vishalmishra434 / rpms / openssh

Forked from rpms/openssh 3 months ago
Clone
Jan F 003cb0
diff -up openssh-5.8p1/auth2-pubkey.c.akc openssh-5.8p1/auth2-pubkey.c
Jan F 003cb0
--- openssh-5.8p1/auth2-pubkey.c.akc	2011-02-10 13:21:27.000000000 +0100
Jan F 003cb0
+++ openssh-5.8p1/auth2-pubkey.c	2011-02-10 13:21:28.000000000 +0100
Jan F. Chadima 7818e5
@@ -27,6 +27,7 @@
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
 #include <sys/types.h>
Jan F. Chadima 7818e5
 #include <sys/stat.h>
Jan F. Chadima 7818e5
+#include <sys/wait.h>
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
 #include <fcntl.h>
Jan F. Chadima 7818e5
 #include <pwd.h>
Jan F 003cb0
@@ -268,27 +269,15 @@ match_principals_file(char *file, struct
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
 /* return 1 if user allows given key */
Jan F. Chadima 7818e5
 static int
Jan F. Chadima 7818e5
-user_key_allowed2(struct passwd *pw, Key *key, char *file)
Jan F. Chadima 7818e5
+user_search_key_in_file(FILE *f, char *file, Key* key, struct passwd *pw)
Jan F. Chadima 7818e5
 {
Jan F. Chadima 7818e5
 	char line[SSH_MAX_PUBKEY_BYTES];
Jan F. Chadima 7818e5
 	const char *reason;
Jan F. Chadima 7818e5
 	int found_key = 0;
Jan F. Chadima 7818e5
-	FILE *f;
Jan F. Chadima 7818e5
 	u_long linenum = 0;
Jan F. Chadima 7818e5
 	Key *found;
Jan F. Chadima 7818e5
 	char *fp;
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
-	/* Temporarily use the user's uid. */
Jan F. Chadima 7818e5
-	temporarily_use_uid(pw);
Jan F. Chadima 7818e5
-
Jan F. Chadima 7818e5
-	debug("trying public key file %s", file);
Jan F. Chadima 7818e5
-	f = auth_openkeyfile(file, pw, options.strict_modes);
Jan F. Chadima 7818e5
-
Jan F. Chadima 7818e5
-	if (!f) {
Jan F. Chadima 7818e5
-		restore_uid();
Jan F. Chadima 7818e5
-		return 0;
Jan F. Chadima 7818e5
-	}
Jan F. Chadima 7818e5
-
Jan F. Chadima 7818e5
 	found_key = 0;
Jan F. Chadima 7818e5
 	found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
Jan F. Chadima 7818e5
 
Jan F 003cb0
@@ -381,8 +370,6 @@ user_key_allowed2(struct passwd *pw, Key
Jan F. Chadima 7818e5
 			break;
Jan F. Chadima 7818e5
 		}
Jan F. Chadima 7818e5
 	}
Jan F. Chadima 7818e5
-	restore_uid();
Jan F. Chadima 7818e5
-	fclose(f);
Jan F. Chadima 7818e5
 	key_free(found);
Jan F. Chadima 7818e5
 	if (!found_key)
Jan F. Chadima 7818e5
 		debug2("key not found");
Jan F 003cb0
@@ -444,13 +431,191 @@ user_cert_trusted_ca(struct passwd *pw, 
Jan F. Chadima 7818e5
 	return ret;
Jan F. Chadima 7818e5
 }
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
-/* check whether given key is in .ssh/authorized_keys* */
Jan F. Chadima 7818e5
+/* return 1 if user allows given key */
Jan F. Chadima 7818e5
+static int
Jan F. Chadima 7818e5
+user_key_allowed2(struct passwd *pw, Key *key, char *file)
Jan F. Chadima 7818e5
+{
Jan F. Chadima 7818e5
+	FILE *f;
Jan F. Chadima 7818e5
+	int found_key = 0;
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	/* Temporarily use the user's uid. */
Jan F. Chadima 7818e5
+	temporarily_use_uid(pw);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	debug("trying public key file %s", file);
Jan F. Chadima 7818e5
