Attachment #95 for bug #2




configuration will work with sshd (sshd will match the other service
name).

If you are using BSM auditing on Solaris you need update audit_event(4)
for praudit(1m) to give sensible output, the following line needs to be
added to /etc/security/audit_event, if the contrib/buildpkg.sh
script is used then the included postinstall script will do this:

	32800:AUE_openssh:OpenSSH login:lo

The BSM audit event range that is available for third party TCB
applications is 32768 - 65535.  Event number 32800 has been choosen for
AUE_openssh.  There is no official registry of 3rd party event numbers,
if this number is already in use on your system then change the value
of AUE_openssh in bsmaudit.h and rebuild.

There are a few other options to the configure script:

--with-rsh=PATH allows you to specify the path to your rsh program. 

Lines 102-107 Link Here

(-)openssh-3.1p1/auth1.c (-1 / +15 lines)
102		102
103	client_user = NULL;	103	client_user = NULL;
104		104
		105	#ifdef HAVE_BSM_AUDIT_H
		106	audit_sshd_save_pw(pw);
		107	#endif /* HAVE_BSM_AUDIT_H */
		108
105	for (;;) {	109	for (;;) {
106	/* default to fail */	110	/* default to fail */
107	authenticated = 0;	111	authenticated = 0;
Lines 317-324 Link Here
317	#else	321	#else
318	/* Special handling for root */	322	/* Special handling for root */
319	if (authenticated && authctxt->pw->pw_uid == 0 &&	323	if (authenticated && authctxt->pw->pw_uid == 0 &&
320	!auth_root_allowed(get_authname(type)))	324	!auth_root_allowed(get_authname(type))) {
321	authenticated = 0;	325	authenticated = 0;
		326	#ifdef HAVE_BSM_AUDIT_H
		327	audit_sshd_not_console();
		328	#endif /* HAVE_BSM_AUDIT_H */
		329	}
322	#endif	330	#endif
323	#ifdef USE_PAM	331	#ifdef USE_PAM
324	if (authenticated && !do_pam_account(pw->pw_name, client_user))	332	if (authenticated && !do_pam_account(pw->pw_name, client_user))
Lines 342-349 Link Here
342	get_canonical_hostname(options.verify_reverse_mapping),	350	get_canonical_hostname(options.verify_reverse_mapping),
343	"ssh");	351	"ssh");
344	#endif /* WITH_AIXAUTHENTICATE */	352	#endif /* WITH_AIXAUTHENTICATE */
		353	#ifdef HAVE_BSM_AUDIT_H
		354	audit_sshd_maxtrys();
		355	#endif /* HAVE_BSM_AUDIT_H */
345	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);	356	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
346	}	357	}
		358	#ifdef HAVE_BSM_AUDIT_H
		359	audit_sshd_bad_pw();
		360	#endif /* HAVE_BSM_AUDIT_H */
347		361
348	packet_start(SSH_SMSG_FAILURE);	362	packet_start(SSH_SMSG_FAILURE);
349	packet_send();	363	packet_send();

