From a7c762e5b2c1093542c0bc1df25ccec0b4cf479f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Dec 2014 20:47:36 +0000 Subject: upstream commit key_in_file() wrapper is no longer used --- key.c | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) (limited to 'key.c') diff --git a/key.c b/key.c index 206076159..dd0f448a4 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.122 2014/07/22 01:18:50 dtucker Exp $ */ +/* $OpenBSD: key.c,v 1.123 2014/12/04 20:47:36 djm Exp $ */ /* * placed in the public domain */ @@ -463,17 +463,3 @@ key_perm_ok(int fd, const char *filename) return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0; } -int -key_in_file(Key *key, const char *filename, int strict_type) -{ - int r; - - if ((r = sshkey_in_file(key, filename, strict_type)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - if (r == SSH_ERR_SYSTEM_ERROR && errno == ENOENT) - return 0; - error("%s: %s", __func__, ssh_err(r)); - return r == SSH_ERR_KEY_NOT_FOUND ? 0 : -1; - } - return 1; -} -- cgit v1.2.3 From 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 21 Dec 2014 22:27:55 +0000 Subject: upstream commit Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@ --- auth-rsa.c | 5 ++- auth.c | 5 ++- auth2-hostbased.c | 7 ++-- auth2-pubkey.c | 16 ++++---- digest-libc.c | 22 ++++++++++- digest-openssl.c | 22 ++++++++++- digest.h | 8 +++- dns.c | 11 +++--- key.c | 7 ++-- key.h | 4 +- krl.c | 8 ++-- readconf.c | 24 +++++++++++- readconf.h | 4 +- servconf.c | 24 +++++++++++- servconf.h | 4 +- ssh-add.1 | 13 ++++++- ssh-add.c | 54 +++++++++++++++++++------- ssh-agent.1 | 13 ++++++- ssh-agent.c | 15 ++++++-- ssh-keygen.1 | 13 ++++++- ssh-keygen.c | 58 +++++++++++++++++----------- ssh-keysign.c | 5 ++- ssh.1 | 6 +-- sshconnect.c | 27 +++++++------ sshconnect2.c | 6 +-- sshd_config.5 | 13 ++++++- sshkey.c | 113 ++++++++++++++++++++++++++++++++++++------------------ sshkey.h | 16 ++++---- 28 files changed, 374 insertions(+), 149 deletions(-) (limited to 'key.c') diff --git a/auth-rsa.c b/auth-rsa.c index e9f4ede26..ff7a13221 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.88 2014/07/15 15:54:14 millert Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.89 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -236,7 +236,8 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); - fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT); debug("matching key found: file %s, line %lu %s %s", file, linenum, key_type(key), fp); free(fp); diff --git a/auth.c b/auth.c index 348ddc398..b259c6ef1 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.107 2014/12/04 02:24:32 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.108 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -679,7 +679,8 @@ auth_key_is_revoked(Key *key) if (options.revoked_keys_file == NULL) return 0; - if ((fp = sshkey_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX)) == NULL) { + if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) { r = SSH_ERR_ALLOC_FAIL; error("%s: fingerprint key: %s", __func__, ssh_err(r)); goto out; diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 6787e4ca4..b7ae35356 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.18 2014/07/15 15:54:14 millert Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.19 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -208,13 +208,14 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, if (host_status == HOST_OK) { if (key_is_cert(key)) { fp = key_fingerprint(key->cert->signature_key, - SSH_FP_MD5, SSH_FP_HEX); + options.fingerprint_hash, SSH_FP_DEFAULT); verbose("Accepted certificate ID \"%s\" signed by " "%s CA %s from %s@%s", key->cert->key_id, key_type(key->cert->signature_key), fp, cuser, lookup); } else { - fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT); verbose("Accepted %s public key %s from %s@%s", key_type(key), fp, cuser, lookup); } diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 0a3c1deee..04b70e362 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.42 2014/12/04 02:24:32 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.43 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -213,7 +213,7 @@ pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...) if (key_is_cert(key)) { fp = key_fingerprint(key->cert->signature_key, - SSH_FP_MD5, SSH_FP_HEX); + options.fingerprint_hash, SSH_FP_DEFAULT); auth_info(authctxt, "%s ID %s (serial %llu) CA %s %s%s%s", key_type(key), key->cert->key_id, (unsigned long long)key->cert->serial, @@ -221,7 +221,8 @@ pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...) extra == NULL ? "" : ", ", extra == NULL ? "" : extra); free(fp); } else { - fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT); auth_info(authctxt, "%s %s%s%s", key_type(key), fp, extra == NULL ? "" : ", ", extra == NULL ? "" : extra); free(fp); @@ -365,8 +366,8 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) continue; if (!key_is_cert_authority) continue; - fp = key_fingerprint(found, SSH_FP_MD5, - SSH_FP_HEX); + fp = key_fingerprint(found, options.fingerprint_hash, + SSH_FP_DEFAULT); debug("matching CA found: file %s, line %lu, %s %s", file, linenum, key_type(found), fp); /* @@ -406,7 +407,8 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) if (key_is_cert_authority) continue; found_key = 1; - fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(found, options.fingerprint_hash, + SSH_FP_DEFAULT); debug("matching key found: file %s, line %lu %s %s", file, linenum, key_type(found), fp); free(fp); @@ -432,7 +434,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) return 0; ca_fp = key_fingerprint(key->cert->signature_key, - SSH_FP_MD5, SSH_FP_HEX); + options.fingerprint_hash, SSH_FP_DEFAULT); if (sshkey_in_file(key->cert->signature_key, options.trusted_user_ca_keys, 1, 0) != 0) { diff --git a/digest-libc.c b/digest-libc.c index 1b4423a05..169ded075 100644 --- a/digest-libc.c +++ b/digest-libc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-libc.c,v 1.3 2014/06/24 01:13:21 djm Exp $ */ +/* $OpenBSD: digest-libc.c,v 1.4 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2013 Damien Miller * Copyright (c) 2014 Markus Friedl. All rights reserved. @@ -126,6 +126,26 @@ ssh_digest_by_alg(int alg) return &(digests[alg]); } +int +ssh_digest_alg_by_name(const char *name) +{ + int alg; + + for (alg = 0; alg < SSH_DIGEST_MAX; alg++) { + if (strcasecmp(name, digests[alg].name) == 0) + return digests[alg].id; + } + return -1; +} + +const char * +ssh_digest_alg_name(int alg) +{ + const struct ssh_digest *digest = ssh_digest_by_alg(alg); + + return digest == NULL ? NULL : digest->name; +} + size_t ssh_digest_bytes(int alg) { diff --git a/digest-openssl.c b/digest-openssl.c index 02b170341..bb58ff226 100644 --- a/digest-openssl.c +++ b/digest-openssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-openssl.c,v 1.4 2014/07/03 03:26:43 djm Exp $ */ +/* $OpenBSD: digest-openssl.c,v 1.5 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2013 Damien Miller * @@ -74,6 +74,26 @@ ssh_digest_by_alg(int alg) return &(digests[alg]); } +int +ssh_digest_alg_by_name(const char *name) +{ + int alg; + + for (alg = 0; digests[alg].id != -1; alg++) { + if (strcasecmp(name, digests[alg].name) == 0) + return digests[alg].id; + } + return -1; +} + +const char * +ssh_digest_alg_name(int alg) +{ + const struct ssh_digest *digest = ssh_digest_by_alg(alg); + + return digest == NULL ? NULL : digest->name; +} + size_t ssh_digest_bytes(int alg) { diff --git a/digest.h b/digest.h index 6afb197f0..3fe073468 100644 --- a/digest.h +++ b/digest.h @@ -1,4 +1,4 @@ -/* $OpenBSD: digest.h,v 1.6 2014/07/03 04:36:45 djm Exp $ */ +/* $OpenBSD: digest.h,v 1.7 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2013 Damien Miller * @@ -33,6 +33,12 @@ struct sshbuf; struct ssh_digest_ctx; +/* Looks up a digest algorithm by name */ +int ssh_digest_alg_by_name(const char *name); + +/* Returns the algorithm name for a digest identifier */ +const char *ssh_digest_alg_name(int alg); + /* Returns the algorithm's digest length in bytes or 0 for invalid algorithm */ size_t ssh_digest_bytes(int alg); diff --git a/dns.c b/dns.c index c4d073cf5..4b8ae44cf 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.31 2014/06/24 01:13:21 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.32 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -41,6 +41,7 @@ #include "key.h" #include "dns.h" #include "log.h" +#include "digest.h" static const char *errset_text[] = { "success", /* 0 ERRSET_SUCCESS */ @@ -80,7 +81,7 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, u_char **digest, u_int *digest_len, Key *key) { int success = 0; - enum fp_type fp_type = 0; + int fp_alg = -1; switch (key->type) { case KEY_RSA: @@ -110,17 +111,17 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, switch (*digest_type) { case SSHFP_HASH_SHA1: - fp_type = SSH_FP_SHA1; + fp_alg = SSH_DIGEST_SHA1; break; case SSHFP_HASH_SHA256: - fp_type = SSH_FP_SHA256; + fp_alg = SSH_DIGEST_SHA256; break; default: *digest_type = SSHFP_HASH_RESERVED; /* 0 */ } if (*algorithm && *digest_type) { - *digest = key_fingerprint_raw(key, fp_type, digest_len); + *digest = key_fingerprint_raw(key, fp_alg, digest_len); if (*digest == NULL) fatal("dns_read_key: null from key_fingerprint_raw()"); success = 1; diff --git a/key.c b/key.c index dd0f448a4..b821d9e1d 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.123 2014/12/04 20:47:36 djm Exp $ */ +/* $OpenBSD: key.c,v 1.124 2014/12/21 22:27:56 djm Exp $ */ /* * placed in the public domain */ @@ -40,8 +40,7 @@ key_new_private(int type) } u_char* -key_fingerprint_raw(const Key *k, enum fp_type dgst_type, - u_int *dgst_raw_length) +key_fingerprint_raw(const Key *k, int dgst_alg, u_int *dgst_raw_length) { u_char *ret = NULL; size_t dlen; @@ -49,7 +48,7 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type, if (dgst_raw_length != NULL) *dgst_raw_length = 0; - if ((r = sshkey_fingerprint_raw(k, dgst_type, &ret, &dlen)) != 0) + if ((r = sshkey_fingerprint_raw(k, dgst_alg, &ret, &dlen)) != 0) fatal("%s: %s", __func__, ssh_err(r)); if (dlen > INT_MAX) fatal("%s: giant len %zu", __func__, dlen); diff --git a/key.h b/key.h index 212a169fa..de7865733 100644 --- a/key.h +++ b/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.43 2014/12/04 20:47:36 djm Exp $ */ +/* $OpenBSD: key.h,v 1.44 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -67,7 +67,7 @@ void key_add_private(Key *); Key *key_new_private(int); void key_free(Key *); Key *key_demote(const Key *); -u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *); +u_char *key_fingerprint_raw(const Key *, int, u_int *); int key_write(const Key *, FILE *); int key_read(Key *, char **); diff --git a/krl.c b/krl.c index 5a5cdde02..3439e9c29 100644 --- a/krl.c +++ b/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.20 2014/12/04 01:49:59 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.21 2014/12/21 22:27:56 djm Exp $ */ #include "includes.h" @@ -36,6 +36,7 @@ #include "misc.h" #include "log.h" #include "ssherr.h" +#include "digest.h" #include "krl.h" @@ -411,7 +412,8 @@ ssh_krl_revoke_key_sha1(struct ssh_krl *krl, const struct sshkey *key) int r; debug3("%s: revoke type %s by sha1", __func__, sshkey_type(key)); - if ((r = sshkey_fingerprint_raw(key, SSH_FP_SHA1, &blob, &len)) != 0) + if ((r = sshkey_fingerprint_raw(key, SSH_DIGEST_SHA1, + &blob, &len)) != 0) return r; return revoke_blob(&krl->revoked_sha1s, blob, len); } @@ -1151,7 +1153,7 @@ is_key_revoked(struct ssh_krl *krl, const struct sshkey *key) /* Check explicitly revoked hashes first */ memset(&rb, 0, sizeof(rb)); - if ((r = sshkey_fingerprint_raw(key, SSH_FP_SHA1, + if ((r = sshkey_fingerprint_raw(key, SSH_DIGEST_SHA1, &rb.blob, &rb.len)) != 0) return r; erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb); diff --git a/readconf.c b/readconf.c index e0386935f..399b73e98 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.223 2014/12/04 02:24:32 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.224 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -60,6 +60,7 @@ #include "mac.h" #include "uidswap.h" #include "myproposal.h" +#include "digest.h" /* Format of the configuration file: @@ -155,6 +156,7 @@ typedef enum { oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, + oFingerprintHash, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; @@ -270,6 +272,7 @@ static struct { { "streamlocalbindmask", oStreamLocalBindMask }, { "streamlocalbindunlink", oStreamLocalBindUnlink }, { "revokedhostkeys", oRevokedHostKeys }, + { "fingerprinthash", oFingerprintHash }, { "ignoreunknown", oIgnoreUnknown }, { NULL, oBadOption } @@ -1460,6 +1463,18 @@ parse_int: charptr = &options->revoked_host_keys; goto parse_string; + case oFingerprintHash: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", + filename, linenum); + if ((value = ssh_digest_alg_by_name(arg)) == -1) + fatal("%.200s line %d: Invalid hash algorithm \"%s\".", + filename, linenum, arg); + if (*activep) + options->fingerprint_hash = value; + break; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -1637,6 +1652,7 @@ initialize_options(Options * options) options->canonicalize_fallback_local = -1; options->canonicalize_hostname = -1; options->revoked_host_keys = NULL; + options->fingerprint_hash = -1; } /* @@ -1814,6 +1830,9 @@ fill_default_options(Options * options) options->canonicalize_fallback_local = 1; if (options->canonicalize_hostname == -1) options->canonicalize_hostname = SSH_CANONICALISE_NO; + if (options->fingerprint_hash == -1) + options->fingerprint_hash = SSH_FP_HASH_DEFAULT; + #define CLEAR_ON_NONE(v) \ do { \ if (option_clear_or_none(v)) { \ @@ -2071,6 +2090,8 @@ fmt_intarg(OpCodes code, int val) return fmt_multistate_int(val, multistate_requesttty); case oCanonicalizeHostname: return fmt_multistate_int(val, multistate_canonicalizehostname); + case oFingerprintHash: + return ssh_digest_alg_name(val); case oProtocol: switch (val) { case SSH_PROTO_1: @@ -2205,6 +2226,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oControlMaster, o->control_master); dump_cfg_fmtint(oEnableSSHKeysign, o->enable_ssh_keysign); dump_cfg_fmtint(oExitOnForwardFailure, o->exit_on_forward_failure); + dump_cfg_fmtint(oFingerprintHash, o->fingerprint_hash); dump_cfg_fmtint(oForwardAgent, o->forward_agent); dump_cfg_fmtint(oForwardX11, o->forward_x11); dump_cfg_fmtint(oForwardX11Trusted, o->forward_x11_trusted); diff --git a/readconf.h b/readconf.h index 49858bff3..11a7332c2 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.104 2014/12/04 02:24:32 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.105 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen @@ -146,6 +146,8 @@ typedef struct { char *revoked_host_keys; + int fingerprint_hash; + char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ } Options; diff --git a/servconf.c b/servconf.c index 99396fb1d..abc3c72fb 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.255 2014/11/24 03:39:22 jsg Exp $ */ +/* $OpenBSD: servconf.c,v 1.256 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -55,6 +55,7 @@ #include "hostfile.h" #include "auth.h" #include "myproposal.h" +#include "digest.h" static void add_listen_addr(ServerOptions *, char *, int); static void add_one_listen_addr(ServerOptions *, char *, int); @@ -158,6 +159,7 @@ initialize_server_options(ServerOptions *options) options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->version_addendum = NULL; + options->fingerprint_hash = -1; } void @@ -313,6 +315,8 @@ fill_default_server_options(ServerOptions *options) options->fwd_opts.streamlocal_bind_mask = 0177; if (options->fwd_opts.streamlocal_bind_unlink == -1) options->fwd_opts.streamlocal_bind_unlink = 0; + if (options->fingerprint_hash == -1) + options->fingerprint_hash = SSH_FP_HASH_DEFAULT; /* Turn privilege separation on by default */ if (use_privsep == -1) use_privsep = PRIVSEP_NOSANDBOX; @@ -362,7 +366,7 @@ typedef enum { sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, sStreamLocalBindMask, sStreamLocalBindUnlink, - sAllowStreamLocalForwarding, + sAllowStreamLocalForwarding, sFingerprintHash, sDeprecated, sUnsupported } ServerOpCodes; @@ -493,6 +497,7 @@ static struct { { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, + { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, { NULL, sBadOption, 0 } }; @@ -1670,6 +1675,18 @@ process_server_config_line(ServerOptions *options, char *line, intptr = &options->fwd_opts.streamlocal_bind_unlink; goto parse_flag; + case sFingerprintHash: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", + filename, linenum); + if ((value = ssh_digest_alg_by_name(arg)) == -1) + fatal("%.200s line %d: Invalid hash algorithm \"%s\".", + filename, linenum, arg); + if (*activep) + options->fingerprint_hash = value; + break; + case sDeprecated: logit("%s line %d: Deprecated option %s", filename, linenum, arg); @@ -1912,6 +1929,8 @@ fmt_intarg(ServerOpCodes code, int val) return fmt_multistate_int(val, multistate_tcpfwd); case sAllowStreamLocalForwarding: return fmt_multistate_int(val, multistate_tcpfwd); + case sFingerprintHash: + return ssh_digest_alg_name(val); case sProtocol: switch (val) { case SSH_PROTO_1: @@ -2073,6 +2092,7 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); + dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); /* string arguments */ dump_cfg_string(sPidFile, o->pid_file); diff --git a/servconf.h b/servconf.h index 766db3a3d..49b228bdf 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.114 2014/07/15 15:54:14 millert Exp $ */ +/* $OpenBSD: servconf.h,v 1.115 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen @@ -185,6 +185,8 @@ typedef struct { u_int num_auth_methods; char *auth_methods[MAX_AUTH_METHODS]; + + int fingerprint_hash; } ServerOptions; /* Information about the incoming connection as used by Match */ diff --git a/ssh-add.1 b/ssh-add.1 index 9da7a2835..926456f0b 100644 --- a/ssh-add.1 +++ b/ssh-add.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.60 2014/08/30 15:33:50 sobrado Exp $ +.\" $OpenBSD: ssh-add.1,v 1.61 2014/12/21 22:27:56 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 30 2014 $ +.Dd $Mdocdate: December 21 2014 $ .Dt SSH-ADD 1 .Os .Sh NAME @@ -44,6 +44,7 @@ .Sh SYNOPSIS .Nm ssh-add .Op Fl cDdkLlXx +.Op Fl E Ar fingerprint_hash .Op Fl t Ar life .Op Ar .Nm ssh-add @@ -108,6 +109,14 @@ If no public key is found at a given path, will append .Pa .pub and retry. +.It Fl E Ar fingerprint_hash +Specifies the hash algorithm used when displaying key fingerprints. +Valid options are: +.Dq md5 +and +.Dq sha256 . +The default is +.Dq sha256 . .It Fl e Ar pkcs11 Remove keys provided by the PKCS#11 shared library .Ar pkcs11 . diff --git a/ssh-add.c b/ssh-add.c index ba11aa150..3680ab07a 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.114 2014/11/26 18:34:51 millert Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.115 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -63,6 +63,7 @@ #include "pathnames.h" #include "misc.h" #include "ssherr.h" +#include "digest.h" /* argv0 */ extern char *__progname; @@ -79,6 +80,8 @@ static char *default_files[] = { NULL }; +static int fingerprint_hash = SSH_FP_HASH_DEFAULT; + /* Default lifetime (0 == forever) */ static int lifetime = 0; @@ -340,8 +343,8 @@ list_identities(AuthenticationConnection *ac, int do_fp) key = ssh_get_next_identity(ac, &comment, version)) { had_identities = 1; if (do_fp) { - fp = key_fingerprint(key, SSH_FP_MD5, - SSH_FP_HEX); + fp = key_fingerprint(key, fingerprint_hash, + SSH_FP_DEFAULT); printf("%d %s %s (%s)\n", key_size(key), fp, comment, key_type(key)); free(fp); @@ -408,6 +411,7 @@ usage(void) fprintf(stderr, "usage: %s [options] [file ...]\n", __progname); fprintf(stderr, "Options:\n"); fprintf(stderr, " -l List fingerprints of all identities.\n"); + fprintf(stderr, " -E hash Specify hash algorithm used for fingerprints.\n"); fprintf(stderr, " -L List public key parameters of all identities.\n"); fprintf(stderr, " -k Load only keys and not certificates.\n"); fprintf(stderr, " -c Require confirmation to sign using identities\n"); @@ -428,6 +432,7 @@ main(int argc, char **argv) AuthenticationConnection *ac = NULL; char *pkcs11provider = NULL; int i, ch, deleting = 0, ret = 0, key_only = 0; + int xflag = 0, lflag = 0, Dflag = 0; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -446,21 +451,28 @@ main(int argc, char **argv) "Could not open a connection to your authentication agent.\n"); exit(2); } - while ((ch = getopt(argc, argv, "klLcdDxXe:s:t:")) != -1) { + while ((ch = getopt(argc, argv, "klLcdDxXE:e:s:t:")) != -1) { switch (ch) { + case 'E': + fingerprint_hash = ssh_digest_alg_by_name(optarg); + if (fingerprint_hash == -1) + fatal("Invalid hash algorithm \"%s\"", optarg); + break; case 'k': key_only = 1; break; case 'l': case 'L': - if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) - ret = 1; - goto done; + if (lflag != 0) + fatal("-%c flag already specified", lflag); + lflag = ch; + break; case 'x': case 'X': - if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1) - ret = 1; - goto done; + if (xflag != 0) + fatal("-%c flag already specified", xflag); + xflag = ch; + break; case 'c': confirm = 1; break; @@ -468,9 +480,8 @@ main(int argc, char **argv) deleting = 1; break; case 'D': - if (delete_all(ac) == -1) - ret = 1; - goto done; + Dflag = 1; + break; case 's': pkcs11provider = optarg; break; @@ -491,6 +502,23 @@ main(int argc, char **argv) goto done; } } + + if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1) + fatal("Invalid combination of actions"); + else if (xflag) { + if (lock_agent(ac, xflag == 'x' ? 1 : 0) == -1) + ret = 1; + goto done; + } else if (lflag) { + if (list_identities(ac, lflag == 'l' ? 