diff options
| author | Colin Watson <cjwatson@debian.org> | 2018-08-24 12:49:36 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2018-08-30 00:57:27 +0100 |
| commit | 816386e17654ca36834bebbf351419e460fad8f6 (patch) | |
| tree | 3dc79d831cb73bc25b92f5a4d18f8e328c0c570a /sshd.c | |
| parent | 3e6f76c7039d3df22b1d0a3a5f30150efb09b69d (diff) | |
| parent | 16a47fc4b04977a14f44dd433c8da1499fa80671 (diff) | |
New upstream release (7.8p1)
Closes: #907534
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 232 |
1 files changed, 143 insertions, 89 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshd.c,v 1.506 2018/03/03 03:15:51 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.514 2018/08/13 02:41:05 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -95,7 +95,7 @@ | |||
| 95 | #include "sshpty.h" | 95 | #include "sshpty.h" |
| 96 | #include "packet.h" | 96 | #include "packet.h" |
| 97 | #include "log.h" | 97 | #include "log.h" |
| 98 | #include "buffer.h" | 98 | #include "sshbuf.h" |
| 99 | #include "misc.h" | 99 | #include "misc.h" |
| 100 | #include "match.h" | 100 | #include "match.h" |
| 101 | #include "servconf.h" | 101 | #include "servconf.h" |
| @@ -103,7 +103,7 @@ | |||
| 103 | #include "compat.h" | 103 | #include "compat.h" |
| 104 | #include "cipher.h" | 104 | #include "cipher.h" |
| 105 | #include "digest.h" | 105 | #include "digest.h" |
| 106 | #include "key.h" | 106 | #include "sshkey.h" |
| 107 | #include "kex.h" | 107 | #include "kex.h" |
| 108 | #include "myproposal.h" | 108 | #include "myproposal.h" |
| 109 | #include "authfile.h" | 109 | #include "authfile.h" |
| @@ -252,10 +252,10 @@ Authctxt *the_authctxt = NULL; | |||
| 252 | struct sshauthopt *auth_opts = NULL; | 252 | struct sshauthopt *auth_opts = NULL; |
| 253 | 253 | ||
| 254 | /* sshd_config buffer */ | 254 | /* sshd_config buffer */ |
| 255 | Buffer cfg; | 255 | struct sshbuf *cfg; |
| 256 | 256 | ||
| 257 | /* message to be displayed after login */ | 257 | /* message to be displayed after login */ |
| 258 | Buffer loginmsg; | 258 | struct sshbuf *loginmsg; |
| 259 | 259 | ||
| 260 | /* Unprivileged user */ | 260 | /* Unprivileged user */ |
| 261 | struct passwd *privsep_pw = NULL; | 261 | struct passwd *privsep_pw = NULL; |
| @@ -489,11 +489,11 @@ destroy_sensitive_data(void) | |||
| 489 | 489 | ||
| 490 | for (i = 0; i < options.num_host_key_files; i++) { | 490 | for (i = 0; i < options.num_host_key_files; i++) { |
| 491 | if (sensitive_data.host_keys[i]) { | 491 | if (sensitive_data.host_keys[i]) { |
| 492 | key_free(sensitive_data.host_keys[i]); | 492 | sshkey_free(sensitive_data.host_keys[i]); |
| 493 | sensitive_data.host_keys[i] = NULL; | 493 | sensitive_data.host_keys[i] = NULL; |
| 494 | } | 494 | } |
| 495 | if (sensitive_data.host_certificates[i]) { | 495 | if (sensitive_data.host_certificates[i]) { |
| 496 | key_free(sensitive_data.host_certificates[i]); | 496 | sshkey_free(sensitive_data.host_certificates[i]); |
| 497 | sensitive_data.host_certificates[i] = NULL; | 497 | sensitive_data.host_certificates[i] = NULL; |
| 498 | } | 498 | } |
| 499 | } | 499 | } |
