- dtucker@cvs.openbsd.org 2010/03/07 11:57:13
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c] Hold authentication debug messages until after successful authentication. Fixes an info leak of environment variables specified in authorized_keys, reported by Jacob Appelbaum. ok djm@
This commit is contained in:
parent
ac0c4c9c1d
commit
cd70e1b813
|
@ -7,6 +7,12 @@
|
||||||
by permanently_set_uid.
|
by permanently_set_uid.
|
||||||
- (dtucker) [session.c] Also initialize creds to NULL for handing to
|
- (dtucker) [session.c] Also initialize creds to NULL for handing to
|
||||||
setpcred.
|
setpcred.
|
||||||
|
- (dtucker) OpenBSD CVS Sync
|
||||||
|
- dtucker@cvs.openbsd.org 2010/03/07 11:57:13
|
||||||
|
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
|
||||||
|
Hold authentication debug messages until after successful authentication.
|
||||||
|
Fixes an info leak of environment variables specified in authorized_keys,
|
||||||
|
reported by Jacob Appelbaum. ok djm@
|
||||||
|
|
||||||
20100305
|
20100305
|
||||||
- OpenBSD CVS Sync
|
- OpenBSD CVS Sync
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: auth-options.c,v 1.47 2010/03/04 23:27:25 djm Exp $ */
|
/* $OpenBSD: auth-options.c,v 1.48 2010/03/07 11:57:13 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -78,7 +78,6 @@ auth_clear_options(void)
|
||||||
}
|
}
|
||||||
forced_tun_device = -1;
|
forced_tun_device = -1;
|
||||||
channel_clear_permitted_opens();
|
channel_clear_permitted_opens();
|
||||||
auth_debug_reset();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -364,9 +363,6 @@ next_option:
|
||||||
/* Process the next option. */
|
/* Process the next option. */
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!use_privsep)
|
|
||||||
auth_debug_send();
|
|
||||||
|
|
||||||
/* grant access */
|
/* grant access */
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
@ -376,9 +372,6 @@ bad_option:
|
||||||
auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
|
auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
|
||||||
file, linenum, opts);
|
file, linenum, opts);
|
||||||
|
|
||||||
if (!use_privsep)
|
|
||||||
auth_debug_send();
|
|
||||||
|
|
||||||
/* deny access */
|
/* deny access */
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: auth-rhosts.c,v 1.43 2008/06/13 14:18:51 dtucker Exp $ */
|
/* $OpenBSD: auth-rhosts.c,v 1.44 2010/03/07 11:57:13 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -317,11 +317,5 @@ int
|
||||||
auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
|
auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
|
||||||
const char *ipaddr)
|
const char *ipaddr)
|
||||||
{
|
{
|
||||||
int ret;
|
return auth_rhosts2_raw(pw, client_user, hostname, ipaddr);
|
||||||
|
|
||||||
auth_debug_reset();
|
|
||||||
ret = auth_rhosts2_raw(pw, client_user, hostname, ipaddr);
|
|
||||||
if (!use_privsep)
|
|
||||||
auth_debug_send();
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
|
|
17
monitor.c
17
monitor.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: monitor.c,v 1.105 2010/02/26 20:29:54 djm Exp $ */
|
/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||||
|
@ -997,17 +997,6 @@ mm_answer_pam_free_ctx(int sock, Buffer *m)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static void
|
|
||||||
mm_append_debug(Buffer *m)
|
|
||||||
{
|
|
||||||
if (auth_debug_init && buffer_len(&auth_debug)) {
|
|
||||||
debug3("%s: Appending debug messages for child", __func__);
|
|
||||||
buffer_append(m, buffer_ptr(&auth_debug),
|
|
||||||
buffer_len(&auth_debug));
|
|
||||||
buffer_clear(&auth_debug);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
int
|
||||||
mm_answer_keyallowed(int sock, Buffer *m)
|
mm_answer_keyallowed(int sock, Buffer *m)
|
||||||
{
|
{
|
||||||
|
@ -1090,8 +1079,6 @@ mm_answer_keyallowed(int sock, Buffer *m)
|
||||||
buffer_put_int(m, allowed);
