From b8d9214d969775e409e1408ecdf0d58fad99b344 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Mon, 9 Jul 2018 21:37:55 +0000 Subject: upstream: sshd: switch GSSAPI to sshbuf API; ok djm@ OpenBSD-Commit-ID: e48449ab4be3f006f7ba33c66241b7d652973e30 --- gss-genr.c | 46 +++++++++++++++++++++++++++------------------- 1 file changed, 27 insertions(+), 19 deletions(-) (limited to 'gss-genr.c') diff --git a/gss-genr.c b/gss-genr.c index 62559ed9e..f794e05b7 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.24 2016/09/12 01:22:38 deraadt Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.25 2018/07/09 21:37:55 markus Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. @@ -37,7 +37,8 @@ #include #include "xmalloc.h" -#include "buffer.h" +#include "ssherr.h" +#include "sshbuf.h" #include "log.h" #include "ssh2.h" @@ -94,10 +95,12 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status, OM_uint32 lmin; gss_buffer_desc msg = GSS_C_EMPTY_BUFFER; OM_uint32 ctx; - Buffer b; + struct sshbuf *b; char *ret; + int r; - buffer_init(&b); + if ((b = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); if (major_status != NULL) *major_status = ctxt->major; @@ -110,8 +113,9 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status, gss_display_status(&lmin, ctxt->major, GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg); - buffer_append(&b, msg.value, msg.length); - buffer_put_char(&b, '\n'); + if ((r = sshbuf_put(b, msg.value, msg.length)) != 0 || + (r = sshbuf_put_u8(b, '\n')) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); gss_release_buffer(&lmin, &msg); } while (ctx != 0); @@ -121,16 +125,17 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status, gss_display_status(&lmin, ctxt->minor, GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg); - buffer_append(&b, msg.value, msg.length); - buffer_put_char(&b, '\n'); + if ((r = sshbuf_put(b, msg.value, msg.length)) != 0 || + (r = sshbuf_put_u8(b, '\n')) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); gss_release_buffer(&lmin, &msg); } while (ctx != 0); - buffer_put_char(&b, '\0'); - ret = xmalloc(buffer_len(&b)); - buffer_get(&b, ret, buffer_len(&b)); - buffer_free(&b); + if ((r = sshbuf_put_u8(b, '\n')) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + ret = xstrdup((const char *)sshbuf_ptr(b)); + sshbuf_free(b); return (ret); } @@ -238,15 +243,18 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) } void -ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, +ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context) { - buffer_init(b); - buffer_put_string(b, session_id2, session_id2_len); - buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST); - buffer_put_cstring(b, user); - buffer_put_cstring(b, service); - buffer_put_cstring(b, context); + int r; + + sshbuf_reset(b); + if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || + (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || + (r = sshbuf_put_cstring(b, user)) != 0 || + (r = sshbuf_put_cstring(b, service)) != 0 || + (r = sshbuf_put_cstring(b, context)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } int -- cgit v1.2.3 From 0f3958c1e6ffb8ea4ba27e2a97a00326fce23246 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 10 Jul 2018 09:13:30 +0000 Subject: upstream: kerberos/gssapi fixes for buffer removal OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c --- auth2-gss.c | 17 ++++++++++++----- gss-genr.c | 17 ++++++++++++++++- monitor.c | 15 +++++++++------ monitor_wrap.c | 4 ++-- ssh-gss.h | 5 ++++- 5 files changed, 43 insertions(+), 15 deletions(-) (limited to 'gss-genr.c') diff --git a/auth2-gss.c b/auth2-gss.c index a6f2a7125..47308c5ce 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.27 2018/07/09 21:37:55 markus Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.28 2018/07/10 09:13:30 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -204,15 +204,18 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) gss_buffer_desc recv_tok; OM_uint32 maj_status; int r; + u_char *p; + size_t len; if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) fatal("No authentication or GSSAPI context"); gssctxt = authctxt->methoddata; - if ((r = sshpkt_get_string(ssh, - &recv_tok.value, &recv_tok.length)) != 0 || + if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 || (r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); + recv_tok.value = p; + recv_tok.length = len; /* Push the error token into GSSAPI to see what it says */ maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, @@ -240,7 +243,7 @@ static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; - int authenticated; + int r, authenticated; const char *displayname; if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) @@ -278,16 +281,20 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) struct sshbuf *b; gss_buffer_desc mic, gssbuf; const char *displayname; + u_char *p; + size_t len; if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) fatal("No authentication or GSSAPI context"); gssctxt = authctxt->methoddata; - if ((r = sshpkt_get_string(ssh, &mic.value, &mic.length)) != 0) + if ((r = sshpkt_get_string(ssh, &p, &len)) != 0) fatal("%s: %s", __func__, ssh_err(r)); if ((b = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); + mic.value = p; + mic.length = len; ssh_gssapi_buildmic(b, authctxt->user, authctxt->service, "gssapi-with-mic"); diff --git a/gss-genr.c b/gss-genr.c index f794e05b7..d56257b4a 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.25 2018/07/09 21:37:55 markus Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.26 2018/07/10 09:13:30 djm Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. @@ -47,6 +47,21 @@ extern u_char *session_id2; extern u_int session_id2_len; +/* sshbuf_get for gss_buffer_desc */ +int +ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) +{ + int r; + u_char *p; + size_t len; + + if ((r = sshbuf_get_string(b, &p, &len)) != 0) + return r; + g->value = p; + g->length = len; + return 0; +} + /* Check that the OID in a data stream matches that in the context */ int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) diff --git a/monitor.c b/monitor.c index bf83f3b56..de650da2f 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.183 2018/07/09 21:53:45 markus Exp $ */ +/* $OpenBSD: monitor.c,v 1.184 2018/07/10 09:13:30 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1795,13 +1795,15 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m) gss_OID_desc goid; OM_uint32 major; size_t len; + u_char *p; int r; if (!options.gss_authentication) fatal("%s: GSSAPI authentication not enabled", __func__); - if ((r = sshbuf_get_string(m, &goid.elements, &len)) != 0) + if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); + goid.elements = p; goid.length = len; major = ssh_gssapi_server_ctx(&gsscontext, &goid); @@ -1832,7 +1834,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) if (!options.gss_authentication) fatal("%s: GSSAPI authentication not enabled", __func__); - if ((r = sshbuf_get_string(m, &in.value, &in.length)) != 0) + if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); free(in.value); @@ -1859,12 +1861,13 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m) { gss_buffer_desc gssbuf, mic; OM_uint32 ret; + int r; if (!options.gss_authentication) fatal("%s: GSSAPI authentication not enabled", __func__); - if ((r = sshbuf_get_string(m, &gssbuf.value, &gssbuf.length)) != 0 || - (r = sshbuf_get_string(m, &mic.value, &mic.length)) != 0) + if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || + (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); @@ -1887,7 +1890,7 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m) int mm_answer_gss_userok(int sock, struct sshbuf *m) { - int authenticated; + int r, authenticated; const char *displayname; if (!options.gss_authentication) diff --git a/monitor_wrap.c b/monitor_wrap.c index cf38b230b..682e39dec 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.103 2018/07/09 21:53:45 markus Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.104 2018/07/10 09:13:30 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -989,7 +989,7 @@ mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in, mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m); if ((r = sshbuf_get_u32(m, &major)) != 0 || - (r = sshbuf_get_string(m, &out->value, &out->length)) != 0) + (r = ssh_gssapi_get_buffer_desc(m, out)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (flagsp != NULL) { if ((r = sshbuf_get_u32(m, &flags)) != 0) diff --git a/ssh-gss.h b/ssh-gss.h index e0905b31f..36180d07a 100644 --- a/ssh-gss.h +++ b/ssh-gss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-gss.h,v 1.13 2018/07/10 06:43:52 djm Exp $ */ +/* $OpenBSD: ssh-gss.h,v 1.14 2018/07/10 09:13:30 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. * @@ -107,6 +107,9 @@ ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *); void ssh_gssapi_prepare_supported_oids(void); OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); +struct sshbuf; +int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); + OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); -- cgit v1.2.3