improove ssk-keycat (documentation)
This commit is contained in:
parent
6ab8504ea2
commit
825921b7f3
@ -0,0 +1,17 @@
|
|||||||
|
Don't audit SSH_INVALID_USER twice.
|
||||||
|
|
||||||
|
PRIVSEP(getpwnamallow()) a few lines above already did this.
|
||||||
|
|
||||||
|
diff -ur openssh/auth2.c openssh-5.8p1/auth2.c
|
||||||
|
--- openssh/auth2.c 2011-03-02 02:32:52.383773622 +0100
|
||||||
|
+++ openssh-5.8p1/auth2.c 2011-03-02 03:32:34.585110911 +0100
|
||||||
|
@@ -250,9 +250,6 @@
|
||||||
|
} else {
|
||||||
|
logit("input_userauth_request: invalid user %s", user);
|
||||||
|
authctxt->pw = fakepw();
|
||||||
|
-#ifdef SSH_AUDIT_EVENTS
|
||||||
|
- PRIVSEP(audit_event(SSH_INVALID_USER));
|
||||||
|
-#endif
|
||||||
|
}
|
||||||
|
#ifdef USE_PAM
|
||||||
|
if (options.use_pam)
|
@ -1,17 +0,0 @@
|
|||||||
Don't audit SSH_INVALID_USER twice.
|
|
||||||
|
|
||||||
PRIVSEP(getpwnamallow()) a few lines above already did this.
|
|
||||||
|
|
||||||
diff -ur openssh/auth2.c openssh-5.8p1/auth2.c
|
|
||||||
--- openssh/auth2.c 2011-03-02 02:32:52.383773622 +0100
|
|
||||||
+++ openssh-5.8p1/auth2.c 2011-03-02 03:32:34.585110911 +0100
|
|
||||||
@@ -250,9 +250,6 @@
|
|
||||||
} else {
|
|
||||||
logit("input_userauth_request: invalid user %s", user);
|
|
||||||
authctxt->pw = fakepw();
|
|
||||||
-#ifdef SSH_AUDIT_EVENTS
|
|
||||||
- PRIVSEP(audit_event(SSH_INVALID_USER));
|
|
||||||
-#endif
|
|
||||||
}
|
|
||||||
#ifdef USE_PAM
|
|
||||||
if (options.use_pam)
|
|
@ -1,55 +1,103 @@
|
|||||||
diff -up openssh-5.8p1/audit-bsm.c.audit1 openssh-5.8p1/audit-bsm.c
|
diff -up openssh-5.8p1/audit-bsm.c.audit1 openssh-5.8p1/audit-bsm.c
|
||||||
--- openssh-5.8p1/audit-bsm.c.audit1 2011-01-17 11:15:29.000000000 +0100
|
--- openssh-5.8p1/audit-bsm.c.audit1 2011-01-17 11:15:29.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit-bsm.c 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/audit-bsm.c 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -305,6 +305,12 @@ audit_run_command(const char *command)
|
@@ -298,10 +298,23 @@ audit_connection_from(const char *host,
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
-void
|
||||||
+audit_end_command(const char *command)
|
+int
|
||||||
|
audit_run_command(const char *command)
|
||||||
|
{
|
||||||
|
/* not implemented */
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void
|
||||||
|
+audit_end_command(int handle, const char *command)
|
||||||
+{
|
+{
|
||||||
+ /* not implemented */
|
+ /* not implemented */
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
+void
|
+void
|
||||||
audit_session_open(struct logininfo *li)
|
+audit_count_session_open(void)
|
||||||
{
|
+{
|
||||||
/* not implemented */
|
+ /* not necessary */
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
diff -up openssh-5.8p1/audit.c.audit1 openssh-5.8p1/audit.c
|
diff -up openssh-5.8p1/audit.c.audit1 openssh-5.8p1/audit.c
|
||||||
--- openssh-5.8p1/audit.c.audit1 2011-01-17 11:15:30.000000000 +0100
|
--- openssh-5.8p1/audit.c.audit1 2011-01-17 11:15:30.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit.c 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/audit.c 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -182,5 +182,18 @@ audit_run_command(const char *command)
|
@@ -140,6 +140,17 @@ audit_event(ssh_audit_event_t event)
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
+ * Called when a child process has called, or will soon call,
|
||||||
|
+ * audit_session_open.
|
||||||
|
+ */
|
||||||
|
+void
|
||||||
|
+audit_count_session_open(void)
|
||||||
|
+{
|
||||||
|
+ debug("audit count session open euid %d user %s", geteuid(),
|
||||||
|
+ audit_username());
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
* Called when a user session is started. Argument is the tty allocated to
|
||||||
|
* the session, or NULL if no tty was allocated.
|
||||||
|
*
|
||||||
|
@@ -174,13 +185,29 @@ audit_session_close(struct logininfo *li
|
||||||
|
/*
|
||||||
|
* This will be called when a user runs a non-interactive command. Note that
|
||||||
|
* it may be called multiple times for a single connection since SSH2 allows
|
||||||
|
- * multiple sessions within a single connection.
|
||||||
|
+ * multiple sessions within a single connection. Returns a "handle" for
|
||||||
|
+ * audit_end_command.
|
||||||
|
*/
|
||||||
|
-void
|
||||||
|
+int
|
||||||
|
audit_run_command(const char *command)
|
||||||
|
{
|
||||||
debug("audit run command euid %d user %s command '%.200s'", geteuid(),
|
debug("audit run command euid %d user %s command '%.200s'", geteuid(),
|
||||||
audit_username(), command);
|
audit_username(), command);
|
||||||
}
|
+ return 0;
|
||||||
|
+}
|
||||||
+
|
+
|
||||||
+/*
|
+/*
|
||||||
+ * This will be called when the non-interactive command finishes. Note that
|
+ * This will be called when the non-interactive command finishes. Note that
|
||||||
+ * it may be called multiple times for a single connection since SSH2 allows
|
+ * it may be called multiple times for a single connection since SSH2 allows
|
||||||
+ * multiple sessions within a single connection.
|
+ * multiple sessions within a single connection. "handle" should come from
|
||||||
|
+ * the corresponding audit_run_command.
|
||||||
+ */
|
+ */
|
||||||
+void
|
+void
|
||||||
+audit_end_command(const char *command)
|
+audit_end_command(int handle, const char *command)
|
||||||
+{
|
+{
|
||||||
+ debug("audit end nopty exec euid %d user %s command '%.200s'", geteuid(),
|
+ debug("audit end nopty exec euid %d user %s command '%.200s'", geteuid(),
|
||||||
+ audit_username(), command);
|
+ audit_username(), command);
|
||||||
+}
|
}
|
||||||
+
|
+
|
||||||
# endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */
|
# endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */
|
||||||
#endif /* SSH_AUDIT_EVENTS */
|
#endif /* SSH_AUDIT_EVENTS */
|
||||||
diff -up openssh-5.8p1/audit.h.audit1 openssh-5.8p1/audit.h
|
diff -up openssh-5.8p1/audit.h.audit1 openssh-5.8p1/audit.h
|
||||||
--- openssh-5.8p1/audit.h.audit1 2011-01-17 11:15:30.000000000 +0100
|
--- openssh-5.8p1/audit.h.audit1 2011-01-17 11:15:30.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit.h 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/audit.h 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -52,6 +52,7 @@ void audit_event(ssh_audit_event_t);
|
@@ -49,9 +49,11 @@ typedef enum ssh_audit_event_type ssh_au
|
||||||
|
|
||||||
|
void audit_connection_from(const char *, int);
|
||||||
|
void audit_event(ssh_audit_event_t);
|
||||||
|
+void audit_count_session_open(void);
|
||||||
void audit_session_open(struct logininfo *);
|
void audit_session_open(struct logininfo *);
|
||||||
void audit_session_close(struct logininfo *);
|
void audit_session_close(struct logininfo *);
|
||||||
void audit_run_command(const char *);
|
-void audit_run_command(const char *);
|
||||||
+void audit_end_command(const char *);
|
+int audit_run_command(const char *);
|
||||||
|
+void audit_end_command(int, const char *);
|
||||||
ssh_audit_event_t audit_classify_auth(const char *);
|
ssh_audit_event_t audit_classify_auth(const char *);
|
||||||
|
|
||||||
#endif /* _SSH_AUDIT_H */
|
#endif /* _SSH_AUDIT_H */
|
||||||
diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
|
diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
|
||||||
--- openssh-5.8p1/audit-linux.c.audit1 2011-01-17 11:15:30.000000000 +0100
|
--- openssh-5.8p1/audit-linux.c.audit1 2011-01-17 11:15:30.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit-linux.c 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/audit-linux.c 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -35,13 +35,20 @@
|
@@ -35,13 +35,20 @@
|
||||||
|
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
@ -89,7 +137,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
|
|||||||
NULL, "login", username ? username : "(unknown)",
|
NULL, "login", username ? username : "(unknown)",
|
||||||
username == NULL ? uid : -1, hostname, ip, ttyn, success);
|
username == NULL ? uid : -1, hostname, ip, ttyn, success);
|
||||||
saved_errno = errno;
|
saved_errno = errno;
|
||||||
@@ -65,35 +72,112 @@ linux_audit_record_event(int uid, const
|
@@ -65,35 +72,119 @@ linux_audit_record_event(int uid, const
|
||||||
if ((rc == -EPERM) && (geteuid() != 0))
|
if ((rc == -EPERM) && (geteuid() != 0))
|
||||||
rc = 0;
|
rc = 0;
|
||||||
errno = saved_errno;
|
errno = saved_errno;
|
||||||
@ -163,7 +211,8 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
|
|||||||
/* not implemented */
|
/* not implemented */
|
||||||
+}
|
+}
|
||||||
|
|
||||||
void
|
-void
|
||||||
|
+int
|
||||||
audit_run_command(const char *command)
|
audit_run_command(const char *command)
|
||||||
{
|
{
|
||||||
- /* not implemented */
|
- /* not implemented */
|
||||||
@ -172,16 +221,23 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
|
|||||||
+ NULL, "ssh", 1, AUDIT_USER_LOGIN);
|
+ NULL, "ssh", 1, AUDIT_USER_LOGIN);
|
||||||
+ linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
+ linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
||||||
+ NULL, "ssh", 1, AUDIT_USER_START);
|
+ NULL, "ssh", 1, AUDIT_USER_START);
|
||||||
|
+ return 0;
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
+void
|
+void
|
||||||
+audit_end_command(const char *command)
|
+audit_end_command(int handle, const char *command)
|
||||||
+{
|
+{
|
||||||
+ linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
+ linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
||||||
+ NULL, "ssh", 1, AUDIT_USER_END);
|
+ NULL, "ssh", 1, AUDIT_USER_END);
|
||||||
+ if (user_login_count && !--user_login_count)
|
+ if (user_login_count && !--user_login_count)
|
||||||
+ linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
+ linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
||||||
+ NULL, "ssh", 1, AUDIT_USER_LOGOUT);
|
+ NULL, "ssh", 1, AUDIT_USER_LOGOUT);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void
|
||||||
|
+audit_count_session_open(void)
|
||||||
|
+{
|
||||||
|
+ user_login_count++;
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
@ -209,7 +265,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
|
|||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
@@ -101,21 +185,43 @@ audit_event(ssh_audit_event_t event)
|
@@ -101,21 +192,43 @@ audit_event(ssh_audit_event_t event)
|
||||||
{
|
{
|
||||||
switch(event) {
|
switch(event) {
|
||||||
case SSH_AUTH_SUCCESS:
|
case SSH_AUTH_SUCCESS:
|
||||||
@ -259,7 +315,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
|
|||||||
default:
|
default:
|
||||||
diff -up openssh-5.8p1/monitor.c.audit1 openssh-5.8p1/monitor.c
|
diff -up openssh-5.8p1/monitor.c.audit1 openssh-5.8p1/monitor.c
|
||||||
--- openssh-5.8p1/monitor.c.audit1 2010-09-10 03:23:34.000000000 +0200
|
--- openssh-5.8p1/monitor.c.audit1 2010-09-10 03:23:34.000000000 +0200
|
||||||
+++ openssh-5.8p1/monitor.c 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/monitor.c 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -177,6 +177,7 @@ int mm_answer_gss_checkmic(int, Buffer *
|
@@ -177,6 +177,7 @@ int mm_answer_gss_checkmic(int, Buffer *
|
||||||
#ifdef SSH_AUDIT_EVENTS
|
#ifdef SSH_AUDIT_EVENTS
|
||||||
int mm_answer_audit_event(int, Buffer *);
|
int mm_answer_audit_event(int, Buffer *);
|
||||||
@ -284,126 +340,295 @@ diff -up openssh-5.8p1/monitor.c.audit1 openssh-5.8p1/monitor.c
|
|||||||
#endif
|
#endif
|
||||||
{0, 0, NULL}
|
{0, 0, NULL}
|
||||||
};
|
};
|
||||||
@@ -1618,6 +1621,20 @@ mm_answer_audit_command(int socket, Buff
|
@@ -1288,6 +1291,12 @@ mm_session_close(Session *s)
|
||||||
xfree(cmd);
|
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
|
||||||
return (0);
|
session_pty_cleanup2(s);
|
||||||
}
|
}
|
||||||
|
+#ifdef SSH_AUDIT_EVENTS
|
||||||
|
+ if (s->command != NULL) {
|
||||||
|
+ debug3("%s: command %d", __func__, s->command_handle);
|
||||||
|
+ session_end_command2(s);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
session_unused(s->self);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1610,11 +1619,44 @@ mm_answer_audit_command(int socket, Buff
|
||||||
|
{
|
||||||
|
u_int len;
|
||||||
|
char *cmd;
|
||||||
|
+ Session *s;
|
||||||
|
|
||||||
|
debug3("%s entering", __func__);
|
||||||
|
cmd = buffer_get_string(m, &len);
|
||||||
|
+
|
||||||
|
/* sanity check command, if so how? */
|
||||||
|
- audit_run_command(cmd);
|
||||||
|
+ s = session_new();
|
||||||
|
+ if (s == NULL)
|
||||||
|
+ fatal("%s: error allocating a session", __func__);
|
||||||
|
+ s->command = cmd;
|
||||||
|
+ s->command_handle = audit_run_command(cmd);
|
||||||
|
+
|
||||||
|
+ buffer_clear(m);
|
||||||
|
+ buffer_put_int(m, s->self);
|
||||||
|
+
|
||||||
|
+ mm_request_send(socket, MONITOR_ANS_AUDIT_COMMAND, m);
|
||||||
|
+
|
||||||
|
+ return (0);
|
||||||
|
+}
|
||||||
+
|
+
|
||||||
+int
|
+int
|
||||||
+mm_answer_audit_end_command(int socket, Buffer *m)
|
+mm_answer_audit_end_command(int socket, Buffer *m)
|
||||||
+{
|
+{
|
||||||
|
+ int handle;
|
||||||
+ u_int len;
|
+ u_int len;
|
||||||
+ char *cmd;
|
+ char *cmd;
|
||||||
|
+ Session *s;
|
||||||
+
|
+
|
||||||
+ debug3("%s entering", __func__);
|
+ debug3("%s entering", __func__);
|
||||||
|
+ handle = buffer_get_int(m);
|
||||||
+ cmd = buffer_get_string(m, &len);
|
+ cmd = buffer_get_string(m, &len);
|
||||||
+ /* sanity check command, if so how? */
|
+
|
||||||
+ audit_end_command(cmd);
|
+ s = session_by_id(handle);
|
||||||
+ xfree(cmd);
|
+ if (s == NULL || s->ttyfd != -1 || s->command == NULL ||
|
||||||
+ return (0);
|
+ strcmp(s->command, cmd) != 0)
|
||||||
+}
|
+ fatal("%s: invalid handle", __func__);
|
||||||
#endif /* SSH_AUDIT_EVENTS */
|
+ mm_session_close(s);
|
||||||
|
+
|
||||||
void
|
xfree(cmd);
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
diff -up openssh-5.8p1/monitor.h.audit1 openssh-5.8p1/monitor.h
|
diff -up openssh-5.8p1/monitor.h.audit1 openssh-5.8p1/monitor.h
|
||||||
--- openssh-5.8p1/monitor.h.audit1 2008-11-05 06:20:46.000000000 +0100
|
--- openssh-5.8p1/monitor.h.audit1 2008-11-05 06:20:46.000000000 +0100
|
||||||
+++ openssh-5.8p1/monitor.h 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/monitor.h 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -60,6 +60,7 @@ enum monitor_reqtype {
|
@@ -60,6 +60,7 @@ enum monitor_reqtype {
|
||||||
MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,
|
MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,
|
||||||
MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,
|
MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,
|
||||||
MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,
|
MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,
|
||||||
+ MONITOR_REQ_AUDIT_END_COMMAND,
|
+ MONITOR_ANS_AUDIT_COMMAND, MONITOR_REQ_AUDIT_END_COMMAND,
|
||||||
MONITOR_REQ_TERM,
|
MONITOR_REQ_TERM,
|
||||||
MONITOR_REQ_JPAKE_STEP1, MONITOR_ANS_JPAKE_STEP1,
|
MONITOR_REQ_JPAKE_STEP1, MONITOR_ANS_JPAKE_STEP1,
|
||||||
MONITOR_REQ_JPAKE_GET_PWDATA, MONITOR_ANS_JPAKE_GET_PWDATA,
|
MONITOR_REQ_JPAKE_GET_PWDATA, MONITOR_ANS_JPAKE_GET_PWDATA,
|
||||||
diff -up openssh-5.8p1/monitor_wrap.c.audit1 openssh-5.8p1/monitor_wrap.c
|
diff -up openssh-5.8p1/monitor_wrap.c.audit1 openssh-5.8p1/monitor_wrap.c
|
||||||
--- openssh-5.8p1/monitor_wrap.c.audit1 2010-08-31 14:41:14.000000000 +0200
|
--- openssh-5.8p1/monitor_wrap.c.audit1 2010-08-31 14:41:14.000000000 +0200
|
||||||
+++ openssh-5.8p1/monitor_wrap.c 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/monitor_wrap.c 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -1163,6 +1163,20 @@ mm_audit_run_command(const char *command
|
@@ -1150,10 +1150,11 @@ mm_audit_event(ssh_audit_event_t event)
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m);
|
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
-void
|
||||||
|
+int
|
||||||
|
mm_audit_run_command(const char *command)
|
||||||
|
{
|
||||||
|
Buffer m;
|
||||||
|
+ int handle;
|
||||||
|
|
||||||
|
debug3("%s entering command %s", __func__, command);
|
||||||
|
|
||||||
|
@@ -1161,6 +1162,26 @@ mm_audit_run_command(const char *command
|
||||||
|
buffer_put_cstring(&m, command);
|
||||||
|
|
||||||
|
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m);
|
||||||
|
+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_COMMAND, &m);
|
||||||
|
+
|
||||||
|
+ handle = buffer_get_int(&m);
|
||||||
|
+ buffer_free(&m);
|
||||||
|
+
|
||||||
|
+ return (handle);
|
||||||
|
+}
|
||||||
+
|
+
|
||||||
+void
|
+void
|
||||||
+mm_audit_end_command(const char *command)
|
+mm_audit_end_command(int handle, const char *command)
|
||||||
+{
|
+{
|
||||||
+ Buffer m;
|
+ Buffer m;
|
||||||
+
|
+
|
||||||
+ debug3("%s entering command %s", __func__, command);
|
+ debug3("%s entering command %s", __func__, command);
|
||||||
+
|
+
|
||||||
+ buffer_init(&m);
|
+ buffer_init(&m);
|
||||||
|
+ buffer_put_int(&m, handle);
|
||||||
+ buffer_put_cstring(&m, command);
|
+ buffer_put_cstring(&m, command);
|
||||||
+
|
+
|
||||||
+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_END_COMMAND, &m);
|
+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_END_COMMAND, &m);
|
||||||
+ buffer_free(&m);
|
buffer_free(&m);
|
||||||
+}
|
}
|
||||||
#endif /* SSH_AUDIT_EVENTS */
|
#endif /* SSH_AUDIT_EVENTS */
|
||||||
|
|
||||||
#ifdef GSSAPI
|
|
||||||
diff -up openssh-5.8p1/monitor_wrap.h.audit1 openssh-5.8p1/monitor_wrap.h
|
diff -up openssh-5.8p1/monitor_wrap.h.audit1 openssh-5.8p1/monitor_wrap.h
|
||||||
--- openssh-5.8p1/monitor_wrap.h.audit1 2009-03-05 14:58:22.000000000 +0100
|
--- openssh-5.8p1/monitor_wrap.h.audit1 2009-03-05 14:58:22.000000000 +0100
|
||||||
+++ openssh-5.8p1/monitor_wrap.h 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/monitor_wrap.h 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -74,6 +74,7 @@ void mm_sshpam_free_ctx(void *);
|
@@ -73,7 +73,8 @@ void mm_sshpam_free_ctx(void *);
|
||||||
|
#ifdef SSH_AUDIT_EVENTS
|
||||||
#include "audit.h"
|
#include "audit.h"
|
||||||
void mm_audit_event(ssh_audit_event_t);
|
void mm_audit_event(ssh_audit_event_t);
|
||||||
void mm_audit_run_command(const char *);
|
-void mm_audit_run_command(const char *);
|
||||||
+void mm_audit_end_command(const char *);
|
+int mm_audit_run_command(const char *);
|
||||||
|
+void mm_audit_end_command(int, const char *);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
struct Session;
|
struct Session;
|
||||||
diff -up openssh-5.8p1/session.c.audit1 openssh-5.8p1/session.c
|
diff -up openssh-5.8p1/session.c.audit1 openssh-5.8p1/session.c
|
||||||
--- openssh-5.8p1/session.c.audit1 2010-12-01 02:02:59.000000000 +0100
|
--- openssh-5.8p1/session.c.audit1 2010-12-01 02:02:59.000000000 +0100
|
||||||
+++ openssh-5.8p1/session.c 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/session.c 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -809,14 +809,16 @@ do_exec(Session *s, const char *command)
|
@@ -738,6 +738,14 @@ do_exec_pty(Session *s, const char *comm
|
||||||
|
/* Parent. Close the slave side of the pseudo tty. */
|
||||||
|
close(ttyfd);
|
||||||
|
|
||||||
|
+#ifndef HAVE_OSF_SIA
|
||||||
|
+ /* do_login in the child did not affect state in this process,
|
||||||
|
+ compensate. From an architectural standpoint, this is extremely
|
||||||
|
+ ugly. */
|
||||||
|
+ if (!(options.use_login && command == NULL))
|
||||||
|
+ audit_count_session_open();
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* Enter interactive session. */
