From 884416bdb10468f1252e4d7c13d51b43dccba7f6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 31 Oct 2019 21:18:28 +0000 Subject: upstream: ssh client support for U2F/FIDO keys OpenBSD-Commit-ID: eb2cfa6cf7419a1895e06e398ea6d41516c5b0bc --- sshconnect2.c | 111 +++++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 86 insertions(+), 25 deletions(-) (limited to 'sshconnect2.c') diff --git a/sshconnect2.c b/sshconnect2.c index 87fa70a40..62f0c3e76 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.308 2019/08/05 11:50:33 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.309 2019/10/31 21:18:28 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -72,6 +72,7 @@ #include "hostfile.h" #include "ssherr.h" #include "utf8.h" +#include "ssh-sk.h" #ifdef GSSAPI #include "ssh-gss.h" @@ -601,17 +602,23 @@ static char * format_identity(Identity *id) { char *fp = NULL, *ret = NULL; + const char *note = ""; if (id->key != NULL) { fp = sshkey_fingerprint(id->key, options.fingerprint_hash, SSH_FP_DEFAULT); } + if (id->key) { + if ((id->key->flags & SSHKEY_FLAG_EXT) != 0) + note = " token"; + else if (sshkey_type_plain(id->key->type) == KEY_ECDSA_SK) + note = " security-key"; + } xasprintf(&ret, "%s %s%s%s%s%s%s", id->filename, id->key ? sshkey_type(id->key) : "", id->key ? " " : "", fp ? fp : "", - id->userprovided ? " explicit" : "", - (id->key && (id->key->flags & SSHKEY_FLAG_EXT)) ? " token" : "", + id->userprovided ? " explicit" : "", note, id->agent_fd != -1 ? " agent" : ""); free(fp); return ret; @@ -1140,8 +1147,11 @@ static int identity_sign(struct identity *id, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat, const char *alg) { - struct sshkey *prv; - int r; + struct sshkey *sign_key = NULL, *prv = NULL; + int r = SSH_ERR_INTERNAL_ERROR; + + *sigp = NULL; + *lenp = 0; /* The agent supports this key. */ if (id->key != NULL && id->agent_fd != -1) { @@ -1155,27 +1165,46 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, */ if (id->key != NULL && (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT))) { - if ((r = sshkey_sign(id->key, sigp, lenp, data, datalen, - alg, compat)) != 0) - return r; - /* - * PKCS#11 tokens may not support all signature algorithms, - * so check what we get back. - */ - if ((r = sshkey_check_sigtype(*sigp, *lenp, alg)) != 0) - return r; - return 0; + sign_key = id->key; + } else { + /* Load the private key from the file. */ + if ((prv = load_identity_file(id)) == NULL) + return SSH_ERR_KEY_NOT_FOUND; + if (id->key != NULL && !sshkey_equal_public(prv, id->key)) { + error("%s: private key %s contents do not match public", + __func__, id->filename); + r = SSH_ERR_KEY_NOT_FOUND; + goto out; + } + sign_key = prv; } - /* Load the private key from the file. */ - if ((prv = load_identity_file(id)) == NULL) - return SSH_ERR_KEY_NOT_FOUND; - if (id->key != NULL && !sshkey_equal_public(prv, id->key)) { - error("%s: private key %s contents do not match public", - __func__, id->filename); - return SSH_ERR_KEY_NOT_FOUND; + if (sshkey_type_plain(sign_key->type) == KEY_ECDSA_SK) { + if (options.sk_provider == NULL) { + /* Shouldn't happen here; checked in pubkey_prepare() */ + fatal("%s: missing SecurityKeyProvider", __func__); + } + if ((r = sshsk_ecdsa_sign(options.sk_provider, sign_key, + sigp, lenp, data, datalen, compat)) != 0) { + debug("%s: sshsk_ecdsa_sign: %s", __func__, ssh_err(r)); + goto out; + } + } else if ((r = sshkey_sign(sign_key, sigp, lenp, data, datalen, + alg, compat)) != 0) { + debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); + goto out; } - r = sshkey_sign(prv, sigp, lenp, data, datalen, alg, compat); + /* + * PKCS#11 tokens may not support all signature algorithms, + * so check what we get back. + */ + if ((r = sshkey_check_sigtype(*sigp, *lenp, alg)) != 0) { + debug("%s: sshkey_check_sigtype: %s", __func__, ssh_err(r)); + goto out; + } + /* success */ + r = 0; + out: sshkey_free(prv); return r; } @@ -1450,6 +1479,15 @@ load_identity_file(Identity *id) quit = 1; break; } + if (private != NULL && + sshkey_type_plain(private->type) == KEY_ECDSA_SK && + options.sk_provider == NULL) { + debug("key \"%s\" is a security key, but no " + "provider specified", id->filename); + sshkey_free(private); + private = NULL; + quit = 1; + } if (!quit && private != NULL && id->agent_fd == -1 && !