+	f = auth_openkeyfile(file, pw, options.strict_modes);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+ 	if (f) {
Jan F. Chadima 7818e5
+ 		found_key = user_search_key_in_file (f, file, key, pw);
Jan F. Chadima 7818e5
+		fclose(f);
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	restore_uid();
Jan F. Chadima 7818e5
+	return found_key;
Jan F. Chadima 7818e5
+}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+#ifdef WITH_AUTHORIZED_KEYS_COMMAND
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+#define WHITESPACE " \t\r\n"
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+/* return 1 if user allows given key */
Jan F. Chadima 7818e5
+static int
Jan F. Chadima 7818e5
+user_key_via_command_allowed2(struct passwd *pw, Key *key)
Jan F. Chadima 7818e5
+{
Jan F. Chadima 7818e5
+	FILE *f;
Jan F. Chadima 7818e5
+	int found_key = 0;
Jan F. Chadima 7818e5
+	char *progname = NULL;
Jan F. Chadima 7818e5
+	char *cp;
Jan F. Chadima 7818e5
+	struct passwd *runas_pw;
Jan F. Chadima 7818e5
+	struct stat st;
Jan F. Chadima 7818e5
+	int childdescriptors[2], i;
Jan F. Chadima 7818e5
+	pid_t pstat, pid, child;
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	if (options.authorized_keys_command == NULL || options.authorized_keys_command[0] != '/')
Jan F. Chadima 7818e5
+		return -1;
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	/* get the run as identity from config */
Jan F. Chadima 7818e5
+	runas_pw = (options.authorized_keys_command_runas == NULL)? pw
Jan F. Chadima 7818e5
+	    : getpwnam (options.authorized_keys_command_runas);
Jan F. Chadima 7818e5
+	if (!runas_pw) {
Jan F. Chadima 7818e5
+		error("%s: getpwnam(\"%s\"): %s", __func__,
Jan F. Chadima 7818e5
+		    options.authorized_keys_command_runas, strerror(errno));
Jan F. Chadima 7818e5
+		return 0;
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	/* Temporarily use the specified uid. */
Jan F. Chadima 7818e5
+	if (runas_pw->pw_uid != 0)
Jan F. Chadima 7818e5
+		temporarily_use_uid(runas_pw);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	progname = xstrdup(options.authorized_keys_command);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	debug3("%s: checking program '%s'", __func__, progname);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	if (stat (progname, &st) < 0) {
Jan F. Chadima 7818e5
+		error("%s: stat(\"%s\"): %s", __func__,
Jan F. Chadima 7818e5
+		    progname, strerror(errno));
Jan F. Chadima 7818e5
+		goto go_away;
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	if (st.st_uid != 0 || (st.st_mode & 022) != 0) {
Jan F. Chadima 7818e5
+		error("bad ownership or modes for AuthorizedKeysCommand \"%s\"",
Jan F. Chadima 7818e5
+		    progname);
Jan F. Chadima 7818e5
+		goto go_away;
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	if (!S_ISREG(st.st_mode)) {
Jan F. Chadima 7818e5
+		error("AuthorizedKeysCommand \"%s\" is not a regular file",
Jan F. Chadima 7818e5
+		    progname);
Jan F. Chadima 7818e5
+		goto go_away;
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	/*
Jan F. Chadima 7818e5
+	 * Descend the path, checking that each component is a
Jan F. Chadima 7818e5
+	 * root-owned directory with strict permissions.
