Date: Wed, 13 Apr 2022 20:49:00 GMT From: Ed Maste <emaste@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 1323ec571215 - main - ssh: update to OpenSSH v8.9p1 Message-ID: <202204132049.23DKn0uO084657@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=1323ec571215a77ddd21294f0871979d5ad6b992 commit 1323ec571215a77ddd21294f0871979d5ad6b992 Merge: 595ac4a11893 85d1f2d49355 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-04-13 20:00:56 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-04-13 20:00:56 +0000 ssh: update to OpenSSH v8.9p1 Release notes are available at https://www.openssh.com/txt/release-8.9 Some highlights: * ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for restricting forwarding and use of keys added to ssh-agent(1) * ssh(1), sshd(8): add the sntrup761x25519-sha512@openssh.com hybrid ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default KEXAlgorithms list (after the ECDH methods but before the prime-group DH ones). The next release of OpenSSH is likely to make this key exchange the default method. * sshd(8), portable OpenSSH only: this release removes in-built support for MD5-hashed passwords. If you require these on your system then we recommend linking against libxcrypt or similar. Future deprecation notice ========================= A near-future release of OpenSSH will switch scp(1) from using the legacy scp/rcp protocol to using SFTP by default. Legacy scp/rcp performs wildcard expansion of remote filenames (e.g. "scp host:* .") through the remote shell. This has the side effect of requiring double quoting of shell meta-characters in file names included on scp(1) command-lines, otherwise they could be interpreted as shell commands on the remote side. MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation crypto/openssh/.depend | 11 +- crypto/openssh/.github/configs | 76 +- crypto/openssh/.github/configure.sh | 17 +- crypto/openssh/.github/setup_ci.sh | 41 +- crypto/openssh/.github/workflows/c-cpp.yml | 24 +- crypto/openssh/.github/workflows/selfhosted.yml | 14 +- crypto/openssh/.github/workflows/upstream.yml | 3 +- crypto/openssh/.skipped-commit-ids | 1 + crypto/openssh/ChangeLog | 17378 +++++++++---------- crypto/openssh/INSTALL | 5 - crypto/openssh/LICENCE | 21 +- crypto/openssh/Makefile.in | 55 +- crypto/openssh/PROTOCOL | 69 +- crypto/openssh/PROTOCOL.agent | 85 +- crypto/openssh/PROTOCOL.mux | 6 +- crypto/openssh/README | 2 +- crypto/openssh/SECURITY.md | 5 + crypto/openssh/addr.c | 30 +- crypto/openssh/atomicio.c | 1 - crypto/openssh/auth-options.c | 4 +- crypto/openssh/auth-rhosts.c | 38 +- crypto/openssh/auth.c | 16 +- crypto/openssh/auth.h | 5 +- crypto/openssh/auth2-gss.c | 5 +- crypto/openssh/auth2-hostbased.c | 11 +- crypto/openssh/auth2-kbdint.c | 5 +- crypto/openssh/auth2-none.c | 5 +- crypto/openssh/auth2-passwd.c | 5 +- crypto/openssh/auth2-pubkey.c | 49 +- crypto/openssh/auth2.c | 70 +- crypto/openssh/authfd.c | 116 +- crypto/openssh/authfd.h | 35 +- crypto/openssh/authfile.c | 4 +- crypto/openssh/channels.c | 554 +- crypto/openssh/channels.h | 31 +- crypto/openssh/clientloop.c | 236 +- crypto/openssh/config.h | 36 +- crypto/openssh/configure.ac | 126 +- crypto/openssh/contrib/redhat/openssh.spec | 10 +- crypto/openssh/contrib/suse/openssh.spec | 2 +- crypto/openssh/defines.h | 39 +- crypto/openssh/digest-libc.c | 10 + crypto/openssh/dns.c | 4 +- crypto/openssh/gss-genr.c | 1 + crypto/openssh/hostfile.c | 22 +- crypto/openssh/includes.h | 1 - crypto/openssh/kex.c | 48 +- crypto/openssh/kex.h | 13 +- crypto/openssh/kexgen.c | 35 +- crypto/openssh/kexgexc.c | 24 +- crypto/openssh/kexgexs.c | 14 +- crypto/openssh/kexsntrup761x25519.c | 4 +- crypto/openssh/loginrec.c | 3 +- crypto/openssh/md5crypt.c | 165 - crypto/openssh/md5crypt.h | 22 - crypto/openssh/misc.c | 90 +- crypto/openssh/misc.h | 4 +- crypto/openssh/moduli | 831 +- crypto/openssh/monitor.c | 31 +- crypto/openssh/mux.c | 4 +- crypto/openssh/myproposal.h | 3 +- crypto/openssh/nchan.c | 10 +- crypto/openssh/openbsd-compat/arc4random.c | 8 +- crypto/openssh/openbsd-compat/base64.c | 1 - crypto/openssh/openbsd-compat/bcrypt_pbkdf.c | 41 +- crypto/openssh/openbsd-compat/bindresvport.c | 1 + crypto/openssh/openbsd-compat/blf.h | 7 +- crypto/openssh/openbsd-compat/blowfish.c | 7 +- crypto/openssh/openbsd-compat/bsd-closefrom.c | 8 +- crypto/openssh/openbsd-compat/bsd-cygwin_util.c | 4 +- crypto/openssh/openbsd-compat/bsd-getline.c | 2 +- crypto/openssh/openbsd-compat/bsd-openpty.c | 76 +- crypto/openssh/openbsd-compat/bsd-poll.c | 68 +- crypto/openssh/openbsd-compat/bsd-poll.h | 26 +- crypto/openssh/openbsd-compat/bsd-statvfs.c | 1 - crypto/openssh/openbsd-compat/dirname.c | 1 - crypto/openssh/openbsd-compat/getcwd.c | 1 - crypto/openssh/openbsd-compat/inet_aton.c | 1 - crypto/openssh/openbsd-compat/inet_ntop.c | 1 - crypto/openssh/openbsd-compat/openbsd-compat.h | 4 +- crypto/openssh/openbsd-compat/port-solaris.c | 1 - crypto/openssh/openbsd-compat/xcrypt.c | 17 +- crypto/openssh/packet.c | 103 +- crypto/openssh/packet.h | 3 +- crypto/openssh/platform-tracing.c | 13 +- crypto/openssh/readconf.c | 27 +- crypto/openssh/readconf.h | 7 +- crypto/openssh/regress/Makefile | 14 +- crypto/openssh/regress/agent-getpeereid.sh | 3 + crypto/openssh/regress/agent-restrict.sh | 495 + crypto/openssh/regress/cert-hostkey.sh | 86 +- crypto/openssh/regress/cert-userkey.sh | 326 +- crypto/openssh/regress/cipher-speed.sh | 10 + crypto/openssh/regress/hostbased.sh | 66 + crypto/openssh/regress/hostkey-agent.sh | 84 +- crypto/openssh/regress/hostkey-rotate.sh | 17 +- crypto/openssh/regress/keys-command.sh | 6 +- crypto/openssh/regress/knownhosts.sh | 17 + crypto/openssh/regress/login-timeout.sh | 4 +- crypto/openssh/regress/misc/fuzz-harness/Makefile | 2 +- .../openssh/regress/misc/fuzz-harness/kex_fuzz.cc | 3 +- .../regress/misc/fuzz-harness/ssh-sk-null.cc | 3 +- crypto/openssh/regress/misc/sk-dummy/sk-dummy.c | 55 +- crypto/openssh/regress/percent.sh | 5 +- crypto/openssh/regress/principals-command.sh | 220 +- crypto/openssh/regress/sshd-log-wrapper.sh | 3 +- crypto/openssh/regress/sshsig.sh | 256 +- crypto/openssh/regress/test-exec.sh | 30 +- crypto/openssh/regress/unittests/authopt/tests.c | 3 +- crypto/openssh/regress/unittests/bitmap/tests.c | 3 +- .../openssh/regress/unittests/conversion/tests.c | 3 +- .../regress/unittests/hostkeys/test_iterate.c | 3 +- crypto/openssh/regress/unittests/kex/test_kex.c | 3 +- crypto/openssh/regress/unittests/match/tests.c | 3 +- crypto/openssh/regress/unittests/misc/test_argv.c | 3 +- .../openssh/regress/unittests/misc/test_convtime.c | 4 +- .../openssh/regress/unittests/misc/test_expand.c | 3 +- .../openssh/regress/unittests/misc/test_hpdelim.c | 82 + crypto/openssh/regress/unittests/misc/test_parse.c | 3 +- .../openssh/regress/unittests/misc/test_strdelim.c | 3 +- crypto/openssh/regress/unittests/misc/tests.c | 5 +- .../openssh/regress/unittests/sshbuf/test_sshbuf.c | 7 +- .../regress/unittests/sshbuf/test_sshbuf_fixed.c | 3 +- .../regress/unittests/sshbuf/test_sshbuf_fuzz.c | 5 +- .../unittests/sshbuf/test_sshbuf_getput_basic.c | 3 +- .../unittests/sshbuf/test_sshbuf_getput_crypto.c | 3 +- .../unittests/sshbuf/test_sshbuf_getput_fuzz.c | 5 +- .../regress/unittests/sshbuf/test_sshbuf_misc.c | 3 +- crypto/openssh/regress/unittests/sshkey/common.c | 3 +- .../openssh/regress/unittests/sshkey/test_file.c | 5 +- .../openssh/regress/unittests/sshkey/test_fuzz.c | 5 +- .../openssh/regress/unittests/sshkey/test_sshkey.c | 5 +- crypto/openssh/regress/unittests/sshsig/tests.c | 7 +- .../openssh/regress/unittests/sshsig/webauthn.html | 6 +- .../regress/unittests/test_helper/test_helper.c | 11 +- crypto/openssh/rijndael.h | 5 +- crypto/openssh/sandbox-capsicum.c | 1 - crypto/openssh/sandbox-seccomp-filter.c | 14 +- crypto/openssh/scp.1 | 4 +- crypto/openssh/scp.c | 85 +- crypto/openssh/servconf.c | 21 +- crypto/openssh/serverloop.c | 157 +- crypto/openssh/session.c | 5 +- crypto/openssh/sftp-client.c | 200 +- crypto/openssh/sftp-client.h | 