Attachment 88 Details for Bug 172 – Implement multiple authorized keys against CVS copy from openssh@anoncvs.be.openbsd.org:/cvs as of 2002/4/23

[patch] Implement multiple authorized keys against CVS copy from openssh@anoncvs.be.openbsd.org:/cvs as of 2002/4/23

authorized-keys.20020423 (text/plain), 8.98 KB, created by Alex Kiernan on 2002-04-23 23:55:20 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Alex Kiernan

Created: 2002-04-23 23:55:20 AEST

Size: 8.98 KB

patch

obsolete

>? authorized-keys.20020423
>Index: auth-rsa.c
>===================================================================
>RCS file: /cvs/openssh/auth-rsa.c,v
>retrieving revision 1.46
>diff -u -r1.46 auth-rsa.c
>--- auth-rsa.c	2 Apr 2002 20:43:13 -0000	1.46
>+++ auth-rsa.c	23 Apr 2002 11:11:13 -0000
>@@ -44,6 +44,8 @@
>  */
> extern u_char session_id[16];
> 
>+static int auth_rsa_file(struct passwd *pw, BIGNUM *client_n, char *file, Key **rkey);
>+
> /*
>  * The .ssh/authorized_keys file contains public keys, one per line, in the
>  * following format:
>@@ -153,7 +155,31 @@
> int
> auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
> {
>-	char line[8192], *file;
>+	char *file;
>+	int authorized = 0;
>+	int authfileno = 0;
>+
>+	/* no user given */
>+	if (pw == NULL)
>+		return 0;
>+
>+	/* Iterate over all authorized keys files. */
>+	while ((file = authorized_keys_file(pw, authfileno++)) != NULL) {
>+		debug("trying public RSA key file %s", file);
>+		authorized = auth_rsa_file(pw, client_n, file, rkey);
>+		xfree(file);
>+		if (authorized == 1) {
>+			return 1;
>+		}
>+	}
>+	return 0;
>+}
>+ 
>+/* Do the hard work in authenticating the client */
>+static int
>+auth_rsa_file(struct passwd *pw, BIGNUM *client_n, char *file, Key **rkey)
>+{
>+	char line[8192];
> 	int allowed = 0;
> 	u_int bits;
> 	FILE *f;
>@@ -164,15 +190,10 @@
> 	/* Temporarily use the user's uid. */
> 	temporarily_use_uid(pw);
> 
>-	/* The authorized keys. */
>-	file = authorized_keys_file(pw);
>-	debug("trying public RSA key file %s", file);
>-
> 	/* Fail quietly if file does not exist */
> 	if (stat(file, &st) < 0) {
> 		/* Restore the privileged uid. */
> 		restore_uid();
>-		xfree(file);
> 		return (0);
> 	}
> 	/* Open the file containing the authorized keys. */
>@@ -180,12 +201,10 @@
> 	if (!f) {
> 		/* Restore the privileged uid. */
> 		restore_uid();
>-		xfree(file);
> 		return (0);
> 	}
> 	if (options.strict_modes &&
> 	    secure_filename(f, file, pw, line, sizeof(line)) != 0) {
>-		xfree(file);
> 		fclose(f);
> 		log("Authentication refused: %s", line);
> 		restore_uid();
>@@ -267,7 +286,6 @@
> 	restore_uid();
> 
> 	/* Close the file. */
>-	xfree(file);
> 	fclose(f);
> 
> 	/* return key if allowed */
>Index: auth.c
>===================================================================
>RCS file: /cvs/openssh/auth.c,v
>retrieving revision 1.51
>diff -u -r1.51 auth.c
>--- auth.c	22 Mar 2002 03:08:31 -0000	1.51
>+++ auth.c	23 Apr 2002 11:11:13 -0000
>@@ -317,15 +317,11 @@
> }
> 
> char *
>-authorized_keys_file(struct passwd *pw)
>+authorized_keys_file(struct passwd *pw, int n)
> {
>-	return expand_filename(options.authorized_keys_file, pw);
>-}
>-
>-char *
>-authorized_keys_file2(struct passwd *pw)
>-{
>-	return expand_filename(options.authorized_keys_file2, pw);
>+	if (n >= options.num_authorized_keys_files)
