Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / d4a8b7e34dd619a4debf9a206c81db26d1402ea6 / . / sshd.c
blob: 059f31195ac438f7ec0f54973378e02f2ef28998 [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000[diff] [blame^]1/*
2
3sshd.c
4
5Author: Tatu Ylonen <ylo@cs.hut.fi>
6
7Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 All rights reserved
9
10Created: Fri Mar 17 17:09:28 1995 ylo
11
12This program is the ssh daemon. It listens for connections from clients, and
13performs authentication, executes use commands or shell, and forwards
14information to/from the application to the user client over an encrypted
15connection. This can also handle forwarding of X11, TCP/IP, and authentication
16agent connections.
17
18*/
19
20#include "includes.h"
21RCSID("$Id: sshd.c,v 1.1 1999/10/27 03:42:46 damien Exp $");
22
23#include "xmalloc.h"
24#include "rsa.h"
25#include "ssh.h"
26#include "pty.h"
27#include "packet.h"
28#include "buffer.h"
29#include "cipher.h"
30#include "mpaux.h"
31#include "servconf.h"
32#include "uidswap.h"
33#include "compat.h"
34
35#ifdef LIBWRAP
36#include <tcpd.h>
37#include <syslog.h>
38int allow_severity = LOG_INFO;
39int deny_severity = LOG_WARNING;
40#endif /* LIBWRAP */
41
42#ifndef O_NOCTTY
43#define O_NOCTTY 0
44#endif
45
46#ifdef KRB4
47char *ticket = NULL;
48#endif /* KRB4 */
49
50#ifdef HAVE_PAM
51#include <security/pam_appl.h>
52struct pam_handle_t *pamh=NULL;
53char *pampasswd=NULL;
54int retval;
55int origretval;
56#endif /* HAVE_PAM */
57
58/* Local Xauthority file. */
59char *xauthfile = NULL;
60
61/* Server configuration options. */
62ServerOptions options;
63
64/* Name of the server configuration file. */
65char *config_file_name = SERVER_CONFIG_FILE;
66
67/* Debug mode flag. This can be set on the command line. If debug
68 mode is enabled, extra debugging output will be sent to the system
69 log, the daemon will not go to background, and will exit after processing
70 the first connection. */
71int debug_flag = 0;
72
73/* Flag indicating that the daemon is being started from inetd. */
74int inetd_flag = 0;
75
76/* argv[0] without path. */
77char *av0;
78
79/* Saved arguments to main(). */
80char **saved_argv;
81
82/* This is set to the socket that the server is listening; this is used in
83 the SIGHUP signal handler. */
84int listen_sock;
85
86/* Flags set in auth-rsa from authorized_keys flags. These are set in
87 auth-rsa.c. */
88int no_port_forwarding_flag = 0;
89int no_agent_forwarding_flag = 0;
90int no_x11_forwarding_flag = 0;
91int no_pty_flag = 0;
92char *forced_command = NULL; /* RSA authentication "command=" option. */
93struct envstring *custom_environment = NULL;
94 /* RSA authentication "environment=" options. */
95
96/* Session id for the current session. */
97unsigned char session_id[16];
98
99/* Any really sensitive data in the application is contained in this structure.
100 The idea is that this structure could be locked into memory so that the
101 pages do not get written into swap. However, there are some problems.
102 The private key contains BIGNUMs, and we do not (in principle) have
103 access to the internals of them, and locking just the structure is not
104 very useful. Currently, memory locking is not implemented. */
105struct
106{
107 /* Private part of server key. */
108 RSA *private_key;
109
110 /* Private part of host key. */
111 RSA *host_key;
112} sensitive_data;
113
114/* Flag indicating whether the current session key has been used. This flag
115 is set whenever the key is used, and cleared when the key is regenerated. */
116int key_used = 0;
117
118/* This is set to true when SIGHUP is received. */
119int received_sighup = 0;
120
121/* Public side of the server key. This value is regenerated regularly with
122 the private key. */
123RSA *public_key;
124
125/* Prototypes for various functions defined later in this file. */
126void do_connection(int privileged_port);
127void do_authentication(char *user, int privileged_port);
128void do_authenticated(struct passwd *pw);
129void do_exec_pty(const char *command, int ptyfd, int ttyfd,
130 const char *ttyname, struct passwd *pw, const char *term,
131 const char *display, const char *auth_proto,
132 const char *auth_data);
133void do_exec_no_pty(const char *command, struct passwd *pw,
134 const char *display, const char *auth_proto,
135 const char *auth_data);
136void do_child(const char *command, struct passwd *pw, const char *term,
137 const char *display, const char *auth_proto,
138 const char *auth_data, const char *ttyname);
139#ifdef HAVE_PAM
140static int pamconv(int num_msg, const struct pam_message **msg,
141 struct pam_response **resp, void *appdata_ptr);
142
143static struct pam_conv conv = {
144 pamconv,
145 NULL
146};
147
148static int pamconv(int num_msg, const struct pam_message **msg,
149 struct pam_response **resp, void *appdata_ptr)
150{
151 int count = 0;
152 int replies = 0;
153 struct pam_response *reply = NULL;
154 int size = sizeof(struct pam_response);
155
156 for(count = 0; count < num_msg; count++)
157 {
158 switch (msg[count]->msg_style)
159 {
160 case PAM_PROMPT_ECHO_ON:
161 case PAM_PROMPT_ECHO_OFF:
162 if (reply == NULL)
163 reply = xmalloc(size);
164 else
165 reply = realloc(reply, size);
166
167 if (reply == NULL)
168 return PAM_CONV_ERR;
169
170 size += sizeof(struct pam_response);
171
172 reply[replies].resp_retcode = PAM_SUCCESS;
173
174 reply[replies++].resp = xstrdup(pampasswd);
175 /* PAM frees resp */
176 break;
177
178 case PAM_TEXT_INFO:
179 /* ignore it... */
180 break;
181
182 case PAM_ERROR_MSG:
183 default:
184 /* Must be an error of some sort... */
185 if (reply != NULL)
186 free(reply);
187
188 return PAM_CONV_ERR;
189 }
190 }
191
192 if (reply != NULL)
193 *resp = reply;
194
195 return PAM_SUCCESS;
196}
197
198void pam_cleanup_proc(void *context)
199{
200 if (retval == PAM_SUCCESS)
201 retval = pam_close_session((pam_handle_t *)pamh, 0);
202
203 if (pam_end((pam_handle_t *)pamh, retval) != PAM_SUCCESS)
204 log("Cannot release PAM authentication.");
205}
206#endif /* HAVE_PAM */
207
208/* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP;
209 the effect is to reread the configuration file (and to regenerate
210 the server key). */
211
212void sighup_handler(int sig)
213{
214 received_sighup = 1;
215 signal(SIGHUP, sighup_handler);
216}
217
218/* Called from the main program after receiving SIGHUP. Restarts the
219 server. */
220
221void sighup_restart()
222{
223 log("Received SIGHUP; restarting.");
224 close(listen_sock);
225 execv(saved_argv[0], saved_argv);
226 log("RESTART FAILED: av0='%s', error: %s.", av0, strerror(errno));
227 exit(1);
228}
229
230/* Generic signal handler for terminating signals in the master daemon.
231 These close the listen socket; not closing it seems to cause "Address
232 already in use" problems on some machines, which is inconvenient. */
233
234void sigterm_handler(int sig)
235{
236 log("Received signal %d; terminating.", sig);
237 close(listen_sock);
238 exit(255);
239}
240
241/* SIGCHLD handler. This is called whenever a child dies. This will then
242 reap any zombies left by exited c. */
243
244void main_sigchld_handler(int sig)
245{
246 int save_errno = errno;
247 int status;
248 wait(&status);
249 signal(SIGCHLD, main_sigchld_handler);
250 errno = save_errno;
251}
252
253/* Signal handler for the alarm after the login grace period has expired. */
254
255void grace_alarm_handler(int sig)
256{
257 /* Close the connection. */
258 packet_close();
259
260 /* Log error and exit. */
261 fatal("Timeout before authentication.");
262}
263
264/* Signal handler for the key regeneration alarm. Note that this
265 alarm only occurs in the daemon waiting for connections, and it does not
266 do anything with the private key or random state before forking. Thus there
267 should be no concurrency control/asynchronous execution problems. */
268
269void key_regeneration_alarm(int sig)
270{
271 int save_errno = errno;
272
273 /* Check if we should generate a new key. */
274 if (key_used)
275 {
276 /* This should really be done in the background. */
277 log("Generating new %d bit RSA key.", options.server_key_bits);
278
279 if (sensitive_data.private_key != NULL)
280 RSA_free(sensitive_data.private_key);
281 sensitive_data.private_key = RSA_new();
282
283 if (public_key != NULL)
284 RSA_free(public_key);
285 public_key = RSA_new();
286
287 rsa_generate_key(sensitive_data.private_key, public_key,
288 options.server_key_bits);
289 arc4random_stir();
290 key_used = 0;
291 log("RSA key generation complete.");
292 }
293
294 /* Reschedule the alarm. */
295 signal(SIGALRM, key_regeneration_alarm);
296 alarm(options.key_regeneration_time);
297 errno = save_errno;
298}
299
300/* Main program for the daemon. */
301
302int
303main(int ac, char **av)
304{
305 extern char *optarg;
306 extern int optind;
307 int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1;
308 int remote_major, remote_minor;
309 int silentrsa = 0;
310 struct sockaddr_in sin;
311 char buf[100]; /* Must not be larger than remote_version. */
312 char remote_version[100]; /* Must be at least as big as buf. */
313 char *comment;
314 FILE *f;
315 struct linger linger;
316
317 /* Save argv[0]. */
318 saved_argv = av;
319 if (strchr(av[0], '/'))
320 av0 = strrchr(av[0], '/') + 1;
321 else
322 av0 = av[0];
323
324 /* Initialize configuration options to their default values. */
325 initialize_server_options(&options);
326
327 /* Parse command-line arguments. */
328 while ((opt = getopt(ac, av, "f:p:b:k:h:g:diqQ")) != EOF)
329 {
330 switch (opt)
331 {
332 case 'f':
333 config_file_name = optarg;
334 break;
335 case 'd':
336 debug_flag = 1;
337 break;
338 case 'i':
339 inetd_flag = 1;
340 break;
341 case 'Q':
342 silentrsa = 1;
343 break;
344 case 'q':
345 options.quiet_mode = 1;
346 break;
347 case 'b':
348 options.server_key_bits = atoi(optarg);
349 break;
350 case 'p':
351 options.port = atoi(optarg);
352 break;
353 case 'g':
354 options.login_grace_time = atoi(optarg);
355 break;
356 case 'k':
357 options.key_regeneration_time = atoi(optarg);
358 break;
359 case 'h':
360 options.host_key_file = optarg;
361 break;
362 case '?':
363 default:
364 fprintf(stderr, "sshd version %s\n", SSH_VERSION);
365 fprintf(stderr, "Usage: %s [options]\n", av0);
366 fprintf(stderr, "Options:\n");
367 fprintf(stderr, " -f file Configuration file (default %s/sshd_config)\n", ETCDIR);
368 fprintf(stderr, " -d Debugging mode\n");
369 fprintf(stderr, " -i Started from inetd\n");
370 fprintf(stderr, " -q Quiet (no logging)\n");
371 fprintf(stderr, " -p port Listen on the specified port (default: 22)\n");
372 fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n");
