diff options
| author | Colin Watson <cjwatson@debian.org> | 2008-05-12 23:33:01 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2008-05-12 23:33:01 +0000 |
| commit | 47608c17e64138f8d16aa2bdc49a0eb00e1c3549 (patch) | |
| tree | 92572d90b9aa8f45c0d9e6dbb185065667fdcea0 /auth-rsa.c | |
| parent | 19ccea525446d5a3c2a176d813c505be81b91cbf (diff) | |
* Mitigate OpenSSL security vulnerability:
- Add key blacklisting support. Keys listed in
/etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by
sshd, unless "PermitBlacklistedKeys yes" is set in
/etc/ssh/sshd_config.
- Add a new program, ssh-vulnkey, which can be used to check keys
against these blacklists.
- Depend on openssh-blacklist.
- Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least
0.9.8g-9.
- Automatically regenerate known-compromised host keys, with a
critical-priority debconf note. (I regret that there was no time to
gather translations.)
Diffstat (limited to 'auth-rsa.c')
| -rw-r--r-- | auth-rsa.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/auth-rsa.c b/auth-rsa.c index 69f9a5896..1d277f92a 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
| @@ -40,6 +40,7 @@ | |||
| 40 | #include "servconf.h" | 40 | #include "servconf.h" |
| 41 | #include "key.h" | 41 | #include "key.h" |
| 42 | #include "hostfile.h" | 42 | #include "hostfile.h" |
| 43 | #include "authfile.h" | ||
| 43 | #include "auth.h" | 44 | #include "auth.h" |
| 44 | #ifdef GSSAPI | 45 | #ifdef GSSAPI |
| 45 | #include "ssh-gss.h" | 46 | #include "ssh-gss.h" |
| @@ -221,6 +222,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
| 221 | char *cp; | 222 | char *cp; |
| 222 | char *key_options; | 223 | char *key_options; |
| 223 | int keybits; | 224 | int keybits; |
| 225 | char *fp; | ||
| 224 | 226 | ||
| 225 | /* Skip leading whitespace, empty and comment lines. */ | 227 | /* Skip leading whitespace, empty and comment lines. */ |
| 226 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 228 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
| @@ -265,6 +267,19 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
| 265 | "actual %d vs. announced %d.", | 267 | "actual %d vs. announced %d.", |
| 266 | file, linenum, BN_num_bits(key->rsa->n), bits); | 268 | file, linenum, BN_num_bits(key->rsa->n), bits); |
| 267 | 269 | ||
| 270 | if (blacklisted_key(key)) { | ||
| 271 | fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); | ||
| 272 | if (options.permit_blacklisted_keys) | ||
| 273 | logit("Public key %s blacklisted (see " | ||
| 274 | "ssh-vulnkey(1)); continuing anyway", fp); | ||
| 275 | else | ||
| 276 | logit("Public key %s blacklisted (see " | ||
| 277 | "ssh-vulnkey(1))", fp); | ||
| 278 | xfree(fp); | ||
| 279 | if (!options.permit_blacklisted_keys) | ||
| 280 | continue; | ||
| 281 | } | ||
| 282 | |||
| 268 | /* We have found the desired key. */ | 283 | /* We have found the desired key. */ |
| 269 | /* | 284 | /* |
| 270 | * If our options do not allow this key to be used, | 285 | * If our options do not allow this key to be used, |