4 +- crypto/openssh/sftp-server.c | 85 +- crypto/openssh/sftp.c | 1 - crypto/openssh/sk-api.h | 7 +- crypto/openssh/sk-usbhid.c | 225 +- crypto/openssh/sk_config.h | 2 + crypto/openssh/ssh-add.1 | 88 +- crypto/openssh/ssh-add.c | 218 +- crypto/openssh/ssh-agent.c | 716 +- crypto/openssh/ssh-keygen.1 | 37 +- crypto/openssh/ssh-keygen.c | 246 +- crypto/openssh/ssh-keyscan.c | 70 +- crypto/openssh/ssh-keysign.c | 42 +- crypto/openssh/ssh-pkcs11-client.c | 16 +- crypto/openssh/ssh-pkcs11-helper.c | 4 +- crypto/openssh/ssh-pkcs11.c | 35 +- crypto/openssh/ssh-sk-client.c | 98 +- crypto/openssh/ssh-sk-helper.c | 33 +- crypto/openssh/ssh-sk.c | 106 +- crypto/openssh/ssh-sk.h | 14 +- crypto/openssh/ssh.1 | 10 +- crypto/openssh/ssh.c | 20 +- crypto/openssh/ssh_config | 2 +- crypto/openssh/ssh_config.5 | 22 +- crypto/openssh/ssh_namespace.h | 40 +- crypto/openssh/sshbuf-misc.c | 39 +- crypto/openssh/sshbuf.h | 8 +- crypto/openssh/sshconnect.c | 4 +- crypto/openssh/sshconnect2.c | 79 +- crypto/openssh/sshd.c | 76 +- crypto/openssh/sshd_config | 2 +- crypto/openssh/sshd_config.5 | 8 +- crypto/openssh/sshkey.c | 31 +- crypto/openssh/sshkey.h | 6 +- crypto/openssh/sshsig.c | 284 +- crypto/openssh/sshsig.h | 6 +- crypto/openssh/umac.c | 4 +- crypto/openssh/umac.h | 4 +- crypto/openssh/version.h | 6 +- lib/libpam/modules/pam_ssh/pam_ssh.c | 2 +- secure/usr.sbin/sshd/Makefile | 2 +- 185 files changed, 13876 insertions(+), 12229 deletions(-) diff --cc crypto/openssh/INSTALL index 8ab8a403a4e2,000000000000..114d15314243 mode 100644,000000..100644 --- a/crypto/openssh/INSTALL +++ b/crypto/openssh/INSTALL @@@ -1,301 -1,0 +1,296 @@@ +1. Prerequisites +---------------- + +A C compiler. Any C89 or better compiler should work. Where supported, +configure will attempt to enable the compiler's run-time integrity checking +options. Some notes about specific compilers: + - clang: -ftrapv and -sanitize=integer require the compiler-rt runtime + (CC=clang LDFLAGS=--rtlib=compiler-rt ./configure) + +To support Privilege Separation (which is now required) you will need +to create the user, group and directory used by sshd for privilege +separation. See README.privsep for details. + + +The remaining items are optional. + +A working installation of zlib: +Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems): +http://www.gzip.org/zlib/ + +libcrypto from either of LibreSSL or OpenSSL. Building without libcrypto +is supported but severely restricts the available ciphers and algorithms. + - LibreSSL (https://www.libressl.org/) + - OpenSSL (https://www.openssl.org) with any of the following versions: + - 1.0.x >= 1.0.1 or 1.1.0 >= 1.1.0g or any 1.1.1 + +Note that due to a bug in EVP_CipherInit OpenSSL 1.1 versions prior to +1.1.0g can't be used. + +LibreSSL/OpenSSL should be compiled as a position-independent library +(i.e. -fPIC, eg by configuring OpenSSL as "./config [options] -fPIC" +or LibreSSL as "CFLAGS=-fPIC ./configure") otherwise OpenSSH will not +be able to link with it. If you must use a non-position-independent +libcrypto, then you may need to configure OpenSSH --without-pie. + +If you build either from source, running the OpenSSL self-test ("make +tests") or the LibreSSL equivalent ("make check") and ensuring that all +tests pass is strongly recommended. + +NB. If you operating system supports /dev/random, you should configure +libcrypto (LibreSSL/OpenSSL) to use it. OpenSSH relies on libcrypto's +direct support of /dev/random, or failing that, either prngd or egd. + +PRNGD: + +If your system lacks kernel-based random collection, the use of Lutz +Jaenicke's PRNGd is recommended. It requires that libcrypto be configured +to support it. + +http://prngd.sourceforge.net/ + +EGD: + +The Entropy Gathering Daemon (EGD) supports the same interface as prngd. +It also supported only if libcrypto is configured to support it. + +http://egd.sourceforge.net/ + +PAM: + +OpenSSH can utilise Pluggable Authentication Modules (PAM) if your +system supports it. PAM is standard most