1999-11-29 07:09:44 +00:00
|
|
|
/*-
|
2000-03-29 08:24:37 +00:00
|
|
|
* Copyright (c) 1999, 2000 Andrew J. Korty
|
1999-11-29 07:09:44 +00:00
|
|
|
* All rights reserved.
|
2002-04-06 19:30:04 +00:00
|
|
|
* Copyright (c) 2001,2002 Networks Associates Technology, Inc.
|
2001-12-05 16:06:35 +00:00
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Portions of this software were developed for the FreeBSD Project by
|
|
|
|
* ThinkSec AS and NAI Labs, the Security Research Division of Network
|
|
|
|
* Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
|
|
|
|
* ("CBOSS"), as part of the DARPA CHATS research program.
|
1999-11-29 07:09:44 +00:00
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
2001-12-05 16:06:35 +00:00
|
|
|
* 3. The name of the author may not be used to endorse or promote
|
|
|
|
* products derived from this software without specific prior written
|
|
|
|
* permission.
|
1999-11-29 07:09:44 +00:00
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
2002-04-04 18:45:21 +00:00
|
|
|
*
|
|
|
|
* $Id: pam_ssh.c,v 1.23 2001/08/20 01:44:02 akorty Exp $
|
1999-11-29 07:09:44 +00:00
|
|
|
*/
|
|
|
|
|
2001-09-30 22:11:06 +00:00
|
|
|
#include <sys/cdefs.h>
|
|
|
|
__FBSDID("$FreeBSD$");
|
1999-11-29 07:09:44 +00:00
|
|
|
|
|
|
|
#include <sys/param.h>
|
2001-07-29 18:31:09 +00:00
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <sys/wait.h>
|
1999-11-29 07:09:44 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
#include <fcntl.h>
|
1999-11-29 07:09:44 +00:00
|
|
|
#include <pwd.h>
|
2001-07-29 18:31:09 +00:00
|
|
|
#include <signal.h>
|
1999-11-29 07:09:44 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
#define PAM_SM_AUTH
|
2001-12-05 16:06:35 +00:00
|
|
|
#define PAM_SM_ACCOUNT
|
|
|
|
#define PAM_SM_SESSION
|
|
|
|
#define PAM_SM_PASSWORD
|
|
|
|
|
2002-02-05 06:08:26 +00:00
|
|
|
#include <security/pam_appl.h>
|
1999-11-29 07:09:44 +00:00
|
|
|
#include <security/pam_modules.h>
|
2001-12-09 15:11:55 +00:00
|
|
|
#include <security/pam_mod_misc.h>
|
2002-04-08 12:38:50 +00:00
|
|
|
#include <security/openpam.h>
|
1999-11-29 07:09:44 +00:00
|
|
|
|
2000-05-30 09:03:15 +00:00
|
|
|
#include <openssl/dsa.h>
|
2001-07-29 18:31:09 +00:00
|
|
|
#include <openssl/evp.h>
|
2000-05-30 09:03:15 +00:00
|
|
|
|
|
|
|
#include "key.h"
|
1999-11-29 07:09:44 +00:00
|
|
|
#include "authfd.h"
|
2000-05-30 09:03:15 +00:00
|
|
|
#include "authfile.h"
|
2001-07-29 18:31:09 +00:00
|
|
|
#include "log.h"
|
|
|
|
#include "pam_ssh.h"
|
1999-11-29 07:09:44 +00:00
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
static void key_cleanup(pam_handle_t *, void *, int);
|
|
|
|
static void ssh_cleanup(pam_handle_t *, void *, int);
|
|
|
|
|
2001-07-29 18:31:09 +00:00
|
|
|
/*
|
2002-04-04 18:45:21 +00:00
|
|
|
* Generic cleanup function for OpenSSH "Key" type.
|
2001-07-29 18:31:09 +00:00
|
|
|
*/
|
1999-11-29 07:09:44 +00:00
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
static void
|
|
|
|
key_cleanup(pam_handle_t *pamh __unused, void *data, int err __unused)
|
1999-11-29 07:09:44 +00:00
|
|
|
{
|
|
|
|
if (data)
|
2001-07-29 18:31:09 +00:00
|
|
|
key_free(data);
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2001-07-29 18:31:09 +00:00
|
|
|
/*
|
|
|
|
* Generic PAM cleanup function for this module.
