Attachment #88 for bug #172

Lines 44-49 Link Here

(-)auth-rsa.c (-9 / +27 lines)
44	*/	44	*/
45	extern u_char session_id[16];	45	extern u_char session_id[16];
46		46
		47	static int auth_rsa_file(struct passwd pw, BIGNUM client_n, char file, Key *rkey);
		48
47	/*	49	/*
48	* The .ssh/authorized_keys file contains public keys, one per line, in the	50	* The .ssh/authorized_keys file contains public keys, one per line, in the
49	* following format:	51	* following format:
Lines 153-159 Link Here
153	int	155	int
154	auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)	156	auth_rsa_key_allowed(struct passwd pw, BIGNUM client_n, Key **rkey)
155	{	157	{
156	char line[8192], *file;	158	char *file;
		159	int authorized = 0;
		160	int authfileno = 0;
		161
		162	/* no user given */
		163	if (pw == NULL)
		164	return 0;
		165
		166	/* Iterate over all authorized keys files. */
		167	while ((file = authorized_keys_file(pw, authfileno++)) != NULL) {
		168	debug("trying public RSA key file %s", file);
		169	authorized = auth_rsa_file(pw, client_n, file, rkey);
		170	xfree(file);
		171	if (authorized == 1) {
		172	return 1;
		173	}
		174	}
		175	return 0;
		176	}
		177
		178	/* Do the hard work in authenticating the client */
		179	static int
		180	auth_rsa_file(struct passwd pw, BIGNUM client_n, char file, Key *rkey)
		181	{
		182	char line[8192];
157	int allowed = 0;	183	int allowed = 0;
158	u_int bits;	184	u_int bits;
159	FILE *f;	185	FILE *f;
Lines 164-178 Link Here
164	/* Temporarily use the user's uid. */	190	/* Temporarily use the user's uid. */
165	temporarily_use_uid(pw);	191	temporarily_use_uid(pw);
166		192
167	/* The authorized keys. */
168	file = authorized_keys_file(pw);
169	debug("trying public RSA key file %s", file);
170
171	/* Fail quietly if file does not exist */	193	/* Fail quietly if file does not exist */
172	if (stat(file, &st) < 0) {	194	if (stat(file, &st) < 0) {
173	/* Restore the privileged uid. */	195	/* Restore the privileged uid. */
174	restore_uid();	196	restore_uid();
175	xfree(file);
176	return (0);	197	return (0);
177	}	198	}
178	/* Open the file containing the authorized keys. */	199	/* Open the file containing the authorized keys. */
Lines 180-191 Link Here
180	if (!f) {	201	if (!f) {
181	/* Restore the privileged uid. */	202	/* Restore the privileged uid. */
182	restore_uid();	203	restore_uid();
183	xfree(file);
184	return (0);	204	return (0);
185	}	205	}
186	if (options.strict_modes &&	206	if (options.strict_modes &&
187	secure_filename(f, file, pw, line, sizeof(line)) != 0) {	207	secure_filename(f, file, pw, line, sizeof(line)) != 0) {
188	xfree(file);
189	fclose(f);	208	fclose(f);
190	log("Authentication refused: %s", line);	209	log("Authentication refused: %s", line);
191	restore_uid();	210	restore_uid();
Lines 267-273 Link Here
267	restore_uid();	286	restore_uid();
268		287
269	/* Close the file. */	288	/* Close the file. */
270	xfree(file);
271	fclose(f);	289	fclose(f);
272		290
273	/* return key if allowed */	291	/* return key if allowed */




}

char *
authorized_keys_file(struct passwd *pw, int n)
{
	if (n >= options.num_authorized_keys_files)
		return NULL;
	return expand_filename(options.authorized_keys_files[n], pw);
char *
authorized_keys_file2(struct passwd *pw)
{
	return expand_filename(options.authorized_keys_file2, pw);
}