1 : 0) == -1) + ret = 1; + goto done; + } else if (Dflag) { + if (delete_all(ac) == -1) + ret = 1; + goto done; + } + argc -= optind; argv += optind; if (pkcs11provider != NULL) { diff --git a/ssh-agent.1 b/ssh-agent.1 index b55065327..6759afec3 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.56 2014/08/30 15:33:50 sobrado Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.57 2014/12/21 22:27:56 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 30 2014 $ +.Dd $Mdocdate: December 21 2014 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -45,6 +45,7 @@ .Op Fl c | s .Op Fl d .Op Fl a Ar bind_address +.Op Fl E Ar fingerprint_hash .Op Fl t Ar life .Op Ar command Op Ar arg ... .Nm ssh-agent @@ -96,6 +97,14 @@ Debug mode. When this option is specified .Nm will not fork. +.It Fl E Ar fingerprint_hash +Specifies the hash algorithm used when displaying key fingerprints. +Valid options are: +.Dq md5 +and +.Dq sha256 . +The default is +.Dq sha256 . .It Fl k Kill the current agent (given by the .Ev SSH_AGENT_PID diff --git a/ssh-agent.c b/ssh-agent.c index 9c11d48d1..c2dc1fa0c 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.191 2014/11/18 20:54:28 krw Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.192 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -142,6 +142,8 @@ extern char *__progname; /* Default lifetime in seconds (0 == forever) */ static long lifetime = 0; +static int fingerprint_hash = SSH_FP_HASH_DEFAULT; + static void close_socket(SocketEntry *e) { @@ -203,7 +205,7 @@ confirm_key(Identity *id) char *p; int ret = -1; - p = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); + p = key_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT); if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", id->comment, p)) ret = 0; @@ -1026,7 +1028,7 @@ usage(void) { fprintf(stderr, "usage: ssh-agent [-c | -s] [-d] [-a bind_address] [-t life]\n" - " [command [arg ...]]\n" + " [-E fingerprint_hash] [command [arg ...]]\n" " ssh-agent [-c | -s] -k\n"); exit(1); } @@ -1069,8 +1071,13 @@ main(int ac, char **av) __progname = ssh_get_progname(av[0]); seed_rng(); - while ((ch = getopt(ac, av, "cdksa:t:")) != -1) { + while ((ch = getopt(ac, av, "cdksE:a:t:")) != -1) { switch (ch) { + case 'E': + fingerprint_hash = ssh_digest_alg_by_name(optarg); + if (fingerprint_hash == -1) + fatal("Invalid hash algorithm \"%s\"", optarg); + break; case 'c': if (s_flag) usage(); diff --git a/ssh-keygen.1 b/ssh-keygen.1 index bf5f87bd3..b73c4606e 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.123 2014/08/30 15:33:50 sobrado Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.124 2014/12/21 22:27:56 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 30 2014 $ +.Dd $Mdocdate: December 21 2014 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -73,6 +73,7 @@ .Op Fl f Ar keyfile .Nm ssh-keygen .Fl l +.Op Fl E Ar fingerprint_hash .Op Fl f Ar input_keyfile .Nm ssh-keygen .Fl B @@ -269,6 +270,14 @@ When used in combination with this option indicates that a CA key resides in a PKCS#11 token (see the .Sx CERTIFICATES section for details). +.It Fl E Ar fingerprint_hash +Specifies the hash algorithm used when displaying key fingerprints. +Valid options are: +.Dq md5 +and +.Dq sha256 . +The default is +.Dq sha256 . .It Fl e This option will read a private or public OpenSSH key file and print to stdout the key in one of the formats specified by the diff --git a/ssh-keygen.c b/ssh-keygen.c index e149eda3e..8daea7f76 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.250 2014/08/21 01:08:52 doug Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.251 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -53,6 +53,7 @@ #include "ssh-pkcs11.h" #include "atomicio.h" #include "krl.h" +#include "digest.h" /* Number of bits in the RSA/DSA key. This value can be set on the command line. */ #define DEFAULT_BITS 2048 @@ -90,6 +91,9 @@ int show_cert = 0; int print_fingerprint = 0; int print_bubblebabble = 0; +/* Hash algorithm to use for fingerprints. */ +int fingerprint_hash = SSH_FP_HASH_DEFAULT; + /* The identity file name, given on the command line or entered by the user. */ char identity_file[1024]; int have_identity = 0; @@ -749,11 +753,11 @@ do_download(struct passwd *pw) Key **keys = NULL; int i, nkeys; enum fp_rep rep; - enum fp_type fptype; + int fptype; char *fp, *ra; - fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; - rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; + fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; + rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; pkcs11_init(0); nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys); @@ -762,7 +766,7 @@ do_download(struct passwd *pw) for (i = 0; i < nkeys; i++) { if (print_fingerprint) { fp = key_fingerprint(keys[i], fptype, rep); - ra = key_fingerprint(keys[i], SSH_FP_MD5, + ra = key_fingerprint(keys[i], fingerprint_hash, SSH_FP_RANDOMART); printf("%u %s %s (PKCS11 key)\n", key_size(keys[i]), fp, key_type(keys[i])); @@ -792,12 +796,11 @@ do_fingerprint(struct passwd *pw) char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra; int i, skip = 0, num = 0, invalid = 1; enum fp_rep rep; - enum fp_type fptype; + int fptype; struct stat st; - fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; - rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; - + fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; + rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; if (!have_identity) ask_filename(pw, "Enter file in which the key is"); if (stat(identity_file, &st) < 0) { @@ -807,7 +810,8 @@ do_fingerprint(struct passwd *pw) public = key_load_public(identity_file, &comment); if (public != NULL) { fp = key_fingerprint(public, fptype, rep); - ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART); + ra = key_fingerprint(public, fingerprint_hash, + SSH_FP_RANDOMART); printf("%u %s %s (%s)\n", key_size(public), fp, comment, key_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) @@ -873,7 +877,8 @@ do_fingerprint(struct passwd *pw) } comment = *cp ? cp : comment; fp = key_fingerprint(public, fptype, rep); - ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART); + ra = key_fingerprint(public, fingerprint_hash, + SSH_FP_RANDOMART); printf("%u %s %s (%s)\n", key_size(public), fp, comment ? comment : "no comment", key_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) @@ -993,13 +998,15 @@ printhost(FILE *f, const char *name, Key *public, int ca, int revoked, int hash) { if (print_fingerprint) { enum fp_rep rep; - enum fp_type fptype; + int fptype; char *fp, *ra; - fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; - rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; + fptype = print_bubblebabble ? + SSH_DIGEST_SHA1 : fingerprint_hash; + rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; fp = key_fingerprint(public, fptype, rep); - ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART); + ra = key_fingerprint(public, fingerprint_hash, + SSH_FP_RANDOMART); printf("%u %s %s (%s)\n", key_size(public), fp, name, key_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) @@ -1908,9 +1915,9 @@ do_show_cert(struct passwd *pw) fatal("%s is not a certificate", identity_file); v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00; - key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + key_fp = key_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT); ca_fp = key_fingerprint(key->cert->signature_key, - SSH_FP_MD5, SSH_FP_HEX); + fingerprint_hash, SSH_FP_DEFAULT); printf("%s:\n", identity_file); printf(" Type: %s %s certificate\n", key_ssh_name(key), @@ -2189,7 +2196,7 @@ usage(void) " ssh-keygen -e [-m key_format] [-f input_keyfile]\n" " ssh-keygen -y [-f input_keyfile]\n" " ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]\n" - " ssh-keygen -l [-f input_keyfile]\n" + " ssh-keygen -l [-E fingerprint_hash] [-f input_keyfile]\n" " ssh-keygen -B [-f input_keyfile]\n"); #ifdef ENABLE_PKCS11 fprintf(stderr, @@ -2258,9 +2265,10 @@ main(int argc, char **argv) exit(1); } - /* Remaining characters: EUYdw */ + /* Remaining characters: UYdw */ while ((opt = getopt(argc, argv, "ABHLQXceghiklopquvxy" - "C:D:F:G:I:J:K:M:N:O:P:R:S:T:V:W:Z:a:b:f:g:j:m:n:r:s:t:z:")) != -1) { + "C:D:E:F:G:I:J:K:M:N:O:P:R:S:T:V:W:Z:" + "a:b:f:g:j:m:n:r:s:t:z:")) != -1) { switch (opt) { case 'A': gen_all_hostkeys = 1; @@ -2271,6 +2279,11 @@ main(int argc, char **argv) fatal("Bits has bad value %s (%s)", optarg, errstr); break; + case 'E': + fingerprint_hash = ssh_digest_alg_by_name(optarg); + if (fingerprint_hash == -1) + fatal("Invalid hash algorithm \"%s\"", optarg); + break; case 'F': find_host = 1; rr_hostname = optarg; @@ -2702,8 +2715,9 @@ passphrase_again: fclose(f); if (!quiet) { - char *fp = key_fingerprint(public, SSH_FP_MD5, SSH_FP_HEX); - char *ra = key_fingerprint(public, SSH_FP_MD5, + char *fp = key_fingerprint(public, fingerprint_hash, + SSH_FP_DEFAULT); + char *ra = key_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART); printf("Your public key has been saved in %s.\n", identity_file); diff --git a/ssh-keysign.c b/ssh-keysign.c index 6b73319e0..b86e18d8c 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.43 2014/10/08 22:20:25 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.44 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -246,7 +246,8 @@ main(int argc, char **argv) } } if (!found) { - fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT); fatal("no matching hostkey found for key %s %s", key_type(key), fp); } diff --git a/ssh.1 b/ssh.1 index 51201861b..d489047ce 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.351 2014/10/09 06:21:31 jmc Exp $ -.Dd $Mdocdate: October 9 2014 $ +.\" $OpenBSD: ssh.1,v 1.352 2014/12/21 22:27:56 djm Exp $ +.Dd $Mdocdate: December 21 2014 $ .Dt SSH 1 .Os .Sh NAME @@ -1091,7 +1091,7 @@ Fingerprints can be determined using If the fingerprint is already known, it can be matched and the key can be accepted or rejected. Because of the difficulty of comparing host keys -just by looking at hex strings, +just by looking at fingerprint strings, there is also support to compare host keys visually, using .Em random art . diff --git a/sshconnect.c b/sshconnect.c index 4b9681a5b..176a20a87 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.253 2014/12/11 08:20:09 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.254 2014/12/21 22:27:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -918,9 +918,10 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, "key for IP address '%.128s' to the list " "of known hosts.", type, ip); } else if (options.visual_host_key) { - fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); - ra = key_fingerprint(host_key, SSH_FP_MD5, - SSH_FP_RANDOMART); + fp = key_fingerprint(host_key, + options.fingerprint_hash, SSH_FP_DEFAULT); + ra = key_fingerprint(host_key, + options.fingerprint_hash, SSH_FP_RANDOMART); logit("Host key fingerprint is %s\n%s\n", fp, ra); free(ra); free(fp); @@ -959,9 +960,10 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, else snprintf(msg1, sizeof(msg1), "."); /* The default */ - fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); - ra = key_fingerprint(host_key, SSH_FP_MD5, - SSH_FP_RANDOMART); + fp = key_fingerprint(host_key, + options.fingerprint_hash, SSH_FP_DEFAULT); + ra = key_fingerprint(host_key, + options.fingerprint_hash, SSH_FP_RANDOMART); msg2[0] = '\0'; if (options.verify_host_key_dns) { if (matching_host_key_dns) @@ -1226,7 +1228,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) struct sshkey *plain = NULL; if ((fp = sshkey_fingerprint(host_key, - SSH_FP_MD5, SSH_FP_HEX)) == NULL) { + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) { error("%s: fingerprint host key: %s", __func__, ssh_err(r)); r = -1; goto out; @@ -1387,8 +1389,10 @@ show_other_keys(struct hostkeys *hostkeys, Key *key) continue; if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], &found)) continue; - fp = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_HEX); - ra = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_RANDOMART); + fp = key_fingerprint(found->key, + options.fingerprint_hash, SSH_FP_DEFAULT); + ra = key_fingerprint(found->key, + options.fingerprint_hash, SSH_FP_RANDOMART); logit("WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", @@ -1409,7 +1413,8 @@ warn_changed_key(Key *host_key) { char *fp; - fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(host_key, options.fingerprint_hash, + SSH_FP_DEFAULT); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @"); diff --git a/sshconnect2.c b/sshconnect2.c index 6884d6be1..ad20fae6a 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.211 2014/12/11 05:13:28 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.212 2014/12/21 22:27:56 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -582,7 +582,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) key->type, pktype); goto done; } - fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT); debug2("input_userauth_pk_ok: fp %s", fp); free(fp); @@ -991,7 +991,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) int have_sig = 1; char *fp; - fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); + fp = key_fingerprint(id->key, options.fingerprint_hash, SSH_FP_DEFAULT); debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp); free(fp); diff --git a/sshd_config.5 b/sshd_config.5 index ef36d3338..69d3be2b8 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.182 2014/12/12 00:02:17 djm Exp $ -.Dd $Mdocdate: December 12 2014 $ +.\" $OpenBSD: sshd_config.5,v 1.183 2014/12/21 22:27:55 djm Exp $ +.Dd $Mdocdate: December 21 2014 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -485,6 +485,15 @@ and finally See PATTERNS in .Xr ssh_config 5 for more information on patterns. +.It Cm FingerprintHash +Specifies the hash algorithm used when logging key fingerprints. +Valid options are: +.Dq md5 +and +.Dq sha256 . +The default is +.Dq sha256 . +.Pp .It Cm ForceCommand Forces the execution of the command specified by .Cm ForceCommand , diff --git a/sshkey.c b/sshkey.c index cf126626e..a32bd36cc 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.6 2014/12/10 01:24:09 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.7 2014/12/21 22:27:55 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -29,6 +29,7 @@ #include #include +#include #include #include @@ -852,29 +853,18 @@ sshkey_plain_to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp) } int -sshkey_fingerprint_raw(const struct sshkey *k, enum sshkey_fp_type dgst_type, +sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg, u_char **retp, size_t *lenp) { u_char *blob = NULL, *ret = NULL; size_t blob_len = 0; - int hash_alg = -1, r = SSH_ERR_INTERNAL_ERROR; + int r = SSH_ERR_INTERNAL_ERROR; if (retp != NULL) *retp = NULL; if (lenp != NULL) *lenp = 0; - - switch (dgst_type) { - case SSH_FP_MD5: - hash_alg = SSH_DIGEST_MD5; - break; - case SSH_FP_SHA1: - hash_alg = SSH_DIGEST_SHA1; - break; - case SSH_FP_SHA256: - hash_alg = SSH_DIGEST_SHA256; - break; - default: + if (ssh_digest_bytes(dgst_alg) == 0) { r = SSH_ERR_INVALID_ARGUMENT; goto out; } @@ -899,7 +889,7 @@ sshkey_fingerprint_raw(const struct sshkey *k, enum sshkey_fp_type dgst_type, r = SSH_ERR_ALLOC_FAIL; goto out; } - if ((r = ssh_digest_memory(hash_alg, blob, blob_len, + if ((r = ssh_digest_memory(dgst_alg, blob, blob_len, ret, SSH_DIGEST_MAX_LENGTH)) != 0) goto out; /* success */ @@ -908,7 +898,7 @@ sshkey_fingerprint_raw(const struct sshkey *k, enum sshkey_fp_type dgst_type, ret = NULL; } if (lenp != NULL) - *lenp = ssh_digest_bytes(hash_alg); + *lenp = ssh_digest_bytes(dgst_alg); r = 0; out: free(ret); @@ -920,21 +910,45 @@ sshkey_fingerprint_raw(const struct sshkey *k, enum sshkey_fp_type dgst_type, } static char * -fingerprint_hex(u_char *dgst_raw, size_t dgst_raw_len) +fingerprint_b64(const char *alg, u_char *dgst_raw, size_t dgst_raw_len) { - char *retval; - size_t i; + char *ret; + size_t plen = strlen(alg) + 1; + size_t rlen = ((dgst_raw_len + 2) / 3) * 4 + plen + 1; + int r; - if ((retval = calloc(1, dgst_raw_len * 3 + 1)) == NULL) + if (dgst_raw_len > 65536 || (ret = calloc(1, rlen)) == NULL) + return NULL; + strlcpy(ret, alg, rlen); + strlcat(ret, ":", rlen); + if (dgst_raw_len == 0) + return ret; + if ((r = b64_ntop(dgst_raw, dgst_raw_len, + ret + plen, rlen - plen)) == -1) { + explicit_bzero(ret, rlen); + free(ret); return NULL; - for (i = 0; i < dgst_raw_len; i++) { - char hex[4]; - snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); - strlcat(retval, hex, dgst_raw_len * 3 + 1); } + /* Trim padding characters from end */ + ret[strcspn(ret, "=")] = '\0'; + return ret; +} - /* Remove the trailing ':' character */ - retval[(dgst_raw_len * 3) - 1] = '\0'; +static char * +fingerprint_hex(const char *alg, u_char *dgst_raw, size_t dgst_raw_len) +{ + char *retval, hex[5]; + size_t i, rlen = dgst_raw_len * 3 + strlen(alg) + 2; + + if (dgst_raw_len > 65536 || (retval = calloc(1, rlen)) == NULL) + return NULL; + strlcpy(retval, alg, rlen); + strlcat(retval, ":", rlen); + for (i = 0; i < dgst_raw_len; i++) { + snprintf(hex, sizeof(hex), "%s%02x", + i > 0 ? ":" : "", dgst_raw[i]); + strlcat(retval, hex, rlen); + } return retval; } @@ -1020,7 +1034,7 @@ fingerprint_bubblebabble(u_char *dgst_raw, size_t dgst_raw_len) #define FLDSIZE_Y (FLDBASE + 1) #define FLDSIZE_X (FLDBASE * 2 + 1) static char * -fingerprint_randomart(u_char *dgst_raw, size_t dgst_raw_len, +fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, const struct sshkey *k) { /* @@ -1028,9 +1042,9 @@ fingerprint_randomart(u_char *dgst_raw, size_t dgst_raw_len, * intersects with itself. Matter of taste. */ char *augmentation_string = " .o+=*BOX@%&#/^SE"; - char *retval, *p, title[FLDSIZE_X]; + char *retval, *p, title[FLDSIZE_X], hash[FLDSIZE_X]; u_char field[FLDSIZE_X][FLDSIZE_Y]; - size_t i, tlen; + size_t i, tlen, hlen; u_int b; int x, y, r; size_t len = strlen(augmentation_string) - 1; @@ -1075,8 +1089,12 @@ fingerprint_randomart(u_char *dgst_raw, size_t dgst_raw_len, sshkey_type(k), sshkey_size(k)); /* If [type size] won't fit, then try [type]; fits "[ED25519-CERT]" */ if (r < 0 || r > (int)sizeof(title)) - snprintf(title, sizeof(title), "[%s]", sshkey_type(k)); - tlen = strlen(title); + r = snprintf(title, sizeof(title), "[%s]", sshkey_type(k)); + tlen = (r <= 0) ? 0 : strlen(title); + + /* assemble hash ID. */ + r = snprintf(hash, sizeof(hash), "[%s]", alg); + hlen = (r <= 0) ? 0 : strlen(hash); /* output upper border */ p = retval; @@ -1085,7 +1103,7 @@ fingerprint_randomart(u_char *dgst_raw, size_t dgst_raw_len, *p++ = '-'; memcpy(p, title, tlen); p += tlen; - for (i = p - retval - 1; i < FLDSIZE_X; i++) + for (i += tlen; i < FLDSIZE_X; i++) *p++ = '-'; *p++ = '+'; *p++ = '\n'; @@ -1101,7 +1119,11 @@ fingerprint_randomart(u_char *dgst_raw, size_t dgst_raw_len, /* output lower border */ *p++ = '+'; - for (i = 0; i < FLDSIZE_X; i++) + for (i = 0; i < (FLDSIZE_X - hlen) / 2; i++) + *p++ = '-'; + memcpy(p, hash, hlen); + p += hlen; + for (i += hlen; i < FLDSIZE_X; i++) *p++ = '-'; *p++ = '+'; @@ -1109,24 +1131,39 @@ fingerprint_randomart(u_char *dgst_raw, size_t dgst_raw_len, } char * -sshkey_fingerprint(const struct sshkey *k, enum sshkey_fp_type dgst_type, +sshkey_fingerprint(const struct sshkey *k, int dgst_alg, enum sshkey_fp_rep dgst_rep) { char *retval = NULL; u_char *dgst_raw; size_t dgst_raw_len; - if (sshkey_fingerprint_raw(k, dgst_type, &dgst_raw, &dgst_raw_len) != 0) + if (sshkey_fingerprint_raw(k, dgst_alg, &dgst_raw, &dgst_raw_len) != 0) return NULL; switch (dgst_rep) { + case SSH_FP_DEFAULT: + if (dgst_alg == SSH_DIGEST_MD5) { + retval = fingerprint_hex(ssh_digest_alg_name(dgst_alg), + dgst_raw, dgst_raw_len); + } else { + retval = fingerprint_b64(ssh_digest_alg_name(dgst_alg), + dgst_raw, dgst_raw_len); + } + break; case SSH_FP_HEX: - retval = fingerprint_hex(dgst_raw, dgst_raw_len); + retval = fingerprint_hex(ssh_digest_alg_name(dgst_alg), + dgst_raw, dgst_raw_len); + break; + case SSH_FP_BASE64: + retval = fingerprint_b64(ssh_digest_alg_name(dgst_alg), + dgst_raw, dgst_raw_len); break; case SSH_FP_BUBBLEBABBLE: retval = fingerprint_bubblebabble(dgst_raw, dgst_raw_len); break; case SSH_FP_RANDOMART: - retval = fingerprint_randomart(dgst_raw, dgst_raw_len, k); + retval = fingerprint_randomart(ssh_digest_alg_name(dgst_alg), + dgst_raw, dgst_raw_len, k); break; default: explicit_bzero(dgst_raw, dgst_raw_len); diff --git a/sshkey.h b/sshkey.h index 450b30c1f..4554b09b5 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.1 2014/06/24 01:16:58 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.2 2014/12/21 22:27:55 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -67,16 +67,14 @@ enum sshkey_types { KEY_UNSPEC }; -/* Fingerprint hash algorithms */ -enum sshkey_fp_type { - SSH_FP_SHA1, - SSH_FP_MD5, - SSH_FP_SHA256 -}; +/* Default fingerprint hash */ +#define SSH_FP_HASH_DEFAULT SSH_DIGEST_SHA256 /* Fingerprint representation formats */ enum sshkey_fp_rep { + SSH_FP_DEFAULT = 0, SSH_FP_HEX, + SSH_FP_BASE64, SSH_FP_BUBBLEBABBLE, SSH_FP_RANDOMART }; @@ -124,9 +122,9 @@ int sshkey_equal_public(const struct sshkey *, const struct sshkey *); int sshkey_equal(const struct sshkey *, const struct sshkey *); char *sshkey_fingerprint(const struct sshkey *, - enum sshkey_fp_type, enum sshkey_fp_rep); + int, enum sshkey_fp_rep); int sshkey_fingerprint_raw(const struct sshkey *k, - enum sshkey_fp_type dgst_type, u_char **retp, size_t *lenp); + int, u_char **retp, size_t *lenp); const char *sshkey_type(const struct sshkey *); const char *sshkey_cert_type(const struct sshkey *); int sshkey_write(const struct sshkey *, FILE *); -- cgit v1.2.3 From 1195f4cb07ef4b0405c839293c38600b3e9bdb46 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 8 Jan 2015 10:14:08 +0000 Subject: upstream commit deprecate key_load_private_pem() and sshkey_load_private_pem() interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@ --- auth2-hostbased.c | 3 ++- authfile.c | 64 +++++++++++++++++++++---------------------------------- authfile.h | 10 ++++++--- key.c | 25 ++-------------------- key.h | 3 +-- krl.c | 4 ++-- ssh-keysign.c | 21 +++++++++++------- sshconnect2.c | 4 +++- sshkey.c | 26 ++++++---------------- sshkey.h | 4 +--- 10 files changed, 62 insertions(+), 102 deletions(-) (limited to 'key.c') diff --git a/auth2-hostbased.c