373 fprintf(stderr, " -g seconds Grace period for authentication (default: 300)\n");
374 fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n");
375 fprintf(stderr, " -h file File from which to read host key (default: %s)\n",
376 HOST_KEY_FILE);
377 exit(1);
378 }
379 }
380
381 /* check if RSA support exists */
382 if (rsa_alive() == 0) {
383 if (silentrsa == 0)
384 printf("sshd: no RSA support in libssl and libcrypto -- exiting. See ssl(8)\n");
385 log("no RSA support in libssl and libcrypto -- exiting. See ssl(8)");
386 exit(1);
387 }
388
389 /* Read server configuration options from the configuration file. */
390 read_server_config(&options, config_file_name);
391
392 /* Fill in default values for those options not explicitly set. */
393 fill_default_server_options(&options);
394
395 /* Check certain values for sanity. */
396 if (options.server_key_bits < 512 ||
397 options.server_key_bits > 32768)
398 {
399 fprintf(stderr, "Bad server key size.\n");
400 exit(1);
401 }
402 if (options.port < 1 || options.port > 65535)
403 {
404 fprintf(stderr, "Bad port number.\n");
405 exit(1);
406 }
407
408 /* Check that there are no remaining arguments. */
409 if (optind < ac)
410 {
411 fprintf(stderr, "Extra argument %s.\n", av[optind]);
412 exit(1);
413 }
414
415 /* Initialize the log (it is reinitialized below in case we forked). */
416 log_init(av0, debug_flag && !inetd_flag,
417 debug_flag || options.fascist_logging,
418 options.quiet_mode, options.log_facility);
419
420 debug("sshd version %.100s", SSH_VERSION);
421
422 sensitive_data.host_key = RSA_new();
423 /* Load the host key. It must have empty passphrase. */
424 if (!load_private_key(options.host_key_file, "",
425 sensitive_data.host_key, &comment))
426 {
427 if (debug_flag)
428 fprintf(stderr, "Could not load host key: %s: %s\n",
429 options.host_key_file, strerror(errno));
430 else
431 {
432 int err = errno;
433 log_init(av0, !inetd_flag, 1, 0, options.log_facility);
434 error("Could not load host key: %.200s: %.100s",
435 options.host_key_file, strerror(err));
436 }
437 exit(1);
438 }
439 xfree(comment);
440
441 /* If not in debugging mode, and not started from inetd, disconnect from
442 the controlling terminal, and fork. The original process exits. */
443 if (!debug_flag && !inetd_flag)
444 {
445#ifdef TIOCNOTTY
446 int fd;
447#endif /* TIOCNOTTY */
448 if (daemon(0, 0) < 0)
449 fatal("daemon() failed: %.200s", strerror(errno));
450
451 /* Disconnect from the controlling tty. */
452#ifdef TIOCNOTTY
453 fd = open("/dev/tty", O_RDWR|O_NOCTTY);
454 if (fd >= 0)
455 {
456 (void)ioctl(fd, TIOCNOTTY, NULL);
457 close(fd);
458 }
459#endif /* TIOCNOTTY */
460 }
461
462 /* Reinitialize the log (because of the fork above). */
463 log_init(av0, debug_flag && !inetd_flag,
464 debug_flag || options.fascist_logging,
465 options.quiet_mode, options.log_facility);
466
467 /* Check that server and host key lengths differ sufficiently. This is
468 necessary to make double encryption work with rsaref. Oh, I hate
469 software patents. I dont know if this can go? Niels */
470 if (options.server_key_bits >
471 BN_num_bits(sensitive_data.host_key->n) - SSH_KEY_BITS_RESERVED &&
472 options.server_key_bits <
473 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED)
474 {
475 options.server_key_bits =
476 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED;
477 debug("Forcing server key to %d bits to make it differ from host key.",
478 options.server_key_bits);
479 }
480
481 /* Do not display messages to stdout in RSA code. */
482 rsa_set_verbose(0);
483
484 /* Initialize the random number generator. */
485 arc4random_stir();
486
487 /* Chdir to the root directory so that the current disk can be unmounted
488 if desired. */
489 chdir("/");
490
491 /* Close connection cleanly after attack. */
492 cipher_attack_detected = packet_disconnect;
493
494 /* Start listening for a socket, unless started from inetd. */
495 if (inetd_flag)
496 {
497 int s1, s2;
498 s1 = dup(0); /* Make sure descriptors 0, 1, and 2 are in use. */
499 s2 = dup(s1);
500 sock_in = dup(0);
501 sock_out = dup(1);
502 /* We intentionally do not close the descriptors 0, 1, and 2 as our
503 code for setting the descriptors won\'t work if ttyfd happens to
504 be one of those. */
505 debug("inetd sockets after dupping: %d, %d", sock_in, sock_out);
506
507 public_key = RSA_new();
508 sensitive_data.private_key = RSA_new();
509 /* Generate an rsa key. */
510 log("Generating %d bit RSA key.", options.server_key_bits);
511 rsa_generate_key(sensitive_data.private_key, public_key,
512 options.server_key_bits);
513 arc4random_stir();
514 log("RSA key generation complete.");
515 }
516 else
517 {
518 /* Create socket for listening. */
519 listen_sock = socket(AF_INET, SOCK_STREAM, 0);
520 if (listen_sock < 0)
521 fatal("socket: %.100s", strerror(errno));
522
523 /* Set socket options. We try to make the port reusable and have it
524 close as fast as possible without waiting in unnecessary wait states
525 on close. */
526 setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
527 sizeof(on));
528 linger.l_onoff = 1;
529 linger.l_linger = 5;
530 setsockopt(listen_sock, SOL_SOCKET, SO_LINGER, (void *)&linger,
531 sizeof(linger));
532
533 /* Initialize the socket address. */
534 memset(&sin, 0, sizeof(sin));
535 sin.sin_family = AF_INET;
536 sin.sin_addr = options.listen_addr;
537 sin.sin_port = htons(options.port);
538
539 /* Bind the socket to the desired port. */
540 if (bind(listen_sock, (struct sockaddr *)&sin, sizeof(sin)) < 0)
541 {
542 error("bind: %.100s", strerror(errno));
543 shutdown(listen_sock, SHUT_RDWR);
544 close(listen_sock);
545 fatal("Bind to port %d failed.", options.port);
546 }
547
548 if (!debug_flag)
549 {
550 /* Record our pid in /etc/sshd_pid to make it easier to kill the
551 correct sshd. We don\'t want to do this before the bind above
552 because the bind will fail if there already is a daemon, and this
553 will overwrite any old pid in the file. */
554 f = fopen(SSH_DAEMON_PID_FILE, "w");
555 if (f)
556 {
557 fprintf(f, "%u\n", (unsigned int)getpid());
558 fclose(f);
559 }
560 }
561
562 /* Start listening on the port. */
563 log("Server listening on port %d.", options.port);
564 if (listen(listen_sock, 5) < 0)
565 fatal("listen: %.100s", strerror(errno));
566
567 public_key = RSA_new();
568 sensitive_data.private_key = RSA_new();
569 /* Generate an rsa key. */
570 log("Generating %d bit RSA key.", options.server_key_bits);
571 rsa_generate_key(sensitive_data.private_key, public_key,
572 options.server_key_bits);
573 arc4random_stir();
574 log("RSA key generation complete.");
575
576 /* Schedule server key regeneration alarm. */
577 signal(SIGALRM, key_regeneration_alarm);
578 alarm(options.key_regeneration_time);
579
580 /* Arrange to restart on SIGHUP. The handler needs listen_sock. */
581 signal(SIGHUP, sighup_handler);
582 signal(SIGTERM, sigterm_handler);
583 signal(SIGQUIT, sigterm_handler);
584
585 /* Arrange SIGCHLD to be caught. */
586 signal(SIGCHLD, main_sigchld_handler);
587
588 /* Stay listening for connections until the system crashes or the
589 daemon is killed with a signal. */
590 for (;;)
591 {
592 if (received_sighup)
593 sighup_restart();
594 /* Wait in accept until there is a connection. */
595 aux = sizeof(sin);
596 newsock = accept(listen_sock, (struct sockaddr *)&sin, &aux);
597 if (received_sighup)
598 sighup_restart();
599 if (newsock < 0)
600 {
601 if (errno == EINTR)
602 continue;
603 error("accept: %.100s", strerror(errno));
604 continue;
605 }
606
607 /* Got connection. Fork a child to handle it, unless we are in
608 debugging mode. */
609 if (debug_flag)
610 {
611 /* In debugging mode. Close the listening socket, and start
612 processing the connection without forking. */
613 debug("Server will not fork when running in debugging mode.");
614 close(listen_sock);
615 sock_in = newsock;
616 sock_out = newsock;
617 pid = getpid();
618 break;
619 }
620 else
621 {
622 /* Normal production daemon. Fork, and have the child process
623 the connection. The parent continues listening. */
624 if ((pid = fork()) == 0)
625 {
626 /* Child. Close the listening socket, and start using
627 the accepted socket. Reinitialize logging (since our
628 pid has changed). We break out of the loop to handle
629 the connection. */
630 close(listen_sock);
631 sock_in = newsock;
632 sock_out = newsock;
633 log_init(av0, debug_flag && !inetd_flag,
634 options.fascist_logging || debug_flag,
635 options.quiet_mode, options.log_facility);
636 break;
637 }
638 }
639
640 /* Parent. Stay in the loop. */
641 if (pid < 0)
642 error("fork: %.100s", strerror(errno));
643 else
644 debug("Forked child %d.", pid);
645
646 /* Mark that the key has been used (it was "given" to the child). */
647 key_used = 1;
648
649 arc4random_stir();
650
651 /* Close the new socket (the child is now taking care of it). */
652 close(newsock);
653 }
654 }
655
656 /* This is the child processing a new connection. */
657
658 /* Disable the key regeneration alarm. We will not regenerate the key
659 since we are no longer in a position to give it to anyone. We will
660 not restart on SIGHUP since it no longer makes sense. */
661 alarm(0);
662 signal(SIGALRM, SIG_DFL);
663 signal(SIGHUP, SIG_DFL);
664 signal(SIGTERM, SIG_DFL);
665 signal(SIGQUIT, SIG_DFL);
666 signal(SIGCHLD, SIG_DFL);
667
668 /* Set socket options for the connection. We want the socket to close
669 as fast as possible without waiting for anything. If the connection
670 is not a socket, these will do nothing. */
671 /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */
672 linger.l_onoff = 1;
673 linger.l_linger = 5;
674 setsockopt(sock_in, SOL_SOCKET, SO_LINGER, (void *)&linger, sizeof(linger));
675
676 /* Register our connection. This turns encryption off because we do not
677 have a key. */
678 packet_set_connection(sock_in, sock_out);
679
680 /* Check whether logins are denied from this host. */
681#ifdef LIBWRAP
682 {
683 struct request_info req;
684
685 request_init(&req, RQ_DAEMON, av0, RQ_FILE, sock_in, NULL);
686 fromhost(&req);
687
688 if (!hosts_access(&req)) {
689 close(sock_in);
690 close(sock_out);
691 refuse(&req);
692 }
693 log("Connection from %.500s port %d",
694 eval_client(&req), get_remote_port());
695 }
696#else
697 /* Log the connection. */
698 log("Connection from %.100s port %d",
699 get_remote_ipaddr(), get_remote_port());
700#endif /* LIBWRAP */
701
702 /* We don\'t want to listen forever unless the other side successfully
703 authenticates itself. So we set up an alarm which is cleared after
704 successful authentication. A limit of zero indicates no limit.
