diff --git a/ChangeLog b/ChangeLog index 867752050..14f54496b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -98,7 +98,7 @@ [ssh-keygen.c] allow uploading RSA keys for non-default AUT0 (sha1 over passphrase like sectok). - - markus@cvs.openbsd.org 2001/08/01 23:38:45 + - markus@cvs.openbsd.org 2001/08/01 23:38:45 [scard.c ssh.c] support finish rsa keys. free public keys after login -> call finish -> close smartcard. @@ -122,7 +122,7 @@ - jakob@cvs.openbsd.org 2001/08/02 15:43:57 [ssh-agent.c ssh.c ssh-keygen.c] add /* SMARTCARD */ to #else/#endif. ok markus@ - - jakob@cvs.openbsd.org 2001/08/02 16:14:05 + - jakob@cvs.openbsd.org 2001/08/02 16:14:05 [scard.c ssh-agent.c ssh.c ssh-keygen.c] clean up some /* SMARTCARD */. ok markus@ - mpech@cvs.openbsd.org 2001/08/02 18:37:35 @@ -148,6 +148,8 @@ [scp.c] use alarm vs. setitimer for portable; ok markus@ - (bal) ssh-keyscan double -lssh hack due to seed_rng(). + - (bal) Second around of UNICOS patches. A few other things left. + Patches by William L. Jones 20010803 - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on @@ -6258,4 +6260,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1466 2001/08/06 22:56:46 mouring Exp $ +$Id: ChangeLog,v 1.1467 2001/08/06 23:29:16 mouring Exp $ diff --git a/configure.in b/configure.in index 75b3626d2..4210d3e94 100644 --- a/configure.in +++ b/configure.in @@ -1,4 +1,4 @@ -# $Id: configure.in,v 1.304 2001/07/24 17:00:14 mouring Exp $ +# $Id: configure.in,v 1.305 2001/08/06 23:29:17 mouring Exp $ AC_INIT(ssh.c) @@ -1453,6 +1453,7 @@ if (test -z "$RANDOM_POOL" && test -z "$PRNGD") ; then OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) + OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) OSSH_PATH_ENTROPY_PROG(PROG_W, w) OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) diff --git a/loginrec.c b/loginrec.c index e121ce354..5789aad76 100644 --- a/loginrec.c +++ b/loginrec.c @@ -163,7 +163,7 @@ #include "log.h" #include "atomicio.h" -RCSID("$Id: loginrec.c,v 1.33 2001/05/08 20:33:06 mouring Exp $"); +RCSID("$Id: loginrec.c,v 1.34 2001/08/06 23:29:17 mouring Exp $"); #ifdef HAVE_UTIL_H # include @@ -616,9 +616,15 @@ construct_utmp(struct logininfo *li, switch (li->type) { case LTYPE_LOGIN: ut->ut_type = USER_PROCESS; +#ifdef _CRAY + cray_set_tmpdir(ut); +#endif break; case LTYPE_LOGOUT: ut->ut_type = DEAD_PROCESS; +#ifdef _CRAY + cray_retain_utmp(ut, li->pid); +#endif break; } # endif diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c index c887322cb..a11a5b6aa 100644 --- a/openbsd-compat/bsd-cray.c +++ b/openbsd-compat/bsd-cray.c @@ -12,18 +12,24 @@ #include #include #include +#include +#include +#include +#include +#include #include #include #include #include #include +#include "bsd-cray.h" + char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */ /* * Functions. */ -int cray_setup(uid_t, char *); void cray_retain_utmp(struct utmp *, int); void cray_create_tmpdir(int, uid_t, gid_t); void cray_delete_tmpdir(char *, int , uid_t); @@ -31,17 +37,17 @@ void cray_job_termination_handler (int); void cray_init_job(struct passwd *); void cray_set_tmpdir(struct utmp *); + /* * Orignal written by: * Wayne Schroeder * San Diego Supercomputer Center * schroeder@sdsc.edu */ -int +void cray_setup(uid_t uid, char *username) { struct udb *p; - extern struct udb *getudb(); extern char *setlimits(); int i, j; int accts[MAXVIDS]; @@ -52,58 +58,83 @@ cray_setup(uid_t uid, char *username) struct jtab jbuf; int jid; - if ((jid = getjtab (&jbuf)) < 0) { - debug("getjtab"); - return -1; - } + if ((jid = getjtab (&jbuf)) < 0) fatal("getjtab: no jid"); - /* Find all of the accounts for a particular user */ - err = setudb(); /* open and rewind the Cray User DataBase */ - if(err != 0) { - debug("UDB open failure"); - return -1; - } + err = setudb(); /* open and rewind the Cray User DataBase */ + if(err != 0) fatal("UDB open failure"); naccts = 0; - while ((p = getudb()) != UDB_NULL) { - if (p->ue_uid == -1) break; - if(uid == p->ue_uid) { - for(j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) { - accts[naccts] = p->ue_acids[j]; - naccts++; - } - } - } - endudb(); /* close the udb */ - if (naccts == 0 || accts[0] == 0) { - debug("No Cray accounts found"); - return -1; + p = getudbnam(username); + if (p == NULL) fatal("No UDB entry for %s", username); + if(uid != p->ue_uid) + fatal("UDB etnry %s uid(%d) does not match uid %d\n", + username, p->ue_uid, uid); + for(j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) { + accts[naccts] = p->ue_acids[j]; + naccts++; } + endudb(); /* close the udb */ + + if (naccts != 0) { + /* Perhaps someday we'll prompt users who have multiple accounts + to let them pick one (like CRI's login does), but for now just set + the account to the first entry. */ + if (acctid(0, accts[0]) < 0) + fatal("System call acctid failed, accts[0]=%d",accts[0]); + } - /* Perhaps someday we'll prompt users who have multiple accounts - to let them pick one (like CRI's login does), but for now just set - the account to the first entry. */ - if (acctid(0, accts[0]) < 0) { - debug("System call acctid failed, accts[0]=%d",accts[0]); - return -1; - } - - /* Now set limits, including CPU time for the (interactive) job and process, - and set up permissions (for chown etc), etc. This is via an internal CRI - routine, setlimits, used by CRI's login. */ + /* Now set limits, including CPU time for the (interactive) job and process, + and set up permissions (for chown etc), etc. This is via an internal CRI + routine, setlimits, used by CRI's login. */ pid = getpid(); sr = setlimits(username, C_PROC, pid, UDBRC_INTER); - if (sr != NULL) { - debug("%.200s", sr); - return -1; - } - sr = setlimits(username, C_JOB, jid, UDBRC_INTER); - if (sr != NULL) { - debug("%.200s", sr); - return -1; - } + if (sr != NULL) fatal("%.200s", sr); - return 0; + sr = setlimits(username, C_JOB, jid, UDBRC_INTER); + if (sr != NULL) fatal("%.200s", sr); + +} + + +/* + * The rc.* and /etc/sdaemon methods of starting a program on unicos/unicosmk + * can have pal privileges that sshd can inherit which + * could allow a user to su to root with out a password. + * This subroutine clears all privileges. + */ +void +drop_cray_privs() +{ +#if defined(_SC_CRAY_PRIV_SU) + priv_proc_t* privstate; + int result; + extern int priv_set_proc(); + extern priv_proc_t* priv_init_proc(); + struct usrv usrv; + + /* + * If ether of theses two flags are not set + * then don't allow this version of ssh to run. + */ + if (!sysconf(_SC_CRAY_PRIV_SU)) fatal("Not PRIV_SU system."); + if (!sysconf(_SC_CRAY_POSIX_PRIV)) fatal("Not POSIX_PRIV."); + + debug ("Dropping privileges."); + + memset(&usrv, 