Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | | - |
26 | #include "includes.h" | - |
27 | | - |
28 | #include <sys/types.h> | - |
29 | #include <sys/stat.h> | - |
30 | #include <sys/socket.h> | - |
31 | #include <sys/wait.h> | - |
32 | | - |
33 | #include <netinet/in.h> | - |
34 | | - |
35 | #include <errno.h> | - |
36 | #include <fcntl.h> | - |
37 | #ifdef HAVE_PATHS_H | - |
38 | # include <paths.h> | - |
39 | #endif | - |
40 | #include <pwd.h> | - |
41 | #ifdef HAVE_LOGIN_H | - |
42 | #include <login.h> | - |
43 | #endif | - |
44 | #ifdef USE_SHADOW | - |
45 | #include <shadow.h> | - |
46 | #endif | - |
47 | #include <stdarg.h> | - |
48 | #include <stdio.h> | - |
49 | #include <string.h> | - |
50 | #include <unistd.h> | - |
51 | #include <limits.h> | - |
52 | #include <netdb.h> | - |
53 | | - |
54 | #include "xmalloc.h" | - |
55 | #include "match.h" | - |
56 | #include "groupaccess.h" | - |
57 | #include "log.h" | - |
58 | #include "sshbuf.h" | - |
59 | #include "misc.h" | - |
60 | #include "servconf.h" | - |
61 | #include "sshkey.h" | - |
62 | #include "hostfile.h" | - |
63 | #include "auth.h" | - |
64 | #include "auth-options.h" | - |
65 | #include "canohost.h" | - |
66 | #include "uidswap.h" | - |
67 | #include "packet.h" | - |
68 | #include "loginrec.h" | - |
69 | #ifdef GSSAPI | - |
70 | #include "ssh-gss.h" | - |
71 | #endif | - |
72 | #include "authfile.h" | - |
73 | #include "monitor_wrap.h" | - |
74 | #include "authfile.h" | - |
75 | #include "ssherr.h" | - |
76 | #include "compat.h" | - |
77 | #include "channels.h" | - |
78 | | - |
79 | | - |
80 | extern ServerOptions options; | - |
81 | extern int use_privsep; | - |
82 | extern struct sshbuf *loginmsg; | - |
83 | extern struct passwd *privsep_pw; | - |
84 | extern struct sshauthopt *auth_opts; | - |
85 | | - |
86 | | - |
87 | static struct sshbuf *auth_debug; | - |
88 | | - |
89 | | - |
90 | | - |
91 | | - |
92 | | - |
93 | | - |
94 | | - |
95 | | - |
96 | | - |
97 | | - |
98 | int | - |
99 | allowed_user(struct passwd * pw) | - |
100 | { | - |
101 | struct ssh *ssh = active_state; | - |
102 | struct stat st; | - |
103 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | - |
104 | u_int i; | - |
105 | int r; | - |
106 | #ifdef USE_SHADOW | - |
107 | struct spwd *spw = NULL; | - |
108 | #endif | - |
109 | | - |
110 | | - |
111 | if (!pw || !pw->pw_name)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
112 | return 0; never executed: return 0; | 0 |
113 | | - |
114 | #ifdef USE_SHADOW | - |
115 | if (!options.use_pam)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
116 | spw = getspnam(pw->pw_name); never executed: spw = getspnam(pw->pw_name); | 0 |
117 | #ifdef HAS_SHADOW_EXPIRE | - |
118 | if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
119 | return 0; never executed: return 0; | 0 |
120 | #endif /* HAS_SHADOW_EXPIRE */ | - |
121 | #endif /* USE_SHADOW */ | - |
122 | | - |
123 | | - |
124 | passwd = pw->pw_passwd; | - |
125 | #ifdef USE_SHADOW | - |
126 | if (spw != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
127 | #ifdef USE_LIBIAF | - |
128 | passwd = get_iaf_password(pw); | - |
129 | #else | - |
130 | passwd = spw->sp_pwdp; never executed: passwd = spw->sp_pwdp; | 0 |
131 | #endif /* USE_LIBIAF */ | - |
132 | #endif | - |
133 | | - |
134 | | - |
135 | if (!options.use_pam && passwd && *passwd) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
136 | int locked = 0; | - |
137 | | - |
138 | #ifdef LOCKED_PASSWD_STRING | - |
139 | if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) | - |
140 | locked = 1; | - |
141 | #endif | - |
142 | #ifdef LOCKED_PASSWD_PREFIX | - |
143 | if (strncmp(passwd, LOCKED_PASSWD_PREFIX, never executed: __result = (((const unsigned char *) (const char *) ( passwd ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "!" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
144 | strlen(LOCKED_PASSWD_PREFIX)) == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
145 | locked = 1; never executed: locked = 1; | 0 |
146 | #endif | - |
147 | #ifdef LOCKED_PASSWD_SUBSTR | - |
148 | if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) | - |
149 | locked = 1; | - |
150 | #endif | - |
151 | #ifdef USE_LIBIAF | - |
152 | free((void *) passwd); | - |
153 | #endif /* USE_LIBIAF */ | - |
154 | if (locked) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
155 | logit("User %.100s not allowed because account is locked", | - |
156 | pw->pw_name); | - |
157 | return 0; never executed: return 0; | 0 |
158 | } | - |
159 | } never executed: end of block | 0 |
160 | | - |
161 | | - |
162 | | - |
163 | | - |
164 | | - |
165 | if (options.chroot_directory == NULL ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
166 | strcasecmp(options.chroot_directory, "none") == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
167 | char *shell = xstrdup((pw->pw_shell[0] == '\0') ? | - |
168 | _PATH_BSHELL : pw->pw_shell); | - |
169 | | - |
170 | if (stat(shell, &st) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
171 | logit("User %.100s not allowed because shell %.100s " | - |
172 | "does not exist", pw->pw_name, shell); | - |
173 | free(shell); | - |
174 | return 0; never executed: return 0; | 0 |
175 | } | - |
176 | if (S_ISREG(st.st_mode) == 0 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
177 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
178 | logit("User %.100s not allowed because shell %.100s " | - |
179 | "is not executable", pw->pw_name, shell); | - |
180 | free(shell); | - |
181 | return 0; never executed: return 0; | 0 |
182 | } | - |
183 | free(shell); | - |
184 | } never executed: end of block | 0 |
185 | | - |
186 | if (options.num_deny_users > 0 || options.num_allow_users > 0 ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
187 | options.num_deny_groups > 0 || options.num_allow_groups > 0) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
188 | hostname = auth_get_canonical_hostname(ssh, options.use_dns); | - |
189 | ipaddr = ssh_remote_ipaddr(ssh); | - |
190 | } never executed: end of block | 0 |
191 | | - |
192 | | - |
193 | if (options.num_deny_users > 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
194 | for (i = 0; i < options.num_deny_users; i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
195 | r = match_user(pw->pw_name, hostname, ipaddr, | - |
196 | options.deny_users[i]); | - |
197 | if (r < 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
198 | fatal("Invalid DenyUsers pattern \"%.100s\"", | - |
199 | options.deny_users[i]); | - |
200 | } else if (r != 0) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
201 | logit("User %.100s from %.100s not allowed " | - |
202 | "because listed in DenyUsers", | - |
203 | pw->pw_name, hostname); | - |
204 | return 0; never executed: return 0; | 0 |
205 | } | - |
