Mercurial > dropbear
annotate svr-agentfwd.c @ 1279:f107cef4be68
add CVE
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 16 Mar 2016 23:04:55 +0800 |
parents | 7c899f24a85b |
children | 750ec4ec4cbe |
rev | line source |
---|---|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 /* This file (agentfwd.c) handles authentication agent forwarding, for OpenSSH |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 * style agents. */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "includes.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 |
604
810dfc792ca9
Compile fix for when both client and server agent forwarding is disabled
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
30 #ifdef ENABLE_SVR_AGENTFWD |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 #include "agentfwd.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 #include "session.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 #include "ssh.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 #include "dbutil.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 #include "chansession.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 #include "channel.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 #include "packet.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 #include "buffer.h" |
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
617
diff
changeset
|
40 #include "dbrandom.h" |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
41 #include "listener.h" |
475
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
42 #include "auth.h" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 #define AGENTDIRPREFIX "/tmp/dropbear-" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 static int send_msg_channel_open_agent(int fd); |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
47 static int bindagent(int fd, struct ChanSess * chansess); |
62 | 48 static void agentaccept(struct Listener * listener, int sock); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 /* Handles client requests to start agent forwarding, sets up listening socket. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
560 | 52 int svr_agentreq(struct ChanSess * chansess) { |
617
81def6b732c7
Clean up fd on failure. Found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents:
604
diff
changeset
|
53 int fd = -1; |
560 | 54 |
475
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
55 if (!svr_pubkey_allows_agentfwd()) { |
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
56 return DROPBEAR_FAILURE; |
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
57 } |
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
58 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
59 if (chansess->agentlistener != NULL) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 return DROPBEAR_FAILURE; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 /* create listening socket */ |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
64 fd = socket(PF_UNIX, SOCK_STREAM, 0); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
65 if (fd < 0) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 goto fail; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 /* create the unix socket dir and file */ |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
70 if (bindagent(fd, chansess) == DROPBEAR_FAILURE) { |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
71 goto fail; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
72 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 /* listen */ |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
75 if (listen(fd, 20) < 0) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
76 goto fail; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 /* set non-blocking */ |
109
2e9d1f29c50f
merge of 50be59810e462f9f44f55e421227d6aa0b31982b
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
80 setnonblocking(fd); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
81 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
82 /* pass if off to listener */ |
62 | 83 chansess->agentlistener = new_listener( &fd, 1, 0, chansess, |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
84 agentaccept, NULL); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
85 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
86 if (chansess->agentlistener == NULL) { |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
87 goto fail; |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
88 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
89 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
90 return DROPBEAR_SUCCESS; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
91 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 fail: |
617
81def6b732c7
Clean up fd on failure. Found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents:
604
diff
changeset
|
93 m_close(fd); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
94 /* cleanup */ |
560 | 95 svr_agentcleanup(chansess); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
96 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
97 return DROPBEAR_FAILURE; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
98 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
99 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
100 /* accepts a connection on the forwarded socket and opens a new channel for it |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
101 * back to the client */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
102 /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
103 static void agentaccept(struct Listener *UNUSED(listener), int sock) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
104 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
105 int fd; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
106 |
62 | 107 fd = accept(sock, NULL, NULL); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
108 if (fd < 0) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
109
diff
changeset
|
109 TRACE(("accept failed")) |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
110 return; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
112 |
13
db2c8e6fb284
Fixed stupid agentfwd error (using the listening FD, not the accepted on. gah)
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
113 if (send_msg_channel_open_agent(fd) != DROPBEAR_SUCCESS) { |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
114 close(fd); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
115 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
117 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
118 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
119 /* set up the environment variable pointing to the socket. This is called |
1037
7c899f24a85b
Some minor typo fixes, found by codespell.