0, sizeof(usrv)); + if (setusrv(&usrv) < 0) + fatal ("%s(%d): setusrv(): %s\n", __FILE__, __LINE__, strerror(errno)); + + if ((privstate = priv_init_proc()) != NULL) { + result = priv_set_proc(privstate); + if ( result != 0 ) fatal ("%s(%d): priv_set_proc(): %s\n", + __FILE__, __LINE__, strerror(errno)); + priv_free_proc(privstate); + } + debug ("Privileges should be cleared..."); +#else +Cray systems must be run with _SC_CRAY_PRIV_SU on! +#endif } diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index ca7871c0d..ab07315b6 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h @@ -1,4 +1,4 @@ -/* $Id: openbsd-compat.h,v 1.11 2001/07/14 03:22:54 djm Exp $ */ +/* $Id: openbsd-compat.h,v 1.12 2001/08/06 23:29:18 mouring Exp $ */ #ifndef _OPENBSD_H #define _OPENBSD_H @@ -38,4 +38,7 @@ #include "fake-getnameinfo.h" #include "fake-socket.h" +/* Routines for a single OS platform */ +#include "bsd-cray.h" + #endif /* _OPENBSD_H */ diff --git a/sshd.c b/sshd.c index d1c68445d..b6adc38cb 100644 --- a/sshd.c +++ b/sshd.c @@ -679,6 +679,13 @@ main(int ac, char **av) options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility, !inetd_flag); +#ifdef _CRAY + /* Cray can define user privs drop all prives now! + * Not needed on PRIV_SU systems! + */ + drop_cray_privs(); +#endif + seed_rng(); /* Read server configuration options from the configuration file. */ diff --git a/sshpty.c b/sshpty.c index 71e16b79e..84572c901 100644 --- a/sshpty.c +++ b/sshpty.c @@ -162,6 +162,34 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) } return 1; #else /* HAVE_DEV_PTS_AND_PTC */ +#ifdef _CRAY + char buf[64]; + int i; + int highpty; + +#ifdef _SC_CRAY_NPTY + highpty = sysconf(_SC_CRAY_NPTY); + if (highpty == -1) + highpty = 128; +#else + highpty = 128; +#endif + + for (i = 0; i < highpty; i++) { + snprintf(buf, sizeof(buf), "/dev/pty/%03d", i); + *ptyfd = open(buf, O_RDWR|O_NOCTTY); + if (*ptyfd < 0) continue; + snprintf(namebuf, namebuflen, "/dev/ttyp%03d", i); + /* Open the slave side. */ + *ttyfd = open(namebuf, O_RDWR|O_NOCTTY); + if (*ttyfd < 0) { + error("%.100s: %.100s", namebuf, strerror(errno)); + close(*ptyfd); + } + return 1; + } + return 0; +#else /* BSD-style pty code. */ char buf[64]; int i; @@ -196,6 +224,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) return 1; } return 0; +#endif /* CRAY */ #endif /* HAVE_DEV_PTS_AND_PTC */ #endif /* HAVE_DEV_PTMX */ #endif /* HAVE__GETPTY */ @@ -218,6 +247,35 @@ pty_release(const char *ttyname) void pty_make_controlling_tty(int *ttyfd, const char *ttyname) { +#ifdef _CRAY + int fd; + + if (setsid() < 0) + error("setsid: %.100s", strerror(errno)); + + fd = open(ttyname, O_RDWR|O_NOCTTY); + if (fd >= 0) { + signal(SIGHUP, SIG_IGN); + ioctl(fd, TCVHUP, (char *)0); + signal(SIGHUP, SIG_DFL); + setpgid(0,0); + close(fd); + } else { + error("Failed to disconnect from controlling tty."); + } + + + debug("Setting controlling tty using TCSETCTTY.\n"); + ioctl(*ttyfd, TCSETCTTY, NULL); + + fd = open("/dev/tty", O_RDWR); + + if (fd < 0) + error("%.100s: %.100s", ttyname, strerror(errno)); + + close(*ttyfd); + *ttyfd = fd; +#else int fd; #ifdef USE_VHANGUP void *old; @@ -277,6 +335,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) else { close(fd); } +#endif } /* Changes the window size associated with the pty. */