705 Note that we don\'t set the alarm in debugging mode; it is just annoying
706 to have the server exit just when you are about to discover the bug. */
707 signal(SIGALRM, grace_alarm_handler);
708 if (!debug_flag)
709 alarm(options.login_grace_time);
710
711 /* Send our protocol version identification. */
712 snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n",
713 PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION);
714 if (write(sock_out, buf, strlen(buf)) != strlen(buf))
715 fatal("Could not write ident string.");
716
717 /* Read other side\'s version identification. */
718 for (i = 0; i < sizeof(buf) - 1; i++)
719 {
720 if (read(sock_in, &buf[i], 1) != 1)
721 fatal("Did not receive ident string.");
722 if (buf[i] == '\r')
723 {
724 buf[i] = '\n';
725 buf[i + 1] = 0;
726 break;
727 }
728 if (buf[i] == '\n')
729 {
730 /* buf[i] == '\n' */
731 buf[i + 1] = 0;
732 break;
733 }
734 }
735 buf[sizeof(buf) - 1] = 0;
736
737 /* Check that the versions match. In future this might accept several
738 versions and set appropriate flags to handle them. */
739 if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor,
740 remote_version) != 3)
741 {
742 const char *s = "Protocol mismatch.\n";
743 (void) write(sock_out, s, strlen(s));
744 close(sock_in);
745 close(sock_out);
746 fatal("Bad protocol version identification: %.100s", buf);
747 }
748 debug("Client protocol version %d.%d; client software version %.100s",
749 remote_major, remote_minor, remote_version);
750 if (remote_major != PROTOCOL_MAJOR)
751 {
752 const char *s = "Protocol major versions differ.\n";
753 (void) write(sock_out, s, strlen(s));
754 close(sock_in);
755 close(sock_out);
756 fatal("Protocol major versions differ: %d vs. %d",
757 PROTOCOL_MAJOR, remote_major);
758 }
759
760 /* Check that the client has sufficiently high software version. */
761 if (remote_major == 1 && remote_minor < 3)
762 packet_disconnect("Your ssh version is too old and is no longer supported. Please install a newer version.");
763
764 if (remote_major == 1 && remote_minor == 3) {
765 enable_compat13();
766 if (strcmp(remote_version, "OpenSSH-1.1") != 0) {
767 debug("Agent forwarding disabled, remote version is not compatible.");
768 no_agent_forwarding_flag = 1;
769 }
770 }
771
772 packet_set_nonblocking();
773
774 /* Handle the connection. We pass as argument whether the connection
775 came from a privileged port. */
776 do_connection(get_remote_port() < IPPORT_RESERVED);
777
778#ifdef KRB4
779 /* Cleanup user's ticket cache file. */
780 if (options.kerberos_ticket_cleanup)
781 (void) dest_tkt();
782#endif /* KRB4 */
783
784 /* Cleanup user's local Xauthority file. */
785 if (xauthfile) unlink(xauthfile);
786
787 /* The connection has been terminated. */
788 log("Closing connection to %.100s", inet_ntoa(sin.sin_addr));
789
790#ifdef HAVE_PAM
791 if (retval == PAM_SUCCESS)
792 retval = pam_close_session((pam_handle_t *)pamh, 0);
793
794 if (pam_end((pam_handle_t *)pamh, retval) != PAM_SUCCESS)
795 log("Cannot release PAM authentication.");
796
797 fatal_remove_cleanup(&pam_cleanup_proc, NULL);
798#endif /* HAVE_PAM */
799
800 packet_close();
801
802 exit(0);
803}
804
805/* Process an incoming connection. Protocol version identifiers have already
806 been exchanged. This sends server key and performs the key exchange.
807 Server and host keys will no longer be needed after this functions. */
808
809void do_connection(int privileged_port)
810{
811 int i;
812 BIGNUM *session_key_int;
813 unsigned char session_key[SSH_SESSION_KEY_LENGTH];
814 unsigned char check_bytes[8];
815 char *user;
816 unsigned int cipher_type, auth_mask, protocol_flags;
817 int plen, slen;
818 u_int32_t rand = 0;
819
820 /* Generate check bytes that the client must send back in the user packet
821 in order for it to be accepted; this is used to defy ip spoofing
822 attacks. Note that this only works against somebody doing IP spoofing
823 from a remote machine; any machine on the local network can still see
824 outgoing packets and catch the random cookie. This only affects
825 rhosts authentication, and this is one of the reasons why it is
826 inherently insecure. */
827 for (i = 0; i < 8; i++) {
828 if (i % 4 == 0)
829 rand = arc4random();
830 check_bytes[i] = rand & 0xff;
831 rand >>= 8;
832 }
833
834 /* Send our public key. We include in the packet 64 bits of random
835 data that must be matched in the reply in order to prevent IP spoofing. */
836 packet_start(SSH_SMSG_PUBLIC_KEY);
837 for (i = 0; i < 8; i++)
838 packet_put_char(check_bytes[i]);
839
840 /* Store our public server RSA key. */
841 packet_put_int(BN_num_bits(public_key->n));
842 packet_put_bignum(public_key->e);
843 packet_put_bignum(public_key->n);
844
845 /* Store our public host RSA key. */
846 packet_put_int(BN_num_bits(sensitive_data.host_key->n));
847 packet_put_bignum(sensitive_data.host_key->e);
848 packet_put_bignum(sensitive_data.host_key->n);
849
850 /* Put protocol flags. */
851 packet_put_int(SSH_PROTOFLAG_HOST_IN_FWD_OPEN);
852
853 /* Declare which ciphers we support. */
854 packet_put_int(cipher_mask());
855
856 /* Declare supported authentication types. */
857 auth_mask = 0;
858 if (options.rhosts_authentication)
859 auth_mask |= 1 << SSH_AUTH_RHOSTS;
860 if (options.rhosts_rsa_authentication)
861 auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA;
862 if (options.rsa_authentication)
863 auth_mask |= 1 << SSH_AUTH_RSA;
864#ifdef KRB4
865 if (options.kerberos_authentication)
866 auth_mask |= 1 << SSH_AUTH_KERBEROS;
867#endif
868#ifdef AFS
869 if (options.kerberos_tgt_passing)
870 auth_mask |= 1 << SSH_PASS_KERBEROS_TGT;
871 if (options.afs_token_passing)
872 auth_mask |= 1 << SSH_PASS_AFS_TOKEN;
873#endif
874 if (options.password_authentication)
875 auth_mask |= 1 << SSH_AUTH_PASSWORD;
876 packet_put_int(auth_mask);
877
878 /* Send the packet and wait for it to be sent. */
879 packet_send();
880 packet_write_wait();
881
882 debug("Sent %d bit public key and %d bit host key.",
883 BN_num_bits(public_key->n), BN_num_bits(sensitive_data.host_key->n));
884
885 /* Read clients reply (cipher type and session key). */
886 packet_read_expect(&plen, SSH_CMSG_SESSION_KEY);
887
888 /* Get cipher type. */
889 cipher_type = packet_get_char();
890
891 /* Get check bytes from the packet. These must match those we sent earlier
892 with the public key packet. */
893 for (i = 0; i < 8; i++)
894 if (check_bytes[i] != packet_get_char())
895 packet_disconnect("IP Spoofing check bytes do not match.");
896
897 debug("Encryption type: %.200s", cipher_name(cipher_type));
898
899 /* Get the encrypted integer. */
900 session_key_int = BN_new();
901 packet_get_bignum(session_key_int, &slen);
902
903 /* Get protocol flags. */
904 protocol_flags = packet_get_int();
905 packet_set_protocol_flags(protocol_flags);
906
907 packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY);
908
909 /* Decrypt it using our private server key and private host key (key with
910 larger modulus first). */
911 if (BN_cmp(sensitive_data.private_key->n, sensitive_data.host_key->n) > 0)
912 {
913 /* Private key has bigger modulus. */
914 assert(BN_num_bits(sensitive_data.private_key->n) >=
915 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED);
916 rsa_private_decrypt(session_key_int, session_key_int,
917 sensitive_data.private_key);
918 rsa_private_decrypt(session_key_int, session_key_int,
919 sensitive_data.host_key);
920 }
921 else
922 {
923 /* Host key has bigger modulus (or they are equal). */
924 assert(BN_num_bits(sensitive_data.host_key->n) >=
925 BN_num_bits(sensitive_data.private_key->n) +
926 SSH_KEY_BITS_RESERVED);
927 rsa_private_decrypt(session_key_int, session_key_int,
928 sensitive_data.host_key);
929 rsa_private_decrypt(session_key_int, session_key_int,
930 sensitive_data.private_key);
931 }
932
933 /* Compute session id for this session. */
934 compute_session_id(session_id, check_bytes,
935 BN_num_bits(sensitive_data.host_key->n),
936 sensitive_data.host_key->n,
937 BN_num_bits(sensitive_data.private_key->n),
938 sensitive_data.private_key->n);
939
940 /* Extract session key from the decrypted integer. The key is in the
941 least significant 256 bits of the integer; the first byte of the
942 key is in the highest bits. */
943 BN_mask_bits(session_key_int, sizeof(session_key) * 8);
944 assert(BN_num_bytes(session_key_int) == sizeof(session_key));
945 BN_bn2bin(session_key_int, session_key);
946
947 /* Xor the first 16 bytes of the session key with the session id. */
948 for (i = 0; i < 16; i++)
949 session_key[i] ^= session_id[i];
950
951 /* Destroy the decrypted integer. It is no longer needed. */
952 BN_clear_free(session_key_int);
953
954 /* Set the session key. From this on all communications will be
955 encrypted. */
956 packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH,
957 cipher_type, 0);
958
959 /* Destroy our copy of the session key. It is no longer needed. */
960 memset(session_key, 0, sizeof(session_key));
961
962 debug("Received session key; encryption turned on.");
963
964 /* Send an acknowledgement packet. Note that this packet is sent
965 encrypted. */
966 packet_start(SSH_SMSG_SUCCESS);
967 packet_send();
968 packet_write_wait();
969
970 /* Get the name of the user that we wish to log in as. */
971 packet_read_expect(&plen, SSH_CMSG_USER);
972
973 /* Get the user name. */
974 {
975 int ulen;
976 user = packet_get_string(&ulen);
977 packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);
978 }
979
980 /* Destroy the private and public keys. They will no longer be needed. */
981 RSA_free(public_key);
982 RSA_free(sensitive_data.private_key);
983 RSA_free(sensitive_data.host_key);
984
985 setproctitle("%s", user);
986 /* Do the authentication. */
987 do_authentication(user, privileged_port);
988}
989
990/* Check if the user is allowed to log in via ssh. If user is listed in
991 DenyUsers or user's primary group is listed in DenyGroups, false will
992 be returned. If AllowUsers isn't empty and user isn't listed there, or
993 if AllowGroups isn't empty and user isn't listed there, false will be
994 returned. Otherwise true is returned.
