diff options
| -rw-r--r-- | auth2-gss.c | 17 | ||||
| -rw-r--r-- | gss-genr.c | 17 | ||||
| -rw-r--r-- | monitor.c | 15 | ||||
| -rw-r--r-- | monitor_wrap.c | 4 | ||||
| -rw-r--r-- | ssh-gss.h | 5 |
5 files changed, 43 insertions, 15 deletions
diff --git a/auth2-gss.c b/auth2-gss.c index a6f2a7125..47308c5ce 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-gss.c,v 1.27 2018/07/09 21:37:55 markus Exp $ */ | 1 | /* $OpenBSD: auth2-gss.c,v 1.28 2018/07/10 09:13:30 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
| @@ -204,15 +204,18 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) | |||
| 204 | gss_buffer_desc recv_tok; | 204 | gss_buffer_desc recv_tok; |
| 205 | OM_uint32 maj_status; | 205 | OM_uint32 maj_status; |
| 206 | int r; | 206 | int r; |
| 207 | u_char *p; | ||
| 208 | size_t len; | ||
| 207 | 209 | ||
| 208 | if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) | 210 | if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) |
| 209 | fatal("No authentication or GSSAPI context"); | 211 | fatal("No authentication or GSSAPI context"); |
| 210 | 212 | ||
| 211 | gssctxt = authctxt->methoddata; | 213 | gssctxt = authctxt->methoddata; |
| 212 | if ((r = sshpkt_get_string(ssh, | 214 | if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 || |
| 213 | &recv_tok.value, &recv_tok.length)) != 0 || | ||
| 214 | (r = sshpkt_get_end(ssh)) != 0) | 215 | (r = sshpkt_get_end(ssh)) != 0) |
| 215 | fatal("%s: %s", __func__, ssh_err(r)); | 216 | fatal("%s: %s", __func__, ssh_err(r)); |
| 217 | recv_tok.value = p; | ||
| 218 | recv_tok.length = len; | ||
| 216 | 219 | ||
| 217 | /* Push the error token into GSSAPI to see what it says */ | 220 | /* Push the error token into GSSAPI to see what it says */ |
| 218 | maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, | 221 | maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, |
| @@ -240,7 +243,7 @@ static int | |||
| 240 | input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) | 243 | input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) |
| 241 | { | 244 | { |
| 242 | Authctxt *authctxt = ssh->authctxt; | 245 | Authctxt *authctxt = ssh->authctxt; |
| 243 | int authenticated; | 246 | int r, authenticated; |
| 244 | const char *displayname; | 247 | const char *displayname; |
| 245 | 248 | ||
| 246 | if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) | 249 | if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) |
| @@ -278,16 +281,20 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) | |||
| 278 | struct sshbuf *b; | 281 | struct sshbuf *b; |
| 279 | gss_buffer_desc mic, gssbuf; | 282 | gss_buffer_desc mic, gssbuf; |
| 280 | const char *displayname; | 283 | const char *displayname; |
| 284 | u_char *p; | ||
| 285 | size_t len; | ||
| 281 | 286 | ||
| 282 | if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) | 287 | if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) |
| 283 | fatal("No authentication or GSSAPI context"); | 288 | fatal("No authentication or GSSAPI context"); |
| 284 | 289 | ||
| 285 | gssctxt = authctxt->methoddata; | 290 | gssctxt = authctxt->methoddata; |
| 286 | 291 | ||
| 287 | if ((r = sshpkt_get_string(ssh, &mic.value, &mic.length)) != 0) | 292 | if ((r = sshpkt_get_string(ssh, &p, &len)) != 0) |
| 288 | fatal("%s: %s", __func__, ssh_err(r)); | 293 | fatal("%s: %s", __func__, ssh_err(r)); |
| 289 | if ((b = sshbuf_new()) == NULL) | 294 | if ((b = sshbuf_new()) == NULL) |
| 290 | fatal("%s: sshbuf_new failed", __func__); | 295 | fatal("%s: sshbuf_new failed", __func__); |
| 296 | mic.value = p; | ||
| 297 | mic.length = len; | ||
| 291 | ssh_gssapi_buildmic(b, authctxt->user, authctxt->service, | 298 | ssh_gssapi_buildmic(b, authctxt->user, authctxt->service, |
| 292 | "gssapi-with-mic"); | 299 | "gssapi-with-mic"); |
| 293 | 300 | ||
diff --git a/gss-genr.c b/gss-genr.c index f794e05b7..d56257b4a 100644 --- a/gss-genr.c +++ b/gss-genr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: gss-genr.c,v 1.25 2018/07/09 21:37:55 markus Exp $ */ | 1 | /* $OpenBSD: gss-genr.c,v 1.26 2018/07/10 09:13:30 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. |
| @@ -47,6 +47,21 @@ | |||
| 47 | extern u_char *session_id2; | 47 | extern u_char *session_id2; |
| 48 | extern u_int session_id2_len; | 48 | extern u_int session_id2_len; |
| 49 | 49 | ||
| 50 | /* sshbuf_get for gss_buffer_desc */ | ||
| 51 | int | ||
| 52 | ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) | ||
| 53 | { | ||
| 54 | int r; | ||
| 55 | u_char *p; | ||
| 56 | size_t len; | ||
| 57 | |||
| 58 | if ((r = sshbuf_get_string(b, &p, &len)) != 0) | ||
| 59 | return r; | ||
| 60 | g->value = p; | ||
| 61 | g->length = len; | ||
| 62 | return 0; | ||
| 63 | } | ||
| 64 | |||
| 50 | /* Check that the OID in a data stream matches that in the context */ | 65 | /* Check that the OID in a data stream matches that in the context */ |
| 51 | int | 66 | int |
| 52 | ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) | 67 | ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor.c,v 1.183 2018/07/09 21:53:45 markus Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.184 2018/07/10 09:13:30 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -1795,13 +1795,15 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m) | |||
| 1795 | gss_OID_desc goid; | 1795 | gss_OID_desc goid; |