/* return ok if key exists in sysfile or userfile */

Lines 154-161 Link Here

(-)auth.h (-2 / +1 lines)
154	struct passwd * auth_get_user(void);	154	struct passwd * auth_get_user(void);
155		155
156	char expand_filename(const char , struct passwd *);	156	char expand_filename(const char , struct passwd *);
157	char authorized_keys_file(struct passwd );	157	char authorized_keys_file(struct passwd , int n);
158	char authorized_keys_file2(struct passwd );
159		158
160	int	159	int
161	secure_filename(FILE , const char , struct passwd , char , size_t);	160	secure_filename(FILE , const char , struct passwd , char , size_t);




{
	int success;
	char *file;
	int authfileno = 0;

	/* Iterate over all authorized_keys_files */
	while ((file = authorized_keys_file(pw, authfileno++) ) != NULL) {
		success = user_key_allowed2(pw, key, file);
		xfree(file);
		if (success)
			return success;
	}
	return 0;
	success = user_key_allowed2(pw, key, file);
	xfree(file);
	return success;
}

/* return 1 if given hostkey is allowed */




	options->verify_reverse_mapping = -1;
	options->client_alive_interval = -1;
	options->client_alive_count_max = -1;
	options->num_authorized_keys_files = 0;
	options->authorized_keys_file2 = NULL;

	/* Needs to be accessable in many places */
	use_privsep = -1;

		options->client_alive_interval = 0;
	if (options->client_alive_count_max == -1)
		options->client_alive_count_max = 3;
	if (options->num_authorized_keys_files == 0) {
	    	/* fill default authorized keys files */
		options->authorized_keys_files[options->num_authorized_keys_files++] = _PATH_SSH_USER_PERMITTED_KEYS;
		options->authorized_keys_files[options->num_authorized_keys_files++] = _PATH_SSH_USER_PERMITTED_KEYS2;	
 	}
			options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
	}
	if (options->authorized_keys_file == NULL)
		options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;

	/* Turn privilege separation _off_ by default */
	if (use_privsep == -1)

	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
	sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
	sClientAliveCountMax, sAuthorizedKeysFile,
	sUsePrivilegeSeparation,
	sDeprecated
} ServerOpCodes;

	{ "clientaliveinterval", sClientAliveInterval },
	{ "clientalivecountmax", sClientAliveCountMax },
	{ "authorizedkeysfile", sAuthorizedKeysFile },
	{ "authorizedkeysfile2", sAuthorizedKeysFile },
	{ "useprivilegeseparation", sUsePrivilegeSeparation},
	{ NULL, sBadOption }
};

	 * AuthorizedKeysFile	/etc/ssh_keys/%u
	 */
	case sAuthorizedKeysFile:
		intptr = &options->num_authorized_keys_files;
		if (*intptr >= MAX_AUTHKEYFILES)
			fatal("%s line %d: too many authorized keys "
			      "files specified (max %d).",
			      filename, linenum, MAX_AUTHKEYFILES);

		charptr = &options->authorized_keys_files[*intptr];
		goto parse_filename;

	case sClientAliveInterval:




#define MAX_DENY_GROUPS		256	/* Max # groups on deny list. */
#define MAX_SUBSYSTEMS		256	/* Max # subsystems. */
#define MAX_HOSTKEYS		256	/* Max # hostkeys. */
#define MAX_AUTHKEYFILES	256	/* Max # authorized_keys statements */

/* permit_root_login */
#define	PERMIT_NOT_SET		-1

					 * disconnect the session
					 */

	char   *authorized_keys_files[MAX_AUTHKEYFILES]; /* Files containing
							  * public keys */
	int	num_authorized_keys_files;
	int	pam_authentication_via_kbd_int;
}       ServerOptions;