Linux distributions, Solaris, +HP-UX 11, AIX >= 5.2, FreeBSD, NetBSD and Mac OS X. + +Information about the various PAM implementations are available: + +Solaris PAM: http://www.sun.com/software/solaris/pam/ +Linux PAM: http://www.kernel.org/pub/linux/libs/pam/ +OpenPAM: http://www.openpam.org/ + +If you wish to build the GNOME passphrase requester, you will need the GNOME +libraries and headers. + +GNOME: +http://www.gnome.org/ + +Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11 +passphrase requester. This is maintained separately at: + +http://www.jmknoble.net/software/x11-ssh-askpass/ + +TCP Wrappers: + +If you wish to use the TCP wrappers functionality you will need at least +tcpd.h and libwrap.a, either in the standard include and library paths, +or in the directory specified by --with-tcp-wrappers. Version 7.6 is +known to work. + +http://ftp.porcupine.org/pub/security/index.html + +LibEdit: + +sftp supports command-line editing via NetBSD's libedit. If your platform +has it available natively you can use that, alternatively you might try +these multi-platform ports: + +http://www.thrysoee.dk/editline/ +http://sourceforge.net/projects/libedit/ + +LDNS: + +LDNS is a DNS BSD-licensed resolver library which supports DNSSEC. + +http://nlnetlabs.nl/projects/ldns/ + +Autoconf: + +If you modify configure.ac or configure doesn't exist (eg if you checked +the code out of git yourself) then you will need autoconf-2.69 and +automake-1.16.1 to rebuild the automatically generated files by running +"autoreconf". Earlier versions may also work but this is not guaranteed. + +http://www.gnu.org/software/autoconf/ +http://www.gnu.org/software/automake/ + +Basic Security Module (BSM): + +Native BSM support is known to exist in Solaris from at least 2.5.1, +FreeBSD 6.1 and OS X. Alternatively, you may use the OpenBSM +implementation (http://www.openbsm.org). + +makedepend: + +https://www.x.org/archive/individual/util/ + +If you are making significant changes to the code you may need to rebuild +the dependency (.depend) file using "make depend", which requires the +"makedepend" tool from the X11 distribution. + +libfido2: + +libfido2 allows the use of hardware security keys over USB. libfido2 +in turn depends on libcbor. libfido2 >= 1.5.0 is strongly recommended. +Limited functionality is possible with earlier libfido2 versions. + +https://github.com/Yubico/libfido2 +https://github.com/pjk/libcbor + + +2. Building / Installation +-------------------------- + +To install OpenSSH with default options: + +./configure +make +make install + +This will install the OpenSSH binaries in /usr/local/bin, configuration files +in /usr/local/etc, the server in /usr/local/sbin, etc. To specify a different +installation prefix, use the --prefix option to configure: + +./configure --prefix=/opt +make +make install + +Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override +specific paths, for example: + +./configure --prefix=/opt --sysconfdir=/etc/ssh +make +make install + +This will install the binaries in /opt/{bin,lib,sbin}, but will place the +configuration files in /etc/ssh. + +If you are using PAM, you may need to manually install a PAM control +file as "/etc/pam.d/sshd" (or wherever your system prefers to keep +them). Note that the service name used to start PAM is __progname, +which is the basename of the path of your sshd (e.g., the service name +for /usr/sbin/osshd will be osshd). If you have renamed your sshd +executable, your PAM configuration may need to be modified. + +A generic PAM configuration is included as "contrib/sshd.pam.generic", +you may need to edit it before using it on your system. If you are +using a recent version of Red Hat Linux, the config file in +contrib/redhat/sshd.pam should be more useful. Failure to install a +valid PAM file may result in an inability to use password +authentication. On HP-UX 11 and Solaris, the standard /etc/pam.conf +configuration will work with sshd (sshd will match the other service +name). + +There