diff --git a/apps/wolfsshd/wolfsshd.c b/apps/wolfsshd/wolfsshd.c index b25a3f2fb..5dbc97c54 100644 --- a/apps/wolfsshd/wolfsshd.c +++ b/apps/wolfsshd/wolfsshd.c @@ -595,12 +595,10 @@ static int SCP_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh, if (wolfSSHD_AuthReducePermissionsUser(conn->auth, pPasswd->pw_uid, pPasswd->pw_gid) != WS_SUCCESS) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error setting user ID"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - /* stop everything if not able to reduce permissions level */ - exit(1); - } - - return WS_FATAL_ERROR; + /* could not drop to the authenticated user; terminate the + * per-connection process rather than continue at a higher + * privilege level */ + exit(1); } #else /* impersonate the logged on user for file permissions */ @@ -714,12 +712,10 @@ static int SFTP_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh, if (wolfSSHD_AuthReducePermissionsUser(conn->auth, pPasswd->pw_uid, pPasswd->pw_gid) != WS_SUCCESS) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error setting user ID"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - /* stop everything if not able to reduce permissions level */ - exit(1); - } - - return WS_FATAL_ERROR; + /* could not drop to the authenticated user; terminate the + * per-connection process rather than continue at a higher + * privilege level */ + exit(1); } #else char r[MAX_PATH]; @@ -1424,29 +1420,23 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh, if (dup2(stdinPipe[0], STDIN_FILENO) == -1) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error redirecting stdin pipe"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - exit(1); - } - - return WS_FATAL_ERROR; + /* exit rather than return into the connection handler + * while still at a raised privilege level */ + exit(1); } if (dup2(stdoutPipe[1], STDOUT_FILENO) == -1) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error redirecting stdout pipe"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - exit(1); - } - - return WS_FATAL_ERROR; + /* exit rather than return into the connection handler + * while still at a raised privilege level */ + exit(1); } if (dup2(stderrPipe[1], STDERR_FILENO) == -1) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error redirecting stderr pipe"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - exit(1); - } - - return WS_FATAL_ERROR; + /* exit rather than return into the connection handler + * while still at a raised privilege level */ + exit(1); } } @@ -1454,47 +1444,36 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh, if (wolfSSHD_AuthSetGroups(conn->auth, wolfSSH_GetUsername(ssh), pPasswd->pw_gid) != WS_SUCCESS) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error setting groups"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - /* stop everything if not able to reduce permissions level */ - exit(1); - } - - return WS_FATAL_ERROR; + /* exit rather than return into the connection handler while + * still at a raised privilege level */ + exit(1); } rc = SetupChroot(usrConf); if (rc < 0) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error setting chroot"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - /* stop everything if not able to reduce permissions level */ - exit(1); - } - - return WS_FATAL_ERROR; + /* exit rather than return into the connection handler while + * still at a raised privilege level */ + exit(1); } else if (rc == 1) { rc = chdir("/"); if (rc != 0) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error going to / after chroot"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - /* stop everything if not able to reduce permissions level */ - exit(1); - } - - return WS_FATAL_ERROR; + /* exit rather than return into the connection handler + * while still at a raised privilege level */ + exit(1); } } if (wolfSSHD_AuthReducePermissionsUser(conn->auth, pPasswd->pw_uid, pPasswd->pw_gid) != WS_SUCCESS) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error setting user ID"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - /* stop everything if not able to reduce permissions level */ - exit(1); - } - - return WS_FATAL_ERROR; + /* could not drop to the authenticated user; terminate this + * child rather than return into the connection handler at a + * higher privilege level */ + exit(1); } setenv("HOME", pPasswd->pw_dir, 1); @@ -1559,12 +1538,11 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh, if (wolfSSHD_AuthReducePermissionsUser(conn->auth, pPasswd->pw_uid, pPasswd->pw_gid) != WS_SUCCESS) { wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error setting user ID"); - if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) { - /* stop everything if not able to reduce permissions level */ - exit(1); - } - - return WS_FATAL_ERROR; + /* could not drop to the authenticated user; kill the already + * forked shell child and terminate the per-connection process + * rather than continue at a higher privilege level */ + kill(childPid, SIGKILL); + exit(1); } sshFd = wolfSSH_get_fd(ssh); @@ -2097,7 +2075,8 @@ static void* HandleConnection(void* arg) #ifdef WOLFSSH_SHELL if (ret == WS_SUCCESS) { wolfSSH_Log(WS_LOG_INFO, "[SSHD] Entering new shell"); - SHELL_Subsystem(conn, ssh, pPasswd, usrConf, NULL); + ret = SHELL_Subsystem(conn, ssh, pPasswd, usrConf, + NULL); } #else wolfSSH_Log(WS_LOG_ERROR, @@ -2143,7 +2122,7 @@ static void* HandleConnection(void* arg) wolfSSH_Log(WS_LOG_INFO, "[SSHD] Entering exec session [%s]", wolfSSH_GetSessionCommand(ssh)); - SHELL_Subsystem(conn, ssh, pPasswd, usrConf, + ret = SHELL_Subsystem(conn, ssh, pPasswd, usrConf, wolfSSH_GetSessionCommand(ssh)); } #endif /* WOLFSSH_SHELL */