diff options
author | markus@openbsd.org <markus@openbsd.org> | 2018-07-11 18:53:29 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-07-12 13:18:25 +1000 |
commit | 5467fbcb09528ecdcb914f4f2452216c24796790 (patch) | |
tree | 8fcef797ece697250f4c67d57a5063d6316fd203 /ssh.c | |
parent | 5dc4c59d5441a19c99e7945779f7ec9051126c25 (diff) |
upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
Diffstat (limited to 'ssh.c')
-rw-r--r-- | ssh.c | 145 |
1 files changed, 78 insertions, 67 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.482 2018/07/09 21:03:30 markus Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.483 2018/07/11 18:53:29 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -89,7 +89,7 @@ | |||
89 | #include "packet.h" | 89 | #include "packet.h" |
90 | #include "sshbuf.h" | 90 | #include "sshbuf.h" |
91 | #include "channels.h" | 91 | #include "channels.h" |
92 | #include "key.h" | 92 | #include "sshkey.h" |
93 | #include "authfd.h" | 93 | #include "authfd.h" |
94 | #include "authfile.h" | 94 | #include "authfile.h" |
95 | #include "pathnames.h" | 95 | #include "pathnames.h" |
@@ -504,6 +504,30 @@ resolve_canonicalize(char **hostp, int port) | |||
504 | } | 504 | } |
505 | 505 | ||
506 | /* | 506 | /* |
507 | * Check the result of hostkey loading, ignoring some errors and | ||
508 | * fatal()ing for others. | ||
509 | */ | ||
510 | static void | ||
511 | check_load(int r, const char *path, const char *message) | ||
512 | { | ||
513 | switch (r) { | ||
514 | case 0: | ||
515 | break; | ||
516 | case SSH_ERR_INTERNAL_ERROR: | ||
517 | case SSH_ERR_ALLOC_FAIL: | ||
518 | fatal("load %s \"%s\": %s", message, path, ssh_err(r)); | ||
519 | case SSH_ERR_SYSTEM_ERROR: | ||
520 | /* Ignore missing files */ | ||
521 | if (errno == ENOENT) | ||
522 | break; | ||
523 | /* FALLTHROUGH */ | ||
524 | default: | ||
525 | error("load %s \"%s\": %s", message, path, ssh_err(r)); | ||
526 | break; | ||
527 | } | ||
528 | } | ||
529 | |||
530 | /* | ||
507 | * Read per-user configuration file. Ignore the system wide config | 531 | * Read per-user configuration file. Ignore the system wide config |
508 | * file if the user specifies a config file on the command line. | 532 | * file if the user specifies a config file on the command line. |
509 | */ | 533 | */ |
@@ -1388,7 +1412,7 @@ main(int ac, char **av) | |||
1388 | 1412 | ||
1389 | /* | 1413 | /* |
1390 | * If we successfully made the connection, load the host private key | 1414 | * If we successfully made the connection, load the host private key |
1391 | * in case we will need it later for combined rsa-rhosts | 1415 | * in case we will need it later for hostbased |
1392 | * authentication. This must be done before releasing extra | 1416 | * authentication. This must be done before releasing extra |
1393 | * privileges, because the file is only readable by root. | 1417 | * privileges, because the file is only readable by root. |
1394 | * If we cannot access the private keys, load the public keys | 1418 | * If we cannot access the private keys, load the public keys |
@@ -1400,35 +1424,32 @@ main(int ac, char **av) | |||
1400 | if (options.hostbased_authentication) { | 1424 | if (options.hostbased_authentication) { |
1401 | sensitive_data.nkeys = 11; | 1425 | sensitive_data.nkeys = 11; |