b/auth2-hostbased.c index eb6bee50b..2db3d2524 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.20 2014/12/23 22:42:48 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.21 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -84,6 +84,7 @@ userauth_hostbased(Authctxt *authctxt) buffer_dump(&b); buffer_free(&b); #endif + /* XXX provide some way to allow admin to specify key types accepted */ pktype = key_type_from_name(pkalg); if (pktype == KEY_UNSPEC) { /* this is perfectly legal */ diff --git a/authfile.c b/authfile.c index 95877e159..de9708607 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.108 2014/12/04 02:24:32 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.109 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -95,7 +95,7 @@ sshkey_save_private(struct sshkey *key, const char *filename, /* Load a key from a fd into a buffer */ int -sshkey_load_file(int fd, const char *filename, struct sshbuf *blob) +sshkey_load_file(int fd, struct sshbuf *blob) { u_char buf[1024]; size_t len; @@ -142,8 +142,7 @@ sshkey_load_file(int fd, const char *filename, struct sshbuf *blob) * otherwise. */ static int -sshkey_load_public_rsa1(int fd, const char *filename, - struct sshkey **keyp, char **commentp) +sshkey_load_public_rsa1(int fd, struct sshkey **keyp, char **commentp) { struct sshbuf *b = NULL; int r; @@ -154,7 +153,7 @@ sshkey_load_public_rsa1(int fd, const char *filename, if ((b = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_load_file(fd, filename, b)) != 0) + if ((r = sshkey_load_file(fd, b)) != 0) goto out; if ((r = sshkey_parse_public_rsa1_fileblob(b, keyp, commentp)) != 0) goto out; @@ -165,33 +164,6 @@ sshkey_load_public_rsa1(int fd, const char *filename, } #endif /* WITH_SSH1 */ -#ifdef WITH_OPENSSL -/* XXX Deprecate? */ -int -sshkey_load_private_pem(int fd, int type, const char *passphrase, - struct sshkey **keyp, char **commentp) -{ - struct sshbuf *buffer = NULL; - int r; - - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((buffer = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_load_file(fd, NULL, buffer)) != 0) - goto out; - if ((r = sshkey_parse_private_pem_fileblob(buffer, type, passphrase, - keyp, commentp)) != 0) - goto out; - r = 0; - out: - sshbuf_free(buffer); - return r; -} -#endif /* WITH_OPENSSL */ - /* XXX remove error() calls from here? */ int sshkey_perm_ok(int fd, const char *filename) @@ -227,7 +199,6 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, struct sshkey **keyp, char **commentp, int *perm_ok) { int fd, r; - struct sshbuf *buffer = NULL; *keyp = NULL; if (commentp != NULL) @@ -247,18 +218,31 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, if (perm_ok != NULL) *perm_ok = 1; + r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); + out: + close(fd); + return r; +} + +int +sshkey_load_private_type_fd(int fd, int type, const char *passphrase, + struct sshkey **keyp, char **commentp) +{ + struct sshbuf *buffer = NULL; + int r; + if ((buffer = sshbuf_new()) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } - if ((r = sshkey_load_file(fd, filename, buffer)) != 0) - goto out; - if ((r = sshkey_parse_private_fileblob_type(buffer, type, passphrase, - keyp, commentp)) != 0) + if ((r = sshkey_load_file(fd, buffer)) != 0 || + (r = sshkey_parse_private_fileblob_type(buffer, type, + passphrase, keyp, commentp)) != 0) goto out; + + /* success */ r = 0; out: - close(fd); if (buffer != NULL) sshbuf_free(buffer); return r; @@ -287,7 +271,7 @@ sshkey_load_private(const char *filename, const char *passphrase, r = SSH_ERR_ALLOC_FAIL; goto out; } - if ((r = sshkey_load_file(fd, filename, buffer)) != 0 || + if ((r = sshkey_load_file(fd, buffer)) != 0 || (r = sshkey_parse_private_fileblob(buffer, passphrase, filename, keyp, commentp)) != 0) goto out; @@ -363,7 +347,7 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) goto skip; #ifdef WITH_SSH1 /* try rsa1 private key */ - r = sshkey_load_public_rsa1(fd, filename, keyp, commentp); + r = sshkey_load_public_rsa1(fd, keyp, commentp); close(fd); switch (r) { case SSH_ERR_INTERNAL_ERROR: diff --git a/authfile.h b/authfile.h index 645404e61..624d269f1 100644 --- a/authfile.h +++ b/authfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.h,v 1.20 2014/12/04 02:24:32 djm Exp $ */ +/* $OpenBSD: authfile.h,v 1.21 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. @@ -30,9 +30,12 @@ struct sshbuf; struct sshkey; +/* XXX document these */ +/* XXX some of these could probably be merged/retired */ + int sshkey_save_private(struct sshkey *, const char *, const char *, const char *, int, const char *, int); -int sshkey_load_file(int, const char *, struct sshbuf *); +int sshkey_load_file(int, struct sshbuf *); int sshkey_load_cert(const char *, struct sshkey **); int sshkey_load_public(const char *, struct sshkey **, char **); int sshkey_load_private(const char *, const char *, struct sshkey **, char **); @@ -40,7 +43,8 @@ int sshkey_load_private_cert(int, const char *, const char *, struct sshkey **, int *); int sshkey_load_private_type(int, const char *, const char *, struct sshkey **, char **, int *); -int sshkey_load_private_pem(int, int, const char *, struct sshkey **, char **); +int sshkey_load_private_type_fd(int fd, int type, const char *passphrase, + struct sshkey **keyp, char **commentp); int sshkey_perm_ok(int, const char *); int sshkey_in_file(struct sshkey *, const char *, int, int); int sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file); diff --git a/key.c b/key.c index b821d9e1d..37eb67634 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.124 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: key.c,v 1.125 2015/01/08 10:14:08 djm Exp $ */ /* * placed in the public domain */ @@ -328,7 +328,7 @@ key_load_file(int fd, const char *filename, struct sshbuf *blob) { int r; - if ((r = sshkey_load_file(fd, filename, blob)) != 0) { + if ((r = sshkey_load_file(fd, blob)) != 0) { fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); error("%s: %s", __func__, ssh_err(r)); return 0; @@ -435,27 +435,6 @@ key_load_private_type(int type, const char *filename, const char *passphrase, return ret; } -#ifdef WITH_OPENSSL -Key * -key_load_private_pem(int fd, int type, const char *passphrase, - char **commentp) -{ - int r; - Key *ret = NULL; - - if ((r = sshkey_load_private_pem(fd, type, passphrase, - &ret, commentp)) != 0) { - fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR); - if (r == SSH_ERR_KEY_WRONG_PASSPHRASE) - debug("%s: %s", __func__, ssh_err(r)); - else - error("%s: %s", __func__, ssh_err(r)); - return NULL; - } - return ret; -} -#endif /* WITH_OPENSSL */ - int key_perm_ok(int fd, const char *filename) { diff --git a/key.h b/key.h index de7865733..7190b842d 100644 --- a/key.h +++ b/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.44 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: key.h,v 1.45 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -104,7 +104,6 @@ Key *key_load_public(const char *, char **); Key *key_load_private(const char *, const char *, char **); Key *key_load_private_cert(int, const char *, const char *, int *); Key *key_load_private_type(int, const char *, const char *, char **, int *); -Key *key_load_private_pem(int, int, const char *, char **); int key_perm_ok(int, const char *); #endif diff --git a/krl.c b/krl.c index 3439e9c29..711d370fe 100644 --- a/krl.c +++ b/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.21 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.22 2015/01/08 10:14:08 djm Exp $ */ #include "includes.h" @@ -1248,7 +1248,7 @@ ssh_krl_file_contains_key(const char *path, const struct sshkey *key) oerrno = errno; goto out; } - if ((r = sshkey_load_file(fd, path, krlbuf)) != 0) { + if ((r = sshkey_load_file(fd, krlbuf)) != 0) { oerrno = errno; goto out; } diff --git a/ssh-keysign.c b/ssh-keysign.c index b86e18d8c..d59f115fc 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.44 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.45 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -52,6 +52,8 @@ #include "pathnames.h" #include "readconf.h" #include "uidswap.h" +#include "sshkey.h" +#include "ssherr.h" /* XXX readconf.c needs these */ uid_t original_real_uid; @@ -69,6 +71,8 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, char *pkalg, *p; int pktype, fail; + if (ret != NULL) + *ret = NULL; fail = 0; buffer_init(&b); @@ -153,7 +157,7 @@ main(int argc, char **argv) #define NUM_KEYTYPES 4 Key *keys[NUM_KEYTYPES], *key = NULL; struct passwd *pw; - int key_fd[NUM_KEYTYPES], i, found, version = 2, fd; + int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd; u_char *signature, *data; char *host, *fp; u_int slen, dlen; @@ -209,14 +213,15 @@ main(int argc, char **argv) keys[i] = NULL; if (key_fd[i] == -1) continue; -#ifdef WITH_OPENSSL -/* XXX wrong api */ - keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC, - NULL, NULL); -#endif + r = sshkey_load_private_type_fd(key_fd[i], KEY_UNSPEC, + NULL, &key, NULL); close(key_fd[i]); - if (keys[i] != NULL) + if (r != 0) + debug("parse key %d: %s", i, ssh_err(r)); + else if (key != NULL) { + keys[i] = key; found = 1; + } } if (!found) fatal("no hostkey found"); diff --git a/sshconnect2.c b/sshconnect2.c index ad20fae6a..6a7b69938 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.212 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.213 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1489,6 +1489,8 @@ userauth_hostbased(Authctxt *authctxt) u_int blen, slen; int ok, i, found = 0; + /* XXX provide some way to allow user to specify key types attempted */ + /* check for a useful key */ for (i = 0; i < sensitive->nkeys; i++) { private = sensitive->keys[i]; diff --git a/sshkey.c b/sshkey.c index 9b37c9aed..3a90217dd 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.7 2014/12/21 22:27:55 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.8 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -3719,20 +3719,16 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, #endif /* WITH_SSH1 */ #ifdef WITH_OPENSSL -/* XXX make private once ssh-keysign.c fixed */ -int +static int sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, - const char *passphrase, struct sshkey **keyp, char **commentp) + const char *passphrase, struct sshkey **keyp) { EVP_PKEY *pk = NULL; struct sshkey *prv = NULL; - char *name = ""; BIO *bio = NULL; int r; *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) return SSH_ERR_ALLOC_FAIL; @@ -3755,7 +3751,6 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, } prv->rsa = EVP_PKEY_get1_RSA(pk); prv->type = KEY_RSA; - name = "rsa w/o comment"; #ifdef DEBUG_PK RSA_print_fp(stderr, prv->rsa, 8); #endif @@ -3771,7 +3766,6 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, } prv->dsa = EVP_PKEY_get1_DSA(pk); prv->type = KEY_DSA; - name = "dsa w/o comment"; #ifdef DEBUG_PK DSA_print_fp(stderr, prv->dsa, 8); #endif @@ -3793,7 +3787,6 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, r = SSH_ERR_INVALID_FORMAT; goto out; } - name = "ecdsa