- dtucker@cvs.openbsd.org 2010/03/07 11:57:13
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
Hold authentication debug messages until after successful authentication.
Fixes an info leak of environment variables specified in authorized_keys,
reported by Jacob Appelbaum. ok djm@
diff --git a/ChangeLog b/ChangeLog
index f80d79a..9afd093 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,12 @@
by permanently_set_uid.
- (dtucker) [session.c] Also initialize creds to NULL for handing to
setpcred.
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2010/03/07 11:57:13
+ [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
+ Hold authentication debug messages until after successful authentication.
+ Fixes an info leak of environment variables specified in authorized_keys,
+ reported by Jacob Appelbaum. ok djm@
20100305
- OpenBSD CVS Sync
diff --git a/auth-options.c b/auth-options.c
index bcf5589..1293017 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.47 2010/03/04 23:27:25 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.48 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -78,7 +78,6 @@
}
forced_tun_device = -1;
channel_clear_permitted_opens();
- auth_debug_reset();
}
/*
@@ -364,9 +363,6 @@
/* Process the next option. */
}
- if (!use_privsep)
- auth_debug_send();
-
/* grant access */
return 1;
@@ -376,9 +372,6 @@
auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
file, linenum, opts);
- if (!use_privsep)
- auth_debug_send();
-
/* deny access */
return 0;
}
diff --git a/auth-rhosts.c b/auth-rhosts.c
index 5c12967..06ae7f0 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rhosts.c,v 1.43 2008/06/13 14:18:51 dtucker Exp $ */
+/* $OpenBSD: auth-rhosts.c,v 1.44 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -317,11 +317,5 @@
auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
const char *ipaddr)
{
- int ret;
-
- auth_debug_reset();
- ret = auth_rhosts2_raw(pw, client_user, hostname, ipaddr);
- if (!use_privsep)
- auth_debug_send();
- return ret;
+ return auth_rhosts2_raw(pw, client_user, hostname, ipaddr);
}
diff --git a/monitor.c b/monitor.c
index f67cb76..334aedd 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.105 2010/02/26 20:29:54 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -997,17 +997,6 @@
}
#endif
-static void
-mm_append_debug(Buffer *m)
-{
- if (auth_debug_init && buffer_len(&auth_debug)) {
- debug3("%s: Appending debug messages for child", __func__);
- buffer_append(m, buffer_ptr(&auth_debug),
- buffer_len(&auth_debug));
- buffer_clear(&auth_debug);
- }
-}
-
int
mm_answer_keyallowed(int sock, Buffer *m)
{
@@ -1090,8 +1079,6 @@
buffer_put_int(m, allowed);
buffer_put_int(m, forced_command != NULL);
- mm_append_debug(m);
-
mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
if (type == MM_RSAHOSTKEY)
@@ -1475,8 +1462,6 @@
if (key != NULL)
key_free(key);
- mm_append_debug(m);
-
mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m);
monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
diff --git a/monitor_wrap.c b/monitor_wrap.c
index b8e8710..faeb02c 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.68 2009/06/22 05:39:28 dtucker Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.69 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -347,19 +347,6 @@
return (ret);
}
-static void
-mm_send_debug(Buffer *m)
-{
- char *msg;
-
- while (buffer_len(m)) {
- msg = buffer_get_string(m, NULL);
- debug3("%s: Sending debug: %s", __func__, msg);
- packet_send_debug("%s", msg);
- xfree(msg);
- }
-}
-
int
mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
{
@@ -393,9 +380,6 @@
have_forced = buffer_get_int(&m);
forced_command = have_forced ? xstrdup("true") : NULL;
- /* Send potential debug messages */
- mm_send_debug(&m);
-
buffer_free(&m);
return (allowed);
@@ -1085,7 +1069,6 @@
*rkey = key;
xfree(blob);
}
- mm_send_debug(&m);
buffer_free(&m);
return (allowed);
diff --git a/session.c b/session.c
index b384b7d..639405f 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.251 2010/01/12 08:33:17 dtucker Exp $ */
+/* $OpenBSD: session.c,v 1.252 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -271,6 +271,8 @@
if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
channel_permit_all_opens();
+ auth_debug_send();
+
if (compat20)
do_authenticated2(authctxt);
else
diff --git a/sshd.c b/sshd.c
index 0c3c04e..bc0d275 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.373 2010/02/26 20:29:54 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.374 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1939,6 +1939,7 @@
/* prepare buffer to collect messages to display to user after login */
buffer_init(&loginmsg);
+ auth_debug_reset();
if (use_privsep)
if (privsep_preauth(authctxt) == 1)