|
||||||
|
s->ptymaster = ptymaster;
|
||||||
|
packet_set_interactive(1,
|
||||||
|
@@ -809,15 +817,19 @@ do_exec(Session *s, const char *command)
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef SSH_AUDIT_EVENTS
|
#ifdef SSH_AUDIT_EVENTS
|
||||||
- if (command != NULL)
|
+ if (s->command != NULL || s->command_handle != -1)
|
||||||
+ if (command != NULL) {
|
+ fatal("do_exec: command already set");
|
||||||
PRIVSEP(audit_run_command(command));
|
if (command != NULL)
|
||||||
- else if (s->ttyfd == -1) {
|
- PRIVSEP(audit_run_command(command));
|
||||||
+ s->command = xstrdup(command);
|
+ s->command = xstrdup(command);
|
||||||
+ } else if (s->ttyfd == -1) {
|
else if (s->ttyfd == -1) {
|
||||||
char *shell = s->pw->pw_shell;
|
char *shell = s->pw->pw_shell;
|
||||||
|
|
||||||
if (shell[0] == '\0') /* empty shell means /bin/sh */
|
if (shell[0] == '\0') /* empty shell means /bin/sh */
|
||||||
shell =_PATH_BSHELL;
|
shell =_PATH_BSHELL;
|
||||||
PRIVSEP(audit_run_command(shell));
|
- PRIVSEP(audit_run_command(shell));
|
||||||
+ s->command = xstrdup(shell);
|
+ s->command = xstrdup(shell);
|
||||||
}
|
}
|
||||||
|
+ if (s->command != NULL)
|
||||||
|
+ s->command_handle = PRIVSEP(audit_run_command(s->command));
|
||||||
#endif
|
#endif
|
||||||
if (s->ttyfd != -1)
|
if (s->ttyfd != -1)
|
||||||
@@ -2456,6 +2458,12 @@ session_close(Session *s)
|
ret = do_exec_pty(s, command);
|
||||||
|
@@ -1841,6 +1853,7 @@ session_unused(int id)
|
||||||
|
sessions[id].ttyfd = -1;
|
||||||
|
sessions[id].ptymaster = -1;
|
||||||
|
sessions[id].x11_chanids = NULL;
|
||||||
|
+ sessions[id].command_handle = -1;
|
||||||
|
sessions[id].next_unused = sessions_first_unused;
|
||||||
|
sessions_first_unused = id;
|
||||||
|
}
|
||||||
|
@@ -1923,6 +1936,19 @@ session_open(Authctxt *authctxt, int cha
|
||||||
|
}
|
||||||
|
|
||||||
|
Session *
|
||||||
|
+session_by_id(int id)
|
||||||
|
+{
|
||||||
|
+ if (id >= 0 && id < sessions_nalloc) {
|
||||||
|
+ Session *s = &sessions[id];
|
||||||
|
+ if (s->used)
|
||||||
|
+ return s;
|
||||||
|
+ }
|
||||||
|
+ debug("session_by_id: unknown id %d", id);
|
||||||
|
+ session_dump();
|
||||||
|
+ return NULL;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+Session *
|
||||||
|
session_by_tty(char *tty)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
@@ -2448,6 +2474,30 @@ session_exit_message(Session *s, int sta
|
||||||
|
chan_write_failed(c);
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifdef SSH_AUDIT_EVENTS
|
||||||
|
+void
|
||||||
|
+session_end_command2(Session *s)
|
||||||
|
+{
|
||||||
|
+ if (s->command != NULL) {
|
||||||
|
+ audit_end_command(s->command_handle, s->command);
|
||||||
|
+ xfree(s->command);
|
||||||
|
+ s->command = NULL;
|
||||||
|
+ s->command_handle = -1;
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static void
|
||||||
|
+session_end_command(Session *s)
|
||||||
|
+{
|
||||||
|
+ if (s->command != NULL) {
|
||||||
|
+ PRIVSEP(audit_end_command(s->command_handle, s->command));
|
||||||
|
+ xfree(s->command);
|
||||||
|
+ s->command = NULL;
|
||||||
|
+ s->command_handle = -1;
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
void
|
||||||
|
session_close(Session *s)
|
||||||
|
{
|
||||||
|
@@ -2456,6 +2506,10 @@ session_close(Session *s)
|
||||||
debug("session_close: session %d pid %ld", s->self, (long)s->pid);
|
debug("session_close: session %d pid %ld", s->self, (long)s->pid);
|
||||||
if (s->ttyfd != -1)
|
if (s->ttyfd != -1)
|
||||||
session_pty_cleanup(s);
|
session_pty_cleanup(s);
|
||||||
+#ifdef SSH_AUDIT_EVENTS
|
+#ifdef SSH_AUDIT_EVENTS
|
||||||
+ if (s->command) {
|
+ if (s->command)
|
||||||
+ PRIVSEP(audit_end_command(s->command));
|
+ session_end_command(s);
|
||||||
+ xfree(s->command);
|
|
||||||
+ }
|
|
||||||
+#endif
|
+#endif
|
||||||
if (s->term)
|
if (s->term)
|
||||||
xfree(s->term);
|
xfree(s->term);
|
||||||
if (s->display)
|
if (s->display)
|
||||||
|
@@ -2675,6 +2729,15 @@ do_authenticated2(Authctxt *authctxt)
|
||||||
|
server_loop2(authctxt);
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+do_cleanup_one_session(Session *s)
|
||||||
|
+{
|
||||||
|
+ session_pty_cleanup2(s);
|
||||||
|
+#ifdef SSH_AUDIT_EVENTS
|
||||||
|
+ session_end_command2(s);
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
void
|
||||||
|
do_cleanup(Authctxt *authctxt)
|
||||||
|
{
|
||||||
|
@@ -2723,5 +2786,5 @@ do_cleanup(Authctxt *authctxt)
|
||||||
|
* or if running in monitor.
|
||||||
|
*/
|
||||||
|
if (!use_privsep || mm_is_monitor())
|
||||||
|
- session_destroy_all(session_pty_cleanup2);
|
||||||
|
+ session_destroy_all(do_cleanup_one_session);
|
||||||
|
}
|
||||||
diff -up openssh-5.8p1/session.h.audit1 openssh-5.8p1/session.h
|
diff -up openssh-5.8p1/session.h.audit1 openssh-5.8p1/session.h
|
||||||
--- openssh-5.8p1/session.h.audit1 2008-05-19 07:34:50.000000000 +0200
|
--- openssh-5.8p1/session.h.audit1 2008-05-19 07:34:50.000000000 +0200
|
||||||
+++ openssh-5.8p1/session.h 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/session.h 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -60,6 +60,11 @@ struct Session {
|
@@ -60,6 +60,12 @@ struct Session {
|
||||||
char *name;
|
char *name;
|
||||||
char *val;
|
char *val;
|
||||||
} *env;
|
} *env;
|
||||||
+
|
+
|
||||||
+ /* exec */
|
+ /* exec */
|
||||||
+#ifdef SSH_AUDIT_EVENTS
|
+#ifdef SSH_AUDIT_EVENTS
|
||||||
|
+ int command_handle;
|
||||||
+ char *command;
|
+ char *command;
|
||||||
+#endif
|
+#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
void do_authenticated(Authctxt *);
|
void do_authenticated(Authctxt *);
|
||||||
|
@@ -72,8 +78,10 @@ void session_close_by_pid(pid_t, int);
|
||||||
|
void session_close_by_channel(int, void *);
|
||||||
|
void session_destroy_all(void (*)(Session *));
|
||||||
|
void session_pty_cleanup2(Session *);
|
||||||
|
+void session_end_command2(Session *);
|
||||||
|
|
||||||
|
Session *session_new(void);
|
||||||
|
+Session *session_by_id(int);
|
||||||
|
Session *session_by_tty(char *);
|
||||||
|
void session_close(Session *);
|
||||||
|
void do_setusercontext(struct passwd *);
|
||||||
diff -up openssh-5.8p1/sshd.c.audit1 openssh-5.8p1/sshd.c
|
diff -up openssh-5.8p1/sshd.c.audit1 openssh-5.8p1/sshd.c
|
||||||
--- openssh-5.8p1/sshd.c.audit1 2011-01-11 07:20:31.000000000 +0100
|
--- openssh-5.8p1/sshd.c.audit1 2011-01-11 07:20:31.000000000 +0100
|
||||||
+++ openssh-5.8p1/sshd.c 2011-02-28 22:39:02.000000000 +0100
|
+++ openssh-5.8p1/sshd.c 2011-03-04 14:16:25.000000000 +0100
|
||||||
@@ -2342,7 +2342,8 @@ cleanup_exit(int i)
|
@@ -2342,7 +2342,8 @@ cleanup_exit(int i)
|
||||||
do_cleanup(the_authctxt);
|
do_cleanup(the_authctxt);
|
||||||
#ifdef SSH_AUDIT_EVENTS
|
#ifdef SSH_AUDIT_EVENTS
|
||||||
|
@ -1,429 +0,0 @@
|
|||||||
diff -up openssh-5.8p1/audit-bsm.c.audit1a openssh-5.8p1/audit-bsm.c
|
|
||||||
--- openssh-5.8p1/audit-bsm.c.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/audit-bsm.c 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
@@ -298,19 +298,26 @@ audit_connection_from(const char *host,
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
-void
|
|
||||||
+int
|
|
||||||
audit_run_command(const char *command)
|
|
||||||
{
|
|
||||||
/* not implemented */
|
|
||||||
+ return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
-audit_end_command(const char *command)
|
|
||||||
+audit_end_command(int handle, const char *command)
|
|
||||||
{
|
|
||||||
/* not implemented */
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
+audit_count_session_open(void)
|
|
||||||
+{
|
|
||||||
+ /* not necessary */
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+void
|
|
||||||
audit_session_open(struct logininfo *li)
|
|
||||||
{
|
|
||||||
/* not implemented */
|
|
||||||
diff -up openssh-5.8p1/audit.c.audit1a openssh-5.8p1/audit.c
|
|
||||||
--- openssh-5.8p1/audit.c.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/audit.c 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
@@ -140,6 +140,17 @@ audit_event(ssh_audit_event_t event)
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
+ * Called when a child process has called, or will soon call,
|
|
||||||
+ * audit_session_open.
|
|
||||||
+ */
|
|
||||||
+void
|
|
||||||
+audit_count_session_open(void)
|
|
||||||
+{
|
|
||||||
+ debug("audit count session open euid %d user %s", geteuid(),
|
|
||||||
+ audit_username());
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/*
|
|
||||||
* Called when a user session is started. Argument is the tty allocated to
|
|
||||||
* the session, or NULL if no tty was allocated.
|
|
||||||
*
|
|
||||||
@@ -174,22 +185,25 @@ audit_session_close(struct logininfo *li
|
|
||||||
/*
|
|
||||||
* This will be called when a user runs a non-interactive command. Note that
|
|
||||||
* it may be called multiple times for a single connection since SSH2 allows
|
|
||||||
- * multiple sessions within a single connection.
|
|
||||||
+ * multiple sessions within a single connection. Returns a "handle" for
|
|
||||||
+ * audit_end_command.
|
|
||||||
*/
|
|
||||||
-void
|
|
||||||
+int
|
|
||||||
audit_run_command(const char *command)
|
|
||||||
{
|
|
||||||
debug("audit run command euid %d user %s command '%.200s'", geteuid(),
|
|
||||||
audit_username(), command);
|
|
||||||
+ return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This will be called when the non-interactive command finishes. Note that
|
|
||||||
* it may be called multiple times for a single connection since SSH2 allows
|
|
||||||
- * multiple sessions within a single connection.
|
|
||||||
+ * multiple sessions within a single connection. "handle" should come from
|
|
||||||
+ * the corresponding audit_run_command.