|
buffer_put_int(m, allowed);
|
||||||
buffer_put_int(m, forced_command != NULL);
|
buffer_put_int(m, forced_command != NULL);
|
||||||
|
|
||||||
mm_append_debug(m);
|
|
||||||
|
|
||||||
mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
|
mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
|
||||||
|
|
||||||
if (type == MM_RSAHOSTKEY)
|
if (type == MM_RSAHOSTKEY)
|
||||||
|
@ -1475,8 +1462,6 @@ mm_answer_rsa_keyallowed(int sock, Buffer *m)
|
||||||
if (key != NULL)
|
if (key != NULL)
|
||||||
key_free(key);
|
key_free(key);
|
||||||
|
|
||||||
mm_append_debug(m);
|
|
||||||
|
|
||||||
mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m);
|
mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m);
|
||||||
|
|
||||||
monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
|
monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: monitor_wrap.c,v 1.68 2009/06/22 05:39:28 dtucker Exp $ */
|
/* $OpenBSD: monitor_wrap.c,v 1.69 2010/03/07 11:57:13 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||||
|
@ -347,19 +347,6 @@ mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user,
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
|
||||||
mm_send_debug(Buffer *m)
|
|
||||||
{
|
|
||||||
char *msg;
|
|
||||||
|
|
||||||
while (buffer_len(m)) {
|
|
||||||
msg = buffer_get_string(m, NULL);
|
|
||||||
debug3("%s: Sending debug: %s", __func__, msg);
|
|
||||||
packet_send_debug("%s", msg);
|
|
||||||
xfree(msg);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
int
|
||||||
mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
|
mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
|
||||||
{
|
{
|
||||||
|
@ -393,9 +380,6 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
|
||||||
have_forced = buffer_get_int(&m);
|
have_forced = buffer_get_int(&m);
|
||||||
forced_command = have_forced ? xstrdup("true") : NULL;
|
forced_command = have_forced ? xstrdup("true") : NULL;
|
||||||
|
|
||||||
/* Send potential debug messages */
|
|
||||||
mm_send_debug(&m);
|
|
||||||
|
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
|
||||||
return (allowed);
|
return (allowed);
|
||||||
|
@ -1085,7 +1069,6 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||||
*rkey = key;
|
*rkey = key;
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
}
|
}
|
||||||
mm_send_debug(&m);
|
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
|
||||||
return (allowed);
|
return (allowed);
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: session.c,v 1.251 2010/01/12 08:33:17 dtucker Exp $ */
|
/* $OpenBSD: session.c,v 1.252 2010/03/07 11:57:13 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
* All rights reserved
|
* All rights reserved
|
||||||
|
@ -271,6 +271,8 @@ do_authenticated(Authctxt *authctxt)
|
||||||
if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
|
if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
|
||||||
channel_permit_all_opens();
|
channel_permit_all_opens();
|
||||||
|
|
||||||
|
auth_debug_send();
|
||||||
|
|
||||||
if (compat20)
|
if (compat20)
|
||||||
do_authenticated2(authctxt);
|
do_authenticated2(authctxt);
|
||||||
else
|
else
|
||||||
|
|
3
sshd.c
3
sshd.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: sshd.c,v 1.373 2010/02/26 20:29:54 djm Exp $ */
|
/* $OpenBSD: sshd.c,v 1.374 2010/03/07 11:57:13 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -1939,6 +1939,7 @@ main(int ac, char **av)
|
||||||
|
|
||||||
/* prepare buffer to collect messages to display to user after login */
|
/* prepare buffer to collect messages to display to user after login */
|
||||||
buffer_init(&loginmsg);
|
buffer_init(&loginmsg);
|
||||||
|
auth_debug_reset();
|
||||||
|
|
||||||
if (use_privsep)
|
if (use_privsep)
|
||||||
if (privsep_preauth(authctxt) == 1)
|
if (privsep_preauth(authctxt) == 1)
|
||||||
|
|
Loading…
Reference in New Issue