|
|
|
|
*/
|
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
static void
|
|
|
|
ssh_cleanup(pam_handle_t *pamh __unused, void *data, int err __unused)
|
1999-11-29 07:09:44 +00:00
|
|
|
{
|
|
|
|
if (data)
|
|
|
|
free(data);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1999-12-28 05:32:54 +00:00
|
|
|
/*
|
2001-07-29 18:31:09 +00:00
|
|
|
* Authenticate a user's key by trying to decrypt it with the password
|
|
|
|
* provided. The key and its comment are then stored for later
|
|
|
|
* retrieval by the session phase. An increasing index is embedded in
|
|
|
|
* the PAM variable names so this function may be called multiple times
|
|
|
|
* for multiple keys.
|
1999-12-28 05:32:54 +00:00
|
|
|
*/
|
|
|
|
|
2002-01-24 18:37:17 +00:00
|
|
|
static int
|
2002-04-04 18:45:21 +00:00
|
|
|
auth_via_key(pam_handle_t *pamh, const char *file, const char *dir,
|
|
|
|
const struct passwd *user, const char *pass)
|
1999-12-28 05:32:54 +00:00
|
|
|
{
|
2002-04-04 18:45:21 +00:00
|
|
|
char *comment; /* private key comment */
|
|
|
|
char *data_name; /* PAM state */
|
2002-04-06 19:30:04 +00:00
|
|
|
static int key_idx = 0; /* for saved keys */
|
2002-04-04 18:45:21 +00:00
|
|
|
Key *key; /* user's key */
|
|
|
|
char *path; /* to key files */
|
|
|
|
int retval; /* from calls */
|
1999-12-28 05:32:54 +00:00
|
|
|
|
2001-07-29 18:31:09 +00:00
|
|
|
/* locate the user's private key file */
|
2002-04-04 18:45:21 +00:00
|
|
|
|
2001-07-29 18:31:09 +00:00
|
|
|
if (!asprintf(&path, "%s/%s", dir, file)) {
|
2002-04-04 18:45:21 +00:00
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
2001-07-29 18:31:09 +00:00
|
|
|
return PAM_SERVICE_ERR;
|
1999-12-28 05:32:54 +00:00
|
|
|
}
|
2002-04-04 18:45:21 +00:00
|
|
|
|
|
|
|
/* Try to decrypt the private key with the passphrase provided. If
|
|
|
|
success, the user is authenticated. */
|
|
|
|
|
|
|
|
comment = NULL;
|
2002-04-08 12:38:50 +00:00
|
|
|
if ((retval = openpam_borrow_cred(pamh, user)) != PAM_SUCCESS)
|
|
|
|
return retval;
|
2002-04-04 18:45:21 +00:00
|
|
|
key = key_load_private(path, pass, &comment);
|
2002-04-08 12:38:50 +00:00
|
|
|
openpam_restore_cred(pamh);
|
2001-07-29 18:31:09 +00:00
|
|
|
free(path);
|
2002-04-04 18:45:21 +00:00
|
|
|
if (!comment)
|
|
|
|
comment = strdup(file);
|
|
|
|
if (!key) {
|
|
|
|
free(comment);
|
2001-07-29 18:31:09 +00:00
|
|
|
return PAM_AUTH_ERR;
|
2002-04-04 18:45:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* save the key and comment to pass to ssh-agent in the session
|
|
|
|
phase */
|
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
if (!asprintf(&data_name, "ssh_private_key_%d", key_idx)) {
|
2002-04-04 18:45:21 +00:00
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
2001-07-29 18:31:09 +00:00
|
|
|
free(comment);
|
1999-12-28 05:32:54 +00:00
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
retval = pam_set_data(pamh, data_name, key, key_cleanup);
|
|
|
|
free(data_name);
|
|
|
|
if (retval != PAM_SUCCESS) {
|
|
|
|
key_free(key);
|
|
|
|
free(comment);
|
|
|
|
return retval;
|
|
|
|
}
|
2002-04-06 19:30:04 +00:00
|
|
|
if (!asprintf(&data_name, "ssh_key_comment_%d", key_idx)) {
|
2002-04-04 18:45:21 +00:00
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
2001-07-29 18:31:09 +00:00
|
|
|
free(comment);
|
1999-12-28 05:32:54 +00:00
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
retval = pam_set_data(pamh, data_name, comment, ssh_cleanup);
|
|
|
|
free(data_name);
|
|
|
|
if (retval != PAM_SUCCESS) {
|
|
|
|
free(comment);
|
|
|
|
return retval;
|
|
|
|
}
|
2002-04-04 18:45:21 +00:00
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
++key_idx;
|
1999-12-28 05:32:54 +00:00
|
|
|
return PAM_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/*
|
|
|
|
* Add the keys stored by auth_via_key() to the agent connected to the
|
|
|
|
* socket provided.