1402 | sensitive_data.keys = xcalloc(sensitive_data.nkeys, | 1426 | sensitive_data.keys = xcalloc(sensitive_data.nkeys, |
1403 | sizeof(struct sshkey)); /* XXX */ | 1427 | sizeof(struct sshkey)); |
1404 | for (i = 0; i < sensitive_data.nkeys; i++) | 1428 | |
1405 | sensitive_data.keys[i] = NULL; | 1429 | /* XXX check errors? */ |
1430 | #define L_KEY(t,p,o) \ | ||
1431 | check_load(sshkey_load_private_type(t, p, "", \ | ||
1432 | &(sensitive_data.keys[o]), NULL, NULL), p, "key") | ||
1433 | #define L_KEYCERT(t,p,o) \ | ||
1434 | check_load(sshkey_load_private_cert(t, p, "", \ | ||
1435 | &(sensitive_data.keys[o]), NULL), p, "cert and key") | ||
1436 | #define L_PUBKEY(p,o) \ | ||
1437 | check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ | ||
1438 | p, "pubkey") | ||
1439 | #define L_CERT(p,o) \ | ||
1440 | check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert") | ||
1406 | 1441 | ||
1407 | PRIV_START; | 1442 | PRIV_START; |
1408 | #ifdef OPENSSL_HAS_ECC | 1443 | L_KEYCERT(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, 1); |
1409 | sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, | 1444 | L_KEYCERT(KEY_ED25519, _PATH_HOST_ED25519_KEY_FILE, 2); |
1410 | _PATH_HOST_ECDSA_KEY_FILE, "", NULL); | 1445 | L_KEYCERT(KEY_RSA, _PATH_HOST_RSA_KEY_FILE, 3); |
1411 | #endif | 1446 | L_KEYCERT(KEY_DSA, _PATH_HOST_DSA_KEY_FILE, 4); |
1412 | sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519, | 1447 | L_KEY(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, 5); |
1413 | _PATH_HOST_ED25519_KEY_FILE, "", NULL); | 1448 | L_KEY(KEY_ED25519, _PATH_HOST_ED25519_KEY_FILE, 6); |
1414 | sensitive_data.keys[3] = key_load_private_cert(KEY_RSA, | 1449 | L_KEY(KEY_RSA, _PATH_HOST_RSA_KEY_FILE, 7); |
1415 | _PATH_HOST_RSA_KEY_FILE, "", NULL); | 1450 | L_KEY(KEY_DSA, _PATH_HOST_DSA_KEY_FILE, 8); |
1416 | sensitive_data.keys[4] = key_load_private_cert(KEY_DSA, | 1451 | L_KEYCERT(KEY_XMSS, _PATH_HOST_XMSS_KEY_FILE, 9); |
1417 | _PATH_HOST_DSA_KEY_FILE, "", NULL); | 1452 | L_KEY(KEY_XMSS, _PATH_HOST_XMSS_KEY_FILE, 10); |
1418 | #ifdef OPENSSL_HAS_ECC | ||
1419 | sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA, | ||
1420 | _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL); | ||
1421 | #endif | ||
1422 | sensitive_data.keys[6] = key_load_private_type(KEY_ED25519, | ||
1423 | _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); | ||
1424 | sensitive_data.keys[7] = key_load_private_type(KEY_RSA, | ||
1425 | _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); | ||
1426 | sensitive_data.keys[8] = key_load_private_type(KEY_DSA, | ||
1427 | _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); | ||
1428 | sensitive_data.keys[9] = key_load_private_cert(KEY_XMSS, | ||
1429 | _PATH_HOST_XMSS_KEY_FILE, "", NULL); | ||
1430 | sensitive_data.keys[10] = key_load_private_type(KEY_XMSS, | ||
1431 | _PATH_HOST_XMSS_KEY_FILE, "", NULL, NULL); | ||
1432 | PRIV_END; | 1453 | PRIV_END; |
1433 | 1454 | ||
1434 | if (options.hostbased_authentication == 1 && | 1455 | if (options.hostbased_authentication == 1 && |
@@ -1437,31 +1458,18 @@ main(int ac, char **av) | |||
1437 | sensitive_data.keys[6] == NULL && | 1458 | sensitive_data.keys[6] == NULL && |
1438 | sensitive_data.keys[7] == NULL && | 1459 | sensitive_data.keys[7] == NULL && |
