upstream commit

unifdef WITH_SSH1 ok markus@ Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
author: djm@openbsd.org <djm@openbsd.org> 2017-04-30 23:10:43 +0000
committer: Damien Miller <djm@mindrot.org> 2017-05-01 09:37:40 +1000
commit: 56912dea6ef63dae4eb1194e5d88973a7c6c5740 (patch)
tree: c0425585449d257a90a42efce5f602f7ce16779f /ssh-agent.c
parent: d4084cd230f7319056559b00db8b99296dad49d5 (diff)
1 files changed, 1 insertions, 172 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index b987562b9..6788287b7 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.218 2017/03/15 03:52:30 deraadt Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.219 2017/04/30 23:10:43 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -257,16 +257,6 @@ process_request_identities(SocketEntry *e, int version)
                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        TAILQ_FOREACH(id, &tab->idlist, next) {
                if (id->key->type == KEY_RSA1) {
-#ifdef WITH_SSH1
-                        if ((r = sshbuf_put_u32(msg,
-                            BN_num_bits(id->key->rsa->n))) != 0 ||
-                            (r = sshbuf_put_bignum1(msg,
-                            id->key->rsa->e)) != 0 ||
-                            (r = sshbuf_put_bignum1(msg,
-                            id->key->rsa->n)) != 0)
-                                fatal("%s: buffer error: %s",
-                                    __func__, ssh_err(r));
-#endif
                } else {
                        u_char *blob;
                        size_t blen;
@@ -289,87 +279,6 @@ process_request_identities(SocketEntry *e, int version)
        sshbuf_free(msg);
 }
-#ifdef WITH_SSH1
-/* ssh1 only */
-static void
-process_authentication_challenge1(SocketEntry *e)
-{
-        u_char buf[32], mdbuf[16], session_id[16];
-        u_int response_type;
-        BIGNUM *challenge;
-        Identity *id;
-        int r, len;
-        struct sshbuf *msg;
-        struct ssh_digest_ctx *md;
-        struct sshkey *key;
-        if ((msg = sshbuf_new()) == NULL)
-                fatal("%s: sshbuf_new failed", __func__);
-        if ((key = sshkey_new(KEY_RSA1)) == NULL)
-                fatal("%s: sshkey_new failed", __func__);
-        if ((challenge = BN_new()) == NULL)
-                fatal("%s: BN_new failed", __func__);
-        if ((r = sshbuf_get_u32(e->request, NULL)) != 0 || /* ignored */
-            (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 ||
-            (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0 ||
-            (r = sshbuf_get_bignum1(e->request, challenge)))
-                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-        /* Only protocol 1.1 is supported */
-        if (sshbuf_len(e->request) == 0)
-                goto failure;
-        if ((r = sshbuf_get(e->request, session_id, sizeof(session_id))) != 0 ||
-            (r = sshbuf_get_u32(e->request, &response_type)) != 0)
-                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-        if (response_type != 1)
-                goto failure;
-        id = lookup_identity(key, 1);
-        if (id != NULL && (!id->confirm || confirm_key(id) == 0)) {
-                struct sshkey *private = id->key;
-                /* Decrypt the challenge using the private key. */
-                if ((r = rsa_private_decrypt(challenge, challenge,
-                    private->rsa) != 0)) {
-                        fatal("%s: rsa_public_encrypt: %s", __func__,
-                            ssh_err(r));
-                        goto failure;   /* XXX ? */
-                }
-                /* The response is MD5 of decrypted challenge plus session id */
-                len = BN_num_bytes(challenge);
-                if (len <= 0 || len > 32) {
-                        logit("%s: bad challenge length %d", __func__, len);
-                        goto failure;
-                }
-                memset(buf, 0, 32);
-                BN_bn2bin(challenge, buf + 32 - len);
-                if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
-                    ssh_digest_update(md, buf, 32) < 0 ||
-                    ssh_digest_update(md, session_id, 16) < 0 ||
-                    ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
-                        fatal("%s: md5 failed", __func__);
-                ssh_digest_free(md);
-                /* Send the response. */