| @@ -505,11 +505,16 @@ demote_sensitive_data(void) | |||
| 505 | { | 505 | { |
| 506 | struct sshkey *tmp; | 506 | struct sshkey *tmp; |
| 507 | u_int i; | 507 | u_int i; |
| 508 | int r; | ||
| 508 | 509 | ||
| 509 | for (i = 0; i < options.num_host_key_files; i++) { | 510 | for (i = 0; i < options.num_host_key_files; i++) { |
| 510 | if (sensitive_data.host_keys[i]) { | 511 | if (sensitive_data.host_keys[i]) { |
| 511 | tmp = key_demote(sensitive_data.host_keys[i]); | 512 | if ((r = sshkey_demote(sensitive_data.host_keys[i], |
| 512 | key_free(sensitive_data.host_keys[i]); | 513 | &tmp)) != 0) |
| 514 | fatal("could not demote host %s key: %s", | ||
| 515 | sshkey_type(sensitive_data.host_keys[i]), | ||
| 516 | ssh_err(r)); | ||
| 517 | sshkey_free(sensitive_data.host_keys[i]); | ||
| 513 | sensitive_data.host_keys[i] = tmp; | 518 | sensitive_data.host_keys[i] = tmp; |
| 514 | } | 519 | } |
| 515 | /* Certs do not need demotion */ | 520 | /* Certs do not need demotion */ |
| @@ -665,7 +670,7 @@ privsep_postauth(Authctxt *authctxt) | |||
| 665 | fatal("fork of unprivileged child failed"); | 670 | fatal("fork of unprivileged child failed"); |
| 666 | else if (pmonitor->m_pid != 0) { | 671 | else if (pmonitor->m_pid != 0) { |
| 667 | verbose("User child is on pid %ld", (long)pmonitor->m_pid); | 672 | verbose("User child is on pid %ld", (long)pmonitor->m_pid); |
| 668 | buffer_clear(&loginmsg); | 673 | sshbuf_reset(loginmsg); |
| 669 | monitor_clear_keystate(pmonitor); | 674 | monitor_clear_keystate(pmonitor); |
| 670 | monitor_child_postauth(pmonitor); | 675 | monitor_child_postauth(pmonitor); |
| 671 | 676 | ||
| @@ -697,45 +702,47 @@ privsep_postauth(Authctxt *authctxt) | |||
| 697 | packet_set_authenticated(); | 702 | packet_set_authenticated(); |
| 698 | } | 703 | } |
| 699 | 704 | ||
| 705 | static void | ||
| 706 | append_hostkey_type(struct sshbuf *b, const char *s) | ||
| 707 | { | ||
| 708 | int r; | ||
| 709 | |||
| 710 | if (match_pattern_list(s, options.hostkeyalgorithms, 0) != 1) { | ||
| 711 | debug3("%s: %s key not permitted by HostkeyAlgorithms", | ||
| 712 | __func__, s); | ||
| 713 | return; | ||
| 714 | } | ||
| 715 | if ((r = sshbuf_putf(b, "%s%s", sshbuf_len(b) > 0 ? "," : "", s)) != 0) | ||
| 716 | fatal("%s: sshbuf_putf: %s", __func__, ssh_err(r)); | ||
| 717 | } | ||
| 718 | |||
| 700 | static char * | 719 | static char * |
| 701 | list_hostkey_types(void) | 720 | list_hostkey_types(void) |
| 702 | { | 721 | { |
| 703 | Buffer b; | 722 | struct sshbuf *b; |
| 704 | const char *p; | 723 | struct sshkey *key; |
| 705 | char *ret; | 724 | char *ret; |
| 706 | u_int i; | 725 | u_int i; |
| 707 | struct sshkey *key; | ||
| 708 | 726 | ||
| 709 | buffer_init(&b); | 727 | if ((b = sshbuf_new()) == NULL) |
| 728 | fatal("%s: sshbuf_new failed", __func__); | ||
| 710 | for (i = 0; i < options.num_host_key_files; i++) { | 729 | for (i = 0; i < options.num_host_key_files; i++) { |
| 711 | key = sensitive_data.host_keys[i]; | 730 | key = sensitive_data.host_keys[i]; |
| 712 | if (key == NULL) | 731 | if (key == NULL) |
| 713 | key = sensitive_data.host_pubkeys[i]; | 732 | key = sensitive_data.host_pubkeys[i]; |
