comparison svr-authpubkey.c @ 464:4317be8b7cf9

Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
author Matt Johnston <matt@ucc.asn.au>
date Sun, 13 Jan 2008 03:55:59 +0000
parents 7282370416a0
children 52a644e7b8e1
comparison
equal deleted inserted replaced
461:db4f6adcb7e2 464:4317be8b7cf9
103 fp = sign_key_fingerprint(keyblob, keybloblen); 103 fp = sign_key_fingerprint(keyblob, keybloblen);
104 if (buf_verify(ses.payload, key, buf_getptr(signbuf, signbuf->len), 104 if (buf_verify(ses.payload, key, buf_getptr(signbuf, signbuf->len),
105 signbuf->len) == DROPBEAR_SUCCESS) { 105 signbuf->len) == DROPBEAR_SUCCESS) {
106 dropbear_log(LOG_NOTICE, 106 dropbear_log(LOG_NOTICE,
107 "pubkey auth succeeded for '%s' with key %s from %s", 107 "pubkey auth succeeded for '%s' with key %s from %s",
108 ses.authstate.printableuser, fp, svr_ses.addrstring); 108 ses.authstate.pw_name, fp, svr_ses.addrstring);
109 send_msg_userauth_success(); 109 send_msg_userauth_success();
110 } else { 110 } else {
111 dropbear_log(LOG_WARNING, 111 dropbear_log(LOG_WARNING,
112 "pubkey auth bad signature for '%s' with key %s from %s", 112 "pubkey auth bad signature for '%s' with key %s from %s",
113 ses.authstate.printableuser, fp, svr_ses.addrstring); 113 ses.authstate.pw_name, fp, svr_ses.addrstring);
114 send_msg_userauth_failure(0, 1); 114 send_msg_userauth_failure(0, 1);
115 } 115 }
116 m_free(fp); 116 m_free(fp);
117 117
118 out: 118 out:
164 164
165 /* check that we can use the algo */ 165 /* check that we can use the algo */
166 if (have_algo(algo, algolen, sshhostkey) == DROPBEAR_FAILURE) { 166 if (have_algo(algo, algolen, sshhostkey) == DROPBEAR_FAILURE) {
167 dropbear_log(LOG_WARNING, 167 dropbear_log(LOG_WARNING,
168 "pubkey auth attempt with unknown algo for '%s' from %s", 168 "pubkey auth attempt with unknown algo for '%s' from %s",
169 ses.authstate.printableuser, svr_ses.addrstring); 169 ses.authstate.pw_name, svr_ses.addrstring);
170 goto out; 170 goto out;
171 } 171 }
172 172
173 /* check file permissions, also whether file exists */ 173 /* check file permissions, also whether file exists */
174 if (checkpubkeyperms() == DROPBEAR_FAILURE) { 174 if (checkpubkeyperms() == DROPBEAR_FAILURE) {
176 goto out; 176 goto out;
177 } 177 }
178 178
179 /* we don't need to check pw and pw_dir for validity, since 179 /* we don't need to check pw and pw_dir for validity, since
180 * its been done in checkpubkeyperms. */ 180 * its been done in checkpubkeyperms. */
181 len = strlen(ses.authstate.pw->pw_dir); 181 len = strlen(ses.authstate.pw_dir);
182 /* allocate max required pathname storage, 182 /* allocate max required pathname storage,
183 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ 183 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
184 filename = m_malloc(len + 22); 184 filename = m_malloc(len + 22);
185 snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 185 snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
186 ses.authstate.pw->pw_dir); 186 ses.authstate.pw_dir);
187 187
188 /* open the file */ 188 /* open the file */
189 authfile = fopen(filename, "r"); 189 authfile = fopen(filename, "r");
190 if (authfile == NULL) { 190 if (authfile == NULL) {
191 goto out; 191 goto out;
264 int ret = DROPBEAR_FAILURE; 264 int ret = DROPBEAR_FAILURE;
265 unsigned int len; 265 unsigned int len;
266 266
267 TRACE(("enter checkpubkeyperms")) 267 TRACE(("enter checkpubkeyperms"))
268 268
269 if (ses.authstate.pw->pw_dir == NULL) { 269 if (ses.authstate.pw_dir == NULL) {
270 goto out; 270 goto out;
271 } 271 }
272 272
273 if ((len = strlen(ses.authstate.pw->pw_dir)) == 0) { 273 if ((len = strlen(ses.authstate.pw_dir)) == 0) {
274 goto out; 274 goto out;
275 } 275 }
276 276
277 /* allocate max required pathname storage, 277 /* allocate max required pathname storage,
278 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ 278 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
279 filename = m_malloc(len + 22); 279 filename = m_malloc(len + 22);
280 strncpy(filename, ses.authstate.pw->pw_dir, len+1); 280 strncpy(filename, ses.authstate.pw_dir, len+1);
281 281
282 /* check ~ */ 282 /* check ~ */
283 if (checkfileperm(filename) != DROPBEAR_SUCCESS) { 283 if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
284 goto out; 284 goto out;
285 } 285 }
318 if (stat(filename, &filestat) != 0) { 318 if (stat(filename, &filestat) != 0) {
319 TRACE(("leave checkfileperm: stat() != 0")) 319 TRACE(("leave checkfileperm: stat() != 0"))
320 return DROPBEAR_FAILURE; 320 return DROPBEAR_FAILURE;
321 } 321 }
322 /* check ownership - user or root only*/ 322 /* check ownership - user or root only*/
323 if (filestat.st_uid != ses.authstate.pw->pw_uid 323 if (filestat.st_uid != ses.authstate.pw_uid
324 && filestat.st_uid != 0) { 324 && filestat.st_uid != 0) {
325 badperm = 1; 325 badperm = 1;
326 TRACE(("wrong ownership")) 326 TRACE(("wrong ownership"))
327 } 327 }
328 /* check permissions - don't want group or others +w */ 328 /* check permissions - don't want group or others +w */