diff options
Diffstat (limited to 'ssh-keysign.c')
-rw-r--r-- | ssh-keysign.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c index 1dca3e289..ac5034de8 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keysign.c,v 1.49 2015/07/03 03:56:25 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keysign.c,v 1.52 2016/02/15 09:47:49 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -34,6 +34,7 @@ | |||
34 | #include <stdlib.h> | 34 | #include <stdlib.h> |
35 | #include <string.h> | 35 | #include <string.h> |
36 | #include <unistd.h> | 36 | #include <unistd.h> |
37 | #include <errno.h> | ||
37 | 38 | ||
38 | #ifdef WITH_OPENSSL | 39 | #ifdef WITH_OPENSSL |
39 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
@@ -59,6 +60,8 @@ | |||
59 | 60 | ||
60 | struct ssh *active_state = NULL; /* XXX needed for linking */ | 61 | struct ssh *active_state = NULL; /* XXX needed for linking */ |
61 | 62 | ||
63 | extern char *__progname; | ||
64 | |||
62 | /* XXX readconf.c needs these */ | 65 | /* XXX readconf.c needs these */ |
63 | uid_t original_real_uid; | 66 | uid_t original_real_uid; |
64 | 67 | ||
@@ -179,6 +182,10 @@ main(int argc, char **argv) | |||
179 | u_int32_t rnd[256]; | 182 | u_int32_t rnd[256]; |
180 | #endif | 183 | #endif |
181 | 184 | ||
185 | ssh_malloc_init(); /* must be called before any mallocs */ | ||
186 | if (pledge("stdio rpath getpw dns id", NULL) != 0) | ||
187 | fatal("%s: pledge: %s", __progname, strerror(errno)); | ||
188 | |||
182 | /* Ensure that stdin and stdout are connected */ | 189 | /* Ensure that stdin and stdout are connected */ |
183 | if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) | 190 | if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) |
184 | exit(1); | 191 | exit(1); |
@@ -245,23 +252,26 @@ main(int argc, char **argv) | |||
245 | if (!found) | 252 | if (!found) |
246 | fatal("no hostkey found"); | 253 | fatal("no hostkey found"); |
247 | 254 | ||
255 | if (pledge("stdio dns", NULL) != 0) | ||
256 | fatal("%s: pledge: %s", __progname, strerror(errno)); | ||
257 | |||
248 | if ((b = sshbuf_new()) == NULL) | 258 | if ((b = sshbuf_new()) == NULL) |
249 | fatal("%s: sshbuf_new failed", __func__); | 259 | fatal("%s: sshbuf_new failed", __progname); |
250 | if (ssh_msg_recv(STDIN_FILENO, b) < 0) | 260 | if (ssh_msg_recv(STDIN_FILENO, b) < 0) |
251 | fatal("ssh_msg_recv failed"); | 261 | fatal("ssh_msg_recv failed"); |
252 | if ((r = sshbuf_get_u8(b, &rver)) != 0) | 262 | if ((r = sshbuf_get_u8(b, &rver)) != 0) |
253 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 263 | fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
254 | if (rver != version) | 264 | if (rver != version) |
255 | fatal("bad version: received %d, expected %d", rver, version); | 265 | fatal("bad version: received %d, expected %d", rver, version); |
256 | if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) | 266 | if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) |
257 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 267 | fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
258 | if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) | 268 | if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) |
259 | fatal("bad fd"); | 269 | fatal("bad fd"); |
260 | if ((host = get_local_name(fd)) == NULL) | 270 | if ((host = get_local_name(fd)) == NULL) |
261 | fatal("cannot get local name for fd"); | 271 | fatal("cannot get local name for fd"); |
262 | 272 | ||
263 | if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) | 273 | if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) |
264 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 274 | fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
265 | if (valid_request(pw, host, &key, data, dlen) < 0) | 275 | if (valid_request(pw, host, &key, data, dlen) < 0) |
266 | fatal("not a valid request"); | 276 | fatal("not a valid request"); |
267 | free(host); | 277 | free(host); |
@@ -277,19 +287,20 @@ main(int argc, char **argv) | |||
277 | if (!found) { | 287 | if (!found) { |
278 | if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, | 288 | if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
279 | SSH_FP_DEFAULT)) == NULL) | 289 | SSH_FP_DEFAULT)) == NULL) |
280 | fatal("%s: sshkey_fingerprint failed", __func__); | 290 | fatal("%s: sshkey_fingerprint failed", __progname); |
281 | fatal("no matching hostkey found for key %s %s", | 291 | fatal("no matching hostkey found for key %s %s", |
282 | sshkey_type(key), fp ? fp : ""); | 292 | sshkey_type(key), fp ? fp : ""); |
283 | } | 293 | } |
284 | 294 | ||
285 | if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, 0)) != 0) | 295 | if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, NULL, 0)) |
296 | != 0) | ||
286 | fatal("sshkey_sign failed: %s", ssh_err(r)); | 297 | fatal("sshkey_sign failed: %s", ssh_err(r)); |
287 | free(data); | 298 | free(data); |
288 | 299 | ||
289 | /* send reply */ | 300 | /* send reply */ |
290 | sshbuf_reset(b); | 301 | sshbuf_reset(b); |
291 | if ((r = sshbuf_put_string(b, signature, slen)) != 0) | 302 | if ((r = sshbuf_put_string(b, signature, slen)) != 0) |
292 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 303 | fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
293 | if (ssh_msg_send(STDOUT_FILENO, version, b) == -1) | 304 | if (ssh_msg_send(STDOUT_FILENO, version, b) == -1) |
294 | fatal("ssh_msg_send failed"); | 305 | fatal("ssh_msg_send failed"); |
295 | 306 | ||