- 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" | 2/* 3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 9 unchanged lines hidden (view full) --- 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" |
27__RCSID("$FreeBSD: head/crypto/openssh/auth.c 181097 2008-08-01 01:13:41Z des $"); | 27__RCSID("$FreeBSD: head/crypto/openssh/auth.c 181111 2008-08-01 02:48:36Z des $"); |
28 29#include <sys/types.h> 30#include <sys/stat.h> 31#include <sys/param.h> 32 33#include <netinet/in.h> 34 35#include <errno.h> | 28 29#include <sys/types.h> 30#include <sys/stat.h> 31#include <sys/param.h> 32 33#include <netinet/in.h> 34 35#include <errno.h> |
36#include <fcntl.h> |
|
36#ifdef HAVE_PATHS_H 37# include <paths.h> 38#endif 39#include <pwd.h> 40#ifdef HAVE_LOGIN_H 41#include <login.h> 42#endif 43#ifdef USE_SHADOW 44#include <shadow.h> 45#endif 46#ifdef HAVE_LIBGEN_H 47#include <libgen.h> 48#endif 49#include <stdarg.h> 50#include <stdio.h> 51#include <string.h> | 37#ifdef HAVE_PATHS_H 38# include <paths.h> 39#endif 40#include <pwd.h> 41#ifdef HAVE_LOGIN_H 42#include <login.h> 43#endif 44#ifdef USE_SHADOW 45#include <shadow.h> 46#endif 47#ifdef HAVE_LIBGEN_H 48#include <libgen.h> 49#endif 50#include <stdarg.h> 51#include <stdio.h> 52#include <string.h> |
53#include <unistd.h> |
|
52 53#include "xmalloc.h" 54#include "match.h" 55#include "groupaccess.h" 56#include "log.h" 57#include "buffer.h" 58#include "servconf.h" 59#include "key.h" --- 49 unchanged lines hidden (view full) --- 109 spw = getspnam(pw->pw_name); 110#ifdef HAS_SHADOW_EXPIRE 111 if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw)) 112 return 0; 113#endif /* HAS_SHADOW_EXPIRE */ 114#endif /* USE_SHADOW */ 115 116 /* grab passwd field for locked account check */ | 54 55#include "xmalloc.h" 56#include "match.h" 57#include "groupaccess.h" 58#include "log.h" 59#include "buffer.h" 60#include "servconf.h" 61#include "key.h" --- 49 unchanged lines hidden (view full) --- 111 spw = getspnam(pw->pw_name); 112#ifdef HAS_SHADOW_EXPIRE 113 if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw)) 114 return 0; 115#endif /* HAS_SHADOW_EXPIRE */ 116#endif /* USE_SHADOW */ 117 118 /* grab passwd field for locked account check */ |
119 passwd = pw->pw_passwd; |
|
117#ifdef USE_SHADOW 118 if (spw != NULL) | 120#ifdef USE_SHADOW 121 if (spw != NULL) |
119#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) | 122#ifdef USE_LIBIAF |
120 passwd = get_iaf_password(pw); 121#else 122 passwd = spw->sp_pwdp; | 123 passwd = get_iaf_password(pw); 124#else 125 passwd = spw->sp_pwdp; |
123#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ 124#else 125 passwd = pw->pw_passwd; | 126#endif /* USE_LIBIAF */ |
126#endif 127 128 /* check for locked account */ 129 if (!options.use_pam && passwd && *passwd) { 130 int locked = 0; 131 132#ifdef LOCKED_PASSWD_STRING 133 if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) 134 locked = 1; 135#endif 136#ifdef LOCKED_PASSWD_PREFIX 137 if (strncmp(passwd, LOCKED_PASSWD_PREFIX, 138 strlen(LOCKED_PASSWD_PREFIX)) == 0) 139 locked = 1; 140#endif 141#ifdef LOCKED_PASSWD_SUBSTR 142 if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) 143 locked = 1; 144#endif | 127#endif 128 129 /* check for locked account */ 130 if (!options.use_pam && passwd && *passwd) { 131 int locked = 0; 132 133#ifdef LOCKED_PASSWD_STRING 134 if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) 135 locked = 1; 136#endif 137#ifdef LOCKED_PASSWD_PREFIX 138 if (strncmp(passwd, LOCKED_PASSWD_PREFIX, 139 strlen(LOCKED_PASSWD_PREFIX)) == 0) 140 locked = 1; 141#endif 142#ifdef LOCKED_PASSWD_SUBSTR 143 if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) 144 locked = 1; 145#endif |
145#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) | 146#ifdef USE_LIBIAF |
146 free(passwd); | 147 free(passwd); |
147#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ | 148#endif /* USE_LIBIAF */ |