Lines 185-190 Link Here

(-)openssh-3.1p1/auth2.c (-4 / +24 lines)
185	/* setup auth context */	185	/* setup auth context */
186	struct passwd *pw = NULL;	186	struct passwd *pw = NULL;
187	pw = getpwnam(user);	187	pw = getpwnam(user);
		188	#ifdef HAVE_BSM_AUDIT_H
		189	audit_sshd_save_pw(pw);
		190	#endif /* HAVE_BSM_AUDIT_H */
188	if (pw && allowed_user(pw) && strcmp(service, "ssh-connection")==0) {	191	if (pw && allowed_user(pw) && strcmp(service, "ssh-connection")==0) {
189	authctxt->pw = pwcopy(pw);	192	authctxt->pw = pwcopy(pw);
190	authctxt->valid = 1;	193	authctxt->valid = 1;
Lines 197-202 Link Here
197	#ifdef USE_PAM	200	#ifdef USE_PAM
198	start_pam("NOUSER");	201	start_pam("NOUSER");
199	#endif	202	#endif
		203	#ifdef HAVE_BSM_AUDIT_H
		204	audit_sshd_bad_pw();
		205	#endif /* HAVE_BSM_AUDIT_H */
200	}	206	}
201	setproctitle("%s", pw ? user : "unknown");	207	setproctitle("%s", pw ? user : "unknown");
202	authctxt->user = xstrdup(user);	208	authctxt->user = xstrdup(user);
Lines 236-243 Link Here
236		242
237	/* Special handling for root */	243	/* Special handling for root */
238	if (authenticated && authctxt->pw->pw_uid == 0 &&	244	if (authenticated && authctxt->pw->pw_uid == 0 &&
239	!auth_root_allowed(method))	245	!auth_root_allowed(method)) {
240	authenticated = 0;	246	authenticated = 0;
		247	#ifdef HAVE_BSM_AUDIT_H
		248	audit_sshd_not_console();
		249	#endif /* HAVE_BSM_AUDIT_H */
		250	}
241		251
242	#ifdef USE_PAM	252	#ifdef USE_PAM
243	if (authenticated && authctxt->user && !do_pam_account(authctxt->user,	253	if (authenticated && authctxt->user && !do_pam_account(authctxt->user,
Lines 353-365 Link Here
353	check_nt_auth(1, authctxt->pw) &&	363	check_nt_auth(1, authctxt->pw) &&
354	#endif	364	#endif
355	#ifdef USE_PAM	365	#ifdef USE_PAM
356	auth_pam_password(authctxt->pw, password) == 1)	366	auth_pam_password(authctxt->pw, password) == 1) {
357	#elif defined(HAVE_OSF_SIA)	367	#elif defined(HAVE_OSF_SIA)
358	auth_sia_password(authctxt->user, password) == 1)	368	auth_sia_password(authctxt->user, password) == 1) {
359	#else /* !USE_PAM && !HAVE_OSF_SIA */	369	#else /* !USE_PAM && !HAVE_OSF_SIA */
360	auth_password(authctxt, password) == 1)	370	auth_password(authctxt, password) == 1) {
361	#endif /* USE_PAM */	371	#endif /* USE_PAM */
362	authenticated = 1;	372	authenticated = 1;
		373	#ifdef HAVE_BSM_AUDIT_H
		374	audit_sshd_bad_pw();
		375	#endif /* HAVE_BSM_AUDIT_H */
		376	}
363	memset(password, 0, len);	377	memset(password, 0, len);
364	xfree(password);	378	xfree(password);
365	return authenticated;	379	return authenticated;
Lines 390-395 Link Here
390	if (check_nt_auth(0, authctxt->pw) == 0)	404	if (check_nt_auth(0, authctxt->pw) == 0)
391	return(0);	405	return(0);
392	#endif	406	#endif
		407	#ifdef HAVE_BSM_AUDIT_H
		408	if (!authenticated) {
		409	audit_sshd_bad_pw();
		410	}
		411	#endif /* HAVE_BSM_AUDIT_H */
		412
393	return authenticated;	413	return authenticated;
394	}	414	}
395		415




/*
 * Copyright 1988-2002 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 *
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */
#pragma ident	"@(#)bsmaudit.c	1.1	01/09/17 SMI"

#include <sys/systeminfo.h>
#include <sys/param.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/systeminfo.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <netdb.h>
#include <signal.h>

#include <pwd.h>
#include <shadow.h>
#include <utmpx.h>
#include <unistd.h>
#include <string.h>

#include <bsm/audit.h>
#include <bsm/libbsm.h>
#include <bsm/audit_uevents.h>
#include <bsm/audit_record.h>
#include "bsmaudit.h"

#include <locale.h>

#include "includes.h"
#include "ssh.h"
#include "log.h"

static void audit_sshd_record(int typ, char *string, au_event_t event_no);
static void audit_sshd_session_setup(void);
static int selected(char *nam, uid_t uid, au_event_t event, int sf);

static void get_terminal_id();

extern int	cannot_audit(int);
extern void	aug_init(void);
extern dev_t	aug_get_port(void);
extern int 	aug_get_machine(char *, uint32_t *, uint32_t *);
extern void	aug_save_auid(au_id_t);
extern void	aug_save_uid(uid_t);
extern void	aug_save_euid(uid_t);
extern void	aug_save_gid(gid_t);
extern void	aug_save_egid(gid_t);
extern void	aug_save_pid(pid_t);
extern void	aug_save_asid(au_asid_t);
extern void	aug_save_tid(dev_t, unsigned int);
extern void	aug_save_tid_ex(dev_t, uint32_t *, uint32_t);
extern int	aug_save_me(void);
extern int	aug_save_namask(void);
extern void	aug_save_event(au_event_t);
extern void	aug_save_sorf(int);
extern void	aug_save_text(char *);
extern void	aug_save_text1(char *);
extern void	aug_save_text2(char *);
extern void	aug_save_na(int);
extern void	aug_save_user(char *);
extern void	aug_save_path(char *);
extern int	aug_save_policy(void);
extern void	aug_save_afunc(int (*)(int));
extern int	aug_audit(void);
extern int	aug_na_selected(void);
extern int	aug_selected(void);
extern int	aug_daemon_session(void);