206 | } never executed: end of block | 0 |
207 | } never executed: end of block | 0 |
208 | | - |
209 | if (options.num_allow_users > 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
210 | for (i = 0; i < options.num_allow_users; i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
211 | r = match_user(pw->pw_name, hostname, ipaddr, | - |
212 | options.allow_users[i]); | - |
213 | if (r < 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
214 | fatal("Invalid AllowUsers pattern \"%.100s\"", | - |
215 | options.allow_users[i]); | - |
216 | } else if (r == 1) never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
217 | break; never executed: break; | 0 |
218 | } never executed: end of block | 0 |
219 | | - |
220 | if (i >= options.num_allow_users) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
221 | logit("User %.100s from %.100s not allowed because " | - |
222 | "not listed in AllowUsers", pw->pw_name, hostname); | - |
223 | return 0; never executed: return 0; | 0 |
224 | } | - |
225 | } never executed: end of block | 0 |
226 | if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
227 | | - |
228 | if (ga_init(pw->pw_name, pw->pw_gid) == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
229 | logit("User %.100s from %.100s not allowed because " | - |
230 | "not in any group", pw->pw_name, hostname); | - |
231 | return 0; never executed: return 0; | 0 |
232 | } | - |
233 | | - |
234 | | - |
235 | if (options.num_deny_groups > 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
236 | if (ga_match(options.deny_groups,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
237 | options.num_deny_groups)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
238 | ga_free(); | - |
239 | logit("User %.100s from %.100s not allowed " | - |
240 | "because a group is listed in DenyGroups", | - |
241 | pw->pw_name, hostname); | - |
242 | return 0; never executed: return 0; | 0 |
243 | } | - |
244 | | - |
245 | | - |
246 | | - |
247 | | - |
248 | if (options.num_allow_groups > 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
249 | if (!ga_match(options.allow_groups,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
250 | options.num_allow_groups)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
251 | ga_free(); | - |
252 | logit("User %.100s from %.100s not allowed " | - |
253 | "because none of user's groups are listed " | - |
254 | "in AllowGroups", pw->pw_name, hostname); | - |
255 | return 0; never executed: return 0; | 0 |
256 | } | - |
257 | ga_free(); | - |
258 | } never executed: end of block | 0 |
259 | | - |
260 | #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER | - |
261 | if (!sys_auth_allowed_user(pw, &loginmsg)) | - |
262 | return 0; | - |
263 | #endif | - |
264 | | - |
265 | | - |
266 | return 1; never executed: return 1; | 0 |
267 | } | - |
268 | | - |
269 | | - |
270 | | - |
271 | | - |
272 | | - |
273 | static char * | - |
274 | format_method_key(Authctxt *authctxt) | - |
275 | { | - |
276 | const struct sshkey *key = authctxt->auth_method_key; | - |
277 | const char *methinfo = authctxt->auth_method_info; | - |
278 | char *fp, *cafp, *ret = NULL; | - |
279 | | - |
280 | if (key == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
281 | return NULL; never executed: return ((void *)0) ; | 0 |
282 | | - |
283 | if (sshkey_is_cert(key)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
284 | fp = sshkey_fingerprint(key, | - |
285 | options.fingerprint_hash, SSH_FP_DEFAULT); | - |
286 | cafp = sshkey_fingerprint(key->cert->signature_key, | - |
287 | options.fingerprint_hash, SSH_FP_DEFAULT); | - |
288 | xasprintf(&ret, "%s %s ID %s (serial %llu) CA %s %s%s%s", | - |
289 | sshkey_type(key), fp == NULL ? "(null)" : fp, | - |
290 | key->cert->key_id, | - |
291 | (unsigned long long)key->cert->serial, | - |
292 | sshkey_type(key->cert->signature_key), | - |
293 | cafp == NULL ? "(null)" : cafp, | - |
294 | methinfo == NULL ? "" : ", ", | - |
295 | methinfo == NULL ? "" : methinfo); | - |
296 | free(fp); | - |
297 | free(cafp); | - |
298 | } else { never executed: end of block | 0 |
299 | fp = sshkey_fingerprint(key, options.fingerprint_hash, | - |
300 | SSH_FP_DEFAULT); | - |
301 | xasprintf(&ret, "%s %s%s%s", sshkey_type(key), | - |
302 | fp == NULL ? "(null)" : fp, | - |
303 | methinfo == NULL ? "" : ", ", | - |
304 | methinfo == NULL ? "" : methinfo); | - |
305 | free(fp); | - |
306 | } never executed: end of block | 0 |
307 | return ret; never executed: return ret; | 0 |
308 | } | - |
309 | | - |
310 | void | - |
311 | auth_log(Authctxt *authctxt, int authenticated, int partial, | - |
312 | const char *method, const char *submethod) | - |
313 | { | - |
314 | struct ssh *ssh = active_state; | - |
315 | int level = SYSLOG_LEVEL_VERBOSE; | - |
316 | const char *authmsg; | - |
317 | char *extra = NULL; | - |
318 | | - |
319 | if (use_privsep && !mm_is_monitor() && !authctxt->postponed)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
320 | return; never executed: return; | 0 |
321 | | - |
322 | | - |
323 | if (authenticated == 1 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
324 | !authctxt->valid ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
325 | authctxt->failures >= options.max_authtries / 2 ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
326 | strcmp(method, "password") == 0) never executed: __result = (((const unsigned char *) (const char *) ( method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "password" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
327 | level = SYSLOG_LEVEL_INFO; never executed: level = SYSLOG_LEVEL_INFO; | 0 |
328 | | - |
329 | if (authctxt->postponed)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
330 | authmsg = "Postponed"; never executed: authmsg = "Postponed"; | 0 |
331 | else if (partial)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
332 | authmsg = "Partial"; never executed: authmsg = "Partial"; | 0 |
333 | else | - |
334 | authmsg = authenticated ? "Accepted" : "Failed"; never executed: authmsg = authenticated ? "Accepted" : "Failed"; TRUE | never evaluated | FALSE | never evaluated |
| 0 |
335 | | - |
336 | if ((extra = format_method_key(authctxt)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
337 | if (authctxt->auth_method_info != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
338 | extra = xstrdup(authctxt->auth_method_info); never executed: extra = xstrdup(authctxt->auth_method_info); | 0 |
339 | } never executed: end of block | 0 |
340 | | - |
341 | do_log2(level, "%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s", | - |
342 | authmsg, | - |
343 | method, | - |
344 | submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, | - |
345 | authctxt->valid ? "" : "invalid user ", | - |
346 | authctxt->user, | - |
347 | ssh_remote_ipaddr(ssh), | - |
