1 files changed, 34 insertions, 5 deletions
diff --git a/monitor.c b/monitor.c
index 08fddabd7..037d6d333 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.186 2018/07/20 03:46:34 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -892,6 +892,35 @@ mm_answer_authrole(int sock, struct sshbuf *m)
        return (0);
 }
+/*
+ * Check that the key type appears in the supplied pattern list, ignoring
+ * mismatches in the signature algorithm. (Signature algorithm checks are
+ * performed in the unprivileged authentication code).
+ * Returns 1 on success, 0 otherwise.
+ */
+static int
+key_base_type_match(const char *method, const struct sshkey *key,
+    const char *list)
+{
+        char *s, *l, *ol = xstrdup(list);
+        int found = 0;
+        l = ol;
+        for ((s = strsep(&l, ",")); s && *s != '\0'; (s = strsep(&l, ","))) {
+                if (sshkey_type_from_name(s) == key->type) {
+                        found = 1;
+                        break;
+                }
+        }
+        if (!found) {
+                error("%s key type %s is not in permitted list %s", method,
+                    sshkey_ssh_name(key), list);
+        }
+        free(ol);
+        return found;
+}
 int
 mm_answer_authpassword(int sock, struct sshbuf *m)
 {
@@ -1197,8 +1226,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
                                break;
                        if (auth2_key_already_used(authctxt, key))
                                break;
-                        if (match_pattern_list(sshkey_ssh_name(key),
+                        if (!key_base_type_match(auth_method, key,
-                            options.pubkey_key_types, 0) != 1)
+                            options.pubkey_key_types))
                                break;
                        allowed = user_key_allowed(ssh, authctxt->pw, key,
                            pubkey_auth_attempt, &opts);
@@ -1209,8 +1238,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
                                break;
                        if (auth2_key_already_used(authctxt, key))
                                break;
-                        if (match_pattern_list(sshkey_ssh_name(key),
+                        if (!key_base_type_match(auth_method, key,
-                            options.hostbased_key_types, 0) != 1)
+                            options.hostbased_key_types))
                                break;
                        allowed = hostbased_key_allowed(authctxt->pw,
                            cuser, chost, key);

diff --git a/monitor.c b/monitor.c index 08fddabd7..037d6d333 100644 --- a/monitor.c +++ b/monitor.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor.c,v 1.186 2018/07/20 03:46:34 djm Exp $ */	1	/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -892,6 +892,35 @@ mm_answer_authrole(int sock, struct sshbuf *m)
892	return (0);	892	return (0);
893	}	893	}
894		894
		895	/*
		896	* Check that the key type appears in the supplied pattern list, ignoring
		897	* mismatches in the signature algorithm. (Signature algorithm checks are
		898	* performed in the unprivileged authentication code).
		899	* Returns 1 on success, 0 otherwise.
		900	*/
		901	static int
		902	key_base_type_match(const char method, const struct sshkey key,
		903	const char *list)
		904	{
		905	char s, l, *ol = xstrdup(list);
		906	int found = 0;
		907
		908	l = ol;
		909	for ((s = strsep(&l, ",")); s && *s != '\0'; (s = strsep(&l, ","))) {
		910	if (sshkey_type_from_name(s) == key->type) {
		911	found = 1;
		912	break;
		913	}
		914	}
		915	if (!found) {
		916	error("%s key type %s is not in permitted list %s", method,
		917	sshkey_ssh_name(key), list);
		918	}
		919
		920	free(ol);
		921	return found;
		922	}
		923
895	int	924	int
896	mm_answer_authpassword(int sock, struct sshbuf *m)	925	mm_answer_authpassword(int sock, struct sshbuf *m)
897	{	926	{
@@ -1197,8 +1226,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
1197	break;	1226	break;
1198	if (auth2_key_already_used(authctxt, key))	1227	if (auth2_key_already_used(authctxt, key))
1199	break;	1228	break;
1200	if (match_pattern_list(sshkey_ssh_name(key),	1229	if (!key_base_type_match(auth_method, key,
1201	options.pubkey_key_types, 0) != 1)	1230	options.pubkey_key_types))
1202	break;	1231	break;
1203	allowed = user_key_allowed(ssh, authctxt->pw, key,	1232	allowed = user_key_allowed(ssh, authctxt->pw, key,
1204	pubkey_auth_attempt, &opts);	1233	pubkey_auth_attempt, &opts);
@@ -1209,8 +1238,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
1209	break;	1238	break;
1210	if (auth2_key_already_used(authctxt, key))	1239	if (auth2_key_already_used(authctxt, key))
1211	break;	1240	break;
1212	if (match_pattern_list(sshkey_ssh_name(key),	1241	if (!key_base_type_match(auth_method, key,
1213	options.hostbased_key_types, 0) != 1)	1242	options.hostbased_key_types))
1214	break;	1243	break;
1215	allowed = hostbased_key_allowed(authctxt->pw,	1244	allowed = hostbased_key_allowed(authctxt->pw,
1216	cuser, chost, key);	1245	cuser, chost, key);