summaryrefslogtreecommitdiff
path: root/auth-rh-rsa.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>1999-11-11 11:43:13 +1100
committerDamien Miller <djm@mindrot.org>1999-11-11 11:43:13 +1100
commit33e511edb33a5c17e088b5475191c46650e1692d (patch)
tree11926d74316bdec411657af72312ff0d21859c09 /auth-rh-rsa.c
parent9a018a89789cf80292c2114ae94d69fb593e8879 (diff)
- [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
- [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
Diffstat (limited to 'auth-rh-rsa.c')
-rw-r--r--auth-rh-rsa.c25
1 files changed, 24 insertions, 1 deletions
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index c433578b..ee6af218 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -15,7 +15,7 @@ authentication.
*/
#include "includes.h"
-RCSID("$Id: auth-rh-rsa.c,v 1.1 1999/10/27 03:42:43 damien Exp $");
+RCSID("$Id: auth-rh-rsa.c,v 1.2 1999/11/11 00:43:13 damien Exp $");
#include "packet.h"
#include "ssh.h"
@@ -53,8 +53,31 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname,
client_host_key_bits, client_host_key_e,
client_host_key_n, ke, kn);
+ /* Check user host file. */
+ if (host_status != HOST_OK) {
+ struct stat st;
+ char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid);
+ /* Check file permissions of SSH_USER_HOSTFILE,
+ auth_rsa() did already check pw->pw_dir, but there is a race XXX */
+ if (strict_modes &&
+ (stat(user_hostfile, &st) == 0) &&
+ ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
+ (st.st_mode & 022) != 0)) {
+ log("Rhosts RSA authentication refused for %.100s: bad owner or modes for %.200s",
+ pw->pw_name, user_hostfile);
+ } else {
+ /* XXX race between stat and the following open() */
+ temporarily_use_uid(pw->pw_uid);
+ host_status = check_host_in_hostfile(user_hostfile, canonical_hostname,
+ client_host_key_bits, client_host_key_e,
+ client_host_key_n, ke, kn);
+ restore_uid();
+ }
+ xfree(user_hostfile);
+ }
BN_free(ke);
BN_free(kn);
+
if (host_status != HOST_OK) {
/* The host key was not found. */
debug("Rhosts with RSA host authentication denied: unknown or invalid host key");