tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-31 01:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

- djm@cvs.openbsd.org 2012/11/04 10:38:43

Browse Source 
[auth2-pubkey.c sshd.c sshd_config.5]
     Remove default of AuthorizedCommandUser. Administrators are now expected
     to explicitly specify a user. feedback and ok markus@
This commit is contained in:
Damien Miller 2012-11-04 22:23:14 +11:00
parent f33580eed0
commit d0d1099b3b
4 changed files with 31 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -3,6 +3,10 @@
- jmc@cvs.openbsd.org 2012/10/31 08:04:50 - jmc@cvs.openbsd.org 2012/10/31 08:04:50
[sshd_config.5] [sshd_config.5]
tweak previous; tweak previous;
- djm@cvs.openbsd.org 2012/11/04 10:38:43
[auth2-pubkey.c sshd.c sshd_config.5]
Remove default of AuthorizedCommandUser. Administrators are now expected
to explicitly specify a user. feedback and ok markus@
20121030 20121030
- (djm) OpenBSD CVS Sync - (djm) OpenBSD CVS Sync

30
auth2-pubkey.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-pubkey.c,v 1.31 2012/10/30 21:29:54 djm Exp $ */ /* $OpenBSD: auth2-pubkey.c,v 1.32 2012/11/04 10:38:43 djm Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* *
@ -462,24 +462,28 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key)
struct stat st; struct stat st;
int status, devnull, p[2], i; int status, devnull, p[2], i;
pid_t pid; pid_t pid;
char errmsg[512]; char *username, errmsg[512];
if (options.authorized_keys_command == NULL || if (options.authorized_keys_command == NULL ||
options.authorized_keys_command[0] != '/') options.authorized_keys_command[0] != '/')
return 0; return 0;
/* If no user specified to run commands the default to target user */ if (options.authorized_keys_command_user == NULL) {
if (options.authorized_keys_command_user == NULL) error("No user for AuthorizedKeysCommand specified, skipping");
pw = user_pw; return 0;
else {
pw = getpwnam(options.authorized_keys_command_user);
if (pw == NULL) {
error("AuthorizedKeyCommandUser \"%s\" not found: %s",
options.authorized_keys_command, strerror(errno));
return 0;
}
} }
username = percent_expand(options.authorized_keys_command_user,
"u", user_pw->pw_name, (char *)NULL);
pw = getpwnam(username);
if (pw == NULL) {
error("AuthorizedKeyCommandUser \"%s\" not found: %s",
options.authorized_keys_command, strerror(errno));
free(username);
return 0;
}
free(username);
temporarily_use_uid(pw); temporarily_use_uid(pw);
if (stat(options.authorized_keys_command, &st) < 0) { if (stat(options.authorized_keys_command, &st) < 0) {
@ -517,6 +521,7 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key)
for (i = 0; i < NSIG; i++) for (i = 0; i < NSIG; i++)
signal(i, SIG_DFL); signal(i, SIG_DFL);
closefrom(STDERR_FILENO + 1);
/* Don't use permanently_set_uid() here to avoid fatal() */ /* Don't use permanently_set_uid() here to avoid fatal() */
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) {
error("setresgid %u: %s", (u_int)pw->pw_gid, error("setresgid %u: %s", (u_int)pw->pw_gid,
@ -541,7 +546,6 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key)
error("%s: dup2: %s", __func__, strerror(errno)); error("%s: dup2: %s", __func__, strerror(errno));
_exit(1); _exit(1);
} }
closefrom(STDERR_FILENO + 1);
execl(options.authorized_keys_command, execl(options.authorized_keys_command,
options.authorized_keys_command, pw->pw_name, NULL); options.authorized_keys_command, pw->pw_name, NULL);

9
sshd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshd.c,v 1.394 2012/10/30 21:29:55 djm Exp $ */ /* $OpenBSD: sshd.c,v 1.395 2012/11/04 10:38:43 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1559,6 +1559,13 @@ main(int ac, char **av)
if (options.challenge_response_authentication) if (options.challenge_response_authentication)
options.kbd_interactive_authentication = 1; options.kbd_interactive_authentication = 1;
/* Check that options are sensible */
if (options.authorized_keys_command_user == NULL &&
(options.authorized_keys_command != NULL &&
strcasecmp(options.authorized_keys_command, "none") != 0))
fatal("AuthorizedKeysCommand set without "
"AuthorizedKeysCommandUser");
/* set default channel AF */ /* set default channel AF */
channel_set_af(options.address_family); channel_set_af(options.address_family);

5
sshd_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd_config.5,v 1.147 2012/10/31 08:04:50 jmc Exp $ .\" $OpenBSD: sshd_config.5,v 1.148 2012/11/04 10:38:43 djm Exp $
.Dd $Mdocdate: October 31 2012 $ .Dd $Mdocdate: November 4 2012 $
.Dt SSHD_CONFIG 5 .Dt SSHD_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -166,7 +166,6 @@ files.
By default, no AuthorizedKeysCommand is run. By default, no AuthorizedKeysCommand is run.
.It Cm AuthorizedKeysCommandUser .It Cm AuthorizedKeysCommandUser
Specifies the user under whose account the AuthorizedKeysCommand is run. Specifies the user under whose account the AuthorizedKeysCommand is run.
The default is the user being authenticated.
It is recommended to use a dedicated user that has no other role on the host It is recommended to use a dedicated user that has no other role on the host
than running authorized keys commands. than running authorized keys commands.
.It Cm AuthorizedKeysFile .It Cm AuthorizedKeysFile