| 714 | if (key == NULL) | 733 | if (key == NULL) |
| 715 | continue; | 734 | continue; |
| 716 | /* Check that the key is accepted in HostkeyAlgorithms */ | ||
| 717 | if (match_pattern_list(sshkey_ssh_name(key), | ||
| 718 | options.hostkeyalgorithms, 0) != 1) { | ||
| 719 | debug3("%s: %s key not permitted by HostkeyAlgorithms", | ||
| 720 | __func__, sshkey_ssh_name(key)); | ||
| 721 | continue; | ||
| 722 | } | ||
| 723 | switch (key->type) { | 735 | switch (key->type) { |
| 724 | case KEY_RSA: | 736 | case KEY_RSA: |
| 737 | /* for RSA we also support SHA2 signatures */ | ||
| 738 | append_hostkey_type(b, "rsa-sha2-512"); | ||
| 739 | append_hostkey_type(b, "rsa-sha2-256"); | ||
| 740 | /* FALLTHROUGH */ | ||
| 725 | case KEY_DSA: | 741 | case KEY_DSA: |
| 726 | case KEY_ECDSA: | 742 | case KEY_ECDSA: |
| 727 | case KEY_ED25519: | 743 | case KEY_ED25519: |
| 728 | case KEY_XMSS: | 744 | case KEY_XMSS: |
| 729 | if (buffer_len(&b) > 0) | 745 | append_hostkey_type(b, sshkey_ssh_name(key)); |
| 730 | buffer_append(&b, ",", 1); | ||
| 731 | p = key_ssh_name(key); | ||
| 732 | buffer_append(&b, p, strlen(p)); | ||
| 733 | |||
| 734 | /* for RSA we also support SHA2 signatures */ | ||
| 735 | if (key->type == KEY_RSA) { | ||
| 736 | p = ",rsa-sha2-512,rsa-sha2-256"; | ||
| 737 | buffer_append(&b, p, strlen(p)); | ||
| 738 | } | ||
| 739 | break; | 746 | break; |
| 740 | } | 747 | } |
| 741 | /* If the private key has a cert peer, then list that too */ | 748 | /* If the private key has a cert peer, then list that too */ |
| @@ -744,21 +751,24 @@ list_hostkey_types(void) | |||
| 744 | continue; | 751 | continue; |
| 745 | switch (key->type) { | 752 | switch (key->type) { |
| 746 | case KEY_RSA_CERT: | 753 | case KEY_RSA_CERT: |
| 754 | /* for RSA we also support SHA2 signatures */ | ||
| 755 | append_hostkey_type(b, | ||
| 756 | "rsa-sha2-512-cert-v01@openssh.com"); | ||
| 757 | append_hostkey_type(b, | ||
| 758 | "rsa-sha2-256-cert-v01@openssh.com"); | ||
| 759 | /* FALLTHROUGH */ | ||
| 747 | case KEY_DSA_CERT: | 760 | case KEY_DSA_CERT: |
| 748 | case KEY_ECDSA_CERT: | 761 | case KEY_ECDSA_CERT: |
| 749 | case KEY_ED25519_CERT: | 762 | case KEY_ED25519_CERT: |
| 750 | case KEY_XMSS_CERT: | 763 | case KEY_XMSS_CERT: |
| 751 | if (buffer_len(&b) > 0) | 764 | append_hostkey_type(b, sshkey_ssh_name(key)); |
| 752 | buffer_append(&b, ",", 1); | ||
| 753 | p = key_ssh_name(key); | ||
| 754 | buffer_append(&b, p, strlen(p)); | ||
| 755 | break; | 765 | break; |
| 756 | } | 766 | } |
| 757 | } | 767 | } |
| 758 | if ((ret = sshbuf_dup_string(&b)) == NULL) | 768 | if ((ret = sshbuf_dup_string(b)) == NULL) |
| 759 | fatal("%s: sshbuf_dup_string failed", __func__); | 769 | fatal("%s: sshbuf_dup_string failed", __func__); |
| 760 | buffer_free(&b); | 770 | sshbuf_free(b); |
| 761 | debug("list_hostkey_types: %s", ret); | 771 | debug("%s: %s", __func__, ret); |
| 762 | return ret; | 772 | return ret; |
| 763 | } | 773 | } |
| 764 | 774 | ||
| @@ -825,7 +835,7 @@ get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh) | |||
| 825 | u_int i; | 835 | u_int i; |
