diff options
author | Colin Watson <cjwatson@ubuntu.com> | 2014-02-09 16:09:50 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-02-09 16:17:31 +0000 |
commit | 8909ff0e3cd07d1b042d1be1c8b8828dbf6c9a83 (patch) | |
tree | ebee4092f1411059e34da6f66b4ebd64f4411020 /auth.c | |
parent | 07f2a771c490bd68cd5c5ea9c535705e93bd94f3 (diff) |
Reject vulnerable keys to mitigate Debian OpenSSL flaw
In 2008, Debian (and derived distributions such as Ubuntu) shipped an
OpenSSL package with a flawed random number generator, causing OpenSSH to
generate only a very limited set of keys which were subject to private half
precomputation. To mitigate this, this patch checks key authentications
against a blacklist of known-vulnerable keys, and adds a new ssh-vulnkey
program which can be used to explicitly check keys against that blacklist.
See CVE-2008-0166.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Last-Update: 2013-09-14
Patch-Name: ssh-vulnkey.patch
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 27 |
1 files changed, 26 insertions, 1 deletions
@@ -59,6 +59,7 @@ | |||
59 | #include "servconf.h" | 59 | #include "servconf.h" |
60 | #include "key.h" | 60 | #include "key.h" |
61 | #include "hostfile.h" | 61 | #include "hostfile.h" |
62 | #include "authfile.h" | ||
62 | #include "auth.h" | 63 | #include "auth.h" |
63 | #include "auth-options.h" | 64 | #include "auth-options.h" |
64 | #include "canohost.h" | 65 | #include "canohost.h" |
@@ -657,10 +658,34 @@ getpwnamallow(const char *user) | |||
657 | 658 | ||
658 | /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */ | 659 | /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */ |
659 | int | 660 | int |
660 | auth_key_is_revoked(Key *key) | 661 | auth_key_is_revoked(Key *key, int hostkey) |
661 | { | 662 | { |
662 | char *key_fp; | 663 | char *key_fp; |
663 | 664 | ||
665 | if (blacklisted_key(key, &key_fp) == 1) { | ||
666 | if (options.permit_blacklisted_keys) { | ||
667 | if (hostkey) | ||
668 | error("Host key %s blacklisted (see " | ||
669 | "ssh-vulnkey(1)); continuing anyway", | ||
670 | key_fp); | ||
671 | else | ||
672 | logit("Public key %s from %s blacklisted (see " | ||
673 | "ssh-vulnkey(1)); continuing anyway", | ||
674 | key_fp, get_remote_ipaddr()); | ||
675 | free(key_fp); | ||
676 | } else { | ||
677 | if (hostkey) | ||
678 | error("Host key %s blacklisted (see " | ||
679 | "ssh-vulnkey(1))", key_fp); | ||
680 | else | ||
681 | logit("Public key %s from %s blacklisted (see " | ||
682 | "ssh-vulnkey(1))", | ||
683 | key_fp, get_remote_ipaddr()); | ||
684 | free(key_fp); | ||
685 | return 1; | ||
686 | } | ||
687 | } | ||
688 | |||
664 | if (options.revoked_keys_file == NULL) | 689 | if (options.revoked_keys_file == NULL) |
665 | return 0; | 690 | return 0; |
666 | switch (ssh_krl_file_contains_key(options.revoked_keys_file, key)) { | 691 | switch (ssh_krl_file_contains_key(options.revoked_keys_file, key)) { |