-                if ((r = sshbuf_put_u8(msg, SSH_AGENT_RSA_RESPONSE)) != 0 ||
-                    (r = sshbuf_put(msg, mdbuf, sizeof(mdbuf))) != 0)
-                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
-                goto send;
-        }
- failure:
-        /* Unknown identity or protocol error.  Send failure. */
-        if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)
-                fatal("%s: buffer error: %s", __func__, ssh_err(r));
- send:
-        if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
-                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-        sshkey_free(key);
-        BN_clear_free(challenge);
-        sshbuf_free(msg);
-}
-#endif
 static char *
 agent_decode_alg(struct sshkey *key, u_int flags)
@@ -448,28 +357,8 @@ process_remove_identity(SocketEntry *e, int version)
        int r, success = 0;
        struct sshkey *key = NULL;
        u_char *blob;
-#ifdef WITH_SSH1
-        u_int bits;
-#endif /* WITH_SSH1 */
        switch (version) {
-#ifdef WITH_SSH1
-        case 1:
-                if ((key = sshkey_new(KEY_RSA1)) == NULL) {
-                        error("%s: sshkey_new failed", __func__);
-                        return;
-                }
-                if ((r = sshbuf_get_u32(e->request, &bits)) != 0 ||
-                    (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 ||
-                    (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0)
-                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
-                if (bits != sshkey_size(key))
-                        logit("Warning: identity keysize mismatch: "
-                            "actual %u, announced %u",
-                            sshkey_size(key), bits);
-                break;
-#endif /* WITH_SSH1 */
        case 2:
                if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0)
                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -559,45 +448,6 @@ reaper(void)
 * XXX this and the corresponding serialisation function probably belongs
 * in key.c
 */
-#ifdef WITH_SSH1
-static int
-agent_decode_rsa1(struct sshbuf *m, struct sshkey **kp)
-{
-        struct sshkey *k = NULL;
-        int r = SSH_ERR_INTERNAL_ERROR;
-        *kp = NULL;
-        if ((k = sshkey_new_private(KEY_RSA1)) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_get_u32(m, NULL)) != 0 ||               /* ignored */
-            (r = sshbuf_get_bignum1(m, k->rsa->n)) != 0 ||
-            (r = sshbuf_get_bignum1(m, k->rsa->e)) != 0 ||
-            (r = sshbuf_get_bignum1(m, k->rsa->d)) != 0 ||
-            (r = sshbuf_get_bignum1(m, k->rsa->iqmp)) != 0 ||
-            /* SSH1 and SSL have p and q swapped */
-            (r = sshbuf_get_bignum1(m, k->rsa->q)) != 0 ||      /* p */
-            (r = sshbuf_get_bignum1(m, k->rsa->p)) != 0)        /* q */
-                goto out;
-        /* Generate additional parameters */
-        if ((r = rsa_generate_additional_parameters(k->rsa)) != 0)
-                goto out;
-        /* enable blinding */
-        if (RSA_blinding_on(k->rsa, NULL) != 1) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
-                goto out;
-        }
-        r = 0; /* success */
- out:
-        if (r == 0)
-                *kp = k;
-        else
-                sshkey_free(k);
-        return r;
-}
-#endif /* WITH_SSH1 */
 static void
 process_add_identity(SocketEntry *e, int version)
@@ -613,11 +463,6 @@ process_add_identity(SocketEntry *e, int version)
        int r = SSH_ERR_INTERNAL_ERROR;
        switch (version) {
-#ifdef WITH_SSH1
-        case 1:
-                r = agent_decode_rsa1(e->request, &k);
-                break;
-#endif /* WITH_SSH1 */
        case 2:
                r = sshkey_private_deserialize(e->request, &k);
                break;
@@ -912,22 +757,6 @@ process_message(SocketEntry *e)
        case SSH_AGENTC_UNLOCK:
                process_lock_agent(e, type == SSH_AGENTC_LOCK);
                break;
-#ifdef WITH_SSH1
-        /* ssh1 */
-        case SSH_AGENTC_RSA_CHALLENGE:
-                process_authentication_challenge1(e);
-                break;
-        case SSH_AGENTC_REQUEST_RSA_IDENTITIES:
-                process_request_identities(e, 1);
-                break;
-        case SSH_AGENTC_ADD_RSA_IDENTITY:
-        case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED:
-                process_add_identity(e, 1);
-                break;