|
|
||||||
*/
|
|
||||||
void
|
|
||||||
-audit_end_command(const char *command)
|
|
||||||
+audit_end_command(int handle, const char *command)
|
|
||||||
{
|
|
||||||
debug("audit end nopty exec euid %d user %s command '%.200s'", geteuid(),
|
|
||||||
audit_username(), command);
|
|
||||||
diff -up openssh-5.8p1/audit.h.audit1a openssh-5.8p1/audit.h
|
|
||||||
--- openssh-5.8p1/audit.h.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/audit.h 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
@@ -49,10 +49,11 @@ typedef enum ssh_audit_event_type ssh_au
|
|
||||||
|
|
||||||
void audit_connection_from(const char *, int);
|
|
||||||
void audit_event(ssh_audit_event_t);
|
|
||||||
+void audit_count_session_open(void);
|
|
||||||
void audit_session_open(struct logininfo *);
|
|
||||||
void audit_session_close(struct logininfo *);
|
|
||||||
-void audit_run_command(const char *);
|
|
||||||
-void audit_end_command(const char *);
|
|
||||||
+int audit_run_command(const char *);
|
|
||||||
+void audit_end_command(int, const char *);
|
|
||||||
ssh_audit_event_t audit_classify_auth(const char *);
|
|
||||||
|
|
||||||
#endif /* _SSH_AUDIT_H */
|
|
||||||
diff -up openssh-5.8p1/audit-linux.c.audit1a openssh-5.8p1/audit-linux.c
|
|
||||||
--- openssh-5.8p1/audit-linux.c.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/audit-linux.c 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
@@ -140,7 +140,7 @@ audit_connection_from(const char *host,
|
|
||||||
/* not implemented */
|
|
||||||
}
|
|
||||||
|
|
||||||
-void
|
|
||||||
+int
|
|
||||||
audit_run_command(const char *command)
|
|
||||||
{
|
|
||||||
if (!user_login_count++)
|
|
||||||
@@ -148,10 +148,11 @@ audit_run_command(const char *command)
|
|
||||||
NULL, "ssh", 1, AUDIT_USER_LOGIN);
|
|
||||||
linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
|
||||||
NULL, "ssh", 1, AUDIT_USER_START);
|
|
||||||
+ return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
-audit_end_command(const char *command)
|
|
||||||
+audit_end_command(int handle, const char *command)
|
|
||||||
{
|
|
||||||
linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
|
|
||||||
NULL, "ssh", 1, AUDIT_USER_END);
|
|
||||||
@@ -161,6 +162,12 @@ audit_end_command(const char *command)
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
+audit_count_session_open(void)
|
|
||||||
+{
|
|
||||||
+ user_login_count++;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+void
|
|
||||||
audit_session_open(struct logininfo *li)
|
|
||||||
{
|
|
||||||
if (!user_login_count++)
|
|
||||||
diff -up openssh-5.8p1/monitor.c.audit1a openssh-5.8p1/monitor.c
|
|
||||||
--- openssh-5.8p1/monitor.c.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/monitor.c 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
@@ -1291,6 +1291,12 @@ mm_session_close(Session *s)
|
|
||||||
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
|
|
||||||
session_pty_cleanup2(s);
|
|
||||||
}
|
|
||||||
+#ifdef SSH_AUDIT_EVENTS
|
|
||||||
+ if (s->command != NULL) {
|
|
||||||
+ debug3("%s: command %d", __func__, s->command_handle);
|
|
||||||
+ session_end_command2(s);
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
session_unused(s->self);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1613,25 +1619,44 @@ mm_answer_audit_command(int socket, Buff
|
|
||||||
{
|
|
||||||
u_int len;
|
|
||||||
char *cmd;
|
|
||||||
+ Session *s;
|
|
||||||
|
|
||||||
debug3("%s entering", __func__);
|
|
||||||
cmd = buffer_get_string(m, &len);
|
|
||||||
+
|
|
||||||
/* sanity check command, if so how? */
|
|
||||||
- audit_run_command(cmd);
|
|
||||||
- xfree(cmd);
|
|
||||||
+ s = session_new();
|
|
||||||
+ if (s == NULL)
|
|
||||||
+ fatal("%s: error allocating a session", __func__);
|
|
||||||
+ s->command = cmd;
|
|
||||||
+ s->command_handle = audit_run_command(cmd);
|
|
||||||
+
|
|
||||||
+ buffer_clear(m);
|
|
||||||
+ buffer_put_int(m, s->self);
|
|
||||||
+
|
|
||||||
+ mm_request_send(socket, MONITOR_ANS_AUDIT_COMMAND, m);
|
|
||||||
+
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
|
||||||
mm_answer_audit_end_command(int socket, Buffer *m)
|
|
||||||
{
|
|
||||||
+ int handle;
|
|
||||||
u_int len;
|
|
||||||
char *cmd;
|
|
||||||
+ Session *s;
|
|
||||||
|
|
||||||
debug3("%s entering", __func__);
|
|
||||||
+ handle = buffer_get_int(m);
|
|
||||||
cmd = buffer_get_string(m, &len);
|
|
||||||
- /* sanity check command, if so how? */
|
|
||||||
- audit_end_command(cmd);
|
|
||||||
+
|
|
||||||
+ s = session_by_id(handle);
|
|
||||||
+ if (s == NULL || s->ttyfd != -1 || s->command == NULL ||
|
|
||||||
+ strcmp(s->command, cmd) != 0)
|
|
||||||
+ fatal("%s: invalid handle", __func__);
|
|
||||||
+ mm_session_close(s);
|
|
||||||
+
|
|
||||||
xfree(cmd);
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
diff -up openssh-5.8p1/monitor.h.audit1a openssh-5.8p1/monitor.h
|
|
||||||
--- openssh-5.8p1/monitor.h.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/monitor.h 2011-03-02 09:37:15.000000000 +0100
|
|
||||||
@@ -60,7 +60,7 @@ enum monitor_reqtype {
|
|
||||||
MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,
|
|
||||||
MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,
|
|
||||||
MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,
|
|
||||||
- MONITOR_REQ_AUDIT_END_COMMAND,
|
|
||||||
+ MONITOR_ANS_AUDIT_COMMAND, MONITOR_REQ_AUDIT_END_COMMAND,
|
|
||||||
MONITOR_REQ_TERM,
|
|
||||||
MONITOR_REQ_JPAKE_STEP1, MONITOR_ANS_JPAKE_STEP1,
|
|
||||||
MONITOR_REQ_JPAKE_GET_PWDATA, MONITOR_ANS_JPAKE_GET_PWDATA,
|
|
||||||
diff -up openssh-5.8p1/monitor_wrap.c.audit1a openssh-5.8p1/monitor_wrap.c
|
|
||||||
--- openssh-5.8p1/monitor_wrap.c.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/monitor_wrap.c 2011-03-02 09:37:15.000000000 +0100
|
|
||||||
@@ -1150,10 +1150,11 @@ mm_audit_event(ssh_audit_event_t event)
|
|
||||||
buffer_free(&m);
|
|
||||||
}
|
|
||||||
|
|
||||||
-void
|
|
||||||
+int
|
|
||||||
mm_audit_run_command(const char *command)
|
|
||||||
{
|
|
||||||
Buffer m;
|
|
||||||
+ int handle;
|
|
||||||
|
|
||||||
debug3("%s entering command %s", __func__, command);
|
|
||||||
|
|
||||||
@@ -1161,17 +1162,23 @@ mm_audit_run_command(const char *command
|
|
||||||
buffer_put_cstring(&m, command);
|
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m);
|
|
||||||
+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_COMMAND, &m);
|
|
||||||
+
|
|
||||||
+ handle = buffer_get_int(&m);
|
|
||||||
buffer_free(&m);
|
|
||||||
+
|
|
||||||
+ return (handle);
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
-mm_audit_end_command(const char *command)
|
|
||||||
+mm_audit_end_command(int handle, const char *command)
|
|
||||||
{
|
|
||||||
Buffer m;
|
|
||||||
|
|
||||||
debug3("%s entering command %s", __func__, command);
|
|
||||||
|
|
||||||
buffer_init(&m);
|
|
||||||
+ buffer_put_int(&m, handle);
|
|
||||||
buffer_put_cstring(&m, command);
|
|
||||||
|
|
||||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_END_COMMAND, &m);
|
|
||||||
diff -up openssh-5.8p1/monitor_wrap.h.audit1a openssh-5.8p1/monitor_wrap.h
|
|
||||||
--- openssh-5.8p1/monitor_wrap.h.audit1a 2011-03-02 09:41:17.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/monitor_wrap.h 2011-03-02 09:44:35.000000000 +0100
|
|
||||||
@@ -73,8 +73,8 @@ void mm_sshpam_free_ctx(void *);
|
|
||||||
#ifdef SSH_AUDIT_EVENTS
|
|
||||||
#include "audit.h"
|
|
||||||
void mm_audit_event(ssh_audit_event_t);
|
|
||||||
-void mm_audit_run_command(const char *);
|
|
||||||
-void mm_audit_end_command(const char *);
|
|
||||||
+int mm_audit_run_command(const char *);
|
|
||||||
+void mm_audit_end_command(int, const char *);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
struct Session;
|
|
||||||
diff -up openssh-5.8p1/session.c.audit1a openssh-5.8p1/session.c
|
|
||||||
--- openssh-5.8p1/session.c.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/session.c 2011-03-02 09:37:15.000000000 +0100
|
|
||||||
@@ -738,6 +738,14 @@ do_exec_pty(Session *s, const char *comm
|
|
||||||
/* Parent. Close the slave side of the pseudo tty. */
|
|
||||||
close(ttyfd);
|
|
||||||
|
|
||||||
+#ifndef HAVE_OSF_SIA
|
|
||||||
+ /* do_login in the child did not affect state in this process,
|
|
||||||
+ compensate. From an architectural standpoint, this is extremely
|
|
||||||
+ ugly. */
|
|
||||||
+ if (!(options.use_login && command == NULL))
|
|
||||||
+ audit_count_session_open();
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
/* Enter interactive session. */
|
|
||||||
s->ptymaster = ptymaster;
|
|
||||||
packet_set_interactive(1,
|
|
||||||
@@ -809,17 +817,19 @@ do_exec(Session *s, const char *command)
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef SSH_AUDIT_EVENTS
|
|
||||||
- if (command != NULL) {
|
|
||||||
- PRIVSEP(audit_run_command(command));
|
|
||||||
+ if (s->command != NULL || s->command_handle != -1)
|
|
||||||
+ fatal("do_exec: command already set");
|
|
||||||
+ if (command != NULL)
|
|
||||||
s->command = xstrdup(command);
|
|
||||||
- } else if (s->ttyfd == -1) {
|
|
||||||
+ else if (s->ttyfd == -1) {
|
|
||||||
char *shell = s->pw->pw_shell;
|
|
||||||
|
|
||||||
if (shell[0] == '\0') /* empty shell means /bin/sh */
|
|
||||||
shell =_PATH_BSHELL;
|
|
||||||
- PRIVSEP(audit_run_command(shell));
|
|
||||||
s->command = xstrdup(shell);
|
|
||||||
}
|
|
||||||
+ if (s->command != NULL)
|
|
||||||
+ s->command_handle = PRIVSEP(audit_run_command(s->command));
|
|
||||||
#endif
|
|
||||||
if (s->ttyfd != -1)
|
|
||||||
ret = do_exec_pty(s, command);
|
|
||||||
@@ -1843,6 +1853,7 @@ session_unused(int id)
|
|
||||||
sessions[id].ttyfd = -1;
|
|
||||||
sessions[id].ptymaster = -1;
|
|
||||||
sessions[id].x11_chanids = NULL;
|
|
||||||
+ sessions[id].command_handle = -1;
|
|
||||||
sessions[id].next_unused = sessions_first_unused;
|
|
||||||
sessions_first_unused = id;
|
|
||||||
}
|
|
||||||
@@ -1925,6 +1936,19 @@ session_open(Authctxt *authctxt, int cha
|
|
||||||
}
|
|
||||||
|
|
||||||
Session *
|
|
||||||
+session_by_id(int id)
|
|
||||||
+{
|
|
||||||
+ if (id >= 0 && id < sessions_nalloc) {
|
|
||||||
+ Session *s = &sessions[id];
|
|
||||||
+ if (s->used)
|
|
||||||
+ return s;
|
|
||||||
+ }
|
|
||||||
+ debug("session_by_id: unknown id %d", id);
|
|
||||||
+ session_dump();
|
|
||||||
+ return NULL;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+Session *
|
|
||||||
session_by_tty(char *tty)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
@@ -2450,6 +2474,30 @@ session_exit_message(Session *s, int sta
|
|
||||||
chan_write_failed(c);
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifdef SSH_AUDIT_EVENTS
|
|
||||||
+void
|
|
||||||
+session_end_command2(Session *s)
|
|
||||||
+{
|
|
||||||
+ if (s->command != NULL) {
|
|
||||||
+ audit_end_command(s->command_handle, s->command);
|
|
||||||
+ xfree(s->command);
|
|
||||||
+ s->command = NULL;
|
|
||||||
+ s->command_handle = -1;
|
|
||||||
+ }
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static void
|
|
||||||
+session_end_command(Session *s)
|
|
||||||
+{
|
|
||||||
+ if (s->command != NULL) {
|
|
||||||
+ PRIVSEP(audit_end_command(s->command_handle, s->command));
|
|
||||||
+ xfree(s->command);
|
|
||||||
+ s->command = NULL;
|
|
||||||
+ s->command_handle = -1;
|
|
||||||
+ }
|
|
||||||
+}
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
void
|
|
||||||
session_close(Session *s)
|
|
||||||
{
|
|
||||||
@@ -2459,10 +2507,8 @@ session_close(Session *s)
|
|
||||||
if (s->ttyfd != -1)
|
|
||||||
session_pty_cleanup(s);
|
|
||||||
#ifdef SSH_AUDIT_EVENTS
|
|
||||||
- if (s->command) {
|
|
||||||
- PRIVSEP(audit_end_command(s->command));
|
|
||||||
- xfree(s->command);
|
|
||||||
- }
|
|
||||||
+ if (s->command)
|
|
||||||
+ session_end_command(s);
|
|
||||||
#endif
|
|
||||||
if (s->term)
|
|
||||||
xfree(s->term);
|
|
||||||
@@ -2683,6 +2729,15 @@ do_authenticated2(Authctxt *authctxt)
|
|
||||||
server_loop2(authctxt);
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+do_cleanup_one_session(Session *s)
|
|
||||||
+{
|
|
||||||
+ session_pty_cleanup2(s);
|
|
||||||
+#ifdef SSH_AUDIT_EVENTS
|
|
||||||
+ session_end_command2(s);
|
|
||||||
+#endif
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void
|
|
||||||
do_cleanup(Authctxt *authctxt)
|
|
||||||
{
|
|
||||||
@@ -2731,5 +2786,5 @@ do_cleanup(Authctxt *authctxt)
|
|
||||||
* or if running in monitor.