>+		return NULL;
>+	return expand_filename(options.authorized_keys_files[n], pw);
> }
> 
> /* return ok if key exists in sysfile or userfile */
>Index: auth.h
>===================================================================
>RCS file: /cvs/openssh/auth.h,v
>retrieving revision 1.38
>diff -u -r1.38 auth.h
>--- auth.h	22 Mar 2002 02:50:08 -0000	1.38
>+++ auth.h	23 Apr 2002 11:11:13 -0000
>@@ -154,8 +154,7 @@
> struct passwd * auth_get_user(void);
> 
> char	*expand_filename(const char *, struct passwd *);
>-char	*authorized_keys_file(struct passwd *);
>-char	*authorized_keys_file2(struct passwd *);
>+char	*authorized_keys_file(struct passwd *, int n);
> 
> int
> secure_filename(FILE *, const char *, struct passwd *, char *, size_t);
>Index: auth2.c
>===================================================================
>RCS file: /cvs/openssh/auth2.c,v
>retrieving revision 1.99
>diff -u -r1.99 auth2.c
>--- auth2.c	4 Apr 2002 19:02:28 -0000	1.99
>+++ auth2.c	23 Apr 2002 11:11:13 -0000
>@@ -729,18 +729,16 @@
> {
> 	int success;
> 	char *file;
>+	int authfileno = 0;
> 
>-	file = authorized_keys_file(pw);
>-	success = user_key_allowed2(pw, key, file);
>-	xfree(file);
>-	if (success)
>-		return success;
>-
>-	/* try suffix "2" for backward compat, too */
>-	file = authorized_keys_file2(pw);
>-	success = user_key_allowed2(pw, key, file);
>-	xfree(file);
>-	return success;
>+	/* Iterate over all authorized_keys_files */
>+	while ((file = authorized_keys_file(pw, authfileno++) ) != NULL) {
>+		success = user_key_allowed2(pw, key, file);
>+		xfree(file);
>+		if (success)
>+			return success;
>+	}
>+	return 0;
> }
> 
> /* return 1 if given hostkey is allowed */
>Index: servconf.c
>===================================================================
>RCS file: /cvs/openssh/servconf.c,v
>retrieving revision 1.84
>diff -u -r1.84 servconf.c
>--- servconf.c	13 Apr 2002 01:04:41 -0000	1.84
>+++ servconf.c	23 Apr 2002 11:11:13 -0000
>@@ -119,8 +119,7 @@
> 	options->verify_reverse_mapping = -1;
> 	options->client_alive_interval = -1;
> 	options->client_alive_count_max = -1;
>-	options->authorized_keys_file = NULL;
>-	options->authorized_keys_file2 = NULL;
>+	options->num_authorized_keys_files = 0;
> 
> 	/* Needs to be accessable in many places */
> 	use_privsep = -1;
>@@ -240,15 +239,11 @@
> 		options->client_alive_interval = 0;
> 	if (options->client_alive_count_max == -1)
> 		options->client_alive_count_max = 3;
>-	if (options->authorized_keys_file2 == NULL) {
>-		/* authorized_keys_file2 falls back to authorized_keys_file */
>-		if (options->authorized_keys_file != NULL)
>-			options->authorized_keys_file2 = options->authorized_keys_file;
>-		else
>-			options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
>-	}
>-	if (options->authorized_keys_file == NULL)
>-		options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
>+	if (options->num_authorized_keys_files == 0) {
>+	    	/* fill default authorized keys files */
>+		options->authorized_keys_files[options->num_authorized_keys_files++] = _PATH_SSH_USER_PERMITTED_KEYS;
>+		options->authorized_keys_files[options->num_authorized_keys_files++] = _PATH_SSH_USER_PERMITTED_KEYS2;	
>+ 	}
> 
> 	/* Turn privilege separation _off_ by default */
> 	if (use_privsep == -1)
>@@ -284,7 +279,7 @@
> 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
