From 2231e3633707c1612873580dccb0929213db40eb Mon Sep 17 00:00:00 2001 From: Zoltan Fridrich Date: Wed, 10 Jul 2024 14:36:23 +0200 Subject: [PATCH] Remove pam_ssh_agent_auth subpackage Resolves: RHEL-45002 Signed-off-by: Zoltan Fridrich --- openssh.spec | 96 +- pam_ssh_agent-configure-c99.patch | 249 ----- pam_ssh_agent-rmheaders | 36 - pam_ssh_agent_auth-0.10.2-compat.patch | 992 ------------------ pam_ssh_agent_auth-0.10.2-dereference.patch | 20 - pam_ssh_agent_auth-0.10.3-seteuid.patch | 37 - pam_ssh_agent_auth-0.10.4-rsasha2.patch | 19 - pam_ssh_agent_auth-0.9.2-visibility.patch | 21 - ...ssh_agent_auth-0.9.3-agent_structure.patch | 96 -- pam_ssh_agent_auth-0.9.3-build.patch | 198 ---- 10 files changed, 4 insertions(+), 1760 deletions(-) delete mode 100644 pam_ssh_agent-configure-c99.patch delete mode 100644 pam_ssh_agent-rmheaders delete mode 100644 pam_ssh_agent_auth-0.10.2-compat.patch delete mode 100644 pam_ssh_agent_auth-0.10.2-dereference.patch delete mode 100644 pam_ssh_agent_auth-0.10.3-seteuid.patch delete mode 100644 pam_ssh_agent_auth-0.10.4-rsasha2.patch delete mode 100644 pam_ssh_agent_auth-0.9.2-visibility.patch delete mode 100644 pam_ssh_agent_auth-0.9.3-agent_structure.patch delete mode 100644 pam_ssh_agent_auth-0.9.3-build.patch diff --git a/openssh.spec b/openssh.spec index 6fda424..e743f15 100644 --- a/openssh.spec +++ b/openssh.spec @@ -25,13 +25,6 @@ # Do we want libedit support %global libedit 1 -# Whether to build pam_ssh_agent_auth -%if 0%{?!nopam:1} -%global pam_ssh_agent 1 -%else -%global pam_ssh_agent 0 -%endif - # Reserve options to override askpass settings with: # rpm -ba|--rebuild --define 'skip_xxx 1' %{?skip_gnome_askpass:%global no_gnome_askpass 1} @@ -45,24 +38,18 @@ # rpm -ba|--rebuild --define "static_openssl 1" %{?static_openssl:%global static_libcrypto 1} -# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 %global openssh_ver 9.6p1 %global openssh_rel 1 -%global pam_ssh_agent_ver 0.10.4 -%global pam_ssh_agent_rel 9 Summary: An open source implementation of SSH protocol version 2 Name: openssh Version: %{openssh_ver} Release: %{openssh_rel}%{?dist}.5 URL: http://www.openssh.com/portable.html -#URL1: https://github.com/jbeverly/pam_ssh_agent_auth/ Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc Source2: sshd.pam Source3: gpgkey-736060BA.gpg -Source4: https://github.com/jbeverly/pam_ssh_agent_auth/archive/pam_ssh_agent_auth-%{pam_ssh_agent_ver}.tar.gz -Source5: pam_ssh_agent-rmheaders Source6: ssh-keycat.pam Source7: sshd.sysconfig Source9: sshd@.service @@ -91,25 +78,6 @@ Patch202: openssh-9.0p1-audit-log.patch # Correctly audit hostname and IP address Patch203: openssh-8.7p1-audit-hostname.patch -# --- pam_ssh-agent --- -# make it build reusing the openssh sources -Patch300: pam_ssh_agent_auth-0.9.3-build.patch -# check return value of seteuid() -# https://sourceforge.net/p/pamsshagentauth/bugs/23/ -Patch301: pam_ssh_agent_auth-0.10.3-seteuid.patch -# explicitly make pam callbacks visible -Patch302: pam_ssh_agent_auth-0.9.2-visibility.patch -# update to current version of agent structure -Patch305: pam_ssh_agent_auth-0.9.3-agent_structure.patch -# remove prefixes to be able to build against current openssh library -Patch306: pam_ssh_agent_auth-0.10.2-compat.patch -# Fix NULL dereference from getpwuid() return value -# https://sourceforge.net/p/pamsshagentauth/bugs/22/ -Patch307: pam_ssh_agent_auth-0.10.2-dereference.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=2070113 -Patch308: pam_ssh_agent_auth-0.10.4-rsasha2.patch -Patch309: pam_ssh_agent-configure-c99.patch - #https://bugzilla.mindrot.org/show_bug.cgi?id=1641 (WONTFIX) Patch400: openssh-7.8p1-role-mls.patch #https://bugzilla.redhat.com/show_bug.cgi?id=781634 @@ -302,12 +270,6 @@ Requires: openssh = %{version}-%{release} Summary: OpenSSH SK driver for test purposes Requires: openssh = %{version}-%{release} -%package -n pam_ssh_agent_auth -Summary: PAM module for authentication with ssh-agent -Version: %{pam_ssh_agent_ver} -Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.3 -License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant AND OpenSSL - %description SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and @@ -345,32 +307,9 @@ an X11 passphrase dialog for OpenSSH. %description sk-dummy This package contains a test SK driver used for OpenSSH test purposes -%description -n pam_ssh_agent_auth -This package contains a PAM module which can be used to authenticate -users using ssh keys stored in a ssh-agent. Through the use of the -forwarding of ssh-agent connection it also allows to authenticate with -remote ssh-agent instance. - -The module is most useful for su and sudo service stacks. - %prep gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} -%setup -q -a 4 - -%if %{pam_ssh_agent} -pushd pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver} -%patch -P 300 -p2 -b .psaa-build -%patch -P 301 -p2 -b .psaa-seteuid -%patch -P 302 -p2 -b .psaa-visibility -%patch -P 306 -p2 -b .psaa-compat -%patch -P 305 -p2 -b .psaa-agent -%patch -P 307 -p2 -b .psaa-deref -%patch -P 308 -p2 -b .rsasha2 -%patch -P 309 -p1 -b .psaa-configure-c99 -# Remove duplicate headers and library files -rm -f $(cat %{SOURCE5}) -popd -%endif +%setup -q %patch -P 400 -p1 -b .role-mls %patch -P 404 -p1 -b .privsep-selinux @@ -437,15 +376,10 @@ popd %patch -P 100 -p1 -b .coverity autoreconf -pushd pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver} -autoreconf -popd %build %set_build_flags -# the -fvisibility=hidden is needed for clean build of the pam_ssh_agent_auth -# it is needed for lib(open)ssh build too since it is linked to the pam module too -CFLAGS="$CFLAGS -fvisibility=hidden"; export CFLAGS +CFLAGS="$CFLAGS"; export CFLAGS %if %{pie} %ifarch s390 s390x sparc sparcv9 sparc64 CFLAGS="$CFLAGS -fPIC" @@ -535,17 +469,6 @@ fi popd %endif -%if %{pam_ssh_agent} -pushd pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver} -LDFLAGS="$SAVE_LDFLAGS" -%configure --with-selinux \ - --libexecdir=/%{_libdir}/security \ - --with-mantype=man \ - --without-openssl-header-check `# The check is broken` -%make_build -popd -%endif - %check #to run tests use "--with check" %if %{?_with_check:1}%{!?_with_check:0} @@ -608,12 +531,6 @@ rm -f $RPM_BUILD_ROOT/etc/profile.d/gnome-ssh-askpass.* perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* -%if %{pam_ssh_agent} -pushd pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver} -%make_install -popd -%endif - install -m 755 -d $RPM_BUILD_ROOT%{_libdir}/sshtest/ install -m 755 regress/misc/sk-dummy/sk-dummy.so $RPM_BUILD_ROOT%{_libdir}/sshtest @@ -733,17 +650,12 @@ test -f %{sysconfig_anaconda} && \ %files sk-dummy %attr(0755,root,root) %{_libdir}/sshtest/sk-dummy.so -%if %{pam_ssh_agent} -%files -n pam_ssh_agent_auth -%license pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver}/OPENSSH_LICENSE -%attr(0755,root,root) %{_libdir}/security/pam_ssh_agent_auth.so -%attr(0644,root,root) %{_mandir}/man8/pam_ssh_agent_auth.8* -%endif - %changelog * Fri Jul 12 2024 Zoltan Fridrich - 9.6p1-1.5 - Build OpenSSH without ENGINE API Resolves: RHEL-45507 +- Remove pam_ssh_agent_auth subpackage + Resolves: RHEL-45002 * Mon Jun 24 2024 Troy Dawson - 9.6p1-1.4 - Bump release for June 2024 mass rebuild diff --git a/pam_ssh_agent-configure-c99.patch b/pam_ssh_agent-configure-c99.patch deleted file mode 100644 index bc40434..0000000 --- a/pam_ssh_agent-configure-c99.patch +++ /dev/null @@ -1,249 +0,0 @@ -configure.ac: Improve C99 compatibility - -Future compilers will not support implicit declarations and implicit -ints by default. This means that configure probes which rely on them -will fail unconditionally, without actually testing anything. - -The changes mostly mirror what has been implemented in the openssh -repository, but had to be adapted somewhat because of drift between -the two versions of configure.ac. - -Sam James has submitted similar fixes upstream: - - - -diff --git a/configure.ac b/configure.ac -index 6496679..d927b62 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -500,10 +500,10 @@ int main(void) { exit(0); } - AC_DEFINE(HAVE_BUNDLE, 1, [Define if your system uses bundles instead of ELF shared objects]) - AC_MSG_CHECKING(if we have working getaddrinfo) - AC_TRY_RUN([#include --main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) -- exit(0); -+int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) -+ return 0; - else -- exit(1); -+ return 1; - }], [AC_MSG_RESULT(working)], - [AC_MSG_RESULT(buggy) - AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], -@@ -917,8 +917,8 @@ AC_SUBST(LDFLAGS_SHARED) - AC_MSG_CHECKING(compiler and flags for sanity) - AC_RUN_IFELSE( - [AC_LANG_SOURCE([ --#include --int main(){exit(0);} -+#include -+int main(void){exit(0);} - ])], - [ AC_MSG_RESULT(yes) ], - [ -@@ -951,9 +951,9 @@ int main(int argc, char **argv) { - strncpy(buf,"/etc", 32); - s = dirname(buf); - if (!s || strncmp(s, "/", 32) != 0) { -- exit(1); -+ return 1; - } else { -- exit(0); -+ return 0; - } - } - ]])], -@@ -1102,7 +1102,7 @@ AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ - #include - #include --int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} -+int main(void){struct dirent d;return sizeof(d.d_name)<=sizeof(char);} - ]])], - [AC_MSG_RESULT(yes)], - [ -@@ -1327,8 +1327,10 @@ AC_CHECK_FUNCS(setresuid, [ - AC_MSG_CHECKING(if setresuid seems to work) - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ -+#define _GNU_SOURCE - #include - #include -+#include - int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} - ]])], - [AC_MSG_RESULT(yes)], -@@ -1344,8 +1346,10 @@ AC_CHECK_FUNCS(setresgid, [ - AC_MSG_CHECKING(if setresgid seems to work) - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ -+#define _GNU_SOURCE - #include - #include -+#include - int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} - ]])], - [AC_MSG_RESULT(yes)], -@@ -1384,7 +1388,7 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ - #include --int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} -+int main(void){char b[5];snprintf(b,5,"123456789");return b[4]!='\0';} - ]])], - [AC_MSG_RESULT(yes)], - [ -@@ -1418,7 +1422,7 @@ int x_snprintf(char *str,size_t count,const char *fmt,...) - int main(void) - { - char x[1]; -- exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); -+ return x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1; - } ]])], - [AC_MSG_RESULT(yes)], - [ -@@ -1467,7 +1471,8 @@ AC_MSG_CHECKING([for (overly) strict mkstemp]) - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ - #include --main() { char template[]="conftest.mkstemp-test"; -+#include -+int main(void) { char template[]="conftest.mkstemp-test"; - if (mkstemp(template) == -1) - exit(1); - unlink(template); exit(0); -@@ -1492,10 +1497,14 @@ if test ! -z "$check_for_openpty_ctty_bug"; then - AC_MSG_CHECKING(if openpty correctly handles controlling tty) - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ -+#include - #include - #include - #include - #include -+#ifdef HAVE_PTY_H -+#include -+#endif - - int - main() -@@ -1543,6 +1552,7 @@ if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ - #include -+#include - #include - #include - #include -@@ -1748,6 +1758,7 @@ AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, - AC_MSG_CHECKING([OpenSSL header version]) - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ -+#include - #include - #include - #include -@@ -1794,12 +1805,12 @@ int main(void) { - - fd = fopen(DATA,"w"); - if(fd == NULL) -- exit(1); -+ return 1; - - if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) -- exit(1); -+ return 1; - -- exit(0); -+ return 0; - } - ]])], - [ -@@ -1829,7 +1840,7 @@ AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ - #include - #include --int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } -+int main(void) { return SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1; } - ]])], - [ - AC_MSG_RESULT(yes) -@@ -2598,7 +2609,7 @@ dnl test snprintf (broken on SCO w/gcc) - #include - #include - #ifdef HAVE_SNPRINTF --main() -+int main(void) - { - char buf[50]; - char expected_out[50]; -@@ -2611,11 +2622,11 @@ main() - strcpy(expected_out, "9223372036854775807"); - snprintf(buf, mazsize, "%lld", num); - if(strcmp(buf, expected_out) != 0) -- exit(1); -- exit(0); -+ return 1; -+ return 0; - } - #else --main() { exit(0); } -+int main(void) { return 0; } - #endif - ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], - AC_MSG_WARN([cross compiling: Assuming working snprintf()]) -@@ -2746,11 +2757,11 @@ AC_CACHE_CHECK([for msg_accrights field in struct msghdr], - int main() { - #ifdef msg_accrights - #error "msg_accrights is a macro" --exit(1); -+return 1; - #endif - struct msghdr m; - m.msg_accrights = 0; --exit(0); -+return 0; - } - ])], - [ ac_cv_have_accrights_in_msghdr="yes" ], -@@ -2773,11 +2784,11 @@ AC_CACHE_CHECK([for msg_control field in struct msghdr], - int main() { - #ifdef msg_control - #error "msg_control is a macro" --exit(1); -+return 1; - #endif - struct msghdr m; - m.msg_control = 0; --exit(0); -+return 0; - } - ])], - [ ac_cv_have_control_in_msghdr="yes" ], -@@ -2791,7 +2802,7 @@ if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then - fi - - AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ -- AC_TRY_LINK([], -+ AC_TRY_LINK([#include ], - [ extern char *__progname; printf("%s", __progname); ], - [ ac_cv_libc_defines___progname="yes" ], - [ ac_cv_libc_defines___progname="no" ] -@@ -2871,7 +2882,7 @@ if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then - fi - - AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ -- AC_TRY_LINK([], -+ AC_TRY_LINK([#include ], - [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], - [ ac_cv_libc_defines_sys_errlist="yes" ], - [ ac_cv_libc_defines_sys_errlist="no" ] -@@ -2884,7 +2895,7 @@ fi - - - AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ -- AC_TRY_LINK([], -+ AC_TRY_LINK([#include ], - [ extern int sys_nerr; printf("%i", sys_nerr);], - [ ac_cv_libc_defines_sys_nerr="yes" ], - [ ac_cv_libc_defines_sys_nerr="no" ] diff --git a/pam_ssh_agent-rmheaders b/pam_ssh_agent-rmheaders deleted file mode 100644 index ab5899f..0000000 --- a/pam_ssh_agent-rmheaders +++ /dev/null @@ -1,36 +0,0 @@ -authfd.c -authfd.h -atomicio.c -atomicio.h -bufaux.c -bufbn.c -buffer.h -buffer.c -cleanup.c -cipher.h -compat.h -entropy.c -entropy.h -fatal.c -includes.h -kex.h -key.c -key.h -log.c -log.h -match.h -misc.c -misc.h -pathnames.h -platform.h -rsa.h -ssh-dss.c -ssh-rsa.c -ssh.h -ssh2.h -uidswap.c -uidswap.h -uuencode.c -uuencode.h -xmalloc.c -xmalloc.h diff --git a/pam_ssh_agent_auth-0.10.2-compat.patch b/pam_ssh_agent_auth-0.10.2-compat.patch deleted file mode 100644 index 0822b61..0000000 --- a/pam_ssh_agent_auth-0.10.2-compat.patch +++ /dev/null @@ -1,992 +0,0 @@ -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/get_command_line.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/get_command_line.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/get_command_line.c.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/get_command_line.c 2020-09-23 10:52:16.424001475 +0200 -@@ -27,6 +27,7 @@ - * or implied, of Jamie Beverly. - */ - -+#include - #include - #include - #include -@@ -66,8 +67,8 @@ proc_pid_cmdline(char *** inargv) - case EOF: - case '\0': - if (len > 0) { -- argv = pamsshagentauth_xrealloc(argv, count + 1, sizeof(*argv)); -- argv[count] = pamsshagentauth_xcalloc(len + 1, sizeof(*argv[count])); -+ argv = xreallocarray(argv, count + 1, sizeof(*argv)); -+ argv[count] = xcalloc(len + 1, sizeof(*argv[count])); - strncpy(argv[count++], argbuf, len); - memset(argbuf, '\0', MAX_LEN_PER_CMDLINE_ARG + 1); - len = 0; -@@ -106,9 +107,9 @@ pamsshagentauth_free_command_line(char * - { - size_t i; - for (i = 0; i < n_args; i++) -- pamsshagentauth_xfree(argv[i]); -+ free(argv[i]); - -- pamsshagentauth_xfree(argv); -+ free(argv); - return; - } - -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/identity.h.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/identity.h ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/identity.h.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/identity.h 2020-09-23 10:52:16.424001475 +0200 -@@ -30,8 +30,8 @@ - #include "openbsd-compat/sys-queue.h" - #include "xmalloc.h" - #include "log.h" --#include "buffer.h" --#include "key.h" -+#include "sshbuf.h" -+#include "sshkey.h" - #include "authfd.h" - #include - -@@ -41,7 +41,7 @@ typedef struct idlist Idlist; - struct identity { - TAILQ_ENTRY(identity) next; - AuthenticationConnection *ac; /* set if agent supports key */ -- Key *key; /* public/private key */ -+ struct sshkey *key; /* public/private key */ - char *filename; /* comment for agent-only keys */ - int tried; - int isprivate; /* key points to the private key */ -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/iterate_ssh_agent_keys.