|
|
|
|
*/
|
1999-11-29 07:09:44 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
static int
|
2002-04-06 19:30:04 +00:00
|
|
|
add_keys(pam_handle_t *pamh)
|
2002-04-04 18:45:21 +00:00
|
|
|
{
|
|
|
|
AuthenticationConnection *ac; /* connection to ssh-agent */
|
|
|
|
char *comment; /* private key comment */
|
|
|
|
char *data_name; /* PAM state */
|
|
|
|
int final; /* final return value */
|
2002-04-06 19:30:04 +00:00
|
|
|
int key_idx; /* for saved keys */
|
2002-04-04 18:45:21 +00:00
|
|
|
Key *key; /* user's private key */
|
|
|
|
int retval; /* from calls */
|
1999-11-29 07:09:44 +00:00
|
|
|
|
|
|
|
/*
|
2002-04-04 18:45:21 +00:00
|
|
|
* Connect to the agent.
|
|
|
|
*
|
|
|
|
* XXX Because ssh_get_authentication_connection() gets the
|
|
|
|
* XXX agent parameters from the environment, we have to
|
|
|
|
* XXX temporarily replace the environment with the PAM
|
|
|
|
* XXX environment list. This is a hack.
|
1999-11-29 07:09:44 +00:00
|
|
|
*/
|
2002-04-04 18:45:21 +00:00
|
|
|
{
|
|
|
|
extern char **environ;
|
|
|
|
char **saved, **evp;
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
saved = environ;
|
|
|
|
if ((environ = pam_getenvlist(pamh)) == NULL) {
|
|
|
|
environ = saved;
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
|
|
|
return (PAM_BUF_ERR);
|
|
|
|
}
|
|
|
|
ac = ssh_get_authentication_connection();
|
|
|
|
for (evp = environ; *evp; evp++)
|
|
|
|
free(*evp);
|
|
|
|
free(environ);
|
|
|
|
environ = saved;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
2002-04-04 18:45:21 +00:00
|
|
|
if (!ac) {
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %s: %m", MODULE_NAME, socket);
|
|
|
|
return PAM_SESSION_ERR;
|
2001-08-10 19:21:45 +00:00
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* hand off each private key to the agent */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
final = 0;
|
2002-04-06 19:30:04 +00:00
|
|
|
for (key_idx = 0; ; key_idx++) {
|
|
|
|
if (!asprintf(&data_name, "ssh_private_key_%d", key_idx)) {
|
2002-04-04 18:45:21 +00:00
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
|
|
|
ssh_close_authentication_connection(ac);
|
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
}
|
|
|
|
retval = pam_get_data(pamh, data_name, (const void **)&key);
|
|
|
|
free(data_name);
|
|
|
|
if (retval != PAM_SUCCESS)
|
|
|
|
break;
|
2002-04-06 19:30:04 +00:00
|
|
|
if (!asprintf(&data_name, "ssh_key_comment_%d", key_idx)) {
|
2002-04-04 18:45:21 +00:00
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
|
|
|
ssh_close_authentication_connection(ac);
|
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
}
|
|
|
|
retval = pam_get_data(pamh, data_name,
|
|
|
|
(const void **)&comment);
|
|
|
|
free(data_name);
|
|
|
|
if (retval != PAM_SUCCESS)
|
|
|
|
break;
|
|
|
|
retval = ssh_add_identity(ac, key, comment);
|
|
|
|
if (!final)
|
|
|
|
final = retval;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
2002-04-04 18:45:21 +00:00
|
|
|
ssh_close_authentication_connection(ac);