static char	sav_ttyn[512];
static char	sav_name[512];
static uid_t	sav_uid;
static gid_t	sav_gid;
static dev_t	sav_port;
static uint32_t	sav_machine[4];
static uint32_t	sav_iptype;
static char	sav_host[MAXHOSTNAMELEN];
static char	*sav_cmd;

void
audit_sshd_save_port(int port)
{
	if (cannot_audit(0)) {
		return;
	}
	sav_port = port;
}

void
audit_sshd_save_host(const char *host)
{
	if (cannot_audit(0)) {
		return;
	}
	(void) strlcpy(sav_host, host, sizeof (sav_host));
	(void) aug_get_machine(sav_host, &sav_machine[0], &sav_iptype);
}

void
audit_sshd_save_command(const char *command)
{
	if (cannot_audit(0)) {
		return;
	}
	sav_cmd = strdup(command);
}

void
audit_sshd_save_ttyn(const char *ttyn)
{
	if (cannot_audit(0)) {
		return;
	}
	(void) strlcpy(sav_ttyn, ttyn, sizeof (sav_ttyn));
}

void
audit_sshd_save_pw(struct passwd *pwd)
{
	if (cannot_audit(0)) {
		return;
	}
	if (pwd == NULL) {
		sav_name[0] = '\0';
		sav_uid = -1;
		sav_gid = -1;
	} else {
		(void) strlcpy(sav_name, pwd->pw_name, sizeof (sav_name));
		sav_uid = pwd->pw_uid;
		sav_gid = pwd->pw_gid;
	}
}

void
audit_sshd_nologin(void)
{
	if (cannot_audit(0)) {
		return;
	}
	audit_sshd_record(1, gettext("logins disabled by /etc/nologin"),
	    AUE_openssh);
}

void
audit_sshd_maxtrys(void)
{
	if (cannot_audit(0)) {
		return;
	}
	audit_sshd_record(1, gettext("maxtrys"), AUE_openssh);
}

void
audit_sshd_not_console(void)
{
	if (cannot_audit(0)) {
		return;
	}
	audit_sshd_record(2, gettext("not_console"), AUE_openssh);
}

void
audit_sshd_bad_pw(void)
{
	if (cannot_audit(0)) {
		return;
	}
	if (sav_uid == -1) {
		audit_sshd_record(3, gettext("invalid user name"), AUE_openssh);
	} else {
		audit_sshd_record(4, gettext("invalid password or publickey"),
		    AUE_openssh);
	}
}

void
audit_sshd_success(void)
{
	if (cannot_audit(0)) {
		return;
	}

	audit_sshd_session_setup();
	audit_sshd_record(0, gettext("successful login"), AUE_openssh);
}

static void
audit_sshd_record(int typ, char *string, au_event_t event_no)
{
	int		ad, rc;
	uid_t		uid;
	gid_t		gid;
	pid_t		pid;
	au_tid_addr_t	tid;

	uid = sav_uid;
	gid = sav_gid;
	pid = getpid();

	get_terminal_id(&tid);

	if (typ == 0) {
		rc = 0;
	} else {
		rc = -1;
	}

	if (!selected(sav_name, uid, event_no, rc))
		return;

	debug3("BSM audit: sav_host=%s", sav_host);
	ad = au_open();

	(void) au_write(ad, au_to_subject_ex(uid, uid, gid, uid, gid,
	    pid, pid, &tid));
	(void) au_write(ad, au_to_text(string));
	if (sav_cmd != NULL) {
		(void) au_write(ad, au_to_text(sav_cmd));
	}
	(void) au_write(ad, au_to_return32(typ, (int32_t)rc));

	rc = au_close(ad, AU_TO_WRITE, event_no);
	if (rc < 0) {
		fatal("audit_sshd_record failed to write record: %s",
		    strerror(errno));
	}
}

static void
audit_sshd_session_setup(void)
{
	int	rc;
	struct auditinfo_addr info;
	au_mask_t mask;
	struct auditinfo_addr now;

	info.ai_auid = sav_uid;
	info.ai_asid = getpid();
	mask.am_success = 0;
	mask.am_failure = 0;