Jan F. Chadima 7818e5
+	 */
Jan F. Chadima 7818e5
+	do {
Jan F. Chadima 7818e5
+		if ((cp = strrchr(progname, '/')) == NULL)
Jan F. Chadima 7818e5
+			break;
Jan F. Chadima 7818e5
+		else 
Jan F. Chadima 7818e5
+			*cp = '\0';
Jan F. Chadima 7818e5
+	
Jan F. Chadima 7818e5
+		debug3("%s: checking component '%s'", __func__, (*progname == '\0' ? "/" : progname));
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+		if (stat((*progname == '\0' ? "/" : progname), &st) != 0) {
Jan F. Chadima 7818e5
+			error("%s: stat(\"%s\"): %s", __func__,
Jan F. Chadima 7818e5
+			    progname, strerror(errno));
Jan F. Chadima 7818e5
+			goto go_away;
Jan F. Chadima 7818e5
+		}
Jan F. Chadima 7818e5
+		if (st.st_uid != 0 || (st.st_mode & 022) != 0) {
Jan F. Chadima 7818e5
+			error("bad ownership or modes for AuthorizedKeysCommand path component \"%s\"",
Jan F. Chadima 7818e5
+			    progname);
Jan F. Chadima 7818e5
+			goto go_away;
Jan F. Chadima 7818e5
+		}
Jan F. Chadima 7818e5
+		if (!S_ISDIR(st.st_mode)) {
Jan F. Chadima 7818e5
+			error("AuthorizedKeysCommand path component \"%s\" is not a directory",
Jan F. Chadima 7818e5
+			    progname);
Jan F. Chadima 7818e5
+			goto go_away;
Jan F. Chadima 7818e5
+		}
Jan F. Chadima 7818e5
+	} while (1);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	/* open the pipe and read the keys */
Jan F. Chadima 7818e5
+	if (pipe(childdescriptors)) {
Jan F. Chadima 7818e5
+		error("failed to pipe(2) for AuthorizedKeysCommand: %s",
Jan F. Chadima 7818e5
+		    strerror(errno));
Jan F. Chadima 7818e5
+		goto go_away;
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	child = fork();
Jan F. Chadima 7818e5
+	if (child == -1) {
Jan F. Chadima 7818e5
+		error("failed to fork(2) for AuthorizedKeysCommand: %s",
Jan F. Chadima 7818e5
+		    strerror(errno));
Jan F. Chadima 7818e5
+		goto go_away;
Jan F. Chadima 7818e5
+	} else if (child == 0) {
Jan F. Chadima 7818e5
+		/* we're in the child process here -- we should never return from this block. */
Jan F. Chadima 7818e5
+		/* permanently drop privs in child process */
Jan F. Chadima 7818e5
+		if (runas_pw->pw_uid != 0) {
Jan F. Chadima 7818e5
+			restore_uid();
Jan F. Chadima 7818e5
+			permanently_set_uid(runas_pw);
Jan F. Chadima 7818e5
+	  	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+		close(childdescriptors[0]);
Jan F. Chadima 7818e5
+		/* put the write end of the pipe on stdout (FD 1) */
Jan F. Chadima 7818e5
+		if (dup2(childdescriptors[1], 1) == -1) {
Jan F. Chadima 7818e5
+			error("failed to dup2(2) from AuthorizedKeysCommand: %s",
Jan F. Chadima 7818e5
+			    strerror(errno));
Jan F. Chadima 7818e5
+			_exit(127);
Jan F. Chadima 7818e5
+		}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+		debug3("about to execl() AuthorizedKeysCommand: \"%s\" \"%s\"", options.authorized_keys_command, pw->pw_name);
Jan F. Chadima 7818e5
+		/* see session.c:child_close_fds() */
Jan F. Chadima 7818e5
+		for (i = 3; i < 64; ++i) {
Jan F. Chadima 7818e5
+			close(i);
Jan F. Chadima 7818e5
+		}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+		execl(options.authorized_keys_command, options.authorized_keys_command, pw->pw_name, NULL);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+		/* if we got here, it didn't work */
Jan F. Chadima 7818e5
+		error("failed to execl AuthorizedKeysCommand: %s", strerror(errno)); /* this won't work because we closed the fds above */
Jan F. Chadima 7818e5
+		_exit(127);
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+	
Jan F. Chadima 7818e5
+	close(childdescriptors[1]);
Jan F. Chadima 7818e5
+	f = fdopen(childdescriptors[0], "r");
Jan F. Chadima 7818e5
+	if (!f) {
Jan F. Chadima 7818e5
