diff options
| author | Damien Miller <djm@mindrot.org> | 2002-02-05 12:26:03 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2002-02-05 12:26:03 +1100 |
| commit | 9b74bfc5be938d1bf5012c997c463b621c4fbffd (patch) | |
| tree | d56580998a6baed78ea35587eb33c2a5f4f27aa3 | |
| parent | 4d4d53f39951373505b0b3be915860e621d18a9e (diff) | |
- markus@cvs.openbsd.org 2002/02/04 11:58:10
[auth2.c]
cross checking of announced vs actual pktype in pubkey/hostbaed auth; ok stevesk@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth2.c | 143 |
2 files changed, 83 insertions, 66 deletions
| @@ -81,6 +81,10 @@ | |||
| 81 | - stevesk@cvs.openbsd.org 2002/02/04 00:53:39 | 81 | - stevesk@cvs.openbsd.org 2002/02/04 00:53:39 |
| 82 | [ssh-agent.c] | 82 | [ssh-agent.c] |
| 83 | unneeded includes | 83 | unneeded includes |
| 84 | - markus@cvs.openbsd.org 2002/02/04 11:58:10 | ||
| 85 | [auth2.c] | ||
| 86 | cross checking of announced vs actual pktype in pubkey/hostbaed auth; | ||
| 87 | ok stevesk@ | ||
| 84 | 88 | ||
| 85 | 20020130 | 89 | 20020130 |
| 86 | - (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@ | 90 | - (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@ |
| @@ -7483,4 +7487,4 @@ | |||
| 7483 | - Wrote replacements for strlcpy and mkdtemp | 7487 | - Wrote replacements for strlcpy and mkdtemp |
| 7484 | - Released 1.0pre1 | 7488 | - Released 1.0pre1 |
| 7485 | 7489 | ||
| 7486 | $Id: ChangeLog,v 1.1821 2002/02/05 01:25:28 djm Exp $ | 7490 | $Id: ChangeLog,v 1.1822 2002/02/05 01:26:03 djm Exp $ |
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: auth2.c,v 1.83 2002/01/29 14:32:03 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.84 2002/02/04 11:58:10 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
| 29 | 29 | ||
| @@ -397,7 +397,7 @@ static int | |||
| 397 | userauth_pubkey(Authctxt *authctxt) | 397 | userauth_pubkey(Authctxt *authctxt) |
| 398 | { | 398 | { |
| 399 | Buffer b; | 399 | Buffer b; |
| 400 | Key *key; | 400 | Key *key = NULL; |
| 401 | char *pkalg, *pkblob, *sig; | 401 | char *pkalg, *pkblob, *sig; |
| 402 | u_int alen, blen, slen; | 402 | u_int alen, blen, slen; |
| 403 | int have_sig, pktype; | 403 | int have_sig, pktype; |
| @@ -424,72 +424,80 @@ userauth_pubkey(Authctxt *authctxt) | |||
| 424 | pktype = key_type_from_name(pkalg); | 424 | pktype = key_type_from_name(pkalg); |
| 425 | if (pktype == KEY_UNSPEC) { | 425 | if (pktype == KEY_UNSPEC) { |
| 426 | /* this is perfectly legal */ | 426 | /* this is perfectly legal */ |
| 427 | log("userauth_pubkey: unsupported public key algorithm: %s", pkalg); | 427 | log("userauth_pubkey: unsupported public key algorithm: %s", |
| 428 | xfree(pkalg); | 428 | pkalg); |
| 429 | xfree(pkblob); | 429 | goto done; |
| 430 | return 0; | ||
| 431 | } | 430 | } |
| 432 | key = key_from_blob(pkblob, blen); | 431 | key = key_from_blob(pkblob, blen); |
| 433 | if (key != NULL) { | 432 | if (key == NULL) { |
| 434 | if (have_sig) { | 433 | error("userauth_pubkey: cannot decode key: %s", pkalg); |
| 435 | sig = packet_get_string(&slen); | 434 | goto done; |
| 436 | packet_check_eom(); | 435 | } |
| 437 | buffer_init(&b); | 436 | if (key->type != pktype) { |