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
return final ? PAM_SUCCESS : PAM_SESSION_ERR;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
PAM_EXTERN int
|
2002-04-06 19:30:04 +00:00
|
|
|
pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
|
|
|
|
int argc, const char **argv)
|
1999-11-29 07:09:44 +00:00
|
|
|
{
|
2002-04-04 18:45:21 +00:00
|
|
|
int authenticated; /* user authenticated? */
|
|
|
|
char *dotdir; /* .ssh dir name */
|
|
|
|
char *file; /* current key file */
|
|
|
|
char *keyfiles; /* list of key files to add */
|
|
|
|
int options; /* options for pam_get_pass() */
|
|
|
|
const char *pass; /* passphrase */
|
|
|
|
const struct passwd *pwent; /* user's passwd entry */
|
|
|
|
struct passwd *pwent_keep; /* our own copy */
|
|
|
|
int retval; /* from calls */
|
|
|
|
const char *user; /* username */
|
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
keyfiles = NULL;
|
2002-04-04 18:45:21 +00:00
|
|
|
options = 0;
|
|
|
|
for (; argc; argc--, argv++)
|
|
|
|
if (strncmp(*argv, OPT_KEYFILES "=", sizeof OPT_KEYFILES)
|
|
|
|
== 0) {
|
|
|
|
if (!(keyfiles = strchr(*argv, '=') + 1))
|
|
|
|
return PAM_AUTH_ERR;
|
|
|
|
} else if (strcmp(*argv, OPT_TRY_FIRST_PASS) == 0)
|
|
|
|
options |= PAM_OPT_TRY_FIRST_PASS;
|
|
|
|
else if (strcmp(*argv, OPT_USE_FIRST_PASS) == 0)
|
|
|
|
options |= PAM_OPT_USE_FIRST_PASS;
|
|
|
|
|
|
|
|
|
|
|
|
if ((retval = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS)
|
|
|
|
return retval;
|
|
|
|
if (!((pwent = getpwnam(user)) && pwent->pw_dir))
|
|
|
|
return PAM_AUTH_ERR;
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* pass prompt message to application and receive passphrase */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, NEED_PASSPHRASE);
|
|
|
|
if (retval != PAM_SUCCESS)
|
2002-04-04 18:45:21 +00:00
|
|
|
return retval;
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
OpenSSL_add_all_algorithms(); /* required for DSA */
|
1999-11-29 07:09:44 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* any key will authenticate us, but if we can decrypt all of the
|
|
|
|
specified keys, we'll do so here so we can cache them in the
|
|
|
|
session phase */
|
2001-12-05 16:06:35 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
if (!asprintf(&dotdir, "%s/%s", pwent->pw_dir, SSH_CLIENT_DIR)) {
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
}
|
|
|
|
authenticated = 0;
|
2002-04-06 19:30:04 +00:00
|
|
|
keyfiles = strdup(keyfiles ? keyfiles : DEF_KEYFILES);
|
2002-04-04 18:45:21 +00:00
|
|
|
for (file = strtok(keyfiles, SEP_KEYFILES); file;
|
|
|
|
file = strtok(NULL, SEP_KEYFILES))
|
|
|
|
if (auth_via_key(pamh, file, dotdir, pwent, pass) ==
|
|
|
|
PAM_SUCCESS)
|
|
|
|
authenticated++;
|
2002-04-05 20:00:05 +00:00
|
|
|
free(dotdir);
|
2002-04-04 18:45:21 +00:00
|
|
|
free(keyfiles);
|
|
|
|
if (!authenticated)
|
|
|
|
return PAM_AUTH_ERR;
|
2001-12-05 16:06:35 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* copy the passwd entry (in case successive calls are made) and