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/iterate_ssh_agent_keys.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/iterate_ssh_agent_keys.c.psaa-compat 2020-09-23 10:52:16.421001434 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/iterate_ssh_agent_keys.c 2020-09-23 10:52:16.424001475 +0200 -@@ -36,8 +36,8 @@ - #include "openbsd-compat/sys-queue.h" - #include "xmalloc.h" - #include "log.h" --#include "buffer.h" --#include "key.h" -+#include "sshbuf.h" -+#include "sshkey.h" - #include "authfd.h" - #include - #include -@@ -58,6 +58,8 @@ - #include "get_command_line.h" - extern char **environ; - -+#define PAM_SSH_AGENT_AUTH_REQUESTv1 101 -+ - /* - * Added by Jamie Beverly, ensure socket fd points to a socket owned by the user - * A cursory check is done, but to avoid race conditions, it is necessary -@@ -77,7 +79,7 @@ log_action(char ** action, size_t count) - if (count == 0) - return NULL; - -- buf = pamsshagentauth_xcalloc((count * MAX_LEN_PER_CMDLINE_ARG) + (count * 3), sizeof(*buf)); -+ buf = xcalloc((count * MAX_LEN_PER_CMDLINE_ARG) + (count * 3), sizeof(*buf)); - for (i = 0; i < count; i++) { - strcat(buf, (i > 0) ? " '" : "'"); - strncat(buf, action[i], MAX_LEN_PER_CMDLINE_ARG); -@@ -87,21 +89,25 @@ log_action(char ** action, size_t count) - } - - void --agent_action(Buffer *buf, char ** action, size_t count) -+agent_action(struct sshbuf **buf, char ** action, size_t count) - { - size_t i; -- pamsshagentauth_buffer_init(buf); -+ int r; - -- pamsshagentauth_buffer_put_int(buf, count); -+ if ((*buf = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); -+ if ((r = sshbuf_put_u32(*buf, count)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - for (i = 0; i < count; i++) { -- pamsshagentauth_buffer_put_cstring(buf, action[i]); -+ if ((r = sshbuf_put_cstring(*buf, action[i])) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } - } - - --void --pamsshagentauth_session_id2_gen(Buffer * session_id2, const char * user, -+static void -+pamsshagentauth_session_id2_gen(struct sshbuf ** session_id2, const char * user, - const char * ruser, const char * servicename) - { - u_char *cookie = NULL; -@@ -114,22 +120,23 @@ pamsshagentauth_session_id2_gen(Buffer * - char ** reported_argv = NULL; - size_t count = 0; - char * action_logbuf = NULL; -- Buffer action_agentbuf; -+ struct sshbuf *action_agentbuf = NULL; - uint8_t free_logbuf = 0; - char * retc; - int32_t reti; -+ int r; - -- rnd = pamsshagentauth_arc4random(); -+ rnd = arc4random(); - cookie_len = ((uint8_t) rnd); - while (cookie_len < 16) { - cookie_len += 16; /* Add 16 bytes to the size to ensure that while the length is random, the length is always reasonable; ticket #18 */ - } - -- cookie = pamsshagentauth_xcalloc(1,cookie_len); -+ cookie = xcalloc(1, cookie_len); - - for (i = 0; i < cookie_len; i++) { - if (i % 4 == 0) { -- rnd = pamsshagentauth_arc4random(); -+ rnd = arc4random(); - } - cookie[i] = (u_char) rnd; - rnd >>= 8; -@@ -144,7 +151,8 @@ pamsshagentauth_session_id2_gen(Buffer * - } - else { - action_logbuf = "unknown on this platform"; -- pamsshagentauth_buffer_init(&action_agentbuf); /* stays empty, means unavailable */ -+ if ((action_agentbuf = sshbuf_new()) == NULL) /* stays empty, means unavailable */ -+ fatal("%s: sshbuf_new failed", __func__); - } - - /* -@@ -161,35 +169,39 @@ pamsshagentauth_session_id2_gen(Buffer * - retc = getcwd(pwd, sizeof(pwd) - 1); - time(&ts); - -- pamsshagentauth_buffer_init(session_id2); -+ if ((*session_id2 = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); - -- pamsshagentauth_buffer_put_int(session_id2, PAM_SSH_AGENT_AUTH_REQUESTv1); -- /* pamsshagentauth_debug3("cookie: %s", pamsshagentauth_tohex(cookie, cookie_len)); */ -- pamsshagentauth_buffer_put_string(session_id2, cookie, cookie_len); -- /* pamsshagentauth_debug3("user: %s", user); */ -- pamsshagentauth_buffer_put_cstring(session_id2, user); -- /* pamsshagentauth_debug3("ruser: %s", ruser); */ -- pamsshagentauth_buffer_put_cstring(session_id2, ruser); -- /* pamsshagentauth_debug3("servicename: %s", servicename); */ -- pamsshagentauth_buffer_put_cstring(session_id2, servicename); -- /* pamsshagentauth_debug3("pwd: %s", pwd); */ -- if(retc) -- pamsshagentauth_buffer_put_cstring(session_id2, pwd); -- else -- pamsshagentauth_buffer_put_cstring(session_id2, ""); -- /* pamsshagentauth_debug3("action: %s", action_logbuf); */ -- pamsshagentauth_buffer_put_string(session_id2, action_agentbuf.buf + action_agentbuf.offset, action_agentbuf.end - action_agentbuf.offset); -+ if ((r = sshbuf_put_u32(*session_id2, PAM_SSH_AGENT_AUTH_REQUESTv1)) != 0 || -+ (r = sshbuf_put_string(*session_id2, cookie, cookie_len)) != 0 || -+ (r = sshbuf_put_cstring(*session_id2, user)) != 0 || -+ (r = sshbuf_put_cstring(*session_id2, ruser)) != 0 || -+ (r = sshbuf_put_cstring(*session_id2, servicename)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); -+ if (retc) { -+ if ((r = sshbuf_put_cstring(*session_id2, pwd)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); -+ } else { -+ if ((r = sshbuf_put_cstring(*session_id2, "")) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); -+ } -+ if ((r = sshbuf_put_stringb(*session_id2, action_agentbuf)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (free_logbuf) { -- pamsshagentauth_xfree(action_logbuf); -- pamsshagentauth_buffer_free(&action_agentbuf); -+ free(action_logbuf); -+ sshbuf_free(action_agentbuf); -+ } -+ /* debug3("hostname: %s", hostname); */ -+ if (reti >= 0) { -+ if ((r = sshbuf_put_cstring(*session_id2, hostname)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); -+ } else { -+ if ((r = sshbuf_put_cstring(*session_id2, "")) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } -- /* pamsshagentauth_debug3("hostname: %s", hostname); */ -- if(reti >= 0) -- pamsshagentauth_buffer_put_cstring(session_id2, hostname); -- else -- pamsshagentauth_buffer_put_cstring(session_id2, ""); -- /* pamsshagentauth_debug3("ts: %ld", ts); */ -- pamsshagentauth_buffer_put_int64(session_id2, (uint64_t) ts); -+ /* debug3("ts: %ld", ts); */ -+ if ((r = sshbuf_put_u64(*session_id2, (uint64_t) ts)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - free(cookie); - return; -@@ -278,7 +290,8 @@ ssh_get_authentication_connection_for_ui - - auth = xmalloc(sizeof(*auth)); - auth->fd = sock; -- buffer_init(&auth->identities); -+ if ((auth->identities = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); - auth->howmany = 0; - - return auth; -@@ -287,9 +300,9 @@ ssh_get_authentication_connection_for_ui - int - pamsshagentauth_find_authorized_keys(const char * user, const char * ruser, const char * servicename) - { -- Buffer session_id2 = { 0 }; -+ struct sshbuf *session_id2 = NULL; - Identity *id; -- Key *key; -+ struct sshkey *key; - AuthenticationConnection *ac; - char *comment; - uint8_t retval = 0; -@@ -299,31 +312,30 @@ pamsshagentauth_find_authorized_keys(con - pamsshagentauth_session_id2_gen(&session_id2, user, ruser, servicename); - - if ((ac = ssh_get_authentication_connection_for_uid(uid))) { -- pamsshagentauth_verbose("Contacted ssh-agent of user %s (%u)", ruser, uid); -+ verbose("Contacted ssh-agent of user %s (%u)", ruser, uid); - for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2)) - { - if(key != NULL) { -- id = pamsshagentauth_xcalloc(1, sizeof(*id)); -+ id = xcalloc(1, sizeof(*id)); - id->key = key; - id->filename = comment; - id->ac = ac; -- if(userauth_pubkey_from_id(ruser, id, &session_id2)) { -+ if(userauth_pubkey_from_id(ruser, id, session_id2)) { - retval = 1; - } -- pamsshagentauth_xfree(id->filename); -- pamsshagentauth_key_free(id->key); -- pamsshagentauth_xfree(id); -+ free(id->filename); -+ key_free(id->key); -+ free(id); - if(retval == 1) - break; - } - } -- pamsshagentauth_buffer_free(&session_id2); -+ sshbuf_free(session_id2); - ssh_close_authentication_connection(ac); - } - else { -- pamsshagentauth_verbose("No ssh-agent could be contacted"); -+ verbose("No ssh-agent could be contacted"); - } -- /* pamsshagentauth_xfree(session_id2); */ - EVP_cleanup(); - return retval; - } -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_ssh_agent_auth.