-        case SSH_AGENTC_REMOVE_RSA_IDENTITY:
-                process_remove_identity(e, 1);
-                break;
-#endif
        case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
                process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */
                break;
author	djm@openbsd.org <djm@openbsd.org>	2017-04-30 23:10:43 +0000
committer	Damien Miller <djm@mindrot.org>	2017-05-01 09:37:40 +1000
commit	56912dea6ef63dae4eb1194e5d88973a7c6c5740 (patch)
tree	c0425585449d257a90a42efce5f602f7ce16779f /ssh-agent.c
parent	d4084cd230f7319056559b00db8b99296dad49d5 (diff)

diff --git a/ssh-agent.c b/ssh-agent.c index b987562b9..6788287b7 100644 --- a/ssh-agent.c +++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-agent.c,v 1.218 2017/03/15 03:52:30 deraadt Exp $ */	1	/* $OpenBSD: ssh-agent.c,v 1.219 2017/04/30 23:10:43 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -257,16 +257,6 @@ process_request_identities(SocketEntry *e, int version)
257	fatal("%s: buffer error: %s", __func__, ssh_err(r));	257	fatal("%s: buffer error: %s", __func__, ssh_err(r));
258	TAILQ_FOREACH(id, &tab->idlist, next) {	258	TAILQ_FOREACH(id, &tab->idlist, next) {
259	if (id->key->type == KEY_RSA1) {	259	if (id->key->type == KEY_RSA1) {
260	#ifdef WITH_SSH1
261	if ((r = sshbuf_put_u32(msg,
262	BN_num_bits(id->key->rsa->n))) != 0 \|\|
263	(r = sshbuf_put_bignum1(msg,
264	id->key->rsa->e)) != 0 \|\|
265	(r = sshbuf_put_bignum1(msg,
266	id->key->rsa->n)) != 0)
267	fatal("%s: buffer error: %s",
268	__func__, ssh_err(r));
269	#endif
270	} else {	260	} else {
271	u_char *blob;	261	u_char *blob;
272	size_t blen;	262	size_t blen;
@@ -289,87 +279,6 @@ process_request_identities(SocketEntry *e, int version)
289	sshbuf_free(msg);	279	sshbuf_free(msg);
290	}	280	}
291		281
292	#ifdef WITH_SSH1
293	/* ssh1 only */
294	static void
295	process_authentication_challenge1(SocketEntry *e)
296	{
297	u_char buf[32], mdbuf[16], session_id[16];
298	u_int response_type;
299	BIGNUM *challenge;
300	Identity *id;
301	int r, len;
302	struct sshbuf *msg;
303	struct ssh_digest_ctx *md;
304	struct sshkey *key;
305
306	if ((msg = sshbuf_new()) == NULL)
307	fatal("%s: sshbuf_new failed", __func__);
308	if ((key = sshkey_new(KEY_RSA1)) == NULL)
309	fatal("%s: sshkey_new failed", __func__);
310	if ((challenge = BN_new()) == NULL)
311	fatal("%s: BN_new failed", __func__);
312
313	if ((r = sshbuf_get_u32(e->request, NULL)) != 0 \|\| /* ignored */
314	(r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 \|\|
315	(r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0 \|\|
316	(r = sshbuf_get_bignum1(e->request, challenge)))
317	fatal("%s: buffer error: %s", __func__, ssh_err(r));
318
319	/* Only protocol 1.1 is supported */
320	if (sshbuf_len(e->request) == 0)
321	goto failure;
322	if ((r = sshbuf_get(e->request, session_id, sizeof(session_id))) != 0 \|\|
323	(r = sshbuf_get_u32(e->request, &response_type)) != 0)
324	fatal("%s: buffer error: %s", __func__, ssh_err(r));
325	if (response_type != 1)
326	goto failure;
327
328	id = lookup_identity(key, 1);
329	if (id != NULL && (!id->confirm \|\| confirm_key(id) == 0)) {
330	struct sshkey *private = id->key;
331	/* Decrypt the challenge using the private key. */
332	if ((r = rsa_private_decrypt(challenge, challenge,
333	private->rsa) != 0)) {
334	fatal("%s: rsa_public_encrypt: %s", __func__,
335	ssh_err(r));
336	goto failure; /* XXX ? */
337	}
338
339	/* The response is MD5 of decrypted challenge plus session id */
340	len = BN_num_bytes(challenge);
341	if (len <= 0 \|\| len > 32) {
342	logit("%s: bad challenge length %d", __func__, len);
343	goto failure;
344	}
345	memset(buf, 0, 32);
346	BN_bn2bin(challenge, buf + 32 - len);
347	if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL \|\|
348	ssh_digest_update(md, buf, 32) < 0 \|\|
349	ssh_digest_update(md, session_id, 16) < 0 \|\|
350	ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
351	fatal("%s: md5 failed", __func__);
352	ssh_digest_free(md);
353
354	/* Send the response. */
355	if ((r = sshbuf_put_u8(msg, SSH_AGENT_RSA_RESPONSE)) != 0 \|\|
356	(r = sshbuf_put(msg, mdbuf, sizeof(mdbuf))) != 0)
357	fatal("%s: buffer error: %s", __func__, ssh_err(r));
358	goto send;
359	}
360
361	failure:
362	/* Unknown identity or protocol error. Send failure. */
363	if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)
364	fatal("%s: buffer error: %s", __func__, ssh_err(r));
365	send:
