Attachment #196883 for bug #231172

View | Details | Raw Unified | Return to bug 231172
Collapse All | Expand All

Lines 276-282 Link Here

(-)crypto/openssh/auth2.c (-1 / +1 lines)
276		276
277	#ifdef HAVE_LOGIN_CAP	277	#ifdef HAVE_LOGIN_CAP
278	if (authctxt->pw != NULL &&	278	if (authctxt->pw != NULL &&
279	(lc = login_getpwclass(authctxt->pw)) != NULL) {	279	(lc = PRIVSEP(login_getpwclass(authctxt->pw))) != NULL) {
280	logit("user %s login class %s", authctxt->pw->pw_name,	280	logit("user %s login class %s", authctxt->pw->pw_name,
281	authctxt->pw->pw_class);	281	authctxt->pw->pw_class);
282	from_host = auth_get_canonical_hostname(ssh, options.use_dns);	282	from_host = auth_get_canonical_hostname(ssh, options.use_dns);





int mm_answer_moduli(int, Buffer *);
int mm_answer_sign(int, Buffer *);
int mm_answer_login_getpwclass(int, Buffer *);
int mm_answer_pwnamallow(int, Buffer *);
int mm_answer_auth2_read_banner(int, Buffer *);
int mm_answer_authserv(int, Buffer *);

#endif
    {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
    {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
    {MONITOR_REQ_GETPWCLASS, MON_AUTH, mm_answer_login_getpwclass},
    {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
    {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
    {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},

	return (0);
}

int
mm_answer_login_getpwclass(int sock, Buffer *m)
{
	login_cap_t *lc;
	struct passwd *pw;
	u_int len;

	debug3("%s", __func__);

	pw = buffer_get_string(m, &len);
	if (len != sizeof(struct passwd))
		fatal("%s: struct passwd size mismatch", __func__);
	pw->pw_name = buffer_get_string(m, NULL);
	pw->pw_passwd = buffer_get_string(m, NULL);
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
	pw->pw_gecos = buffer_get_string(m, NULL);
#endif
#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
	pw->pw_class = buffer_get_string(m, NULL);
#endif
	pw->pw_dir = buffer_get_string(m, NULL);
	pw->pw_shell = buffer_get_string(m, NULL);

	lc = login_getpwclass(pw);
	if (lc == NULL) {
		buffer_put_char(m, 0);
		goto out;
	}

	buffer_put_char(m, 1);
	buffer_put_string(m, lc, sizeof(login_cap_t));
	buffer_put_cstring(m, lc->lc_class);
	buffer_put_cstring(m, lc->lc_cap);
	buffer_put_cstring(m, lc->lc_style);
	
	debug3("%s: sending MONITOR_ANS_GETPWCLASS: %s", __func__, lc->lc_class);
	login_close(lc);
 out:
	mm_request_send(sock, MONITOR_ANS_GETPWCLASS, m);

	free(pw->pw_shell);
	free(pw->pw_dir);
#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
	free(pw->pw_class);
#endif
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
	free(pw->pw_gecos);
#endif
	free(pw->pw_passwd);
	free(pw->pw_name);
	free(pw);

	return (0);
}

/* Retrieves the password entry and also checks if the user is permitted */

int

Lines 55-61 Link Here

(-)crypto/openssh/monitor.h (-1 / +2 lines)
55	MONITOR_REQ_GSSSTEP = 44, MONITOR_ANS_GSSSTEP = 45,	55	MONITOR_REQ_GSSSTEP = 44, MONITOR_ANS_GSSSTEP = 45,
56	MONITOR_REQ_GSSUSEROK = 46, MONITOR_ANS_GSSUSEROK = 47,	56	MONITOR_REQ_GSSUSEROK = 46, MONITOR_ANS_GSSUSEROK = 47,
57	MONITOR_REQ_GSSCHECKMIC = 48, MONITOR_ANS_GSSCHECKMIC = 49,	57	MONITOR_REQ_GSSCHECKMIC = 48, MONITOR_ANS_GSSCHECKMIC = 49,
58	MONITOR_REQ_TERM = 50,	58	MONITOR_REQ_GETPWCLASS = 50, MONITOR_ANS_GETPWCLASS = 51,
		59	MONITOR_REQ_TERM = 52,
59		60
60	MONITOR_REQ_PAM_START = 100,	61	MONITOR_REQ_PAM_START = 100,
61	MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103,	62	MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103,




