New upstream release (6.8p1).

author: Colin Watson <cjwatson@debian.org> 2015-08-19 14:23:51 +0100
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 16:48:11 +0100
commit: 0f0841b2d28b7463267d4d91577e72e3340a1d3a (patch)
tree: ba55fcd2b6e2cc22b30f5afb561dbb3da4c8b6c7 /authfile.c
parent: f2a5f5dae656759efb0b76c3d94890b65c197a02 (diff)
parent: 8698446b972003b63dfe5dcbdb86acfe986afb85 (diff)
1 files changed, 74 insertions, 51 deletions
diff --git a/authfile.c b/authfile.c
index e93d86738..3a81786c7 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.107 2014/06/24 01:13:21 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.111 2015/02/23 16:55:51 djm Exp $ */
 /*
 * Copyright (c) 2000, 2013 Markus Friedl.  All rights reserved.
 *
@@ -27,7 +27,6 @@
 #include <sys/types.h>
 #include <sys/stat.h>
-#include <sys/param.h>
 #include <sys/uio.h>
 #include <errno.h>
@@ -37,6 +36,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 #include "cipher.h"
 #include "key.h"
@@ -48,6 +48,7 @@
 #include "atomicio.h"
 #include "sshbuf.h"
 #include "ssherr.h"
+#include "krl.h"
 #define MAX_KEY_FILE_SIZE       (1024 * 1024)
@@ -94,7 +95,7 @@ sshkey_save_private(struct sshkey *key, const char *filename,
 /* Load a key from a fd into a buffer */
 int
-sshkey_load_file(int fd, const char *filename, struct sshbuf *blob)
+sshkey_load_file(int fd, struct sshbuf *blob)
 {
        u_char buf[1024];
        size_t len;
@@ -141,8 +142,7 @@ sshkey_load_file(int fd, const char *filename, struct sshbuf *blob)
 * otherwise.
 */
 static int
-sshkey_load_public_rsa1(int fd, const char *filename,
+sshkey_load_public_rsa1(int fd, struct sshkey **keyp, char **commentp)
-    struct sshkey **keyp, char **commentp)
 {
        struct sshbuf *b = NULL;
        int r;
@@ -153,7 +153,7 @@ sshkey_load_public_rsa1(int fd, const char *filename,
        if ((b = sshbuf_new()) == NULL)
                return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshkey_load_file(fd, filename, b)) != 0)
+        if ((r = sshkey_load_file(fd, b)) != 0)
                goto out;
        if ((r = sshkey_parse_public_rsa1_fileblob(b, keyp, commentp)) != 0)
                goto out;
@@ -164,33 +164,6 @@ sshkey_load_public_rsa1(int fd, const char *filename,
 }
 #endif /* WITH_SSH1 */
-#ifdef WITH_OPENSSL
-/* XXX Deprecate? */
-int
-sshkey_load_private_pem(int fd, int type, const char *passphrase,
-    struct sshkey **keyp, char **commentp)
-{
-        struct sshbuf *buffer = NULL;
-        int r;
-        *keyp = NULL;
-        if (commentp != NULL)
-                *commentp = NULL;
-        if ((buffer = sshbuf_new()) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshkey_load_file(fd, NULL, buffer)) != 0)
-                goto out;
-        if ((r = sshkey_parse_private_pem_fileblob(buffer, type, passphrase,
-            keyp, commentp)) != 0)
-                goto out;
-        r = 0;
- out:
-        sshbuf_free(buffer);
-        return r;
-}
-#endif /* WITH_OPENSSL */
 /* XXX remove error() calls from here? */
 int
 sshkey_perm_ok(int fd, const char *filename)
@@ -226,7 +199,6 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase,
    struct sshkey **keyp, char **commentp, int *perm_ok)
 {
        int fd, r;
-        struct sshbuf *buffer = NULL;
        *keyp = NULL;
        if (commentp != NULL)
@@ -246,18 +218,31 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase,
        if (perm_ok != NULL)
                *perm_ok = 1;
+        r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp);
+ out:
+        close(fd);
+        return r;
+}
+int
+sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
+    struct sshkey **keyp, char **commentp)
+{
+        struct sshbuf *buffer = NULL;
+        int r;
        if ((buffer = sshbuf_new()) == NULL) {
                r = SSH_ERR_ALLOC_FAIL;
                goto out;
        }
-        if ((r = sshkey_load_file(fd, filename, buffer)) != 0)
+        if ((r = sshkey_load_file(fd, buffer)) != 0 ||
-                goto out;
+            (r = sshkey_parse_private_fileblob_type(buffer, type,
-        if ((r = sshkey_parse_private_fileblob_type(buffer, type, passphrase,
+            passphrase, keyp, commentp)) != 0)
-            keyp, commentp)) != 0)
                goto out;
+        /* success */
        r = 0;
 out:
-        close(fd);
        if (buffer != NULL)
                sshbuf_free(buffer);
        return r;
@@ -286,7 +271,7 @@ sshkey_load_private(const char *filename, const char *passphrase,
                r = SSH_ERR_ALLOC_FAIL;
                goto out;
        }
-        if ((r = sshkey_load_file(fd, filename, buffer)) != 0 ||