(id->key && id->isprivate)) maybe_add_key_to_agent(id->filename, private, comment, @@ -1520,8 +1558,20 @@ pubkey_prepare(Authctxt *authctxt) /* list of keys stored in the filesystem and PKCS#11 */ for (i = 0; i < options.num_identity_files; i++) { key = options.identity_keys[i]; - if (key && key->cert && key->cert->type != SSH2_CERT_TYPE_USER) + if (key && key->cert && + key->cert->type != SSH2_CERT_TYPE_USER) { + debug("%s: ignoring certificate %s: not a user " + "certificate", __func__, + options.identity_files[i]); + continue; + } + if (key && sshkey_type_plain(key->type) == KEY_ECDSA_SK && + options.sk_provider == NULL) { + debug("%s: ignoring security key %s as no " + "SecurityKeyProvider has been specified", + __func__, options.identity_files[i]); continue; + } options.identity_keys[i] = NULL; id = xcalloc(1, sizeof(*id)); id->agent_fd = -1; @@ -1534,8 +1584,19 @@ pubkey_prepare(Authctxt *authctxt) for (i = 0; i < options.num_certificate_files; i++) { key = options.certificates[i]; if (!sshkey_is_cert(key) || key->cert == NULL || - key->cert->type != SSH2_CERT_TYPE_USER) + key->cert->type != SSH2_CERT_TYPE_USER) { + debug("%s: ignoring certificate %s: not a user " + "certificate", __func__, + options.identity_files[i]); continue; + } + if (key && sshkey_type_plain(key->type) == KEY_ECDSA_SK && + options.sk_provider == NULL) { + debug("%s: ignoring security key certificate %s as no " + "SecurityKeyProvider has been specified", + __func__, options.identity_files[i]); + continue; + } id = xcalloc(1, sizeof(*id)); id->agent_fd = -1; id->key = key; -- cgit v1.2.3 From 9a14c64c38fc14d0029f1c7bc70cf62cc7f0fdf9 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 31 Oct 2019 21:23:19 +0000 Subject: upstream: Refactor signing - use sshkey_sign for everything, including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c --- krl.c | 4 ++-- monitor.c | 4 ++-- monitor_wrap.c | 8 +++++--- monitor_wrap.h | 4 ++-- ssh-agent.c | 7 ++++--- ssh-keygen.c | 18 +++++++++++------- ssh-keysign.c | 6 +++--- ssh_api.c | 9 +++++---- sshconnect2.c | 17 +++-------------- sshd.c | 8 ++++---- sshkey.c | 26 ++++++++++++++++++-------- sshkey.h | 11 ++++++----- sshsig.c | 21 +++++++++++---------- sshsig.h | 11 ++++++----- 14 files changed, 82 insertions(+), 72 deletions(-) (limited to 'sshconnect2.c') diff --git a/krl.c b/krl.c index a7f690955..89cb433bd 100644 --- a/krl.c +++ b/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.44 2019/09/06 04:53:27 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.45 2019/10/31 21:23:19 djm Exp $ */ #include "includes.h" @@ -813,7 +813,7 @@ ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf, goto out; if ((r = sshkey_sign(sign_keys[i], &sblob, &slen, - sshbuf_ptr(buf), sshbuf_len(buf), NULL, 0)) != 0) + sshbuf_ptr(buf), sshbuf_len(buf), NULL, NULL, 0)) != 0) goto out; KRL_DBG(("%s: signature sig len %zu", __func__, slen)); if ((r = sshbuf_put_string(buf, sblob, slen)) != 0) diff --git a/monitor.c b/monitor.c index 00af44f98..a884d5f9d 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.199 2019/10/07 23:10:38 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.200 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -678,7 +678,7 @@ mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) if ((key = get_hostkey_by_index(keyid)) != NULL) { if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg, - compat)) != 0) + NULL, compat)) != 0) fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && diff --git a/monitor_wrap.c b/monitor_wrap.c index 4169b7604..d20dc5191 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.113 2019/06/28 13:35:04 deraadt Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.114 