995 XXX This function should also check if user has a valid shell */
996
997static int
998allowed_user(struct passwd *pw)
999{
1000 struct group *grp;
1001 int i;
1002
1003 /* Shouldn't be called if pw is NULL, but better safe than sorry... */
1004 if (!pw)
1005 return 0;
1006
1007 /* XXX Should check for valid login shell */
1008
1009 /* Return false if user is listed in DenyUsers */
1010 if (options.num_deny_users > 0)
1011 {
1012 if (!pw->pw_name)
1013 return 0;
1014 for (i = 0; i < options.num_deny_users; i++)
1015 if (match_pattern(pw->pw_name, options.deny_users[i]))
1016 return 0;
1017 }
1018
1019 /* Return false if AllowUsers isn't empty and user isn't listed there */
1020 if (options.num_allow_users > 0)
1021 {
1022 if (!pw->pw_name)
1023 return 0;
1024 for (i = 0; i < options.num_allow_users; i++)
1025 if (match_pattern(pw->pw_name, options.allow_users[i]))
1026 break;
1027 /* i < options.num_allow_users iff we break for loop */
1028 if (i >= options.num_allow_users)
1029 return 0;
1030 }
1031
1032 /* Get the primary group name if we need it. Return false if it fails */
1033 if (options.num_deny_groups > 0 || options.num_allow_groups > 0 )
1034 {
1035 grp = getgrgid(pw->pw_gid);
1036 if (!grp)
1037 return 0;
1038
1039 /* Return false if user's group is listed in DenyGroups */
1040 if (options.num_deny_groups > 0)
1041 {
1042 if (!grp->gr_name)
1043 return 0;
1044 for (i = 0; i < options.num_deny_groups; i++)
1045 if (match_pattern(grp->gr_name, options.deny_groups[i]))
1046 return 0;
1047 }
1048
1049 /* Return false if AllowGroups isn't empty and user's group isn't
1050 listed there */
1051 if (options.num_allow_groups > 0)
1052 {
1053 if (!grp->gr_name)
1054 return 0;
1055 for (i = 0; i < options.num_allow_groups; i++)
1056 if (match_pattern(grp->gr_name, options.allow_groups[i]))
1057 break;
1058 /* i < options.num_allow_groups iff we break for loop */
1059 if (i >= options.num_allow_groups)
1060 return 0;
1061 }
1062 }
1063
1064 /* We found no reason not to let this user try to log on... */
1065 return 1;
1066}
1067
1068/* Performs authentication of an incoming connection. Session key has already
1069 been exchanged and encryption is enabled. User is the user name to log
1070 in as (received from the clinet). Privileged_port is true if the
1071 connection comes from a privileged port (used for .rhosts authentication).*/
1072
1073#define MAX_AUTH_FAILURES 5
1074
1075void
1076do_authentication(char *user, int privileged_port)
1077{
1078 int type;
1079 int authenticated = 0;
1080 int authentication_failures = 0;
1081 char *password;
1082 struct passwd *pw, pwcopy;
1083 char *client_user;
1084 unsigned int client_host_key_bits;
1085 BIGNUM *client_host_key_e, *client_host_key_n;
1086#ifdef HAVE_PAM
1087 int pam_auth_ok;
1088#endif /* HAVE_PAM */
1089
1090#ifdef AFS
1091 /* If machine has AFS, set process authentication group. */
1092 if (k_hasafs()) {
1093 k_setpag();
1094 k_unlog();
1095 }
1096#endif /* AFS */
1097
1098 /* Verify that the user is a valid user. */
1099 pw = getpwnam(user);
1100#ifdef HAVE_PAM
1101 if ((pw != NULL) && allowed_user(pw))
1102 {
1103 /* Initialise PAM */
1104 retval = pam_start("ssh", pw->pw_name, &conv, (pam_handle_t **)&pamh);
1105 fatal_add_cleanup(&pam_cleanup_proc, NULL);
1106 origretval = retval;
1107 if (retval == PAM_SUCCESS)
1108 pam_auth_ok = 1;
1109 }
1110
1111 if (pam_auth_ok == 0)
1112#else /* HAVE_PAM */
1113 if (!pw || !allowed_user(pw))
1114#endif /* HAVE_PAM */
1115 {
1116 /* The user does not exist or access is denied,
1117 but fake indication that authentication is needed. */
1118 packet_start(SSH_SMSG_FAILURE);
1119 packet_send();
1120 packet_write_wait();
1121
1122 /* Keep reading packets, and always respond with a failure. This is to
1123 avoid disclosing whether such a user really exists. */
1124 for (;;)
1125 {
1126 /* Read a packet. This will not return if the client disconnects. */
1127 int plen;
1128 int type = packet_read(&plen);
1129#ifdef SKEY
1130 int passw_len;
1131 char *password, *skeyinfo;
1132 if (options.password_authentication &&
1133 options.skey_authentication == 1 &&
1134 type == SSH_CMSG_AUTH_PASSWORD &&
1135 (password = packet_get_string(&passw_len)) != NULL &&
1136 passw_len == 5 &&
1137 strncasecmp(password, "s/key", 5) == 0 &&
1138 (skeyinfo = skey_fake_keyinfo(user)) != NULL ){
1139 /* Send a fake s/key challenge. */
1140 packet_send_debug(skeyinfo);
1141 }
1142#endif
1143 /* Send failure. This should be indistinguishable from a failed
1144 authentication. */
1145 packet_start(SSH_SMSG_FAILURE);
1146 packet_send();
1147 packet_write_wait();
1148 if (++authentication_failures >= MAX_AUTH_FAILURES) {
1149 packet_disconnect("Too many authentication failures for %.100s from %.200s",
1150 user, get_canonical_hostname());
1151 }
1152 }
1153 /*NOTREACHED*/
1154 abort();
1155 }
1156
1157 /* Take a copy of the returned structure. */
1158 memset(&pwcopy, 0, sizeof(pwcopy));
1159 pwcopy.pw_name = xstrdup(pw->pw_name);
1160 pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
1161 pwcopy.pw_uid = pw->pw_uid;
1162 pwcopy.pw_gid = pw->pw_gid;
1163 pwcopy.pw_dir = xstrdup(pw->pw_dir);
1164 pwcopy.pw_shell = xstrdup(pw->pw_shell);
1165 pw = &pwcopy;
1166
1167 /* If we are not running as root, the user must have the same uid as the
1168 server. */
1169 if (getuid() != 0 && pw->pw_uid != getuid())
1170 packet_disconnect("Cannot change user when server not running as root.");
1171
1172 debug("Attempting authentication for %.100s.", user);
1173
1174 /* If the user has no password, accept authentication immediately. */
1175 if (options.password_authentication &&
1176#ifdef KRB4
1177 (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
1178#endif /* KRB4 */
1179 auth_password(pw, ""))
1180 {
1181 /* Authentication with empty password succeeded. */
1182 debug("Login for user %.100s accepted without authentication.", user);
1183 /* authentication_type = SSH_AUTH_PASSWORD; */
1184 authenticated = 1;
1185 /* Success packet will be sent after loop below. */
1186 }
1187 else
1188 {
1189 /* Indicate that authentication is needed. */
1190 packet_start(SSH_SMSG_FAILURE);
1191 packet_send();
1192 packet_write_wait();
1193 }
1194
1195 /* Loop until the user has been authenticated or the connection is closed. */
1196 while (!authenticated)
1197 {
1198 int plen;
1199 /* Get a packet from the client. */
1200 type = packet_read(&plen);
1201
1202 /* Process the packet. */
1203 switch (type)
1204 {
1205
1206#ifdef AFS
1207 case SSH_CMSG_HAVE_KERBEROS_TGT:
1208 if (!options.kerberos_tgt_passing)
1209 {
1210 /* packet_get_all(); */
1211 log("Kerberos tgt passing disabled.");
1212 break;
1213 }
1214 else {
1215 /* Accept Kerberos tgt. */
1216 int dlen;
1217 char *tgt = packet_get_string(&dlen);
1218 packet_integrity_check(plen, 4 + dlen, type);
1219 if (!auth_kerberos_tgt(pw, tgt))
1220 debug("Kerberos tgt REFUSED for %s", user);
1221 xfree(tgt);
1222 }
1223 continue;
1224
1225 case SSH_CMSG_HAVE_AFS_TOKEN:
1226 if (!options.afs_token_passing || !k_hasafs()) {
1227 /* packet_get_all(); */
1228 log("AFS token passing disabled.");
1229 break;
1230 }
1231 else {
1232 /* Accept AFS token. */
1233 int dlen;
1234 char *token_string = packet_get_string(&dlen);
1235 packet_integrity_check(plen, 4 + dlen, type);
1236 if (!auth_afs_token(user, pw->pw_uid, token_string))
1237 debug("AFS token REFUSED for %s", user);
1238 xfree(token_string);
1239 continue;
1240 }
1241#endif /* AFS */
1242
1243#ifdef KRB4
1244 case SSH_CMSG_AUTH_KERBEROS:
1245 if (!options.kerberos_authentication)
1246 {
1247 /* packet_get_all(); */
1248 log("Kerberos authentication disabled.");
1249 break;
1250 }
1251 else {
1252 /* Try Kerberos v4 authentication. */
1253 KTEXT_ST auth;
1254 char *tkt_user = NULL;
1255 char *kdata = packet_get_string((unsigned int *)&auth.length);
1256 packet_integrity_check(plen, 4 + auth.length, type);
1257
1258 if (auth.length < MAX_KTXT_LEN)
1259 memcpy(auth.dat, kdata, auth.length);
1260 xfree(kdata);
1261
1262 if (auth_krb4(user, &auth, &tkt_user)) {
1263 /* Client has successfully authenticated to us. */
1264 log("Kerberos authentication accepted %s for account "
1265 "%s from %s", tkt_user, user, get_canonical_hostname());
1266 /* authentication_type = SSH_AUTH_KERBEROS; */
1267 authenticated = 1;
1268 xfree(tkt_user);
1269 }
1270 else {
1271 log("Kerberos authentication failed for account "
1272 "%s from %s", user, get_canonical_hostname());
1273 }
1274 }
1275 break;
1276#endif /* KRB4 */
1277
1278 case SSH_CMSG_AUTH_RHOSTS:
1279 if (!options.rhosts_authentication)
1280 {
1281 log("Rhosts authentication disabled.");
1282 break;
1283 }
1284
1285 /* Rhosts authentication (also uses /etc/hosts.equiv). */
1286 if (!privileged_port)
1287 {
1288 log("Rhosts authentication not available for connections from unprivileged port.");
1289 break;
1290 }
1291
1292 /* Get client user name. Note that we just have to trust the client;
1293 this is one reason why rhosts authentication is insecure.
