diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-11-25 00:54:23 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-11-25 12:23:40 +1100 |
| commit | 2e71263b80fec7ad977e098004fef7d122169d40 (patch) | |
| tree | b4eef0768ef7fb69c0acdfad6a9d63762791d6f6 /ssh-keygen.c | |
| parent | 0fddf2967ac51d518e300408a0d7e6adf4cd2634 (diff) | |
upstream: add a "no-touch-required" option for authorized_keys and
a similar extension for certificates. This option disables the default
requirement that security key signatures attest that the user touched their
key to authorize them.
feedback deraadt, ok markus
OpenBSD-Commit-ID: f1fb56151ba68d55d554d0f6d3d4dba0cf1a452e
Diffstat (limited to 'ssh-keygen.c')
| -rw-r--r-- | ssh-keygen.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 08dd7cb8a..16d196fc8 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keygen.c,v 1.370 2019/11/25 00:51:37 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.371 2019/11/25 00:54:23 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -120,11 +120,12 @@ static u_int64_t cert_valid_from = 0; | |||
| 120 | static u_int64_t cert_valid_to = ~0ULL; | 120 | static u_int64_t cert_valid_to = ~0ULL; |
| 121 | 121 | ||
| 122 | /* Certificate options */ | 122 | /* Certificate options */ |
| 123 | #define CERTOPT_X_FWD (1) | 123 | #define CERTOPT_X_FWD (1) |
| 124 | #define CERTOPT_AGENT_FWD (1<<1) | 124 | #define CERTOPT_AGENT_FWD (1<<1) |
| 125 | #define CERTOPT_PORT_FWD (1<<2) | 125 | #define CERTOPT_PORT_FWD (1<<2) |
| 126 | #define CERTOPT_PTY (1<<3) | 126 | #define CERTOPT_PTY (1<<3) |
| 127 | #define CERTOPT_USER_RC (1<<4) | 127 | #define CERTOPT_USER_RC (1<<4) |
| 128 | #define CERTOPT_NO_REQUIRE_USER_PRESENCE (1<<5) | ||
| 128 | #define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \ | 129 | #define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \ |
| 129 | CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC) | 130 | CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC) |
| 130 | static u_int32_t certflags_flags = CERTOPT_DEFAULT; | 131 | static u_int32_t certflags_flags = CERTOPT_DEFAULT; |
| @@ -1666,6 +1667,9 @@ prepare_options_buf(struct sshbuf *c, int which) | |||
| 1666 | (certflags_flags & CERTOPT_USER_RC) != 0) | 1667 | (certflags_flags & CERTOPT_USER_RC) != 0) |
| 1667 | add_flag_option(c, "permit-user-rc"); | 1668 | add_flag_option(c, "permit-user-rc"); |
| 1668 | if ((which & OPTIONS_CRITICAL) != 0 && | 1669 | if ((which & OPTIONS_CRITICAL) != 0 && |
| 1670 | (certflags_flags & CERTOPT_NO_REQUIRE_USER_PRESENCE) != 0) | ||
| 1671 | add_flag_option(c, "no-touch-required"); | ||
| 1672 | if ((which & OPTIONS_CRITICAL) != 0 && | ||
| 1669 | certflags_src_addr != NULL) | 1673 | certflags_src_addr != NULL) |
| 1670 | add_string_option(c, "source-address", certflags_src_addr); | 1674 | add_string_option(c, "source-address", certflags_src_addr); |
| 1671 | for (i = 0; i < ncert_userext; i++) { | 1675 | for (i = 0; i < ncert_userext; i++) { |
| @@ -1967,6 +1971,10 @@ add_cert_option(char *opt) | |||
| 1967 | certflags_flags &= ~CERTOPT_USER_RC; | 1971 | certflags_flags &= ~CERTOPT_USER_RC; |
| 1968 | else if (strcasecmp(opt, "permit-user-rc") == 0) | 1972 | else if (strcasecmp(opt, "permit-user-rc") == 0) |
| 1969 | certflags_flags |= CERTOPT_USER_RC; | 1973 | certflags_flags |= CERTOPT_USER_RC; |
| 1974 | else if (strcasecmp(opt, "touch-required") == 0) | ||
| 1975 | certflags_flags &= ~CERTOPT_NO_REQUIRE_USER_PRESENCE; | ||
| 1976 | else if (strcasecmp(opt, "no-touch-required") == 0) | ||
| 1977 | certflags_flags |= CERTOPT_NO_REQUIRE_USER_PRESENCE; | ||
| 1970 | else if (strncasecmp(opt, "force-command=", 14) == 0) { | 1978 | else if (strncasecmp(opt, "force-command=", 14) == 0) { |
| 1971 | val = opt + 14; | 1979 | val = opt + 14; |
| 1972 | if (*val == '\0') | 1980 | if (*val == '\0') |
| @@ -2020,9 +2028,10 @@ show_options(struct sshbuf *optbuf, int in_critical) | |||
| 2020 | strcmp(name, "permit-agent-forwarding") == 0 || | 2028 | strcmp(name, "permit-agent-forwarding") == 0 || |
| 2021 | strcmp(name, "permit-port-forwarding") == 0 || | 2029 | strcmp(name, "permit-port-forwarding") == 0 || |
| 2022 | strcmp(name, "permit-pty") == 0 || | 2030 | strcmp(name, "permit-pty") == 0 || |
| 2023 | strcmp(name, "permit-user-rc") == 0)) | 2031 | strcmp(name, "permit-user-rc") == 0 || |
| 2032 | strcmp(name, "no-touch-required") == 0)) { | ||
| 2024 | printf("\n"); | 2033 | printf("\n"); |
| 2025 | else if (in_critical && | 2034 | } else if (in_critical && |
| 2026 | (strcmp(name, "force-command") == 0 || | 2035 | (strcmp(name, "force-command") == 0 || |
| 2027 | strcmp(name, "source-address") == 0)) { | 2036 | strcmp(name, "source-address") == 0)) { |
| 2028 | if ((r = sshbuf_get_cstring(option, &arg, NULL)) != 0) | 2037 | if ((r = sshbuf_get_cstring(option, &arg, NULL)) != 0) |