	(void) au_user_mask(sav_name, &mask);

	info.ai_mask.am_success  = mask.am_success;
	info.ai_mask.am_failure  = mask.am_failure;

	/* see if terminal id already set */
	if (getaudit_addr(&now, sizeof (now)) < 0) {
		fatal("audit_sshd_session_setup: getaudit_addr failed: %s",
		    strerror(errno));
	}

	debug("BSM audit_sshd_setup_session: calling get_terminal_id");
	get_terminal_id(&(info.ai_termid));

	rc = setaudit_addr(&info, sizeof (info));
	if (rc < 0) {
		fatal("audit_sshd_session_setup: setaudit_addr failed: %s",
		    strerror(errno));
	}
}


static void
get_terminal_id(au_tid_addr_t *tid)
{
	tid->at_port = sav_port;
	tid->at_type = sav_iptype;
	tid->at_addr[0] = sav_machine[0];
	tid->at_addr[1] = sav_machine[1];
	tid->at_addr[2] = sav_machine[2];
	tid->at_addr[3] = sav_machine[3];
}

void
audit_sshd_logout(void)
{
	char    textbuf[BSM_TEXTBUFSZ];

	(void) snprintf(textbuf, sizeof (textbuf),
		gettext("sshd logout %s"), sav_name);

	audit_sshd_record(0, textbuf, AUE_logout);
}

static int
selected(char *nam, uid_t uid, au_event_t event, int sf)
{
	int	rc, sorf;
	char	naflags[512];
	struct au_mask mask;

	mask.am_success = mask.am_failure = 0;
	if (uid < 0) {
		rc = getacna(naflags, 256); /* get non-attrib flags */
		if (rc == 0)
			(void) getauditflagsbin(naflags, &mask);
	} else {
		rc = au_user_mask(nam, &mask);
	}

	if (sf == 0) {
		sorf = AU_PRS_SUCCESS;
	} else {
		sorf = AU_PRS_FAILURE;
	}
	rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD);

	return (rc);
}




/*
 * Copyright 1993-2002 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */

#ifndef	_BSMAUDIT_H
#define	_BSMAUDIT_H

#pragma ident	"@(#)bsmaudit.h	1.1	01/09/17 SMI"

#ifdef	__cplusplus
extern "C" {
#endif

#include <bsm/audit.h>
#define	AUE_openssh	32800

void audit_sshd_maxtrys(void);
void audit_sshd_nologin(void);
void audit_sshd_save_pw(struct passwd *pwd);
void audit_sshd_not_console(void);
void audit_sshd_bad_pw(void);
void audit_sshd_save_host(const char *host);
void audit_sshd_save_ttyn(const char *ttyn);
void audit_sshd_save_port(int port);
void audit_sshd_save_command(const char *command);
void audit_sshd_success(void);
void audit_sshd_logout(void);

#ifdef	__cplusplus
}
#endif

#endif	/* _BSMAUDIT_H */

Lines 10-16 Link Here

(-)openssh-3.1p1/contrib/solaris/buildpkg.sh (-1 / +3 lines)
10	PKGNAME=OpenSSH	10	PKGNAME=OpenSSH
11		11
12	## Extract common info requires for the 'info' part of the package.	12	## Extract common info requires for the 'info' part of the package.
13	VERSION=`tail -1 ../../version.h \| sed -e 's/.*_$[0-9]$/\1/g' \| sed 's/\"$//'`	13	VERSION=`grep SSH_VERSION ../../version.h \| sed -e 's/.*_$[0-9]$/\1/g' \| sed 's/\"$//'`
14	ARCH=`uname -p`	14	ARCH=`uname -p`
15		15
16	## Start by faking root install	16	## Start by faking root install
Lines 75-80 Link Here
75	BEGIN { print "i pkginfo" }	75	BEGIN { print "i pkginfo" }
76	{ $5="root"; $6="sys"; }	76	{ $5="root"; $6="sys"; }
77	{ print; }' > prototype	77	{ print; }' > prototype
		78	echo "i postinstall" >> prototype
		79	cp $START/postinstall $FAKE_ROOT
78		80
79	## Step back a directory and now build the package.	81	## Step back a directory and now build the package.
80	echo "Building package.."	82	echo "Building package.."