348 | ssh_remote_port(ssh), | - |
349 | extra != NULL ? ": " : "", | - |
350 | extra != NULL ? extra : ""); | - |
351 | | - |
352 | free(extra); | - |
353 | | - |
354 | #ifdef CUSTOM_FAILED_LOGIN | - |
355 | if (authenticated == 0 && !authctxt->postponed &&TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
356 | (strcmp(method, "password") == 0 || never executed: __result = (((const unsigned char *) (const char *) ( method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "password" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
357 | strncmp(method, "keyboard-interactive", 20) == 0 || never executed: __result = (((const unsigned char *) (const char *) ( method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "keyboard-interactive" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
358 | strcmp(method, "challenge-response") == 0)) never executed: __result = (((const unsigned char *) (const char *) ( method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "challenge-response" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
359 | record_failed_login(authctxt->user, never executed: record_failed_login(authctxt->user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 0 |
360 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); never executed: record_failed_login(authctxt->user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 0 |
361 | # ifdef WITH_AIXAUTHENTICATE | - |
362 | if (authenticated) | - |
363 | sys_auth_record_login(authctxt->user, | - |
364 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", | - |
365 | &loginmsg); | - |
366 | # endif | - |
367 | #endif | - |
368 | #ifdef SSH_AUDIT_EVENTS | - |
369 | if (authenticated == 0 && !authctxt->postponed) | - |
370 | audit_event(audit_classify_auth(method)); | - |
371 | #endif | - |
372 | } never executed: end of block | 0 |
373 | | - |
374 | | - |
375 | void | - |
376 | auth_maxtries_exceeded(Authctxt *authctxt) | - |
377 | { | - |
378 | struct ssh *ssh = active_state; | - |
379 | | - |
380 | error("maximum authentication attempts exceeded for " | - |
381 | "%s%.100s from %.200s port %d ssh2", | - |
382 | authctxt->valid ? "" : "invalid user ", | - |
383 | authctxt->user, | - |
384 | ssh_remote_ipaddr(ssh), | - |
385 | ssh_remote_port(ssh)); | - |
386 | packet_disconnect("Too many authentication failures"); | - |
387 | | - |
388 | } never executed: end of block | 0 |
389 | | - |
390 | | - |
391 | | - |
392 | | - |
393 | int | - |
394 | auth_root_allowed(struct ssh *ssh, const char *method) | - |
395 | { | - |
396 | switch (options.permit_root_login) { | - |
397 | case PERMIT_YES: never executed: case 3: | 0 |
398 | return 1; never executed: return 1; | 0 |
399 | case PERMIT_NO_PASSWD: never executed: case 2: | 0 |
400 | if (strcmp(method, "publickey") == 0 || never executed: __result = (((const unsigned char *) (const char *) ( method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "publickey" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
401 | strcmp(method, "hostbased") == 0 || never executed: __result = (((const unsigned char *) (const char *) ( method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "hostbased" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
402 | strcmp(method, "gssapi-with-mic") == 0) never executed: __result = (((const unsigned char *) (const char *) ( method ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "gssapi-with-mic" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
403 | return 1; never executed: return 1; | 0 |
404 | break; never executed: break; | 0 |
405 | case PERMIT_FORCED_ONLY: never executed: case 1: | 0 |
406 | if (auth_opts->force_command != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
407 | logit("Root login accepted for forced command."); | - |
408 | return 1; never executed: return 1; | 0 |
409 | } | - |
410 | break; never executed: break; | 0 |
411 | } | - |
412 | logit("ROOT LOGIN REFUSED FROM %.200s port %d", | - |
413 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | - |
414 | return 0; never executed: return 0; | 0 |
415 | } | - |
416 | | - |
417 | | - |
418 | | - |
419 | | - |
420 | | - |
421 | | - |
422 | | - |
423 | | - |
424 | | - |
425 | char * | - |
426 | expand_authorized_keys(const char *filename, struct passwd *pw) | - |
427 | { | - |
428 | char *file, uidstr[32], ret[PATH_MAX]; | - |
429 | int i; | - |
430 | | - |
431 | snprintf(uidstr, sizeof(uidstr), "%llu", | - |
432 | (unsigned long long)pw->pw_uid); | - |
433 | file = percent_expand(filename, "h", pw->pw_dir, | - |
434 | "u", pw->pw_name, "U", uidstr, (char *)NULL); | - |
435 | | - |
436 | | - |
437 | | - |
438 | | - |
439 | | - |
440 | if (*file == '/')TRUE | never evaluated | FALSE | never evaluated |
| 0 |
441 | return (file); never executed: return (file); | 0 |
442 | | - |
443 | i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file); | - |
444 | if (i < 0 || (size_t)i >= sizeof(ret))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
445 | fatal("expand_authorized_keys: path too long"); never executed: fatal("expand_authorized_keys: path too long"); | 0 |
446 | free(file); | - |
447 | return (xstrdup(ret)); never executed: return (xstrdup(ret)); | 0 |
448 | } | - |
449 | | - |
450 | char * | - |
451 | authorized_principals_file(struct passwd *pw) | - |
452 | { | - |
453 | if (options.authorized_principals_file == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
454 | return NULL; never executed: return ((void *)0) ; | 0 |
455 | return expand_authorized_keys(options.authorized_principals_file, pw); never executed: return expand_authorized_keys(options.authorized_principals_file, pw); | 0 |
456 | } | - |
457 | | - |
458 | | - |
459 | HostStatus | - |
460 | check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, | - |
461 | const char *sysfile, const char *userfile) | - |
462 | { | - |
463 | char *user_hostfile; | - |
464 | struct stat st; | - |
465 | HostStatus host_status; | - |
466 | struct hostkeys *hostkeys; | - |
467 | const struct hostkey_entry *found; | - |
468 | | - |
469 | hostkeys = init_hostkeys(); | - |
470 | load_hostkeys(hostkeys, host, sysfile); | - |
471 | if (userfile != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
472 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); | - |
473 | if (options.strict_modes &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
474 | (stat(user_hostfile, &st) == 0) &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
475 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
476 | (st.st_mode & 022) != 0)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
477 | logit("Authentication refused for %.100s: " | - |
478 | "bad owner or modes for %.200s", | - |
479 | pw->pw_name, user_hostfile); | - |
480 | auth_debug_add("Ignored %.200s: bad ownership or modes", | - |