	return (0);
}

login_cap_t *
mm_login_getpwclass(const struct passwd *pwent)
{
	Buffer m;
	login_cap_t *lc;
	u_int len;

	debug3("%s entering", __func__);

	buffer_init(&m);
	buffer_put_string(&m, pwent, sizeof(struct passwd));
	buffer_put_cstring(&m, pwent->pw_name);
	buffer_put_cstring(&m, "*");
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
	buffer_put_cstring(&m, pwent->pw_gecos);
#endif
#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
	buffer_put_cstring(&m, pwent->pw_class);
#endif
	buffer_put_cstring(&m, pwent->pw_dir);
	buffer_put_cstring(&m, pwent->pw_shell);

	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GETPWCLASS, &m);

	debug3("%s: waiting for MONITOR_ANS_GETPWCLASS", __func__);
	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GETPWCLASS, &m);

	if (buffer_get_char(&m) == 0) {
		lc = NULL;
		goto out;
	}

	lc = buffer_get_string(&m, &len);
	if (len != sizeof(login_cap_t))
		fatal("%s: login_cap_t size mismatch", __func__);
	lc->lc_class = buffer_get_string(&m, NULL);
	lc->lc_cap = buffer_get_string(&m, NULL);
	lc->lc_style = buffer_get_string(&m, NULL);

 out:
	buffer_free(&m);

	return (lc);
}

struct passwd *
mm_getpwnamallow(const char *username)
{

Lines 45-50 Link Here

(-)crypto/openssh/monitor_wrap.h (+1 lines)
45	const char *);	45	const char *);
46	void mm_inform_authserv(char , char );	46	void mm_inform_authserv(char , char );
47	struct passwd mm_getpwnamallow(const char );	47	struct passwd mm_getpwnamallow(const char );
		48	login_cap_t mm_login_getpwclass(const struct passwd pwd);
48	char *mm_auth2_read_banner(void);	49	char *mm_auth2_read_banner(void);
49	int mm_auth_password(struct ssh , char );	50	int mm_auth_password(struct ssh , char );
50	int mm_key_allowed(enum mm_keytype, const char , const char , struct sshkey *,	51	int mm_key_allowed(enum mm_keytype, const char , const char , struct sshkey *,

Lines 71-76 Link Here

(-)crypto/openssh/sandbox-capsicum.c (+3 lines)
71	struct rlimit rl_zero;	71	struct rlimit rl_zero;
72	cap_rights_t rights;	72	cap_rights_t rights;
73		73
		74	/* cache timezone data */
		75	tzset();
		76
74	rl_zero.rlim_cur = rl_zero.rlim_max = 0;	77	rl_zero.rlim_cur = rl_zero.rlim_max = 0;
75		78
76	if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)	79	if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)