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
858
diff
changeset
|
120 * just before command/shell execution, after dropping privileges */ |
560 | 121 void svr_agentset(struct ChanSess * chansess) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
122 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 char *path = NULL; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 int len; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
125 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
126 if (chansess->agentlistener == NULL) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
127 return; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
128 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
129 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
130 /* 2 for "/" and "\0" */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
131 len = strlen(chansess->agentdir) + strlen(chansess->agentfile) + 2; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
132 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
133 path = m_malloc(len); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
134 snprintf(path, len, "%s/%s", chansess->agentdir, chansess->agentfile); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
135 addnewvar("SSH_AUTH_SOCK", path); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
136 m_free(path); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
137 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
138 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
139 /* close the socket, remove the socket-file */ |
560 | 140 void svr_agentcleanup(struct ChanSess * chansess) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
141 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
142 char *path = NULL; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
143 uid_t uid; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
144 gid_t gid; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
145 int len; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
146 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
147 if (chansess->agentlistener != NULL) { |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
148 remove_listener(chansess->agentlistener); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
149 chansess->agentlistener = NULL; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
150 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
151 |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
152 if (chansess->agentfile != NULL && chansess->agentdir != NULL) { |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
153 |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
154 /* Remove the dir as the user. That way they can't cause problems except |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
155 * for themselves */ |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
156 uid = getuid(); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
157 gid = getgid(); |
464
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
158 if ((setegid(ses.authstate.pw_gid)) < 0 || |
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
159 (seteuid(ses.authstate.pw_uid)) < 0) { |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
160 dropbear_exit("Failed to set euid"); |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
161 } |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
162 |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
163 /* 2 for "/" and "\0" */ |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
164 len = strlen(chansess->agentdir) + strlen(chansess->agentfile) + 2; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
165 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
166 path = m_malloc(len); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
167 snprintf(path, len, "%s/%s", chansess->agentdir, chansess->agentfile); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
168 unlink(path); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
169 m_free(path); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
170 |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
171 rmdir(chansess->agentdir); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
172 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
173 if ((seteuid(uid)) < 0 || |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
174 (setegid(gid)) < 0) { |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
175 dropbear_exit("Failed to revert euid"); |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
176 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
177 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
178 m_free(chansess->agentfile); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
179 m_free(chansess->agentdir); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
180 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
181 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
182 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
183 |
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
184 static const struct ChanType chan_svr_agent = { |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
185 0, /* sepfds */ |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
186 "[email protected]", |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
187 NULL, |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
188 NULL, |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
189 NULL, |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
190 NULL |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
191 }; |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
192 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
193 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
194 /* helper for accepting an agent request */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
195 static int send_msg_channel_open_agent(int fd) { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
196 |
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
197 if (send_msg_channel_open_init(fd, &chan_svr_agent) == DROPBEAR_SUCCESS) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
198 encrypt_packet(); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
199 return DROPBEAR_SUCCESS; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
200 } else { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 return DROPBEAR_FAILURE; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
202 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
203 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
204 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
205 /* helper for creating the agent socket-file |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
207 static int bindagent(int fd, struct ChanSess * chansess) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
208 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
209 struct sockaddr_un addr; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
210 unsigned int prefix; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
211 char path[sizeof(addr.sun_path)], sockfile[sizeof(addr.sun_path)]; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
212 mode_t mode; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
213 int i; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
214 uid_t uid; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
215 gid_t gid; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
216 int ret = DROPBEAR_FAILURE; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
217 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
218 /* drop to user privs to make the dir/file */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
219 uid = getuid(); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
220 gid = getgid(); |
464
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
221 if ((setegid(ses.authstate.pw_gid)) < 0 || |
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
222 (seteuid(ses.authstate.pw_uid)) < 0) { |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
223 dropbear_exit("Failed to set euid"); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
224 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
225 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
226 memset((void*)&addr, 0x0, sizeof(addr)); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
227 addr.sun_family = AF_UNIX; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
228 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
229 mode = S_IRWXU; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
230 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
231 for (i = 0; i < 20; i++) { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
232 genrandom((unsigned char*)&prefix, sizeof(prefix)); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
233 /* we want 32 bits (8 hex digits) - "/tmp/dropbear-f19c62c0" */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
234 snprintf(path, sizeof(path), AGENTDIRPREFIX "%.8x", prefix); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
235 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
236 if (mkdir(path, mode) == 0) { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
237 goto bindsocket; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
238 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
239 if (errno != EEXIST) { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
240 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
241 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
242 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
243 /* couldn't make a dir */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
244 goto out; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
245 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
246 bindsocket: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
247 /* Format is "/tmp/dropbear-0246dead/auth-d00f7654-23". |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
248 * The "23" is the file desc, the random data is to avoid collisions |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
249 * between subsequent user processes reusing socket fds (odds are now |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
250 * 1/(2^64) */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
251 genrandom((unsigned char*)&prefix, sizeof(prefix)); |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
252 snprintf(sockfile, sizeof(sockfile), "auth-%.8x-%d", prefix, fd); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
253 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
254 snprintf(addr.sun_path, sizeof(addr.sun_path), "%s/%s", path, sockfile); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
255 |
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
256 if (bind(fd, (struct sockaddr*)&addr, sizeof(addr)) == 0) { |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
257 chansess->agentdir = m_strdup(path); |
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
258 chansess->agentfile = m_strdup(sockfile); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
259 ret = DROPBEAR_SUCCESS; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
260 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
261 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
262 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
263 out: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
264 if ((seteuid(uid)) < 0 || |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
265 (setegid(gid)) < 0) { |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
266 dropbear_exit("Failed to revert euid"); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
267 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
268 return ret; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
269 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
270 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
271 #endif |