> 	sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
> 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
>-	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
>+	sClientAliveCountMax, sAuthorizedKeysFile,
> 	sUsePrivilegeSeparation,
> 	sDeprecated
> } ServerOpCodes;
>@@ -360,7 +355,7 @@
> 	{ "clientaliveinterval", sClientAliveInterval },
> 	{ "clientalivecountmax", sClientAliveCountMax },
> 	{ "authorizedkeysfile", sAuthorizedKeysFile },
>-	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
>+	{ "authorizedkeysfile2", sAuthorizedKeysFile },
> 	{ "useprivilegeseparation", sUsePrivilegeSeparation},
> 	{ NULL, sBadOption }
> };
>@@ -867,10 +862,13 @@
> 	 * AuthorizedKeysFile	/etc/ssh_keys/%u
> 	 */
> 	case sAuthorizedKeysFile:
>-	case sAuthorizedKeysFile2:
>-		charptr = (opcode == sAuthorizedKeysFile ) ?
>-		    &options->authorized_keys_file :
>-		    &options->authorized_keys_file2;
>+		intptr = &options->num_authorized_keys_files;
>+		if (*intptr >= MAX_AUTHKEYFILES)
>+			fatal("%s line %d: too many authorized keys "
>+			      "files specified (max %d).",
>+			      filename, linenum, MAX_AUTHKEYFILES);
>+
>+		charptr = &options->authorized_keys_files[*intptr];
> 		goto parse_filename;
> 
> 	case sClientAliveInterval:
>Index: servconf.h
>===================================================================
>RCS file: /cvs/openssh/servconf.h,v
>retrieving revision 1.48
>diff -u -r1.48 servconf.h
>--- servconf.h	22 Mar 2002 03:11:50 -0000	1.48
>+++ servconf.h	23 Apr 2002 11:11:13 -0000
>@@ -24,6 +24,7 @@
> #define MAX_DENY_GROUPS		256	/* Max # groups on deny list. */
> #define MAX_SUBSYSTEMS		256	/* Max # subsystems. */
> #define MAX_HOSTKEYS		256	/* Max # hostkeys. */
>+#define MAX_AUTHKEYFILES	256	/* Max # authorized_keys statements */
> 
> /* permit_root_login */
> #define	PERMIT_NOT_SET		-1
>@@ -127,8 +128,9 @@
> 					 * disconnect the session
> 					 */
> 
>-	char   *authorized_keys_file;	/* File containing public keys */
>-	char   *authorized_keys_file2;
>+	char   *authorized_keys_files[MAX_AUTHKEYFILES]; /* Files containing
>+							  * public keys */
>+	int	num_authorized_keys_files;
> 	int	pam_authentication_via_kbd_int;
> }       ServerOptions;
> 
>Index: sshd.8
>===================================================================
>RCS file: /cvs/openssh/sshd.8,v
>retrieving revision 1.133
>diff -u -r1.133 sshd.8
>--- sshd.8	5 Apr 2002 22:18:50 -0000	1.133
>+++ sshd.8	23 Apr 2002 11:11:13 -0000
>@@ -371,7 +371,7 @@
> users from particular hosts.
> .Pp
> .It Cm AuthorizedKeysFile
>-Specifies the file that contains the public keys that can be used
>+Specifies a file that contains public keys that can be used
> for user authentication.
> .Cm AuthorizedKeysFile
> may contain tokens of the form %T which are substituted during connection
>@@ -381,8 +381,11 @@
> After expansion,
> .Cm AuthorizedKeysFile
> is taken to be an absolute path or one relative to the user's home
>-directory.
>-The default is
>+directory. When multiple
>+.Cm AuthorizedKeysFile
>+are specified, they are
>+checked in order for possible authentication keys until a successful
>+match is found. The default is
> .Dq .ssh/authorized_keys .
> .It Cm Banner
> In some jurisdictions, sending a warning message before authentication

Actions: View | Diff

Attachments on bug 172: 48 | 88