#include "roaming.h"
#include "version.h"
+#ifdef USE_SECURITY_SESSION_API
+#include <Security/AuthSession.h>
+#endif
+
#ifdef LIBWRAP
#include <tcpd.h>
#include <syslog.h>
logit("Disabling protocol version 1. Could not load host key");
options.protocol &= ~SSH_PROTO_1;
}
+#ifndef GSSAPI
+ /* The GSSAPI key exchange can run without a host key */
if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) {
logit("Disabling protocol version 2. Could not load host key");
options.protocol &= ~SSH_PROTO_2;
}
+#endif
if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
logit("sshd: no hostkeys available -- exiting.");
exit(1);
/* Log the connection. */
verbose("Connection from %.500s port %d", remote_ip, remote_port);
+#ifdef USE_SECURITY_SESSION_API
+ /*
+ * Create a new security session for use by the new user login if
+ * the current session is the root session or we are not launched
+ * by inetd (eg: debugging mode or server mode). We do not
+ * necessarily need to create a session if we are launched from
+ * inetd because Panther xinetd will create a session for us.
+ *
+ * The only case where this logic will fail is if there is an
+ * inetd running in a non-root session which is not creating
+ * new sessions for us. Then all the users will end up in the
+ * same session (bad).
+ *
+ * When the client exits, the session will be destroyed for us
+ * automatically.
+ *
+ * We must create the session before any credentials are stored
+ * (including AFS pags, which happens a few lines below).
+ */
+ {
+ OSStatus err = 0;
+ SecuritySessionId sid = 0;
+ SessionAttributeBits sattrs = 0;
+
+ err = SessionGetInfo(callerSecuritySession, &sid, &sattrs);
+ if (err)
+ error("SessionGetInfo() failed with error %.8X",
+ (unsigned) err);
+ else
+ debug("Current Session ID is %.8X / Session Attributes are %.8X",
+ (unsigned) sid, (unsigned) sattrs);
+
+ if (inetd_flag && !(sattrs & sessionIsRoot))
+ debug("Running in inetd mode in a non-root session... "
+ "assuming inetd created the session for us.");
+ else {
+ debug("Creating new security session...");
+ err = SessionCreate(0, sessionHasTTY | sessionIsRemote);
+ if (err)
+ error("SessionCreate() failed with error %.8X",
+ (unsigned) err);
+
+ err = SessionGetInfo(callerSecuritySession, &sid,
+ &sattrs);
+ if (err)
+ error("SessionGetInfo() failed with error %.8X",
+ (unsigned) err);
+ else
+ debug("New Session ID is %.8X / Session Attributes are %.8X",
+ (unsigned) sid, (unsigned) sattrs);
+ }
+ }
+#endif
+
/*
* We don't want to listen forever unless the other side
* successfully authenticates itself. So we set up an alarm which is
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
+#ifdef GSSAPI
+ {
+ char *orig;
+ char *gss = NULL;
+ char *newstr = NULL;
+ orig = myproposal[PROPOSAL_KEX_ALGS];
+
+ /*
+ * If we don't have a host key, then there's no point advertising
+ * the other key exchange algorithms
+ */
+
+ if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)
+ orig = NULL;
+
+ if (options.gss_keyex)
+ gss = ssh_gssapi_server_mechanisms();
+ else
+ gss = NULL;
+
+ if (gss && orig)
+ xasprintf(&newstr, "%s,%s", gss, orig);
+ else if (gss)
+ newstr = gss;
+ else if (orig)
+ newstr = orig;
+
+ /*
+ * If we've got GSSAPI mechanisms, then we've got the 'null' host
+ * key alg, but we can't tell people about it unless its the only
+ * host key algorithm we support
+ */
+ if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0)
+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null";
+
+ if (newstr)
+ myproposal[PROPOSAL_KEX_ALGS] = newstr;
+ else
+ fatal("No supported key exchange algorithms");
+ }
+#endif
+
/* start key exchange */
kex = kex_setup(myproposal);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#ifdef GSSAPI
+ if (options.gss_keyex) {
+ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
+ kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
+ }
+#endif
kex->server = 1;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;