--- publickey-server.c~ 2004-04-28 09:00:43.000000000 -0400 +++ publickey-server.c 2004-04-28 09:03:05.000000000 -0400 @@ -24,6 +24,25 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +/* + * VDS PKS LOGGING + * + * Patch by: Jason A. Dour + * Joseph Ferraro + * + * All ongoing issues with this patch and general areas in need of improvement + * are commented with XXXVDSXXX. + * + * 2003.05.28 - v2 Added fix for 361p2 regarding authorized_keys files in + * process_list(). Possibly standardize on one keyfile? + * + * 2003.05.28 - v1 Added basic logging functionality. Used bad bad bad + * use_privsep hack to make it work with 3.6.1p2. + * Also added uidswap.o as a dependent object in the + * Makefile to quell some unresolved objects. + */ + #include "includes.h" #include "auth.h" @@ -55,6 +74,24 @@ /* Version of client */ int version; +/* + * XXXVDSXXX - IS THERE ANOTHER WAY AROUND THIS GLOBAL VARIABLE ISSUE? + * + * Give use_privsep a fake value, to allow this to compile with OpenSSH 3.6. + * The variable is needed by back-end code, but not for anything meaningful, + * thus assign it a value just to make the compiler shut up. + */ +int use_privsep = 1; + +#ifdef VDSPKS_LOGGING +/* User Information */ +#define CUNAME cuname ? cuname : "UNKNOWN" +struct passwd *upw; +uid_t cuid; +pid_t ppid; +char *cuname; +#endif + /* Server configuration file */ ServerOptions options; @@ -148,6 +185,9 @@ process_version(void) { version = buffer_get_int(&iqueue); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Client version %d.", ppid, cuid, CUNAME, version); +#endif TRACE("process_version() version=%d", version); } @@ -233,17 +273,28 @@ char *file; int success; - TRACE("process_list(): authorized_keys_file"); - file = authorized_keys_file(pw); - success = list_file(file); - xfree(file); - - TRACE("process_list(): authorized_keys_file2"); - file = authorized_keys_file2(pw); - success = list_file(file) || success; - xfree(file); - + /* XXXVDSXXX - IS IT NECESSARY TO PROCESS BOTH? WHY NOT STANDARDIZE ON ONE AND DOCUMENT IT? */ + if (options.authorized_keys_file != options.authorized_keys_file2) { + TRACE("process_list(): authorized_keys_file\n"); + file = authorized_keys_file(pw); + success = list_file(file); + xfree(file); + + TRACE("process_listi(): authorized_keys_file2\n"); + file = authorized_keys_file2(pw); + success = list_file(file) || success; + xfree(file); + } else { + TRACE("process_list(): authorized_keys_file\n"); + file = authorized_keys_file(pw); + success = list_file(file); + xfree(file); + } + TRACE("process_list() success"); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Listed keys to client.", ppid, cuid, CUNAME); +#endif send_status(PK_SUCCESS, "List complete"); } @@ -310,12 +361,26 @@ xfree(file); if (f == NULL) { - if (errno == EACCES) - send_status(PK_ACCESS_DENIED, - "Access is denied to the authorized_keys file."); - else + if ( errno == EACCES ) { +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Key add failed (%s/%d/%s): %s.", ppid, cuid, CUNAME, + key_ssh_name(key), + key_size(key), + key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX), + "Access to authorized_keys denied."); +#endif + send_status(PK_ACCESS_DENIED, "Access is denied to the authorized_keys file."); + } else { +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Key add failed (%s/%d/%s): %s.", ppid, cuid, CUNAME, + key_ssh_name(key), + key_size(key), + key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX), + "Could not open authorized_keys file."); +#endif send_status(PK_GENERAL_FAILURE, "Could not open authorize_keys file."); + } xfree(comment); key_free(key); @@ -323,6 +388,12 @@ } key_write(key, f); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Key added (%s/%d/%s).", ppid, cuid, CUNAME, + key_ssh_name(key), + key_size(key), + key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX)); +#endif key_free(key); fprintf(f, " %s\n", comment); @@ -332,6 +403,10 @@ send_status(PK_SUCCESS, "Key added."); } +/* + * XXXVDSXXX - NEED PARANOIA CHECKS REGARDING PRIOR EXISTENCE OF TEMP FILE + * TO PREVENT RACE ATTACKS, NAMED PIPES, LINKS, ET CETERA. + */ static int remove_from_file(Key *remove_key, const char *file) { @@ -411,21 +486,44 @@ xfree(org_file); } - if (success == -1) - send_status(PK_GENERAL_FAILURE, "Couldn't create temp file."); - else if (success == 1) - send_status(PK_SUCCESS, + if (success == -1) { +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Key remove failed (%s/%d/%s): %s", ppid, cuid, CUNAME, + key_ssh_name(key), + key_size(key), + key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX), + "Could not create temp file."); +#endif + send_status(PK_GENERAL_FAILURE, "Couldn't create temp file."); + } else if (success == 1) { +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Key removed (%s/%d/%s)", ppid, cuid, CUNAME, + key_ssh_name(key), + key_size(key), + key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX)); +#endif + send_status(PK_SUCCESS, "All instances of publickey were removed."); - else /* success == 0 */ - send_status(PK_KEY_NOT_FOUND, "Could not find publickey."); - - key_free(key); + } else { /* success == 0 */ +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Key remove failed (%s/%d/%s): %s", ppid, cuid, CUNAME, + key_ssh_name(key), + key_size(key), + key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX), + "Could not find public-key."); +#endif + send_status(PK_KEY_NOT_FOUND, "Could not find publickey."); + } + key_free(key); } static void process_command(void) { TRACE("process_command()"); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Extended operation attempted - Ignoring.", ppid, cuid, CUNAME); +#endif } /* stolen from sftp-server */ @@ -462,9 +560,13 @@ process_remove(); else if (strcmp(type, "command") == 0) process_command(); - else + else { +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) Invalid operation - Ignoring.", ppid, cuid, CUNAME); +#endif send_status(PK_REQUEST_NOT_SUPPORTED, "The requested operation is not supported."); + } } static void @@ -486,7 +588,7 @@ uid = getuid(); pid = getpid(); - pw = getpwuid(uid); + pw = getpwuid(uid); /* XXXVDSXXX - NEED ERROR TRAPPING! BOMB OUT? */ #ifdef DEBUG_PUBLICKEY_SERVER @@ -522,6 +624,25 @@ /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); +#ifdef VDSPKS_LOGGING + /* Initialize the username of the user running the process. */ + cuid = uid; + if ((upw = getpwuid(cuid)) == NULL) { + cuname = NULL; + } else { + cuname = xstrdup(upw->pw_name); + } + + /* Initialize the parent process ID. */ + ppid = getppid(); + + /* Initialize the logfile. */ + log_init(__progname, options.log_level, options.log_facility, 0); + + /* Log session start. */ + logit("(%d/%d/%s) VDS PKS session started.", ppid, cuid, CUNAME); +#endif + send_version(1); for (;;) { @@ -538,6 +659,9 @@ if (errno == EINTR) continue; TRACE("main() exit1"); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) VDS PKS session closing (%s).", ppid, cuid, CUNAME, "Select Error"); +#endif exit(2); } @@ -548,10 +672,16 @@ if (len == 0) { TRACE("read eof"); TRACE("main() exit2"); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) VDS PKS session closing (%s).", ppid, cuid, CUNAME, "EOF"); +#endif exit(0); } else if (len < 0) { error("read error"); TRACE("main() exit3"); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) VDS PKS session closing (%s).", ppid, cuid, CUNAME, "Read Error"); +#endif exit(1); } else { buffer_append(&iqueue, buf, len); @@ -564,6 +694,9 @@ if (len < 0) { error("write error"); TRACE("main() exit4"); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) VDS PKS session closing (%s).", ppid, cuid, CUNAME, "Write Error"); +#endif exit(1); } else { buffer_consume(&oqueue, len); @@ -575,4 +708,7 @@ } TRACE("main() end"); +#ifdef VDSPKS_LOGGING + logit("(%d/%d/%s) VDS PKS session closing (%s).", ppid, cuid, CUNAME, "EOF"); +#endif }