+		error("%s: could not buffer FDs from AuthorizedKeysCommand (\"%s\", \"r\"): %s", __func__,
Jan F. Chadima 7818e5
+		    options.authorized_keys_command, strerror (errno));
Jan F. Chadima 7818e5
+		goto go_away;
Jan F. Chadima 7818e5
+	}
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	found_key = user_search_key_in_file (f, options.authorized_keys_command, key, pw);
Jan F. Chadima 7818e5
+	fclose (f);
Jan F. Chadima 7818e5
+	do {
Jan F. Chadima 7818e5
+		pid = waitpid(child, &pstat, 0);
Jan F. Chadima 7818e5
+	} while (pid == -1 && errno == EINTR);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	/* what about the return value from the child process? */
Jan F. Chadima 7818e5
+go_away:
Jan F. Chadima 7818e5
+	if (progname)
Jan F. Chadima 7818e5
+		xfree (progname);
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	if (runas_pw->pw_uid != 0)
Jan F. Chadima 7818e5
+		restore_uid();
Jan F. Chadima 7818e5
+	return found_key;
Jan F. Chadima 7818e5
+}
Jan F. Chadima 7818e5
+#endif
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+/* check whether given key is in 
Jan F. Chadima 7818e5
 int
Jan F. Chadima 7818e5
 user_key_allowed(struct passwd *pw, Key *key)
Jan F. Chadima 7818e5
 {
Jan F. Chadima 7818e5
 	int success;
Jan F. Chadima 7818e5
 	char *file;
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
+#ifdef WITH_AUTHORIZED_KEYS_COMMAND
Jan F. Chadima 7818e5
+	success = user_key_via_command_allowed2(pw, key);
Jan F. Chadima 7818e5
+	if (success > 0)
Jan F. Chadima 7818e5
+		return success;
Jan F. Chadima 7818e5
+#endif
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
 	if (auth_key_is_revoked(key))
Jan F. Chadima 7818e5
 		return 0;
Jan F. Chadima 7818e5
 	if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
Jan F 003cb0
diff -up openssh-5.8p1/configure.ac.akc openssh-5.8p1/configure.ac
Jan F 003cb0
--- openssh-5.8p1/configure.ac.akc	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
+++ openssh-5.8p1/configure.ac	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
@@ -1422,6 +1422,18 @@ AC_ARG_WITH(audit,
Jan F. Chadima 7818e5
 	esac ]
Jan F. Chadima 7818e5
 )
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
+# Check whether user wants AuthorizedKeysCommand support
Jan F. Chadima 7818e5
+AKC_MSG="no"
Jan F. Chadima 7818e5
+AC_ARG_WITH(authorized-keys-command,
Jan F. Chadima 7818e5
+	[  --with-authorized-keys-command      Enable AuthorizedKeysCommand support],
Jan F. Chadima 7818e5
+	[
Jan F. Chadima 7818e5
+		if test "x$withval" != "xno" ; then
Jan F. Chadima 7818e5
+			AC_DEFINE([WITH_AUTHORIZED_KEYS_COMMAND], 1, [Enable AuthorizedKeysCommand support])
Jan F. Chadima 7818e5
+			AKC_MSG="yes"
Jan F. Chadima 7818e5
+		fi
Jan F. Chadima 7818e5
+	]
Jan F. Chadima 7818e5
+)
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
 dnl    Checks for library functions. Please keep in alphabetical order
Jan F. Chadima 7818e5
 AC_CHECK_FUNCS( \
Jan F. Chadima 7818e5
 	arc4random \
Jan F 003cb0
@@ -4325,6 +4337,7 @@ echo "                   SELinux support
Jan F. Chadima 7818e5
 echo "                 Smartcard support: $SCARD_MSG"
Jan F. Chadima 7818e5
 echo "                     S/KEY support: $SKEY_MSG"
Jan F. Chadima 7818e5
 echo "              TCP Wrappers support: $TCPW_MSG"
Jan F. Chadima 7818e5
+echo "     AuthorizedKeysCommand support: $AKC_MSG"
Jan F. Chadima 7818e5
 echo "              MD5 password support: $MD5_MSG"
Jan F. Chadima 7818e5
 echo "                   libedit support: $LIBEDIT_MSG"
Jan F. Chadima 7818e5
 echo "  Solaris process contract support: $SPC_MSG"
Jan F 003cb0
diff -up openssh-5.8p1/servconf.c.akc openssh-5.8p1/servconf.c
Jan F 003cb0
--- openssh-5.8p1/servconf.c.akc	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