| 826 | 836 | ||
| 827 | for (i = 0; i < options.num_host_key_files; i++) { | 837 | for (i = 0; i < options.num_host_key_files; i++) { |
| 828 | if (key_is_cert(key)) { | 838 | if (sshkey_is_cert(key)) { |
| 829 | if (key == sensitive_data.host_certificates[i] || | 839 | if (key == sensitive_data.host_certificates[i] || |
| 830 | (compare && sensitive_data.host_certificates[i] && | 840 | (compare && sensitive_data.host_certificates[i] && |
| 831 | sshkey_equal(key, | 841 | sshkey_equal(key, |
| @@ -969,31 +979,33 @@ send_rexec_state(int fd, struct sshbuf *conf) | |||
| 969 | } | 979 | } |
| 970 | 980 | ||
| 971 | static void | 981 | static void |
| 972 | recv_rexec_state(int fd, Buffer *conf) | 982 | recv_rexec_state(int fd, struct sshbuf *conf) |
| 973 | { | 983 | { |
| 974 | Buffer m; | 984 | struct sshbuf *m; |
| 975 | char *cp; | 985 | u_char *cp, ver; |
| 976 | u_int len; | 986 | size_t len; |
| 987 | int r; | ||
| 977 | 988 | ||
| 978 | debug3("%s: entering fd = %d", __func__, fd); | 989 | debug3("%s: entering fd = %d", __func__, fd); |
| 979 | 990 | ||
| 980 | buffer_init(&m); | 991 | if ((m = sshbuf_new()) == NULL) |
| 981 | 992 | fatal("%s: sshbuf_new failed", __func__); | |
| 982 | if (ssh_msg_recv(fd, &m) == -1) | 993 | if (ssh_msg_recv(fd, m) == -1) |
| 983 | fatal("%s: ssh_msg_recv failed", __func__); | 994 | fatal("%s: ssh_msg_recv failed", __func__); |
| 984 | if (buffer_get_char(&m) != 0) | 995 | if ((r = sshbuf_get_u8(m, &ver)) != 0) |
| 996 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
| 997 | if (ver != 0) | ||
| 985 | fatal("%s: rexec version mismatch", __func__); | 998 | fatal("%s: rexec version mismatch", __func__); |
| 986 | 999 | if ((r = sshbuf_get_string(m, &cp, &len)) != 0) | |
| 987 | cp = buffer_get_string(&m, &len); | 1000 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| 988 | if (conf != NULL) | 1001 | if (conf != NULL && (r = sshbuf_put(conf, cp, len))) |
| 989 | buffer_append(conf, cp, len); | 1002 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| 990 | free(cp); | ||
| 991 | |||
| 992 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) | 1003 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) |
| 993 | rexec_recv_rng_seed(&m); | 1004 | rexec_recv_rng_seed(m); |
| 994 | #endif | 1005 | #endif |
| 995 | 1006 | ||
| 996 | buffer_free(&m); | 1007 | free(cp); |
| 1008 | sshbuf_free(m); | ||
| 997 | 1009 | ||
| 998 | debug3("%s: done", __func__); | 1010 | debug3("%s: done", __func__); |
| 999 | } | 1011 | } |
| @@ -1274,8 +1286,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
| 1274 | startup_pipe = -1; | 1286 | startup_pipe = -1; |
| 1275 | pid = getpid(); | 1287 | pid = getpid(); |
| 1276 | if (rexec_flag) { | 1288 | if (rexec_flag) { |
| 1277 | send_rexec_state(config_s[0], | 1289 | send_rexec_state(config_s[0], cfg); |
| 1278 | &cfg); | ||
| 1279 | close(config_s[0]); | 1290 | close(config_s[0]); |
| 1280 | } | 1291 | } |
| 1281 | break; | 1292 | break; |
| @@ -1321,7 +1332,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
| 1321 | close(startup_p[1]); | 1332 | close(startup_p[1]); |
| 1322 | 1333 | ||