|
|
|
|
save it for the session phase */
|
2001-12-05 16:06:35 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
if (!(pwent_keep = malloc(sizeof *pwent))) {
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%m");
|
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
}
|
|
|
|
(void) memcpy(pwent_keep, pwent, sizeof *pwent_keep);
|
|
|
|
if ((retval = pam_set_data(pamh, "ssh_passwd_entry", pwent_keep,
|
|
|
|
ssh_cleanup)) != PAM_SUCCESS) {
|
|
|
|
free(pwent_keep);
|
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
|
|
|
return PAM_SUCCESS;
|
2001-12-05 16:06:35 +00:00
|
|
|
}
|
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
|
2001-12-05 16:06:35 +00:00
|
|
|
PAM_EXTERN int
|
2002-04-06 19:30:04 +00:00
|
|
|
pam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused,
|
|
|
|
int argc __unused, const char **argv __unused)
|
2001-12-05 16:06:35 +00:00
|
|
|
{
|
2002-04-04 18:45:21 +00:00
|
|
|
return PAM_SUCCESS;
|
2001-12-05 16:06:35 +00:00
|
|
|
}
|
1999-11-29 07:09:44 +00:00
|
|
|
|
|
|
|
|
|
|
|
PAM_EXTERN int
|
2002-04-06 19:30:04 +00:00
|
|
|
pam_sm_open_session(pam_handle_t *pamh, int flags __unused,
|
|
|
|
int argc __unused, const char **argv __unused)
|
1999-11-29 07:09:44 +00:00
|
|
|
{
|
2002-04-04 18:45:21 +00:00
|
|
|
char *agent_socket; /* agent socket */
|
|
|
|
char *env_end; /* end of env */
|
|
|
|
FILE *env_read; /* env data source */
|
|
|
|
char env_string[BUFSIZ]; /* environment string */
|
|
|
|
char *env_value; /* envariable value */
|
|
|
|
int env_write; /* env file descriptor */
|
|
|
|
char hname[MAXHOSTNAMELEN]; /* local hostname */
|
|
|
|
int no_link; /* link per-agent file? */
|
|
|
|
char *per_agent; /* to store env */
|
|
|
|
char *per_session; /* per-session filename */
|
2002-04-05 20:00:05 +00:00
|
|
|
char *agent_pid; /* agent pid */
|
2002-04-04 18:45:21 +00:00
|
|
|
const struct passwd *pwent; /* user's passwd entry */
|
|
|
|
int retval; /* from calls */
|
|
|
|
int start_agent; /* start agent? */
|
|
|
|
const char *tty; /* tty or display name */
|
1999-11-29 07:09:44 +00:00
|
|
|
|
|
|
|
/* dump output of ssh-agent in ~/.ssh */
|
2002-04-04 18:45:21 +00:00
|
|
|
if ((retval = pam_get_data(pamh, "ssh_passwd_entry",
|
|
|
|
(const void **)&pwent)) != PAM_SUCCESS)
|
|
|
|
return retval;
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/*
|
|
|
|
* Use reference counts to limit agents to one per user per host.
|
|
|
|
*
|
|
|
|
* Technique: Create an environment file containing
|
|
|
|
* information about the agent. Only one file is created, but
|
|
|
|
* it may be given many names. One name is given for the
|
|
|
|
* agent itself, agent-<host>. Another name is given for each
|
|
|
|
* session, agent-<host>-<display> or agent-<host>-<tty>. We
|
|
|
|
* delete the per-session filename on session close, and when
|
|
|
|
* the link count goes to unity on the per-agent file, we
|
|
|
|
* delete the file and kill the agent.