| 1796 | OM_uint32 major; | 1796 | OM_uint32 major; |
| 1797 | size_t len; | 1797 | size_t len; |
| 1798 | u_char *p; | ||
| 1798 | int r; | 1799 | int r; |
| 1799 | 1800 | ||
| 1800 | if (!options.gss_authentication) | 1801 | if (!options.gss_authentication) |
| 1801 | fatal("%s: GSSAPI authentication not enabled", __func__); | 1802 | fatal("%s: GSSAPI authentication not enabled", __func__); |
| 1802 | 1803 | ||
| 1803 | if ((r = sshbuf_get_string(m, &goid.elements, &len)) != 0) | 1804 | if ((r = sshbuf_get_string(m, &p, &len)) != 0) |
| 1804 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 1805 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| 1806 | goid.elements = p; | ||
| 1805 | goid.length = len; | 1807 | goid.length = len; |
| 1806 | 1808 | ||
| 1807 | major = ssh_gssapi_server_ctx(&gsscontext, &goid); | 1809 | major = ssh_gssapi_server_ctx(&gsscontext, &goid); |
| @@ -1832,7 +1834,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) | |||
| 1832 | if (!options.gss_authentication) | 1834 | if (!options.gss_authentication) |
| 1833 | fatal("%s: GSSAPI authentication not enabled", __func__); | 1835 | fatal("%s: GSSAPI authentication not enabled", __func__); |
| 1834 | 1836 | ||
| 1835 | if ((r = sshbuf_get_string(m, &in.value, &in.length)) != 0) | 1837 | if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) |
| 1836 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 1838 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| 1837 | major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); | 1839 | major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); |
| 1838 | free(in.value); | 1840 | free(in.value); |
| @@ -1859,12 +1861,13 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m) | |||
| 1859 | { | 1861 | { |
| 1860 | gss_buffer_desc gssbuf, mic; | 1862 | gss_buffer_desc gssbuf, mic; |
| 1861 | OM_uint32 ret; | 1863 | OM_uint32 ret; |
| 1864 | int r; | ||
| 1862 | 1865 | ||
| 1863 | if (!options.gss_authentication) | 1866 | if (!options.gss_authentication) |
| 1864 | fatal("%s: GSSAPI authentication not enabled", __func__); | 1867 | fatal("%s: GSSAPI authentication not enabled", __func__); |
| 1865 | 1868 | ||
| 1866 | if ((r = sshbuf_get_string(m, &gssbuf.value, &gssbuf.length)) != 0 || | 1869 | if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || |
| 1867 | (r = sshbuf_get_string(m, &mic.value, &mic.length)) != 0) | 1870 | (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) |
| 1868 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 1871 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| 1869 | 1872 | ||
| 1870 | ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); | 1873 | ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); |
| @@ -1887,7 +1890,7 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m) | |||
| 1887 | int | 1890 | int |
| 1888 | mm_answer_gss_userok(int sock, struct sshbuf *m) | 1891 | mm_answer_gss_userok(int sock, struct sshbuf *m) |
| 1889 | { | 1892 | { |
| 1890 | int authenticated; | 1893 | int r, authenticated; |
| 1891 | const char *displayname; | 1894 | const char *displayname; |
| 1892 | 1895 | ||
| 1893 | if (!options.gss_authentication) | 1896 | if (!options.gss_authentication) |
diff --git a/monitor_wrap.c b/monitor_wrap.c index cf38b230b..682e39dec 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor_wrap.c,v 1.103 2018/07/09 21:53:45 markus Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.104 2018/07/10 09:13:30 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -989,7 +989,7 @@ mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in, | |||
| 989 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m); | 989 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m); |
| 990 | 990 | ||
| 991 | if ((r = sshbuf_get_u32(m, &major)) != 0 || | 991 | if ((r = sshbuf_get_u32(m, &major)) != 0 || |
| 992 | (r = sshbuf_get_string(m, &out->value, &out->length)) != 0) | 992 | (r = ssh_gssapi_get_buffer_desc(m, out)) != 0) |
| 993 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 993 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| 994 | if (flagsp != NULL) { | 994 | if (flagsp != NULL) { |
| 995 | if ((r = sshbuf_get_u32(m, &flags)) != 0) | 995 | if ((r = sshbuf_get_u32(m, &flags)) != 0) |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-gss.h,v 1.13 2018/07/10 06:43:52 djm Exp $ */ | 1 | /* $OpenBSD: ssh-gss.h,v 1.14 2018/07/10 09:13:30 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 3 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
| 4 | * | 4 | * |
| @@ -107,6 +107,9 @@ ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *); | |||
| 107 | void ssh_gssapi_prepare_supported_oids(void); | 107 | void ssh_gssapi_prepare_supported_oids(void); |
| 108 | OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); | 108 | OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); |
| 109 | 109 | ||
| 110 | struct sshbuf; | ||
| 111 | int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); | ||
| 112 | |||
| 110 | OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); | 113 | OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); |
| 111 | OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, | 114 | OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, |
| 112 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); | 115 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); |