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -215,7 +215,8 @@ mm_choose_dh(int min, int nbits, int max) int mm_sshkey_sign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat) + const u_char *data, size_t datalen, const char *hostkey_alg, + const char *sk_provider, u_int compat) { struct kex *kex = *pmonitor->m_pkex; struct sshbuf *m; @@ -223,7 +224,8 @@ mm_sshkey_sign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, int r; debug3("%s entering", __func__); - + if (sk_provider != NULL) + fatal("%s: sk_provider != NULL", __func__); if ((m = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); if ((r = sshbuf_put_u32(m, ndx)) != 0 || diff --git a/monitor_wrap.h b/monitor_wrap.h index 191277f3a..76330fc60 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.42 2019/09/06 05:23:55 djm Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.43 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -45,7 +45,7 @@ int mm_is_monitor(void); DH *mm_choose_dh(int, int, int); #endif int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *, - const u_char *, size_t, const char *, u_int compat); + const u_char *, size_t, const char *, const char *, u_int compat); void mm_inform_authserv(char *, char *); struct passwd *mm_getpwnamallow(struct ssh *, const char *); char *mm_auth2_read_banner(void); diff --git a/ssh-agent.c b/ssh-agent.c index 6bf9536fb..07f19c53a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.238 2019/10/31 21:22:01 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.239 2019/10/31 21:23:19 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -430,12 +430,13 @@ process_sign_request2(SocketEntry *e) if ((r = provider_sign(id->sk_provider, id->key, &signature, &slen, data, dlen, agent_decode_alg(key, flags), compat)) != 0) { - error("%s: sshkey_sign: %s", __func__, ssh_err(r)); + error("%s: sign: %s", __func__, ssh_err(r)); goto send; } } else { if ((r = sshkey_sign(id->key, &signature, &slen, - data, dlen, agent_decode_alg(key, flags), compat)) != 0) { + data, dlen, agent_decode_alg(key, flags), + NULL, compat)) != 0) { error("%s: sshkey_sign: %s", __func__, ssh_err(r)); goto send; } diff --git a/ssh-keygen.c b/ssh-keygen.c index ad7a2b4e0..14bf2560d 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.357 2019/10/31 21:17:09 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.358 2019/10/31 21:23:19 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -577,8 +577,10 @@ do_convert_private_ssh2(struct sshbuf *b) error("%s: remaining bytes in key blob %d", __func__, rlen); /* try the key */ - if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 || - sshkey_verify(key, sig, slen, data, sizeof(data), NULL, 0) != 0) { + if (sshkey_sign(key, &sig, &slen, data, sizeof(data), + NULL, NULL, 0) != 0 || + sshkey_verify(key, sig, slen, data, sizeof(data), + NULL, 0) != 0) { sshkey_free(key); free(sig); return NULL; @@ -1709,7 +1711,7 @@ load_pkcs11_key(char *path) static int agent_signer(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, - const char *alg, u_int compat, void *ctx) + const char *alg, const char *sk_provider, u_int compat, void *ctx) { int *agent_fdp = (int *)ctx; @@ -1821,11 +1823,13 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, if (agent_fd != -1 && (ca->flags & SSHKEY_FLAG_EXT) != 0) { if ((r = sshkey_certify_custom(public, ca, - key_type_name, agent_signer, &agent_fd)) != 0) + key_type_name, sk_provider, agent_signer, + &agent_fd)) != 0) fatal("Couldn't certify key %s via agent: %s", tmp, ssh_err(r)); } else { - if ((sshkey_certify(public, ca, key_type_name)) != 0) + if ((sshkey_certify(public, ca, key_type_name, + sk_provider)) != 0) fatal("Couldn't certify key %s: %s", tmp, ssh_err(r)); } @@ -2507,7 +2511,7 @@ sign_one(struct sshkey *signkey, const char *filename, int fd, else fprintf(stderr, "Signing file %s\n", filename); } - if ((r = sshsig_sign_fd(signkey, NULL, fd, sig_namespace, + if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, fd, sig_namespace, &sigbuf, signer, signer_ctx)) != 