|
|
|
|
*/
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* the per-agent file contains just the hostname */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
(void) gethostname(hname, sizeof hname);
|
|
|
|
if (asprintf(&per_agent, "%s/.ssh/agent-%s", pwent->pw_dir, hname)
|
|
|
|
== -1) {
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
|
|
|
return PAM_SERVICE_ERR;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* save the per-agent filename in case we want to delete it on
|
|
|
|
session close */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
if ((retval = pam_set_data(pamh, "ssh_agent_env_agent", per_agent,
|
|
|
|
ssh_cleanup)) != PAM_SUCCESS) {
|
|
|
|
free(per_agent);
|
|
|
|
return retval;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* take on the user's privileges for writing files and starting the
|
|
|
|
agent */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-08 12:38:50 +00:00
|
|
|
if ((retval = openpam_borrow_cred(pamh, pwent)) != PAM_SUCCESS)
|
|
|
|
return retval;
|
2002-04-04 18:45:21 +00:00
|
|
|
|
|
|
|
/* Try to create the per-agent file or open it for reading if it
|
|
|
|
exists. If we can't do either, we won't try to link a
|
|
|
|
per-session filename later. Start the agent if we can't open
|
|
|
|
the file for reading. */
|
|
|
|
|
|
|
|
env_write = no_link = 0;
|
|
|
|
env_read = NULL;
|
|
|
|
if ((env_write = open(per_agent, O_CREAT | O_EXCL | O_WRONLY,
|
|
|
|
S_IRUSR)) < 0 && !(env_read = fopen(per_agent, "r")))
|
|
|
|
no_link = 1;
|
|
|
|
if (env_read) {
|
|
|
|
start_agent = 0;
|
2002-04-08 12:38:50 +00:00
|
|
|
openpam_restore_cred(pamh);
|
2002-04-04 18:45:21 +00:00
|
|
|
} else {
|
|
|
|
start_agent = 1;
|
|
|
|
env_read = popen(SSH_AGENT, "r");
|
2002-04-08 12:38:50 +00:00
|
|
|
openpam_restore_cred(pamh);
|
2002-04-04 18:45:21 +00:00
|
|
|
if (!env_read) {
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %s: %m", MODULE_NAME,
|
|
|
|
SSH_AGENT);
|
|
|
|
if (env_write >= 0)
|
|
|
|
(void) close(env_write);
|
|
|
|
return PAM_SESSION_ERR;
|
|
|
|
}
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* save environment for application with pam_putenv() */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
|
|
|
agent_socket = NULL;
|
2002-04-04 18:45:21 +00:00
|
|
|
while (fgets(env_string, sizeof env_string, env_read)) {
|
|
|
|
|
|
|
|
/* parse environment definitions */
|
|
|
|
|
|
|
|
if (env_write >= 0)
|
|
|
|
(void) write(env_write, env_string,
|
|
|
|
strlen(env_string));
|
|
|
|
if (!(env_value = strchr(env_string, '=')) ||
|
|
|
|
!(env_end = strchr(env_value, ';')))
|
2001-08-11 12:37:55 +00:00
|
|
|
continue;
|
|
|
|
*env_end = '\0';
|
2001-08-10 19:21:45 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* pass to the application */
|
|
|
|
|
|
|
|
if (!((retval = pam_putenv(pamh, env_string)) ==
|
|
|
|
PAM_SUCCESS)) {
|
|
|
|
if (start_agent)
|
|
|
|
(void) pclose(env_read);
|
|
|
|
else
|
|
|
|
(void) fclose(env_read);
|
|
|
|
if (env_write >= 0)
|
|
|
|
(void) close(env_write);
|
|
|
|
if (agent_socket)
|
|
|
|
free(agent_socket);
|
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
}
|
2001-08-10 19:21:45 +00:00
|
|
|
|
2001-07-29 18:31:09 +00:00
|
|
|
*env_value++ = '\0';
|
2002-04-04 18:45:21 +00:00
|
|
|
|
|
|
|
/* save the agent socket so we can connect to it and add
|
|
|
|
the keys as well as the PID so we can kill the agent on
|
|
|
|