481 | user_hostfile); | - |
482 | } else { never executed: end of block | 0 |
483 | temporarily_use_uid(pw); | - |
484 | load_hostkeys(hostkeys, host, user_hostfile); | - |
485 | restore_uid(); | - |
486 | } never executed: end of block | 0 |
487 | free(user_hostfile); | - |
488 | } never executed: end of block | 0 |
489 | host_status = check_key_in_hostkeys(hostkeys, key, &found); | - |
490 | if (host_status == HOST_REVOKED)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
491 | error("WARNING: revoked key for %s attempted authentication", never executed: error("WARNING: revoked key for %s attempted authentication", found->host); | 0 |
492 | found->host); never executed: error("WARNING: revoked key for %s attempted authentication", found->host); | 0 |
493 | else if (host_status == HOST_OK)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
494 | debug("%s: key for %s found at %s:%ld", __func__, never executed: debug("%s: key for %s found at %s:%ld", __func__, found->host, found->file, found->line); | 0 |
495 | found->host, found->file, found->line); never executed: debug("%s: key for %s found at %s:%ld", __func__, found->host, found->file, found->line); | 0 |
496 | else | - |
497 | debug("%s: key for host %s not found", __func__, host); never executed: debug("%s: key for host %s not found", __func__, host); | 0 |
498 | | - |
499 | free_hostkeys(hostkeys); | - |
500 | | - |
501 | return host_status; never executed: return host_status; | 0 |
502 | } | - |
503 | | - |
504 | static FILE * | - |
505 | auth_openfile(const char *file, struct passwd *pw, int strict_modes, | - |
506 | int log_missing, char *file_type) | - |
507 | { | - |
508 | char line[1024]; | - |
509 | struct stat st; | - |
510 | int fd; | - |
511 | FILE *f; | - |
512 | | - |
513 | if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
514 | if (log_missing || errno != ENOENT)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
515 | debug("Could not open %s '%s': %s", file_type, file, never executed: debug("Could not open %s '%s': %s", file_type, file, strerror( (*__errno_location ()) )); | 0 |
516 | strerror(errno)); never executed: debug("Could not open %s '%s': %s", file_type, file, strerror( (*__errno_location ()) )); | 0 |
517 | return NULL; never executed: return ((void *)0) ; | 0 |
518 | } | - |
519 | | - |
520 | if (fstat(fd, &st) < 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
521 | close(fd); | - |
522 | return NULL; never executed: return ((void *)0) ; | 0 |
523 | } | - |
524 | if (!S_ISREG(st.st_mode)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
525 | logit("User %s %s %s is not a regular file", | - |
526 | pw->pw_name, file_type, file); | - |
527 | close(fd); | - |
528 | return NULL; never executed: return ((void *)0) ; | 0 |
529 | } | - |
530 | unset_nonblock(fd); | - |
531 | if ((f = fdopen(fd, "r")) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
532 | close(fd); | - |
533 | return NULL; never executed: return ((void *)0) ; | 0 |
534 | } | - |
535 | if (strict_modes &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
536 | safe_path_fd(fileno(f), file, pw, line, sizeof(line)) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
537 | fclose(f); | - |
538 | logit("Authentication refused: %s", line); | - |
539 | auth_debug_add("Ignored %s: %s", file_type, line); | - |
540 | return NULL; never executed: return ((void *)0) ; | 0 |
541 | } | - |
542 | | - |
543 | return f; never executed: return f; | 0 |
544 | } | - |
545 | | - |
546 | | - |
547 | FILE * | - |
548 | auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes) | - |
549 | { | - |
550 | return auth_openfile(file, pw, strict_modes, 1, "authorized keys"); never executed: return auth_openfile(file, pw, strict_modes, 1, "authorized keys"); | 0 |
551 | } | - |
552 | | - |
553 | FILE * | - |
554 | auth_openprincipals(const char *file, struct passwd *pw, int strict_modes) | - |
555 | { | - |
556 | return auth_openfile(file, pw, strict_modes, 0, never executed: return auth_openfile(file, pw, strict_modes, 0, "authorized principals"); | 0 |
557 | "authorized principals"); never executed: return auth_openfile(file, pw, strict_modes, 0, "authorized principals"); | 0 |
558 | } | - |
559 | | - |
560 | struct passwd * | - |
561 | getpwnamallow(const char *user) | - |
562 | { | - |
563 | struct ssh *ssh = active_state; | - |
564 | #ifdef HAVE_LOGIN_CAP | - |
565 | extern login_cap_t *lc; | - |
566 | #ifdef BSD_AUTH | - |
567 | auth_session_t *as; | - |
568 | #endif | - |
569 | #endif | - |
570 | struct passwd *pw; | - |
571 | struct connection_info *ci = get_connection_info(1, options.use_dns); | - |
572 | | - |
573 | ci->user = user; | - |
574 | parse_server_match_config(&options, ci); | - |
575 | log_change_level(options.log_level); | - |
576 | process_permitopen(ssh, &options); | - |
577 | | - |
578 | #if defined(_AIX) && defined(HAVE_SETAUTHDB) | - |
579 | aix_setauthdb(user); | - |
580 | #endif | - |
581 | | - |
582 | pw = getpwnam(user); | - |
583 | | - |
584 | #if defined(_AIX) && defined(HAVE_SETAUTHDB) | - |
585 | aix_restoreauthdb(); | - |
586 | #endif | - |
587 | #ifdef HAVE_CYGWIN | - |
588 | | - |
589 | | - |
590 | | - |
591 | | - |
592 | | - |
593 | | - |
594 | if (pw != NULL && strcmp(user, pw->pw_name) != 0) { | - |
595 | logit("Login name %.100s does not match stored username %.100s", | - |
596 | user, pw->pw_name); | - |
597 | pw = NULL; | - |
598 | } | - |
599 | #endif | - |
600 | if (pw == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
601 | logit("Invalid user %.100s from %.100s port %d", | - |
602 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | - |
603 | #ifdef CUSTOM_FAILED_LOGIN | - |
604 | record_failed_login(user, | - |
605 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | - |
606 | #endif | - |
607 | #ifdef SSH_AUDIT_EVENTS | - |
608 | audit_event(SSH_INVALID_USER); | - |
609 | #endif /* SSH_AUDIT_EVENTS */ | - |
610 | return (NULL); never executed: return ( ((void *)0) ); | 0 |
611 | } | - |
612 | if (!allowed_user(pw))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
613 | return (NULL); never executed: return ( ((void *)0) ); | 0 |
614 | #ifdef HAVE_LOGIN_CAP | - |
615 | if ((lc = login_getclass(pw->pw_class)) == NULL) { | - |
616 | debug("unable to get login class: %s", user); | - |
617 | return (NULL); | - |
618 | } | - |
619 | #ifdef BSD_AUTH | - |
620 | if ((as = auth_open()) == NULL || auth_setpwd(as, pw) != 0 || | - |
621 | auth_approval(as, lc, pw->pw_name, "ssh") <= 0) { | - |
622 | debug("Approval failure for %s", user); | - |
623 | pw = NULL; | - |
624 | } | - |
625 | if (as != NULL) | - |
626 | auth_close(as); | - |
627 | #endif | - |
628 | #endif | - |
629 | if (pw != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
630 | return (pwcopy(pw)); never executed: return (pwcopy(pw)); | 0 |
