summaryrefslogtreecommitdiff
path: root/auth2-pubkey.c
AgeCommit message (Collapse)Author
2018-07-10upstream: sshd: switch authentication to sshbuf API; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
2018-07-03upstream: Improve strictness and control over RSA-SHA2 signaturedjm@openbsd.org
In ssh, when an agent fails to return a RSA-SHA2 signature when requested and falls back to RSA-SHA1 instead, retry the signature to ensure that the public key algorithm sent in the SSH_MSG_USERAUTH matches the one in the signature itself. In sshd, strictly enforce that the public key algorithm sent in the SSH_MSG_USERAUTH message matches what appears in the signature. Make the sshd_config PubkeyAcceptedKeyTypes and HostbasedAcceptedKeyTypes options control accepted signature algorithms (previously they selected supported key types). This allows these options to ban RSA-SHA1 in favour of RSA-SHA2. Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures with certificate keys. feedback and ok markus@ OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
2018-06-07upstream: switch config file parsing to getline(3) as this avoidsmarkus@openbsd.org
static limits noted by gerhard@; ok dtucker@, djm@ OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
2018-06-01upstream: make UID available as a %-expansion everywhere that thedjm@openbsd.org
username is available currently. In the client this is via %i, in the server %U (since %i was already used in the client in some places for this, but used for something different in the server); bz#2870, ok dtucker@ OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
2018-03-03upstream: switch over to the new authorized_keys options API anddjm@openbsd.org
remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@ OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
2018-02-09upstream commitdtucker@openbsd.org
ssh_free checks for and handles NULL args, remove NULL checks from remaining callers. ok djm@ OpenBSD-Commit-ID: bb926825c53724c069df68a93a2597f9192f7e7b
2018-01-23upstream commitdjm@openbsd.org
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2017-12-21upstream commitdjm@openbsd.org
revert stricter key type / signature type checking in userauth path; too much software generates inconsistent messages, so we need a better plan. OpenBSD-Commit-ID: 4a44ddc991c803c4ecc8f1ad40e0ab4d22e1c519
2017-12-19upstream commitdjm@openbsd.org
include signature type and CA key (if applicable) in some debug messages OpenBSD-Commit-ID: b71615cc20e78cec7105bb6e940c03ce9ae414a5
2017-12-19upstream commitdjm@openbsd.org
pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-09-12upstream commitdjm@openbsd.org
typo in comment Upstream-ID: a93b1e6f30f1f9b854b5b964b9fd092d0c422c47
2017-08-23upstream commitdjm@openbsd.org
add a "quiet" flag to exited_cleanly() that supresses errors about exit status (failure due to signal is still reported) Upstream-ID: db85c39c3aa08e6ff67fc1fb4ffa89f807a9d2f0
2017-08-23upstream commitdjm@openbsd.org
Move several subprocess-related functions from various locations to misc.c. Extend subprocess() to offer a little more control over stdio disposition. feedback & ok dtucker@ Upstream-ID: 3573dd7109d13ef9bd3bed93a3deb170fbfce049
2017-06-24upstream commitdjm@openbsd.org
refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@ Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
2017-06-01upstream commitmarkus@openbsd.org
make sure we don't pass a NULL string to vfprintf (triggered by the principals-command regress test); ok bluhm Upstream-ID: eb49854f274ab37a0b57056a6af379a0b7111990
2017-06-01upstream commitderaadt@openbsd.org
Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
2017-05-31upstream commitmarkus@openbsd.org
switch auth2 to ssh_dispatch API; ok djm@ Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-pubkey.c to modern APIs; with & ok djm@ Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
2017-05-31upstream commitmarkus@openbsd.org
switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
2017-01-30upstream commitdjm@openbsd.org
revise keys/principals command hang fix (bz#2655) to consume entire output, avoiding sending SIGPIPE to subprocesses early; ok dtucker@ Upstream-ID: 7cb04b31a61f8c78c4e48ceededcd2fd5c4ee1bc
2017-01-03upstream commitdjm@openbsd.org
fix deadlock when keys/principals command produces a lot of output and a key is matched early; bz#2655, patch from jboning AT gmail.com Upstream-ID: e19456429bf99087ea994432c16d00a642060afe
2016-11-30upstream commitdjm@openbsd.org
When a forced-command appears in both a certificate and an authorized keys/principals command= restriction, refuse to accept the certificate unless they are identical. The previous (documented) behaviour of having the certificate forced- command override the other could be a bit confused and more error-prone. Pointed out by Jann Horn of Project Zero; ok dtucker@ Upstream-ID: 79d811b6eb6bbe1221bf146dde6928f92d2cd05f
2016-09-22upstream commitdjm@openbsd.org
cast uint64_t for printf Upstream-ID: 76d23e89419ccbd2320f92792a6d878211666ac1
2016-09-21upstream commitdjm@openbsd.org
add a way for principals command to get see key ID and serial too Upstream-ID: 0d30978bdcf7e8eaeee4eea1b030eb2eb1823fcb
2016-09-15upstream commitdjm@openbsd.org