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_ssh_agent_auth.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_ssh_agent_auth.c.psaa-compat 2020-09-23 10:52:16.423001461 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_ssh_agent_auth.c 2020-09-23 10:53:10.631727657 +0200 -@@ -106,7 +106,7 @@ pam_sm_authenticate(pam_handle_t * pamh, - * a patch 8-) - */ - #if ! HAVE___PROGNAME || HAVE_BUNDLE -- __progname = pamsshagentauth_xstrdup(servicename); -+ __progname = xstrdup(servicename); - #endif - - for(i = argc, argv_ptr = (char **) argv; i > 0; ++argv_ptr, i--) { -@@ -132,11 +132,11 @@ pam_sm_authenticate(pam_handle_t * pamh, - #endif - } - -- pamsshagentauth_log_init(__progname, log_lvl, facility, getenv("PAM_SSH_AGENT_AUTH_DEBUG") ? 1 : 0); -+ log_init(__progname, log_lvl, facility, getenv("PAM_SSH_AGENT_AUTH_DEBUG") ? 1 : 0); - pam_get_item(pamh, PAM_USER, (void *) &user); - pam_get_item(pamh, PAM_RUSER, (void *) &ruser_ptr); - -- pamsshagentauth_verbose("Beginning pam_ssh_agent_auth for user %s", user); -+ verbose("Beginning pam_ssh_agent_auth for user %s", user); - - if(ruser_ptr) { - strncpy(ruser, ruser_ptr, sizeof(ruser) - 1); -@@ -151,12 +151,12 @@ pam_sm_authenticate(pam_handle_t * pamh, - #ifdef ENABLE_SUDO_HACK - if( (strlen(sudo_service_name) > 0) && strncasecmp(servicename, sudo_service_name, sizeof(sudo_service_name) - 1) == 0 && getenv("SUDO_USER") ) { - strncpy(ruser, getenv("SUDO_USER"), sizeof(ruser) - 1 ); -- pamsshagentauth_verbose( "Using environment variable SUDO_USER (%s)", ruser ); -+ verbose( "Using environment variable SUDO_USER (%s)", ruser ); - } else - #endif - { - if( ! getpwuid(getuid()) ) { -- pamsshagentauth_verbose("Unable to getpwuid(getuid())"); -+ verbose("Unable to getpwuid(getuid())"); - goto cleanexit; - } - strncpy(ruser, getpwuid(getuid())->pw_name, sizeof(ruser) - 1); -@@ -165,11 +165,11 @@ pam_sm_authenticate(pam_handle_t * pamh, - - /* Might as well explicitely confirm the user exists here */ - if(! getpwnam(ruser) ) { -- pamsshagentauth_verbose("getpwnam(%s) failed, bailing out", ruser); -+ verbose("getpwnam(%s) failed, bailing out", ruser); - goto cleanexit; - } - if( ! getpwnam(user) ) { -- pamsshagentauth_verbose("getpwnam(%s) failed, bailing out", user); -+ verbose("getpwnam(%s) failed, bailing out", user); - goto cleanexit; - } - -@@ -179,8 +179,8 @@ pam_sm_authenticate(pam_handle_t * pamh, - */ - parse_authorized_key_file(user, authorized_keys_file_input); - } else { -- pamsshagentauth_verbose("Using default file=/etc/security/authorized_keys"); -- authorized_keys_file = pamsshagentauth_xstrdup("/etc/security/authorized_keys"); -+ verbose("Using default file=/etc/security/authorized_keys"); -+ authorized_keys_file = xstrdup("/etc/security/authorized_keys"); - } - - /* -@@ -189,7 +189,7 @@ pam_sm_authenticate(pam_handle_t * pamh, - */ - - if(user && strlen(ruser) > 0) { -- pamsshagentauth_verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file); -+ verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file); - - /* - * Attempt to read data from the sshd if we're being called as an auth agent. -@@ -197,10 +197,10 @@ pam_sm_authenticate(pam_handle_t * pamh, - const char* ssh_user_auth = pam_getenv(pamh, "SSH_AUTH_INFO_0"); - int sshd_service = strncasecmp(servicename, sshd_service_name, sizeof(sshd_service_name) - 1); - if (sshd_service == 0 && ssh_user_auth != NULL) { -- pamsshagentauth_verbose("Got SSH_AUTH_INFO_0: `%.20s...'", ssh_user_auth); -+ verbose("Got SSH_AUTH_INFO_0: `%.20s...'", ssh_user_auth); - if (userauth_pubkey_from_pam(ruser, ssh_user_auth) > 0) { - retval = PAM_SUCCESS; -- pamsshagentauth_logit("Authenticated (sshd): `%s' as `%s' using %s", ruser, user, authorized_keys_file); -+ logit("Authenticated (sshd): `%s' as `%s' using %s", ruser, user, authorized_keys_file); - goto cleanexit; - } - } -@@ -208,13 +208,13 @@ pam_sm_authenticate(pam_handle_t * pamh, - * this pw_uid is used to validate the SSH_AUTH_SOCK, and so must be the uid of the ruser invoking the program, not the target-user - */ - if(pamsshagentauth_find_authorized_keys(user, ruser, servicename)) { /* getpwnam(ruser)->pw_uid)) { */ -- pamsshagentauth_logit("Authenticated (agent): `%s' as `%s' using %s", ruser, user, authorized_keys_file); -+ logit("Authenticated (agent): `%s' as `%s' using %s", ruser, user, authorized_keys_file); - retval = PAM_SUCCESS; - } else { -- pamsshagentauth_logit("Failed Authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file); -+ logit("Failed Authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file); - } - } else { -- pamsshagentauth_logit("No %s specified, cannot continue with this form of authentication", (user) ? "ruser" : "user" ); -+ logit("No %s specified, cannot continue with this form of authentication", (user) ? "ruser" : "user" ); - } - - cleanexit: -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.c.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.c 2020-09-23 10:52:16.424001475 +0200 -@@ -66,8 +66,8 @@ - #include "xmalloc.h" - #include "match.h" - #include "log.h" --#include "buffer.h" --#include "key.h" -+#include "sshbuf.h" -+#include "sshkey.h" - #include "misc.h" - - #include "xmalloc.h" -@@ -77,7 +77,6 @@ - #include "pathnames.h" - #include "secure_filename.h" - --#include "identity.h" - #include "pam_user_key_allowed2.h" - - extern char *authorized_keys_file; -@@ -117,12 +116,12 @@ parse_authorized_key_file(const char *us - } else { - slash_ptr = strchr(auth_keys_file_buf, '/'); - if(!slash_ptr) -- pamsshagentauth_fatal -+ fatal - ("cannot expand tilde in path without a `/'"); - - owner_uname_len = slash_ptr - auth_keys_file_buf - 1; - if(owner_uname_len > (sizeof(owner_uname) - 1)) -- pamsshagentauth_fatal("Username too long"); -+ fatal("Username too long"); - - strncat(owner_uname, auth_keys_file_buf + 1, owner_uname_len); - if(!authorized_keys_file_allowed_owner_uid) -@@ -130,11 +129,11 @@ parse_authorized_key_file(const char *us - getpwnam(owner_uname)->pw_uid; - } - authorized_keys_file = -- pamsshagentauth_tilde_expand_filename(auth_keys_file_buf, -+ tilde_expand_filename(auth_keys_file_buf, - authorized_keys_file_allowed_owner_uid); - strncpy(auth_keys_file_buf, authorized_keys_file, - sizeof(auth_keys_file_buf) - 1); -- pamsshagentauth_xfree(authorized_keys_file) /* when we -+ free(authorized_keys_file) /* when we - percent_expand - later, we'd step - on this, so free -@@ -150,13 +149,13 @@ parse_authorized_key_file(const char *us - strncat(hostname, fqdn, strcspn(fqdn, ".")); - #endif - authorized_keys_file = -- pamsshagentauth_percent_expand(auth_keys_file_buf, "h", -+ percent_expand(auth_keys_file_buf, "h", - getpwnam(user)->pw_dir, "H", hostname, - "f", fqdn, "u", user, NULL); - } - - int --pam_user_key_allowed(const char *ruser, Key * key) -+pam_user_key_allowed(const char *ruser, struct sshkey * key) - { - return - pamsshagentauth_user_key_allowed2(getpwuid(authorized_keys_file_allowed_owner_uid), -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.h.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.h ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.h.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_authorized_keys.h 2020-09-23 10:52:16.424001475 +0200 -@@ -32,7 +32,7 @@ - #define _PAM_USER_KEY_ALLOWED_H - - #include "identity.h" --int pam_user_key_allowed(const char *, Key *); -+int pam_user_key_allowed(const char *, struct sshkey *); - void parse_authorized_key_file(const char *, const char *); - - #endif -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.c.