|
|
||||||
*/
|
|
||||||
if (!use_privsep || mm_is_monitor())
|
|
||||||
- session_destroy_all(session_pty_cleanup2);
|
|
||||||
+ session_destroy_all(do_cleanup_one_session);
|
|
||||||
}
|
|
||||||
diff -up openssh-5.8p1/session.h.audit1a openssh-5.8p1/session.h
|
|
||||||
--- openssh-5.8p1/session.h.audit1a 2011-03-02 09:37:14.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/session.h 2011-03-02 09:37:15.000000000 +0100
|
|
||||||
@@ -63,6 +63,7 @@ struct Session {
|
|
||||||
|
|
||||||
/* exec */
|
|
||||||
#ifdef SSH_AUDIT_EVENTS
|
|
||||||
+ int command_handle;
|
|
||||||
char *command;
|
|
||||||
#endif
|
|
||||||
};
|
|
||||||
@@ -77,8 +78,10 @@ void session_close_by_pid(pid_t, int);
|
|
||||||
void session_close_by_channel(int, void *);
|
|
||||||
void session_destroy_all(void (*)(Session *));
|
|
||||||
void session_pty_cleanup2(Session *);
|
|
||||||
+void session_end_command2(Session *);
|
|
||||||
|
|
||||||
Session *session_new(void);
|
|
||||||
+Session *session_by_id(int);
|
|
||||||
Session *session_by_tty(char *);
|
|
||||||
void session_close(Session *);
|
|
||||||
void do_setusercontext(struct passwd *);
|
|
@ -1,6 +1,6 @@
|
|||||||
diff -up openssh-5.8p1/audit-bsm.c.audit2 openssh-5.8p1/audit-bsm.c
|
diff -up openssh-5.8p1/audit-bsm.c.audit2 openssh-5.8p1/audit-bsm.c
|
||||||
--- openssh-5.8p1/audit-bsm.c.audit2 2011-03-02 08:23:54.000000000 +0100
|
--- openssh-5.8p1/audit-bsm.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit-bsm.c 2011-03-02 08:23:54.000000000 +0100
|
+++ openssh-5.8p1/audit-bsm.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
@@ -329,6 +329,12 @@ audit_session_close(struct logininfo *li
|
@@ -329,6 +329,12 @@ audit_session_close(struct logininfo *li
|
||||||
/* not implemented */
|
/* not implemented */
|
||||||
}
|
}
|
||||||
@ -15,8 +15,8 @@ diff -up openssh-5.8p1/audit-bsm.c.audit2 openssh-5.8p1/audit-bsm.c
|
|||||||
audit_event(ssh_audit_event_t event)
|
audit_event(ssh_audit_event_t event)
|
||||||
{
|
{
|
||||||
diff -up openssh-5.8p1/audit.c.audit2 openssh-5.8p1/audit.c
|
diff -up openssh-5.8p1/audit.c.audit2 openssh-5.8p1/audit.c
|
||||||
--- openssh-5.8p1/audit.c.audit2 2011-03-02 08:23:54.000000000 +0100
|
--- openssh-5.8p1/audit.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit.c 2011-03-02 08:23:55.000000000 +0100
|
+++ openssh-5.8p1/audit.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
@@ -36,6 +36,7 @@
|
@@ -36,6 +36,7 @@
|
||||||
#include "key.h"
|
#include "key.h"
|
||||||
#include "hostfile.h"
|
#include "hostfile.h"
|
||||||
@ -67,8 +67,8 @@ diff -up openssh-5.8p1/audit.c.audit2 openssh-5.8p1/audit.c
|
|||||||
# endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */
|
# endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */
|
||||||
#endif /* SSH_AUDIT_EVENTS */
|
#endif /* SSH_AUDIT_EVENTS */
|
||||||
diff -up openssh-5.8p1/audit.h.audit2 openssh-5.8p1/audit.h
|
diff -up openssh-5.8p1/audit.h.audit2 openssh-5.8p1/audit.h
|
||||||
--- openssh-5.8p1/audit.h.audit2 2011-03-02 08:23:54.000000000 +0100
|
--- openssh-5.8p1/audit.h.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit.h 2011-03-02 08:25:02.000000000 +0100
|
+++ openssh-5.8p1/audit.h 2011-03-04 14:28:17.000000000 +0100
|
||||||
@@ -28,6 +28,7 @@
|
@@ -28,6 +28,7 @@
|
||||||
# define _SSH_AUDIT_H
|
# define _SSH_AUDIT_H
|
||||||
|
|
||||||
@ -86,8 +86,8 @@ diff -up openssh-5.8p1/audit.h.audit2 openssh-5.8p1/audit.h
|
|||||||
|
|
||||||
#endif /* _SSH_AUDIT_H */
|
#endif /* _SSH_AUDIT_H */
|
||||||
diff -up openssh-5.8p1/audit-linux.c.audit2 openssh-5.8p1/audit-linux.c
|
diff -up openssh-5.8p1/audit-linux.c.audit2 openssh-5.8p1/audit-linux.c
|
||||||
--- openssh-5.8p1/audit-linux.c.audit2 2011-03-02 08:23:54.000000000 +0100
|
--- openssh-5.8p1/audit-linux.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/audit-linux.c 2011-03-02 08:23:55.000000000 +0100
|
+++ openssh-5.8p1/audit-linux.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
@@ -41,6 +41,8 @@
|
@@ -41,6 +41,8 @@
|
||||||
#include "servconf.h"
|
#include "servconf.h"
|
||||||
#include "canohost.h"
|
#include "canohost.h"
|
||||||
@ -136,14 +136,23 @@ diff -up openssh-5.8p1/audit-linux.c.audit2 openssh-5.8p1/audit-linux.c
|
|||||||
|
|
||||||
/* Below is the sshd audit API code */
|
/* Below is the sshd audit API code */
|
||||||
diff -up openssh-5.8p1/auth2-hostbased.c.audit2 openssh-5.8p1/auth2-hostbased.c
|
diff -up openssh-5.8p1/auth2-hostbased.c.audit2 openssh-5.8p1/auth2-hostbased.c
|
||||||
--- openssh-5.8p1/auth2-hostbased.c.audit2 2011-03-02 08:23:53.000000000 +0100
|
--- openssh-5.8p1/auth2-hostbased.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/auth2-hostbased.c 2011-03-02 08:23:55.000000000 +0100
|
+++ openssh-5.8p1/auth2-hostbased.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
|
@@ -119,7 +119,7 @@ userauth_hostbased(Authctxt *authctxt)
|
||||||
|
/* test for allowed key and correct signature */
|
||||||
|
authenticated = 0;
|
||||||
|
if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
|
||||||
|
- PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
|
||||||
|
+ PRIVSEP(hostbased_key_verify(key, sig, slen, buffer_ptr(&b),
|
||||||
|
buffer_len(&b))) == 1)
|
||||||
|
authenticated = 1;
|
||||||
|
|
||||||
@@ -136,6 +136,18 @@ done:
|
@@ -136,6 +136,18 @@ done:
|
||||||
return authenticated;
|
return authenticated;
|
||||||
}
|
}
|
||||||
|
|
||||||
+int
|
+int
|
||||||
+hostkey_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
+hostbased_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
||||||
+{
|
+{
|
||||||
+ int rv;
|
+ int rv;
|
||||||
+
|
+
|
||||||
@ -158,14 +167,23 @@ diff -up openssh-5.8p1/auth2-hostbased.c.audit2 openssh-5.8p1/auth2-hostbased.c
|
|||||||
int
|
int
|
||||||
hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
|
hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
|
||||||
diff -up openssh-5.8p1/auth2-pubkey.c.audit2 openssh-5.8p1/auth2-pubkey.c
|
diff -up openssh-5.8p1/auth2-pubkey.c.audit2 openssh-5.8p1/auth2-pubkey.c
|
||||||
--- openssh-5.8p1/auth2-pubkey.c.audit2 2011-03-02 08:23:53.000000000 +0100
|
--- openssh-5.8p1/auth2-pubkey.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/auth2-pubkey.c 2011-03-02 08:23:55.000000000 +0100
|
+++ openssh-5.8p1/auth2-pubkey.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
|
@@ -140,7 +140,7 @@ userauth_pubkey(Authctxt *authctxt)
|
||||||
|
/* test for correct signature */
|
||||||
|
authenticated = 0;
|
||||||
|
if (PRIVSEP(user_key_allowed(authctxt->pw, key)) &&
|
||||||
|
- PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
|
||||||
|
+ PRIVSEP(user_key_verify(key, sig, slen, buffer_ptr(&b),
|
||||||
|
buffer_len(&b))) == 1)
|
||||||
|
authenticated = 1;
|
||||||
|
buffer_free(&b);
|
||||||
@@ -177,6 +177,18 @@ done:
|
@@ -177,6 +177,18 @@ done:
|
||||||
return authenticated;
|
return authenticated;
|
||||||
}
|
}
|
||||||
|
|
||||||
+int
|
+int
|
||||||
+pubkey_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
+user_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
||||||
+{
|
+{
|
||||||
+ int rv;
|
+ int rv;
|
||||||
+
|
+
|
||||||
@ -181,12 +199,12 @@ diff -up openssh-5.8p1/auth2-pubkey.c.audit2 openssh-5.8p1/auth2-pubkey.c
|
|||||||
{
|
{
|
||||||
diff -up openssh-5.8p1/auth.h.audit2 openssh-5.8p1/auth.h
|
diff -up openssh-5.8p1/auth.h.audit2 openssh-5.8p1/auth.h
|
||||||
--- openssh-5.8p1/auth.h.audit2 2010-05-10 03:58:03.000000000 +0200
|
--- openssh-5.8p1/auth.h.audit2 2010-05-10 03:58:03.000000000 +0200
|
||||||
+++ openssh-5.8p1/auth.h 2011-03-02 08:23:55.000000000 +0100
|
+++ openssh-5.8p1/auth.h 2011-03-04 14:28:17.000000000 +0100
|
||||||
@@ -170,6 +170,7 @@ void abandon_challenge_response(Authctxt
|
@@ -170,6 +170,7 @@ void abandon_challenge_response(Authctxt
|
||||||
char *authorized_keys_file(struct passwd *);
|
char *authorized_keys_file(struct passwd *);
|
||||||
char *authorized_keys_file2(struct passwd *);
|
char *authorized_keys_file2(struct passwd *);
|
||||||
char *authorized_principals_file(struct passwd *);
|
char *authorized_principals_file(struct passwd *);
|
||||||
+int pubkey_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
+int user_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
||||||
|
|
||||||
FILE *auth_openkeyfile(const char *, struct passwd *, int);
|
FILE *auth_openkeyfile(const char *, struct passwd *, int);
|
||||||
FILE *auth_openprincipals(const char *, struct passwd *, int);
|
FILE *auth_openprincipals(const char *, struct passwd *, int);
|
||||||
@ -194,13 +212,13 @@ diff -up openssh-5.8p1/auth.h.audit2 openssh-5.8p1/auth.h
|
|||||||
Key *get_hostkey_private_by_type(int);
|
Key *get_hostkey_private_by_type(int);
|
||||||
int get_hostkey_index(Key *);
|
int get_hostkey_index(Key *);
|
||||||
int ssh1_session_key(BIGNUM *);
|
int ssh1_session_key(BIGNUM *);
|
||||||
+int hostkey_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
+int hostbased_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
||||||
|
|
||||||
/* debug messages during authentication */
|
/* debug messages during authentication */
|
||||||
void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
|
void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
|
||||||
diff -up openssh-5.8p1/auth-rsa.c.audit2 openssh-5.8p1/auth-rsa.c
|
diff -up openssh-5.8p1/auth-rsa.c.audit2 openssh-5.8p1/auth-rsa.c
|
||||||
--- openssh-5.8p1/auth-rsa.c.audit2 2011-03-02 08:23:53.000000000 +0100
|
--- openssh-5.8p1/auth-rsa.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/auth-rsa.c 2011-03-02 08:23:55.000000000 +0100
|
+++ openssh-5.8p1/auth-rsa.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
@@ -92,7 +92,10 @@ auth_rsa_verify_response(Key *key, BIGNU
|
@@ -92,7 +92,10 @@ auth_rsa_verify_response(Key *key, BIGNU
|
||||||
{
|
{
|
||||||
u_char buf[32], mdbuf[16];
|
u_char buf[32], mdbuf[16];
|
||||||
@ -238,19 +256,40 @@ diff -up openssh-5.8p1/auth-rsa.c.audit2 openssh-5.8p1/auth-rsa.c