1294 (Another is IP-spoofing on a local network.) */
1295 {
1296 int dlen;
1297 client_user = packet_get_string(&dlen);
1298 packet_integrity_check(plen, 4 + dlen, type);
1299 }
1300
1301 /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
1302 if (auth_rhosts(pw, client_user, options.ignore_rhosts,
1303 options.strict_modes))
1304 {
1305 /* Authentication accepted. */
1306 log("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.",
1307 user, client_user, get_canonical_hostname());
1308 authenticated = 1;
1309 xfree(client_user);
1310 break;
1311 }
1312 log("Rhosts authentication failed for %.100s, remote %.100s.",
1313 user, client_user);
1314 xfree(client_user);
1315 break;
1316
1317 case SSH_CMSG_AUTH_RHOSTS_RSA:
1318 if (!options.rhosts_rsa_authentication)
1319 {
1320 log("Rhosts with RSA authentication disabled.");
1321 break;
1322 }
1323
1324 /* Rhosts authentication (also uses /etc/hosts.equiv) with RSA
1325 host authentication. */
1326 if (!privileged_port)
1327 {
1328 log("Rhosts authentication not available for connections from unprivileged port.");
1329 break;
1330 }
1331
1332 {
1333 int ulen, elen, nlen;
1334 /* Get client user name. Note that we just have to trust
1335 the client; root on the client machine can claim to be
1336 any user. */
1337 client_user = packet_get_string(&ulen);
1338
1339 /* Get the client host key. */
1340 client_host_key_e = BN_new();
1341 client_host_key_n = BN_new();
1342 client_host_key_bits = packet_get_int();
1343 packet_get_bignum(client_host_key_e, &elen);
1344 packet_get_bignum(client_host_key_n, &nlen);
1345
1346 packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
1347 }
1348
1349 /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
1350 if (auth_rhosts_rsa(pw, client_user,
1351 client_host_key_bits, client_host_key_e,
1352 client_host_key_n, options.ignore_rhosts,
1353 options.strict_modes))
1354 {
1355 /* Authentication accepted. */
1356 authenticated = 1;
1357 xfree(client_user);
1358 BN_clear_free(client_host_key_e);
1359 BN_clear_free(client_host_key_n);
1360 break;
1361 }
1362 log("Rhosts authentication failed for %.100s, remote %.100s.",
1363 user, client_user);
1364 xfree(client_user);
1365 BN_clear_free(client_host_key_e);
1366 BN_clear_free(client_host_key_n);
1367 break;
1368
1369 case SSH_CMSG_AUTH_RSA:
1370 if (!options.rsa_authentication)
1371 {
1372 log("RSA authentication disabled.");
1373 break;
1374 }
1375
1376 /* RSA authentication requested. */
1377 {
1378 int nlen;
1379 BIGNUM *n;
1380 n = BN_new();
1381 packet_get_bignum(n, &nlen);
1382
1383 packet_integrity_check(plen, nlen, type);
1384
1385 if (auth_rsa(pw, n, options.strict_modes))
1386 {
1387 /* Successful authentication. */
1388 BN_clear_free(n);
1389 log("RSA authentication for %.100s accepted.", user);
1390 authenticated = 1;
1391 break;
1392 }
1393 BN_clear_free(n);
1394 log("RSA authentication for %.100s failed.", user);
1395 }
1396 break;
1397
1398 case SSH_CMSG_AUTH_PASSWORD:
1399 if (!options.password_authentication)
1400 {
1401 log("Password authentication disabled.");
1402 break;
1403 }
1404
1405 /* Password authentication requested. */
1406 /* Read user password. It is in plain text, but was transmitted
1407 over the encrypted channel so it is not visible to an outside
1408 observer. */
1409 {
1410 int passw_len;
1411 password = packet_get_string(&passw_len);
1412 packet_integrity_check(plen, 4 + passw_len, type);
1413 }
1414
1415 /* Try authentication with the password. */
1416 if (auth_password(pw, password))
1417 {
1418 /* Successful authentication. */
1419 /* Clear the password from memory. */
1420 memset(password, 0, strlen(password));
1421 xfree(password);
1422 log("Password authentication for %.100s accepted.", user);
1423 authenticated = 1;
1424 break;
1425 }
1426 log("Password authentication for %.100s failed.", user);
1427 memset(password, 0, strlen(password));
1428 xfree(password);
1429 break;
1430
1431 case SSH_CMSG_AUTH_TIS:
1432 /* TIS Authentication is unsupported */
1433 log("TIS authentication disabled.");
1434 break;
1435
1436 default:
1437 /* Any unknown messages will be ignored (and failure returned)
1438 during authentication. */
1439 log("Unknown message during authentication: type %d", type);
1440 break; /* Respond with a failure message. */
1441 }
1442 /* If successfully authenticated, break out of loop. */
1443 if (authenticated)
1444 break;
1445
1446 /* Send a message indicating that the authentication attempt failed. */
1447 packet_start(SSH_SMSG_FAILURE);
1448 packet_send();
1449 packet_write_wait();
1450
1451 if (++authentication_failures >= MAX_AUTH_FAILURES) {
1452 packet_disconnect("Too many authentication failures for %.100s from %.200s",
1453 pw->pw_name, get_canonical_hostname());
1454 }
1455 }
1456
1457 /* Check if the user is logging in as root and root logins are disallowed. */
1458 if (pw->pw_uid == 0 && !options.permit_root_login)
1459 {
1460 if (forced_command)
1461 log("Root login accepted for forced command.", forced_command);
1462 else
1463 packet_disconnect("ROOT LOGIN REFUSED FROM %.200s",
1464 get_canonical_hostname());
1465 }
1466
1467 /* The user has been authenticated and accepted. */
1468 packet_start(SSH_SMSG_SUCCESS);
1469 packet_send();
1470 packet_write_wait();
1471
1472 /* Perform session preparation. */
1473 do_authenticated(pw);
1474}
1475
1476/* Prepares for an interactive session. This is called after the user has
1477 been successfully authenticated. During this message exchange, pseudo
1478 terminals are allocated, X11, TCP/IP, and authentication agent forwardings
1479 are requested, etc. */
1480
1481void do_authenticated(struct passwd *pw)
1482{
1483 int type;
1484 int compression_level = 0, enable_compression_after_reply = 0;
1485 int have_pty = 0, ptyfd = -1, ttyfd = -1, xauthfd = -1;
1486 int row, col, xpixel, ypixel, screen;
1487 char ttyname[64];
1488 char *command, *term = NULL, *display = NULL, *proto = NULL, *data = NULL;
1489 struct group *grp;
1490 gid_t tty_gid;
1491 mode_t tty_mode;
1492 int n_bytes;
1493
1494 /* Cancel the alarm we set to limit the time taken for authentication. */
1495 alarm(0);
1496
1497 /* Inform the channel mechanism that we are the server side and that
1498 the client may request to connect to any port at all. (The user could
1499 do it anyway, and we wouldn\'t know what is permitted except by the
1500 client telling us, so we can equally well trust the client not to request
1501 anything bogus.) */
1502 channel_permit_all_opens();
1503
1504 /* We stay in this loop until the client requests to execute a shell or a
1505 command. */
1506 while (1)
1507 {
1508 int plen, dlen;
1509
1510 /* Get a packet from the client. */
1511 type = packet_read(&plen);
1512
1513 /* Process the packet. */
1514 switch (type)
1515 {
1516 case SSH_CMSG_REQUEST_COMPRESSION:
1517 packet_integrity_check(plen, 4, type);
1518 compression_level = packet_get_int();
1519 if (compression_level < 1 || compression_level > 9)
1520 {
1521 packet_send_debug("Received illegal compression level %d.",
1522 compression_level);
1523 goto fail;
1524 }
1525 /* Enable compression after we have responded with SUCCESS. */
1526 enable_compression_after_reply = 1;
1527 break;
1528
1529 case SSH_CMSG_REQUEST_PTY:
1530 if (no_pty_flag)
1531 {
1532 debug("Allocating a pty not permitted for this authentication.");
1533 goto fail;
1534 }
1535 if (have_pty)
1536 packet_disconnect("Protocol error: you already have a pty.");
1537
1538 debug("Allocating pty.");
1539
1540 /* Allocate a pty and open it. */
1541 if (!pty_allocate(&ptyfd, &ttyfd, ttyname))
1542 {
1543 error("Failed to allocate pty.");
1544 goto fail;
1545 }
1546
1547 /* Determine the group to make the owner of the tty. */
1548 grp = getgrnam("tty");
1549 if (grp)
1550 {
1551 tty_gid = grp->gr_gid;
1552 tty_mode = S_IRUSR|S_IWUSR|S_IWGRP;
1553 }
1554 else
1555 {
1556 tty_gid = pw->pw_gid;
1557 tty_mode = S_IRUSR|S_IWUSR|S_IWGRP|S_IWOTH;
1558 }
1559
1560 /* Change ownership of the tty. */
1561 if (chown(ttyname, pw->pw_uid, tty_gid) < 0)
1562 fatal("chown(%.100s, %d, %d) failed: %.100s",
1563 ttyname, pw->pw_uid, tty_gid, strerror(errno));
1564 if (chmod(ttyname, tty_mode) < 0)
1565 fatal("chmod(%.100s, 0%o) failed: %.100s",
1566 ttyname, tty_mode, strerror(errno));
1567
1568 /* Get TERM from the packet. Note that the value may be of arbitrary
1569 length. */