+++ openssh-5.8p1/servconf.c	2011-02-10 13:28:21.000000000 +0100
Jan F 003cb0
@@ -134,6 +134,8 @@ initialize_server_options(ServerOptions 
Jan F. Chadima 7818e5
 	options->num_permitted_opens = -1;
Jan F. Chadima 7818e5
 	options->adm_forced_command = NULL;
Jan F. Chadima 7818e5
 	options->chroot_directory = NULL;
Jan F. Chadima 7818e5
+	options->authorized_keys_command = NULL;
Jan F. Chadima 7818e5
+	options->authorized_keys_command_runas = NULL;
Jan F. Chadima 7818e5
 	options->zero_knowledge_password_authentication = -1;
Jan F. Chadima 7818e5
 	options->revoked_keys_file = NULL;
Jan F. Chadima 7818e5
 	options->trusted_user_ca_keys = NULL;
Jan F 003cb0
@@ -331,6 +333,7 @@ typedef enum {
Jan F. Chadima 7818e5
 	sZeroKnowledgePasswordAuthentication, sHostCertificate,
Jan F. Chadima 1b8a26
 	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
Jan F 003cb0
 	sKexAlgorithms, sIPQoS,
Jan F. Chadima 7818e5
+	sAuthorizedKeysCommand, sAuthorizedKeysCommandRunAs,
Jan F. Chadima 7818e5
 	sDeprecated, sUnsupported
Jan F. Chadima 7818e5
 } ServerOpCodes;
Jan F. Chadima 7818e5
 
Jan F 003cb0
@@ -456,6 +459,13 @@ static struct {
Jan F. Chadima 1b8a26
 	{ "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
Jan F 003cb0
 	{ "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
Jan F 003cb0
 	{ "ipqos", sIPQoS, SSHCFG_ALL },
Jan F. Chadima 7818e5
+#ifdef WITH_AUTHORIZED_KEYS_COMMAND
Jan F. Chadima 7818e5
+	{ "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL },
Jan F. Chadima 7818e5
+	{ "authorizedkeyscommandrunas", sAuthorizedKeysCommandRunAs, SSHCFG_ALL },
Jan F. Chadima 7818e5
+#else
Jan F. Chadima 7818e5
+	{ "authorizedkeyscommand", sUnsupported, SSHCFG_ALL },
Jan F. Chadima 7818e5
+	{ "authorizedkeyscommandrunas", sUnsupported, SSHCFG_ALL },
Jan F. Chadima 7818e5
+#endif
Jan F. Chadima 7818e5
 	{ NULL, sBadOption, 0 }
Jan F. Chadima 7818e5
 };
Jan F. Chadima 7818e5
 
Jan F 003cb0
@@ -1406,6 +1416,20 @@ process_server_config_line(ServerOptions
Jan F 003cb0
 		}
Jan F 003cb0
 		break;
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
+	case sAuthorizedKeysCommand:
Jan F. Chadima 7818e5
+		len = strspn(cp, WHITESPACE);
Jan F. Chadima 7818e5
+		if (*activep && options->authorized_keys_command == NULL)
Jan F. Chadima 7818e5
+			options->authorized_keys_command = xstrdup(cp + len);
Jan F. Chadima 7818e5
+		return 0;
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+	case sAuthorizedKeysCommandRunAs:
Jan F. Chadima 7818e5
+		charptr = &options->authorized_keys_command_runas;
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+		arg = strdelim(&cp;;
Jan F. Chadima 7818e5
+		if (*activep && *charptr == NULL)
Jan F. Chadima 7818e5
+			*charptr = xstrdup(arg);
Jan F. Chadima 7818e5
+		break;
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
 	case sDeprecated:
Jan F. Chadima 7818e5
 		logit("%s line %d: Deprecated option %s",
Jan F. Chadima 7818e5
 		    filename, linenum, arg);
Jan F 003cb0
@@ -1499,6 +1523,8 @@ copy_set_server_options(ServerOptions *d
Jan F. Chadima 7818e5
 	M_CP_INTOPT(gss_authentication);
Jan F. Chadima 7818e5
 	M_CP_INTOPT(rsa_authentication);
Jan F. Chadima 7818e5
 	M_CP_INTOPT(pubkey_authentication);
Jan F. Chadima 7818e5
+	M_CP_STROPT(authorized_keys_command);
Jan F. Chadima 7818e5
+	M_CP_STROPT(authorized_keys_command_runas);
Jan F. Chadima 7818e5
 	M_CP_INTOPT(kerberos_authentication);
Jan F. Chadima 7818e5
 	M_CP_INTOPT(hostbased_authentication);
Jan F. Chadima 1b8a26
 	M_CP_INTOPT(hostbased_uses_name_from_packet_only);
Jan F 003cb0
@@ -1753,6 +1779,8 @@ dump_config(ServerOptions *o)
Jan F. Chadima 7818e5
 	dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
Jan F. Chadima 1b8a26