w/o comment"; # ifdef DEBUG_PK if (prv != NULL && prv->ecdsa != NULL) sshkey_dump_ec_key(prv->ecdsa); @@ -3803,11 +3796,6 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, r = SSH_ERR_INVALID_FORMAT; goto out; } - if (commentp != NULL && - (*commentp = strdup(name)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } r = 0; *keyp = prv; prv = NULL; @@ -3839,8 +3827,8 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, case KEY_DSA: case KEY_ECDSA: case KEY_RSA: - return sshkey_parse_private_pem_fileblob(blob, type, passphrase, - keyp, commentp); + return sshkey_parse_private_pem_fileblob(blob, type, + passphrase, keyp); #endif /* WITH_OPENSSL */ case KEY_ED25519: return sshkey_parse_private2(blob, type, passphrase, @@ -3850,8 +3838,8 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, commentp)) == 0) return 0; #ifdef WITH_OPENSSL - return sshkey_parse_private_pem_fileblob(blob, type, passphrase, - keyp, commentp); + return sshkey_parse_private_pem_fileblob(blob, type, + passphrase, keyp); #else return SSH_ERR_INVALID_FORMAT; #endif /* WITH_OPENSSL */ diff --git a/sshkey.h b/sshkey.h index 4554b09b5..65194d6e4 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.2 2014/12/21 22:27:55 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.3 2015/01/08 10:14:08 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -184,8 +184,6 @@ int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, int force_new_format, const char *new_format_cipher, int new_format_rounds); int sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, struct sshkey **keyp, char **commentp); -int sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, - const char *passphrase, struct sshkey **keyp, char **commentp); int sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, const char *filename, struct sshkey **keyp, char **commentp); -- cgit v1.2.3 From 087266ec33c76fc8d54ac5a19efacf2f4a4ca076 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Tue, 20 Jan 2015 23:14:00 +0000 Subject: upstream commit Reduce use of and transition to throughout. ok djm markus --- auth.c | 8 ++++---- authfile.c | 6 +++--- channels.c | 5 +++-- clientloop.c | 13 +++++++------ deattack.c | 3 +-- dh.c | 5 +++-- groupaccess.c | 4 ++-- gss-genr.c | 3 ++- gss-serv.c | 3 +-- kex.c | 4 ++-- kexgexs.c | 4 ++-- key.c | 4 ++-- krl.c | 4 ++-- moduli.c | 9 +++++---- monitor.c | 4 ++-- monitor_mm.c | 4 ++-- mux.c | 3 +-- packet.c | 5 +++-- sandbox-systrace.c | 4 ++-- serverloop.c | 4 ++-- sftp-client.c | 4 ++-- sftp-common.c | 4 ++-- sftp-server.c | 10 +++++----- sftp.c | 6 ++++-- ssh-keyscan.c | 3 +-- ssh-pkcs11-helper.c | 3 +-- ssh.c | 8 ++++---- sshbuf.c | 4 ++-- sshconnect.c | 4 ++-- sshd.c | 10 +++++----- sshlogin.c | 6 +++--- 31 files changed, 82 insertions(+), 79 deletions(-) (limited to 'key.c') diff --git a/auth.c b/auth.c index b259c6ef1..facc962b2 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.108 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.109 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -27,7 +27,6 @@ #include #include -#include #include @@ -50,6 +49,7 @@ #include #include #include +#include #include "xmalloc.h" #include "match.h" @@ -376,7 +376,7 @@ auth_root_allowed(const char *method) char * expand_authorized_keys(const char *filename, struct passwd *pw) { - char *file, ret[MAXPATHLEN]; + char *file, ret[PATH_MAX]; int i; file = percent_expand(filename, "h", pw->pw_dir, @@ -468,7 +468,7 @@ int auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, uid_t uid, char *err, size_t errlen) { - char buf[MAXPATHLEN], homedir[MAXPATHLEN]; + char buf[PATH_MAX], homedir[PATH_MAX]; char *cp; int comparehome = 0; struct stat st; diff --git a/authfile.c b/authfile.c index d47e0058f..7d7f45ead 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.109 2015/01/08 10:14:08 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.110 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -27,7 +27,6 @@ #include #include -#include #include #include @@ -37,6 +36,7 @@ #include #include #include +#include #include "cipher.h" #include "key.h" @@ -335,7 +335,7 @@ int sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) { struct sshkey *pub = NULL; - char file[MAXPATHLEN]; + char file[PATH_MAX]; int r, fd; if (keyp != NULL) diff --git a/channels.c b/channels.c index 29a62f70a..2fedaf89d 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.339 2015/01/19 20:07:45 markus Exp $ */ +/* $OpenBSD: channels.c,v 1.340 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -42,7 +42,7 @@ #include "includes.h" #include -#include +#include /* MIN MAX */ #include #include #include @@ -62,6 +62,7 @@ #include #include #include +#include #include #include "openbsd-compat/sys-queue.h" diff --git a/clientloop.c b/clientloop.c index 5a018ac79..4522a6332 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.265 2015/01/19 20:16:15 markus Exp $ */ +/* $OpenBSD: clientloop.c,v 1.266 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -61,9 +61,9 @@ #include "includes.h" +#include /* MIN MAX */ #include #include -#include #ifdef HAVE_SYS_STAT_H # include #endif @@ -85,6 +85,7 @@ #include #include #include +#include #include "openbsd-compat/sys-queue.h" #include "xmalloc.h" @@ -339,12 +340,12 @@ client_x11_get_proto(const char *display, const char *xauth_path, display = xdisplay; } if (trusted == 0) { - xauthdir = xmalloc(MAXPATHLEN); - xauthfile = xmalloc(MAXPATHLEN); - mktemp_proto(xauthdir, MAXPATHLEN); + xauthdir = xmalloc(PATH_MAX); + xauthfile = xmalloc(PATH_MAX); + mktemp_proto(xauthdir, PATH_MAX); if (mkdtemp(xauthdir) != NULL) { do_unlink = 1; - snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile", + snprintf(xauthfile, PATH_MAX, "%s/xauthfile", xauthdir); snprintf(cmd, sizeof(cmd), "%s -f %s generate %s " SSH_X11_PROTO diff --git a/deattack.c b/deattack.c index b102401e7..e76481a6d 100644 --- a/deattack.c +++ b/deattack.c @@ -1,4 +1,4 @@ -/* $OpenBSD: deattack.c,v 1.31 2015/01/19 19:52:16 markus Exp $ */ +/* $OpenBSD: deattack.c,v 1.32 2015/01/20 23:14:00 deraadt Exp $ */ /* * Cryptographic attack detector for ssh - source code * @@ -20,7 +20,6 @@ #include "includes.h" -#include #include #include #include diff --git a/dh.c b/dh.c index 38ad615c5..a260240fd 100644 --- a/dh.c +++ b/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.54 2015/01/19 20:16:15 markus Exp $ */ +/* $OpenBSD: dh.c,v 1.55 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -25,7 +25,7 @@ #include "includes.h" -#include +#include /* MIN */ #include #include @@ -34,6 +34,7 @@ #include #include #include +#include #include "dh.h" #include "pathnames.h" diff --git a/groupaccess.c b/groupaccess.c index 1eab10b19..4fca04471 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.c,v 1.14 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: groupaccess.c,v 1.15 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -26,13 +26,13 @@ #include "includes.h" #include -#include #include #include #include #include #include +#include #include "xmalloc.h" #include "groupaccess.h" diff --git a/gss-genr.c b/gss-genr.c index b39281bc1..60ac65f8d 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.23 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. @@ -31,6 +31,7 @@ #include #include +#include #include #include #include diff --git a/gss-serv.c b/gss-serv.c index 5c599247b..e7b8c5223 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.27 2014/07/03 03:34:09 djm Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.28 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -29,7 +29,6 @@ #ifdef GSSAPI #include -#include #include #include diff --git a/kex.c b/kex.c index 9280dd3f4..5b7b1e86a 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.102 2015/01/19 20:16:15 markus Exp $ */ +/* $OpenBSD: kex.c,v 1.103 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -25,7 +25,7 @@ #include "includes.h" -#include +#include /* MAX roundup */ #include #include diff --git a/kexgexs.c b/kexgexs.c index d45682063..ca5ee13e9 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.22 2015/01/20 07:55:33 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.23 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -28,7 +28,7 @@ #ifdef WITH_OPENSSL -#include +#include /* MIN MAX */ #include #include diff --git a/key.c b/key.c index 37eb67634..c2b696af9 100644 --- a/key.c +++ b/key.c @@ -1,15 +1,15 @@ -/* $OpenBSD: key.c,v 1.125 2015/01/08 10:14:08 djm Exp $ */ +/* $OpenBSD: key.c,v 1.126 2015/01/20 23:14:00 deraadt Exp $ */ /* * placed in the public domain */ #include "includes.h" -#include #include #include #include #include +#include #define SSH_KEY_NO_DEFINE #include "key.h" diff --git a/krl.c b/krl.c index acfb22732..363bf122f 100644 --- a/krl.c +++ b/krl.c @@ -14,12 +14,12 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.28 2015/01/19 17:35:48 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.29 2015/01/20 23:14:00 deraadt Exp $ */ #include "includes.h" +#include /* MIN */ #include -#include #include #include diff --git a/moduli.c b/moduli.c index 729d55c10..ed1bdc946 100644 --- a/moduli.c +++ b/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.29 2014/08/21 01:08:52 doug Exp $ */ +/* $OpenBSD: moduli.c,v 1.30 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright 1994 Phil Karn * Copyright 1996-1998, 2003 William Allen Simpson @@ -41,7 +41,7 @@ #ifdef WITH_OPENSSL -#include +#include /* MAX */ #include #include @@ -54,6 +54,7 @@ #include #include #include +#include #include "xmalloc.h" #include "dh.h" @@ -449,11 +450,11 @@ static void write_checkpoint(char *cpfile, u_int32_t lineno) { FILE *fp; - char tmp[MAXPATHLEN]; + char tmp[PATH_MAX]; int r; r = snprintf(tmp, sizeof(tmp), "%s.XXXXXXXXXX", cpfile); - if (r == -1 || r >= MAXPATHLEN) { + if (r == -1 || r >= PATH_MAX) { logit("write_checkpoint: temp pathname too long"); return; } diff --git a/monitor.c b/monitor.c index 40fff097d..90db9800b 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.140 2015/01/19 20:16:15 markus Exp $ */ +/* $OpenBSD: monitor.c,v 1.141 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -28,7 +28,6 @@ #include "includes.h" #include -#include #include #include "openbsd-compat/sys-tree.h" #include @@ -42,6 +41,7 @@ #include #include #include +#include #include #include #include diff --git a/monitor_mm.c b/monitor_mm.c index 0ba0658a1..f224fb67e 100644 --- a/monitor_mm.c +++ b/monitor_mm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_mm.c,v 1.19 2014/01/04 17:50:55 tedu Exp $ */ +/* $OpenBSD: monitor_mm.c,v 1.20 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright 2002 Niels Provos * All rights reserved. @@ -30,7 +30,6 @@ #ifdef HAVE_SYS_MMAN_H #include #endif -#include #include "openbsd-compat/sys-tree.h" #include @@ -38,6 +37,7 @@ #include #include #include +#include #include "xmalloc.h" #include "ssh.h" diff --git a/mux.c b/mux.c index 52d478c2b..f3faaeec9 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.49 2014/12/22 07:24:11 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.50 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -33,7 +33,6 @@ #include "includes.h" #include -#include #include #include #include diff --git a/packet.c b/packet.c index cf9d3648b..2c8d8aa9b 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.202 2015/01/19 20:30:23 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.203 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -39,9 +39,9 @@ #include "includes.h" +#include /* MIN roundup */ #include #include "openbsd-compat/sys-queue.h" -#include #include #ifdef HAVE_SYS_TIME_H # include @@ -57,6 +57,7 @@ #include #include #include +#include #include #include diff --git a/sandbox-systrace.c b/sandbox-systrace.c index aaa3d8f0a..f30e70575 100644 --- a/sandbox-systrace.c +++ b/sandbox-systrace.