diff options
Diffstat (limited to 'crypto/openssh/auth-rhosts.c')
-rw-r--r-- | crypto/openssh/auth-rhosts.c | 64 |
1 files changed, 42 insertions, 22 deletions
diff --git a/crypto/openssh/auth-rhosts.c b/crypto/openssh/auth-rhosts.c index b5bedee8d40d..ee9e827afd08 100644 --- a/crypto/openssh/auth-rhosts.c +++ b/crypto/openssh/auth-rhosts.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rhosts.c,v 1.45 2014/07/15 15:54:14 millert Exp $ */ +/* $OpenBSD: auth-rhosts.c,v 1.46 2014/12/23 22:42:48 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -57,7 +57,8 @@ check_rhosts_file(const char *filename, const char *hostname, const char *server_user) { FILE *f; - char buf[1024]; /* Must not be larger than host, user, dummy below. */ +#define RBUFLN 1024 + char buf[RBUFLN];/* Must not be larger than host, user, dummy below. */ int fd; struct stat st; @@ -80,8 +81,9 @@ check_rhosts_file(const char *filename, const char *hostname, return 0; } while (fgets(buf, sizeof(buf), f)) { - /* All three must be at least as big as buf to avoid overflows. */ - char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; + /* All three must have length >= buf to avoid overflows. */ + char hostbuf[RBUFLN], userbuf[RBUFLN], dummy[RBUFLN]; + char *host, *user, *cp; int negated; for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) @@ -140,8 +142,8 @@ check_rhosts_file(const char *filename, const char *hostname, /* Check for empty host/user names (particularly '+'). */ if (!host[0] || !user[0]) { /* We come here if either was '+' or '-'. */ - auth_debug_add("Ignoring wild host/user names in %.100s.", - filename); + auth_debug_add("Ignoring wild host/user names " + "in %.100s.", filename); continue; } /* Verify that host name matches. */ @@ -149,7 +151,8 @@ check_rhosts_file(const char *filename, const char *hostname, if (!innetgr(host + 1, hostname, NULL, NULL) && !innetgr(host + 1, ipaddr, NULL, NULL)) continue; - } else if (strcasecmp(host, hostname) && strcmp(host, ipaddr) != 0) + } else if (strcasecmp(host, hostname) && + strcmp(host, ipaddr) != 0) continue; /* Different hostname. */ /* Verify that user name matches. */ @@ -208,7 +211,8 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam /* Switch to the user's uid. */ temporarily_use_uid(pw); /* - * Quick check: if the user has no .shosts or .rhosts files, return + * Quick check: if the user has no .shosts or .rhosts files and + * no system hosts.equiv/shosts.equiv files exist then return * failure immediately without doing costly lookups from name * servers. */ @@ -223,27 +227,38 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam /* Switch back to privileged uid. */ restore_uid(); - /* Deny if The user has no .shosts or .rhosts file and there are no system-wide files. */ + /* + * Deny if The user has no .shosts or .rhosts file and there + * are no system-wide files. + */ if (!rhosts_files[rhosts_file_index] && stat(_PATH_RHOSTS_EQUIV, &st) < 0 && - stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) + stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) { + debug3("%s: no hosts access files exist", __func__); return 0; + } - /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ - if (pw->pw_uid != 0) { + /* + * If not logging in as superuser, try /etc/hosts.equiv and + * shosts.equiv. + */ + if (pw->pw_uid == 0) + debug3("%s: root user, ignoring system hosts files", __func__); + else { if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user, pw->pw_name)) { - auth_debug_add("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", - hostname, ipaddr); + auth_debug_add("Accepted for %.100s [%.100s] by " + "/etc/hosts.equiv.", hostname, ipaddr); return 1; } if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, client_user, pw->pw_name)) { - auth_debug_add("Accepted for %.100s [%.100s] by %.100s.", - hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); + auth_debug_add("Accepted for %.100s [%.100s] by " + "%.100s.", hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); return 1; } } + /* * Check that the home directory is owned by root or the user, and is * not group or world writable. @@ -290,20 +305,25 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam auth_debug_add("Bad file modes for %.200s", buf); continue; } - /* Check if we have been configured to ignore .rhosts and .shosts files. */ + /* + * Check if we have been configured to ignore .rhosts + * and .shosts files. + */ if (options.ignore_rhosts) { - auth_debug_add("Server has been configured to ignore %.100s.", - rhosts_files[rhosts_file_index]); + auth_debug_add("Server has been configured to " + "ignore %.100s.", rhosts_files[rhosts_file_index]); continue; } /* Check if authentication is permitted by the file. */ - if (check_rhosts_file(buf, hostname, ipaddr, client_user, pw->pw_name)) { + if (check_rhosts_file(buf, hostname, ipaddr, + client_user, pw->pw_name)) { auth_debug_add("Accepted by %.100s.", rhosts_files[rhosts_file_index]); /* Restore the privileged uid. */ restore_uid(); - auth_debug_add("Accepted host %s ip %s client_user %s server_user %s", - hostname, ipaddr, client_user, pw->pw_name); + auth_debug_add("Accepted host %s ip %s client_user " + "%s server_user %s", hostname, ipaddr, + client_user, pw->pw_name); return 1; } } |