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
diff -up openssh-5.8p1/monitor.c.audit2 openssh-5.8p1/monitor.c
|
diff -up openssh-5.8p1/monitor.c.audit2 openssh-5.8p1/monitor.c
|
||||||
--- openssh-5.8p1/monitor.c.audit2 2011-03-02 08:23:54.000000000 +0100
|
--- openssh-5.8p1/monitor.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
+++ openssh-5.8p1/monitor.c 2011-03-02 08:23:55.000000000 +0100
|
+++ openssh-5.8p1/monitor.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
@@ -1238,7 +1238,17 @@ mm_answer_keyverify(int sock, Buffer *m)
|
@@ -1208,9 +1208,11 @@ mm_answer_keyverify(int sock, Buffer *m)
|
||||||
|
Key *key;
|
||||||
|
u_char *signature, *data, *blob;
|
||||||
|
u_int signaturelen, datalen, bloblen;
|
||||||
|
+ int type = 0;
|
||||||
|
int verified = 0;
|
||||||
|
int valid_data = 0;
|
||||||
|
|
||||||
|
+ type = buffer_get_int(m);
|
||||||
|
blob = buffer_get_string(m, &bloblen);
|
||||||
|
signature = buffer_get_string(m, &signaturelen);
|
||||||
|
data = buffer_get_string(m, &datalen);
|
||||||
|
@@ -1218,6 +1220,8 @@ mm_answer_keyverify(int sock, Buffer *m)
|
||||||
|
if (hostbased_cuser == NULL || hostbased_chost == NULL ||
|
||||||
|
!monitor_allowed_key(blob, bloblen))
|
||||||
|
fatal("%s: bad key, not previously allowed", __func__);
|
||||||
|
+ if (type != key_blobtype)
|
||||||
|
+ fatal("%s: bad key type", __func__);
|
||||||
|
|
||||||
|
key = key_from_blob(blob, bloblen);
|
||||||
|
if (key == NULL)
|
||||||
|
@@ -1238,7 +1242,17 @@ mm_answer_keyverify(int sock, Buffer *m)
|
||||||
if (!valid_data)
|
if (!valid_data)
|
||||||
fatal("%s: bad signature data blob", __func__);
|
fatal("%s: bad signature data blob", __func__);
|
||||||
|
|
||||||
- verified = key_verify(key, signature, signaturelen, data, datalen);
|
- verified = key_verify(key, signature, signaturelen, data, datalen);
|
||||||
+ switch (key_blobtype) {
|
+ switch (key_blobtype) {
|
||||||
+ case MM_USERKEY:
|
+ case MM_USERKEY:
|
||||||
+ verified = pubkey_key_verify(key, signature, signaturelen, data, datalen);
|
+ verified = user_key_verify(key, signature, signaturelen, data, datalen);
|
||||||
+ break;
|
+ break;
|
||||||
+ case MM_HOSTKEY:
|
+ case MM_HOSTKEY:
|
||||||
+ verified = hostkey_key_verify(key, signature, signaturelen, data, datalen);
|
+ verified = hostbased_key_verify(key, signature, signaturelen, data, datalen);
|
||||||
+ break;
|
+ break;
|
||||||
+ default:
|
+ default:
|
||||||
+ verified = 0;
|
+ verified = 0;
|
||||||
@ -259,3 +298,56 @@ diff -up openssh-5.8p1/monitor.c.audit2 openssh-5.8p1/monitor.c
|
|||||||
debug3("%s: key %p signature %s",
|
debug3("%s: key %p signature %s",
|
||||||
__func__, key, (verified == 1) ? "verified" : "unverified");
|
__func__, key, (verified == 1) ? "verified" : "unverified");
|
||||||
|
|
||||||
|
diff -up openssh-5.8p1/monitor_wrap.c.audit2 openssh-5.8p1/monitor_wrap.c
|
||||||
|
--- openssh-5.8p1/monitor_wrap.c.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
|
+++ openssh-5.8p1/monitor_wrap.c 2011-03-04 14:28:17.000000000 +0100
|
||||||
|
@@ -393,7 +393,7 @@ mm_key_allowed(enum mm_keytype type, cha
|
||||||
|
*/
|
||||||
|
|
||||||
|
int
|
||||||
|
-mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
||||||
|
+mm_key_verify(enum mm_keytype type, Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
||||||
|
{
|
||||||
|
Buffer m;
|
||||||
|
u_char *blob;
|
||||||
|
@@ -407,6 +407,7 @@ mm_key_verify(Key *key, u_char *sig, u_i
|
||||||
|
return (0);
|
||||||
|
|
||||||
|
buffer_init(&m);
|
||||||
|
+ buffer_put_int(&m, type);
|
||||||
|
buffer_put_string(&m, blob, len);
|
||||||
|
buffer_put_string(&m, sig, siglen);
|
||||||
|
buffer_put_string(&m, data, datalen);
|
||||||
|
@@ -424,6 +425,19 @@ mm_key_verify(Key *key, u_char *sig, u_i
|
||||||
|
return (verified);
|
||||||
|
}
|
||||||
|
|
||||||
|
+int
|
||||||
|
+mm_hostbased_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
||||||
|
+{
|
||||||
|
+ return mm_key_verify(MM_HOSTKEY, key, sig, siglen, data, datalen);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int
|
||||||
|
+mm_user_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
||||||
|
+{
|
||||||
|
+ return mm_key_verify(MM_USERKEY, key, sig, siglen, data, datalen);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
/* Export key state after authentication */
|
||||||
|
Newkeys *
|
||||||
|
mm_newkeys_from_blob(u_char *blob, int blen)
|
||||||
|
diff -up openssh-5.8p1/monitor_wrap.h.audit2 openssh-5.8p1/monitor_wrap.h
|
||||||
|
--- openssh-5.8p1/monitor_wrap.h.audit2 2011-03-04 14:28:16.000000000 +0100
|
||||||
|
+++ openssh-5.8p1/monitor_wrap.h 2011-03-04 14:28:17.000000000 +0100
|
||||||
|
@@ -48,7 +48,8 @@ int mm_key_allowed(enum mm_keytype, char
|
||||||
|
int mm_user_key_allowed(struct passwd *, Key *);
|
||||||
|
int mm_hostbased_key_allowed(struct passwd *, char *, char *, Key *);
|
||||||
|
int mm_auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *);
|
||||||
|
-int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int);
|
||||||
|
+int mm_hostbased_key_verify(Key *, u_char *, u_int, u_char *, u_int);
|
||||||
|
+int mm_user_key_verify(Key *, u_char *, u_int, u_char *, u_int);
|
||||||
|
int mm_auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **);
|
||||||
|
int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *);
|
||||||
|
BIGNUM *mm_auth_rsa_generate_challenge(Key *);
|
||||||
|
@ -1,153 +0,0 @@
|
|||||||
diff -up openssh-5.8p1/auth2-hostbased.c.audit2a openssh-5.8p1/auth2-hostbased.c
|
|
||||||
--- openssh-5.8p1/auth2-hostbased.c.audit2a 2011-03-02 08:26:16.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/auth2-hostbased.c 2011-03-02 08:26:17.000000000 +0100
|
|
||||||
@@ -119,7 +119,7 @@ userauth_hostbased(Authctxt *authctxt)
|
|
||||||
/* test for allowed key and correct signature */
|
|
||||||
authenticated = 0;
|
|
||||||
if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
|
|
||||||
- PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
|
|
||||||
+ PRIVSEP(hostbased_key_verify(key, sig, slen, buffer_ptr(&b),
|
|
||||||
buffer_len(&b))) == 1)
|
|
||||||
authenticated = 1;
|
|
||||||
|
|
||||||
@@ -137,7 +137,7 @@ done:
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
|
||||||
-hostkey_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
|
||||||
+hostbased_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
|
||||||
{
|
|
||||||
int rv;
|
|
||||||
|
|
||||||
diff -up openssh-5.8p1/auth2-pubkey.c.audit2a openssh-5.8p1/auth2-pubkey.c
|
|
||||||
--- openssh-5.8p1/auth2-pubkey.c.audit2a 2011-03-02 08:26:16.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/auth2-pubkey.c 2011-03-02 08:26:17.000000000 +0100
|
|
||||||
@@ -140,7 +140,7 @@ userauth_pubkey(Authctxt *authctxt)
|
|
||||||
/* test for correct signature */
|
|
||||||
authenticated = 0;
|
|
||||||
if (PRIVSEP(user_key_allowed(authctxt->pw, key)) &&
|
|
||||||
- PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
|
|
||||||
+ PRIVSEP(user_key_verify(key, sig, slen, buffer_ptr(&b),
|
|
||||||
buffer_len(&b))) == 1)
|
|
||||||
authenticated = 1;
|
|
||||||
buffer_free(&b);
|
|
||||||
@@ -178,7 +178,7 @@ done:
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
|
||||||
-pubkey_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
|
||||||
+user_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
|
|
||||||
{
|
|
||||||
int rv;
|
|
||||||
|
|
||||||
diff -up openssh-5.8p1/auth.h.audit2a openssh-5.8p1/auth.h
|
|
||||||
--- openssh-5.8p1/auth.h.audit2a 2011-03-02 08:26:16.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/auth.h 2011-03-02 08:26:17.000000000 +0100
|
|
||||||
@@ -170,7 +170,7 @@ void abandon_challenge_response(Authctxt
|
|
||||||
char *authorized_keys_file(struct passwd *);
|
|
||||||
char *authorized_keys_file2(struct passwd *);
|
|
||||||
char *authorized_principals_file(struct passwd *);
|
|
||||||
-int pubkey_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
|
||||||
+int user_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
|
||||||
|
|
||||||
FILE *auth_openkeyfile(const char *, struct passwd *, int);
|
|
||||||
FILE *auth_openprincipals(const char *, struct passwd *, int);
|
|
||||||
@@ -186,7 +186,7 @@ Key *get_hostkey_public_by_type(int);
|
|
||||||
Key *get_hostkey_private_by_type(int);
|
|
||||||
int get_hostkey_index(Key *);
|
|
||||||
int ssh1_session_key(BIGNUM *);
|
|
||||||
-int hostkey_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
|
||||||
+int hostbased_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
|
|
||||||
|
|
||||||
/* debug messages during authentication */
|
|
||||||
void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
|
|
||||||
diff -up openssh-5.8p1/monitor.c.audit2a openssh-5.8p1/monitor.c
|
|
||||||
--- openssh-5.8p1/monitor.c.audit2a 2011-03-02 08:26:17.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/monitor.c 2011-03-02 08:26:17.000000000 +0100
|
|
||||||
@@ -1208,9 +1208,11 @@ mm_answer_keyverify(int sock, Buffer *m)
|
|
||||||
Key *key;
|
|
||||||
u_char *signature, *data, *blob;
|
|
||||||
u_int signaturelen, datalen, bloblen;
|
|
||||||
+ int type = 0;
|
|
||||||
int verified = 0;
|
|
||||||
int valid_data = 0;
|
|
||||||
|
|
||||||
+ type = buffer_get_int(m);
|
|
||||||
blob = buffer_get_string(m, &bloblen);
|
|
||||||
signature = buffer_get_string(m, &signaturelen);
|
|
||||||
data = buffer_get_string(m, &datalen);
|
|
||||||
@@ -1218,6 +1220,8 @@ mm_answer_keyverify(int sock, Buffer *m)
|
|
||||||
if (hostbased_cuser == NULL || hostbased_chost == NULL ||
|
|
||||||
!monitor_allowed_key(blob, bloblen))
|
|
||||||
fatal("%s: bad key, not previously allowed", __func__);
|
|
||||||
+ if (type != key_blobtype)
|
|
||||||
+ fatal("%s: bad key type", __func__);
|
|
||||||
|
|
||||||
key = key_from_blob(blob, bloblen);
|
|
||||||
if (key == NULL)
|
|
||||||
@@ -1240,10 +1244,10 @@ mm_answer_keyverify(int sock, Buffer *m)
|
|
||||||
|
|
||||||
switch (key_blobtype) {