| 1323 | if (rexec_flag) { | 1334 | if (rexec_flag) { |
| 1324 | send_rexec_state(config_s[0], &cfg); | 1335 | send_rexec_state(config_s[0], cfg); |
| 1325 | close(config_s[0]); | 1336 | close(config_s[0]); |
| 1326 | close(config_s[1]); | 1337 | close(config_s[1]); |
| 1327 | } | 1338 | } |
| @@ -1352,7 +1363,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
| 1352 | * return an error if any are found). Basically we are worried about | 1363 | * return an error if any are found). Basically we are worried about |
| 1353 | * source routing; it can be used to pretend you are somebody | 1364 | * source routing; it can be used to pretend you are somebody |
| 1354 | * (ip-address) you are not. That itself may be "almost acceptable" | 1365 | * (ip-address) you are not. That itself may be "almost acceptable" |
| 1355 | * under certain circumstances, but rhosts autentication is useless | 1366 | * under certain circumstances, but rhosts authentication is useless |
| 1356 | * if source routing is accepted. Notice also that if we just dropped | 1367 | * if source routing is accepted. Notice also that if we just dropped |
| 1357 | * source routing here, the other side could use IP spoofing to do | 1368 | * source routing here, the other side could use IP spoofing to do |
| 1358 | * rest of the interaction and could still bypass security. So we | 1369 | * rest of the interaction and could still bypass security. So we |
| @@ -1429,6 +1440,43 @@ set_process_rdomain(struct ssh *ssh, const char *name) | |||
| 1429 | #endif | 1440 | #endif |
| 1430 | } | 1441 | } |
| 1431 | 1442 | ||
| 1443 | static void | ||
| 1444 | accumulate_host_timing_secret(struct sshbuf *server_cfg, | ||
| 1445 | const struct sshkey *key) | ||
| 1446 | { | ||
| 1447 | static struct ssh_digest_ctx *ctx; | ||
| 1448 | u_char *hash; | ||
| 1449 | size_t len; | ||
| 1450 | struct sshbuf *buf; | ||
| 1451 | int r; | ||
| 1452 | |||
| 1453 | if (ctx == NULL && (ctx = ssh_digest_start(SSH_DIGEST_SHA512)) == NULL) | ||
| 1454 | fatal("%s: ssh_digest_start", __func__); | ||
| 1455 | if (key == NULL) { /* finalize */ | ||
| 1456 | /* add server config in case we are using agent for host keys */ | ||
| 1457 | if (ssh_digest_update(ctx, sshbuf_ptr(server_cfg), | ||
| 1458 | sshbuf_len(server_cfg)) != 0) | ||
| 1459 | fatal("%s: ssh_digest_update", __func__); | ||
| 1460 | len = ssh_digest_bytes(SSH_DIGEST_SHA512); | ||
| 1461 | hash = xmalloc(len); | ||
| 1462 | if (ssh_digest_final(ctx, hash, len) != 0) | ||
| 1463 | fatal("%s: ssh_digest_final", __func__); | ||
| 1464 | options.timing_secret = PEEK_U64(hash); | ||
| 1465 | freezero(hash, len); | ||
| 1466 | ssh_digest_free(ctx); | ||
| 1467 | ctx = NULL; | ||
| 1468 | return; | ||
| 1469 | } | ||
| 1470 | if ((buf = sshbuf_new()) == NULL) | ||
| 1471 | fatal("%s could not allocate buffer", __func__); | ||
| 1472 | if ((r = sshkey_private_serialize(key, buf)) != 0) | ||
| 1473 | fatal("sshkey_private_serialize: %s", ssh_err(r)); | ||
| 1474 | if (ssh_digest_update(ctx, sshbuf_ptr(buf), sshbuf_len(buf)) != 0) | ||
| 1475 | fatal("%s: ssh_digest_update", __func__); | ||