631 | return (NULL); never executed: return ( ((void *)0) ); | 0 |
632 | } | - |
633 | | - |
634 | | - |
635 | int | - |
636 | auth_key_is_revoked(struct sshkey *key) | - |
637 | { | - |
638 | char *fp = NULL; | - |
639 | int r; | - |
640 | | - |
641 | if (options.revoked_keys_file == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
642 | return 0; never executed: return 0; | 0 |
643 | if ((fp = sshkey_fingerprint(key, options.fingerprint_hash,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
644 | SSH_FP_DEFAULT)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
645 | r = SSH_ERR_ALLOC_FAIL; | - |
646 | error("%s: fingerprint key: %s", __func__, ssh_err(r)); | - |
647 | goto out; never executed: goto out; | 0 |
648 | } | - |
649 | | - |
650 | r = sshkey_check_revoked(key, options.revoked_keys_file); | - |
651 | switch (r) { | - |
652 | case 0: never executed: case 0: | 0 |
653 | break; never executed: break; | 0 |
654 | case SSH_ERR_KEY_REVOKED: never executed: case -51: | 0 |
655 | error("Authentication key %s %s revoked by file %s", | - |
656 | sshkey_type(key), fp, options.revoked_keys_file); | - |
657 | goto out; never executed: goto out; | 0 |
658 | default: never executed: default: | 0 |
659 | error("Error checking authentication key %s %s in " | - |
660 | "revoked keys file %s: %s", sshkey_type(key), fp, | - |
661 | options.revoked_keys_file, ssh_err(r)); | - |
662 | goto out; never executed: goto out; | 0 |
663 | } | - |
664 | | - |
665 | | - |
666 | r = 0; | - |
667 | | - |
668 | out: code before this statement never executed: out: | 0 |
669 | free(fp); | - |
670 | return r == 0 ? 0 : 1; never executed: return r == 0 ? 0 : 1; TRUE | never evaluated | FALSE | never evaluated |
| 0 |
671 | } | - |
672 | | - |
673 | void | - |
674 | auth_debug_add(const char *fmt,...) | - |
675 | { | - |
676 | char buf[1024]; | - |
677 | va_list args; | - |
678 | int r; | - |
679 | | - |
680 | if (auth_debug == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
681 | return; never executed: return; | 0 |
682 | | - |
683 | va_start(args, fmt); | - |
684 | vsnprintf(buf, sizeof(buf), fmt, args); | - |
685 | va_end(args); | - |
686 | if ((r = sshbuf_put_cstring(auth_debug, buf)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
687 | fatal("%s: sshbuf_put_cstring: %s", __func__, ssh_err(r)); never executed: fatal("%s: sshbuf_put_cstring: %s", __func__, ssh_err(r)); | 0 |
688 | } never executed: end of block | 0 |
689 | | - |
690 | void | - |
691 | auth_debug_send(void) | - |
692 | { | - |
693 | struct ssh *ssh = active_state; | - |
694 | char *msg; | - |
695 | int r; | - |
696 | | - |
697 | if (auth_debug == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
698 | return; never executed: return; | 0 |
699 | while (sshbuf_len(auth_debug) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
700 | if ((r = sshbuf_get_cstring(auth_debug, &msg, NULL)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
701 | fatal("%s: sshbuf_get_cstring: %s", never executed: fatal("%s: sshbuf_get_cstring: %s", __func__, ssh_err(r)); | 0 |
702 | __func__, ssh_err(r)); never executed: fatal("%s: sshbuf_get_cstring: %s", __func__, ssh_err(r)); | 0 |
703 | ssh_packet_send_debug(ssh, "%s", msg); | - |
704 | free(msg); | - |
705 | } never executed: end of block | 0 |
706 | } never executed: end of block | 0 |
707 | | - |
708 | void | - |
709 | auth_debug_reset(void) | - |
710 | { | - |
711 | if (auth_debug != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
712 | sshbuf_reset(auth_debug); never executed: sshbuf_reset(auth_debug); | 0 |
713 | else if ((auth_debug = sshbuf_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
714 | fatal("%s: sshbuf_new failed", __func__); never executed: fatal("%s: sshbuf_new failed", __func__); | 0 |
715 | } never executed: end of block | 0 |
716 | | - |
717 | struct passwd * | - |
718 | fakepw(void) | - |
719 | { | - |
720 | static struct passwd fake; | - |
721 | | - |
722 | memset(&fake, 0, sizeof(fake)); | - |
723 | fake.pw_name = "NOUSER"; | - |
724 | fake.pw_passwd = | - |
725 | "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; | - |
726 | #ifdef HAVE_STRUCT_PASSWD_PW_GECOS | - |
727 | fake.pw_gecos = "NOUSER"; | - |
728 | #endif | - |
729 | fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
730 | fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
731 | #ifdef HAVE_STRUCT_PASSWD_PW_CLASS | - |
732 | fake.pw_class = ""; | - |
733 | #endif | - |
734 | fake.pw_dir = "/nonexist"; | - |
735 | fake.pw_shell = "/nonexist"; | - |
736 | | - |
737 | return (&fake); never executed: return (&fake); | 0 |
738 | } | - |
739 | | - |
740 | | - |
741 | | - |
742 | | - |
743 | | - |
744 | | - |
745 | | - |
746 | | - |
747 | | - |
748 | | - |
749 | | - |
750 | static char * | - |
751 | remote_hostname(struct ssh *ssh) | - |
752 | { | - |
753 | struct sockaddr_storage from; | - |
754 | socklen_t fromlen; | - |
755 | struct addrinfo hints, *ai, *aitop; | - |
756 | char name[NI_MAXHOST], ntop2[NI_MAXHOST]; | - |
757 | const char *ntop = ssh_remote_ipaddr(ssh); | - |
758 | | - |
759 | | - |
760 | fromlen = sizeof(from); | - |
761 | memset(&from, 0, sizeof(from)); | - |
762 | if (getpeername(ssh_packet_get_connection_in(ssh),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
763 | (struct sockaddr *)&from, &fromlen) < 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
764 | debug("getpeername failed: %.100s", strerror(errno)); | - |
765 | return strdup(ntop); never executed: return (__extension__ (__builtin_constant_p ( ntop ) && ((size_t)(const void *)(( ntop ) + 1) - (size_t)(const void *)( ntop ) == 1) ? (((const char *) ( ntop ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( ntop ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, ntop , __len); __retval; })) : __strdup ( ntop ))) ; never executed: __retval = (char *) memcpy (__retval, ntop , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
766 | } | - |
767 | | - |
768 | ipv64_normalise_mapped(&from, &fromlen); | - |
769 | if (from.ss_family == AF_INET6)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
770 | fromlen = sizeof(struct sockaddr_in6); never executed: fromlen = sizeof(struct sockaddr_in6); | 0 |
771 | | - |
772 | debug3("Trying to reverse map address %.100s.", ntop); | - |
773 | | - |
774 | if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
775 | NULL, 0, NI_NAMEREQD) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
776 | | - |
777 | return strdup(ntop); never executed: return (__extension__ (__builtin_constant_p ( ntop ) && ((size_t)(const void *)(( ntop ) + 1) - (size_t)(const void *)( ntop ) == 1) ? (((const char *) ( ntop ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( ntop ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, ntop , __len); __retval; })) : __strdup ( ntop ))) ; never executed: __retval = (char *) memcpy (__retval, ntop , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