session close. */
|
|
|
|
|
2001-07-29 18:31:09 +00:00
|
|
|
if (strcmp(&env_string[strlen(env_string) -
|
2002-04-04 18:45:21 +00:00
|
|
|
strlen(ENV_SOCKET_SUFFIX)], ENV_SOCKET_SUFFIX) == 0 &&
|
|
|
|
!(agent_socket = strdup(env_value))) {
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
|
|
|
if (start_agent)
|
|
|
|
(void) pclose(env_read);
|
|
|
|
else
|
|
|
|
(void) fclose(env_read);
|
|
|
|
if (env_write >= 0)
|
|
|
|
(void) close(env_write);
|
|
|
|
if (agent_socket)
|
|
|
|
free(agent_socket);
|
|
|
|
return PAM_SERVICE_ERR;
|
|
|
|
} else if (strcmp(&env_string[strlen(env_string) -
|
|
|
|
strlen(ENV_PID_SUFFIX)], ENV_PID_SUFFIX) == 0 &&
|
2002-04-05 20:00:05 +00:00
|
|
|
((agent_pid = strdup(env_value)) == NULL ||
|
2002-04-04 18:45:21 +00:00
|
|
|
(retval = pam_set_data(pamh, "ssh_agent_pid",
|
2002-04-05 20:00:05 +00:00
|
|
|
agent_pid, ssh_cleanup)) != PAM_SUCCESS)) {
|
2002-04-04 18:45:21 +00:00
|
|
|
if (start_agent)
|
|
|
|
(void) pclose(env_read);
|
|
|
|
else
|
|
|
|
(void) fclose(env_read);
|
|
|
|
if (env_write >= 0)
|
|
|
|
(void) close(env_write);
|
|
|
|
if (agent_socket)
|
|
|
|
free(agent_socket);
|
2002-04-05 20:00:05 +00:00
|
|
|
if (agent_pid)
|
|
|
|
free(agent_pid);
|
2002-04-04 18:45:21 +00:00
|
|
|
return retval;
|
2001-07-29 18:31:09 +00:00
|
|
|
}
|
2002-04-04 18:45:21 +00:00
|
|
|
|
|
|
|
}
|
|
|
|
if (env_write >= 0)
|
|
|
|
(void) close(env_write);
|
|
|
|
|
|
|
|
if (start_agent) {
|
|
|
|
switch (retval = pclose(env_read)) {
|
|
|
|
case -1:
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %s: %m", MODULE_NAME,
|
|
|
|
SSH_AGENT);
|
|
|
|
if (agent_socket)
|
|
|
|
free(agent_socket);
|
|
|
|
return PAM_SESSION_ERR;
|
|
|
|
case 0:
|
|
|
|
break;
|
|
|
|
case 127:
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: cannot execute %s",
|
|
|
|
MODULE_NAME, SSH_AGENT);
|
|
|
|
if (agent_socket)
|
|
|
|
free(agent_socket);
|
|
|
|
return PAM_SESSION_ERR;
|
|
|
|
default:
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %s exited %s %d",
|
|
|
|
MODULE_NAME,
|
|
|
|
SSH_AGENT, WIFSIGNALED(retval) ? "on signal" :
|
|
|
|
"with status", WIFSIGNALED(retval) ?
|
|
|
|
WTERMSIG(retval) : WEXITSTATUS(retval));
|
|
|
|
if (agent_socket)
|
|
|
|
free(agent_socket);
|
|
|
|
return PAM_SESSION_ERR;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
2002-04-04 18:45:21 +00:00
|
|
|
} else
|
|
|
|
(void) fclose(env_read);
|
|
|
|
|
2002-04-05 20:00:05 +00:00
|
|
|
if (!agent_socket)
|
2002-04-04 18:45:21 +00:00
|
|
|
return PAM_SESSION_ERR;
|
|
|
|
|
2002-04-06 19:30:04 +00:00
|
|
|
if (start_agent && (retval = add_keys(pamh))
|
2002-04-05 20:00:05 +00:00
|
|
|
!= PAM_SUCCESS)
|
2002-04-04 18:45:21 +00:00
|
|
|
return retval;
|
|
|
|
free(agent_socket);
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* if we couldn't access the per-agent file, don't link a
|
|
|
|
per-session filename to it */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
if (no_link)
|
|
|
|
return PAM_SUCCESS;
|
|
|
|
|
|
|
|
/* the per-session file contains the display name or tty name as
|
|
|
|
well as the hostname */
|
|
|
|
|
|
|
|
if ((retval = pam_get_item(pamh, PAM_TTY, (const void **)&tty))
|
2002-04-05 20:00:05 +00:00
|
|
|
!= PAM_SUCCESS)
|
2002-04-04 18:45:21 +00:00
|
|
|
return retval;
|
|
|
|
if (asprintf(&per_session, "%s/.ssh/agent-%s-%s", pwent->pw_dir,
|
|
|
|
hname, tty) == -1) {
|