Return to bug 231172

Lines 125-130 Link Here

(-)crypto/openssh/monitor.c (+57 lines)
125		125
126	int mm_answer_moduli(int, Buffer *);	126	int mm_answer_moduli(int, Buffer *);
127	int mm_answer_sign(int, Buffer *);	127	int mm_answer_sign(int, Buffer *);
		128	int mm_answer_login_getpwclass(int, Buffer *);
128	int mm_answer_pwnamallow(int, Buffer *);	129	int mm_answer_pwnamallow(int, Buffer *);
129	int mm_answer_auth2_read_banner(int, Buffer *);	130	int mm_answer_auth2_read_banner(int, Buffer *);
130	int mm_answer_authserv(int, Buffer *);	131	int mm_answer_authserv(int, Buffer *);
Lines 203-208 Link Here
203	#endif	204	#endif
204	{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},	205	{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
205	{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},	206	{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
		207	{MONITOR_REQ_GETPWCLASS, MON_AUTH, mm_answer_login_getpwclass},
206	{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},	208	{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
207	{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},	209	{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
208	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},	210	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
Lines 707-712 Link Here
707	return (0);	709	return (0);
708	}	710	}
709		711
		712	int
		713	mm_answer_login_getpwclass(int sock, Buffer *m)
		714	{
		715	login_cap_t *lc;
		716	struct passwd *pw;
		717	u_int len;
		718
		719	debug3("%s", __func__);
		720
		721	pw = buffer_get_string(m, &len);
		722	if (len != sizeof(struct passwd))
		723	fatal("%s: struct passwd size mismatch", __func__);
		724	pw->pw_name = buffer_get_string(m, NULL);
		725	pw->pw_passwd = buffer_get_string(m, NULL);
		726	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
		727	pw->pw_gecos = buffer_get_string(m, NULL);
		728	#endif
		729	#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
		730	pw->pw_class = buffer_get_string(m, NULL);
		731	#endif
		732	pw->pw_dir = buffer_get_string(m, NULL);
		733	pw->pw_shell = buffer_get_string(m, NULL);
		734
		735	lc = login_getpwclass(pw);
		736	if (lc == NULL) {
		737	buffer_put_char(m, 0);
		738	goto out;
		739	}
		740
		741	buffer_put_char(m, 1);
		742	buffer_put_string(m, lc, sizeof(login_cap_t));
		743	buffer_put_cstring(m, lc->lc_class);
		744	buffer_put_cstring(m, lc->lc_cap);
		745	buffer_put_cstring(m, lc->lc_style);
		746
		747	debug3("%s: sending MONITOR_ANS_GETPWCLASS: %s", __func__, lc->lc_class);
		748	login_close(lc);
		749	out:
		750	mm_request_send(sock, MONITOR_ANS_GETPWCLASS, m);
		751
		752	free(pw->pw_shell);
		753	free(pw->pw_dir);
		754	#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
		755	free(pw->pw_class);
		756	#endif
		757	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
		758	free(pw->pw_gecos);
		759	#endif
		760	free(pw->pw_passwd);
		761	free(pw->pw_name);
		762	free(pw);
		763
		764	return (0);
		765	}
		766
710	/* Retrieves the password entry and also checks if the user is permitted */	767	/* Retrieves the password entry and also checks if the user is permitted */
711		768
712	int	769	int

Lines 238-243 Link Here

(-)crypto/openssh/monitor_wrap.c (+45 lines)
238	return (0);	238	return (0);
239	}	239	}
240		240
		241	login_cap_t *
		242	mm_login_getpwclass(const struct passwd *pwent)
		243	{
		244	Buffer m;
		245	login_cap_t *lc;
		246	u_int len;
		247
		248	debug3("%s entering", __func__);
		249
		250	buffer_init(&m);
		251	buffer_put_string(&m, pwent, sizeof(struct passwd));
		252	buffer_put_cstring(&m, pwent->pw_name);
		253	buffer_put_cstring(&m, "*");
		254	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
		255	buffer_put_cstring(&m, pwent->pw_gecos);
		256	#endif
		257	#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
		258	buffer_put_cstring(&m, pwent->pw_class);
		259	#endif
		260	buffer_put_cstring(&m, pwent->pw_dir);
		261	buffer_put_cstring(&m, pwent->pw_shell);
		262
		263	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GETPWCLASS, &m);
		264
		265	debug3("%s: waiting for MONITOR_ANS_GETPWCLASS", __func__);
		266	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GETPWCLASS, &m);
		267
		268	if (buffer_get_char(&m) == 0) {
		269	lc = NULL;
		270	goto out;
		271	}
		272
		273	lc = buffer_get_string(&m, &len);
		274	if (len != sizeof(login_cap_t))
		275	fatal("%s: login_cap_t size mismatch", __func__);
		276	lc->lc_class = buffer_get_string(&m, NULL);
		277	lc->lc_cap = buffer_get_string(&m, NULL);
		278	lc->lc_style = buffer_get_string(&m, NULL);
		279
		280	out:
		281	buffer_free(&m);
		282
		283	return (lc);
		284	}
		285
241	struct passwd *	286	struct passwd *
242	mm_getpwnamallow(const char *username)	287	mm_getpwnamallow(const char *username)
243	{	288	{