| 1476 | sshbuf_reset(buf); | ||
| 1477 | sshbuf_free(buf); | ||
| 1478 | } | ||
| 1479 | |||
| 1432 | /* | 1480 | /* |
| 1433 | * Main program for the daemon. | 1481 | * Main program for the daemon. |
| 1434 | */ | 1482 | */ |
| @@ -1636,14 +1684,15 @@ main(int ac, char **av) | |||
| 1636 | "test mode (-T)"); | 1684 | "test mode (-T)"); |
| 1637 | 1685 | ||
| 1638 | /* Fetch our configuration */ | 1686 | /* Fetch our configuration */ |
| 1639 | buffer_init(&cfg); | 1687 | if ((cfg = sshbuf_new()) == NULL) |
| 1688 | fatal("%s: sshbuf_new failed", __func__); | ||
| 1640 | if (rexeced_flag) | 1689 | if (rexeced_flag) |
| 1641 | recv_rexec_state(REEXEC_CONFIG_PASS_FD, &cfg); | 1690 | recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg); |
| 1642 | else if (strcasecmp(config_file_name, "none") != 0) | 1691 | else if (strcasecmp(config_file_name, "none") != 0) |
| 1643 | load_server_config(config_file_name, &cfg); | 1692 | load_server_config(config_file_name, cfg); |
| 1644 | 1693 | ||
| 1645 | parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, | 1694 | parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, |
| 1646 | &cfg, NULL); | 1695 | cfg, NULL); |
| 1647 | 1696 | ||
| 1648 | seed_rng(); | 1697 | seed_rng(); |
| 1649 | 1698 | ||
| @@ -1730,11 +1779,18 @@ main(int ac, char **av) | |||
| 1730 | for (i = 0; i < options.num_host_key_files; i++) { | 1779 | for (i = 0; i < options.num_host_key_files; i++) { |
| 1731 | if (options.host_key_files[i] == NULL) | 1780 | if (options.host_key_files[i] == NULL) |
| 1732 | continue; | 1781 | continue; |
| 1733 | key = key_load_private(options.host_key_files[i], "", NULL); | 1782 | if ((r = sshkey_load_private(options.host_key_files[i], "", |
| 1734 | pubkey = key_load_public(options.host_key_files[i], NULL); | 1783 | &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) |
| 1735 | 1784 | error("Error loading host key \"%s\": %s", | |
| 1785 | options.host_key_files[i], ssh_err(r)); | ||
| 1786 | if ((r = sshkey_load_public(options.host_key_files[i], | ||
| 1787 | &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) | ||
| 1788 | error("Error loading host key \"%s\": %s", | ||
| 1789 | options.host_key_files[i], ssh_err(r)); | ||
| 1736 | if (pubkey == NULL && key != NULL) | 1790 | if (pubkey == NULL && key != NULL) |
| 1737 | pubkey = key_demote(key); | 1791 | if ((r = sshkey_demote(key, &pubkey)) != 0) |
| 1792 | fatal("Could not demote key: \"%s\": %s", | ||
| 1793 | options.host_key_files[i], ssh_err(r)); | ||
| 1738 | sensitive_data.host_keys[i] = key; | 1794 | sensitive_data.host_keys[i] = key; |
| 1739 | sensitive_data.host_pubkeys[i] = pubkey; | 1795 | sensitive_data.host_pubkeys[i] = pubkey; |
| 1740 | 1796 | ||
| @@ -1744,6 +1800,7 @@ main(int ac, char **av) | |||
| 1744 | keytype = pubkey->type; | 1800 | keytype = pubkey->type; |
| 1745 | } else if (key != NULL) { | 1801 | } else if (key != NULL) { |
| 1746 | keytype = key->type; | 1802 | keytype = key->type; |
| 1803 | accumulate_host_timing_secret(cfg, key); | ||
| 1747 | } else { | 1804 | } else { |
| 1748 | error("Could not load host key: %s", | 1805 | error("Could not load host key: %s", |
