1 files changed, 34 insertions, 5 deletions
diff --git a/monitor.c b/monitor.c
index 531b2993a..09d3a27fd 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.186 2018/07/20 03:46:34 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -846,6 +846,35 @@ mm_answer_authserv(int sock, struct sshbuf *m)
        return (0);
 }
+/*
+ * Check that the key type appears in the supplied pattern list, ignoring
+ * mismatches in the signature algorithm. (Signature algorithm checks are
+ * performed in the unprivileged authentication code).
+ * Returns 1 on success, 0 otherwise.
+ */
+static int
+key_base_type_match(const char *method, const struct sshkey *key,
+    const char *list)
+{
+        char *s, *l, *ol = xstrdup(list);
+        int found = 0;
+        l = ol;
+        for ((s = strsep(&l, ",")); s && *s != '\0'; (s = strsep(&l, ","))) {
+                if (sshkey_type_from_name(s) == key->type) {
+                        found = 1;
+                        break;
+                }
+        }
+        if (!found) {
+                error("%s key type %s is not in permitted list %s", method,
+                    sshkey_ssh_name(key), list);
+        }
+        free(ol);
+        return found;
+}
 int
 mm_answer_authpassword(int sock, struct sshbuf *m)
 {
@@ -1151,8 +1180,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
                                break;
                        if (auth2_key_already_used(authctxt, key))
                                break;
-                        if (match_pattern_list(sshkey_ssh_name(key),
+                        if (!key_base_type_match(auth_method, key,
-                            options.pubkey_key_types, 0) != 1)
+                            options.pubkey_key_types))
                                break;
                        allowed = user_key_allowed(ssh, authctxt->pw, key,
                            pubkey_auth_attempt, &opts);
@@ -1163,8 +1192,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
                                break;
                        if (auth2_key_already_used(authctxt, key))
                                break;
-                        if (match_pattern_list(sshkey_ssh_name(key),
+                        if (!key_base_type_match(auth_method, key,
-                            options.hostbased_key_types, 0) != 1)
+                            options.hostbased_key_types))
                                break;
                        allowed = hostbased_key_allowed(authctxt->pw,
                            cuser, chost, key);

diff --git a/monitor.c b/monitor.c index 531b2993a..09d3a27fd 100644 --- a/monitor.c +++ b/monitor.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor.c,v 1.186 2018/07/20 03:46:34 djm Exp $ */	1	/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -846,6 +846,35 @@ mm_answer_authserv(int sock, struct sshbuf *m)
846	return (0);	846	return (0);
847	}	847	}
848		848
		849	/*
		850	* Check that the key type appears in the supplied pattern list, ignoring
		851	* mismatches in the signature algorithm. (Signature algorithm checks are
		852	* performed in the unprivileged authentication code).
		853	* Returns 1 on success, 0 otherwise.
		854	*/
		855	static int
		856	key_base_type_match(const char method, const struct sshkey key,
		857	const char *list)
		858	{
		859	char s, l, *ol = xstrdup(list);
		860	int found = 0;
		861
		862	l = ol;
		863	for ((s = strsep(&l, ",")); s && *s != '\0'; (s = strsep(&l, ","))) {
		864	if (sshkey_type_from_name(s) == key->type) {
		865	found = 1;
		866	break;
		867	}
		868	}
		869	if (!found) {
		870	error("%s key type %s is not in permitted list %s", method,
		871	sshkey_ssh_name(key), list);
		872	}
		873
		874	free(ol);
		875	return found;
		876	}
		877
849	int	878	int
850	mm_answer_authpassword(int sock, struct sshbuf *m)	879	mm_answer_authpassword(int sock, struct sshbuf *m)
851	{	880	{
@@ -1151,8 +1180,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
1151	break;	1180	break;
1152	if (auth2_key_already_used(authctxt, key))	1181	if (auth2_key_already_used(authctxt, key))
1153	break;	1182	break;
1154	if (match_pattern_list(sshkey_ssh_name(key),	1183	if (!key_base_type_match(auth_method, key,
1155	options.pubkey_key_types, 0) != 1)	1184	options.pubkey_key_types))
1156	break;	1185	break;
1157	allowed = user_key_allowed(ssh, authctxt->pw, key,	1186	allowed = user_key_allowed(ssh, authctxt->pw, key,
1158	pubkey_auth_attempt, &opts);	1187	pubkey_auth_attempt, &opts);
@@ -1163,8 +1192,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
1163	break;	1192	break;
1164	if (auth2_key_already_used(authctxt, key))	1193	if (auth2_key_already_used(authctxt, key))
1165	break;	1194	break;
1166	if (match_pattern_list(sshkey_ssh_name(key),	1195	if (!key_base_type_match(auth_method, key,
1167	options.hostbased_key_types, 0) != 1)	1196	options.hostbased_key_types))
1168	break;	1197	break;
1169	allowed = hostbased_key_allowed(authctxt->pw,	1198	allowed = hostbased_key_allowed(authctxt->pw,
1170	cuser, chost, key);	1199	cuser, chost, key);