Line 0 Link Here

(-)openssh-3.1p1/contrib/solaris/postinstall (+7 lines)
	1	#!/bin/sh
	2
	3	audit_event=/etc/security/audit_event
	4
	5	if [ -z "`grep AUE_openssh $audit_event`" ] ; then
	6	echo "32800:AUE_openssh:OpenSSH login:lo" >> $audit_event
	7	fi

Lines 98-103 Link Here

(-)openssh-3.1p1/includes.h (+3 lines)
98	#ifdef HAVE_UTIME_H	98	#ifdef HAVE_UTIME_H
99	# include <utime.h>	99	# include <utime.h>
100	#endif	100	#endif
		101	#ifdef HAVE_BSM_AUDIT_H
		102	# include "bsmaudit.h"
		103	#endif
101	#include "version.h"	104	#include "version.h"
102	#include "openbsd-compat/openbsd-compat.h"	105	#include "openbsd-compat/openbsd-compat.h"
103	#include "openbsd-compat/bsd-cygwin_util.h"	106	#include "openbsd-compat/bsd-cygwin_util.h"

Lines 556-565 Link Here

(-)openssh-3.1p1/session.c (-2 / +16 lines)
556		556
557	/* record login, etc. similar to login(1) */	557	/* record login, etc. similar to login(1) */
558	#ifndef HAVE_OSF_SIA	558	#ifndef HAVE_OSF_SIA
559	if (!(options.use_login && command == NULL))	559	if (!(options.use_login && command == NULL)) {
560	do_login(s, command);	560	do_login(s, command);
		561	#ifdef HAVE_BSM_AUDIT_H
		562	if (s->tty != NULL)
		563	audit_sshd_save_ttyn(s->tty);
		564	#endif /* HAVE_BSM_AUDIT_H */
561	# ifdef LOGIN_NEEDS_UTMPX	565	# ifdef LOGIN_NEEDS_UTMPX
562	else	566	} else
563	do_pre_login(s);	567	do_pre_login(s);
564	# endif	568	# endif
565	#endif	569	#endif
Lines 1094-1099 Link Here
1094	while (fgets(buf, sizeof(buf), f))	1098	while (fgets(buf, sizeof(buf), f))
1095	fputs(buf, stderr);	1099	fputs(buf, stderr);
1096	fclose(f);	1100	fclose(f);
		1101	#ifdef HAVE_BSM_AUDIT_H
		1102	audit_sshd_nologin();
		1103	#endif /* HAVE_BSM_AUDIT_H */
1097	exit(254);	1104	exit(254);
1098	}	1105	}
1099	}	1106	}
Lines 1146-1151 Link Here
1146	# if defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY)	1153	# if defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY)
1147	irix_setusercontext(pw);	1154	irix_setusercontext(pw);
1148	# endif /* defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY) */	1155	# endif /* defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY) */
		1156	#ifdef HAVE_BSM_AUDIT_H
		1157	audit_sshd_success();
		1158	#endif /* HAVE_BSM_AUDIT_H */
1149	/* Permanently switch to the desired uid. */	1159	/* Permanently switch to the desired uid. */
1150	permanently_set_uid(pw);	1160	permanently_set_uid(pw);
1151	#endif	1161	#endif
Lines 1190-1195 Link Here
1190	# ifdef _AIX	1200	# ifdef _AIX
1191	aix_usrinfo(pw, s->tty, s->ttyfd);	1201	aix_usrinfo(pw, s->tty, s->ttyfd);
1192	# endif /* _AIX */	1202	# endif /* _AIX */
		1203	#ifdef HAVE_BSM_AUDIT_H
		1204	if (command != NULL)
		1205	audit_sshd_save_command(command);
		1206	#endif /* HAVE_BSM_AUDIT_H */
1193	do_setusercontext(pw);	1207	do_setusercontext(pw);
1194	#endif /* HAVE_OSF_SIA */	1208	#endif /* HAVE_OSF_SIA */
1195	}	1209	}

Lines 1166-1172 Link Here

(-)openssh-3.1p1/sshd.c (-1 / +4 lines)
1166		1166
1167	remote_port = get_remote_port();	1167	remote_port = get_remote_port();
1168	remote_ip = get_remote_ipaddr();	1168	remote_ip = get_remote_ipaddr();
1169		1169	#ifdef HAVE_BSM_AUDIT_H
		1170	audit_sshd_save_host(remote_ip);
		1171	audit_sshd_save_port(remote_port);
		1172	#endif /* HAVE_BSM_AUDIT_H */
1170	#ifdef LIBWRAP	1173	#ifdef LIBWRAP
1171	/* Check whether logins are denied from this host. */	1174	/* Check whether logins are denied from this host. */
1172	{	1175	{