| 1749 | options.host_key_files[i]); | 1806 | options.host_key_files[i]); |
| @@ -1769,6 +1826,7 @@ main(int ac, char **av) | |||
| 1769 | key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp); | 1826 | key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp); |
| 1770 | free(fp); | 1827 | free(fp); |
| 1771 | } | 1828 | } |
| 1829 | accumulate_host_timing_secret(cfg, NULL); | ||
| 1772 | #ifndef GSSAPI | 1830 | #ifndef GSSAPI |
| 1773 | /* The GSSAPI key exchange can run without a host key */ | 1831 | /* The GSSAPI key exchange can run without a host key */ |
| 1774 | if (!sensitive_data.have_ssh2_key) { | 1832 | if (!sensitive_data.have_ssh2_key) { |
| @@ -1789,21 +1847,21 @@ main(int ac, char **av) | |||
| 1789 | for (i = 0; i < options.num_host_cert_files; i++) { | 1847 | for (i = 0; i < options.num_host_cert_files; i++) { |
| 1790 | if (options.host_cert_files[i] == NULL) | 1848 | if (options.host_cert_files[i] == NULL) |
| 1791 | continue; | 1849 | continue; |
| 1792 | key = key_load_public(options.host_cert_files[i], NULL); | 1850 | if ((r = sshkey_load_public(options.host_cert_files[i], |
| 1793 | if (key == NULL) { | 1851 | &key, NULL)) != 0) { |
| 1794 | error("Could not load host certificate: %s", | 1852 | error("Could not load host certificate \"%s\": %s", |
| 1795 | options.host_cert_files[i]); | 1853 | options.host_cert_files[i], ssh_err(r)); |
| 1796 | continue; | 1854 | continue; |
| 1797 | } | 1855 | } |
| 1798 | if (!key_is_cert(key)) { | 1856 | if (!sshkey_is_cert(key)) { |
| 1799 | error("Certificate file is not a certificate: %s", | 1857 | error("Certificate file is not a certificate: %s", |
| 1800 | options.host_cert_files[i]); | 1858 | options.host_cert_files[i]); |
| 1801 | key_free(key); | 1859 | sshkey_free(key); |
| 1802 | continue; | 1860 | continue; |
| 1803 | } | 1861 | } |
| 1804 | /* Find matching private key */ | 1862 | /* Find matching private key */ |
| 1805 | for (j = 0; j < options.num_host_key_files; j++) { | 1863 | for (j = 0; j < options.num_host_key_files; j++) { |
| 1806 | if (key_equal_public(key, | 1864 | if (sshkey_equal_public(key, |
| 1807 | sensitive_data.host_keys[j])) { | 1865 | sensitive_data.host_keys[j])) { |
| 1808 | sensitive_data.host_certificates[j] = key; | 1866 | sensitive_data.host_certificates[j] = key; |
| 1809 | break; | 1867 | break; |
| @@ -1812,12 +1870,12 @@ main(int ac, char **av) | |||
| 1812 | if (j >= options.num_host_key_files) { | 1870 | if (j >= options.num_host_key_files) { |
| 1813 | error("No matching private key for certificate: %s", | 1871 | error("No matching private key for certificate: %s", |
| 1814 | options.host_cert_files[i]); | 1872 | options.host_cert_files[i]); |
| 1815 | key_free(key); | 1873 | sshkey_free(key); |
| 1816 | continue; | 1874 | continue; |
| 1817 | } | 1875 | } |
| 1818 | sensitive_data.host_certificates[j] = key; | 1876 | sensitive_data.host_certificates[j] = key; |
| 1819 | debug("host certificate: #%u type %d %s", j, key->type, | 1877 | debug("host certificate: #%u type %d %s", j, key->type, |
| 1820 | key_type(key)); | 1878 | sshkey_type(key)); |