1570
1571 term = packet_get_string(&dlen);
1572 packet_integrity_check(dlen, strlen(term), type);
1573 /* packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); */
1574 /* Remaining bytes */
1575 n_bytes = plen - (4 + dlen + 4*4);
1576
1577 if (strcmp(term, "") == 0)
1578 term = NULL;
1579
1580 /* Get window size from the packet. */
1581 row = packet_get_int();
1582 col = packet_get_int();
1583 xpixel = packet_get_int();
1584 ypixel = packet_get_int();
1585 pty_change_window_size(ptyfd, row, col, xpixel, ypixel);
1586
1587 /* Get tty modes from the packet. */
1588 tty_parse_modes(ttyfd, &n_bytes);
1589 packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type);
1590
1591 /* Indicate that we now have a pty. */
1592 have_pty = 1;
1593 break;
1594
1595 case SSH_CMSG_X11_REQUEST_FORWARDING:
1596 if (!options.x11_forwarding)
1597 {
1598 packet_send_debug("X11 forwarding disabled in server configuration file.");
1599 goto fail;
1600 }
1601#ifdef XAUTH_PATH
1602 if (no_x11_forwarding_flag)
1603 {
1604 packet_send_debug("X11 forwarding not permitted for this authentication.");
1605 goto fail;
1606 }
1607 debug("Received request for X11 forwarding with auth spoofing.");
1608 if (display)
1609 packet_disconnect("Protocol error: X11 display already set.");
1610 {
1611 int proto_len, data_len;
1612 proto = packet_get_string(&proto_len);
1613 data = packet_get_string(&data_len);
1614 packet_integrity_check(plen, 4+proto_len + 4+data_len + 4, type);
1615 }
1616 if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER)
1617 screen = packet_get_int();
1618 else
1619 screen = 0;
1620 display = x11_create_display_inet(screen);
1621 if (!display)
1622 goto fail;
1623
1624 /* Setup to always have a local .Xauthority. */
1625 xauthfile = xmalloc(MAXPATHLEN);
1626 snprintf(xauthfile, MAXPATHLEN, "/tmp/XauthXXXXXX");
1627
1628 if ((xauthfd = mkstemp(xauthfile)) != -1) {
1629 fchown(xauthfd, pw->pw_uid, pw->pw_gid);
1630 close(xauthfd);
1631 }
1632 else {
1633 xfree(xauthfile);
1634 xauthfile = NULL;
1635 }
1636 break;
1637#else /* XAUTH_PATH */
1638 /* No xauth program; we won't accept forwarding with spoofing. */
1639 packet_send_debug("No xauth program; cannot forward with spoofing.");
1640 goto fail;
1641#endif /* XAUTH_PATH */
1642
1643 case SSH_CMSG_AGENT_REQUEST_FORWARDING:
1644 if (no_agent_forwarding_flag)
1645 {
1646 debug("Authentication agent forwarding not permitted for this authentication.");
1647 goto fail;
1648 }
1649 debug("Received authentication agent forwarding request.");
1650 auth_input_request_forwarding(pw);
1651 break;
1652
1653 case SSH_CMSG_PORT_FORWARD_REQUEST:
1654 if (no_port_forwarding_flag)
1655 {
1656 debug("Port forwarding not permitted for this authentication.");
1657 goto fail;
1658 }
1659 debug("Received TCP/IP port forwarding request.");
1660 channel_input_port_forward_request(pw->pw_uid == 0);
1661 break;
1662
1663 case SSH_CMSG_EXEC_SHELL:
1664 /* Set interactive/non-interactive mode. */
1665 packet_set_interactive(have_pty || display != NULL,
1666 options.keepalives);
1667
1668 if (forced_command != NULL)
1669 goto do_forced_command;
1670 debug("Forking shell.");
1671 packet_integrity_check(plen, 0, type);
1672 if (have_pty)
1673 do_exec_pty(NULL, ptyfd, ttyfd, ttyname, pw, term, display, proto,
1674 data);
1675 else
1676 do_exec_no_pty(NULL, pw, display, proto, data);
1677 return;
1678
1679 case SSH_CMSG_EXEC_CMD:
1680 /* Set interactive/non-interactive mode. */
1681 packet_set_interactive(have_pty || display != NULL,
1682 options.keepalives);
1683
1684 if (forced_command != NULL)
1685 goto do_forced_command;
1686 /* Get command from the packet. */
1687 {
1688 int dlen;
1689 command = packet_get_string(&dlen);
1690 debug("Executing command '%.500s'", command);
1691 packet_integrity_check(plen, 4 + dlen, type);
1692 }
1693 if (have_pty)
1694 do_exec_pty(command, ptyfd, ttyfd, ttyname, pw, term, display,
1695 proto, data);
1696 else
1697 do_exec_no_pty(command, pw, display, proto, data);
1698 xfree(command);
1699 return;
1700
1701 case SSH_CMSG_MAX_PACKET_SIZE:
1702 debug("The server does not support limiting packet size.");
1703 goto fail;
1704
1705 default:
1706 /* Any unknown messages in this phase are ignored, and a failure
1707 message is returned. */
1708 log("Unknown packet type received after authentication: %d", type);
1709 goto fail;
1710 }
1711
1712 /* The request was successfully processed. */
1713 packet_start(SSH_SMSG_SUCCESS);
1714 packet_send();
1715 packet_write_wait();
1716
1717 /* Enable compression now that we have replied if appropriate. */
1718 if (enable_compression_after_reply)
1719 {
1720 enable_compression_after_reply = 0;
1721 packet_start_compression(compression_level);
1722 }
1723
1724 continue;
1725
1726 fail:
1727 /* The request failed. */
1728 packet_start(SSH_SMSG_FAILURE);
1729 packet_send();
1730 packet_write_wait();
1731 continue;
1732
1733 do_forced_command:
1734 /* There is a forced command specified for this login. Execute it. */
1735 debug("Executing forced command: %.900s", forced_command);
1736 if (have_pty)
1737 do_exec_pty(forced_command, ptyfd, ttyfd, ttyname, pw, term, display,
1738 proto, data);
1739 else
1740 do_exec_no_pty(forced_command, pw, display, proto, data);
1741 return;
1742 }
1743}
1744
1745/* This is called to fork and execute a command when we have no tty. This
1746 will call do_child from the child, and server_loop from the parent after
1747 setting up file descriptors and such. */
1748
1749void do_exec_no_pty(const char *command, struct passwd *pw,
1750 const char *display, const char *auth_proto,
1751 const char *auth_data)
1752{
1753 int pid;
1754
1755#ifdef USE_PIPES
1756 int pin[2], pout[2], perr[2];
1757 /* Allocate pipes for communicating with the program. */
1758 if (pipe(pin) < 0 || pipe(pout) < 0 || pipe(perr) < 0)
1759 packet_disconnect("Could not create pipes: %.100s",
1760 strerror(errno));
1761#else /* USE_PIPES */
1762 int inout[2], err[2];
1763 /* Uses socket pairs to communicate with the program. */
1764 if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0 ||
1765 socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0)
1766 packet_disconnect("Could not create socket pairs: %.100s",
1767 strerror(errno));
1768#endif /* USE_PIPES */
1769
1770 setproctitle("%s@notty", pw->pw_name);
1771
1772 /* Fork the child. */
1773 if ((pid = fork()) == 0)
1774 {
1775 /* Child. Reinitialize the log since the pid has changed. */
1776 log_init(av0, debug_flag && !inetd_flag, debug_flag,
1777 options.quiet_mode, options.log_facility);
1778
1779 /* Create a new session and process group since the 4.4BSD setlogin()
1780 affects the entire process group. */
1781 if (setsid() < 0)
1782 error("setsid failed: %.100s", strerror(errno));
1783
1784#ifdef USE_PIPES
1785 /* Redirect stdin. We close the parent side of the socket pair,
1786 and make the child side the standard input. */
1787 close(pin[1]);
1788 if (dup2(pin[0], 0) < 0)
1789 perror("dup2 stdin");
1790 close(pin[0]);
1791
1792 /* Redirect stdout. */
1793 close(pout[0]);
1794 if (dup2(pout[1], 1) < 0)
1795 perror("dup2 stdout");
1796 close(pout[1]);
1797
1798 /* Redirect stderr. */
1799 close(perr[0]);
1800 if (dup2(perr[1], 2) < 0)
1801 perror("dup2 stderr");
1802 close(perr[1]);
1803#else /* USE_PIPES */
1804 /* Redirect stdin, stdout, and stderr. Stdin and stdout will use the
1805 same socket, as some programs (particularly rdist) seem to depend
1806 on it. */
1807 close(inout[1]);
1808 close(err[1]);
1809 if (dup2(inout[0], 0) < 0) /* stdin */
1810 perror("dup2 stdin");
1811 if (dup2(inout[0], 1) < 0) /* stdout. Note: same socket as stdin. */
1812 perror("dup2 stdout");
1813 if (dup2(err[0], 2) < 0) /* stderr */
1814 perror("dup2 stderr");
1815#endif /* USE_PIPES */
1816
1817 /* Do processing for the child (exec command etc). */
1818 do_child(command, pw, NULL, display, auth_proto, auth_data, NULL);
1819 /*NOTREACHED*/
1820 }
1821 if (pid < 0)
1822 packet_disconnect("fork failed: %.100s", strerror(errno));
1823#ifdef USE_PIPES
1824 /* We are the parent. Close the child sides of the pipes. */
1825 close(pin[0]);
1826 close(pout[1]);
1827 close(perr[1]);
1828
1829 /* Enter the interactive session. */
1830 server_loop(pid, pin[1], pout[0], perr[0]);
1831 /* server_loop has closed pin[1], pout[1], and perr[1]. */
1832#else /* USE_PIPES */
