diff options
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | authfile.c | 8 | ||||
-rw-r--r-- | authfile.h | 4 | ||||
-rw-r--r-- | ssh.c | 8 | ||||
-rw-r--r-- | sshconnect1.c | 13 | ||||
-rw-r--r-- | sshconnect2.c | 12 |
6 files changed, 35 insertions, 20 deletions
@@ -1,3 +1,11 @@ | |||
1 | 20050506 | ||
2 | - (dtucker) OpenBSD CVS Syn | ||
3 | - dtucker@cvs.openbsd.org 2006/04/25 08:02:27 | ||
4 | [authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c] | ||
5 | Prevent ssh from trying to open private keys with bad permissions more than | ||
6 | once or prompting for their passphrases (which it subsequently ignores | ||
7 | anyway), similar to a previous change in ssh-add. bz #1186, ok djm@ | ||
8 | |||
1 | 20060504 | 9 | 20060504 |
2 | - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c | 10 | - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c |
3 | session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c | 11 | session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c |
@@ -4594,4 +4602,4 @@ | |||
4594 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 4602 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
4595 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 4603 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
4596 | 4604 | ||
4597 | $Id: ChangeLog,v 1.4320 2006/05/04 06:24:34 dtucker Exp $ | 4605 | $Id: ChangeLog,v 1.4321 2006/05/06 07:41:51 dtucker Exp $ |
diff --git a/authfile.c b/authfile.c index b95b9470b..b1a28528f 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.c,v 1.66 2006/03/25 13:17:01 djm Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.67 2006/04/25 08:02:27 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -538,7 +538,7 @@ key_perm_ok(int fd, const char *filename) | |||
538 | 538 | ||
539 | Key * | 539 | Key * |
540 | key_load_private_type(int type, const char *filename, const char *passphrase, | 540 | key_load_private_type(int type, const char *filename, const char *passphrase, |
541 | char **commentp) | 541 | char **commentp, int *perm_ok) |
542 | { | 542 | { |
543 | int fd; | 543 | int fd; |
544 | 544 | ||
@@ -546,10 +546,14 @@ key_load_private_type(int type, const char *filename, const char *passphrase, | |||
546 | if (fd < 0) | 546 | if (fd < 0) |
547 | return NULL; | 547 | return NULL; |
548 | if (!key_perm_ok(fd, filename)) { | 548 | if (!key_perm_ok(fd, filename)) { |
549 | if (perm_ok != NULL) | ||
550 | *perm_ok = 0; | ||
549 | error("bad permissions: ignore key: %s", filename); | 551 | error("bad permissions: ignore key: %s", filename); |
550 | close(fd); | 552 | close(fd); |
551 | return NULL; | 553 | return NULL; |
552 | } | 554 | } |
555 | if (perm_ok != NULL) | ||
556 | *perm_ok = 1; | ||
553 | switch (type) { | 557 | switch (type) { |
554 | case KEY_RSA1: | 558 | case KEY_RSA1: |
555 | return key_load_private_rsa1(fd, filename, passphrase, | 559 | return key_load_private_rsa1(fd, filename, passphrase, |
diff --git a/authfile.h b/authfile.h index 967f582d4..a6c74934d 100644 --- a/authfile.h +++ b/authfile.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.h,v 1.12 2006/03/25 22:22:42 djm Exp $ */ | 1 | /* $OpenBSD: authfile.h,v 1.13 2006/04/25 08:02:27 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -19,7 +19,7 @@ int key_save_private(Key *, const char *, const char *, const char *); | |||
19 | Key *key_load_public(const char *, char **); | 19 | Key *key_load_public(const char *, char **); |
20 | Key *key_load_public_type(int, const char *, char **); | 20 | Key *key_load_public_type(int, const char *, char **); |
21 | Key *key_load_private(const char *, const char *, char **); | 21 | Key *key_load_private(const char *, const char *, char **); |
22 | Key *key_load_private_type(int, const char *, const char *, char **); | 22 | Key *key_load_private_type(int, const char *, const char *, char **, int *); |
23 | Key *key_load_private_pem(int, int, const char *, char **); | 23 | Key *key_load_private_pem(int, int, const char *, char **); |
24 | int key_perm_ok(int, const char *); | 24 | int key_perm_ok(int, const char *); |
25 | 25 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.275 2006/03/30 10:41:25 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.276 2006/04/25 08:02:27 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -693,11 +693,11 @@ main(int ac, char **av) | |||
693 | 693 | ||
694 | PRIV_START; | 694 | PRIV_START; |
695 | sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, | 695 | sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, |
696 | _PATH_HOST_KEY_FILE, "", NULL); | 696 | _PATH_HOST_KEY_FILE, "", NULL, NULL); |
697 | sensitive_data.keys[1] = key_load_private_type(KEY_DSA, | 697 | sensitive_data.keys[1] = key_load_private_type(KEY_DSA, |
698 | _PATH_HOST_DSA_KEY_FILE, "", NULL); | 698 | _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); |
699 | sensitive_data.keys[2] = key_load_private_type(KEY_RSA, | 699 | sensitive_data.keys[2] = key_load_private_type(KEY_RSA, |