148 if (locked) { 149 logit("User %.100s not allowed because account is locked", 150 pw->pw_name); 151 return 0; 152 } 153 } 154 155 /* --- 250 unchanged lines hidden (view full) --- 406 * 407 * XXX Should any specific check be done for sym links ? 408 * 409 * Takes an open file descriptor, the file name, a uid and and 410 * error buffer plus max size as arguments. 411 * 412 * Returns 0 on success and -1 on failure 413 */ | 149 if (locked) { 150 logit("User %.100s not allowed because account is locked", 151 pw->pw_name); 152 return 0; 153 } 154 } 155 156 /* --- 250 unchanged lines hidden (view full) --- 407 * 408 * XXX Should any specific check be done for sym links ? 409 * 410 * Takes an open file descriptor, the file name, a uid and and 411 * error buffer plus max size as arguments. 412 * 413 * Returns 0 on success and -1 on failure 414 */ |
414int | 415static int |
415secure_filename(FILE *f, const char *file, struct passwd *pw, 416 char *err, size_t errlen) 417{ 418 uid_t uid = pw->pw_uid; 419 char buf[MAXPATHLEN], homedir[MAXPATHLEN]; 420 char *cp; 421 int comparehome = 0; 422 struct stat st; --- 43 unchanged lines hidden (view full) --- 466 * but we can be paranoid and check for "." too 467 */ 468 if ((strcmp("/", buf) == 0) || (strcmp(".", buf) == 0)) 469 break; 470 } 471 return 0; 472} 473 | 416secure_filename(FILE *f, const char *file, struct passwd *pw, 417 char *err, size_t errlen) 418{ 419 uid_t uid = pw->pw_uid; 420 char buf[MAXPATHLEN], homedir[MAXPATHLEN]; 421 char *cp; 422 int comparehome = 0; 423 struct stat st; --- 43 unchanged lines hidden (view full) --- 467 * but we can be paranoid and check for "." too 468 */ 469 if ((strcmp("/", buf) == 0) || (strcmp(".", buf) == 0)) 470 break; 471 } 472 return 0; 473} 474 |
475FILE * 476auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes) 477{ 478 char line[1024]; 479 struct stat st; 480 int fd; 481 FILE *f; 482 483 /* 484 * Open the file containing the authorized keys 485 * Fail quietly if file does not exist 486 */ 487 if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) 488 return NULL; 489 490 if (fstat(fd, &st) < 0) { 491 close(fd); 492 return NULL; 493 } 494 if (!S_ISREG(st.st_mode)) { 495 logit("User %s authorized keys %s is not a regular file", 496 pw->pw_name, file); 497 close(fd); 498 return NULL; 499 } 500 unset_nonblock(fd); 501 if ((f = fdopen(fd, "r")) == NULL) { 502 close(fd); 503 return NULL; 504 } 505 if (options.strict_modes && 506 secure_filename(f, file, pw, line, sizeof(line)) != 0) { 507 fclose(f); 508 logit("Authentication refused: %s", line); 509 return NULL; 510 } 511 512 return f; 513} 514 |
|
474struct passwd * 475getpwnamallow(const char *user) 476{ 477#ifdef HAVE_LOGIN_CAP 478 extern login_cap_t *lc; 479#ifdef BSD_AUTH 480 auth_session_t *as; 481#endif --- 83 unchanged lines hidden (view full) --- 565{ 566 static struct passwd fake; 567 568 memset(&fake, 0, sizeof(fake)); 569 fake.pw_name = "NOUSER"; 570 fake.pw_passwd = 571 "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; 572 fake.pw_gecos = "NOUSER"; | 515struct passwd * 516getpwnamallow(const char *user) 517{ 518#ifdef HAVE_LOGIN_CAP 519 extern login_cap_t *lc; 520#ifdef BSD_AUTH 521 auth_session_t *as; 522#endif --- 83 unchanged lines hidden (view full) --- 606{ 607 static struct passwd fake; 608 609 memset(&fake, 0, sizeof(fake)); 610 fake.pw_name = "NOUSER"; 611 fake.pw_passwd = 612 "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; 613 fake.pw_gecos = "NOUSER"; |
573 fake.pw_uid = privsep_pw->pw_uid; 574 fake.pw_gid = privsep_pw->pw_gid; | 614 fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid; 615 fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid; |
575#ifdef HAVE_PW_CLASS_IN_PASSWD 576 fake.pw_class = ""; 577#endif 578 fake.pw_dir = "/nonexist"; 579 fake.pw_shell = "/nonexist"; 580 581 return (&fake); 582} | 616#ifdef HAVE_PW_CLASS_IN_PASSWD 617 fake.pw_class = ""; 618#endif 619 fake.pw_dir = "/nonexist"; 620 fake.pw_shell = "/nonexist"; 621 622 return (&fake); 623} |