| 438 | if (datafellows & SSH_OLD_SESSIONID) { | 437 | error("userauth_pubkey: type mismatch for decoded key " |
| 439 | buffer_append(&b, session_id2, session_id2_len); | 438 | "(received %d, expected %d)", key->type, pktype); |
| 440 | } else { | 439 | goto done; |
| 441 | buffer_put_string(&b, session_id2, session_id2_len); | 440 | } |
| 442 | } | 441 | if (have_sig) { |
| 443 | /* reconstruct packet */ | 442 | sig = packet_get_string(&slen); |
| 444 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 443 | packet_check_eom(); |
| 445 | buffer_put_cstring(&b, authctxt->user); | 444 | buffer_init(&b); |
| 446 | buffer_put_cstring(&b, | 445 | if (datafellows & SSH_OLD_SESSIONID) { |
| 447 | datafellows & SSH_BUG_PKSERVICE ? | 446 | buffer_append(&b, session_id2, session_id2_len); |
| 448 | "ssh-userauth" : | 447 | } else { |
| 449 | authctxt->service); | 448 | buffer_put_string(&b, session_id2, session_id2_len); |
| 450 | if (datafellows & SSH_BUG_PKAUTH) { | 449 | } |
| 451 | buffer_put_char(&b, have_sig); | 450 | /* reconstruct packet */ |
| 452 | } else { | 451 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
| 453 | buffer_put_cstring(&b, "publickey"); | 452 | buffer_put_cstring(&b, authctxt->user); |
| 454 | buffer_put_char(&b, have_sig); | 453 | buffer_put_cstring(&b, |
| 455 | buffer_put_cstring(&b, pkalg); | 454 | datafellows & SSH_BUG_PKSERVICE ? |
| 456 | } | 455 | "ssh-userauth" : |
| 457 | buffer_put_string(&b, pkblob, blen); | 456 | authctxt->service); |
| 457 | if (datafellows & SSH_BUG_PKAUTH) { | ||
| 458 | buffer_put_char(&b, have_sig); | ||
| 459 | } else { | ||
| 460 | buffer_put_cstring(&b, "publickey"); | ||
| 461 | buffer_put_char(&b, have_sig); | ||
| 462 | buffer_put_cstring(&b, pkalg); | ||
| 463 | } | ||
| 464 | buffer_put_string(&b, pkblob, blen); | ||
| 458 | #ifdef DEBUG_PK | 465 | #ifdef DEBUG_PK |
| 459 | buffer_dump(&b); | 466 | buffer_dump(&b); |
| 460 | #endif | 467 | #endif |
| 461 | /* test for correct signature */ | 468 | /* test for correct signature */ |
| 462 | if (user_key_allowed(authctxt->pw, key) && | 469 | if (user_key_allowed(authctxt->pw, key) && |
| 463 | key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) | 470 | key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) |
| 464 | authenticated = 1; | 471 | authenticated = 1; |
| 465 | buffer_clear(&b); | 472 | buffer_clear(&b); |
| 466 | xfree(sig); | 473 | xfree(sig); |
| 467 | } else { | 474 | } else { |
| 468 | debug("test whether pkalg/pkblob are acceptable"); | 475 | debug("test whether pkalg/pkblob are acceptable"); |
| 469 | packet_check_eom(); | 476 | packet_check_eom(); |
| 470 | 477 | ||
| 471 | /* XXX fake reply and always send PK_OK ? */ | 478 | /* XXX fake reply and always send PK_OK ? */ |
| 472 | /* | 479 | /* |
| 473 | * XXX this allows testing whether a user is allowed | 480 | * XXX this allows testing whether a user is allowed |
| 474 | * to login: if you happen to have a valid pubkey this | 481 | * to login: if you happen to have a valid pubkey this |
| 475 | * message is sent. the message is NEVER sent at all | 482 | * message is sent. the message is NEVER sent at all |