778 | } | - |
779 | | - |
780 | | - |
781 | | - |
782 | | - |
783 | | - |
784 | | - |
785 | memset(&hints, 0, sizeof(hints)); | - |
786 | hints.ai_socktype = SOCK_DGRAM; | - |
787 | hints.ai_flags = AI_NUMERICHOST; | - |
788 | if (getaddrinfo(name, NULL, &hints, &ai) == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
789 | logit("Nasty PTR record \"%s\" is set up for %s, ignoring", | - |
790 | name, ntop); | - |
791 | freeaddrinfo(ai); | - |
792 | return strdup(ntop); never executed: return (__extension__ (__builtin_constant_p ( ntop ) && ((size_t)(const void *)(( ntop ) + 1) - (size_t)(const void *)( ntop ) == 1) ? (((const char *) ( ntop ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( ntop ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, ntop , __len); __retval; })) : __strdup ( ntop ))) ; never executed: __retval = (char *) memcpy (__retval, ntop , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
793 | } | - |
794 | | - |
795 | | - |
796 | lowercase(name); | - |
797 | | - |
798 | | - |
799 | | - |
800 | | - |
801 | | - |
802 | | - |
803 | | - |
804 | | - |
805 | | - |
806 | | - |
807 | memset(&hints, 0, sizeof(hints)); | - |
808 | hints.ai_family = from.ss_family; | - |
809 | hints.ai_socktype = SOCK_STREAM; | - |
810 | if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
811 | logit("reverse mapping checking getaddrinfo for %.700s " | - |
812 | "[%s] failed.", name, ntop); | - |
813 | return strdup(ntop); never executed: return (__extension__ (__builtin_constant_p ( ntop ) && ((size_t)(const void *)(( ntop ) + 1) - (size_t)(const void *)( ntop ) == 1) ? (((const char *) ( ntop ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( ntop ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, ntop , __len); __retval; })) : __strdup ( ntop ))) ; never executed: __retval = (char *) memcpy (__retval, ntop , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
814 | } | - |
815 | | - |
816 | for (ai = aitop; ai; ai = ai->ai_next) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
817 | if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
818 | sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
819 | (strcmp(ntop, ntop2) == 0)) never executed: __result = (((const unsigned char *) (const char *) ( ntop ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( ntop2 ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
820 | break; never executed: break; | 0 |
821 | } never executed: end of block | 0 |
822 | freeaddrinfo(aitop); | - |
823 | | - |
824 | if (ai == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
825 | | - |
826 | logit("Address %.100s maps to %.600s, but this does not " | - |
827 | "map back to the address.", ntop, name); | - |
828 | return strdup(ntop); never executed: return (__extension__ (__builtin_constant_p ( ntop ) && ((size_t)(const void *)(( ntop ) + 1) - (size_t)(const void *)( ntop ) == 1) ? (((const char *) ( ntop ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( ntop ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, ntop , __len); __retval; })) : __strdup ( ntop ))) ; never executed: __retval = (char *) memcpy (__retval, ntop , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
829 | } | - |
830 | return strdup(name); never executed: return (__extension__ (__builtin_constant_p ( name ) && ((size_t)(const void *)(( name ) + 1) - (size_t)(const void *)( name ) == 1) ? (((const char *) ( name ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( name ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, name , __len); __retval; })) : __strdup ( name ))) ; never executed: __retval = (char *) memcpy (__retval, name , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
831 | } | - |
832 | | - |
833 | | - |
834 | | - |
835 | | - |
836 | | - |
837 | | - |
838 | | - |
839 | const char * | - |
840 | auth_get_canonical_hostname(struct ssh *ssh, int use_dns) | - |
841 | { | - |
842 | static char *dnsname; | - |
843 | | - |
844 | if (!use_dns)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
845 | return ssh_remote_ipaddr(ssh); never executed: return ssh_remote_ipaddr(ssh); | 0 |
846 | else if (dnsname != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
847 | return dnsname; never executed: return dnsname; | 0 |
848 | else { | - |
849 | dnsname = remote_hostname(ssh); | - |
850 | return dnsname; never executed: return dnsname; | 0 |
851 | } | - |
852 | } | - |
853 | | - |
854 | | - |
855 | | - |
856 | | - |
857 | | - |
858 | | - |
859 | | - |
860 | | - |
861 | | - |
862 | | - |
863 | pid_t | - |
864 | subprocess(const char *tag, struct passwd *pw, const char *command, | - |
865 | int ac, char **av, FILE **child, u_int flags) | - |
866 | { | - |
867 | FILE *f = NULL; | - |
868 | struct stat st; | - |
869 | int fd, devnull, p[2], i; | - |
870 | pid_t pid; | - |
871 | char *cp, errmsg[512]; | - |
872 | u_int envsize; | - |
873 | char **child_env; | - |
874 | | - |
875 | if (child != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
876 | *child = NULL; never executed: *child = ((void *)0) ; | 0 |
877 | | - |
878 | debug3("%s: %s command \"%s\" running as %s (flags 0x%x)", __func__, | - |
879 | tag, command, pw->pw_name, flags); | - |
880 | | - |
881 | | - |
882 | if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0 &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
883 | (flags & SSH_SUBPROCESS_STDOUT_CAPTURE) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
884 | error("%s: inconsistent flags", __func__); | - |
885 | return 0; never executed: return 0; | 0 |
886 | } | - |
887 | if (((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) == 0) != (child == NULL)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
888 | error("%s: inconsistent flags/output", __func__); | - |
889 | return 0; never executed: return 0; | 0 |
890 | } | - |
891 | | - |
892 | | - |
893 | | - |
894 | | - |
895 | | - |
896 | if (*av[0] != '/') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
897 | error("%s path is not absolute", tag); | - |
898 | return 0; never executed: return 0; | 0 |
899 | } | - |
900 | temporarily_use_uid(pw); | - |
901 | if (stat(av[0], &st) < 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
902 | error("Could not stat %s \"%s\": %s", tag, | - |
903 | av[0], strerror(errno)); | - |
904 | restore_uid(); | - |
905 | return 0; never executed: return 0; | 0 |
906 | } | - |
907 | if (safe_path(av[0], &st, NULL, 0, errmsg, sizeof(errmsg)) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
908 | error("Unsafe %s \"%s\": %s", tag, av[0], errmsg); | - |
909 | restore_uid(); | - |
910 | return 0; never executed: return 0; | 0 |
911 | } | - |
912 | | - |