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.c 2020-09-23 10:52:16.424001475 +0200 -@@ -45,44 +45,46 @@ - #include "xmalloc.h" - #include "ssh.h" - #include "ssh2.h" --#include "buffer.h" -+#include "sshbuf.h" - #include "log.h" - #include "compat.h" --#include "key.h" -+#include "digest.h" -+#include "sshkey.h" - #include "pathnames.h" - #include "misc.h" - #include "secure_filename.h" - #include "uidswap.h" -- --#include "identity.h" -+#include - - /* return 1 if user allows given key */ - /* Modified slightly from original found in auth2-pubkey.c */ - static int --pamsshagentauth_check_authkeys_file(FILE * f, char *file, Key * key) -+pamsshagentauth_check_authkeys_file(FILE * f, char *file, struct sshkey * key) - { -- char line[SSH_MAX_PUBKEY_BYTES]; -+ char *line = NULL; - int found_key = 0; - u_long linenum = 0; -- Key *found; -+ struct sshkey *found; - char *fp; -+ size_t linesize = 0; - - found_key = 0; -- found = pamsshagentauth_key_new(key->type); -+ found = sshkey_new(key->type); - -- while(read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { -+ while ((getline(&line, &linesize, f)) != -1) { - char *cp = NULL; /* *key_options = NULL; */ - -+ linenum++; - /* Skip leading whitespace, empty and comment lines. */ - for(cp = line; *cp == ' ' || *cp == '\t'; cp++); - if(!*cp || *cp == '\n' || *cp == '#') - continue; - -- if(pamsshagentauth_key_read(found, &cp) != 1) { -+ if (sshkey_read(found, &cp) != 0) { - /* no key? check if there are options for this key */ - int quoted = 0; - -- pamsshagentauth_verbose("user_key_allowed: check options: '%s'", cp); -+ verbose("user_key_allowed: check options: '%s'", cp); - /* key_options = cp; */ - for(; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { - if(*cp == '\\' && cp[1] == '"') -@@ -92,26 +94,27 @@ pamsshagentauth_check_authkeys_file(FILE - } - /* Skip remaining whitespace. */ - for(; *cp == ' ' || *cp == '\t'; cp++); -- if(pamsshagentauth_key_read(found, &cp) != 1) { -- pamsshagentauth_verbose("user_key_allowed: advance: '%s'", cp); -+ if(sshkey_read(found, &cp) != 0) { -+ verbose("user_key_allowed: advance: '%s'", cp); - /* still no key? advance to next line */ - continue; - } - } -- if(pamsshagentauth_key_equal(found, key)) { -+ if(sshkey_equal(found, key)) { - found_key = 1; -- pamsshagentauth_logit("matching key found: file/command %s, line %lu", file, -+ logit("matching key found: file/command %s, line %lu", file, - linenum); -- fp = pamsshagentauth_key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); -- pamsshagentauth_logit("Found matching %s key: %s", -- pamsshagentauth_key_type(found), fp); -- pamsshagentauth_xfree(fp); -+ fp = sshkey_fingerprint(found, SSH_DIGEST_SHA256, SSH_FP_BASE64); -+ logit("Found matching %s key: %s", -+ sshkey_type(found), fp); -+ free(fp); - break; - } - } -- pamsshagentauth_key_free(found); -+ free(line); -+ sshkey_free(found); - if(!found_key) -- pamsshagentauth_verbose("key not found"); -+ verbose("key not found"); - return found_key; - } - -@@ -120,19 +123,19 @@ pamsshagentauth_check_authkeys_file(FILE - * returns 1 if the key is allowed or 0 otherwise. - */ - int --pamsshagentauth_user_key_allowed2(struct passwd *pw, Key * key, char *file) -+pamsshagentauth_user_key_allowed2(struct passwd *pw, struct sshkey * key, char *file) - { - FILE *f; - int found_key = 0; - struct stat st; -- char buf[SSH_MAX_PUBKEY_BYTES]; -+ char buf[256]; - - /* Temporarily use the user's uid. */ -- pamsshagentauth_verbose("trying public key file %s", file); -+ verbose("trying public key file %s", file); - - /* Fail not so quietly if file does not exist */ - if(stat(file, &st) < 0) { -- pamsshagentauth_verbose("File not found: %s", file); -+ verbose("File not found: %s", file); - return 0; - } - -@@ -144,7 +147,7 @@ pamsshagentauth_user_key_allowed2(struct - - if(pamsshagentauth_secure_filename(f, file, pw, buf, sizeof(buf)) != 0) { - fclose(f); -- pamsshagentauth_logit("Authentication refused: %s", buf); -+ logit("Authentication refused: %s", buf); - return 0; - } - -@@ -160,7 +163,7 @@ pamsshagentauth_user_key_allowed2(struct - int - pamsshagentauth_user_key_command_allowed2(char *authorized_keys_command, - char *authorized_keys_command_user, -- struct passwd *user_pw, Key * key) -+ struct passwd *user_pw, struct sshkey * key) - { - FILE *f; - int ok, found_key = 0; -@@ -187,44 +190,44 @@ pamsshagentauth_user_key_command_allowed - else { - pw = getpwnam(authorized_keys_command_user); - if(pw == NULL) { -- pamsshagentauth_logerror("authorized_keys_command_user \"%s\" not found: %s", -+ error("authorized_keys_command_user \"%s\" not found: %s", - authorized_keys_command_user, strerror(errno)); - return 0; - } - } - -- pamsshagentauth_temporarily_use_uid(pw); -+ temporarily_use_uid(pw); - - if(stat(authorized_keys_command, &st) < 0) { -- pamsshagentauth_logerror -+ error - ("Could not stat AuthorizedKeysCommand \"%s\": %s", - authorized_keys_command, strerror(errno)); - goto out; - } - if(pamsshagentauth_auth_secure_path - (authorized_keys_command, &st, NULL, 0, errmsg, sizeof(errmsg)) != 0) { -- pamsshagentauth_logerror("Unsafe AuthorizedKeysCommand: %s", errmsg); -+ error("Unsafe AuthorizedKeysCommand: %s", errmsg); - goto out; - } - - /* open the pipe and read the keys */ - if(pipe(p) != 0) { -- pamsshagentauth_logerror("%s: pipe: %s", __func__, strerror(errno)); -+ error("%s: pipe: %s", __func__, strerror(errno)); - goto out; - } - -- pamsshagentauth_debug("Running AuthorizedKeysCommand: \"%s\" as \"%s\" with argument: \"%s\"", -+ debug("Running AuthorizedKeysCommand: \"%s\" as \"%s\" with argument: \"%s\"", - authorized_keys_command, pw->pw_name, username); - - /* - * Don't want to call this in the child, where it can fatal() and - * run cleanup_exit() code. - */ -- pamsshagentauth_restore_uid(); -+ restore_uid(); - - switch ((pid = fork())) { - case -1: /* error */ -- pamsshagentauth_logerror("%s: fork: %s", __func__, strerror(errno)); -+ error("%s: fork: %s", __func__, strerror(errno)); - close(p[0]); - close(p[1]); - return 0; -@@ -234,13 +237,13 @@ pamsshagentauth_user_key_command_allowed - - /* do this before the setresuid so thta they can be logged */ - if((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { -- pamsshagentauth_logerror("%s: open %s: %s", __func__, _PATH_DEVNULL, -+ error("%s: open %s: %s", __func__, _PATH_DEVNULL, - strerror(errno)); - _exit(1); - } - if(dup2(devnull, STDIN_FILENO) == -1 || dup2(p[1], STDOUT_FILENO) == -1 - || dup2(devnull, STDERR_FILENO) == -1) { -- pamsshagentauth_logerror("%s: dup2: %s", __func__, strerror(errno)); -+ error("%s: dup2: %s", __func__, strerror(errno)); - _exit(1); - } - #if defined(HAVE_SETRESGID) && !defined(BROKEN_SETRESGID) -@@ -248,7 +251,7 @@ pamsshagentauth_user_key_command_allowed - #else - if (setgid(pw->pw_gid) != 0 || setegid(pw->pw_gid) != 0) { - #endif -- pamsshagentauth_logerror("setresgid %u: %s", (u_int) pw->pw_gid, -+ error("setresgid %u: %s", (u_int) pw->pw_gid, - strerror(errno)); - _exit(1); - } -@@ -258,7 +261,7 @@ pamsshagentauth_user_key_command_allowed - #else - if (setuid(pw->pw_uid) != 0 || seteuid(pw->pw_uid) != 0) { - #endif -- pamsshagentauth_logerror("setresuid %u: %s", (u_int) pw->pw_uid, -+ error("setresuid %u: %s", (u_int) pw->pw_uid, - strerror(errno)); - _exit(1); - } -@@ -270,18 +273,18 @@ pamsshagentauth_user_key_command_allowed - - /* pretty sure this will barf because we are now suid, but since we - should't reach this anyway, I'll leave it here */ -- pamsshagentauth_logerror("AuthorizedKeysCommand %s exec failed: %s", -+ error("AuthorizedKeysCommand %s exec failed: %s", - authorized_keys_command, strerror(errno)); - _exit(127); - default: /* parent */ - break; - } - -- pamsshagentauth_temporarily_use_uid(pw); -+ temporarily_use_uid(pw); - - close(p[1]); - if((f = fdopen(p[0], "r")) == NULL) { -- pamsshagentauth_logerror("%s: fdopen: %s", __func__, strerror(errno)); -+ error("%s: fdopen: %s", __func__, strerror(errno)); - close(p[0]); - /* Don't leave zombie child */ - while(waitpid(pid, NULL, 0) == -1 && errno == EINTR); -@@ -292,22 +295,22 @@ pamsshagentauth_user_key_command_allowed - - while(waitpid(pid, &status, 0) == -1) { - if(errno != EINTR) { -- pamsshagentauth_logerror("%s: waitpid: %s", __func__, -+ error("%s: waitpid: %s", __func__, - strerror(errno)); - goto out; - } - } - if(WIFSIGNALED(status)) { -- pamsshagentauth_logerror("AuthorizedKeysCommand %s exited on signal %d", -+ error("AuthorizedKeysCommand %s exited on signal %d", - authorized_keys_command, WTERMSIG(status)); - goto out; - } else if(WEXITSTATUS(status) != 0) { -- pamsshagentauth_logerror("AuthorizedKeysCommand %s returned status %d", -+ error("AuthorizedKeysCommand %s returned status %d", - authorized_keys_command, WEXITSTATUS(status)); - goto out; - } - found_key = ok; - out: -- pamsshagentauth_restore_uid(); -+ restore_uid(); - return found_key; - } -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.h.