Lines 101-104 Link Here

(-)openssh-3.1p1/sshlogin.c (+3 lines)
101	li = login_alloc_entry(pid, user, NULL, ttyname);	101	li = login_alloc_entry(pid, user, NULL, ttyname);
102	login_logout(li);	102	login_logout(li);
103	login_free_entry(li);	103	login_free_entry(li);
		104	#ifdef HAVE_BSM_AUDIT_H
		105	audit_sshd_logout();
		106	#endif /* HAVE_BSM_AUDIT_H */
104	}	107	}

Return to bug 2

Lines 95-100 Link Here

(-)openssh-3.1p1/INSTALL (+13 lines)
95	configuration will work with sshd (sshd will match the other service	95	configuration will work with sshd (sshd will match the other service
96	name).	96	name).
97		97
		98	If you are using BSM auditing on Solaris you need update audit_event(4)
		99	for praudit(1m) to give sensible output, the following line needs to be
		100	added to /etc/security/audit_event, if the contrib/buildpkg.sh
		101	script is used then the included postinstall script will do this:
		102
		103	32800:AUE_openssh:OpenSSH login:lo
		104
		105	The BSM audit event range that is available for third party TCB
		106	applications is 32768 - 65535. Event number 32800 has been choosen for
		107	AUE_openssh. There is no official registry of 3rd party event numbers,
		108	if this number is already in use on your system then change the value
		109	of AUE_openssh in bsmaudit.h and rebuild.
		110
98	There are a few other options to the configure script:	111	There are a few other options to the configure script:
99		112
100	--with-rsh=PATH allows you to specify the path to your rsh program.	113	--with-rsh=PATH allows you to specify the path to your rsh program.