Lines 371-377 Link Here

(-)sshd.8 (-3 / +6 lines)
371	users from particular hosts.	371	users from particular hosts.
372	.Pp	372	.Pp
373	.It Cm AuthorizedKeysFile	373	.It Cm AuthorizedKeysFile
374	Specifies the file that contains the public keys that can be used	374	Specifies a file that contains public keys that can be used
375	for user authentication.	375	for user authentication.
376	.Cm AuthorizedKeysFile	376	.Cm AuthorizedKeysFile
377	may contain tokens of the form %T which are substituted during connection	377	may contain tokens of the form %T which are substituted during connection
Lines 381-388 Link Here
381	After expansion,	381	After expansion,
382	.Cm AuthorizedKeysFile	382	.Cm AuthorizedKeysFile
383	is taken to be an absolute path or one relative to the user's home	383	is taken to be an absolute path or one relative to the user's home
384	directory.	384	directory. When multiple
385	The default is	385	.Cm AuthorizedKeysFile
		386	are specified, they are
		387	checked in order for possible authentication keys until a successful
		388	match is found. The default is
386	.Dq .ssh/authorized_keys .	389	.Dq .ssh/authorized_keys .
387	.It Cm Banner	390	.It Cm Banner
388	In some jurisdictions, sending a warning message before authentication	391	In some jurisdictions, sending a warning message before authentication

Return to bug 172

Lines 317-331 Link Here

(-)auth.c (-8 / +4 lines)
317	}	317	}
318		318
319	char *	319	char *
320	authorized_keys_file(struct passwd *pw)	320	authorized_keys_file(struct passwd *pw, int n)
321	{	321	{
322	return expand_filename(options.authorized_keys_file, pw);	322	if (n >= options.num_authorized_keys_files)
323	}	323	return NULL;
324		324	return expand_filename(options.authorized_keys_files[n], pw);
325	char *
326	authorized_keys_file2(struct passwd *pw)
327	{
328	return expand_filename(options.authorized_keys_file2, pw);
329	}	325	}
330		326
331	/* return ok if key exists in sysfile or userfile */	327	/* return ok if key exists in sysfile or userfile */

Lines 729-746 Link Here

(-)auth2.c (-11 / +9 lines)
729	{	729	{
730	int success;	730	int success;
731	char *file;	731	char *file;
		732	int authfileno = 0;
732		733
733	file = authorized_keys_file(pw);	734	/* Iterate over all authorized_keys_files */
734	success = user_key_allowed2(pw, key, file);	735	while ((file = authorized_keys_file(pw, authfileno++) ) != NULL) {
735	xfree(file);	736	success = user_key_allowed2(pw, key, file);
736	if (success)	737	xfree(file);
737	return success;	738	if (success)
738		739	return success;
739	/* try suffix "2" for backward compat, too */	740	}
740	file = authorized_keys_file2(pw);	741	return 0;
741	success = user_key_allowed2(pw, key, file);
742	xfree(file);
743	return success;
744	}	742	}
745		743
746	/* return 1 if given hostkey is allowed */	744	/* return 1 if given hostkey is allowed */