913 | if (pipe(p) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
914 | error("%s: pipe: %s", tag, strerror(errno)); | - |
915 | restore_uid(); | - |
916 | return 0; never executed: return 0; | 0 |
917 | } | - |
918 | restore_uid(); | - |
919 | | - |
920 | switch ((pid = fork())) { | - |
921 | case -1: never executed: case -1: | 0 |
922 | error("%s: fork: %s", tag, strerror(errno)); | - |
923 | close(p[0]); | - |
924 | close(p[1]); | - |
925 | return 0; never executed: return 0; | 0 |
926 | case 0: never executed: case 0: | 0 |
927 | | - |
928 | envsize = 5; | - |
929 | child_env = xcalloc(sizeof(*child_env), envsize); | - |
930 | child_set_env(&child_env, &envsize, "PATH", _PATH_STDPATH); | - |
931 | child_set_env(&child_env, &envsize, "USER", pw->pw_name); | - |
932 | child_set_env(&child_env, &envsize, "LOGNAME", pw->pw_name); | - |
933 | child_set_env(&child_env, &envsize, "HOME", pw->pw_dir); | - |
934 | if ((cp = getenv("LANG")) != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
935 | child_set_env(&child_env, &envsize, "LANG", cp); never executed: child_set_env(&child_env, &envsize, "LANG", cp); | 0 |
936 | | - |
937 | for (i = 0; i < NSIG; i++)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
938 | signal(i, SIG_DFL); never executed: mysignal(i, ((__sighandler_t) 0) ); | 0 |
939 | | - |
940 | if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
941 | error("%s: open %s: %s", tag, _PATH_DEVNULL, | - |
942 | strerror(errno)); | - |
943 | _exit(1); | - |
944 | } never executed: end of block | 0 |
945 | if (dup2(devnull, STDIN_FILENO) == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
946 | error("%s: dup2: %s", tag, strerror(errno)); | - |
947 | _exit(1); | - |
948 | } never executed: end of block | 0 |
949 | | - |
950 | | - |
951 | fd = -1; | - |
952 | if ((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
953 | fd = p[1]; never executed: fd = p[1]; | 0 |
954 | else if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
955 | fd = devnull; never executed: fd = devnull; | 0 |
956 | if (fd != -1 && dup2(fd, STDOUT_FILENO) == -1) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
957 | error("%s: dup2: %s", tag, strerror(errno)); | - |
958 | _exit(1); | - |
959 | } never executed: end of block | 0 |
960 | closefrom(STDERR_FILENO + 1); | - |
961 | | - |
962 | | - |
963 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
964 | error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, | - |
965 | strerror(errno)); | - |
966 | _exit(1); | - |
967 | } never executed: end of block | 0 |
968 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
969 | error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, | - |
970 | strerror(errno)); | - |
971 | _exit(1); | - |
972 | } never executed: end of block | 0 |
973 | | - |
974 | if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0 &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
975 | dup2(STDIN_FILENO, STDERR_FILENO) == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
976 | error("%s: dup2: %s", tag, strerror(errno)); | - |
977 | _exit(1); | - |
978 | } never executed: end of block | 0 |
979 | | - |
980 | execve(av[0], av, child_env); | - |
981 | error("%s exec \"%s\": %s", tag, command, strerror(errno)); | - |
982 | _exit(127); | - |
983 | default: code before this statement never executed: default: never executed: default: | 0 |
984 | break; never executed: break; | 0 |
985 | } | - |
986 | | - |
987 | close(p[1]); | - |
988 | if ((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
989 | close(p[0]); never executed: close(p[0]); | 0 |
990 | else if ((f = fdopen(p[0], "r")) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
991 | error("%s: fdopen: %s", tag, strerror(errno)); | - |
992 | close(p[0]); | - |
993 | | - |
994 | kill(pid, SIGTERM); | - |
995 | while (waitpid(pid, NULL, 0) == -1 && errno == EINTR)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
996 | ; never executed: ; | 0 |
997 | return 0; never executed: return 0; | 0 |
998 | } | - |
999 | | - |
1000 | debug3("%s: %s pid %ld", __func__, tag, (long)pid); | - |
1001 | if (child != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1002 | *child = f; never executed: *child = f; | 0 |
1003 | return pid; never executed: return pid; | 0 |
1004 | } | - |
1005 | | - |
1006 | | - |
1007 | | - |
1008 | | - |
1009 | void | - |
1010 | auth_log_authopts(const char *loc, const struct sshauthopt *opts, int do_remote) | - |
1011 | { | - |
1012 | int do_env = options.permit_user_env && opts->nenv > 0;TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1013 | int do_permitopen = opts->npermitopen > 0 &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1014 | (options.allow_tcp_forwarding & FORWARD_LOCAL) != 0;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1015 | int do_permitlisten = opts->npermitlisten > 0 &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1016 | (options.allow_tcp_forwarding & FORWARD_REMOTE) != 0;TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1017 | size_t i; | - |
1018 | char msg[1024], buf[64]; | - |
1019 | | - |
1020 | snprintf(buf, sizeof(buf), "%d", opts->force_tun_device); | - |
1021 | | - |
1022 | snprintf(msg, sizeof(msg), "key options:%s%s%s%s%s%s%s%s%s%s%s%s%s", | - |
1023 | opts->permit_agent_forwarding_flag ? " agent-forwarding" : "", | - |
1024 | opts->force_command == NULL ? "" : " command", | - |
1025 | do_env ? " environment" : "", | - |
1026 | opts->valid_before == 0 ? "" : "expires", | - |
1027 | do_permitopen ? " permitopen" : "", | - |
1028 | do_permitlisten ? " permitlisten" : "", | - |
1029 | opts->permit_port_forwarding_flag ? " port-forwarding" : "", | - |
1030 | opts->cert_principals == NULL ? "" : " principals", | - |
1031 | opts->permit_pty_flag ? " pty" : "", | - |
1032 | opts->force_tun_device == -1 ? "" : " tun=", | - |
1033 | opts->force_tun_device == -1 ? "" : buf, | - |
1034 | opts->permit_user_rc ? " user-rc" : "", | - |
1035 | opts->permit_x11_forwarding_flag ? " x11-forwarding" : ""); | - |
1036 | | - |
1037 | debug("%s: %s", loc, msg); | - |
1038 | if (do_remote)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1039 | auth_debug_add("%s: %s", loc, msg); never executed: auth_debug_add("%s: %s", loc, msg); | 0 |
1040 | | - |
1041 | if (options.permit_user_env) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1042 | for (i = 0; i < opts->nenv; i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1043 | debug("%s: environment: %s", loc, opts->env[i]); | - |
1044 | if (do_remote) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1045 | auth_debug_add("%s: environment: %s", | - |
1046 | loc, opts->env[i]); | - |
1047 | } never executed: end of block | 0 |
1048 | } never executed: end of block | 0 |
1049 | } never executed: end of block | 0 |
1050 | | - |
1051 | | - |
