Attachment 1517 Details for Bug 1471 – open authorized_keys and shosts in non-blocking mode, check st_mode

[patch] open authorized_keys and shosts in non-blocking mode, check st_mode

sshd-unblock-userread.diff (text/plain), 3.03 KB, created by Damien Miller on 2008-06-13 13:19:30 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Damien Miller

Created: 2008-06-13 13:19:30 AEST

Size: 3.03 KB

patch

obsolete

>? nohup.out
>? sftp-complete-changes.diff
>? sftp-complete-update.diff
>? sftp-complete.diff
>? sftp-complete2.diff
>? sftp.c.origxxx
>Index: auth-rhosts.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/auth-rhosts.c,v
>retrieving revision 1.41
>diff -u -p -r1.41 auth-rhosts.c
>--- auth-rhosts.c	3 Aug 2006 03:34:41 -0000	1.41
>+++ auth-rhosts.c	13 Jun 2008 03:15:33 -0000
>@@ -17,6 +17,7 @@
> #include <sys/types.h>
> #include <sys/stat.h>
> 
>+#include <fcntl.h>
> #include <netgroup.h>
> #include <pwd.h>
> #include <stdio.h>
>@@ -33,6 +34,7 @@
> #include "key.h"
> #include "hostfile.h"
> #include "auth.h"
>+#include "misc.h"
> 
> /* import */
> extern ServerOptions options;
>@@ -51,12 +53,28 @@ check_rhosts_file(const char *filename, 
> {
> 	FILE *f;
> 	char buf[1024];	/* Must not be larger than host, user, dummy below. */
>+	int fd;
>+	struct stat st;
> 
> 	/* Open the .rhosts file, deny if unreadable */
>-	f = fopen(filename, "r");
>-	if (!f)
>+	if ((fd = open(filename, O_RDONLY|O_NONBLOCK)) == -1)
> 		return 0;
>-
>+	if (fstat(fd, &st) == -1) {
>+		close(fd);
>+		return 0;
>+	}
>+	if (!S_ISREG(st.st_mode)) {
>+		logit("User %s hosts file %s is not a regular file",
>+		    server_user, filename);
>+		close(fd);
>+		restore_uid();
>+		return 0;
>+	}
>+	unset_nonblock(fd);
>+	if ((f = fdopen(fd, "r")) == NULL) {
>+		close(fd);
>+		return 0;
>+	}
> 	while (fgets(buf, sizeof(buf), f)) {
> 		/* All three must be at least as big as buf to avoid overflows. */
> 		char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp;
>Index: auth2-pubkey.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/auth2-pubkey.c,v
>retrieving revision 1.15
>diff -u -p -r1.15 auth2-pubkey.c
>--- auth2-pubkey.c	3 Aug 2006 03:34:41 -0000	1.15
>+++ auth2-pubkey.c	13 Jun 2008 03:15:33 -0000
>@@ -27,6 +27,7 @@
> #include <sys/types.h>
> #include <sys/stat.h>
> 
>+#include <fcntl.h>
> #include <pwd.h>
> #include <stdio.h>
> #include <stdarg.h>
>@@ -175,7 +176,7 @@ static int
> user_key_allowed2(struct passwd *pw, Key *key, char *file)
> {
> 	char line[SSH_MAX_PUBKEY_BYTES];
>-	int found_key = 0;
>+	int found_key = 0, fd;
> 	FILE *f;
> 	u_long linenum = 0;
> 	struct stat st;
>@@ -187,16 +188,29 @@ user_key_allowed2(struct passwd *pw, Key
> 
> 	debug("trying public key file %s", file);
> 
>-	/* Fail quietly if file does not exist */
>-	if (stat(file, &st) < 0) {
>-		/* Restore the privileged uid. */
>+	/*
>+	 * Open the file containing the authorized keys
>+	 * Fail quietly if file does not exist
>+	 */
>+	if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {
> 		restore_uid();
> 		return 0;
> 	}
>-	/* Open the file containing the authorized keys. */
>-	f = fopen(file, "r");
>-	if (!f) {
>-		/* Restore the privileged uid. */
>+	if (fstat(fd, &st) < 0) {
>+		close(fd);
>+		restore_uid();
>+		return 0;
>+	}
>+	if (!S_ISREG(st.st_mode)) {
>+		logit("User %s authorized keys %s is not a regular file",
>+		    pw->pw_name, file);
>+		close(fd);
>+		restore_uid();
>+		return 0;
>+	}
>+	unset_nonblock(fd);
>+	if ((f = fdopen(fd, "r")) == NULL) {
>+		close(fd);
> 		restore_uid();
> 		return 0;
> 	}

Actions: View | Diff

Attachments on bug 1471: 1517