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.h ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.h.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/pam_user_key_allowed2.h 2020-09-23 10:52:16.424001475 +0200 -@@ -32,7 +32,7 @@ - #define _PAM_USER_KEY_ALLOWED_H - - #include "identity.h" --int pamsshagentauth_user_key_allowed2(struct passwd *, Key *, char *); --int pamsshagentauth_user_key_command_allowed2(char *, char *, struct passwd *, Key *); -+int pamsshagentauth_user_key_allowed2(struct passwd *, struct sshkey *, char *); -+int pamsshagentauth_user_key_command_allowed2(char *, char *, struct passwd *, struct sshkey *); - - #endif -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/secure_filename.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/secure_filename.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/secure_filename.c.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/secure_filename.c 2020-09-23 10:52:16.424001475 +0200 -@@ -53,8 +53,8 @@ - #include "xmalloc.h" - #include "match.h" - #include "log.h" --#include "buffer.h" --#include "key.h" -+#include "sshbuf.h" -+#include "sshkey.h" - #include "misc.h" - - -@@ -80,7 +80,7 @@ pamsshagentauth_auth_secure_path(const c - int comparehome = 0; - struct stat st; - -- pamsshagentauth_verbose("auth_secure_filename: checking for uid: %u", uid); -+ verbose("auth_secure_filename: checking for uid: %u", uid); - - if (realpath(name, buf) == NULL) { - snprintf(err, errlen, "realpath %s failed: %s", name, -@@ -115,9 +115,9 @@ pamsshagentauth_auth_secure_path(const c - snprintf(err, errlen, "dirname() failed"); - return -1; - } -- pamsshagentauth_strlcpy(buf, cp, sizeof(buf)); -+ strlcpy(buf, cp, sizeof(buf)); - -- pamsshagentauth_verbose("secure_filename: checking '%s'", buf); -+ verbose("secure_filename: checking '%s'", buf); - if (stat(buf, &st) < 0 || - (st.st_uid != 0 && st.st_uid != uid) || - (st.st_mode & 022) != 0) { -@@ -128,7 +128,7 @@ pamsshagentauth_auth_secure_path(const c - - /* If are passed the homedir then we can stop */ - if (comparehome && strcmp(homedir, buf) == 0) { -- pamsshagentauth_verbose("secure_filename: terminating check at '%s'", -+ verbose("secure_filename: terminating check at '%s'", - buf); - break; - } -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c 2020-09-23 10:52:16.424001475 +0200 -@@ -37,10 +37,11 @@ - #include "xmalloc.h" - #include "ssh.h" - #include "ssh2.h" --#include "buffer.h" -+#include "sshbuf.h" - #include "log.h" - #include "compat.h" --#include "key.h" -+#include "sshkey.h" -+#include "ssherr.h" - #include "pathnames.h" - #include "misc.h" - #include "secure_filename.h" -@@ -48,54 +49,59 @@ - #include "identity.h" - #include "pam_user_authorized_keys.h" - -+#define SSH2_MSG_USERAUTH_TRUST_REQUEST 54 -+ - /* extern u_char *session_id2; - extern uint8_t session_id_len; - */ - - int --userauth_pubkey_from_id(const char *ruser, Identity * id, Buffer * session_id2) -+userauth_pubkey_from_id(const char *ruser, Identity * id, struct sshbuf * session_id2) - { -- Buffer b = { 0 }; -+ struct sshbuf *b = NULL; - char *pkalg = NULL; - u_char *pkblob = NULL, *sig = NULL; -- u_int blen = 0, slen = 0; -- int authenticated = 0; -+ size_t blen = 0, slen = 0; -+ int r, authenticated = 0; - -- pkalg = (char *) key_ssh_name(id->key); -+ pkalg = (char *) sshkey_ssh_name(id->key); - - /* first test if this key is even allowed */ - if(! pam_user_key_allowed(ruser, id->key)) -- goto user_auth_clean_exit; -+ goto user_auth_clean_exit_without_buffer; - -- if(pamsshagentauth_key_to_blob(id->key, &pkblob, &blen) == 0) -- goto user_auth_clean_exit; -+ if(sshkey_to_blob(id->key, &pkblob, &blen) != 0) -+ goto user_auth_clean_exit_without_buffer; - - /* construct packet to sign and test */ -- pamsshagentauth_buffer_init(&b); -+ if ((b = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); - -- pamsshagentauth_buffer_put_string(&b, session_id2->buf + session_id2->offset, session_id2->end - session_id2->offset); -- pamsshagentauth_buffer_put_char(&b, SSH2_MSG_USERAUTH_TRUST_REQUEST); -- pamsshagentauth_buffer_put_cstring(&b, ruser); -- pamsshagentauth_buffer_put_cstring(&b, "pam_ssh_agent_auth"); -- pamsshagentauth_buffer_put_cstring(&b, "publickey"); -- pamsshagentauth_buffer_put_char(&b, 1); -- pamsshagentauth_buffer_put_cstring(&b, pkalg); -- pamsshagentauth_buffer_put_string(&b, pkblob, blen); -+ if ((r = sshbuf_put_string(b, sshbuf_ptr(session_id2), sshbuf_len(session_id2))) != 0 || -+ (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_TRUST_REQUEST)) != 0 || -+ (r = sshbuf_put_cstring(b, ruser)) != 0 || -+ (r = sshbuf_put_cstring(b, "pam_ssh_agent_auth")) != 0 || -+ (r = sshbuf_put_cstring(b, "publickey")) != 0 || -+ (r = sshbuf_put_u8(b, 1)) != 0 || -+ (r = sshbuf_put_cstring(b, pkalg)) != 0 || -+ (r = sshbuf_put_string(b, pkblob, blen)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); - -- if(ssh_agent_sign(id->ac, id->key, &sig, &slen, pamsshagentauth_buffer_ptr(&b), pamsshagentauth_buffer_len(&b)) != 0) -+ if (ssh_agent_sign(id->ac, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b)) != 0) - goto user_auth_clean_exit; - - /* test for correct signature */ -- if(pamsshagentauth_key_verify(id->key, sig, slen, pamsshagentauth_buffer_ptr(&b), pamsshagentauth_buffer_len(&b)) == 1) -+ if (sshkey_verify(id->key, sig, slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0, NULL) == 0) - authenticated = 1; - - user_auth_clean_exit: - /* if(&b != NULL) */ -- pamsshagentauth_buffer_free(&b); -+ sshbuf_free(b); -+ user_auth_clean_exit_without_buffer: - if(sig != NULL) -- pamsshagentauth_xfree(sig); -+ free(sig); - if(pkblob != NULL) -- pamsshagentauth_xfree(pkblob); -+ free(pkblob); - CRYPTO_cleanup_all_ex_data(); - return authenticated; - } -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.h.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.h ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.h.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.h 2020-09-23 10:52:16.424001475 +0200 -@@ -31,7 +31,7 @@ - #ifndef _USERAUTH_PUBKEY_FROM_ID_H - #define _USERAUTH_PUBKEY_FROM_ID_H - --#include --int userauth_pubkey_from_id(const char *, Identity *, Buffer *); -+#include "identity.h" -+int userauth_pubkey_from_id(const char *, Identity *, struct sshbuf *); - - #endif -diff -up openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/uuencode.c.psaa-compat openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/uuencode.c ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/uuencode.c.psaa-compat 2019-07-08 18:36:13.000000000 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/uuencode.c 2020-09-23 10:52:16.424001475 +0200 -@@ -56,7 +56,7 @@ pamsshagentauth_uudecode(const char *src - /* and remove trailing whitespace because __b64_pton needs this */ - *p = '\0'; - len = pamsshagentauth___b64_pton(encoded, target, targsize); -- pamsshagentauth_xfree(encoded); -+ xfree(encoded); - return len; - } - -@@ -70,7 +70,7 @@ pamsshagentauth_dump_base64(FILE *fp, co - fprintf(fp, "dump_base64: len > 65536\n"); - return; - } -- buf = pamsshagentauth_xmalloc(2*len); -+ buf = malloc(2*len); - n = pamsshagentauth_uuencode(data, len, buf, 2*len); - for (i = 0; i < n; i++) { - fprintf(fp, "%c", buf[i]); -@@ -79,5 +79,5 @@ pamsshagentauth_dump_base64(FILE *fp, co - } - if (i % 70 != 69) - fprintf(fp, "\n"); -- pamsshagentauth_xfree(buf); -+ free(buf); - } ---- openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_pam.c.compat 2020-09-23 11:32:30.783695267 +0200 -+++ openssh/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_pam.c 2020-09-23 11:33:21.383389036 +0200 -@@ -33,7 +33,8 @@ - #include - - #include "defines.h" --#include "key.h" -+#include -+#include "sshkey.h" - #include "log.h" - - #include "pam_user_authorized_keys.h" -@@ -42,28 +42,28 @@ - int authenticated = 0; - const char method[] = "publickey "; - -- char* ai = pamsshagentauth_xstrdup(ssh_auth_info); -+ char* ai = xstrdup(ssh_auth_info); - char* saveptr; - - char* auth_line = strtok_r(ai, "\n", &saveptr); - while (auth_line != NULL) { - if (strncmp(auth_line, method, sizeof(method) - 1) == 0) { - char* key_str = auth_line + sizeof(method) - 1; -- Key* key = pamsshagentauth_key_new(KEY_UNSPEC); -+ struct sshkey* key = sshkey_new(KEY_UNSPEC); - if (key == NULL) { - continue; - } -- int r = pamsshagentauth_key_read(key, &key_str); -+ int r = sshkey_read(key, &key_str); - if (r == 1) { - if (pam_user_key_allowed(ruser, key)) { - authenticated = 1; -- pamsshagentauth_key_free(key); -+ sshkey_free(key); - break; - } - } else { -- pamsshagentauth_verbose("Failed to create key for %s: %d", auth_line, r); -+ verbose("Failed to create key for %s: %d", auth_line, r); - } -- pamsshagentauth_key_free(key); -+ sshkey_free(key); - } - auth_line = strtok_r(NULL, "\n", &saveptr); - } diff --git a/pam_ssh_agent_auth-0.10.2-dereference.patch b/pam_ssh_agent_auth-0.10.2-dereference.patch deleted file mode 100644 index bf49c37..0000000 --- a/pam_ssh_agent_auth-0.10.2-dereference.