diff options
| author | Colin Watson <cjwatson@ubuntu.com> | 2014-02-09 16:09:50 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2014-02-09 16:17:31 +0000 |
| commit | 8909ff0e3cd07d1b042d1be1c8b8828dbf6c9a83 (patch) | |
| tree | ebee4092f1411059e34da6f66b4ebd64f4411020 /auth2-pubkey.c | |
| parent | 07f2a771c490bd68cd5c5ea9c535705e93bd94f3 (diff) | |
Reject vulnerable keys to mitigate Debian OpenSSL flaw
In 2008, Debian (and derived distributions such as Ubuntu) shipped an
OpenSSL package with a flawed random number generator, causing OpenSSH to
generate only a very limited set of keys which were subject to private half
precomputation. To mitigate this, this patch checks key authentications
against a blacklist of known-vulnerable keys, and adds a new ssh-vulnkey
program which can be used to explicitly check keys against that blacklist.
See CVE-2008-0166.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Last-Update: 2013-09-14
Patch-Name: ssh-vulnkey.patch
Diffstat (limited to 'auth2-pubkey.c')
| -rw-r--r-- | auth2-pubkey.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 2b3ecb104..12eb8a6b2 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
| @@ -647,9 +647,10 @@ user_key_allowed(struct passwd *pw, Key *key) | |||
| 647 | u_int success, i; | 647 | u_int success, i; |
| 648 | char *file; | 648 | char *file; |
| 649 | 649 | ||
| 650 | if (auth_key_is_revoked(key)) | 650 | if (auth_key_is_revoked(key, 0)) |
| 651 | return 0; | 651 | return 0; |
| 652 | if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key)) | 652 | if (key_is_cert(key) && |
| 653 | auth_key_is_revoked(key->cert->signature_key, 0)) | ||
| 653 | return 0; | 654 | return 0; |
| 654 | 655 | ||
| 655 | success = user_cert_trusted_ca(pw, key); | 656 | success = user_cert_trusted_ca(pw, key); |