 	dump_cfg_string(sAuthorizedPrincipalsFile,
Jan F. Chadima 1b8a26
 	    o->authorized_principals_file);
Jan F. Chadima 7818e5
+	dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);
Jan F. Chadima 7818e5
+	dump_cfg_string(sAuthorizedKeysCommandRunAs, o->authorized_keys_command_runas);
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
 	/* string arguments requiring a lookup */
Jan F. Chadima 7818e5
 	dump_cfg_string(sLogLevel, log_level_name(o->log_level));
Jan F 003cb0
diff -up openssh-5.8p1/servconf.h.akc openssh-5.8p1/servconf.h
Jan F 003cb0
--- openssh-5.8p1/servconf.h.akc	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
+++ openssh-5.8p1/servconf.h	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
@@ -161,6 +161,8 @@ typedef struct {
Jan F. Chadima 7818e5
 	char   *revoked_keys_file;
Jan F. Chadima 7818e5
 	char   *trusted_user_ca_keys;
Jan F. Chadima 1b8a26
 	char   *authorized_principals_file;
Jan F. Chadima 7818e5
+	char   *authorized_keys_command;
Jan F. Chadima 7818e5
+	char   *authorized_keys_command_runas;
Jan F. Chadima 7818e5
 }       ServerOptions;
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
 void	 initialize_server_options(ServerOptions *);
Jan F 003cb0
diff -up openssh-5.8p1/sshd_config.0.akc openssh-5.8p1/sshd_config.0
Jan F 003cb0
--- openssh-5.8p1/sshd_config.0.akc	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
+++ openssh-5.8p1/sshd_config.0	2011-02-10 13:21:28.000000000 +0100
Jan F. Chadima c6801b
@@ -71,6 +71,23 @@ DESCRIPTION
Jan F. Chadima 7818e5
 
Jan F. Chadima c6801b
              See PATTERNS in ssh_config(5) for more information on patterns.
Jan F. Chadima 7818e5
 
Jan F. Chadima 7818e5
+     AuthorizedKeysCommand
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+             Specifies a program to be used for lookup of the user's
Jan F. Chadima c6801b
+	     public keys.  The program will be invoked with its first
Jan F. Chadima c6801b
+	     argument the name of the user being authorized, and should produce 
Jan F. Chadima c6801b
+	     on standard output AuthorizedKeys lines (see AUTHORIZED_KEYS 
Jan F. Chadima c6801b
+	     in sshd(8)).  By default (or when set to the empty string) there is no
Jan F. Chadima c6801b
+	     AuthorizedKeysCommand run.  If the AuthorizedKeysCommand does not successfully
Jan F. Chadima c6801b
+	     authorize the user, authorization falls through to the
Jan F. Chadima c6801b
+	     AuthorizedKeysFile.  Note that this option has an effect
Jan F. Chadima c6801b
+	     only with PubkeyAuthentication turned on.
Jan F. Chadima 7818e5
+
Jan F. Chadima 7818e5
+     AuthorizedKeysCommandRunAs
Jan F. Chadima 7818e5
+             Specifies the user under whose account the AuthorizedKeysCommand is run.
Jan F. Chadima 7818e5
+             Empty string (the default value) means the user being authorized
Jan F. Chadima 7818e5
+             is used.
Jan F. Chadima 7818e5
+
Jan F. Chadima c6801b
      AuthorizedKeysFile
Jan F. Chadima c6801b
              Specifies the file that contains the public keys that can be used
Jan F. Chadima c6801b
              for user authentication.  The format is described in the
Jan F 003cb0
@@ -398,7 +415,8 @@ DESCRIPTION
Jan F. Chadima c6801b
 
Jan F. Chadima c6801b
              Only a subset of keywords may be used on the lines following a
Jan F. Chadima c6801b
              Match keyword.  Available keywords are AllowAgentForwarding,
Jan F. Chadima c6801b
-             AllowTcpForwarding, AuthorizedKeysFile, AuthorizedPrincipalsFile,
Jan F. Chadima c6801b
+             AllowTcpForwarding, AuthorizedKeysFile, AuthorizedKeysCommand,
Jan F. Chadima c6801b
+             AuthorizedKeysCommandRunAs, AuthorizedPrincipalsFile,