1833 /* We are the parent. Close the child sides of the socket pairs. */
1834 close(inout[0]);
1835 close(err[0]);
1836
1837 /* Enter the interactive session. Note: server_loop must be able to handle
1838 the case that fdin and fdout are the same. */
1839 server_loop(pid, inout[1], inout[1], err[1]);
1840 /* server_loop has closed inout[1] and err[1]. */
1841#endif /* USE_PIPES */
1842}
1843
1844struct pty_cleanup_context
1845{
1846 const char *ttyname;
1847 int pid;
1848};
1849
1850/* Function to perform cleanup if we get aborted abnormally (e.g., due to a
1851 dropped connection). */
1852
1853void pty_cleanup_proc(void *context)
1854{
1855 struct pty_cleanup_context *cu = context;
1856
1857 debug("pty_cleanup_proc called");
1858
1859#if defined(KRB4)
1860 /* Destroy user's ticket cache file. */
1861 (void) dest_tkt();
1862#endif /* KRB4 */
1863
1864 /* Record that the user has logged out. */
1865 record_logout(cu->pid, cu->ttyname);
1866
1867 /* Release the pseudo-tty. */
1868 pty_release(cu->ttyname);
1869}
1870
1871/* This is called to fork and execute a command when we have a tty. This
1872 will call do_child from the child, and server_loop from the parent after
1873 setting up file descriptors, controlling tty, updating wtmp, utmp,
1874 lastlog, and other such operations. */
1875
1876void do_exec_pty(const char *command, int ptyfd, int ttyfd,
1877 const char *ttyname, struct passwd *pw, const char *term,
1878 const char *display, const char *auth_proto,
1879 const char *auth_data)
1880{
1881 int pid, fdout;
1882 const char *hostname;
1883 time_t last_login_time;
1884 char buf[100], *time_string;
1885 FILE *f;
1886 char line[256];
1887 struct stat st;
1888 int quiet_login;
1889 struct sockaddr_in from;
1890 int fromlen;
1891 struct pty_cleanup_context cleanup_context;
1892
1893 /* Get remote host name. */
1894 hostname = get_canonical_hostname();
1895
1896 /* Get the time when the user last logged in. Buf will be set to contain
1897 the hostname the last login was from. */
1898 if(!options.use_login) {
1899 last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
1900 buf, sizeof(buf));
1901 }
1902
1903 setproctitle("%s@%s", pw->pw_name, strrchr(ttyname, '/') + 1);
1904
1905 /* Fork the child. */
1906 if ((pid = fork()) == 0)
1907 {
1908 pid = getpid();
1909
1910 /* Child. Reinitialize the log because the pid has changed. */
1911 log_init(av0, debug_flag && !inetd_flag, debug_flag, options.quiet_mode,
1912 options.log_facility);
1913
1914 /* Close the master side of the pseudo tty. */
1915 close(ptyfd);
1916
1917 /* Make the pseudo tty our controlling tty. */
1918 pty_make_controlling_tty(&ttyfd, ttyname);
1919
1920 /* Redirect stdin from the pseudo tty. */
1921 if (dup2(ttyfd, fileno(stdin)) < 0)
1922 error("dup2 stdin failed: %.100s", strerror(errno));
1923
1924 /* Redirect stdout to the pseudo tty. */
1925 if (dup2(ttyfd, fileno(stdout)) < 0)
1926 error("dup2 stdin failed: %.100s", strerror(errno));
1927
1928 /* Redirect stderr to the pseudo tty. */
1929 if (dup2(ttyfd, fileno(stderr)) < 0)
1930 error("dup2 stdin failed: %.100s", strerror(errno));
1931
1932 /* Close the extra descriptor for the pseudo tty. */
1933 close(ttyfd);
1934
1935 /* Get IP address of client. This is needed because we want to record
1936 where the user logged in from. If the connection is not a socket,
1937 let the ip address be 0.0.0.0. */
1938 memset(&from, 0, sizeof(from));
1939 if (packet_get_connection_in() == packet_get_connection_out())
1940 {
1941 fromlen = sizeof(from);
1942 if (getpeername(packet_get_connection_in(),
1943 (struct sockaddr *)&from, &fromlen) < 0)
1944 fatal("getpeername: %.100s", strerror(errno));
1945 }
1946
1947 /* Record that there was a login on that terminal. */
1948 record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
1949 &from);
1950
1951 /* Check if .hushlogin exists. */
1952 snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir);
1953 quiet_login = stat(line, &st) >= 0;
1954
1955 /* If the user has logged in before, display the time of last login.
1956 However, don't display anything extra if a command has been
1957 specified (so that ssh can be used to execute commands on a remote
1958 machine without users knowing they are going to another machine).
1959 Login(1) will do this for us as well, so check if login(1) is used */
1960 if (command == NULL && last_login_time != 0 && !quiet_login &&
1961 !options.use_login)
1962 {
1963 /* Convert the date to a string. */
1964 time_string = ctime(&last_login_time);
1965 /* Remove the trailing newline. */
1966 if (strchr(time_string, '\n'))
1967 *strchr(time_string, '\n') = 0;
1968 /* Display the last login time. Host if displayed if known. */
1969 if (strcmp(buf, "") == 0)
1970 printf("Last login: %s\r\n", time_string);
1971 else
1972 printf("Last login: %s from %s\r\n", time_string, buf);
1973 }
1974
1975 /* Print /etc/motd unless a command was specified or printing it was
1976 disabled in server options or login(1) will be used. Note that
1977 some machines appear to print it in /etc/profile or similar. */
1978 if (command == NULL && options.print_motd && !quiet_login &&
1979 !options.use_login)
1980 {
1981 /* Print /etc/motd if it exists. */
1982 f = fopen("/etc/motd", "r");
1983 if (f)
1984 {
1985 while (fgets(line, sizeof(line), f))
1986 fputs(line, stdout);
1987 fclose(f);
1988 }
1989 }
1990
1991 /* Do common processing for the child, such as execing the command. */
1992 do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
1993 /*NOTREACHED*/
1994 }
1995 if (pid < 0)
1996 packet_disconnect("fork failed: %.100s", strerror(errno));
1997 /* Parent. Close the slave side of the pseudo tty. */
1998 close(ttyfd);
1999
2000 /* Create another descriptor of the pty master side for use as the standard
2001 input. We could use the original descriptor, but this simplifies code
2002 in server_loop. The descriptor is bidirectional. */
2003 fdout = dup(ptyfd);
2004 if (fdout < 0)
2005 packet_disconnect("dup failed: %.100s", strerror(errno));
2006
2007 /* Add a cleanup function to clear the utmp entry and record logout time
2008 in case we call fatal() (e.g., the connection gets closed). */
2009 cleanup_context.pid = pid;
2010 cleanup_context.ttyname = ttyname;
2011 fatal_add_cleanup(pty_cleanup_proc, (void *)&cleanup_context);
2012
2013 /* Enter interactive session. */
2014 server_loop(pid, ptyfd, fdout, -1);
2015 /* server_loop has not closed ptyfd and fdout. */
2016
2017 /* Cancel the cleanup function. */
2018 fatal_remove_cleanup(pty_cleanup_proc, (void *)&cleanup_context);
2019
2020 /* Record that the user has logged out. */
2021 record_logout(pid, ttyname);
2022
2023 /* Release the pseudo-tty. */
2024 pty_release(ttyname);
2025
2026 /* Close the server side of the socket pairs. We must do this after the
2027 pty cleanup, so that another process doesn't get this pty while we're
2028 still cleaning up. */
2029 close(ptyfd);
2030 close(fdout);
2031}
2032
2033/* Sets the value of the given variable in the environment. If the variable
2034 already exists, its value is overriden. */
2035
2036void child_set_env(char ***envp, unsigned int *envsizep, const char *name,
2037 const char *value)
2038{
2039 unsigned int i, namelen;
2040 char **env;
2041
2042 /* Find the slot where the value should be stored. If the variable already
2043 exists, we reuse the slot; otherwise we append a new slot at the end
2044 of the array, expanding if necessary. */
2045 env = *envp;
2046 namelen = strlen(name);
2047 for (i = 0; env[i]; i++)
2048 if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=')
2049 break;
2050 if (env[i])
2051 {
2052 /* Name already exists. Reuse the slot. */
2053 xfree(env[i]);
2054 }
2055 else
2056 {
2057 /* New variable. Expand the array if necessary. */
2058 if (i >= (*envsizep) - 1)
2059 {
2060 (*envsizep) += 50;
2061 env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
2062 }
2063
2064 /* Need to set the NULL pointer at end of array beyond the new
2065 slot. */
2066 env[i + 1] = NULL;
2067 }
2068
2069 /* Allocate space and format the variable in the appropriate slot. */
2070 env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1);
2071 snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value);
2072}
2073
2074/* Reads environment variables from the given file and adds/overrides them
2075 into the environment. If the file does not exist, this does nothing.
