summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2020-02-07 03:27:54 +0000
committerDamien Miller <djm@mindrot.org>2020-02-07 14:31:02 +1100
commitfd68dc27864b099b552a6d9d507ca4b83afd6a76 (patch)
tree802ef9ef60fab818d4c6701f962e5c608224f760 /ssh-keygen.c
parent96bd895a0a0b3a36f81c14db8c91513578fc5563 (diff)
upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more
than the intended number of prompts (3) and 2) it would SEGV too many incorrect PINs were entered; based on patch by Gabriel Kihlman OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r--ssh-keygen.c18
1 files changed, 12 insertions, 6 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index a6ba6cc7a..0d6ed1fff 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.397 2020/02/06 22:30:54 naddy Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.398 2020/02/07 03:27:54 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -3588,7 +3588,7 @@ main(int argc, char **argv)
3588 passphrase = NULL; 3588 passphrase = NULL;
3589 if ((attest = sshbuf_new()) == NULL) 3589 if ((attest = sshbuf_new()) == NULL)
3590 fatal("sshbuf_new failed"); 3590 fatal("sshbuf_new failed");
3591 for (i = 0 ; i < 3; i++) { 3591 for (i = 0 ; ; i++) {
3592 fflush(stdout); 3592 fflush(stdout);
3593 r = sshsk_enroll(type, sk_provider, sk_device, 3593 r = sshsk_enroll(type, sk_provider, sk_device,
3594 sk_application == NULL ? "ssh:" : sk_application, 3594 sk_application == NULL ? "ssh:" : sk_application,
@@ -3598,15 +3598,21 @@ main(int argc, char **argv)
3598 break; 3598 break;
3599 if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) 3599 if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
3600 fatal("Key enrollment failed: %s", ssh_err(r)); 3600 fatal("Key enrollment failed: %s", ssh_err(r));
3601 if (passphrase != NULL) 3601 else if (i > 0)
3602 error("PIN incorrect");
3603 if (passphrase != NULL) {
3602 freezero(passphrase, strlen(passphrase)); 3604 freezero(passphrase, strlen(passphrase));
3605 passphrase = NULL;
3606 }
3607 if (i >= 3)
3608 fatal("Too many incorrect PINs");
3603 passphrase = read_passphrase("Enter PIN for " 3609 passphrase = read_passphrase("Enter PIN for "
3604 "authenticator: ", RP_ALLOW_STDIN); 3610 "authenticator: ", RP_ALLOW_STDIN);
3605 } 3611 }
3606 if (passphrase != NULL) 3612 if (passphrase != NULL) {
3607 freezero(passphrase, strlen(passphrase)); 3613 freezero(passphrase, strlen(passphrase));
3608 if (i > 3) 3614 passphrase = NULL;
3609 fatal("Too many incorrect PINs"); 3615 }
3610 break; 3616 break;
3611 default: 3617 default:
3612 if ((r = sshkey_generate(type, bits, &private)) != 0) 3618 if ((r = sshkey_generate(type, bits, &private)) != 0)