take fingerprint of correct key for AuthorizedPrincipalsCommand Upstream-ID: 553581a549cd6a3e73ce9f57559a325cc2cb1f38
2016-09-14upstream commitdjm@openbsd.org
add %-escapes to AuthorizedPrincipalsCommand to match those supported for AuthorizedKeysCommand (key, key type, fingerprint, etc) and a few more to provide access to the certificate's CA key; 'looks ok' dtucker@ Upstream-ID: 6b00fd446dbebe67f4e4e146d2e492d650ae04eb
2016-01-27upstream commitdjm@openbsd.org
make the debug messages a bit more useful here Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
2015-10-29upstream commitdjm@openbsd.org
log certificate serial in verbose() messages to match the main auth success/fail message; ok dtucker@ Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288
2015-06-17upstream commitjsing@openbsd.org
If AuthorizedPrincipalsCommand is specified, however AuthorizedPrincipalsFile is not (or is set to "none"), authentication will potentially fail due to key_cert_check_authority() failing to locate a principal that matches the username, even though an authorized principal has already been matched in the output of the subprocess. Fix this by using the same logic to determine if pw->pw_name should be passed, as is used to determine if a authorized principal must be matched earlier on. ok djm@ Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d
2015-06-17upstream commitjsing@openbsd.org
Make the arguments to match_principals_command() similar to match_principals_file(), by changing the last argument a struct sshkey_cert * and dereferencing key->cert in the caller. No functional change. ok djm@ Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c
2015-05-21upstream commitdjm@openbsd.org
add AuthorizedPrincipalsCommand that allows getting authorized_principals from a subprocess rather than a file, which is quite useful in deployments with large userbases feedback and ok markus@ Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
2015-05-21upstream commitdjm@openbsd.org
support arguments to AuthorizedKeysCommand bz#2081 loosely based on patch by Sami Hartikainen feedback and ok markus@ Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
2015-05-10upstream commitdjm@openbsd.org
prevent authorized_keys options picked up on public key tests without a corresponding private key authentication being applied to other authentication methods. Reported by halex@, ok markus@
2015-05-10upstream commitdjm@openbsd.org
Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
2015-02-21upstream commitdjm@openbsd.org
Regression: I broke logging of public key fingerprints in 1.46. Pointed out by Pontus Lundkvist
2015-01-29upstream commitdjm@openbsd.org
update to new API (key_fingerprint => sshkey_fingerprint) check sshkey_fingerprint return values; ok markus
2015-01-13upstream commitdjm@openbsd.org
add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes options to allow sshd to control what public key types will be accepted. Currently defaults to all. Feedback & ok markus@
2014-12-22upstream commitdjm@openbsd.org
remember which public keys have been used for authentication and refuse to accept previously-used keys. This allows AuthenticationMethods=publickey,publickey to require that users authenticate using two _different_ pubkeys. ok markus@
2014-12-22upstream commitdjm@openbsd.org
Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
2014-12-05upstream commitdjm@openbsd.org
add RevokedHostKeys option for the client Allow textfile or KRL-based revocation of hostkeys.
2014-07-18 - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
2014-07-02 - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
2013-12-31 - djm@cvs.openbsd.org 2013/12/30 23:52:28Damien Miller
[auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] [sshconnect.c sshconnect2.c sshd.c] refuse RSA keys from old proprietary clients/servers that use the obsolete RSA+MD5 signature scheme. it will still be possible to connect with these clients/servers but only DSA keys will be accepted, and we'll deprecate them entirely in a future release. ok markus@
2013-07-18 - djm@cvs.openbsd.org 2013/06/21 00:34:49Damien Miller
[auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] for hostbased authentication, print the client host and user on the auth success/failure line; bz#2064, ok dtucker@
2013-06-02 - djm@cvs.openbsd.org 2013/05/19 02:38:28Darren Tucker
[auth2-pubkey.c] fix failure to recognise cert-authority keys if a key of a different type appeared in authorized_keys before it; ok markus@
2013-06-02 - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
2013-04-23 - djm@cvs.openbsd.org 2013/03/07 00:19:59Damien Miller
[auth2-pubkey.c monitor.c] reconstruct the original username that was sent by the client, which may have included a style (e.g. "root:skey") when checking public key signatures. Fixes public key and hostbased auth when the client specified a style; ok markus@
2013-02-15 - djm@cvs.openbsd.org 2013/02/14 21:35:59Damien Miller
[auth2-pubkey.c] Correct error message that had a typo and was logging the wrong thing; patch from Petr Lautrbach
2012-11-14 - djm@cvs.openbsd.org 2012/11/14 02:24:27Damien Miller
[auth2-pubkey.c] fix username passed to helper program prepare stdio fds before closefrom() spotted by landry@
2012-11-05 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms thatDarren Tucker
don't have it. Spotted by tim@.