upstream commit

ban AuthenticationMethods="" and accept
AuthenticationMethods=any for the default behaviour of not requiring multiple
authentication

bz#2398 from Jakub Jelen; ok dtucker@

Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27
This commit is contained in:
djm@openbsd.org 2016-06-17 05:03:40 +00:00 committed by Damien Miller
parent 9816fc5dae
commit b64faeb5ed
2 changed files with 42 additions and 9 deletions

View File

@ -1,5 +1,5 @@
/* $OpenBSD: servconf.c,v 1.290 2016/05/04 14:00:09 dtucker Exp $ */
/* $OpenBSD: servconf.c,v 1.291 2016/06/17 05:03:40 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@ -381,6 +381,14 @@ fill_default_server_options(ServerOptions *options)
CLEAR_ON_NONE(options->host_cert_files[i]);
#undef CLEAR_ON_NONE
/* Similar handling for AuthenticationMethods=any */
if (options->num_auth_methods == 1 &&
strcmp(options->auth_methods[0], "any") == 0) {
free(options->auth_methods[0]);
options->auth_methods[0] = NULL;
options->num_auth_methods = 0;
}
#ifndef HAVE_MMAP
if (use_privsep && options->compression == 1) {
error("This platform does not support both privilege "
@ -1804,21 +1812,39 @@ process_server_config_line(ServerOptions *options, char *line,
case sAuthenticationMethods:
if (options->num_auth_methods == 0) {
value = 0; /* seen "any" pseudo-method */
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_auth_methods >=
MAX_AUTH_METHODS)
fatal("%s line %d: "
"too many authentication methods.",
filename, linenum);
if (auth2_methods_valid(arg, 0) != 0)
if (strcmp(arg, "any") == 0) {
if (options->num_auth_methods > 0) {
fatal("%s line %d: \"any\" "
"must appear alone in "
"AuthenticationMethods",
filename, linenum);
}
value = 1;
} else if (value) {
fatal("%s line %d: \"any\" must appear "
"alone in AuthenticationMethods",
filename, linenum);
} else if (auth2_methods_valid(arg, 0) != 0) {
fatal("%s line %d: invalid "
"authentication method list.",
filename, linenum);
}
if (!*activep)
continue;
options->auth_methods[
options->num_auth_methods++] = xstrdup(arg);
}
if (options->num_auth_methods == 0) {
fatal("%s line %d: no AuthenticationMethods "
"specified", filename, linenum);
}
}
return 0;
@ -2195,11 +2221,13 @@ dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals)
{
u_int i;
if (count <= 0)
if (count <= 0 && code != sAuthenticationMethods)
return;
printf("%s", lookup_opcode_name(code));
for (i = 0; i < count; i++)
printf(" %s", vals[i]);
if (code == sAuthenticationMethods && count == 0)
printf(" any");
printf("\n");
}

View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: sshd_config.5,v 1.223 2016/05/04 14:29:58 markus Exp $
.Dd $Mdocdate: May 4 2016 $
.\" $OpenBSD: sshd_config.5,v 1.224 2016/06/17 05:03:40 djm Exp $
.Dd $Mdocdate: June 17 2016 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
@ -189,9 +189,12 @@ for more information on patterns.
Specifies the authentication methods that must be successfully completed
for a user to be granted access.
This option must be followed by one or more comma-separated lists of
authentication method names.
Successful authentication requires completion of every method in at least
one of these lists.
authentication method names, or by the single string
.Dq any
to indicate the default behaviour of accepting any single authentication
methods.
if the default is overridden, then successful authentication requires
completion of every method in at least one of these lists.
.Pp
For example, an argument of
.Dq publickey,password publickey,keyboard-interactive
@ -231,7 +234,9 @@ This option will yield a fatal
error if enabled if protocol 1 is also enabled.
Note that each authentication method listed should also be explicitly enabled
in the configuration.
The default is not to require multiple authentication; successful completion
The default
.Dq any
is not to require multiple authentication; successful completion
of a single authentication method is sufficient.
.It Cm AuthorizedKeysCommand
Specifies a program to be used to look up the user's public keys.