are a few other options to the configure script: + +--with-audit=[module] enable additional auditing via the specified module. +Currently, drivers for "debug" (additional info via syslog) and "bsm" +(Sun's Basic Security Module) are supported. + +--with-pam enables PAM support. If PAM support is compiled in, it must +also be enabled in sshd_config (refer to the UsePAM directive). + +--with-prngd-socket=/some/file allows you to enable EGD or PRNGD +support and to specify a PRNGd socket. Use this if your Unix lacks +/dev/random. + +--with-prngd-port=portnum allows you to enable EGD or PRNGD support +and to specify a EGD localhost TCP port. Use this if your Unix lacks +/dev/random. + +--with-lastlog=FILE will specify the location of the lastlog file. +./configure searches a few locations for lastlog, but may not find +it if lastlog is installed in a different place. + +--without-lastlog will disable lastlog support entirely. + +--with-osfsia, --without-osfsia will enable or disable OSF1's Security +Integration Architecture. The default for OSF1 machines is enable. + +--with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny) +support. + - --with-md5-passwords will enable the use of MD5 passwords. Enable this - if your operating system uses MD5 passwords and the system crypt() does - not support them directly (see the crypt(3/3c) man page). If enabled, the - resulting binary will support both MD5 and traditional crypt passwords. - +--with-utmpx enables utmpx support. utmpx support is automatic for +some platforms. + +--without-shadow disables shadow password support. + +--with-ipaddr-display forces the use of a numeric IP address in the +$DISPLAY environment variable. Some broken systems need this. + +--with-default-path=PATH allows you to specify a default $PATH for sessions +started by sshd. This replaces the standard path entirely. + +--with-pid-dir=PATH specifies the directory in which the sshd.pid file is +created. + +--with-xauth=PATH specifies the location of the xauth binary + +--with-ssl-dir=DIR allows you to specify where your Libre/OpenSSL +libraries are installed. + +--with-ssl-engine enables Libre/OpenSSL's (hardware) ENGINE support + +--without-openssl builds without using OpenSSL. Only a subset of ciphers +and algorithms are supported in this configuration. + +--without-zlib builds without zlib. This disables the Compression option. + +--with-4in6 Check for IPv4 in IPv6 mapped addresses and convert them to +real (AF_INET) IPv4 addresses. Works around some quirks on Linux. + +If you need to pass special options to the compiler or linker, you +can specify these as environment variables before running ./configure. +For example: + +CC="/usr/foo/cc" CFLAGS="-O" LDFLAGS="-s" LIBS="-lrubbish" ./configure + +3. Configuration +---------------- + +The runtime configuration files are installed by in ${prefix}/etc or +whatever you specified as your --sysconfdir (/usr/local/etc by default). + +The default configuration should be instantly usable, though you should +review it to ensure that it matches your security requirements. + +To generate a host key, run "make host-key". Alternately you can do so +manually using the following commands: + + ssh-keygen -t [type] -f /etc/ssh/ssh_host_key -N "" + +for each of the types you wish to generate (rsa, dsa or ecdsa) or + + ssh-keygen -A + +to generate keys for all supported types. + +Replacing /etc/ssh with the correct path to the configuration directory. +(${prefix}/etc or whatever you specified with --sysconfdir during +configuration). + +If you have configured OpenSSH with EGD/prngd support, ensure that EGD or +prngd is running and has collected some entropy first. + +For more information on configuration, please refer to the manual pages +for sshd, ssh and ssh-agent. + +4. (Optional) Send survey +------------------------- + +$ make survey +[check the contents of the file "survey" to ensure there's no information +that you consider sensitive] +$ make send-survey + +This will send