upstream: make sure that UseDNS hostname lookup happens in the monitor

and not in the pledge(2)'d unprivileged process; fixes regression caused by
recent refactoring spotted by henning@

OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
This commit is contained in:
djm@openbsd.org 2022-06-15 16:08:25 +00:00 committed by Damien Miller
parent acb2059feb
commit f5ba85dadd
5 changed files with 20 additions and 27 deletions

6
auth.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth.h,v 1.105 2022/06/03 04:47:21 djm Exp $ */
/* $OpenBSD: auth.h,v 1.106 2022/06/15 16:08:25 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -135,8 +135,8 @@ int auth_password(struct ssh *, const char *);
int hostbased_key_allowed(struct ssh *, struct passwd *,
const char *, char *, struct sshkey *);
int user_key_allowed(struct passwd *, struct sshkey *, int,
const char *, const char *, struct sshauthopt **);
int user_key_allowed(struct ssh *ssh, struct passwd *, struct sshkey *,
int, struct sshauthopt **);
int auth2_key_already_used(Authctxt *, const struct sshkey *);
/*

View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-pubkey.c,v 1.115 2022/05/27 05:02:46 djm Exp $ */
/* $OpenBSD: auth2-pubkey.c,v 1.116 2022/06/15 16:08:25 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2010 Damien Miller. All rights reserved.
@ -98,9 +98,6 @@ userauth_pubkey(struct ssh *ssh, const char *method)
int req_presence = 0, req_verify = 0, authenticated = 0;
struct sshauthopt *authopts = NULL;
struct sshkey_sig_details *sig_details = NULL;
const char *remote_ip = ssh_remote_ipaddr(ssh);
const char *remote_host = auth_get_canonical_hostname(ssh,
options.use_dns);
hostbound = strcmp(method, "publickey-hostbound-v00@openssh.com") == 0;
@ -223,8 +220,7 @@ userauth_pubkey(struct ssh *ssh, const char *method)
#endif
/* test for correct signature */
authenticated = 0;
if (PRIVSEP(user_key_allowed(pw, key, 1, remote_ip,
remote_host, &authopts)) &&
if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
PRIVSEP(sshkey_verify(key, sig, slen,
sshbuf_ptr(b), sshbuf_len(b),
(ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL,
@ -286,8 +282,7 @@ userauth_pubkey(struct ssh *ssh, const char *method)
* if a user is not allowed to login. is this an
* issue? -markus
*/
if (PRIVSEP(user_key_allowed(pw, key, 0, remote_ip,
remote_host, NULL))) {
if (PRIVSEP(user_key_allowed(ssh, pw, key, 0, NULL))) {
if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_PK_OK))
!= 0 ||
(r = sshpkt_put_cstring(ssh, pkalg)) != 0 ||
@ -751,13 +746,15 @@ user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key,
* Check whether key authenticates and authorises the user.
*/
int
user_key_allowed(struct passwd *pw, struct sshkey *key,
int auth_attempt, const char *remote_ip, const char *remote_host,
struct sshauthopt **authoptsp)
user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
int auth_attempt, struct sshauthopt **authoptsp)
{
u_int success = 0, i;
char *file;
struct sshauthopt *opts = NULL;
const char *remote_ip = ssh_remote_ipaddr(ssh);
const char *remote_host = auth_get_canonical_hostname(ssh,
options.use_dns);
if (authoptsp != NULL)
*authoptsp = NULL;

View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.c,v 1.233 2022/05/27 05:01:25 djm Exp $ */
/* $OpenBSD: monitor.c,v 1.234 2022/06/15 16:08:25 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -1151,9 +1151,6 @@ mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
u_int type = 0;
int r, allowed = 0;
struct sshauthopt *opts = NULL;
const char *remote_ip = ssh_remote_ipaddr(ssh);
const char *remote_host = auth_get_canonical_hostname(ssh,
options.use_dns);
debug3_f("entering");
if ((r = sshbuf_get_u32(m, &type)) != 0 ||
@ -1179,8 +1176,8 @@ mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
if (!key_base_type_match(auth_method, key,
options.pubkey_accepted_algos))
break;
allowed = user_key_allowed(authctxt->pw, key,
pubkey_auth_attempt, remote_ip, remote_host, &opts);
allowed = user_key_allowed(ssh, authctxt->pw, key,
pubkey_auth_attempt, &opts);
break;
case MM_HOSTKEY:
auth_method = "hostbased";

View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.c,v 1.124 2022/05/27 05:01:25 djm Exp $ */
/* $OpenBSD: monitor_wrap.c,v 1.125 2022/06/15 16:08:25 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -434,9 +434,8 @@ mm_auth_password(struct ssh *ssh, char *password)
}
int
mm_user_key_allowed(struct passwd *pw, struct sshkey *key,
int pubkey_auth_attempt, const char *remote_ip, const char *remote_host,
struct sshauthopt **authoptp)
mm_user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
int pubkey_auth_attempt, struct sshauthopt **authoptp)
{
return (mm_key_allowed(MM_USERKEY, NULL, NULL, key,
pubkey_auth_attempt, authoptp));

View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.h,v 1.48 2022/05/27 05:01:25 djm Exp $ */
/* $OpenBSD: monitor_wrap.h,v 1.49 2022/06/15 16:08:25 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@ -54,8 +54,8 @@ char *mm_auth2_read_banner(void);
int mm_auth_password(struct ssh *, char *);
int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *,
int, struct sshauthopt **);
int mm_user_key_allowed(struct passwd *, struct sshkey *, int,
const char *, const char *, struct sshauthopt **);
int mm_user_key_allowed(struct ssh *ssh, struct passwd *, struct sshkey *, int,
struct sshauthopt **);
int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *,
const char *, struct sshkey *);
int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,