1439 | sensitive_data.keys[8] == NULL && | 1460 | sensitive_data.keys[8] == NULL && |
1440 | sensitive_data.keys[9] == NULL) { | 1461 | sensitive_data.keys[9] == NULL && |
1441 | #ifdef OPENSSL_HAS_ECC | 1462 | sensitive_data.keys[10] == NULL) { |
1442 | sensitive_data.keys[1] = key_load_cert( | 1463 | L_CERT(_PATH_HOST_ECDSA_KEY_FILE, 1); |
1443 | _PATH_HOST_ECDSA_KEY_FILE); | 1464 | L_CERT(_PATH_HOST_ED25519_KEY_FILE, 2); |
1444 | #endif | 1465 | L_CERT(_PATH_HOST_RSA_KEY_FILE, 3); |
1445 | sensitive_data.keys[2] = key_load_cert( | 1466 | L_CERT(_PATH_HOST_DSA_KEY_FILE, 4); |
1446 | _PATH_HOST_ED25519_KEY_FILE); | 1467 | L_PUBKEY(_PATH_HOST_ECDSA_KEY_FILE, 5); |
1447 | sensitive_data.keys[3] = key_load_cert( | 1468 | L_PUBKEY(_PATH_HOST_ED25519_KEY_FILE, 6); |
1448 | _PATH_HOST_RSA_KEY_FILE); | 1469 | L_PUBKEY(_PATH_HOST_RSA_KEY_FILE, 7); |
1449 | sensitive_data.keys[4] = key_load_cert( | 1470 | L_PUBKEY(_PATH_HOST_DSA_KEY_FILE, 8); |
1450 | _PATH_HOST_DSA_KEY_FILE); | 1471 | L_CERT(_PATH_HOST_XMSS_KEY_FILE, 9); |
1451 | #ifdef OPENSSL_HAS_ECC | 1472 | L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 10); |
1452 | sensitive_data.keys[5] = key_load_public( | ||
1453 | _PATH_HOST_ECDSA_KEY_FILE, NULL); | ||
1454 | #endif | ||
1455 | sensitive_data.keys[6] = key_load_public( | ||
1456 | _PATH_HOST_ED25519_KEY_FILE, NULL); | ||
1457 | sensitive_data.keys[7] = key_load_public( | ||
1458 | _PATH_HOST_RSA_KEY_FILE, NULL); | ||
1459 | sensitive_data.keys[8] = key_load_public( | ||
1460 | _PATH_HOST_DSA_KEY_FILE, NULL); | ||
1461 | sensitive_data.keys[9] = key_load_cert( | ||
1462 | _PATH_HOST_XMSS_KEY_FILE); | ||
1463 | sensitive_data.keys[10] = key_load_public( | ||
1464 | _PATH_HOST_XMSS_KEY_FILE, NULL); | ||
1465 | sensitive_data.external_keysign = 1; | 1473 | sensitive_data.external_keysign = 1; |
1466 | } | 1474 | } |
1467 | } | 1475 | } |
@@ -1546,7 +1554,7 @@ main(int ac, char **av) | |||
1546 | if (sensitive_data.keys[i] != NULL) { | 1554 | if (sensitive_data.keys[i] != NULL) { |
1547 | /* Destroys contents safely */ | 1555 | /* Destroys contents safely */ |
1548 | debug3("clear hostkey %d", i); | 1556 | debug3("clear hostkey %d", i); |
1549 | key_free(sensitive_data.keys[i]); | 1557 | sshkey_free(sensitive_data.keys[i]); |
1550 | sensitive_data.keys[i] = NULL; | 1558 | sensitive_data.keys[i] = NULL; |
1551 | } | 1559 | } |
1552 | } | 1560 | } |
@@ -1556,7 +1564,7 @@ main(int ac, char **av) | |||
1556 | free(options.identity_files[i]); | 1564 | free(options.identity_files[i]); |
1557 | options.identity_files[i] = NULL; | 1565 | options.identity_files[i] = NULL; |
1558 | if (options.identity_keys[i]) { | 1566 | if (options.identity_keys[i]) { |
1559 | key_free(options.identity_keys[i]); | 1567 | sshkey_free(options.identity_keys[i]); |
1560 | options.identity_keys[i] = NULL; | 1568 | options.identity_keys[i] = NULL; |
1561 | } | 1569 | } |
1562 | } | 1570 | } |
@@ -2050,7 +2058,7 @@ load_public_identity_files(struct passwd *pw) | |||
2050 | &keys)) > 0) { | 2058 | &keys)) > 0) { |
2051 | for (i = 0; i < nkeys; i++) { | 2059 | for (i = 0; i < nkeys; i++) { |
2052 | if (n_ids >= SSH_MAX_IDENTITY_FILES) { | 2060 | if (n_ids >= SSH_MAX_IDENTITY_FILES) { |
2053 | key_free(keys[i]); | 2061 | sshkey_free(keys[i]); |
2054 | continue; | 2062 | continue; |