| 476 | * if a user is not allowed to login. is this an | 483 | * if a user is not allowed to login. is this an |
| 477 | * issue? -markus | 484 | * issue? -markus |
| 478 | */ | 485 | */ |
| 479 | if (user_key_allowed(authctxt->pw, key)) { | 486 | if (user_key_allowed(authctxt->pw, key)) { |
| 480 | packet_start(SSH2_MSG_USERAUTH_PK_OK); | 487 | packet_start(SSH2_MSG_USERAUTH_PK_OK); |
| 481 | packet_put_string(pkalg, alen); | 488 | packet_put_string(pkalg, alen); |
| 482 | packet_put_string(pkblob, blen); | 489 | packet_put_string(pkblob, blen); |
| 483 | packet_send(); | 490 | packet_send(); |
| 484 | packet_write_wait(); | 491 | packet_write_wait(); |
| 485 | authctxt->postponed = 1; | 492 | authctxt->postponed = 1; |
| 486 | } | ||
| 487 | } | 493 | } |
| 488 | if (authenticated != 1) | ||
| 489 | auth_clear_options(); | ||
| 490 | key_free(key); | ||
| 491 | } | 494 | } |
| 495 | if (authenticated != 1) | ||
| 496 | auth_clear_options(); | ||
| 497 | done: | ||
| 492 | debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); | 498 | debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); |
| 499 | if (key != NULL) | ||
| 500 | key_free(key); | ||
| 493 | xfree(pkalg); | 501 | xfree(pkalg); |
| 494 | xfree(pkblob); | 502 | xfree(pkblob); |
| 495 | #ifdef HAVE_CYGWIN | 503 | #ifdef HAVE_CYGWIN |
| @@ -503,7 +511,7 @@ static int | |||
| 503 | userauth_hostbased(Authctxt *authctxt) | 511 | userauth_hostbased(Authctxt *authctxt) |
| 504 | { | 512 | { |
| 505 | Buffer b; | 513 | Buffer b; |
| 506 | Key *key; | 514 | Key *key = NULL; |
| 507 | char *pkalg, *pkblob, *sig, *cuser, *chost, *service; | 515 | char *pkalg, *pkblob, *sig, *cuser, *chost, *service; |
| 508 | u_int alen, blen, slen; | 516 | u_int alen, blen, slen; |
| 509 | int pktype; | 517 | int pktype; |
| @@ -537,7 +545,12 @@ userauth_hostbased(Authctxt *authctxt) | |||
| 537 | } | 545 | } |
| 538 | key = key_from_blob(pkblob, blen); | 546 | key = key_from_blob(pkblob, blen); |
| 539 | if (key == NULL) { | 547 | if (key == NULL) { |
| 540 | debug("userauth_hostbased: cannot decode key: %s", pkalg); | 548 | error("userauth_hostbased: cannot decode key: %s", pkalg); |
| 549 | goto done; | ||
| 550 | } | ||
| 551 | if (key->type != pktype) { | ||
| 552 | error("userauth_hostbased: type mismatch for decoded key " | ||
| 553 | "(received %d, expected %d)", key->type, pktype); | ||
| 541 | goto done; | 554 | goto done; |
| 542 | } | 555 | } |
| 543 | service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : | 556 | service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : |
| @@ -562,10 +575,10 @@ userauth_hostbased(Authctxt *authctxt) | |||
| 562 | authenticated = 1; | 575 | authenticated = 1; |
| 563 | 576 | ||
| 564 | buffer_clear(&b); | 577 | buffer_clear(&b); |
| 565 | key_free(key); | ||
| 566 | |||
| 567 | done: | 578 | done: |
| 568 | debug2("userauth_hostbased: authenticated %d", authenticated); | 579 | debug2("userauth_hostbased: authenticated %d", authenticated); |
| 580 | if (key != NULL) | ||
| 581 | key_free(key); | ||
| 569 | xfree(pkalg); | 582 | xfree(pkalg); |
| 570 | xfree(pkblob); | 583 | xfree(pkblob); |
| 571 | xfree(cuser); | 584 | xfree(cuser); |