View | Details | Raw Unified | Return to bug 1348 | Differences between
and this patch

Collapse All | Expand All

(-)auth-rsa.c (-20 / +1 lines)
Lines 170-176 auth_rsa_key_allowed(struct passwd *pw, Link Here
170
	u_int bits;
170
	u_int bits;
171
	FILE *f;
171
	FILE *f;
172
	u_long linenum = 0;
172
	u_long linenum = 0;
173
	struct stat st;
174
	Key *key;
173
	Key *key;
175
174
176
	/* Temporarily use the user's uid. */
175
	/* Temporarily use the user's uid. */
Lines 179-205 auth_rsa_key_allowed(struct passwd *pw, Link Here
179
	/* The authorized keys. */
178
	/* The authorized keys. */
180
	file = authorized_keys_file(pw);
179
	file = authorized_keys_file(pw);
181
	debug("trying public RSA key file %s", file);
180
	debug("trying public RSA key file %s", file);
182
181
	f = auth_openkeyfile(file, pw, options.strict_modes);
183
	/* Fail quietly if file does not exist */
184
	if (stat(file, &st) < 0) {
185
		/* Restore the privileged uid. */
186
		restore_uid();
187
		xfree(file);
188
		return (0);
189
	}
190
	/* Open the file containing the authorized keys. */
191
	f = fopen(file, "r");
192
	if (!f) {
182
	if (!f) {
193
		/* Restore the privileged uid. */
194
		restore_uid();
195
		xfree(file);
196
		return (0);
197
	}
198
	if (options.strict_modes &&
199
	    secure_filename(f, file, pw, line, sizeof(line)) != 0) {
200
		xfree(file);
183
		xfree(file);
201
		fclose(f);
202
		logit("Authentication refused: %s", line);
203
		restore_uid();
184
		restore_uid();
204
		return (0);
185
		return (0);
205
	}
186
	}
(-)auth.c (-1 / +42 lines)
Lines 28-33 Link Here
28
#include <sys/param.h>
28
#include <sys/param.h>
29
29
30
#include <errno.h>
30
#include <errno.h>
31
#include <fcntl.h>
31
#include <libgen.h>
32
#include <libgen.h>
32
#include <login_cap.h>
33
#include <login_cap.h>
33
#include <paths.h>
34
#include <paths.h>
Lines 319-325 check_key_in_hostfiles(struct passwd *pw Link Here
319
 *
320
 *
320
 * Returns 0 on success and -1 on failure
321
 * Returns 0 on success and -1 on failure
321
 */
322
 */
322
int
323
static int
323
secure_filename(FILE *f, const char *file, struct passwd *pw,
324
secure_filename(FILE *f, const char *file, struct passwd *pw,
324
    char *err, size_t errlen)
325
    char *err, size_t errlen)
325
{
326
{
Lines 377-382 secure_filename(FILE *f, const char *fil Link Here
377
			break;
378
			break;
378
	}
379
	}
379
	return 0;
380
	return 0;
381
}
382
383
FILE *
384
auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes)
385
{
386
	char line[1024];
387
	struct stat st;
388
	int fd;
389
	FILE *f;
390
391
	/*
392
	 * Open the file containing the authorized keys
393
	 * Fail quietly if file does not exist
394
	 */
395
	if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1)
396
		return NULL;
397
398
	if (fstat(fd, &st) < 0) {
399
		close(fd);
400
		return NULL;
401
	}
402
	if (!S_ISREG(st.st_mode)) {
403
		logit("User %s authorized keys %s is not a regular file",
404
		    pw->pw_name, file);
405
		close(fd);
406
		return NULL;
407
	}
408
	unset_nonblock(fd);
409
	if ((f = fdopen(fd, "r")) == NULL) {
410
		close(fd);
411
		return NULL;
412
	}
413
	if (options.strict_modes &&
414
	    secure_filename(f, file, pw, line, sizeof(line)) != 0) {
415
		fclose(f);
416
		logit("Authentication refused: %s", line);
417
		return NULL;
418
	}
419
420
	return f;
380
}
421
}
381
422
382
struct passwd *
423
struct passwd *
(-)auth.h (-2 / +1 lines)
Lines 143-150 int verify_response(Authctxt *, const ch Link Here
143
char	*authorized_keys_file(struct passwd *);
143
char	*authorized_keys_file(struct passwd *);
144
char	*authorized_keys_file2(struct passwd *);
144
char	*authorized_keys_file2(struct passwd *);
145
145
146
int
146
FILE	*auth_openkeyfile(const char *, struct passwd *, int);
147
secure_filename(FILE *, const char *, struct passwd *, char *, size_t);
148
147
149
HostStatus
148
HostStatus
150
check_key_in_hostfiles(struct passwd *, Key *, const char *,
149
check_key_in_hostfiles(struct passwd *, Key *, const char *,
(-)auth2-pubkey.c (-32 / +4 lines)
Lines 177-186 static int Link Here
177
user_key_allowed2(struct passwd *pw, Key *key, char *file)
177
user_key_allowed2(struct passwd *pw, Key *key, char *file)
178
{
178
{
179
	char line[SSH_MAX_PUBKEY_BYTES];
179
	char line[SSH_MAX_PUBKEY_BYTES];
180
	int found_key = 0, fd;
180
	int found_key = 0;
181
	FILE *f;
181
	FILE *f;
182
	u_long linenum = 0;
182
	u_long linenum = 0;
183
	struct stat st;
184
	Key *found;
183
	Key *found;
185
	char *fp;
184
	char *fp;
186
185
Lines 188-224 user_key_allowed2(struct passwd *pw, Key Link Here
188
	temporarily_use_uid(pw);
187
	temporarily_use_uid(pw);
189
188
190
	debug("trying public key file %s", file);
189
	debug("trying public key file %s", file);
190
	f = auth_openkeyfile(file, pw, options.strict_modes);
191
191
192
	/*
192
	if (!f) {
193
	 * Open the file containing the authorized keys
193
		xfree(file);
194
	 * Fail quietly if file does not exist
195
	 */
196
	if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {
197
		restore_uid();
198
		return 0;
199
	}
200
	if (fstat(fd, &st) < 0) {
201
		close(fd);
202
		restore_uid();
203
		return 0;
204
	}
205
	if (!S_ISREG(st.st_mode)) {
206
		logit("User %s authorized keys %s is not a regular file",
207
		    pw->pw_name, file);
208
		close(fd);
209
		restore_uid();
210
		return 0;
211
	}
212
	unset_nonblock(fd);
213
	if ((f = fdopen(fd, "r")) == NULL) {
214
		close(fd);
215
		restore_uid();
216
		return 0;
217
	}
218
	if (options.strict_modes &&
219
	    secure_filename(f, file, pw, line, sizeof(line)) != 0) {
220
		fclose(f);
221
		logit("Authentication refused: %s", line);
222
		restore_uid();
194
		restore_uid();
223
		return 0;
195
		return 0;
224
	}
196
	}

Return to bug 1348