Jan F. Chadima c6801b
              Banner, ChrootDirectory, ForceCommand, GatewayPorts,
Jan F. Chadima c6801b
              GSSAPIAuthentication, HostbasedAuthentication,
Jan F. Chadima c6801b
              HostbasedUsesNameFromPacketOnly, KbdInteractiveAuthentication,
Jan F 003cb0
diff -up openssh-5.8p1/sshd_config.5.akc openssh-5.8p1/sshd_config.5
Jan F 003cb0
--- openssh-5.8p1/sshd_config.5.akc	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
+++ openssh-5.8p1/sshd_config.5	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
@@ -703,6 +703,8 @@ Available keywords are
Jan F. Chadima 1b8a26
 .Cm AllowAgentForwarding ,
Jan F. Chadima 1b8a26
 .Cm AllowTcpForwarding ,
Jan F. Chadima 1b8a26
 .Cm AuthorizedKeysFile ,
Jan F. Chadima 1b8a26
+.Cm AuthorizedKeysCommand ,
Jan F. Chadima 1b8a26
+.Cm AuthorizedKeysCommandRunAs ,
Jan F. Chadima 1b8a26
 .Cm AuthorizedPrincipalsFile ,
Jan F. Chadima 1b8a26
 .Cm Banner ,
Jan F. Chadima 1b8a26
 .Cm ChrootDirectory ,
Jan F 003cb0
@@ -715,6 +717,7 @@ Available keywords are
Jan F. Chadima 7818e5
 .Cm KerberosAuthentication ,
Jan F. Chadima 7818e5
 .Cm MaxAuthTries ,
Jan F. Chadima 7818e5
 .Cm MaxSessions ,
Jan F. Chadima 7818e5
+.Cm PubkeyAuthentication ,
Jan F. Chadima 7818e5
 .Cm PasswordAuthentication ,
Jan F. Chadima 7818e5
 .Cm PermitEmptyPasswords ,
Jan F. Chadima 7818e5
 .Cm PermitOpen ,
Jan F 003cb0
@@ -917,6 +920,20 @@ Specifies a list of revoked public keys.
Jan F. Chadima 7818e5
 Keys listed in this file will be refused for public key authentication.
Jan F. Chadima 7818e5
 Note that if this file is not readable, then public key authentication will
Jan F. Chadima 7818e5
 be refused for all users.
Jan F. Chadima 7818e5
+.It Cm AuthorizedKeysCommand
Jan F. Chadima 7818e5
+Specifies a program to be used for lookup of the user's
Jan F. Chadima 7818e5
+public keys.  The program will be invoked with its first
Jan F. Chadima 7818e5
+argument the name of the user being authorized, and should produce 
Jan F. Chadima 7818e5
+on standard output AuthorizedKeys lines (see AUTHORIZED_KEYS 
Jan F. Chadima 7818e5
+in sshd(8)).  By default (or when set to the empty string) there is no
Jan F. Chadima 7818e5
+AuthorizedKeysCommand run.  If the AuthorizedKeysCommand does not successfully
Jan F. Chadima 7818e5
+authorize the user, authorization falls through to the
Jan F. Chadima 7818e5
+AuthorizedKeysFile.  Note that this option has an effect
Jan F. Chadima 7818e5
+only with PubkeyAuthentication turned on.
Jan F. Chadima 7818e5
+.It Cm AuthorizedKeysCommandRunAs
Jan F. Chadima 7818e5
+Specifies the user under whose account the AuthorizedKeysCommand is run. Empty
Jan F. Chadima 7818e5
+string (the default value) means the user being authorized is used.
Jan F. Chadima 7818e5
+.Dq 
Jan F. Chadima 7818e5
 .It Cm RhostsRSAAuthentication
Jan F. Chadima 7818e5
 Specifies whether rhosts or /etc/hosts.equiv authentication together
Jan F. Chadima 7818e5
 with successful RSA host authentication is allowed.
Jan F 003cb0
diff -up openssh-5.8p1/sshd_config.akc openssh-5.8p1/sshd_config
Jan F 003cb0
--- openssh-5.8p1/sshd_config.akc	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
+++ openssh-5.8p1/sshd_config	2011-02-10 13:21:28.000000000 +0100
Jan F 003cb0
@@ -46,6 +46,8 @@ SyslogFacility AUTHPRIV
Jan F. Chadima 1b8a26
 #RSAAuthentication yes
Jan F. Chadima 1b8a26
 #PubkeyAuthentication yes
Jan F. Chadima 1b8a26
 #AuthorizedKeysFile	.ssh/authorized_keys
Jan F. Chadima 1b8a26
+#AuthorizedKeysCommand none
Jan F. Chadima 1b8a26
+#AuthorizedKeysCommandRunAs nobody
Jan F. Chadima 1b8a26
 
Jan F. Chadima 1b8a26
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
Jan F. Chadima 1b8a26
 #RhostsRSAAuthentication no