version 1.54, 2022/02/01 23:32:51 |
version 1.55, 2022/02/23 11:15:57 |
|
|
#include "pathnames.h" |
#include "pathnames.h" |
#include "log.h" |
#include "log.h" |
#include "misc.h" |
#include "misc.h" |
|
#include "xmalloc.h" |
#include "sshbuf.h" |
#include "sshbuf.h" |
#include "sshkey.h" |
#include "sshkey.h" |
#include "servconf.h" |
#include "servconf.h" |
|
|
auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, |
auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, |
const char *ipaddr) |
const char *ipaddr) |
{ |
{ |
char buf[1024]; |
char *path = NULL; |
struct stat st; |
struct stat st; |
static const char * const rhosts_files[] = {".shosts", ".rhosts", NULL}; |
static const char * const rhosts_files[] = {".shosts", ".rhosts", NULL}; |
u_int rhosts_file_index; |
u_int rhosts_file_index; |
|
int r; |
|
|
debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s", |
debug2_f("clientuser %s hostname %s ipaddr %s", |
client_user, hostname, ipaddr); |
client_user, hostname, ipaddr); |
|
|
/* Switch to the user's uid. */ |
/* Switch to the user's uid. */ |
|
|
for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; |
for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; |
rhosts_file_index++) { |
rhosts_file_index++) { |
/* Check users .rhosts or .shosts. */ |
/* Check users .rhosts or .shosts. */ |
snprintf(buf, sizeof buf, "%.500s/%.100s", |
xasprintf(&path, "%s/%s", |
pw->pw_dir, rhosts_files[rhosts_file_index]); |
pw->pw_dir, rhosts_files[rhosts_file_index]); |
if (stat(buf, &st) >= 0) |
r = stat(path, &st); |
|
free(path); |
|
if (r >= 0) |
break; |
break; |
} |
} |
/* Switch back to privileged uid. */ |
/* Switch back to privileged uid. */ |
|
|
for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; |
for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; |
rhosts_file_index++) { |
rhosts_file_index++) { |
/* Check users .rhosts or .shosts. */ |
/* Check users .rhosts or .shosts. */ |
snprintf(buf, sizeof buf, "%.500s/%.100s", |
xasprintf(&path, "%s/%s", |
pw->pw_dir, rhosts_files[rhosts_file_index]); |
pw->pw_dir, rhosts_files[rhosts_file_index]); |
if (stat(buf, &st) == -1) |
if (stat(path, &st) == -1) { |
|
free(path); |
continue; |
continue; |
|
} |
|
|
/* |
/* |
* Make sure that the file is either owned by the user or by |
* Make sure that the file is either owned by the user or by |
|
|
if (options.strict_modes && |
if (options.strict_modes && |
((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
(st.st_mode & 022) != 0)) { |
(st.st_mode & 022) != 0)) { |
logit("Rhosts authentication refused for %.100s: bad modes for %.200s", |
logit("Rhosts authentication refused for %.100s: " |
pw->pw_name, buf); |
"bad modes for %.200s", pw->pw_name, path); |
auth_debug_add("Bad file modes for %.200s", buf); |
auth_debug_add("Bad file modes for %.200s", path); |
|
free(path); |
continue; |
continue; |
} |
} |
/* |
/* |
|
|
strcmp(rhosts_files[rhosts_file_index], ".shosts") != 0)) { |
strcmp(rhosts_files[rhosts_file_index], ".shosts") != 0)) { |
auth_debug_add("Server has been configured to " |
auth_debug_add("Server has been configured to " |
"ignore %.100s.", rhosts_files[rhosts_file_index]); |
"ignore %.100s.", rhosts_files[rhosts_file_index]); |
|
free(path); |
continue; |
continue; |
} |
} |
/* Check if authentication is permitted by the file. */ |
/* Check if authentication is permitted by the file. */ |
if (check_rhosts_file(buf, hostname, ipaddr, |
if (check_rhosts_file(path, hostname, ipaddr, |
client_user, pw->pw_name)) { |
client_user, pw->pw_name)) { |
auth_debug_add("Accepted by %.100s.", |
auth_debug_add("Accepted by %.100s.", |
rhosts_files[rhosts_file_index]); |
rhosts_files[rhosts_file_index]); |
|
|
auth_debug_add("Accepted host %s ip %s client_user " |
auth_debug_add("Accepted host %s ip %s client_user " |
"%s server_user %s", hostname, ipaddr, |
"%s server_user %s", hostname, ipaddr, |
client_user, pw->pw_name); |
client_user, pw->pw_name); |
|
free(path); |
return 1; |
return 1; |
} |
} |
|
free(path); |
} |
} |
|
|
/* Restore the privileged uid. */ |
/* Restore the privileged uid. */ |