Attachment 1033 Details for Bug 1128 – this patch appends configuration keyword "ShostsFile"

[patch] this patch appends configuration keyword "ShostsFile"

openssh-4.2p1-ShostsFile.patch (text/plain), 10.38 KB, created by SASAJIMA Toshihiro on 2005-12-01 19:13:12 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: SASAJIMA Toshihiro

Created: 2005-12-01 19:13:12 AEDT

Size: 10.38 KB

patch

obsolete

>diff -cr openssh-4.2p1.orig/auth-rhosts.c openssh-4.2p1/auth-rhosts.c
>*** openssh-4.2p1.orig/auth-rhosts.c	Sun Jul 17 16:22:45 2005
>--- openssh-4.2p1/auth-rhosts.c	Thu Dec  1 15:03:30 2005
>***************
>*** 24,29 ****
>--- 24,31 ----
>  #include "canohost.h"
>  #include "auth.h"
>  
>+ #include <string.h>
>+ 
>  /* import */
>  extern ServerOptions options;
>  extern int use_privsep;
>***************
>*** 165,178 ****
>  auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostname,
>      const char *ipaddr)
>  {
>! 	char buf[1024];
>  	struct stat st;
>! 	static const char *rhosts_files[] = {".shosts", ".rhosts", NULL};
>! 	u_int rhosts_file_index;
>  
>  	debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s",
>  	    client_user, hostname, ipaddr);
>  
>  	/* Switch to the user's uid. */
>  	temporarily_use_uid(pw);
>  	/*
>--- 167,199 ----
>  auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostname,
>      const char *ipaddr)
>  {
>! 	char* s;
>! 	int   r;
>! 	char err[256];
>! 	char rhosts_pathnames[2][1024];
>  	struct stat st;
>! 	static const char *rhosts_filenames[] = {".shosts", ".rhosts"};
>! 	u_int rhosts_pathname_num;
>! 	u_int rhosts_pathname_index;
>  
>  	debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s",
>  	    client_user, hostname, ipaddr);
>  
>+ 	if( (s = shosts_file(pw)) ){
>+ 		strncpy( rhosts_pathnames[0], s, sizeof *rhosts_pathnames );
>+ 		free( s );
>+ 		rhosts_pathname_num = 1;
>+ 	}
>+ 	else{
>+ 		snprintf( rhosts_pathnames[0], sizeof *rhosts_pathnames,
>+ 			  "%.500s/%.100s",
>+ 			  pw->pw_dir, rhosts_filenames[0] );
>+ 		snprintf( rhosts_pathnames[1], sizeof *rhosts_pathnames,
>+ 			  "%.500s/%.100s",
>+ 			  pw->pw_dir, rhosts_filenames[1] );
>+ 		rhosts_pathname_num = 2;
>+ 	}
>+ 
>  	/* Switch to the user's uid. */
>  	temporarily_use_uid(pw);
>  	/*
>***************
>*** 180,191 ****
>  	 * failure immediately without doing costly lookups from name
>  	 * servers.
>  	 */
>! 	for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
>! 	    rhosts_file_index++) {
>! 		/* Check users .rhosts or .shosts. */
>! 		snprintf(buf, sizeof buf, "%.500s/%.100s",
>! 			 pw->pw_dir, rhosts_files[rhosts_file_index]);
>! 		if (stat(buf, &st) >= 0)
>  			break;
>  	}
>  	/* Switch back to privileged uid. */
>--- 201,211 ----
>  	 * failure immediately without doing costly lookups from name
>  	 * servers.
>  	 */
>! 	for (rhosts_pathname_index = 0;
>! 	     rhosts_pathname_index < rhosts_pathname_num;
>! 	     rhosts_pathname_index++) {
>! 		/* Check users .rhosts, .shosts or user-specified one. */
>! 		if (stat(rhosts_pathnames[rhosts_pathname_index], &st) >= 0)
>  			break;
>  	}
>  	/* Switch back to privileged uid. */
>***************
>*** 192,198 ****
>  	restore_uid();
>  
>  	/* Deny if The user has no .shosts or .rhosts file and there are no system-wide files. */
>! 	if (!rhosts_files[rhosts_file_index] &&
>  	    stat(_PATH_RHOSTS_EQUIV, &st) < 0 &&
>  	    stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0)
>  		return 0;
>--- 212,218 ----
>  	restore_uid();
>  
>  	/* Deny if The user has no .shosts or .rhosts file and there are no system-wide files. */
>! 	if (rhosts_pathname_index >= rhosts_pathname_num &&
>  	    stat(_PATH_RHOSTS_EQUIV, &st) < 0 &&
>  	    stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0)
>  		return 0;
>***************
>*** 202,208 ****