Line 0 Link Here

(-)openssh-3.1p1/bsmaudit.c (+334 lines)
		1	/*
		2	* Copyright 1988-2002 Sun Microsystems, Inc. All rights reserved.
		3	* Use is subject to license terms.
		4	*
		5	*
		6	* Redistribution and use in source and binary forms, with or without
		7	* modification, are permitted provided that the following conditions
		8	* are met:
		9	* 1. Redistributions of source code must retain the above copyright
		10	* notice, this list of conditions and the following disclaimer.
		11	* 2. Redistributions in binary form must reproduce the above copyright
		12	* notice, this list of conditions and the following disclaimer in the
		13	* documentation and/or other materials provided with the distribution.
		14	*
		15	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
		16	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
		17	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
		18	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
		19	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
		20	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
		21	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
		22	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
		23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
		24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		25	*
		26	*/
		27	#pragma ident "@(#)bsmaudit.c 1.1 01/09/17 SMI"
		28
		29	#include <sys/systeminfo.h>
		30	#include <sys/param.h>
		31	#include <sys/types.h>
		32	#include <sys/socket.h>
		33	#include <sys/systeminfo.h>
		34	#include <sys/stat.h>
		35	#include <sys/wait.h>
		36	#include <netinet/in.h>
		37	#include <netdb.h>
		38	#include <signal.h>
		39
		40	#include <pwd.h>
		41	#include <shadow.h>
		42	#include <utmpx.h>
		43	#include <unistd.h>
		44	#include <string.h>
		45
		46	#include <bsm/audit.h>
		47	#include <bsm/libbsm.h>
		48	#include <bsm/audit_uevents.h>
		49	#include <bsm/audit_record.h>
		50	#include "bsmaudit.h"
		51
		52	#include <locale.h>
		53
		54	#include "includes.h"
		55	#include "ssh.h"
		56	#include "log.h"
		57
		58	static void audit_sshd_record(int typ, char *string, au_event_t event_no);
		59	static void audit_sshd_session_setup(void);
		60	static int selected(char *nam, uid_t uid, au_event_t event, int sf);
		61
		62	static void get_terminal_id();
		63
		64	extern int cannot_audit(int);
65	extern void aug_init(void);
66	extern dev_t aug_get_port(void);
67	extern int aug_get_machine(char , uint32_t , uint32_t *);
68	extern void aug_save_auid(au_id_t);
69	extern void aug_save_uid(uid_t);
70	extern void aug_save_euid(uid_t);
71	extern void aug_save_gid(gid_t);
72	extern void aug_save_egid(gid_t);
73	extern void aug_save_pid(pid_t);
74	extern void aug_save_asid(au_asid_t);
75	extern void aug_save_tid(dev_t, unsigned int);
76	extern void aug_save_tid_ex(dev_t, uint32_t *, uint32_t);
77	extern int aug_save_me(void);
78	extern int aug_save_namask(void);
79	extern void aug_save_event(au_event_t);
80	extern void aug_save_sorf(int);
81	extern void aug_save_text(char *);
82	extern void aug_save_text1(char *);
83	extern void aug_save_text2(char *);
84	extern void aug_save_na(int);
85	extern void aug_save_user(char *);
86	extern void aug_save_path(char *);
87	extern int aug_save_policy(void);
88	extern void aug_save_afunc(int (*)(int));
89	extern int aug_audit(void);
90	extern int aug_na_selected(void);
91	extern int aug_selected(void);
92	extern int aug_daemon_session(void);
93
94	static char sav_ttyn[512];
95	static char sav_name[512];
96	static uid_t sav_uid;
97	static gid_t sav_gid;
98	static dev_t sav_port;
99	static uint32_t sav_machine[4];
100	static uint32_t sav_iptype;
101	static char sav_host[MAXHOSTNAMELEN];
102	static char *sav_cmd;
103
104	void
105	audit_sshd_save_port(int port)
106	{
107	if (cannot_audit(0)) {
108	return;
109	}
110	sav_port = port;
111	}
112
113	void
114	audit_sshd_save_host(const char *host)
115	{
116	if (cannot_audit(0)) {
117	return;
118	}
119	(void) strlcpy(sav_host, host, sizeof (sav_host));
120	(void) aug_get_machine(sav_host, &sav_machine[0], &sav_iptype);
121	}
122
123	void
124	audit_sshd_save_command(const char *command)
125	{
126	if (cannot_audit(0)) {
127	return;
128	}
129	sav_cmd = strdup(command);
130	}
131
132	void
133	audit_sshd_save_ttyn(const char *ttyn)
134	{
135	if (cannot_audit(0)) {
136	return;
137	}
138	(void) strlcpy(sav_ttyn, ttyn, sizeof (sav_ttyn));
139	}
140
141	void
142	audit_sshd_save_pw(struct passwd *pwd)
143	{
144	if (cannot_audit(0)) {
145	return;
146	}
147	if (pwd == NULL) {
148	sav_name[0] = '\0';
149	sav_uid = -1;
150	sav_gid = -1;
151	} else {
152	(void) strlcpy(sav_name, pwd->pw_name, sizeof (sav_name));
153	sav_uid = pwd->pw_uid;
154	sav_gid = pwd->pw_gid;
155	}
156	}
157
158	void
159	audit_sshd_nologin(void)
160	{
161	if (cannot_audit(0)) {
162	return;
163	}
164	audit_sshd_record(1, gettext("logins disabled by /etc/nologin"),
165	AUE_openssh);
166	}
167
168	void
169	audit_sshd_maxtrys(void)
170	{
171	if (cannot_audit(0)) {
172	return;
173	}
174	audit_sshd_record(1, gettext("maxtrys"), AUE_openssh);
175	}
176
177	void
178	audit_sshd_not_console(void)
179	{
180	if (cannot_audit(0)) {
181	return;
182	}
183	audit_sshd_record(2, gettext("not_console"), AUE_openssh);
184	}
185
186	void
187	audit_sshd_bad_pw(void)
188	{
189	if (cannot_audit(0)) {
190	return;
191	}
192	if (sav_uid == -1) {
193	audit_sshd_record(3, gettext("invalid user name"), AUE_openssh);
194	} else {
195	audit_sshd_record(4, gettext("invalid password or publickey"),
196	AUE_openssh);
197	}
198	}
199
200	void
201	audit_sshd_success(void)
202	{
203	if (cannot_audit(0)) {
204	return;
205	}
206
207	audit_sshd_session_setup();
208	audit_sshd_record(0, gettext("successful login"), AUE_openssh);
209	}
210
211	static void
212	audit_sshd_record(int typ, char *string, au_event_t event_no)
213	{
214	int ad, rc;
215	uid_t uid;
216	gid_t gid;
217	pid_t pid;
218	au_tid_addr_t tid;
219
220	uid = sav_uid;
221	gid = sav_gid;
222	pid = getpid();
223
224	get_terminal_id(&tid);
225
226	if (typ == 0) {
227	rc = 0;
228	} else {
229	rc = -1;
230	}
231
232	if (!selected(sav_name, uid, event_no, rc))
233	return;
234
235	debug3("BSM audit: sav_host=%s", sav_host);
236	ad = au_open();
237
238	(void) au_write(ad, au_to_subject_ex(uid, uid, gid, uid, gid,
239	pid, pid, &tid));
240	(void) au_write(ad, au_to_text(string));
241	if (sav_cmd != NULL) {
242	(void) au_write(ad, au_to_text(sav_cmd));
243	}
244	(void) au_write(ad, au_to_return32(typ, (int32_t)rc));
245
246	rc = au_close(ad, AU_TO_WRITE, event_no);
247	if (rc < 0) {
248	fatal("audit_sshd_record failed to write record: %s",
249	strerror(errno));
250	}
251	}
252
253	static void
254	audit_sshd_session_setup(void)
255	{
256	int rc;
257	struct auditinfo_addr info;
258	au_mask_t mask;
259	struct auditinfo_addr now;
260
261	info.ai_auid = sav_uid;
262	info.ai_asid = getpid();
263	mask.am_success = 0;
264	mask.am_failure = 0;
265
266	(void) au_user_mask(sav_name, &mask);
267
268	info.ai_mask.am_success = mask.am_success;
269	info.ai_mask.am_failure = mask.am_failure;
270
271	/* see if terminal id already set */
272	if (getaudit_addr(&now, sizeof (now)) < 0) {
273	fatal("audit_sshd_session_setup: getaudit_addr failed: %s",
274	strerror(errno));
275	}
276
277	debug("BSM audit_sshd_setup_session: calling get_terminal_id");
278	get_terminal_id(&(info.ai_termid));
279
280	rc = setaudit_addr(&info, sizeof (info));
281	if (rc < 0) {
282	fatal("audit_sshd_session_setup: setaudit_addr failed: %s",
283	strerror(errno));
284	}
285	}
286
287
288	static void
289	get_terminal_id(au_tid_addr_t *tid)
290	{
291	tid->at_port = sav_port;
292	tid->at_type = sav_iptype;
293	tid->at_addr[0] = sav_machine[0];
294	tid->at_addr[1] = sav_machine[1];
295	tid->at_addr[2] = sav_machine[2];
296	tid->at_addr[3] = sav_machine[3];
297	}
298
299	void
300	audit_sshd_logout(void)
301	{
302	char textbuf[BSM_TEXTBUFSZ];
303
304	(void) snprintf(textbuf, sizeof (textbuf),
305	gettext("sshd logout %s"), sav_name);
306
307	audit_sshd_record(0, textbuf, AUE_logout);
308	}
309
310	static int
311	selected(char *nam, uid_t uid, au_event_t event, int sf)
312	{
313	int rc, sorf;
314	char naflags[512];
315	struct au_mask mask;
316
317	mask.am_success = mask.am_failure = 0;
318	if (uid < 0) {
319	rc = getacna(naflags, 256); /* get non-attrib flags */
320	if (rc == 0)
321	(void) getauditflagsbin(naflags, &mask);
322	} else {
323	rc = au_user_mask(nam, &mask);
324	}
325
326	if (sf == 0) {
327	sorf = AU_PRS_SUCCESS;
328	} else {
329	sorf = AU_PRS_FAILURE;
330	}
331	rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD);
332
333	return (rc);
334	}