2076 Otherwise, it must consist of empty lines, comments (line starts with '#')
2077 and assignments of the form name=value. No other forms are allowed. */
2078
2079void read_environment_file(char ***env, unsigned int *envsize,
2080 const char *filename)
2081{
2082 FILE *f;
2083 char buf[4096];
2084 char *cp, *value;
2085
2086 /* Open the environment file. */
2087 f = fopen(filename, "r");
2088 if (!f)
2089 return; /* Not found. */
2090
2091 /* Process each line. */
2092 while (fgets(buf, sizeof(buf), f))
2093 {
2094 /* Skip leading whitespace. */
2095 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
2096 ;
2097
2098 /* Ignore empty and comment lines. */
2099 if (!*cp || *cp == '#' || *cp == '\n')
2100 continue;
2101
2102 /* Remove newline. */
2103 if (strchr(cp, '\n'))
2104 *strchr(cp, '\n') = '\0';
2105
2106 /* Find the equals sign. Its lack indicates badly formatted line. */
2107 value = strchr(cp, '=');
2108 if (value == NULL)
2109 {
2110 fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);
2111 continue;
2112 }
2113
2114 /* Replace the equals sign by nul, and advance value to the value
2115 string. */
2116 *value = '\0';
2117 value++;
2118
2119 /* Set the value in environment. */
2120 child_set_env(env, envsize, cp, value);
2121 }
2122
2123 fclose(f);
2124}
2125
2126/* Performs common processing for the child, such as setting up the
2127 environment, closing extra file descriptors, setting the user and group
2128 ids, and executing the command or shell. */
2129
2130void do_child(const char *command, struct passwd *pw, const char *term,
2131 const char *display, const char *auth_proto,
2132 const char *auth_data, const char *ttyname)
2133{
2134 const char *shell, *cp = NULL;
2135 char buf[256];
2136 FILE *f;
2137 unsigned int envsize, i;
2138 char **env;
2139 extern char **environ;
2140 struct stat st;
2141 char *argv[10];
2142
2143 /* Check /etc/nologin. */
2144 f = fopen("/etc/nologin", "r");
2145 if (f)
2146 { /* /etc/nologin exists. Print its contents and exit. */
2147 while (fgets(buf, sizeof(buf), f))
2148 fputs(buf, stderr);
2149 fclose(f);
2150 if (pw->pw_uid != 0)
2151 exit(254);
2152 }
2153
2154 /* Set login name in the kernel. */
2155 if (setlogin(pw->pw_name) < 0)
2156 error("setlogin failed: %s", strerror(errno));
2157
2158 /* Set uid, gid, and groups. */
2159 /* Login(1) does this as well, and it needs uid 0 for the "-h" switch,
2160 so we let login(1) to this for us. */
2161 if(!options.use_login) {
2162 if (getuid() == 0 || geteuid() == 0)
2163 {
2164 if (setgid(pw->pw_gid) < 0)
2165 {
2166 perror("setgid");
2167 exit(1);
2168 }
2169 /* Initialize the group list. */
2170 if (initgroups(pw->pw_name, pw->pw_gid) < 0)
2171 {
2172 perror("initgroups");
2173 exit(1);
2174 }
2175 endgrent();
2176
2177 /* Permanently switch to the desired uid. */
2178 permanently_set_uid(pw->pw_uid);
2179 }
2180
2181 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
2182 fatal("Failed to set uids to %d.", (int)pw->pw_uid);
2183 }
2184
2185 /* Get the shell from the password data. An empty shell field is legal,
2186 and means /bin/sh. */
2187 shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
2188
2189#ifdef AFS
2190 /* Try to get AFS tokens for the local cell. */
2191 if (k_hasafs()) {
2192 char cell[64];
2193
2194 if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0)
2195 krb_afslog(cell, 0);
2196
2197 krb_afslog(0, 0);
2198 }
2199#endif /* AFS */
2200
2201 /* Initialize the environment. In the first part we allocate space for
2202 all environment variables. */
2203 envsize = 100;
2204 env = xmalloc(envsize * sizeof(char *));
2205 env[0] = NULL;
2206
2207 if(!options.use_login) {
2208 /* Set basic environment. */
2209 child_set_env(&env, &envsize, "USER", pw->pw_name);
2210 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
2211 child_set_env(&env, &envsize, "HOME", pw->pw_dir);
2212 child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
2213
2214 snprintf(buf, sizeof buf, "%.200s/%.50s",
2215 _PATH_MAILDIR, pw->pw_name);
2216 child_set_env(&env, &envsize, "MAIL", buf);
2217
2218 /* Normal systems set SHELL by default. */
2219 child_set_env(&env, &envsize, "SHELL", shell);
2220 }
2221
2222 /* Let it inherit timezone if we have one. */
2223 if (getenv("TZ"))
2224 child_set_env(&env, &envsize, "TZ", getenv("TZ"));
2225
2226 /* Set custom environment options from RSA authentication. */
2227 while (custom_environment)
2228 {
2229 struct envstring *ce = custom_environment;
2230 char *s = ce->s;
2231 int i;
2232 for (i = 0; s[i] != '=' && s[i]; i++)
2233 ;
2234 if (s[i] == '=')
2235 {
2236 s[i] = 0;
2237 child_set_env(&env, &envsize, s, s + i + 1);
2238 }
2239 custom_environment = ce->next;
2240 xfree(ce->s);
2241 xfree(ce);
2242 }
2243
2244 /* Set SSH_CLIENT. */
2245 snprintf(buf, sizeof buf, "%.50s %d %d",
2246 get_remote_ipaddr(), get_remote_port(), options.port);
2247 child_set_env(&env, &envsize, "SSH_CLIENT", buf);
2248
2249 /* Set SSH_TTY if we have a pty. */
2250 if (ttyname)
2251 child_set_env(&env, &envsize, "SSH_TTY", ttyname);
2252
2253 /* Set TERM if we have a pty. */
2254 if (term)
2255 child_set_env(&env, &envsize, "TERM", term);
2256
2257 /* Set DISPLAY if we have one. */
2258 if (display)
2259 child_set_env(&env, &envsize, "DISPLAY", display);
2260
2261#ifdef KRB4
2262 if (ticket)
2263 child_set_env(&env, &envsize, "KRBTKFILE", ticket);
2264#endif /* KRB4 */
2265
2266 /* Set XAUTHORITY to always be a local file. */
2267 if (xauthfile)
2268 child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
2269
2270 /* Set variable for forwarded authentication connection, if we have one. */
2271 if (auth_get_socket_name() != NULL)
2272 child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
2273 auth_get_socket_name());
2274
2275 /* Read $HOME/.ssh/environment. */
2276 if(!options.use_login) {
2277 snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir);
2278 read_environment_file(&env, &envsize, buf);
2279 }
2280
2281 /* If debugging, dump the environment to stderr. */
2282 if (debug_flag)
2283 {
2284 fprintf(stderr, "Environment:\n");
2285 for (i = 0; env[i]; i++)
2286 fprintf(stderr, " %.200s\n", env[i]);
2287 }
2288
2289 /* Close the connection descriptors; note that this is the child, and the
2290 server will still have the socket open, and it is important that we
2291 do not shutdown it. Note that the descriptors cannot be closed before
2292 building the environment, as we call get_remote_ipaddr there. */
2293 if (packet_get_connection_in() == packet_get_connection_out())
2294 close(packet_get_connection_in());
2295 else
2296 {
2297 close(packet_get_connection_in());
2298 close(packet_get_connection_out());
2299 }
2300 /* Close all descriptors related to channels. They will still remain
2301 open in the parent. */
2302 channel_close_all();
2303
2304 /* Close any extra file descriptors. Note that there may still be
2305 descriptors left by system functions. They will be closed later. */
2306 endpwent();
2307 endhostent();
2308
2309 /* Close any extra open file descriptors so that we don\'t have them
2310 hanging around in clients. Note that we want to do this after
2311 initgroups, because at least on Solaris 2.3 it leaves file descriptors
2312 open. */
2313 for (i = 3; i < 64; i++)
2314 close(i);
2315
2316 /* Change current directory to the user\'s home directory. */
2317 if (chdir(pw->pw_dir) < 0)
2318 fprintf(stderr, "Could not chdir to home directory %s: %s\n",
2319 pw->pw_dir, strerror(errno));
2320
2321 /* Must take new environment into use so that .ssh/rc, /etc/sshrc and
2322 xauth are run in the proper environment. */
2323 environ = env;
2324
2325 /* Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first
2326 in this order). */
2327 if(!options.use_login) {
2328 if (stat(SSH_USER_RC, &st) >= 0)
2329 {
2330 if (debug_flag)
2331 fprintf(stderr, "Running /bin/sh %s\n", SSH_USER_RC);
2332
2333 f = popen("/bin/sh " SSH_USER_RC, "w");
2334 if (f)
2335 {
2336 if (auth_proto != NULL && auth_data != NULL)
2337 fprintf(f, "%s %s\n", auth_proto, auth_data);
2338 pclose(f);
2339 }
2340 else
2341 fprintf(stderr, "Could not run %s\n", SSH_USER_RC);
2342 }
2343 else
2344 if (stat(SSH_SYSTEM_RC, &st) >= 0)
2345 {
2346 if (debug_flag)
2347 fprintf(stderr, "Running /bin/sh %s\n", SSH_SYSTEM_RC);
2348
2349 f = popen("/bin/sh " SSH_SYSTEM_RC, "w");
2350 if (f)
2351 {
2352 if (auth_proto != NULL && auth_data != NULL)
2353 fprintf(f, "%s %s\n", auth_proto, auth_data);
2354 pclose(f);
2355 }
2356 else
2357 fprintf(stderr, "Could not run %s\n", SSH_SYSTEM_RC);
2358 }
2359#ifdef XAUTH_PATH
2360 else
2361 {
2362 /* Add authority data to .Xauthority if appropriate. */
2363 if (auth_proto != NULL && auth_data != NULL)
2364 {
2365 if (debug_flag)
2366 fprintf(stderr, "Running %.100s add %.100s %.100s %.100s\n",
2367 XAUTH_PATH, display, auth_proto, auth_data);
2368
2369 f = popen(XAUTH_PATH " -q -", "w");
2370 if (f)
2371 {
2372 fprintf(f, "add %s %s %s\n", display, auth_proto, auth_data);
2373 fclose(f);
2374 }
2375 else
2376 fprintf(stderr, "Could not run %s -q -\n", XAUTH_PATH);
2377 }
2378 }
2379#endif /* XAUTH_PATH */
2380
2381 /* Get the last component of the shell name. */
2382 cp = strrchr(shell, '/');
2383 if (cp)
2384 cp++;
2385 else
2386 cp = shell;
2387 }
2388
2389 /* If we have no command, execute the shell. In this case, the shell name
2390 to be passed in argv[0] is preceded by '-' to indicate that this is
2391 a login shell. */
2392 if (!command)
2393 {
2394 if(!options.use_login) {
2395 char buf[256];
2396
2397 /* Check for mail if we have a tty and it was enabled in server options. */
2398 if (ttyname && options.check_mail) {
2399 char *mailbox;
2400 struct stat mailstat;
2401 mailbox = getenv("MAIL");
2402 if(mailbox != NULL) {
2403 if(stat(mailbox, &mailstat) != 0 || mailstat.st_size == 0) {
2404 printf("No mail.\n");
2405 } else if(mailstat.st_mtime < mailstat.st_atime) {
2406 printf("You have mail.\n");
2407 } else {
2408 printf("You have new mail.\n");
2409 }
2410 }
2411 }
2412 /* Start the shell. Set initial character to '-'. */
2413 buf[0] = '-';
2414 strncpy(buf + 1, cp, sizeof(buf) - 1);
2415 buf[sizeof(buf) - 1] = 0;
2416 /* Execute the shell. */
2417 argv[0] = buf;
2418 argv[1] = NULL;
2419 execve(shell, argv, env);
2420 /* Executing the shell failed. */
2421 perror(shell);
2422 exit(1);
2423
2424 } else {
2425 /* Launch login(1). */
2426
2427 execl("/usr/bin/login", "login", "-h", get_remote_ipaddr(), "-p", "-f", "--", pw->pw_name, NULL);
2428
2429 /* Login couldn't be executed, die. */
2430
2431 perror("login");
2432 exit(1);
2433 }
2434 }
2435
2436 /* Execute the command using the user's shell. This uses the -c option
2437 to execute the command. */
2438 argv[0] = (char *)cp;
2439 argv[1] = "-c";
2440 argv[2] = (char *)command;
2441 argv[3] = NULL;
2442 execve(shell, argv, env);
2443 perror(shell);
2444 exit(1);
2445}