configuration information for the currently configured +host to a survey address. This will help determine which configurations +are actually in use, and what valid combinations of configure options +exist. The raw data is available only to the OpenSSH developers, however +summary data may be published. + +5. Problems? +------------ + +If you experience problems compiling, installing or running OpenSSH, +please refer to the "reporting bugs" section of the webpage at +https://www.openssh.com/ diff --cc crypto/openssh/SECURITY.md index 000000000000,ba436c4f176d..ba436c4f176d mode 000000,100644..100644 --- a/crypto/openssh/SECURITY.md +++ b/crypto/openssh/SECURITY.md diff --cc crypto/openssh/auth.c index 581d8dce2792,000000000000..faa1a4d3c666 mode 100644,000000..100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@@ -1,1065 -1,0 +1,1075 @@@ - /* $OpenBSD: auth.c,v 1.153 2021/07/05 00:50:25 dtucker Exp $ */ ++/* $OpenBSD: auth.c,v 1.154 2022/02/23 11:17:10 djm Exp $ */ +/* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +__RCSID("$FreeBSD$"); + +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/socket.h> +#include <sys/wait.h> + +#include <netinet/in.h> + +#include <stdlib.h> +#include <errno.h> +#include <fcntl.h> +#ifdef HAVE_PATHS_H +# include <paths.h> +#endif +#include <pwd.h> +#ifdef HAVE_LOGIN_H +#include <login.h> +#endif +#ifdef USE_SHADOW +#include <shadow.h> +#endif +#include <stdarg.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <limits.h> +#include <netdb.h> +#include <time.h> + +#include "xmalloc.h" +#include "match.h" +#include "groupaccess.h" +#include "log.h" +#include "sshbuf.h" +#include "misc.h" +#include "servconf.h" +#include "sshkey.h" +#include "hostfile.h" +#include "auth.h" +#include "auth-options.h" +#include "canohost.h" +#include "uidswap.h" +#include "packet.h" +#include "loginrec.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif +#include "authfile.h" +#include "monitor_wrap.h" +#include "ssherr.h" +#include "compat.h" +#include "channels.h" +#include "blacklist_client.h" + +/* import */ +extern ServerOptions options; +extern struct include_list includes; +extern int use_privsep; +extern struct sshbuf *loginmsg; +extern struct passwd *privsep_pw; +extern struct sshauthopt *auth_opts; + +/* Debugging messages */ +static struct sshbuf *auth_debug; + +/* + * Check if the user is allowed to log in via ssh. If user is listed + * in DenyUsers or one of user's groups is listed in DenyGroups, false + * will be returned. If AllowUsers isn't empty and user isn't listed + * there, or if AllowGroups isn't empty and one of user's groups isn't + * listed there, false will be returned. + * If the user's shell is not executable, false will be returned. + * Otherwise true is returned. + */ +int +allowed_user(struct ssh *ssh, struct passwd * pw) +{ + struct stat st; + const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; + u_int i; + int r; +#ifdef USE_SHADOW + struct spwd *spw = NULL; +#endif + + /* Shouldn't be called if pw is NULL, but better safe than sorry... */ + if (!pw || !pw->pw_name) + return 0; + +#ifdef USE_SHADOW + if (!options.use_pam) + spw = getspnam(pw->pw_name); +#ifdef HAS_SHADOW_EXPIRE + if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw)) + return 0; +#endif /* HAS_SHADOW_EXPIRE */ +#endif /* USE_SHADOW */ + + /* grab passwd field for locked account check */ + passwd = pw->pw_passwd; +#ifdef USE_SHADOW + if (spw != NULL) +#ifdef USE_LIBIAF + passwd = get_iaf_password(pw); +#else + passwd = spw->sp_pwdp; +#endif /* USE_LIBIAF */ +#endif + + /* check for locked account */ + if (!options.use_pam && passwd && *passwd) { + int locked = 0; + +#ifdef LOCKED_PASSWD_STRING + if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) + locked = 1; +#endif +#ifdef LOCKED_PASSWD_PREFIX + if (strncmp(passwd, LOCKED_PASSWD_PREFIX, + strlen(LOCKED_PASSWD_PREFIX)) == 0) + locked = 1; +#endif +#ifdef LOCKED_PASSWD_SUBSTR + if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) + locked = 1; +#endif +#ifdef USE_LIBIAF + free((void *) passwd); +#endif /* USE_LIBIAF */ + if (locked) { + logit("User %.100s not allowed because account is locked", + pw->pw_name); + return 0; + } + } + + /* + * Deny if shell does not exist or is not executable unless we + * are chrooting. + */ + if (options.chroot_directory == NULL || + strcasecmp(options.chroot_directory, "none") == 0) { + char *shell = xstrdup((pw->pw_shell[0] == '\0') ? + _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */ + + if (stat(shell, &st) == -1) { + logit("User %.100s not allowed because shell %.100s " + "does not exist", pw->pw_name, shell); + free(shell); + return 0; + } + if (S_ISREG(st.st_mode) == 0 || + (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { + logit("User %.100s not allowed because shell %.100s " + "is not executable", pw->pw_name, shell); + free(shell); + return 0; + } + free(shell); + } + + if (options.num_deny_users > 0 || options.num_allow_users > 0 || + options.num_deny_groups > 0 || options.num_allow_groups > 0) { + hostname = auth_get_canonical_hostname(ssh, options.use_dns); + ipaddr = ssh_remote_ipaddr(ssh); + } + + /* Return false if user is listed in DenyUsers */ + if (options.num_deny_users > 0) { + for (i = 0; i < options.num_deny_users; i++) { + r = match_user(pw->pw_name, hostname, ipaddr, + options.deny_users[i]); + if (r < 0) { + fatal("Invalid DenyUsers pattern \"%.100s\"", + options.deny_users[i]); + } else if (r != 0) { + logit("User %.100s from %.100s not allowed " + "because listed in DenyUsers", + pw->pw_name, hostname); + return 0; + } + } + } + /* Return false if AllowUsers isn't empty and user isn't listed there */ + if (options.num_allow_users > 0) { + for (i = 0; i < options.num_allow_users; i++) { + r = match_user(pw->pw_name, hostname, ipaddr, + options.allow_users[i]); + if (r < 0) { + fatal("Invalid AllowUsers pattern \"%.100s\"", + options.allow_users[i]); + } else if (r == 1) + break; + } + /* i < options.num_allow_users iff we break for loop */ + if (i >= options.num_allow_users) { + logit("User %.100s from %.100s not allowed because " + "not listed in AllowUsers", pw->pw_name, hostname); + return 0; + } + } + if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { + /* Get the user's group access list (primary and supplementary) */ + if (ga_init(pw->pw_name, pw->pw_gid) == 0) { + logit("User %.100s from %.100s not allowed because " + "not in any group", pw->pw_name, hostname); + return 0; + } + + /* Return false if one of user's groups is listed in DenyGroups */ + if (options.num_deny_groups > 0) + if (ga_match(options.deny_groups, + options.num_deny_groups)) { + ga_free(); + logit("User %.100s from %.100s not allowed " + "because a group is listed in DenyGroups", + pw->pw_name, hostname); + return 0; + } + /* + * Return false if AllowGroups isn't empty and one of user's groups + * isn't listed there + */ + if (options.num_allow_groups > 0) + if (!ga_match(options.allow_groups, + options.num_allow_groups)) { + ga_free(); + logit("User %.100s from %.100s not allowed " + "because none of user's groups are listed " + "in AllowGroups", pw->pw_name, hostname); + return 0; + } + ga_free(); + } + +#ifdef CUSTOM_SYS_AUTH_ALLOWED_USER + if (!sys_auth_allowed_user(pw, loginmsg)) + return 0; +#endif + + /* We found no reason not to let this user try to log on... */ + return 1; +} + +/* + * Formats any key left in authctxt->auth_method_key for inclusion in + * auth_log()'s message. Also includes authxtct->auth_method_info if present. + */ +static char * +format_method_key(Authctxt *authctxt) +{ + const struct sshkey *key = authctxt->auth_method_key; + const char *methinfo = authctxt->auth_method_info; + char *fp, *cafp, *ret = NULL; + + if (key == NULL) + return NULL; + + if (sshkey_is_cert(key)) { + fp = sshkey_fingerprint(key, + options.fingerprint_hash, SSH_FP_DEFAULT); + cafp = sshkey_fingerprint(key->cert->signature_key, + options.fingerprint_hash, SSH_FP_DEFAULT); + xasprintf(&ret, "%s %s ID %s (serial %llu) CA %s %s%s%s", + sshkey_type(key), fp == NULL ? "(null)" : fp, + key->cert->key_id, + (unsigned long long)key->cert->serial, + sshkey_type(key->cert->signature_key), + cafp == NULL ? "(null)" : cafp, + methinfo == NULL ? "" : ", ", + methinfo == NULL ? "" : methinfo); + free(fp); + free(cafp); + } else { + fp = sshkey_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT); + xasprintf(&ret, "%s %s%s%s", sshkey_type(key), + fp == NULL ? "(null)" : fp, + methinfo == NULL ? "" : ", ", + methinfo == NULL ? "" : methinfo); + free(fp); + } + return ret; +} + +void +auth_log(struct ssh *ssh, int authenticated, int partial, + const char *method, const char *submethod) +{ + Authctxt *authctxt = (Authctxt *)ssh->authctxt; + int level = SYSLOG_LEVEL_VERBOSE; + const char *authmsg; + char *extra = NULL; + + if (use_privsep && !mm_is_monitor() && !authctxt->postponed) + return; + + /* Raise logging level */ + if (authenticated == 1 || + !authctxt->valid || + authctxt->failures >= options.max_authtries / 2 || + strcmp(method, "password") == 0) + level = SYSLOG_LEVEL_INFO; + + if (authctxt->postponed) + authmsg = "Postponed"; + else if (partial) + authmsg = "Partial"; + else { + authmsg = authenticated ? "Accepted" : "Failed"; + if (authenticated) + BLACKLIST_NOTIFY(ssh, BLACKLIST_AUTH_OK, "ssh"); + } + + if ((extra = format_method_key(authctxt)) == NULL) { + if (authctxt->auth_method_info != NULL) + extra = xstrdup(authctxt->auth_method_info); + } + + do_log2(level, "%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s", + authmsg, + method, + submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, + authctxt->valid ? "" : "invalid user ", + authctxt->user, + ssh_remote_ipaddr(ssh), + ssh_remote_port(ssh), + extra != NULL ? ": " : "", + extra != NULL ? extra : ""); + + free(extra); + +#if defined(CUSTOM_FAILED_LOGIN) || defined(SSH_AUDIT_EVENTS) + if (authenticated == 0 && !(authctxt->postponed || partial)) { + /* Log failed login attempt */ +# ifdef CUSTOM_FAILED_LOGIN + if (strcmp(method, "password") == 0 || + strncmp(method, "keyboard-interactive", 20) == 0 || + strcmp(method, "challenge-response") == 0) + record_failed_login(ssh, authctxt->user, + auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); +# endif +# ifdef SSH_AUDIT_EVENTS + audit_event(ssh, audit_classify_auth(method)); +# endif + } +#endif +#if defined(CUSTOM_FAILED_LOGIN) && defined(WITH_AIXAUTHENTICATE) + if (authenticated) + sys_auth_record_login(authctxt->user, + auth_get_canonical_hostname(ssh, options.use_dns), "ssh", + loginmsg); +#endif +} + +void +auth_maxtries_exceeded(struct ssh *ssh) +{ + Authctxt *authctxt = (Authctxt *)ssh->authctxt; + + error("maximum authentication attempts exceeded for " + "%s%.100s from %.200s port %d ssh2", + authctxt->valid ? "" : "invalid user ", + authctxt->user, + ssh_remote_ipaddr(ssh), + ssh_remote_port(ssh)); + ssh_packet_disconnect(ssh, "Too many authentication failures"); + /* NOTREACHED */ +} + +/* + * Check whether root logins are disallowed. + */ +int +auth_root_allowed(struct ssh *ssh, const char *method) +{ + switch (options.permit_root_login) { + case PERMIT_YES: + return 1; + case PERMIT_NO_PASSWD: + if (strcmp(method, "publickey") == 0 || + strcmp(method, "hostbased") == 0 || + strcmp(method, "gssapi-with-mic") == 0) + return 1; + break; + case PERMIT_FORCED_ONLY: + if (auth_opts->force_command != NULL) { + logit("Root login accepted for forced command."); + return 1; + } + break; + } + logit("ROOT LOGIN REFUSED FROM %.200s port %d", + ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); + return 0; +} + + +/* + * Given a template and a passwd structure, build a filename + * by substituting % tokenised options. Currently, %% becomes '%', + * %h becomes the home directory and %u the username. + * + * This returns a buffer allocated by xmalloc. + */ +char * +expand_authorized_keys(const char *filename, struct passwd *pw) +{ *** 16890 LINES SKIPPED ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202204132049.23DKn0uO084657>