Line 0 Link Here

(-)openssh-3.1p1/bsmaudit.h (+55 lines)
	1	/*
	2	* Copyright 1993-2002 Sun Microsystems, Inc. All rights reserved.
	3	* Use is subject to license terms.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	*
	14	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	15	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	16	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	17	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	18	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	19	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	20	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	21	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	23	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	24	*
	25	*/
	26
	27	#ifndef _BSMAUDIT_H
	28	#define _BSMAUDIT_H
	29
	30	#pragma ident "@(#)bsmaudit.h 1.1 01/09/17 SMI"
	31
	32	#ifdef __cplusplus
	33	extern "C" {
	34	#endif
	35
	36	#include <bsm/audit.h>
	37	#define AUE_openssh 32800
	38
	39	void audit_sshd_maxtrys(void);
	40	void audit_sshd_nologin(void);
	41	void audit_sshd_save_pw(struct passwd *pwd);
	42	void audit_sshd_not_console(void);
	43	void audit_sshd_bad_pw(void);
	44	void audit_sshd_save_host(const char *host);
	45	void audit_sshd_save_ttyn(const char *ttyn);
	46	void audit_sshd_save_port(int port);
	47	void audit_sshd_save_command(const char *command);
	48	void audit_sshd_success(void);
	49	void audit_sshd_logout(void);
	50
	51	#ifdef __cplusplus
	52	}
	53	#endif
	54
	55	#endif /* _BSMAUDIT_H */