>  		if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr,
>  		    client_user, pw->pw_name)) {
>  			auth_debug_add("Accepted for %.100s [%.100s] by /etc/hosts.equiv.",
>! 			    hostname, ipaddr);
>  			return 1;
>  		}
>  		if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr,
>--- 222,228 ----
>  		if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr,
>  		    client_user, pw->pw_name)) {
>  			auth_debug_add("Accepted for %.100s [%.100s] by /etc/hosts.equiv.",
>! 				       hostname, ipaddr);
>  			return 1;
>  		}
>  		if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr,
>***************
>*** 232,283 ****
>  		    "bad ownership or modes for home directory.", pw->pw_name);
>  		return 0;
>  	}
>  	/* Temporarily use the user's uid. */
>  	temporarily_use_uid(pw);
>  
>  	/* Check all .rhosts files (currently .shosts and .rhosts). */
>! 	for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
>! 	    rhosts_file_index++) {
>  		/* Check users .rhosts or .shosts. */
>! 		snprintf(buf, sizeof buf, "%.500s/%.100s",
>! 			 pw->pw_dir, rhosts_files[rhosts_file_index]);
>! 		if (stat(buf, &st) < 0)
>  			continue;
>  
>- 		/*
>- 		 * Make sure that the file is either owned by the user or by
>- 		 * root, and make sure it is not writable by anyone but the
>- 		 * owner.  This is to help avoid novices accidentally
>- 		 * allowing access to their account by anyone.
>- 		 */
>- 		if (options.strict_modes &&
>- 		    ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
>- 		    (st.st_mode & 022) != 0)) {
>- 			logit("Rhosts authentication refused for %.100s: bad modes for %.200s",
>- 			    pw->pw_name, buf);
>- 			auth_debug_add("Bad file modes for %.200s", buf);
>- 			continue;
>- 		}
>  		/* Check if we have been configured to ignore .rhosts and .shosts files. */
>  		if (options.ignore_rhosts) {
>  			auth_debug_add("Server has been configured to ignore %.100s.",
>! 			    rhosts_files[rhosts_file_index]);
>  			continue;
>  		}
>  		/* Check if authentication is permitted by the file. */
>! 		if (check_rhosts_file(buf, hostname, ipaddr, client_user, pw->pw_name)) {
>! 			auth_debug_add("Accepted by %.100s.",
>! 			    rhosts_files[rhosts_file_index]);
>  			/* Restore the privileged uid. */
>  			restore_uid();
>! 			auth_debug_add("Accepted host %s ip %s client_user %s server_user %s",
>! 				hostname, ipaddr, client_user, pw->pw_name);
>  			return 1;
>  		}
>  	}
>- 
>  	/* Restore the privileged uid. */
>  	restore_uid();
>  	return 0;
>  }
>  
>--- 252,314 ----
>  		    "bad ownership or modes for home directory.", pw->pw_name);
>  		return 0;
>  	}
>+ 
>  	/* Temporarily use the user's uid. */
>  	temporarily_use_uid(pw);
>  
>  	/* Check all .rhosts files (currently .shosts and .rhosts). */
>! 	for (rhosts_pathname_index = 0;
>! 	     rhosts_pathname_index < rhosts_pathname_num;
>! 	     rhosts_pathname_index++) {
>! 
>  		/* Check users .rhosts or .shosts. */
>! 		if( stat(rhosts_pathnames[rhosts_pathname_index], &st) < 0 )
>  			continue;
>  
>  		/* Check if we have been configured to ignore .rhosts and .shosts files. */
>  		if (options.ignore_rhosts) {
>  			auth_debug_add("Server has been configured to ignore %.100s.",
>! 			    rhosts_pathnames[rhosts_pathname_index]);
>  			continue;
>  		}
>+ 
>+ 		/* Check .rhosts and .shosts files permission. */
>+ 		if( options.strict_modes ){
>+ 			FILE* f = fopen( rhosts_pathnames[rhosts_pathname_index], "r" );
>+ 			if( !f ) continue;
>+ 			r = secure_filename( f, rhosts_pathnames[rhosts_pathname_index], pw, err, sizeof err );
>+ 			fclose( f );
>+ 			if( r ){
>+ 				/* Restore the privileged uid. */
>+ 				restore_uid();
>+ 
>+ 				logit( "%s", err );
>+ 				logit( "Rhosts authentication refused for %.100s: "
>+ 				       "bad ownership or modes for rhosts file.",
