diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-03-12 00:52:01 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-03-14 18:55:32 +1100 |
commit | bf0fbf2b11a44f06a64b620af7d01ff171c28e13 (patch) | |
tree | bebb13975a12e80a295cafeec72417a6911ea750 /auth-options.c | |
parent | fbd733ab7adc907118a6cf56c08ed90c7000043f (diff) |
upstream: add valid-before="[time]" authorized_keys option. A
simple way of giving a key an expiry date. ok markus@
OpenBSD-Commit-ID: 1793b4dd5184fa87f42ed33c7b0f4f02bc877947
Diffstat (limited to 'auth-options.c')
-rw-r--r-- | auth-options.c | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/auth-options.c b/auth-options.c index 484e44b74..38211fa2a 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-options.c,v 1.76 2018/03/03 03:15:51 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.77 2018/03/12 00:52:01 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2018 Damien Miller <djm@mindrot.org> | 3 | * Copyright (c) 2018 Damien Miller <djm@mindrot.org> |
4 | * | 4 | * |
@@ -311,6 +311,7 @@ sshauthopt_parse(const char *opts, const char **errstrp) | |||
311 | int r; | 311 | int r; |
312 | struct sshauthopt *ret = NULL; | 312 | struct sshauthopt *ret = NULL; |
313 | const char *errstr = "unknown error"; | 313 | const char *errstr = "unknown error"; |
314 | uint64_t valid_before; | ||
314 | 315 | ||
315 | if (errstrp != NULL) | 316 | if (errstrp != NULL) |
316 | *errstrp = NULL; | 317 | *errstrp = NULL; |
@@ -366,6 +367,19 @@ sshauthopt_parse(const char *opts, const char **errstrp) | |||
366 | &errstr); | 367 | &errstr); |
367 | if (ret->required_from_host_keys == NULL) | 368 | if (ret->required_from_host_keys == NULL) |
368 | goto fail; | 369 | goto fail; |
370 | } else if (opt_match(&opts, "valid-before")) { | ||
371 | if ((opt = opt_dequote(&opts, &errstr)) == NULL) | ||
372 | goto fail; | ||
373 | if (parse_absolute_time(opt, &valid_before) != 0 || | ||
374 | valid_before == 0) { | ||
375 | free(opt); | ||
376 | errstr = "invalid expires time"; | ||
377 | goto fail; | ||
378 | } | ||
379 | free(opt); | ||
380 | if (ret->valid_before == 0 || | ||
381 | valid_before < ret->valid_before) | ||
382 | ret->valid_before = valid_before; | ||
369 | } else if (opt_match(&opts, "environment")) { | 383 | } else if (opt_match(&opts, "environment")) { |
370 | if (ret->nenv > INT_MAX) { | 384 | if (ret->nenv > INT_MAX) { |
371 | errstr = "too many environment strings"; | 385 | errstr = "too many environment strings"; |
@@ -572,6 +586,13 @@ sshauthopt_merge(const struct sshauthopt *primary, | |||
572 | OPTFLAG(permit_user_rc); | 586 | OPTFLAG(permit_user_rc); |
573 | #undef OPTFLAG | 587 | #undef OPTFLAG |
574 | 588 | ||
589 | /* Earliest expiry time should win */ | ||
590 | if (primary->valid_before != 0) | ||
591 | ret->valid_before = primary->valid_before; | ||
592 | if (additional->valid_before != 0 && | ||
593 | additional->valid_before < ret->valid_before) | ||
594 | ret->valid_before = additional->valid_before; | ||
595 | |||
575 | /* | 596 | /* |
576 | * When both multiple forced-command are specified, only | 597 | * When both multiple forced-command are specified, only |
577 | * proceed if they are identical, otherwise fail. | 598 | * proceed if they are identical, otherwise fail. |
@@ -631,6 +652,7 @@ sshauthopt_copy(const struct sshauthopt *orig) | |||
631 | OPTSCALAR(restricted); | 652 | OPTSCALAR(restricted); |
632 | OPTSCALAR(cert_authority); | 653 | OPTSCALAR(cert_authority); |
633 | OPTSCALAR(force_tun_device); | 654 | OPTSCALAR(force_tun_device); |
655 | OPTSCALAR(valid_before); | ||
634 | #undef OPTSCALAR | 656 | #undef OPTSCALAR |
635 | #define OPTSTRING(x) \ | 657 | #define OPTSTRING(x) \ |
636 | do { \ | 658 | do { \ |
@@ -751,14 +773,15 @@ sshauthopt_serialise(const struct sshauthopt *opts, struct sshbuf *m, | |||
751 | { | 773 | { |
752 | int r = SSH_ERR_INTERNAL_ERROR; | 774 | int r = SSH_ERR_INTERNAL_ERROR; |
753 | 775 | ||
754 | /* Flag options */ | 776 | /* Flag and simple integer options */ |
755 | if ((r = sshbuf_put_u8(m, opts->permit_port_forwarding_flag)) != 0 || | 777 | if ((r = sshbuf_put_u8(m, opts->permit_port_forwarding_flag)) != 0 || |
756 | (r = sshbuf_put_u8(m, opts->permit_agent_forwarding_flag)) != 0 || | 778 | (r = sshbuf_put_u8(m, opts->permit_agent_forwarding_flag)) != 0 || |
757 | (r = sshbuf_put_u8(m, opts->permit_x11_forwarding_flag)) != 0 || | 779 | (r = sshbuf_put_u8(m, opts->permit_x11_forwarding_flag)) != 0 || |
758 | (r = sshbuf_put_u8(m, opts->permit_pty_flag)) != 0 || | 780 | (r = sshbuf_put_u8(m, opts->permit_pty_flag)) != 0 || |
759 | (r = sshbuf_put_u8(m, opts->permit_user_rc)) != 0 || | 781 | (r = sshbuf_put_u8(m, opts->permit_user_rc)) != 0 || |
760 | (r = sshbuf_put_u8(m, opts->restricted)) != 0 || | 782 | (r = sshbuf_put_u8(m, opts->restricted)) != 0 || |
761 | (r = sshbuf_put_u8(m, opts->cert_authority)) != 0) | 783 | (r = sshbuf_put_u8(m, opts->cert_authority)) != 0 || |
784 | (r = sshbuf_put_u64(m, opts->valid_before)) != 0) | ||
762 | return r; | 785 | return r; |
763 | 786 | ||
764 | /* tunnel number can be negative to indicate "unset" */ | 787 | /* tunnel number can be negative to indicate "unset" */ |
@@ -815,6 +838,9 @@ sshauthopt_deserialise(struct sshbuf *m, struct sshauthopt **optsp) | |||
815 | OPT_FLAG(cert_authority); | 838 | OPT_FLAG(cert_authority); |
816 | #undef OPT_FLAG | 839 | #undef OPT_FLAG |
817 | 840 | ||
841 | if ((r = sshbuf_get_u64(m, &opts->valid_before)) != 0) | ||
842 | goto out; | ||
843 | |||
818 | /* tunnel number can be negative to indicate "unset" */ | 844 | /* tunnel number can be negative to indicate "unset" */ |
819 | if ((r = sshbuf_get_u8(m, &f)) != 0 || | 845 | if ((r = sshbuf_get_u8(m, &f)) != 0 || |
820 | (r = sshbuf_get_u32(m, &tmp)) != 0) | 846 | (r = sshbuf_get_u32(m, &tmp)) != 0) |