From 4765679649c51a83e5ceb3d0c1e51e33db251f27 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 11 Sep 2004 22:42:09 +1000 Subject: - (djm) [auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c] Make cygwin code more consistent with that which surrounds it --- auth2-pubkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'auth2-pubkey.c') diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 9898d4a63..bafea09da 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -158,7 +158,7 @@ done: xfree(pkblob); #ifdef HAVE_CYGWIN if (check_nt_auth(0, authctxt->pw) == 0) - return(0); + authenticated = 0; #endif return authenticated; } -- cgit v1.2.3 From 22cc741096c85ff211dfc4c910fd28ec4858ba83 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 6 Dec 2004 22:47:41 +1100 Subject: - dtucker@cvs.openbsd.org 2004/12/06 11:41:03 [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8] Discard over-length authorized_keys entries rather than complaining when they don't decode. bz #884, with & ok djm@ --- ChangeLog | 6 +++++- auth-rsa.c | 10 ++++------ auth2-pubkey.c | 9 +++++---- authfile.c | 9 +++++---- misc.c | 25 ++++++++++++++++++++++++- misc.h | 3 ++- ssh.h | 9 ++++++++- sshd.8 | 6 ++++-- 8 files changed, 57 insertions(+), 20 deletions(-) (limited to 'auth2-pubkey.c') diff --git a/ChangeLog b/ChangeLog index ea529e794..513df22d0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,10 @@ - describe ls flags as a list - other minor improvements ok jmc, djm + - dtucker@cvs.openbsd.org 2004/12/06 11:41:03 + [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8] + Discard over-length authorized_keys entries rather than complaining when + they don't decode. bz #884, with & ok djm@ 20041203 - (dtucker) OpenBSD CVS Sync @@ -1890,4 +1894,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3589 2004/12/06 11:46:45 dtucker Exp $ +$Id: ChangeLog,v 1.3590 2004/12/06 11:47:41 dtucker Exp $ diff --git a/auth-rsa.c b/auth-rsa.c index 16369d47c..2060f8394 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.60 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.61 2004/12/06 11:41:03 dtucker Exp $"); #include #include @@ -49,7 +49,7 @@ extern u_char session_id[16]; * options bits e n comment * where bits, e and n are decimal numbers, * and comment is any string of characters up to newline. The maximum - * length of a line is 8000 characters. See the documentation for a + * length of a line is SSH_MAX_PUBKEY_BYTES characters. See sshd(8) for a * description of the options. */ @@ -152,7 +152,7 @@ auth_rsa_challenge_dialog(Key *key) int auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) { - char line[8192], *file; + char line[SSH_MAX_PUBKEY_BYTES], *file; int allowed = 0; u_int bits; FILE *f; @@ -201,12 +201,10 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) * found, perform a challenge-response dialog to verify that the * user really has the corresponding private key. */ - while (fgets(line, sizeof(line), f)) { + while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { char *cp; char *key_options; - linenum++; - /* Skip leading whitespace, empty and comment lines. */ for (cp = line; *cp == ' ' || *cp == '\t'; cp++) ; diff --git a/auth2-pubkey.c b/auth2-pubkey.c index bafea09da..41e23bebd 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -23,8 +23,9 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: auth2-pubkey.c,v 1.8 2004/12/06 11:41:03 dtucker Exp $"); +#include "ssh.h" #include "ssh2.h" #include "xmalloc.h" #include "packet.h" @@ -167,7 +168,7 @@ done: static int user_key_allowed2(struct passwd *pw, Key *key, char *file) { - char line[8192]; + char line[SSH_MAX_PUBKEY_BYTES]; int found_key = 0; FILE *f; u_long linenum = 0; @@ -204,9 +205,9 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) found_key = 0; found = key_new(key->type); - while (fgets(line, sizeof(line), f)) { + while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { char *cp, *key_options = NULL; - linenum++; + /* Skip leading whitespace, empty and comment lines. */ for (cp = line; *cp == ' ' || *cp == '\t'; cp++) ; diff --git a/authfile.c b/authfile.c index 1c006c43d..4038ab692 100644 --- a/authfile.c +++ b/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.58 2004/08/23 11:48:09 djm Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.59 2004/12/06 11:41:03 dtucker Exp $"); #include #include @@ -601,13 +601,14 @@ static int key_try_load_public(Key *k, const char *filename, char **commentp) { FILE *f; - char line[4096]; + char line[SSH_MAX_PUBKEY_BYTES]; char *cp; + int linenum = 0; f = fopen(filename, "r"); if (f != NULL) { - while (fgets(line, sizeof(line), f)) { - line[sizeof(line)-1] = '\0'; + while (read_keyfile_line(f, filename, line, sizeof(line), + &linenum) != -1) { cp = line; switch (*cp) { case '#': diff --git a/misc.c b/misc.c index 8cb411ccc..d0cc53823 100644 --- a/misc.c +++ b/misc.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.25 2004/08/11 21:43:05 avsm Exp $"); +RCSID("$OpenBSD: misc.c,v 1.26 2004/12/06 11:41:03 dtucker Exp $"); #include "misc.h" #include "log.h" @@ -332,3 +332,26 @@ addargs(arglist *args, char *fmt, ...) args->list[args->num++] = xstrdup(buf); args->list[args->num] = NULL; } + +/* + * Read an entire line from a public key file into a static buffer, discarding + * lines that exceed the buffer size. Returns 0 on success, -1 on failure. + */ +int +read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, + int *lineno) +{ + while (fgets(buf, bufsz, f) != NULL) { + (*lineno)++; + if (buf[strlen(buf) - 1] == '\n' || feof(f)) { + return 0; + } else { + debug("%s: %s line %d exceeds size limit", __func__, + filename, lineno); + /* discard remainder of line */ + while(fgetc(f) != '\n' && !feof(f)) + ; /* nothing */ + } + } + return -1; +} diff --git a/misc.h b/misc.h index 0290a2d64..4aab2ca01 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.18 2004/10/29 22:53:56 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.19 2004/12/06 11:41:03 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -47,3 +47,4 @@ char *tilde_expand_filename(const char *, uid_t); char *read_passphrase(const char *, int); int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); +int read_keyfile_line(FILE *, const char *, char *, size_t, int *); diff --git a/ssh.h b/ssh.h index a3b2ebbb5..07592415b 100644 --- a/ssh.h +++ b/ssh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.h,v 1.75 2003/12/02 17:01:15 markus Exp $ */ +/* $OpenBSD: ssh.h,v 1.76 2004/12/06 11:41:03 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -39,6 +39,13 @@ */ #define SSH_MAX_IDENTITY_FILES 100 +/* + * Maximum length of lines in authorized_keys file. + * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with + * some room for options and comments. + */ +#define SSH_MAX_PUBKEY_BYTES 8192 + /* * Major protocol version. Different version indicates major incompatibility * that prevents communication. diff --git a/sshd.8 b/sshd.8 index 83d0f48d2..2ac7b7274 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.202 2004/08/26 16:00:55 markus Exp $ +.\" $OpenBSD: sshd.8,v 1.203 2004/12/06 11:41:03 dtucker Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -420,7 +420,9 @@ or .Dq ssh-rsa . .Pp Note that lines in this file are usually several hundred bytes long -(because of the size of the public key encoding). +(because of the size of the public key encoding) up to a limit of +8 kilobytes, which permits DSA keys up to 8 kilobits and RSA +keys up to 16 kilobits. You don't want to type them in; instead, copy the .Pa identity.pub , .Pa id_dsa.pub -- cgit v1.2.3 From f0f90989fa7c22ab86ae7957b3af539584be375c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 11 Dec 2004 13:39:50 +1100 Subject: - dtucker@cvs.openbsd.org 2004/12/11 01:48:56 [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h] Fix debug call in error path of authorized_keys processing and fix related warnings; ok djm@ --- ChangeLog | 6 +++++- auth-rsa.c | 3 ++- auth2-pubkey.c | 3 ++- authfile.c | 5 +++-- misc.c | 8 ++++---- misc.h | 4 ++-- 6 files changed, 18 insertions(+), 11 deletions(-) (limited to 'auth2-pubkey.c') diff --git a/ChangeLog b/ChangeLog index 8c4cca4ba..cf68f4fb3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,10 @@ ignore). - don't do extra do_lstat() if we only have one matching file. djm@ ok + - dtucker@cvs.openbsd.org 2004/12/11 01:48:56 + [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h] + Fix debug call in error path of authorized_keys processing and fix related + warnings; ok djm@ 20041208 - (tim) [configure.ac] Comment some non obvious platforms in the @@ -1942,4 +1946,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3602 2004/12/11 02:37:22 dtucker Exp $ +$Id: ChangeLog,v 1.3603 2004/12/11 02:39:50 dtucker Exp $ diff --git a/auth-rsa.c b/auth-rsa.c index 2060f8394..4378008d3 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.61 2004/12/06 11:41:03 dtucker Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.62 2004/12/11 01:48:56 dtucker Exp $"); #include #include @@ -33,6 +33,7 @@ RCSID("$OpenBSD: auth-rsa.c,v 1.61 2004/12/06 11:41:03 dtucker Exp $"); #include "hostfile.h" #include "monitor_wrap.h" #include "ssh.h" +#include "misc.h" /* import */ extern ServerOptions options; diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 41e23bebd..a97d0f430 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-pubkey.c,v 1.8 2004/12/06 11:41:03 dtucker Exp $"); +RCSID("$OpenBSD: auth2-pubkey.c,v 1.9 2004/12/11 01:48:56 dtucker Exp $"); #include "ssh.h" #include "ssh2.h" @@ -41,6 +41,7 @@ RCSID("$OpenBSD: auth2-pubkey.c,v 1.8 2004/12/06 11:41:03 dtucker Exp $"); #include "auth-options.h" #include "canohost.h" #include "monitor_wrap.h" +#include "misc.h" /* import */ extern ServerOptions options; diff --git a/authfile.c b/authfile.c index 4038ab692..6a04cd7a9 100644 --- a/authfile.c +++ b/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.59 2004/12/06 11:41:03 dtucker Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); #include #include @@ -51,6 +51,7 @@ RCSID("$OpenBSD: authfile.c,v 1.59 2004/12/06 11:41:03 dtucker Exp $"); #include "log.h" #include "authfile.h" #include "rsa.h" +#include "misc.h" /* Version identification string for SSH v1 identity files. */ static const char authfile_id_string[] = @@ -603,7 +604,7 @@ key_try_load_public(Key *k, const char *filename, char **commentp) FILE *f; char line[SSH_MAX_PUBKEY_BYTES]; char *cp; - int linenum = 0; + u_long linenum = 0; f = fopen(filename, "r"); if (f != NULL) { diff --git a/misc.c b/misc.c index d0cc53823..a90125505 100644 --- a/misc.c +++ b/misc.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.26 2004/12/06 11:41:03 dtucker Exp $"); +RCSID("$OpenBSD: misc.c,v 1.27 2004/12/11 01:48:56 dtucker Exp $"); #include "misc.h" #include "log.h" @@ -339,15 +339,15 @@ addargs(arglist *args, char *fmt, ...) */ int read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, - int *lineno) + u_long *lineno) { while (fgets(buf, bufsz, f) != NULL) { (*lineno)++; if (buf[strlen(buf) - 1] == '\n' || feof(f)) { return 0; } else { - debug("%s: %s line %d exceeds size limit", __func__, - filename, lineno); + debug("%s: %s line %lu exceeds size limit", __func__, + filename, *lineno); /* discard remainder of line */ while(fgetc(f) != '\n' && !feof(f)) ; /* nothing */ diff --git a/misc.h b/misc.h index 4aab2ca01..193216fa9 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.19 2004/12/06 11:41:03 dtucker Exp $ */ +/* $OpenBSD: misc.h,v 1.20 2004/12/11 01:48:56 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -47,4 +47,4 @@ char *tilde_expand_filename(const char *, uid_t); char *read_passphrase(const char *, int); int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); -int read_keyfile_line(FILE *, const char *, char *, size_t, int *); +int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); -- cgit v1.2.3