700 | _PATH_HOST_RSA_KEY_FILE, "", NULL); | 700 | _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); |
701 | PRIV_END; | 701 | PRIV_END; |
702 | 702 | ||
703 | if (options.hostbased_authentication == 1 && | 703 | if (options.hostbased_authentication == 1 && |
diff --git a/sshconnect1.c b/sshconnect1.c index 9b86c7ce1..5467f04bf 100644 --- a/sshconnect1.c +++ b/sshconnect1.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect1.c,v 1.64 2006/03/25 13:17:02 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect1.c,v 1.65 2006/04/25 08:02:27 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -197,7 +197,7 @@ try_rsa_authentication(int idx) | |||
197 | BIGNUM *challenge; | 197 | BIGNUM *challenge; |
198 | Key *public, *private; | 198 | Key *public, *private; |
199 | char buf[300], *passphrase, *comment, *authfile; | 199 | char buf[300], *passphrase, *comment, *authfile; |
200 | int i, type, quit; | 200 | int i, perm_ok = 1, type, quit; |
201 | 201 | ||
202 | public = options.identity_keys[idx]; | 202 | public = options.identity_keys[idx]; |
203 | authfile = options.identity_files[idx]; | 203 | authfile = options.identity_files[idx]; |
@@ -243,15 +243,16 @@ try_rsa_authentication(int idx) | |||
243 | if (public->flags & KEY_FLAG_EXT) | 243 | if (public->flags & KEY_FLAG_EXT) |
244 | private = public; | 244 | private = public; |
245 | else | 245 | else |
246 | private = key_load_private_type(KEY_RSA1, authfile, "", NULL); | 246 | private = key_load_private_type(KEY_RSA1, authfile, "", NULL, |
247 | if (private == NULL && !options.batch_mode) { | 247 | &perm_ok); |
248 | if (private == NULL && !options.batch_mode && perm_ok) { | ||
248 | snprintf(buf, sizeof(buf), | 249 | snprintf(buf, sizeof(buf), |
249 | "Enter passphrase for RSA key '%.100s': ", comment); | 250 | "Enter passphrase for RSA key '%.100s': ", comment); |
250 | for (i = 0; i < options.number_of_password_prompts; i++) { | 251 | for (i = 0; i < options.number_of_password_prompts; i++) { |
251 | passphrase = read_passphrase(buf, 0); | 252 | passphrase = read_passphrase(buf, 0); |
252 | if (strcmp(passphrase, "") != 0) { | 253 | if (strcmp(passphrase, "") != 0) { |
253 | private = key_load_private_type(KEY_RSA1, | 254 | private = key_load_private_type(KEY_RSA1, |
254 | authfile, passphrase, NULL); | 255 | authfile, passphrase, NULL, NULL); |
255 | quit = 0; | 256 | quit = 0; |
256 | } else { | 257 | } else { |
257 | debug2("no passphrase given, try next key"); | 258 | debug2("no passphrase given, try next key"); |
@@ -268,7 +269,7 @@ try_rsa_authentication(int idx) | |||
268 | xfree(comment); | 269 | xfree(comment); |
269 | 270 | ||
270 | if (private == NULL) { | 271 | if (private == NULL) { |
271 | if (!options.batch_mode) | 272 | if (!options.batch_mode && perm_ok) |
272 | error("Bad passphrase."); | 273 | error("Bad passphrase."); |
273 | 274 | ||
274 | /* Send a dummy response packet to avoid protocol error. */ | 275 | /* Send a dummy response packet to avoid protocol error. */ |
diff --git a/sshconnect2.c b/sshconnect2.c index a826ad0f4..6fdcf8a1c 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.151 2006/03/25 13:17:02 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.152 2006/04/25 08:02:27 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -970,14 +970,16 @@ load_identity_file(char *filename) | |||
970 | { | 970 | { |
971 | Key *private; | 971 | Key *private; |
972 | char prompt[300], *passphrase; | 972 | char prompt[300], *passphrase; |
973 | int quit, i; | 973 | int perm_ok, quit, i; |
974 | struct stat st; | 974 | struct stat st; |
975 | 975 | ||
976 | if (stat(filename, &st) < 0) { | 976 | if (stat(filename, &st) < 0) { |
977 | debug3("no such identity: %s", filename); | 977 | debug3("no such identity: %s", filename); |
978 | return NULL; | 978 | return NULL; |
979 | } | 979 | } |
980 | private = key_load_private_type(KEY_UNSPEC, filename, "", NULL); | 980 | private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok); |
981 | if (!perm_ok) | ||
982 | return NULL; | ||
981 | if (private == NULL) { | 983 | if (private == NULL) { |
982 | if (options.batch_mode) | 984 | if (options.batch_mode) |
983 | return NULL; | 985 | return NULL; |
@@ -986,8 +988,8 @@ load_identity_file(char *filename) | |||
986 | for (i = 0; i < options.number_of_password_prompts; i++) { | 988 | for (i = 0; i < options.number_of_password_prompts; i++) { |
987 | passphrase = read_passphrase(prompt, 0); | 989 | passphrase = read_passphrase(prompt, 0); |
988 | if (strcmp(passphrase, "") != 0) { | 990 | if (strcmp(passphrase, "") != 0) { |
989 | private = key_load_private_type(KEY_UNSPEC, filename, | 991 | private = key_load_private_type(KEY_UNSPEC, |
990 | passphrase, NULL); | 992 | filename, passphrase, NULL, NULL); |
991 | quit = 0; | 993 | quit = 0; |
992 | } else { | 994 | } else { |
993 | debug2("no passphrase given, try next key"); | 995 | debug2("no passphrase given, try next key"); |