| 1821 | } | 1879 | } |
| 1822 | 1880 | ||
| 1823 | if (privsep_chroot) { | 1881 | if (privsep_chroot) { |
| @@ -2161,7 +2219,7 @@ main(int ac, char **av) | |||
| 2161 | /* allocate authentication context */ | 2219 | /* allocate authentication context */ |
| 2162 | authctxt = xcalloc(1, sizeof(*authctxt)); | 2220 | authctxt = xcalloc(1, sizeof(*authctxt)); |
| 2163 | 2221 | ||
| 2164 | authctxt->loginmsg = &loginmsg; | 2222 | authctxt->loginmsg = loginmsg; |
| 2165 | 2223 | ||
| 2166 | /* XXX global for cleanup, access from other modules */ | 2224 | /* XXX global for cleanup, access from other modules */ |
| 2167 | the_authctxt = authctxt; | 2225 | the_authctxt = authctxt; |
| @@ -2171,7 +2229,8 @@ main(int ac, char **av) | |||
| 2171 | fatal("allocation failed"); | 2229 | fatal("allocation failed"); |
| 2172 | 2230 | ||
| 2173 | /* prepare buffer to collect messages to display to user after login */ | 2231 | /* prepare buffer to collect messages to display to user after login */ |
| 2174 | buffer_init(&loginmsg); | 2232 | if ((loginmsg = sshbuf_new()) == NULL) |
| 2233 | fatal("%s: sshbuf_new failed", __func__); | ||
| 2175 | auth_debug_reset(); | 2234 | auth_debug_reset(); |
| 2176 | 2235 | ||
| 2177 | if (use_privsep) { | 2236 | if (use_privsep) { |
| @@ -2274,26 +2333,21 @@ main(int ac, char **av) | |||
| 2274 | 2333 | ||
| 2275 | int | 2334 | int |
| 2276 | sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey, | 2335 | sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey, |
| 2277 | u_char **signature, size_t *slen, const u_char *data, size_t dlen, | 2336 | u_char **signature, size_t *slenp, const u_char *data, size_t dlen, |
| 2278 | const char *alg, u_int flag) | 2337 | const char *alg, u_int flag) |
| 2279 | { | 2338 | { |
| 2280 | int r; | 2339 | int r; |
| 2281 | u_int xxx_slen, xxx_dlen = dlen; | ||
| 2282 | 2340 | ||
| 2283 | if (privkey) { | 2341 | if (privkey) { |
| 2284 | if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen, | 2342 | if (PRIVSEP(sshkey_sign(privkey, signature, slenp, data, dlen, |
| 2285 | alg) < 0)) | 2343 | alg, datafellows)) < 0) |
| 2286 | fatal("%s: key_sign failed", __func__); | 2344 | fatal("%s: key_sign failed", __func__); |
| 2287 | if (slen) | ||
| 2288 | *slen = xxx_slen; | ||
| 2289 | } else if (use_privsep) { | 2345 | } else if (use_privsep) { |
| 2290 | if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen, | 2346 | if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen, |
| 2291 | alg) < 0) | 2347 | alg, datafellows) < 0) |
| 2292 | fatal("%s: pubkey_sign failed", __func__); | 2348 | fatal("%s: pubkey_sign failed", __func__); |
| 2293 | if (slen) | ||
| 2294 | *slen = xxx_slen; | ||
| 2295 | } else { | 2349 | } else { |
| 2296 | if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen, | 2350 | if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slenp, |
| 2297 | data, dlen, alg, datafellows)) != 0) | 2351 | data, dlen, alg, datafellows)) != 0) |
| 2298 | fatal("%s: ssh_agent_sign failed: %s", | 2352 | fatal("%s: ssh_agent_sign failed: %s", |
| 2299 | __func__, ssh_err(r)); | 2353 | __func__, ssh_err(r)); |