2055 | } | 2063 | } |
2056 | identity_keys[n_ids] = keys[i]; | 2064 | identity_keys[n_ids] = keys[i]; |
@@ -2076,7 +2084,8 @@ load_public_identity_files(struct passwd *pw) | |||
2076 | "u", pw->pw_name, "l", thishost, "h", host, | 2084 | "u", pw->pw_name, "l", thishost, "h", host, |
2077 | "r", options.user, (char *)NULL); | 2085 | "r", options.user, (char *)NULL); |
2078 | free(cp); | 2086 | free(cp); |
2079 | public = key_load_public(filename, NULL); | 2087 | check_load(sshkey_load_public(filename, &public, NULL), |
2088 | filename, "pubkey"); | ||
2080 | debug("identity file %s type %d", filename, | 2089 | debug("identity file %s type %d", filename, |
2081 | public ? public->type : -1); | 2090 | public ? public->type : -1); |
2082 | free(options.identity_files[i]); | 2091 | free(options.identity_files[i]); |
@@ -2093,17 +2102,18 @@ load_public_identity_files(struct passwd *pw) | |||
2093 | if (options.num_certificate_files != 0) | 2102 | if (options.num_certificate_files != 0) |
2094 | continue; | 2103 | continue; |
2095 | xasprintf(&cp, "%s-cert", filename); | 2104 | xasprintf(&cp, "%s-cert", filename); |
2096 | public = key_load_public(cp, NULL); | 2105 | check_load(sshkey_load_public(cp, &public, NULL), |
2106 | filename, "pubkey"); | ||
2097 | debug("identity file %s type %d", cp, | 2107 | debug("identity file %s type %d", cp, |
2098 | public ? public->type : -1); | 2108 | public ? public->type : -1); |
2099 | if (public == NULL) { | 2109 | if (public == NULL) { |
2100 | free(cp); | 2110 | free(cp); |
2101 | continue; | 2111 | continue; |
2102 | } | 2112 | } |
2103 | if (!key_is_cert(public)) { | 2113 | if (!sshkey_is_cert(public)) { |
2104 | debug("%s: key %s type %s is not a certificate", | 2114 | debug("%s: key %s type %s is not a certificate", |
2105 | __func__, cp, key_type(public)); | 2115 | __func__, cp, sshkey_type(public)); |
2106 | key_free(public); | 2116 | sshkey_free(public); |
2107 | free(cp); | 2117 | free(cp); |
2108 | continue; | 2118 | continue; |
2109 | } | 2119 | } |
@@ -2128,7 +2138,8 @@ load_public_identity_files(struct passwd *pw) | |||
2128 | (char *)NULL); | 2138 | (char *)NULL); |
2129 | free(cp); | 2139 | free(cp); |
2130 | 2140 | ||
2131 | public = key_load_public(filename, NULL); | 2141 | check_load(sshkey_load_public(filename, &public, NULL), |
2142 | filename, "certificate"); | ||
2132 | debug("certificate file %s type %d", filename, | 2143 | debug("certificate file %s type %d", filename, |
2133 | public ? public->type : -1); | 2144 | public ? public->type : -1); |
2134 | free(options.certificate_files[i]); | 2145 | free(options.certificate_files[i]); |
@@ -2137,10 +2148,10 @@ load_public_identity_files(struct passwd *pw) | |||
2137 | free(filename); | 2148 | free(filename); |
2138 | continue; | 2149 | continue; |
2139 | } | 2150 | } |
2140 | if (!key_is_cert(public)) { | 2151 | if (!sshkey_is_cert(public)) { |
2141 | debug("%s: key %s type %s is not a certificate", | 2152 | debug("%s: key %s type %s is not a certificate", |
2142 | __func__, filename, key_type(public)); | 2153 | __func__, filename, sshkey_type(public)); |
2143 | key_free(public); | 2154 | sshkey_free(public); |
2144 | free(filename); | 2155 | free(filename); |
2145 | continue; | 2156 | continue; |
2146 | } | 2157 | } |