>+ 				       rhosts_pathnames[rhosts_pathname_index] );
>+ 				auth_debug_add( "%s", err );
>+ 				auth_debug_add( "Rhosts authentication refused for %.100s: "
>+ 					        "bad ownership or modes for rhosts file.",
>+ 					        rhosts_pathnames[rhosts_pathname_index] );
>+ 				return 0;
>+ 			}
>+ 		}
>+ 
>  		/* Check if authentication is permitted by the file. */
>! 		if( check_rhosts_file(rhosts_pathnames[rhosts_pathname_index], hostname, ipaddr, client_user, pw->pw_name) ){
>  			/* Restore the privileged uid. */
>  			restore_uid();
>! 
>! 			auth_debug_add( "Accepted by %.100s.",
>! 					rhosts_pathnames[rhosts_pathname_index]);
>! 			auth_debug_add( "Accepted host %s ip %s client_user %s server_user %s",
>! 					hostname, ipaddr, client_user, pw->pw_name);
>  			return 1;
>  		}
>  	}
>  	/* Restore the privileged uid. */
>  	restore_uid();
>+ 
>  	return 0;
>  }
>  
>diff -cr openssh-4.2p1.orig/auth.c openssh-4.2p1/auth.c
>*** openssh-4.2p1.orig/auth.c	Thu Sep  1 01:59:49 2005
>--- openssh-4.2p1/auth.c	Wed Nov 30 21:37:21 2005
>***************
>*** 370,375 ****
>--- 370,382 ----
>  	return expand_authorized_keys(options.authorized_keys_file2, pw);
>  }
>  
>+ char *
>+ shosts_file(struct passwd *pw)
>+ {
>+ 	if( options.shosts_file == NULL ) return NULL;
>+ 	return expand_authorized_keys(options.shosts_file, pw);
>+ }
>+ 
>  /* return ok if key exists in sysfile or userfile */
>  HostStatus
>  check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
>diff -cr openssh-4.2p1.orig/auth.h openssh-4.2p1/auth.h
>*** openssh-4.2p1.orig/auth.h	Thu Jul  7 10:50:20 2005
>--- openssh-4.2p1/auth.h	Wed Nov 30 21:31:45 2005
>***************
>*** 165,170 ****
>--- 165,171 ----
>  
>  char	*authorized_keys_file(struct passwd *);
>  char	*authorized_keys_file2(struct passwd *);
>+ char	*shosts_file(struct passwd *);
>  
>  int
>  secure_filename(FILE *, const char *, struct passwd *, char *, size_t);
>diff -cr openssh-4.2p1.orig/servconf.c openssh-4.2p1/servconf.c
>*** openssh-4.2p1.orig/servconf.c	Fri Aug 12 21:11:37 2005
>--- openssh-4.2p1/servconf.c	Thu Dec  1 14:52:52 2005
>***************
>*** 101,106 ****
>--- 101,107 ----
>  	options->authorized_keys_file = NULL;
>  	options->authorized_keys_file2 = NULL;
>  	options->num_accept_env = 0;
>+ 	options->shosts_file = NULL;
>  
>  	/* Needs to be accessable in many places */
>  	use_privsep = -1;
>***************
>*** 272,277 ****
>--- 273,279 ----
>  	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
>  	sGssAuthentication, sGssCleanupCreds, sAcceptEnv,
>  	sUsePrivilegeSeparation,
>+ 	sShostsFile,
>  	sDeprecated, sUnsupported
>  } ServerOpCodes;
>  
>***************
>*** 373,378 ****
>--- 375,381 ----
>  	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
>  	{ "useprivilegeseparation", sUsePrivilegeSeparation},
>  	{ "acceptenv", sAcceptEnv },
>+ 	{ "shostsfile", sShostsFile },
>  	{ NULL, sBadOption }
>  };
>  
>***************
>*** 962,967 ****
>--- 965,974 ----
>  		}
>  		break;
>  
>+ 	case sShostsFile:
>+ 		charptr = &options->shosts_file;
>+ 		goto parse_filename;
>+ 
>  	case sDeprecated:
>  		logit("%s line %d: Deprecated option %s",
>  		    filename, linenum, arg);
>diff -cr openssh-4.2p1.orig/servconf.h openssh-4.2p1/servconf.h
>*** openssh-4.2p1.orig/servconf.h	Thu Jan 20 08:57:56 2005
>--- openssh-4.2p1/servconf.h	Wed Nov 30 21:28:33 2005
>***************
>*** 134,139 ****
>--- 134,140 ----
>  	char   *authorized_keys_file;	/* File containing public keys */
>  	char   *authorized_keys_file2;
>  	int	use_pam;		/* Enable auth via PAM */
>+ 	char   *shosts_file;		/* User-specified .shosts file */
>  }       ServerOptions;
>  
>  void	 initialize_server_options(ServerOptions *);

Actions: View | Diff

Attachments on bug 1128: 1033