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sandbox-systrace.c,v 1.13 2014/07/17 00:10:56 djm Exp $ */ +/* $OpenBSD: sandbox-systrace.c,v 1.14 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -20,7 +20,6 @@ #ifdef SANDBOX_SYSTRACE #include -#include #include #include #include @@ -37,6 +36,7 @@ #include #include #include +#include #include "atomicio.h" #include "log.h" diff --git a/serverloop.c b/serverloop.c index 83a1e010d..48bb3f631 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.175 2015/01/19 20:16:15 markus Exp $ */ +/* $OpenBSD: serverloop.c,v 1.176 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -37,8 +37,8 @@ #include "includes.h" +#include /* MIN MAX */ #include -#include #include #include #ifdef HAVE_SYS_TIME_H diff --git a/sftp-client.c b/sftp-client.c index 574da833a..80f4805cb 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.116 2015/01/14 13:54:13 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.117 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -22,8 +22,8 @@ #include "includes.h" +#include /* MIN MAX */ #include -#include #ifdef HAVE_SYS_STATVFS_H #include #endif diff --git a/sftp-common.c b/sftp-common.c index 9c54d5c6b..9dc1f9831 100644 --- a/sftp-common.c +++ b/sftp-common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.c,v 1.27 2015/01/14 13:54:13 djm Exp $ */ +/* $OpenBSD: sftp-common.c,v 1.28 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Damien Miller. All rights reserved. @@ -26,9 +26,9 @@ #include "includes.h" +#include /* MAX */ #include #include -#include #include #include diff --git a/sftp-server.c b/sftp-server.c index 7d09504d9..4f735cd93 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.104 2015/01/14 13:54:13 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.105 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -17,8 +17,8 @@ #include "includes.h" +#include /* MIN */ #include -#include #include #ifdef HAVE_SYS_TIME_H # include @@ -1055,7 +1055,7 @@ process_readdir(u_int32_t id) send_status(id, SSH2_FX_FAILURE); } else { struct stat st; - char pathname[MAXPATHLEN]; + char pathname[PATH_MAX]; Stat *stats; int nstats = 10, count = 0, i; @@ -1150,7 +1150,7 @@ process_rmdir(u_int32_t id) static void process_realpath(u_int32_t id) { - char resolvedname[MAXPATHLEN]; + char resolvedname[PATH_MAX]; char *path; int r; @@ -1238,7 +1238,7 @@ static void process_readlink(u_int32_t id) { int r, len; - char buf[MAXPATHLEN]; + char buf[PATH_MAX]; char *path; if ((r = sshbuf_get_cstring(iqueue, &path, NULL)) != 0) diff --git a/sftp.c b/sftp.c index eee472d08..cb9b967ed 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.169 2015/01/14 13:54:13 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.170 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -17,6 +17,7 @@ #include "includes.h" +#include /* MIN MAX */ #include #include #ifdef HAVE_SYS_STAT_H @@ -46,6 +47,7 @@ #else typedef void EditLine; #endif +#include #include #include #include @@ -1401,7 +1403,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, int cmdnum, i; unsigned long n_arg = 0; Attrib a, *aa; - char path_buf[MAXPATHLEN]; + char path_buf[PATH_MAX]; int err = 0; glob_t g; diff --git a/ssh-keyscan.c b/ssh-keyscan.c index e02a3bbb1..62dbd62fa 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.95 2015/01/19 20:32:39 markus Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.96 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -10,7 +10,6 @@ #include "includes.h" #include -#include #include "openbsd-compat/sys-queue.h" #include #ifdef HAVE_SYS_TIME_H diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index d487f023b..ceabc8ba7 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.9 2014/12/11 08:20:09 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.10 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -18,7 +18,6 @@ #include "includes.h" #include -#include #ifdef HAVE_SYS_TIME_H # include #endif diff --git a/ssh.c b/ssh.c index 5190f1f9b..430773c74 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.413 2015/01/16 07:19:48 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.414 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -48,7 +48,6 @@ #endif #include #include -#include #include #include @@ -67,6 +66,7 @@ #include #include #include +#include #include #include @@ -454,7 +454,7 @@ resolve_canonicalize(char **hostp, int port) static void process_config_files(const char *host_arg, struct passwd *pw, int post_canon) { - char buf[MAXPATHLEN]; + char buf[PATH_MAX]; int r; if (config != NULL) { @@ -505,7 +505,7 @@ int main(int ac, char **av) { int i, r, opt, exit_status, use_syslog, config_test = 0; - char *p, *cp, *line, *argv0, buf[MAXPATHLEN], *host_arg, *logfile; + char *p, *cp, *line, *argv0, buf[PATH_MAX], *host_arg, *logfile; char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; char cname[NI_MAXHOST]; struct stat st; diff --git a/sshbuf.c b/sshbuf.c index 78f5340a1..dbe0c9192 100644 --- a/sshbuf.c +++ b/sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.c,v 1.2 2014/06/25 14:16:09 deraadt Exp $ */ +/* $OpenBSD: sshbuf.c,v 1.3 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -18,8 +18,8 @@ #define SSHBUF_INTERNAL #include "includes.h" +#include /* roundup */ #include -#include #include #include #include diff --git a/sshconnect.c b/sshconnect.c index 1a633211a..6fc3fa520 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.255 2015/01/19 20:20:20 markus Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.256 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -15,8 +15,8 @@ #include "includes.h" +#include /* roundup */ #include -#include #include #include #include diff --git a/sshd.c b/sshd.c index 6e40ba42e..ef63bd1e8 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.437 2015/01/20 20:16:21 markus Exp $ */ +/* $OpenBSD: sshd.c,v 1.438 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -45,7 +45,6 @@ #include "includes.h" #include -#include #include #include #ifdef HAVE_SYS_STAT_H @@ -72,6 +71,7 @@ #include #include #include +#include #ifdef WITH_OPENSSL #include @@ -229,7 +229,7 @@ u_char *session_id2 = NULL; u_int session_id2_len = 0; /* record remote hostname or ip */ -u_int utmp_len = MAXHOSTNAMELEN; +u_int utmp_len = HOST_NAME_MAX+1; /* options.max_startup sized array of fd ints */ int *startup_pipes = NULL; @@ -1544,8 +1544,8 @@ main(int ac, char **av) exit(1); break; case 'u': - utmp_len = (u_int)strtonum(optarg, 0, MAXHOSTNAMELEN+1, NULL); - if (utmp_len > MAXHOSTNAMELEN) { + utmp_len = (u_int)strtonum(optarg, 0, HOST_NAME_MAX+1+1, NULL); + if (utmp_len > HOST_NAME_MAX+1) { fprintf(stderr, "Invalid utmp length.\n"); exit(1); } diff --git a/sshlogin.c b/sshlogin.c index 3313ac998..818312ff1 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshlogin.c,v 1.30 2015/01/16 06:40:12 deraadt Exp $ */ +/* $OpenBSD: sshlogin.c,v 1.31 2015/01/20 23:14:00 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -42,7 +42,6 @@ #include "includes.h" #include -#include /* MAXHOSTNAMELEN */ #include #include @@ -54,6 +53,7 @@ #include #include #include +#include #include "loginrec.h" #include "log.h" @@ -88,7 +88,7 @@ static void store_lastlog_message(const char *user, uid_t uid) { #ifndef NO_SSH_LASTLOG - char *time_string, hostname[MAXHOSTNAMELEN] = "", buf[512]; + char *time_string, hostname[HOST_NAME_MAX+1] = "", buf[512]; time_t last_login_time; if (!options.print_lastlog) -- cgit v1.2.3 From 9ce86c926dfa6e0635161b035e3944e611cbccf0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 28 Jan 2015 22:36:00 +0000 Subject: upstream commit update to new API (key_fingerprint => sshkey_fingerprint) check sshkey_fingerprint return values; ok markus --- auth-rsa.c | 7 ++++--- auth2-hostbased.c | 12 +++++++----- auth2-pubkey.c | 29 +++++++++++++++++------------ dns.c | 6 +++--- key.c | 19 +------------------ key.h | 5 +---- ssh-add.c | 5 +++-- ssh-agent.c | 5 +++-- ssh-keygen.c | 18 ++++++++++++++---- ssh-keysign.c | 7 ++++--- sshconnect.c | 26 +++++++++++++++++--------- sshconnect2.c | 10 +++++++--- 12 files changed, 81 insertions(+), 68 deletions(-) (limited to 'key.c') diff --git a/auth-rsa.c b/auth-rsa.c index 422c196cf..cbd971be1 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.89 2014/12/21 22:27:56 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.90 2015/01/28 22:36:00 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -238,8 +238,9 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); - fp = key_fingerprint(key, options.fingerprint_hash, - SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) + continue; debug("matching key found: file %s, line %lu %s %s", file, linenum, key_type(key), fp); free(fp); diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 6f69e89de..eebfe8fc3 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.23 2015/01/28 11:07:25 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.24 2015/01/28 22:36:00 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -224,15 +224,17 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, if (host_status == HOST_OK) { if (key_is_cert(key)) { - fp = key_fingerprint(key->cert->signature_key, - options.fingerprint_hash, SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(key->cert->signature_key, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); verbose("Accepted certificate ID \"%s\" signed by " "%s CA %s from %s@%s", key->cert->key_id, key_type(key->cert->signature_key), fp, cuser, lookup); } else { - fp = key_fingerprint(key, options.fingerprint_hash, - SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(key, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); verbose("Accepted %s public key %s from %s@%s", key_type(key), fp, cuser, lookup); } diff --git a/auth2-pubkey.c b/auth2-pubkey.c index d922eea26..d8f0aa3e2 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.45 2015/01/13 07:39:19 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.46 2015/01/28 22:36:00 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -228,18 +228,20 @@ pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...) } if (key_is_cert(key)) { - fp = key_fingerprint(key->cert->signature_key, + fp = sshkey_fingerprint(key->cert->signature_key, options.fingerprint_hash, SSH_FP_DEFAULT); auth_info(authctxt, "%s ID %s (serial %llu) CA %s %s%s%s", key_type(key), key->cert->key_id, (unsigned long long)key->cert->serial, - key_type(key->cert->signature_key), fp, + key_type(key->cert->signature_key), + fp == NULL ? "(null)" : "", extra == NULL ? "" : ", ", extra == NULL ? "" : extra); free(fp); } else { - fp = key_fingerprint(key, options.fingerprint_hash, + fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT); - auth_info(authctxt, "%s %s%s%s", key_type(key), fp, + auth_info(authctxt, "%s %s%s%s", key_type(key), + fp == NULL ? "(null)" : "", extra == NULL ? "" : ", ", extra == NULL ? "" : extra); free(fp); } @@ -382,8 +384,9 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) continue; if (!key_is_cert_authority) continue; - fp = key_fingerprint(found, options.fingerprint_hash, - SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(found, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + continue; debug("matching CA found: file %s, line %lu, %s %s", file, linenum, key_type(found), fp); /* @@ -422,12 +425,13 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) continue; if (key_is_cert_authority) continue; - found_key = 1; - fp = key_fingerprint(found, options.fingerprint_hash, - SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(found, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + continue; debug("matching key found: file %s, line %lu %s %s", file, linenum, key_type(found), fp); free(fp); + found_key = 1; break; } } @@ -449,8 +453,9 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) if (!key_is_cert(key) || options.trusted_user_ca_keys == NULL) return 0; - ca_fp = key_fingerprint(key->cert->signature_key, - options.fingerprint_hash, SSH_FP_DEFAULT); + if ((ca_fp = sshkey_fingerprint(key->cert->signature_key, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + return 0; if (sshkey_in_file(key->cert->signature_key, options.trusted_user_ca_keys, 1, 0) != 0) { diff --git a/dns.c b/dns.c index f45bec0bf..f201b602e 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.33 2015/01/15 09:40:00 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.34 2015/01/28 22:36:00 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -294,7 +294,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, free(dnskey_digest); } - free(hostkey_digest); /* from key_fingerprint_raw() */ + free(hostkey_digest); /* from sshkey_fingerprint_raw() */ freerrset(fingerprints); if (*flags & DNS_VERIFY_FOUND) @@ -337,7 +337,7 @@ export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic) for (i = 0; i < rdata_digest_len; i++) fprintf(f, "%02x", rdata_digest[i]); fprintf(f, "\n"); - free(rdata_digest); /* from key_fingerprint_raw() */ + free(rdata_digest); /* from sshkey_fingerprint_raw() */ success = 1; } } diff --git a/key.c b/key.c index c2b696af9..bbe027b66 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.126 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: key.c,v 1.127 2015/01/28 22:36:00 djm Exp $ */ /* * placed in the public domain */ @@ -39,23 +39,6 @@ key_new_private(int type) return ret; } -u_char* -key_fingerprint_raw(const Key *k, int dgst_alg, u_int *dgst_raw_length) -{ - u_char *ret = NULL; - size_t dlen; - int r; - - if (dgst_raw_length != NULL) - *dgst_raw_length = 0; - if ((r = sshkey_fingerprint_raw(k, dgst_alg, &ret, &dlen)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); - if (dlen > INT_MAX) - fatal("%s: giant len %zu", __func__, dlen); - *dgst_raw_length = dlen; - return ret; -} - int key_read(Key *ret, char **cpp) { diff --git a/key.h b/key.h index bf884970c..89fd5cfdf 100644 --- a/key.h +++ b/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.46 2015/01/13 07:39:19 djm Exp $ */ +/* $OpenBSD: key.h,v 1.47 2015/01/28 22:36:00 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -39,7 +39,6 @@ typedef struct sshkey Key; #define key_free sshkey_free #define key_equal_public sshkey_equal_public #define key_equal sshkey_equal -#define key_fingerprint sshkey_fingerprint #define key_type sshkey_type #define key_cert_type sshkey_cert_type #define key_ssh_name sshkey_ssh_name @@ -59,14 +58,12 @@ typedef struct sshkey Key; #define key_ec_nid_to_hash_alg sshkey_ec_nid_to_hash_alg #define key_dump_ec_point sshkey_dump_ec_point #define key_dump_ec_key sshkey_dump_ec_key -#define key_fingerprint sshkey_fingerprint #endif void key_add_private(Key *); Key *key_new_private(int); void key_free(Key *); Key *key_demote(const Key *); -u_char *key_fingerprint_raw(const Key *, int, u_int *); int key_write(const Key *, FILE *); int key_read(Key *, char **); diff --git a/ssh-add.c b/ssh-add.c index 5ac51088f..676e65d16 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.117 2015/01/16 06:40:12 deraadt Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.118 2015/01/28 22:36:00 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -375,7 +375,8 @@ list_identities(int agent_fd, int do_fp) fp = sshkey_fingerprint(idlist->keys[i], fingerprint_hash, SSH_FP_DEFAULT); printf("%d %s %s (%s)\n", - sshkey_size(idlist->keys[i]), fp, + sshkey_size(idlist->keys[i]), + fp == NULL ? "(null)" : fp, idlist->comments[i], sshkey_type(idlist->keys[i])); free(fp); diff --git a/ssh-agent.c b/ssh-agent.c index ba8d020ad..41e12acc9 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.196 2015/01/16 06:40:12 deraadt Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.197 2015/01/28 22:36:00 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -212,7 +212,8 @@ confirm_key(Identity *id) int ret = -1; p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT); - if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", + if (p != NULL && + ask_permission("Allow use of key %s?\nKey fingerprint %s.", id->comment, p)) ret = 0; free(p); diff --git a/ssh-keygen.c b/ssh-keygen.c index ac20723b8..b8489dc8b 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.258 2015/01/19 00:32:54 deraadt Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.259 2015/01/28 22:36:00 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -800,6 +800,8 @@ do_download(struct passwd *pw) fp = sshkey_fingerprint(keys[i], fptype, rep); ra = sshkey_fingerprint(keys[i], fingerprint_hash, SSH_FP_RANDOMART); + if (fp == NULL || ra == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]), fp, sshkey_type(keys[i])); if (log_level >= SYSLOG_LEVEL_VERBOSE) @@ -846,6 +848,8 @@ do_fingerprint(struct passwd *pw) fp = sshkey_fingerprint(public, fptype, rep); ra = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART); + if (fp == NULL || ra == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); printf("%u %s %s (%s)\n", sshkey_size(public), fp, comment, sshkey_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) @@ -915,6 +919,8 @@ do_fingerprint(struct passwd *pw) fp = sshkey_fingerprint(public, fptype, rep); ra = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART); + if (fp == NULL || ra == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); printf("%u %s %s (%s)\n", sshkey_size(public), fp, comment ? comment : "no comment", sshkey_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) @@ -1902,6 +1908,8 @@ do_show_cert(struct passwd *pw) key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT); ca_fp = sshkey_fingerprint(key->cert->signature_key, fingerprint_hash, SSH_FP_DEFAULT); + if (key_fp == NULL || ca_fp == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); printf("%s:\n", identity_file); printf(" Type: %s %s certificate\n", sshkey_ssh_name(key), @@ -2216,7 +2224,7 @@ main(int argc, char **argv) { char dotsshdir[PATH_MAX], comment[1024], *passphrase1, *passphrase2; char *checkpoint = NULL; - char out_file[PATH_MAX], *rr_hostname = NULL, *ep; + char out_file[PATH_MAX], *rr_hostname = NULL, *ep, *fp, *ra; struct sshkey *private, *public; struct passwd *pw; struct stat st; @@ -2709,10 +2717,12 @@ passphrase_again: fclose(f); if (!quiet) { - char *fp = sshkey_fingerprint(public, fingerprint_hash, + fp = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_DEFAULT); - char *ra = sshkey_fingerprint(public, fingerprint_hash, + ra = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART); + if (fp == NULL || ra == NULL) + fatal("sshkey_fingerprint failed"); printf("Your public key has been saved in %s.\n", identity_file); printf("The key fingerprint is:\n"); diff --git a/ssh-keysign.c b/ssh-keysign.c index 222327ef1..bcf897a05 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.46 2015/01/15 09:40:00 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.47 2015/01/28 22:36:00 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -274,8 +274,9 @@ main(int argc, char **argv) } } if (!found) { - fp = sshkey_fingerprint(key, options.fingerprint_hash, - SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) + fatal("%s: sshkey_fingerprint failed", __func__); fatal("no matching hostkey found for key %s %s", sshkey_type(key), fp ? fp : ""); } diff --git a/sshconnect.c b/sshconnect.c index df921bec1..9e515066d 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.258 2015/01/26 06:10:03 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.259 2015/01/28 22:36:00 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -770,7 +770,7 @@ get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr, if (options.proxy_command == NULL) { if (getnameinfo(hostaddr, addrlen, ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0) - fatal("check_host_key: getnameinfo failed"); + fatal("%s: getnameinfo failed", __func__); *hostfile_ipaddr = put_host_port(ntop, port); } else { *hostfile_ipaddr = xstrdup("key, + fp = sshkey_fingerprint(found->key, options.fingerprint_hash, SSH_FP_DEFAULT); - ra = key_fingerprint(found->key, + ra = sshkey_fingerprint(found->key, options.fingerprint_hash, SSH_FP_RANDOMART); + if (fp == NULL || ra == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); logit("WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", @@ -1423,8 +1429,10 @@ warn_changed_key(Key *host_key) { char *fp; - fp = key_fingerprint(host_key, options.fingerprint_hash, + fp = sshkey_fingerprint(host_key, options.fingerprint_hash, SSH_FP_DEFAULT); + if (fp == NULL) + fatal("%s: sshkey_fingerprint fail", __func__); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @"); diff --git a/sshconnect2.c b/sshconnect2.c index 8da4d70dd..48882e3a5 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.221 2015/01/20 20:16:21 markus Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.222 2015/01/28 22:36:00 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -591,7 +591,9 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) key->type, pktype); goto done; } - fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) + goto done; debug2("input_userauth_pk_ok: fp %s", fp); free(fp); @@ -1009,7 +1011,9 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) int have_sig = 1; char *fp; - fp = key_fingerprint(id->key, options.fingerprint_hash, SSH_FP_DEFAULT); + if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) + return 0; debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp); free(fp); -- cgit v1.2.3