366	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
367	fatal("%s: buffer error: %s", __func__, ssh_err(r));
368	sshkey_free(key);
369	BN_clear_free(challenge);
370	sshbuf_free(msg);
371	}
372	#endif
373		282
374	static char *	283	static char *
375	agent_decode_alg(struct sshkey *key, u_int flags)	284	agent_decode_alg(struct sshkey *key, u_int flags)
@@ -448,28 +357,8 @@ process_remove_identity(SocketEntry *e, int version)
448	int r, success = 0;	357	int r, success = 0;
449	struct sshkey *key = NULL;	358	struct sshkey *key = NULL;
450	u_char *blob;	359	u_char *blob;
451	#ifdef WITH_SSH1
452	u_int bits;
453	#endif /* WITH_SSH1 */
454		360
455	switch (version) {	361	switch (version) {
456	#ifdef WITH_SSH1
457	case 1:
458	if ((key = sshkey_new(KEY_RSA1)) == NULL) {
459	error("%s: sshkey_new failed", __func__);
460	return;
461	}
462	if ((r = sshbuf_get_u32(e->request, &bits)) != 0 \|\|
463	(r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 \|\|
464	(r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0)
465	fatal("%s: buffer error: %s", __func__, ssh_err(r));
466
467	if (bits != sshkey_size(key))
468	logit("Warning: identity keysize mismatch: "
469	"actual %u, announced %u",
470	sshkey_size(key), bits);
471	break;
472	#endif /* WITH_SSH1 */
473	case 2:	362	case 2:
474	if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0)	363	if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0)
475	fatal("%s: buffer error: %s", __func__, ssh_err(r));	364	fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -559,45 +448,6 @@ reaper(void)
559	* XXX this and the corresponding serialisation function probably belongs	448	* XXX this and the corresponding serialisation function probably belongs
560	* in key.c	449	* in key.c
561	*/	450	*/
562	#ifdef WITH_SSH1
563	static int
564	agent_decode_rsa1(struct sshbuf m, struct sshkey *kp)
565	{
566	struct sshkey *k = NULL;
567	int r = SSH_ERR_INTERNAL_ERROR;
568
569	*kp = NULL;
570	if ((k = sshkey_new_private(KEY_RSA1)) == NULL)
571	return SSH_ERR_ALLOC_FAIL;
572
573	if ((r = sshbuf_get_u32(m, NULL)) != 0 \|\| /* ignored */
574	(r = sshbuf_get_bignum1(m, k->rsa->n)) != 0 \|\|
575	(r = sshbuf_get_bignum1(m, k->rsa->e)) != 0 \|\|
576	(r = sshbuf_get_bignum1(m, k->rsa->d)) != 0 \|\|
577	(r = sshbuf_get_bignum1(m, k->rsa->iqmp)) != 0 \|\|
578	/* SSH1 and SSL have p and q swapped */
579	(r = sshbuf_get_bignum1(m, k->rsa->q)) != 0 \|\| /* p */
580	(r = sshbuf_get_bignum1(m, k->rsa->p)) != 0) /* q */
581	goto out;
582
583	/* Generate additional parameters */
584	if ((r = rsa_generate_additional_parameters(k->rsa)) != 0)
585	goto out;
586	/* enable blinding */
587	if (RSA_blinding_on(k->rsa, NULL) != 1) {
588	r = SSH_ERR_LIBCRYPTO_ERROR;
589	goto out;
590	}
591
592	r = 0; /* success */
593	out:
594	if (r == 0)
595	*kp = k;
596	else
597	sshkey_free(k);
598	return r;
599	}
600	#endif /* WITH_SSH1 */
601		451
602	static void	452	static void
603	process_add_identity(SocketEntry *e, int version)	453	process_add_identity(SocketEntry *e, int version)
@@ -613,11 +463,6 @@ process_add_identity(SocketEntry *e, int version)
613	int r = SSH_ERR_INTERNAL_ERROR;	463	int r = SSH_ERR_INTERNAL_ERROR;
614		464
615	switch (version) {	465	switch (version) {
616	#ifdef WITH_SSH1
617	case 1:
618	r = agent_decode_rsa1(e->request, &k);
619	break;
620	#endif /* WITH_SSH1 */
621	case 2:	466	case 2:
622	r = sshkey_private_deserialize(e->request, &k);	467	r = sshkey_private_deserialize(e->request, &k);
623	break;	468	break;
@@ -912,22 +757,6 @@ process_message(SocketEntry *e)
912	case SSH_AGENTC_UNLOCK:	757	case SSH_AGENTC_UNLOCK:
913	process_lock_agent(e, type == SSH_AGENTC_LOCK);	758	process_lock_agent(e, type == SSH_AGENTC_LOCK);
914	break;	759	break;
915	#ifdef WITH_SSH1
916	/* ssh1 */
917	case SSH_AGENTC_RSA_CHALLENGE:
918	process_authentication_challenge1(e);
919	break;
920	case SSH_AGENTC_REQUEST_RSA_IDENTITIES:
921	process_request_identities(e, 1);
922	break;
923	case SSH_AGENTC_ADD_RSA_IDENTITY:
924	case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED:
925	process_add_identity(e, 1);
926	break;
927	case SSH_AGENTC_REMOVE_RSA_IDENTITY:
928	process_remove_identity(e, 1);
929	break;
930	#endif
931	case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:	760	case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
932	process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */	761	process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */
933	break;	762	break;