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %m", MODULE_NAME);
|
|
|
|
return PAM_SERVICE_ERR;
|
1999-12-28 05:32:54 +00:00
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
/* save the per-session filename so we can delete it on session
|
|
|
|
close */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
if ((retval = pam_set_data(pamh, "ssh_agent_env_session",
|
|
|
|
per_session, ssh_cleanup)) != PAM_SUCCESS) {
|
|
|
|
free(per_session);
|
|
|
|
return retval;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
(void) unlink(per_session); /* remove cruft */
|
|
|
|
(void) link(per_agent, per_session);
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
return PAM_SUCCESS;
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
PAM_EXTERN int
|
2002-04-06 19:30:04 +00:00
|
|
|
pam_sm_close_session(pam_handle_t *pamh, int flags __unused,
|
|
|
|
int argc __unused, const char **argv __unused)
|
1999-11-29 07:09:44 +00:00
|
|
|
{
|
2002-04-04 18:45:21 +00:00
|
|
|
const char *env_file; /* ssh-agent environment */
|
|
|
|
pid_t pid; /* ssh-agent process id */
|
|
|
|
int retval; /* from calls */
|
|
|
|
const char *ssh_agent_pid; /* ssh-agent pid string */
|
|
|
|
struct stat sb; /* to check st_nlink */
|
|
|
|
|
|
|
|
if ((retval = pam_get_data(pamh, "ssh_agent_env_session",
|
|
|
|
(const void **)&env_file)) == PAM_SUCCESS && env_file)
|
|
|
|
(void) unlink(env_file);
|
|
|
|
|
|
|
|
/* Retrieve per-agent filename and check link count. If it's
|
|
|
|
greater than unity, other sessions are still using this
|
|
|
|
agent. */
|
|
|
|
|
|
|
|
if ((retval = pam_get_data(pamh, "ssh_agent_env_agent",
|
|
|
|
(const void **)&env_file)) == PAM_SUCCESS && env_file &&
|
|
|
|
stat(env_file, &sb) == 0) {
|
|
|
|
if (sb.st_nlink > 1)
|
|
|
|
return PAM_SUCCESS;
|
|
|
|
(void) unlink(env_file);
|
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
|
|
|
/* retrieve the agent's process id */
|
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
if ((retval = pam_get_data(pamh, "ssh_agent_pid",
|
|
|
|
(const void **)&ssh_agent_pid)) != PAM_SUCCESS)
|
|
|
|
return retval;
|
|
|
|
|
|
|
|
/* Kill the agent. SSH's ssh-agent does not have a -k option, so
|
|
|
|
just call kill(). */
|
2001-07-29 18:31:09 +00:00
|
|
|
|
|
|
|
pid = atoi(ssh_agent_pid);
|
2002-04-06 19:30:04 +00:00
|
|
|
if (pid <= 0)
|
2002-04-04 18:45:21 +00:00
|
|
|
return PAM_SESSION_ERR;
|
2001-07-29 18:31:09 +00:00
|
|
|
if (kill(pid, SIGTERM) != 0) {
|
2002-04-04 18:45:21 +00:00
|
|
|
openpam_log(PAM_LOG_ERROR, "%s: %s: %m", MODULE_NAME,
|
|
|
|
ssh_agent_pid);
|
|
|
|
return PAM_SESSION_ERR;
|
2001-07-29 18:31:09 +00:00
|
|
|
}
|
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
return PAM_SUCCESS;
|
|
|
|
}
|
2001-07-29 18:31:09 +00:00
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
PAM_EXTERN int
|
2002-04-06 19:30:04 +00:00
|
|
|
pam_sm_acct_mgmt(pam_handle_t *pamh __unused, int flags __unused,
|
|
|
|
int argc __unused, const char **argv __unused)
|
2002-04-04 18:45:21 +00:00
|
|
|
{
|
|
|
|
return (PAM_IGNORE);
|
|
|
|
}
|
|
|
|
|
|
|
|
PAM_EXTERN int
|
2002-04-06 19:30:04 +00:00
|
|
|
pam_sm_chauthtok(pam_handle_t *pamh __unused, int flags __unused,
|
|
|
|
int argc __unused, const char **argv __unused)
|
2002-04-04 18:45:21 +00:00
|
|
|
{
|
|
|
|
return (PAM_IGNORE);
|
1999-11-29 07:09:44 +00:00
|
|
|
}
|
|
|
|
|
2002-04-04 18:45:21 +00:00
|
|
|
PAM_MODULE_ENTRY(MODULE_NAME);
|