+        if ((r = sshkey_load_file(fd, buffer)) != 0 ||
            (r = sshkey_parse_private_fileblob(buffer, passphrase, filename,
            keyp, commentp)) != 0)
                goto out;
@@ -350,7 +335,7 @@ int
 sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
 {
        struct sshkey *pub = NULL;
-        char file[MAXPATHLEN];
+        char file[PATH_MAX];
        int r, fd;
        if (keyp != NULL)
@@ -358,11 +343,13 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
        if (commentp != NULL)
                *commentp = NULL;
+        /* XXX should load file once and attempt to parse each format */
        if ((fd = open(filename, O_RDONLY)) < 0)
                goto skip;
 #ifdef WITH_SSH1
        /* try rsa1 private key */
-        r = sshkey_load_public_rsa1(fd, filename, keyp, commentp);
+        r = sshkey_load_public_rsa1(fd, keyp, commentp);
        close(fd);
        switch (r) {
        case SSH_ERR_INTERNAL_ERROR:
@@ -409,6 +396,7 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
                return 0;
        }
        sshkey_free(pub);
        return r;
 }
@@ -494,11 +482,14 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
 /*
 * Returns success if the specified "key" is listed in the file "filename",
 * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error.
- * If strict_type is set then the key type must match exactly,
+ * If "strict_type" is set then the key type must match exactly,
 * otherwise a comparison that ignores certficiate data is performed.
+ * If "check_ca" is set and "key" is a certificate, then its CA key is
+ * also checked and sshkey_in_file() will return success if either is found.
 */
 int
-sshkey_in_file(struct sshkey *key, const char *filename, int strict_type)
+sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
+    int check_ca)
 {
        FILE *f;
        char line[SSH_MAX_PUBKEY_BYTES];
@@ -509,12 +500,8 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type)
        int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) =
            strict_type ?  sshkey_equal : sshkey_equal_public;
-        if ((f = fopen(filename, "r")) == NULL) {
+        if ((f = fopen(filename, "r")) == NULL)
-                if (errno == ENOENT)
+                return SSH_ERR_SYSTEM_ERROR;
-                        return SSH_ERR_KEY_NOT_FOUND;
-                else
-                        return SSH_ERR_SYSTEM_ERROR;
-        }
        while (read_keyfile_line(f, filename, line, sizeof(line),
            &linenum) != -1) {
@@ -538,7 +525,9 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type)
                }
                if ((r = sshkey_read(pub, &cp)) != 0)
                        goto out;
-                if (sshkey_compare(key, pub)) {
+                if (sshkey_compare(key, pub) ||
+                    (check_ca && sshkey_is_cert(key) &&
+                    sshkey_compare(key->cert->signature_key, pub))) {
                        r = 0;
                        goto out;
                }
@@ -553,3 +542,37 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type)
        return r;
 }
+/*
+ * Checks whether the specified key is revoked, returning 0 if not,
+ * SSH_ERR_KEY_REVOKED if it is or another error code if something
+ * unexpected happened.
+ * This will check both the key and, if it is a certificate, its CA key too.
+ * "revoked_keys_file" may be a KRL or a one-per-line list of public keys.
+ */
+int
+sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file)
+{
+        int r;
+        r = ssh_krl_file_contains_key(revoked_keys_file, key);
+        /* If this was not a KRL to begin with then continue below */
+        if (r != SSH_ERR_KRL_BAD_MAGIC)
+                return r;
+        /*
+         * If the file is not a KRL or we can't handle KRLs then attempt to
+         * parse the file as a flat list of keys.
+         */
+        switch ((r = sshkey_in_file(key, revoked_keys_file, 0, 1))) {
+        case 0:
+                /* Key found => revoked */
+                return SSH_ERR_KEY_REVOKED;
+        case SSH_ERR_KEY_NOT_FOUND:
+                /* Key not found => not revoked */
+                return 0;
+        default:
+                /* Some other error occurred */
+                return r;
+        }
+}
author	Colin Watson <cjwatson@debian.org>	2015-08-19 14:23:51 +0100
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 16:48:11 +0100
commit	0f0841b2d28b7463267d4d91577e72e3340a1d3a (patch)
tree	ba55fcd2b6e2cc22b30f5afb561dbb3da4c8b6c7 /authfile.c
parent	f2a5f5dae656759efb0b76c3d94890b65c197a02 (diff)
parent	8698446b972003b63dfe5dcbdb86acfe986afb85 (diff)