Lines 119-126 Link Here

(-)servconf.c (-17 / +15 lines)
119	options->verify_reverse_mapping = -1;	119	options->verify_reverse_mapping = -1;
120	options->client_alive_interval = -1;	120	options->client_alive_interval = -1;
121	options->client_alive_count_max = -1;	121	options->client_alive_count_max = -1;
122	options->authorized_keys_file = NULL;	122	options->num_authorized_keys_files = 0;
123	options->authorized_keys_file2 = NULL;
124		123
125	/* Needs to be accessable in many places */	124	/* Needs to be accessable in many places */
126	use_privsep = -1;	125	use_privsep = -1;
Lines 240-254 Link Here
240	options->client_alive_interval = 0;	239	options->client_alive_interval = 0;
241	if (options->client_alive_count_max == -1)	240	if (options->client_alive_count_max == -1)
242	options->client_alive_count_max = 3;	241	options->client_alive_count_max = 3;
243	if (options->authorized_keys_file2 == NULL) {	242	if (options->num_authorized_keys_files == 0) {
244	/* authorized_keys_file2 falls back to authorized_keys_file */	243	/* fill default authorized keys files */
245	if (options->authorized_keys_file != NULL)	244	options->authorized_keys_files[options->num_authorized_keys_files++] = _PATH_SSH_USER_PERMITTED_KEYS;
246	options->authorized_keys_file2 = options->authorized_keys_file;	245	options->authorized_keys_files[options->num_authorized_keys_files++] = _PATH_SSH_USER_PERMITTED_KEYS2;
247	else	246	}
248	options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
249	}
250	if (options->authorized_keys_file == NULL)
251	options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
252		247
253	/* Turn privilege separation _off_ by default */	248	/* Turn privilege separation _off_ by default */
254	if (use_privsep == -1)	249	if (use_privsep == -1)
Lines 284-290 Link Here
284	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,	279	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
285	sBanner, sVerifyReverseMapping, sHostbasedAuthentication,	280	sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
286	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,	281	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
287	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,	282	sClientAliveCountMax, sAuthorizedKeysFile,
288	sUsePrivilegeSeparation,	283	sUsePrivilegeSeparation,
289	sDeprecated	284	sDeprecated
290	} ServerOpCodes;	285	} ServerOpCodes;
Lines 360-366 Link Here
360	{ "clientaliveinterval", sClientAliveInterval },	355	{ "clientaliveinterval", sClientAliveInterval },
361	{ "clientalivecountmax", sClientAliveCountMax },	356	{ "clientalivecountmax", sClientAliveCountMax },
362	{ "authorizedkeysfile", sAuthorizedKeysFile },	357	{ "authorizedkeysfile", sAuthorizedKeysFile },
363	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },	358	{ "authorizedkeysfile2", sAuthorizedKeysFile },
364	{ "useprivilegeseparation", sUsePrivilegeSeparation},	359	{ "useprivilegeseparation", sUsePrivilegeSeparation},
365	{ NULL, sBadOption }	360	{ NULL, sBadOption }
366	};	361	};
Lines 867-876 Link Here
867	* AuthorizedKeysFile /etc/ssh_keys/%u	862	* AuthorizedKeysFile /etc/ssh_keys/%u
868	*/	863	*/
869	case sAuthorizedKeysFile:	864	case sAuthorizedKeysFile:
870	case sAuthorizedKeysFile2:	865	intptr = &options->num_authorized_keys_files;
871	charptr = (opcode == sAuthorizedKeysFile ) ?	866	if (*intptr >= MAX_AUTHKEYFILES)
872	&options->authorized_keys_file :	867	fatal("%s line %d: too many authorized keys "
873	&options->authorized_keys_file2;	868	"files specified (max %d).",
		869	filename, linenum, MAX_AUTHKEYFILES);
		870
		871	charptr = &options->authorized_keys_files[*intptr];
874	goto parse_filename;	872	goto parse_filename;
875		873
876	case sClientAliveInterval:	874	case sClientAliveInterval:

Lines 24-29 Link Here

(-)servconf.h (-2 / +4 lines)
24	#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */	24	#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */
25	#define MAX_SUBSYSTEMS 256 /* Max # subsystems. */	25	#define MAX_SUBSYSTEMS 256 /* Max # subsystems. */
26	#define MAX_HOSTKEYS 256 /* Max # hostkeys. */	26	#define MAX_HOSTKEYS 256 /* Max # hostkeys. */
		27	#define MAX_AUTHKEYFILES 256 /* Max # authorized_keys statements */
27		28
28	/* permit_root_login */	29	/* permit_root_login */
29	#define PERMIT_NOT_SET -1	30	#define PERMIT_NOT_SET -1
Lines 127-134 Link Here
127	* disconnect the session	128	* disconnect the session
128	*/	129	*/
129		130
130	char authorized_keys_file; / File containing public keys */	131	char authorized_keys_files[MAX_AUTHKEYFILES]; / Files containing
131	char *authorized_keys_file2;	132	* public keys */
		133	int num_authorized_keys_files;
132	int pam_authentication_via_kbd_int;	134	int pam_authentication_via_kbd_int;
133	} ServerOptions;	135	} ServerOptions;
134		136