|
|
||||||
case MM_USERKEY:
|
|
||||||
- verified = pubkey_key_verify(key, signature, signaturelen, data, datalen);
|
|
||||||
+ verified = user_key_verify(key, signature, signaturelen, data, datalen);
|
|
||||||
break;
|
|
||||||
case MM_HOSTKEY:
|
|
||||||
- verified = hostkey_key_verify(key, signature, signaturelen, data, datalen);
|
|
||||||
+ verified = hostbased_key_verify(key, signature, signaturelen, data, datalen);
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
verified = 0;
|
|
||||||
diff -up openssh-5.8p1/monitor_wrap.c.audit2a openssh-5.8p1/monitor_wrap.c
|
|
||||||
--- openssh-5.8p1/monitor_wrap.c.audit2a 2011-03-02 08:26:16.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/monitor_wrap.c 2011-03-02 08:26:17.000000000 +0100
|
|
||||||
@@ -393,7 +393,7 @@ mm_key_allowed(enum mm_keytype type, cha
|
|
||||||
*/
|
|
||||||
|
|
||||||
int
|
|
||||||
-mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
|
||||||
+mm_key_verify(enum mm_keytype type, Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
|
||||||
{
|
|
||||||
Buffer m;
|
|
||||||
u_char *blob;
|
|
||||||
@@ -407,6 +407,7 @@ mm_key_verify(Key *key, u_char *sig, u_i
|
|
||||||
return (0);
|
|
||||||
|
|
||||||
buffer_init(&m);
|
|
||||||
+ buffer_put_int(&m, type);
|
|
||||||
buffer_put_string(&m, blob, len);
|
|
||||||
buffer_put_string(&m, sig, siglen);
|
|
||||||
buffer_put_string(&m, data, datalen);
|
|
||||||
@@ -424,6 +425,19 @@ mm_key_verify(Key *key, u_char *sig, u_i
|
|
||||||
return (verified);
|
|
||||||
}
|
|
||||||
|
|
||||||
+int
|
|
||||||
+mm_hostbased_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
|
||||||
+{
|
|
||||||
+ return mm_key_verify(MM_HOSTKEY, key, sig, siglen, data, datalen);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+mm_user_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
|
|
||||||
+{
|
|
||||||
+ return mm_key_verify(MM_USERKEY, key, sig, siglen, data, datalen);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+
|
|
||||||
/* Export key state after authentication */
|
|
||||||
Newkeys *
|
|
||||||
mm_newkeys_from_blob(u_char *blob, int blen)
|
|
||||||
diff -up openssh-5.8p1/monitor_wrap.h.audit2a openssh-5.8p1/monitor_wrap.h
|
|
||||||
--- openssh-5.8p1/monitor_wrap.h.audit2a 2011-03-02 08:26:16.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/monitor_wrap.h 2011-03-02 08:26:17.000000000 +0100
|
|
||||||
@@ -48,7 +48,8 @@ int mm_key_allowed(enum mm_keytype, char
|
|
||||||
int mm_user_key_allowed(struct passwd *, Key *);
|
|
||||||
int mm_hostbased_key_allowed(struct passwd *, char *, char *, Key *);
|
|
||||||
int mm_auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *);
|
|
||||||
-int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int);
|
|
||||||
+int mm_hostbased_key_verify(Key *, u_char *, u_int, u_char *, u_int);
|
|
||||||
+int mm_user_key_verify(Key *, u_char *, u_int, u_char *, u_int);
|
|
||||||
int mm_auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **);
|
|
||||||
int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *);
|
|
||||||
BIGNUM *mm_auth_rsa_generate_challenge(Key *);
|
|
@ -1,6 +1,41 @@
|
|||||||
|
diff -up openssh-5.8p1/auth2-pubkey.c.keycat openssh-5.8p1/auth2-pubkey.c
|
||||||
|
--- openssh-5.8p1/auth2-pubkey.c.keycat 2011-03-04 14:40:23.000000000 +0100
|
||||||
|
+++ openssh-5.8p1/auth2-pubkey.c 2011-03-04 14:40:23.000000000 +0100
|
||||||
|
@@ -579,6 +579,14 @@ user_key_via_command_allowed2(struct pas
|
||||||
|
close(i);
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifdef WITH_SELINUX
|
||||||
|
+ if (ssh_selinux_setup_env_variables() < 0) {
|
||||||
|
+ error ("failed to copy environment: %s",
|
||||||
|
+ strerror(errno));
|
||||||
|
+ _exit(127);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
execl(options.authorized_keys_command, options.authorized_keys_command, pw->pw_name, NULL);
|
||||||
|
|
||||||
|
/* if we got here, it didn't work */
|
||||||
|
diff -up openssh-5.8p1/HOWTO.ssh-keycat.keycat openssh-5.8p1/HOWTO.ssh-keycat
|
||||||
|
--- openssh-5.8p1/HOWTO.ssh-keycat.keycat 2011-03-04 14:53:14.000000000 +0100
|
||||||
|
+++ openssh-5.8p1/HOWTO.ssh-keycat 2011-03-04 14:56:39.000000000 +0100
|
||||||
|
@@ -0,0 +1,13 @@
|
||||||
|
+
|
||||||
|
+The ssh-keycat returns the content of the ~/.ssh/authorized_keys
|
||||||
|
+in the stdandard out of any user in any environment, including
|
||||||
|
+polyinstatination and mls.
|
||||||
|
+
|
||||||
|
+To use it set:
|
||||||
|
+ AuthorizedKeysCommand /usr/libexec/openssh/ssh-keycat
|
||||||
|
+ AuthorizedKeysCommandRunAs root
|
||||||
|
+
|
||||||
|
+Do not forget to set
|
||||||
|
+ PubkeyAuthentication yes
|
||||||
|
+
|
||||||
|
+
|
||||||
diff -up openssh-5.8p1/Makefile.in.keycat openssh-5.8p1/Makefile.in
|
diff -up openssh-5.8p1/Makefile.in.keycat openssh-5.8p1/Makefile.in
|
||||||
--- openssh-5.8p1/Makefile.in.keycat 2011-02-28 12:06:55.000000000 +0100
|
--- openssh-5.8p1/Makefile.in.keycat 2011-03-04 14:40:23.000000000 +0100
|
||||||
+++ openssh-5.8p1/Makefile.in 2011-02-28 12:11:18.000000000 +0100
|
+++ openssh-5.8p1/Makefile.in 2011-03-04 14:40:23.000000000 +0100
|
||||||
@@ -28,6 +28,7 @@ SSH_KEYSIGN=$(libexecdir)/ssh-keysign
|
@@ -28,6 +28,7 @@ SSH_KEYSIGN=$(libexecdir)/ssh-keysign
|
||||||
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
|
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
|
||||||
SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper
|
SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper
|
||||||
@ -18,7 +53,7 @@ diff -up openssh-5.8p1/Makefile.in.keycat openssh-5.8p1/Makefile.in
|
|||||||
|
|
||||||
LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
|
LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
|
||||||
canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
|
canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
|
||||||
@@ -173,6 +174,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
|
@@ -172,6 +173,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
|
||||||
ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
|
ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
|
||||||
$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
|
$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
|
||||||
|
|
||||||
@ -28,7 +63,7 @@ diff -up openssh-5.8p1/Makefile.in.keycat openssh-5.8p1/Makefile.in
|
|||||||
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
|
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
|
||||||
$(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
|
$(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
|
||||||
|
|
||||||
@@ -281,6 +285,7 @@ install-files:
|
@@ -280,6 +284,7 @@ install-files:
|
||||||
$(INSTALL) -m 0700 $(STRIP_OPT) ssh-ldap-helper $(DESTDIR)$(SSH_LDAP_HELPER) ; \
|
$(INSTALL) -m 0700 $(STRIP_OPT) ssh-ldap-helper $(DESTDIR)$(SSH_LDAP_HELPER) ; \
|
||||||
$(INSTALL) -m 0700 ssh-ldap-wrapper $(DESTDIR)$(SSH_LDAP_WRAPPER) ; \
|
$(INSTALL) -m 0700 ssh-ldap-wrapper $(DESTDIR)$(SSH_LDAP_WRAPPER) ; \
|
||||||
fi
|
fi
|
||||||
@ -36,10 +71,67 @@ diff -up openssh-5.8p1/Makefile.in.keycat openssh-5.8p1/Makefile.in
|
|||||||
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
|
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
|
||||||
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
|
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
|
||||||
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
|
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
|
||||||
|
diff -up openssh-5.8p1/openbsd-compat/port-linux.c.keycat openssh-5.8p1/openbsd-compat/port-linux.c
|
||||||
|
--- openssh-5.8p1/openbsd-compat/port-linux.c.keycat 2011-03-04 14:40:23.000000000 +0100
|
||||||
|
+++ openssh-5.8p1/openbsd-compat/port-linux.c 2011-03-04 14:40:23.000000000 +0100
|
||||||
|
@@ -309,7 +309,7 @@ ssh_selinux_getctxbyname(char *pwname,
|
||||||
|
|
||||||
|
/* Setup environment variables for pam_selinux */
|
||||||
|
static int
|
||||||
|
-ssh_selinux_setup_pam_variables(void)
|
||||||
|
+ssh_selinux_setup_variables(int(*set_it)(const char *, const char *))
|
||||||
|
{
|
||||||
|
const char *reqlvl;
|
||||||
|
char *role;
|
||||||
|
@@ -320,16 +320,16 @@ ssh_selinux_setup_pam_variables(void)
|
||||||
|
|
||||||
|
ssh_selinux_get_role_level(&role, &reqlvl);
|
||||||
|
|
||||||
|
- rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : "");
|
||||||
|
+ rv = set_it("SELINUX_ROLE_REQUESTED", role ? role : "");
|
||||||
|
|
||||||
|
if (inetd_flag && !rexeced_flag) {
|
||||||
|
use_current = "1";
|
||||||
|
} else {
|
||||||
|
use_current = "";
|
||||||
|
- rv = rv || do_pam_putenv("SELINUX_LEVEL_REQUESTED", reqlvl ? reqlvl: "");
|
||||||
|
+ rv = rv || set_it("SELINUX_LEVEL_REQUESTED", reqlvl ? reqlvl: "");
|
||||||
|
}
|
||||||
|
|
||||||
|
- rv = rv || do_pam_putenv("SELINUX_USE_CURRENT_RANGE", use_current);
|
||||||
|
+ rv = rv || set_it("SELINUX_USE_CURRENT_RANGE", use_current);
|
||||||
|
|
||||||
|
if (role != NULL)
|
||||||
|
xfree(role);
|
||||||
|
@@ -337,6 +337,24 @@ ssh_selinux_setup_pam_variables(void)
|
||||||
|
return rv;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static int
|
||||||
|
+ssh_selinux_setup_pam_variables(void)
|
||||||
|
+{
|
||||||
|
+ return ssh_selinux_setup_variables(do_pam_putenv);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static int
|
||||||
|
+do_setenv(char *name, char *value)
|
||||||
|
+{
|
||||||
|
+ return setenv(name, value, 1);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int
|
||||||
|
+ssh_selinux_setup_env_variables(void)
|
||||||
|
+{
|
||||||
|
+ return ssh_selinux_setup_variables(do_setenv);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/* Set the execution context to the default for the specified user */
|
||||||
|
void
|
||||||
|
ssh_selinux_setup_exec_context(char *pwname)
|
||||||
diff -up openssh-5.8p1/ssh-keycat.c.keycat openssh-5.8p1/ssh-keycat.c
|
diff -up openssh-5.8p1/ssh-keycat.c.keycat openssh-5.8p1/ssh-keycat.c