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c b/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c ---- a/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c -+++ b/pam_ssh_agent_auth-0.10.2/pam_user_authorized_keys.c -@@ -158,11 +158,12 @@ parse_authorized_key_file(const char *user, - int - pam_user_key_allowed(const char *ruser, struct sshkey * key) - { -+ struct passwd *pw; - return -- pamsshagentauth_user_key_allowed2(getpwuid(authorized_keys_file_allowed_owner_uid), -- key, authorized_keys_file) -- || pamsshagentauth_user_key_allowed2(getpwuid(0), key, -- authorized_keys_file) -+ ( (pw = getpwuid(authorized_keys_file_allowed_owner_uid)) && -+ pamsshagentauth_user_key_allowed2(pw, key, authorized_keys_file)) -+ || ((pw = getpwuid(0)) && -+ pamsshagentauth_user_key_allowed2(pw, key, authorized_keys_file)) - || pamsshagentauth_user_key_command_allowed2(authorized_keys_command, - authorized_keys_command_user, - getpwnam(ruser), key); diff --git a/pam_ssh_agent_auth-0.10.3-seteuid.patch b/pam_ssh_agent_auth-0.10.3-seteuid.patch deleted file mode 100644 index be1f8e5..0000000 --- a/pam_ssh_agent_auth-0.10.3-seteuid.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -up openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c.psaa-seteuid openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c ---- openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c.psaa-seteuid 2017-02-07 15:41:53.172334151 +0100 -+++ openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c 2017-02-07 15:41:53.174334149 +0100 -@@ -238,17 +238,26 @@ ssh_get_authentication_socket_for_uid(ui - } - - errno = 0; -- seteuid(uid); /* To ensure a race condition is not used to circumvent the stat -- above, we will temporarily drop UID to the caller */ -- if (connect(sock, (struct sockaddr *)&sunaddr, sizeof sunaddr) < 0) { -+ /* To ensure a race condition is not used to circumvent the stat -+ above, we will temporarily drop UID to the caller */ -+ if (seteuid(uid) == -1) { - close(sock); -- if(errno == EACCES) -- fatal("MAJOR SECURITY WARNING: uid %lu made a deliberate and malicious attempt to open an agent socket owned by another user", (unsigned long) uid); -+ error("seteuid(%lu) failed with error: %s", -+ (unsigned long) uid, strerror(errno)); - return -1; - } -+ if (connect(sock, (struct sockaddr *)&sunaddr, sizeof sunaddr) < 0) { -+ close(sock); -+ sock = -1; -+ if(errno == EACCES) -+ fatal("MAJOR SECURITY WARNING: uid %lu made a deliberate and malicious attempt to open an agent socket owned by another user", (unsigned long) uid); -+ } - -- seteuid(0); /* we now continue the regularly scheduled programming */ -- -+ /* we now continue the regularly scheduled programming */ -+ if (0 != seteuid(0)) { -+ fatal("setuid(0) failed with error: %s", strerror(errno)); -+ return -1; -+ } - return sock; - } - diff --git a/pam_ssh_agent_auth-0.10.4-rsasha2.patch b/pam_ssh_agent_auth-0.10.4-rsasha2.patch deleted file mode 100644 index c8815bb..0000000 --- a/pam_ssh_agent_auth-0.10.4-rsasha2.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -up openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c.rsasha2 openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c ---- openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c.rsasha2 2022-07-15 15:08:12.865585410 +0200 -+++ openssh-8.7p1/pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4/userauth_pubkey_from_id.c 2022-07-15 15:16:25.164282372 +0200 -@@ -87,8 +87,13 @@ userauth_pubkey_from_id(const char *ruse - (r = sshbuf_put_string(b, pkblob, blen)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - -- if (ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0) != 0) -- goto user_auth_clean_exit; -+ if (sshkey_type_plain(id->key->type) == KEY_RSA -+ && ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b), "rsa-sha2-256", 0) == 0) { -+ /* Do nothing */ -+ } else { -+ if (ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0) != 0) -+ goto user_auth_clean_exit; -+ } - - /* test for correct signature */ - if (sshkey_verify(id->key, sig, slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0, NULL) == 0) diff --git a/pam_ssh_agent_auth-0.9.2-visibility.patch b/pam_ssh_agent_auth-0.9.2-visibility.patch deleted file mode 100644 index aea068d..0000000 --- a/pam_ssh_agent_auth-0.9.2-visibility.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -up openssh-7.1p2/pam_ssh_agent_auth-0.10.2/pam_ssh_agent_auth.c.psaa-visibility openssh-7.1p2/pam_ssh_agent_auth-0.10.2/pam_ssh_agent_auth.c ---- openssh-7.1p2/pam_ssh_agent_auth-0.10.2/pam_ssh_agent_auth.c.psaa-visibility 2014-03-31 19:35:17.000000000 +0200 -+++ openssh-7.1p2/pam_ssh_agent_auth-0.10.2/pam_ssh_agent_auth.c 2016-01-22 15:22:40.984469774 +0100 -@@ -72,7 +72,7 @@ char *__progname; - extern char *__progname; - #endif - --PAM_EXTERN int -+PAM_EXTERN int __attribute__ ((visibility ("default"))) - pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char **argv) - { - char **argv_ptr; -@@ -214,7 +214,7 @@ cleanexit: - } - - --PAM_EXTERN int -+PAM_EXTERN int __attribute__ ((visibility ("default"))) - pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) - { - UNUSED(pamh); diff --git a/pam_ssh_agent_auth-0.9.3-agent_structure.patch b/pam_ssh_agent_auth-0.9.3-agent_structure.patch deleted file mode 100644 index 1f2c02c..0000000 --- a/pam_ssh_agent_auth-0.9.3-agent_structure.patch +++ /dev/null @@ -1,96 +0,0 @@ -diff -up openssh/pam_ssh_agent_auth-0.10.3/identity.h.psaa-agent openssh/pam_ssh_agent_auth-0.10.3/identity.h ---- openssh/pam_ssh_agent_auth-0.10.3/identity.h.psaa-agent 2016-11-13 04:24:32.000000000 +0100 -+++ openssh/pam_ssh_agent_auth-0.10.3/identity.h 2017-09-27 14:25:49.421739027 +0200 -@@ -38,6 +38,12 @@ - typedef struct identity Identity; - typedef struct idlist Idlist; - -+typedef struct { -+ int fd; -+ struct sshbuf *identities; -+ int howmany; -+} AuthenticationConnection; -+ - struct identity { - TAILQ_ENTRY(identity) next; - AuthenticationConnection *ac; /* set if agent supports key */ -diff -up openssh/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c.psaa-agent openssh/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c ---- openssh/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c.psaa-agent 2017-09-27 14:25:49.420739021 +0200 -+++ openssh/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c 2017-09-27 14:25:49.421739027 +0200 -@@ -39,6 +39,7 @@ - #include "sshbuf.h" - #include "sshkey.h" - #include "authfd.h" -+#include "ssherr.h" - #include - #include - #include "ssh2.h" -@@ -291,36 +292,43 @@ pamsshagentauth_find_authorized_keys(con - { - struct sshbuf *session_id2 = NULL; - Identity *id; -- struct sshkey *key; - AuthenticationConnection *ac; -- char *comment; - uint8_t retval = 0; - uid_t uid = getpwnam(ruser)->pw_uid; -+ struct ssh_identitylist *idlist; -+ int r; -+ unsigned int i; - - OpenSSL_add_all_digests(); - pamsshagentauth_session_id2_gen(&session_id2, user, ruser, servicename); - - if ((ac = ssh_get_authentication_connection_for_uid(uid))) { - verbose("Contacted ssh-agent of user %s (%u)", ruser, uid); -- for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2)) -- { -- if(key != NULL) { -+ if ((r = ssh_fetch_identitylist(ac->fd, &idlist)) != 0) { -+ if (r != SSH_ERR_AGENT_NO_IDENTITIES) -+ fprintf(stderr, "error fetching identities for " -+ "protocol %d: %s\n", 2, ssh_err(r)); -+ } else { -+ for (i = 0; i < idlist->nkeys; i++) -+ { -+ if (idlist->keys[i] != NULL) { - id = xcalloc(1, sizeof(*id)); -- id->key = key; -- id->filename = comment; -+ id->key = idlist->keys[i]; -+ id->filename = idlist->comments[i]; - id->ac = ac; - if(userauth_pubkey_from_id(ruser, id, session_id2)) { - retval = 1; - } -- free(id->filename); -- key_free(id->key); - free(id); - if(retval == 1) - break; -- } -- } -+ } -+ } -- sshbuf_free(session_id2); -- ssh_close_authentication_connection(ac); -+ sshbuf_free(session_id2); -+ ssh_free_identitylist(idlist); -+ } -+ ssh_close_authentication_socket(ac->fd); -+ free(ac); - } - else { - verbose("No ssh-agent could be contacted"); -diff -up openssh/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c.psaa-agent openssh/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c ---- openssh/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c.psaa-agent 2017-09-27 14:25:49.420739021 +0200 -+++ openssh/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c 2017-09-27 14:25:49.422739032 +0200 -@@ -84,7 +85,7 @@ userauth_pubkey_from_id(const char *ruse - (r = sshbuf_put_string(b, pkblob, blen)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - -- if (ssh_agent_sign(id->ac, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b)) != 0) -+ if (ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, sshbuf_ptr(b), sshbuf_len(b), NULL, 0) != 0) - goto user_auth_clean_exit; - - /* test for correct signature */ diff --git a/pam_ssh_agent_auth-0.9.3-build.patch b/pam_ssh_agent_auth-0.9.3-build.patch deleted file mode 100644 index 4018c4d..0000000 --- a/pam_ssh_agent_auth-0.9.3-build.patch +++ /dev/null @@ -1,198 +0,0 @@ -diff -up openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c.psaa-build openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c ---- openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c.psaa-build 2016-11-13 04:24:32.000000000 +0100 -+++ openssh-7.4p1/pam_ssh_agent_auth-0.10.3/iterate_ssh_agent_keys.c 2017-02-07 14:29:41.626116675 +0100 -@@ -43,12 +43,31 @@ - #include - #include "ssh2.h" - #include "misc.h" -+#include "ssh.h" -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include - - #include "userauth_pubkey_from_id.h" - #include "identity.h" - #include "get_command_line.h" - extern char **environ; - -+/* -+ * Added by Jamie Beverly, ensure socket fd points to a socket owned by the user -+ * A cursory check is done, but to avoid race conditions, it is necessary -+ * to drop effective UID when connecting to the socket. -+ * -+ * If the cause of error is EACCES, because we verified we would not have that -+ * problem initially, we can safely assume that somebody is attempting to find a -+ * race condition; so a more "direct" log message is generated. -+ */ -+ - static char * - log_action(char ** action, size_t count) - { -@@ -85,7 +104,7 @@ void - pamsshagentauth_session_id2_gen(Buffer * session_id2, const char * user, - const char * ruser, const char * servicename) - { -- char *cookie = NULL; -+ u_char *cookie = NULL; - uint8_t i = 0; - uint32_t rnd = 0; - uint8_t cookie_len; -@@ -112,7 +131,7 @@ pamsshagentauth_session_id2_gen(Buffer * - if (i % 4 == 0) { - rnd = pamsshagentauth_arc4random(); - } -- cookie[i] = (char) rnd; -+ cookie[i] = (u_char) rnd; - rnd >>= 8; - } - -@@ -177,6 +196,86 @@ pamsshagentauth_session_id2_gen(Buffer * - } - - int -+ssh_get_authentication_socket_for_uid(uid_t uid) -+{ -+ const char *authsocket; -+ int sock; -+ struct sockaddr_un sunaddr; -+ struct stat sock_st; -+ -+ authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); -+ if (!authsocket) -+ return -1; -+ -+ /* Advisory only; seteuid ensures no race condition; but will only log if we see EACCES */ -+ if( stat(authsocket,&sock_st) == 0) { -+ if(uid != 0 && sock_st.st_uid != uid) { -+ fatal("uid %lu attempted to open an agent socket owned by uid %lu", (unsigned long) uid, (unsigned long) sock_st.st_uid); -+ return -1; -+ } -+ } -+ -+ /* -+ * Ensures that the EACCES tested for below can _only_ happen if somebody -+ * is attempting to race the stat above to bypass authentication. -+ */ -+ if( (sock_st.st_mode & S_IWUSR) != S_IWUSR || (sock_st.st_mode & S_IRUSR) != S_IRUSR) { -+ error("ssh-agent socket has incorrect permissions for owner"); -+ return -1; -+ } -+ -+ sunaddr.sun_family = AF_UNIX; -+ strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); -+ -+ sock = socket(AF_UNIX, SOCK_STREAM, 0); -+ if (sock < 0) -+ return -1; -+ -+ /* close on exec */ -+ if (fcntl(sock, F_SETFD, 1) == -1) { -+ close(sock); -+ return -1; -+ } -+ -+ errno = 0; -+ seteuid(uid); /* To ensure a race condition is not used to circumvent the stat -+ above, we will temporarily drop UID to the caller */ -+ if (connect(sock, (struct sockaddr *)&sunaddr, sizeof sunaddr) < 0) { -+ close(sock); -+ if(errno == EACCES) -+ fatal("MAJOR SECURITY WARNING: uid %lu made a deliberate and malicious attempt to open an agent socket owned by another user", (unsigned long) uid); -+ return -1; -+ } -+ -+ seteuid(0); /* we now continue the regularly scheduled programming */ -+ -+ return sock; -+} -+ -+AuthenticationConnection * -+ssh_get_authentication_connection_for_uid(uid_t uid) -+{ -+ AuthenticationConnection *auth; -+ int sock; -+ -+ sock = ssh_get_authentication_socket_for_uid(uid); -+ -+ /* -+ * Fail if we couldn't obtain a connection. This happens if we -+ * exited due to a timeout. -+ */ -+ if (sock < 0) -+ return NULL; -+ -+ auth = xmalloc(sizeof(*auth)); -+ auth->fd = sock; -+ buffer_init(&auth->identities); -+ auth->howmany = 0; -+ -+ return auth; -+} -+ -+int - pamsshagentauth_find_authorized_keys(const char * user, const char * ruser, const char * servicename) - { - Buffer session_id2 = { 0 }; -@@ -190,7 +289,7 @@ pamsshagentauth_find_authorized_keys(con - OpenSSL_add_all_digests(); - pamsshagentauth_session_id2_gen(&session_id2, user, ruser, servicename); - -- if ((ac = ssh_get_authentication_connection(uid))) { -+ if ((ac = ssh_get_authentication_connection_for_uid(uid))) { - pamsshagentauth_verbose("Contacted ssh-agent of user %s (%u)", ruser, uid); - for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2)) - { -diff -up openssh-7.4p1/pam_ssh_agent_auth-0.10.3/Makefile.in.psaa-build openssh-7.4p1/pam_ssh_agent_auth-0.10.3/Makefile.in ---- openssh-7.4p1/pam_ssh_agent_auth-0.10.3/Makefile.in.psaa-build 2016-11-13 04:24:32.000000000 +0100 -+++ openssh-7.4p1/pam_ssh_agent_auth-0.10.3/Makefile.in 2017-02-07 14:40:14.407566921 +0100 -@@ -52,7 +52,7 @@ PATHS= - CC=@CC@ - LD=@LD@ - CFLAGS=@CFLAGS@ --CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ -+CPPFLAGS=-I.. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ - LIBS=@LIBS@ - AR=@AR@ - AWK=@AWK@ -@@ -61,8 +61,8 @@ INSTALL=@INSTALL@ - PERL=@PERL@ - SED=@SED@ - ENT=@ENT@ --LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@ --LDFLAGS_SHARED = @LDFLAGS_SHARED@ -+LDFLAGS=-L.. -L../openbsd-compat/ @LDFLAGS@ -+LDFLAGS_SHARED =-Wl,-z,defs @LDFLAGS_SHARED@ - EXEEXT=@EXEEXT@ - - INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ -@@ -74,7 +74,7 @@ SSHOBJS=xmalloc.o atomicio.o authfd.o bu - - ED25519OBJS=ed25519-donna/ed25519.o - --PAM_SSH_AGENT_AUTH_OBJS=pam_user_key_allowed2.o iterate_ssh_agent_keys.o userauth_pubkey_from_id.o pam_user_authorized_keys.o get_command_line.o userauth_pubkey_from_pam.o -+PAM_SSH_AGENT_AUTH_OBJS=pam_user_key_allowed2.o iterate_ssh_agent_keys.o userauth_pubkey_from_id.o pam_user_authorized_keys.o get_command_line.o userauth_pubkey_from_pam.o secure_filename.o - - - MANPAGES_IN = pam_ssh_agent_auth.pod -@@ -94,13 +94,13 @@ $(PAM_MODULES): Makefile.in config.h - .c.o: - $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ - --LIBCOMPAT=openbsd-compat/libopenbsd-compat.a -+LIBCOMPAT=../openbsd-compat/libopenbsd-compat.a - $(LIBCOMPAT): always - (cd openbsd-compat && $(MAKE)) - always: - --pam_ssh_agent_auth.so: $(LIBCOMPAT) $(SSHOBJS) $(ED25519OBJS) $(PAM_SSH_AGENT_AUTH_OBJS) pam_ssh_agent_auth.o -- $(LD) $(LDFLAGS_SHARED) -o $@ $(SSHOBJS) $(ED25519OBJS) $(PAM_SSH_AGENT_AUTH_OBJS) $(LDFLAGS) -lopenbsd-compat pam_ssh_agent_auth.o $(LIBS) -lpam -+pam_ssh_agent_auth.so: $(PAM_SSH_AGENT_AUTH_OBJS) pam_ssh_agent_auth.o ../uidswap.o ../ssh-sk-client.o -+ $(LD) $(LDFLAGS_SHARED) -o $@ $(PAM_SSH_AGENT_AUTH_OBJS) ../ssh-sk-client.o $(LDFLAGS) -lssh -lopenbsd-compat pam_ssh_agent_auth.o ../uidswap.o $(LIBS) -lpam - - $(MANPAGES): $(MANPAGES_IN) - pod2man --section=8 --release=v0.10.3 --name=pam_ssh_agent_auth --official --center "PAM" pam_ssh_agent_auth.pod > pam_ssh_agent_auth.8