diff options
| author | Damien Miller <djm@mindrot.org> | 2010-04-16 15:56:21 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2010-04-16 15:56:21 +1000 |
| commit | 4e270b05dd9d850fb9e2e0ac43f33cb4090d3ebc (patch) | |
| tree | 4fc84942b5966e9f38f18a1257ac43ddbed336be /auth-options.c | |
| parent | 031c9100dfe3ee65a29084ebbd61965a76b3ad26 (diff) | |
- djm@cvs.openbsd.org 2010/04/16 01:47:26
[PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
[auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
[sshconnect.c sshconnect2.c sshd.c]
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
following changes:
move the nonce field to the beginning of the certificate where it can
better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/auth-options.c b/auth-options.c index 69b314fbd..60d5f749b 100644 --- a/auth-options.c +++ b/auth-options.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth-options.c,v 1.49 2010/03/16 15:46:52 stevesk Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.50 2010/04/16 01:47:26 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -27,10 +27,10 @@ | |||
| 27 | #include "canohost.h" | 27 | #include "canohost.h" |
| 28 | #include "buffer.h" | 28 | #include "buffer.h" |
| 29 | #include "channels.h" | 29 | #include "channels.h" |
| 30 | #include "auth-options.h" | ||
| 31 | #include "servconf.h" | 30 | #include "servconf.h" |
| 32 | #include "misc.h" | 31 | #include "misc.h" |
| 33 | #include "key.h" | 32 | #include "key.h" |
| 33 | #include "auth-options.h" | ||
| 34 | #include "hostfile.h" | 34 | #include "hostfile.h" |
| 35 | #include "auth.h" | 35 | #include "auth.h" |
| 36 | #ifdef GSSAPI | 36 | #ifdef GSSAPI |
| @@ -377,11 +377,11 @@ bad_option: | |||
| 377 | } | 377 | } |
| 378 | 378 | ||
| 379 | /* | 379 | /* |
| 380 | * Set options from certificate constraints. These supersede user key options | 380 | * Set options from critical certificate options. These supersede user key |
| 381 | * so this must be called after auth_parse_options(). | 381 | * options so this must be called after auth_parse_options(). |
| 382 | */ | 382 | */ |
| 383 | int | 383 | int |
| 384 | auth_cert_constraints(Buffer *c_orig, struct passwd *pw) | 384 | auth_cert_options(Key *k, struct passwd *pw) |
| 385 | { | 385 | { |
| 386 | u_char *name = NULL, *data_blob = NULL; | 386 | u_char *name = NULL, *data_blob = NULL; |
| 387 | u_int nlen, dlen, clen; | 387 | u_int nlen, dlen, clen; |
| @@ -400,12 +400,13 @@ auth_cert_constraints(Buffer *c_orig, struct passwd *pw) | |||
| 400 | 400 | ||
| 401 | /* Make copy to avoid altering original */ | 401 | /* Make copy to avoid altering original */ |
| 402 | buffer_init(&c); | 402 | buffer_init(&c); |
| 403 | buffer_append(&c, buffer_ptr(c_orig), buffer_len(c_orig)); | 403 | buffer_append(&c, |
| 404 | buffer_ptr(&k->cert->critical), buffer_len(&k->cert->critical)); | ||
| 404 | 405 | ||
| 405 | while (buffer_len(&c) > 0) { | 406 | while (buffer_len(&c) > 0) { |
| 406 | if ((name = buffer_get_string_ret(&c, &nlen)) == NULL || | 407 | if ((name = buffer_get_string_ret(&c, &nlen)) == NULL || |
| 407 | (data_blob = buffer_get_string_ret(&c, &dlen)) == NULL) { | 408 | (data_blob = buffer_get_string_ret(&c, &dlen)) == NULL) { |
| 408 | error("Certificate constraints corrupt"); | 409 | error("Certificate options corrupt"); |
| 409 | goto out; | 410 | goto out; |
| 410 | } | 411 | } |
| 411 | buffer_append(&data, data_blob, dlen); | 412 | buffer_append(&data, data_blob, dlen); |
| @@ -439,7 +440,7 @@ auth_cert_constraints(Buffer *c_orig, struct passwd *pw) | |||
| 439 | } | 440 | } |
| 440 | if (cert_forced_command != NULL) { | 441 | if (cert_forced_command != NULL) { |
| 441 | error("Certificate has multiple " | 442 | error("Certificate has multiple " |
| 442 | "force-command constraints"); | 443 | "force-command options"); |
| 443 | xfree(command); | 444 | xfree(command); |
| 444 | goto out; | 445 | goto out; |
| 445 | } | 446 | } |
| @@ -459,7 +460,7 @@ auth_cert_constraints(Buffer *c_orig, struct passwd *pw) | |||
| 459 | } | 460 | } |
| 460 | if (cert_source_address_done++) { | 461 | if (cert_source_address_done++) { |
| 461 | error("Certificate has multiple " | 462 | error("Certificate has multiple " |
| 462 | "source-address constraints"); | 463 | "source-address options"); |
| 463 | xfree(allowed); | 464 | xfree(allowed); |
| 464 | goto out; | 465 | goto out; |
| 465 | } | 466 | } |
| @@ -502,7 +503,7 @@ auth_cert_constraints(Buffer *c_orig, struct passwd *pw) | |||
| 502 | name = data_blob = NULL; | 503 | name = data_blob = NULL; |
| 503 | } | 504 | } |
| 504 | 505 | ||
| 505 | /* successfully parsed all constraints */ | 506 | /* successfully parsed all options */ |
| 506 | ret = 0; | 507 | ret = 0; |
| 507 | 508 | ||
| 508 | no_port_forwarding_flag |= cert_no_port_forwarding_flag; | 509 | no_port_forwarding_flag |= cert_no_port_forwarding_flag; |