|
||||||
--- openssh-5.8p1/ssh-keycat.c.keycat 2011-02-28 12:06:28.000000000 +0100
|
--- openssh-5.8p1/ssh-keycat.c.keycat 2011-03-04 14:40:23.000000000 +0100
|
||||||
+++ openssh-5.8p1/ssh-keycat.c 2011-02-25 18:46:31.000000000 +0100
|
+++ openssh-5.8p1/ssh-keycat.c 2011-03-04 14:40:23.000000000 +0100
|
||||||
@@ -0,0 +1,205 @@
|
@@ -0,0 +1,238 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Redistribution and use in source and binary forms, with or without
|
+ * Redistribution and use in source and binary forms, with or without
|
||||||
+ * modification, are permitted provided that the following conditions
|
+ * modification, are permitted provided that the following conditions
|
||||||
@ -107,6 +199,7 @@ diff -up openssh-5.8p1/ssh-keycat.c.keycat openssh-5.8p1/ssh-keycat.c
|
|||||||
+#define ERR_FDOPEN 10
|
+#define ERR_FDOPEN 10
|
||||||
+#define ERR_STAT 11
|
+#define ERR_STAT 11
|
||||||
+#define ERR_WRITE 12
|
+#define ERR_WRITE 12
|
||||||
|
+#define ERR_PAM_PUTENV 13
|
||||||
+#define BUFLEN 4096
|
+#define BUFLEN 4096
|
||||||
+
|
+
|
||||||
+/* Just ignore the messages in the conversation function */
|
+/* Just ignore the messages in the conversation function */
|
||||||
@ -208,6 +301,34 @@ diff -up openssh-5.8p1/ssh-keycat.c.keycat openssh-5.8p1/ssh-keycat.c
|
|||||||
+ return rv;
|
+ return rv;
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
|
+static const char *env_names[] = { "SELINUX_ROLE_REQUESTED",
|
||||||
|
+ "SELINUX_LEVEL_REQUESTED",
|
||||||
|
+ "SELINUX_USE_CURRENT_RANGE"
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+extern char **environ;
|
||||||
|
+
|
||||||
|
+int
|
||||||
|
+set_pam_environment(pam_handle_t *pamh)
|
||||||
|
+{
|
||||||
|
+ int i;
|
||||||
|
+ size_t j;
|
||||||
|
+
|
||||||
|
+ for (j = 0; j < sizeof(env_names)/sizeof(env_names[0]); ++j) {
|
||||||
|
+ int len = strlen(env_names[j]);
|
||||||
|
+
|
||||||
|
+ for (i = 0; environ[i] != NULL; ++i) {
|
||||||
|
+ if (strncmp(env_names[j], environ[i], len) == 0 &&
|
||||||
|
+ environ[i][len] == '=') {
|
||||||
|
+ if (pam_putenv(pamh, environ[i]) != PAM_SUCCESS)
|
||||||
|
+ return ERR_PAM_PUTENV;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
+int
|
+int
|
||||||
+main(int argc, char *argv[])
|
+main(int argc, char *argv[])
|
||||||
+{
|
+{
|
||||||
@ -225,6 +346,10 @@ diff -up openssh-5.8p1/ssh-keycat.c.keycat openssh-5.8p1/ssh-keycat.c
|
|||||||
+ return ERR_PAM_START;
|
+ return ERR_PAM_START;
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
|
+ ev = set_pam_environment(pamh);
|
||||||
|
+ if (ev != 0)
|
||||||
|
+ goto finish;
|
||||||
|
+
|
||||||
+ retval = pam_open_session(pamh, PAM_SILENT);
|
+ retval = pam_open_session(pamh, PAM_SILENT);
|
||||||
+ if (retval != PAM_SUCCESS) {
|
+ if (retval != PAM_SUCCESS) {
|
||||||
+ ev = ERR_OPEN_SESSION;
|
+ ev = ERR_OPEN_SESSION;
|
||||||
|
@ -1,132 +0,0 @@
|
|||||||
diff -up openssh-5.8p1/auth2-pubkey.c.keycat2 openssh-5.8p1/auth2-pubkey.c
|
|
||||||
--- openssh-5.8p1/auth2-pubkey.c.keycat2 2011-03-01 06:57:03.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/auth2-pubkey.c 2011-03-01 07:25:04.000000000 +0100
|
|
||||||
@@ -579,6 +579,14 @@ user_key_via_command_allowed2(struct pas
|
|
||||||
close(i);
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifdef WITH_SELINUX
|
|
||||||
+ if (ssh_selinux_setup_env_variables() < 0) {
|
|
||||||
+ error ("failed to copy environment: %s",
|
|
||||||
+ strerror(errno));
|
|
||||||
+ _exit(127);
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
execl(options.authorized_keys_command, options.authorized_keys_command, pw->pw_name, NULL);
|
|
||||||
|
|
||||||
/* if we got here, it didn't work */
|
|
||||||
diff -up openssh-5.8p1/openbsd-compat/port-linux.c.keycat2 openssh-5.8p1/openbsd-compat/port-linux.c
|
|
||||||
--- openssh-5.8p1/openbsd-compat/port-linux.c.keycat2 2011-03-01 07:00:32.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/openbsd-compat/port-linux.c 2011-03-01 07:23:13.000000000 +0100
|
|
||||||
@@ -309,7 +309,7 @@ ssh_selinux_getctxbyname(char *pwname,
|
|
||||||
|
|
||||||
/* Setup environment variables for pam_selinux */
|
|
||||||
static int
|
|
||||||
-ssh_selinux_setup_pam_variables(void)
|
|
||||||
+ssh_selinux_setup_variables(int(*set_it)(const char *, const char *))
|
|
||||||
{
|
|
||||||
const char *reqlvl;
|
|
||||||
char *role;
|
|
||||||
@@ -320,16 +320,16 @@ ssh_selinux_setup_pam_variables(void)
|
|
||||||
|
|
||||||
ssh_selinux_get_role_level(&role, &reqlvl);
|
|
||||||
|
|
||||||
- rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : "");
|
|
||||||
+ rv = set_it("SELINUX_ROLE_REQUESTED", role ? role : "");
|
|
||||||
|
|
||||||
if (inetd_flag && !rexeced_flag) {
|
|
||||||
use_current = "1";
|
|
||||||
} else {
|
|
||||||
use_current = "";
|
|
||||||
- rv = rv || do_pam_putenv("SELINUX_LEVEL_REQUESTED", reqlvl ? reqlvl: "");
|
|
||||||
+ rv = rv || set_it("SELINUX_LEVEL_REQUESTED", reqlvl ? reqlvl: "");
|
|
||||||
}
|
|
||||||
|
|
||||||
- rv = rv || do_pam_putenv("SELINUX_USE_CURRENT_RANGE", use_current);
|
|
||||||
+ rv = rv || set_it("SELINUX_USE_CURRENT_RANGE", use_current);
|
|
||||||
|
|
||||||
if (role != NULL)
|
|
||||||
xfree(role);
|
|
||||||
@@ -337,6 +337,24 @@ ssh_selinux_setup_pam_variables(void)
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static int
|
|
||||||
+ssh_selinux_setup_pam_variables(void)
|
|
||||||
+{
|
|
||||||
+ return ssh_selinux_setup_variables(do_pam_putenv);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int
|
|
||||||
+do_setenv(char *name, char *value)
|
|
||||||
+{
|
|
||||||
+ return setenv(name, value, 1);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+ssh_selinux_setup_env_variables(void)
|
|
||||||
+{
|
|
||||||
+ return ssh_selinux_setup_variables(do_setenv);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/* Set the execution context to the default for the specified user */
|
|
||||||
void
|
|
||||||
ssh_selinux_setup_exec_context(char *pwname)
|
|
||||||
diff -up openssh-5.8p1/ssh-keycat.c.keycat2 openssh-5.8p1/ssh-keycat.c
|
|
||||||
--- openssh-5.8p1/ssh-keycat.c.keycat2 2011-03-01 06:56:02.000000000 +0100
|
|
||||||
+++ openssh-5.8p1/ssh-keycat.c 2011-03-01 06:56:02.000000000 +0100
|
|
||||||
@@ -65,6 +65,7 @@
|
|
||||||
#define ERR_FDOPEN 10
|
|
||||||
#define ERR_STAT 11
|
|
||||||
#define ERR_WRITE 12
|
|
||||||
+#define ERR_PAM_PUTENV 13
|
|
||||||
#define BUFLEN 4096
|
|
||||||
|
|
||||||
/* Just ignore the messages in the conversation function */
|
|
||||||
@@ -166,6 +167,34 @@ fail:
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static const char *env_names[] = { "SELINUX_ROLE_REQUESTED",
|
|
||||||
+ "SELINUX_LEVEL_REQUESTED",
|
|
||||||
+ "SELINUX_USE_CURRENT_RANGE"
|
|
||||||
+};
|
|
||||||
+
|
|
||||||
+extern char **environ;
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+set_pam_environment(pam_handle_t *pamh)
|
|
||||||
+{
|
|
||||||
+ int i;
|
|
||||||
+ size_t j;
|
|
||||||
+
|
|
||||||
+ for (j = 0; j < sizeof(env_names)/sizeof(env_names[0]); ++j) {
|
|
||||||
+ int len = strlen(env_names[j]);
|
|
||||||
+
|
|
||||||
+ for (i = 0; environ[i] != NULL; ++i) {
|
|
||||||
+ if (strncmp(env_names[j], environ[i], len) == 0 &&
|
|
||||||
+ environ[i][len] == '=') {
|
|
||||||
+ if (pam_putenv(pamh, environ[i]) != PAM_SUCCESS)
|
|
||||||
+ return ERR_PAM_PUTENV;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ return 0;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(int argc, char *argv[])
|
|
||||||
{
|
|
||||||
@@ -183,6 +212,10 @@ main(int argc, char *argv[])
|
|
||||||
return ERR_PAM_START;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ ev = set_pam_environment(pamh);
|
|
||||||
+ if (ev != 0)
|
|
||||||
+ goto finish;
|
|
||||||
+
|
|
||||||
retval = pam_open_session(pamh, PAM_SILENT);
|
|
||||||
if (retval != PAM_SUCCESS) {
|
|
||||||
ev = ERR_OPEN_SESSION;
|
|
@ -71,7 +71,7 @@
|
|||||||
|
|
||||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||||
%define openssh_ver 5.8p1
|
%define openssh_ver 5.8p1
|
||||||
%define openssh_rel 13
|
%define openssh_rel 14
|
||||||
%define pam_ssh_agent_ver 0.9.2
|
%define pam_ssh_agent_ver 0.9.2
|
||||||
%define pam_ssh_agent_rel 30
|
%define pam_ssh_agent_rel 30
|
||||||
|
|
||||||
@ -628,6 +628,7 @@ fi
|
|||||||
|
|
||||||
%files keycat
|
%files keycat
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
|
%doc HOWTO.ssh-keycat
|
||||||
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-keycat
|
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-keycat
|
||||||
%attr(0644,root,root) %config(noreplace) /etc/pam.d/ssh-keycat
|
%attr(0644,root,root) %config(noreplace) /etc/pam.d/ssh-keycat
|
||||||
|
|
||||||
@ -648,6 +649,9 @@ fi
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Mar 4 2011 Jan F. Chadima <jchadima@redhat.com> - 5.8p1-14 + 0.9.2-30
|
||||||
|
- improove ssk-keycat (documentation)
|
||||||
|
|
||||||
* Thu Mar 3 2011 Jan F. Chadima <jchadima@redhat.com> - 5.8p1-13 + 0.9.2-30
|
* Thu Mar 3 2011 Jan F. Chadima <jchadima@redhat.com> - 5.8p1-13 + 0.9.2-30
|
||||||
- improve audit of logins and auths
|
- improve audit of logins and auths
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
# pam_selinux.so close should be the first session rule
|
# pam_selinux.so close should be the first session rule
|
||||||
session required pam_selinux.so close
|
session required pam_selinux.so close
|
||||||
session required pam_loginuid.so
|
session required pam_loginuid.so
|
||||||
# pam_selinux.so open should only be followed by sessions to be executed in the
|
# pam_selinux.so open should only be followed by sessions to be executed in the user context
|
||||||
user context
|
|
||||||
session required pam_selinux.so open env_params
|
session required pam_selinux.so open env_params
|
||||||
session required pam_namespace.so
|
session required pam_namespace.so
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user