1052 | if (opts->valid_before != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1053 | format_absolute_time(opts->valid_before, buf, sizeof(buf)); | - |
1054 | debug("%s: expires at %s", loc, buf); | - |
1055 | } never executed: end of block | 0 |
1056 | if (opts->cert_principals != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1057 | debug("%s: authorized principals: \"%s\"", | - |
1058 | loc, opts->cert_principals); | - |
1059 | } never executed: end of block | 0 |
1060 | if (opts->force_command != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1061 | debug("%s: forced command: \"%s\"", loc, opts->force_command); never executed: debug("%s: forced command: \"%s\"", loc, opts->force_command); | 0 |
1062 | if (do_permitopen) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1063 | for (i = 0; i < opts->npermitopen; i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1064 | debug("%s: permitted open: %s", | - |
1065 | loc, opts->permitopen[i]); | - |
1066 | } never executed: end of block | 0 |
1067 | } never executed: end of block | 0 |
1068 | if (do_permitlisten) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1069 | for (i = 0; i < opts->npermitlisten; i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1070 | debug("%s: permitted listen: %s", | - |
1071 | loc, opts->permitlisten[i]); | - |
1072 | } never executed: end of block | 0 |
1073 | } never executed: end of block | 0 |
1074 | } never executed: end of block | 0 |
1075 | | - |
1076 | | - |
1077 | int | - |
1078 | auth_activate_options(struct ssh *ssh, struct sshauthopt *opts) | - |
1079 | { | - |
1080 | struct sshauthopt *old = auth_opts; | - |
1081 | const char *emsg = NULL; | - |
1082 | | - |
1083 | debug("%s: setting new authentication options", __func__); | - |
1084 | if ((auth_opts = sshauthopt_merge(old, opts, &emsg)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1085 | error("Inconsistent authentication options: %s", emsg); | - |
1086 | return -1; never executed: return -1; | 0 |
1087 | } | - |
1088 | return 0; never executed: return 0; | 0 |
1089 | } | - |
1090 | | - |
1091 | | - |
1092 | void | - |
1093 | auth_restrict_session(struct ssh *ssh) | - |
1094 | { | - |
1095 | struct sshauthopt *restricted; | - |
1096 | | - |
1097 | debug("%s: restricting session", __func__); | - |
1098 | | - |
1099 | | - |
1100 | restricted = sshauthopt_new(); | - |
1101 | restricted->permit_pty_flag = 1; | - |
1102 | restricted->restricted = 1; | - |
1103 | | - |
1104 | if (auth_activate_options(ssh, restricted) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1105 | fatal("%s: failed to restrict session", __func__); never executed: fatal("%s: failed to restrict session", __func__); | 0 |
1106 | sshauthopt_free(restricted); | - |
1107 | } never executed: end of block | 0 |
1108 | | - |
1109 | int | - |
1110 | auth_authorise_keyopts(struct ssh *ssh, struct passwd *pw, | - |
1111 | struct sshauthopt *opts, int allow_cert_authority, const char *loc) | - |
1112 | { | - |
1113 | const char *remote_ip = ssh_remote_ipaddr(ssh); | - |
1114 | const char *remote_host = auth_get_canonical_hostname(ssh, | - |
1115 | options.use_dns); | - |
1116 | time_t now = time(NULL); | - |
1117 | char buf[64]; | - |
1118 | | - |
1119 | | - |
1120 | | - |
1121 | | - |
1122 | | - |
1123 | if (opts->valid_before && now > 0 &&TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1124 | opts->valid_before < (uint64_t)now) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1125 | format_absolute_time(opts->valid_before, buf, sizeof(buf)); | - |
1126 | debug("%s: entry expired at %s", loc, buf); | - |
1127 | auth_debug_add("%s: entry expired at %s", loc, buf); | - |
1128 | return -1; never executed: return -1; | 0 |
1129 | } | - |
1130 | | - |
1131 | if (opts->cert_principals != NULL && !opts->cert_authority) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1132 | debug("%s: principals on non-CA key", loc); | - |
1133 | auth_debug_add("%s: principals on non-CA key", loc); | - |
1134 | | - |
1135 | return -1; never executed: return -1; | 0 |
1136 | } | - |
1137 | | - |
1138 | if (!allow_cert_authority && opts->cert_authority) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1139 | debug("%s: cert-authority flag invalid here", loc); | - |
1140 | auth_debug_add("%s: cert-authority flag invalid here", loc); | - |
1141 | | - |
1142 | return -1; never executed: return -1; | 0 |
1143 | } | - |
1144 | | - |
1145 | | - |
1146 | if (opts->required_from_host_keys != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1147 | switch (match_host_and_ip(remote_host, remote_ip, | - |
1148 | opts->required_from_host_keys )) { | - |
1149 | case 1: never executed: case 1: | 0 |
1150 | | - |
1151 | break; never executed: break; | 0 |
1152 | case -1: never executed: case -1: | 0 |
1153 | default: never executed: default: | 0 |
1154 | debug("%s: invalid from criteria", loc); | - |
1155 | auth_debug_add("%s: invalid from criteria", loc); | - |
1156 | | - |
1157 | case 0: code before this statement never executed: case 0: never executed: case 0: | 0 |
1158 | logit("%s: Authentication tried for %.100s with " | - |
1159 | "correct key but not from a permitted " | - |
1160 | "host (host=%.200s, ip=%.200s, required=%.200s).", | - |
1161 | loc, pw->pw_name, remote_host, remote_ip, | - |
1162 | opts->required_from_host_keys); | - |
1163 | auth_debug_add("%s: Your host '%.200s' is not " | - |
1164 | "permitted to use this key for login.", | - |
1165 | loc, remote_host); | - |
1166 | | - |
1167 | return -1; never executed: return -1; | 0 |
1168 | } | - |
1169 | } | - |
1170 | | - |
1171 | if (opts->required_from_host_cert != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1172 | switch (addr_match_cidr_list(remote_ip, | - |
1173 | opts->required_from_host_cert)) { | - |
1174 | case 1: never executed: case 1: | 0 |
1175 | | - |
1176 | break; never executed: break; | 0 |
1177 | case -1: never executed: case -1: | 0 |
1178 | default: never executed: default: | 0 |
1179 | | - |
1180 | error("%s: Certificate source-address invalid", | - |
1181 | loc); | - |
1182 | | - |
1183 | case 0: code before this statement never executed: case 0: never executed: case 0: | 0 |
1184 | logit("%s: Authentication tried for %.100s with valid " | - |
1185 | "certificate but not from a permitted source " | - |
1186 | "address (%.200s).", loc, pw->pw_name, remote_ip); | - |
1187 | auth_debug_add("%s: Your address '%.200s' is not " | - |
1188 | "permitted to use this certificate for login.", | - |
1189 | loc, remote_ip); | - |
1190 | return -1; never executed: return -1; | 0 |
1191 | } | - |
1192 | } | - |
1193 | | - |
1194 | | - |
1195 | | - |
1196 | | - |
1197 | | - |
1198 | | - |
1199 | auth_log_authopts(loc, opts, 1); | - |
1200 | | - |
1201 | return 0; never executed: return 0; | 0 |
1202 | } | - |
| | |