0) { error("Signing %s failed: %s", filename, ssh_err(r)); goto out; diff --git a/ssh-keysign.c b/ssh-keysign.c index 6cfd5b46c..d6aa6361d 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.61 2019/10/02 00:42:30 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.62 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -277,8 +277,8 @@ main(int argc, char **argv) sshkey_type(key), fp ? fp : ""); } - if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, NULL, 0)) - != 0) + if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, + NULL, NULL, 0)) != 0) fatal("sshkey_sign failed: %s", ssh_err(r)); free(data); diff --git a/ssh_api.c b/ssh_api.c index 03dac0982..e0b195521 100644 --- a/ssh_api.c +++ b/ssh_api.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.c,v 1.18 2019/09/13 04:36:43 dtucker Exp $ */ +/* $OpenBSD: ssh_api.c,v 1.19 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * @@ -54,7 +54,7 @@ int _ssh_host_key_sign(struct ssh *, struct sshkey *, struct sshkey *, */ int use_privsep = 0; int mm_sshkey_sign(struct sshkey *, u_char **, u_int *, - u_char *, u_int, char *, u_int); + const u_char *, u_int, const char *, const char *, u_int); #ifdef WITH_OPENSSL DH *mm_choose_dh(int, int, int); @@ -66,7 +66,8 @@ u_int session_id2_len = 0; int mm_sshkey_sign(struct sshkey *key, u_char **sigp, u_int *lenp, - u_char *data, u_int datalen, char *alg, u_int compat) + const u_char *data, u_int datalen, const char *alg, const char *sk_provider, + u_int compat) { return (-1); } @@ -568,5 +569,5 @@ _ssh_host_key_sign(struct ssh *ssh, struct sshkey *privkey, const u_char *data, size_t dlen, const char *alg) { return sshkey_sign(privkey, signature, slen, data, dlen, - alg, ssh->compat); + alg, NULL, ssh->compat); } diff --git a/sshconnect2.c b/sshconnect2.c index 62f0c3e76..867d463d6 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.309 2019/10/31 21:18:28 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.310 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1178,19 +1178,8 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, } sign_key = prv; } - - if (sshkey_type_plain(sign_key->type) == KEY_ECDSA_SK) { - if (options.sk_provider == NULL) { - /* Shouldn't happen here; checked in pubkey_prepare() */ - fatal("%s: missing SecurityKeyProvider", __func__); - } - if ((r = sshsk_ecdsa_sign(options.sk_provider, sign_key, - sigp, lenp, data, datalen, compat)) != 0) { - debug("%s: sshsk_ecdsa_sign: %s", __func__, ssh_err(r)); - goto out; - } - } else if ((r = sshkey_sign(sign_key, sigp, lenp, data, datalen, - alg, compat)) != 0) { + if ((r = sshkey_sign(sign_key, sigp, lenp, data, datalen, + alg, options.sk_provider, compat)) != 0) { debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); goto out; } diff --git a/sshd.c b/sshd.c index cf7af1c61..e782a99f2 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.538 2019/10/29 07:47:27 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.539 2019/10/31 21:23:19 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2209,17 +2209,17 @@ sshd_hostkey_sign(struct ssh *ssh, struct sshkey *privkey, if (use_privsep) { if (privkey) { if (mm_sshkey_sign(ssh, privkey, signature, slenp, - data, dlen, alg, ssh->compat) < 0) + data, dlen, alg, NULL, ssh->compat) < 0) fatal("%s: privkey sign failed", __func__); } else { if (mm_sshkey_sign(ssh, pubkey, signature, slenp, - data, dlen, alg, ssh->compat) < 0) + data, dlen, alg, NULL, ssh->compat) < 0) fatal("%s: pubkey sign failed", __func__); } } else { if (privkey) { if (sshkey_sign(privkey, signature, slenp, data, dlen, - alg, ssh->compat) < 0) + alg, NULL, ssh->compat) < 0) fatal("%s: privkey sign failed", __func__); } else { if ((r = ssh_agent_sign(auth_sock, pubkey, diff --git a/sshkey.c b/sshkey.c index d87fee8ee..4744dfbef 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.85 2019/10/31 21:15:14 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.86 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -57,6 +57,7 @@ #define SSHKEY_INTERNAL #include "sshkey.h" #include "match.h" +#include "ssh-sk.h" #ifdef WITH_XMSS #include "sshkey-xmss.h" @@ -2658,7 +2659,8 @@ sshkey_check_sigtype(const u_char *sig, size_t siglen, int sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *alg, u_int compat) + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, u_int compat) { int was_shielded = sshkey_is_shielded(key); int r2, r = SSH_ERR_INTERNAL_ERROR; @@ -2682,6 +2684,11 @@ sshkey_sign(struct sshkey *key, case KEY_ECDSA: r = ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat); break; + case KEY_ECDSA_SK_CERT: + case KEY_ECDSA_SK: + r = sshsk_ecdsa_sign(sk_provider, key, sigp, lenp, + data, datalen, compat); + break; # endif /* OPENSSL_HAS_ECC */ case KEY_RSA_CERT: case KEY_RSA: @@ -2802,7 +2809,7 @@ sshkey_drop_cert(struct sshkey *k) /* Sign a certified key, (re-)generating the signed certblob. */ int sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg, - sshkey_certify_signer *signer, void *signer_ctx) + const char *sk_provider, sshkey_certify_signer *signer, void *signer_ctx) { struct sshbuf *principals = NULL; u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; @@ -2934,7 +2941,7 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg, /* Sign the whole mess */ if ((ret = signer(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), - sshbuf_len(cert), alg, 0, signer_ctx)) != 0) + sshbuf_len(cert), alg, sk_provider, 0, signer_ctx)) != 0) goto out; /* Check and update signature_type against what was actually used */ if ((ret = sshkey_get_sigtype(sig_blob, sig_len, &sigtype)) != 0) @@ -2964,17 +2971,20 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg, static int default_key_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, - const char *alg, u_int compat, void *ctx) + const char *alg, const char *sk_provider, u_int compat, void *ctx) { if (ctx != NULL) return SSH_ERR_INVALID_ARGUMENT; - return sshkey_sign(key, sigp, lenp, data, datalen, alg, compat); + return sshkey_sign(key, sigp, lenp, data, datalen, alg, + sk_provider, compat); } int -sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg) +sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg, + const char *sk_provider) { - return sshkey_certify_custom(k, ca, alg, default_key_sign, NULL); + return sshkey_certify_custom(k, ca, alg, sk_provider, + default_key_sign, NULL); } int diff --git a/sshkey.h b/sshkey.h index 2edcb13ab..1d36a24a9 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.35 2019/10/31 21:15:14 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.36 2019/10/31 21:23:19 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -189,12 +189,13 @@ size_t sshkey_format_cert_validity(const struct sshkey_cert *, char *, size_t) __attribute__((__bounded__(__string__, 2, 3))); int sshkey_check_cert_sigtype(const struct sshkey *, const char *); -int sshkey_certify(struct sshkey *, struct sshkey *, const char *); +int sshkey_certify(struct sshkey *, struct sshkey *, + const char *, const char *); /* Variant allowing use of a custom signature function (e.g. for ssh-agent) */ typedef int sshkey_certify_signer(struct sshkey *, u_char **, size_t *, - const u_char *, size_t, const char *, u_int, void *); + const u_char *, size_t, const char *, const char *, u_int, void *); int sshkey_certify_custom(struct sshkey *, struct sshkey *, const char *, - sshkey_certify_signer *, void *); + const char *, sshkey_certify_signer *, void *); int sshkey_ecdsa_nid_from_name(const char *); int sshkey_curve_name_to_nid(const char *); @@ -223,7 +224,7 @@ int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *); int sshkey_putb_plain(const struct sshkey *, struct sshbuf *); int sshkey_sign(struct sshkey *, u_char **, size_t *, - const u_char *, size_t, const char *, u_int); + const u_char *, size_t, const char *, const char *, u_int); int sshkey_verify(const struct sshkey *, const u_char *, size_t, const u_char *, size_t, const char *, u_int); int sshkey_check_sigtype(const u_char *, size_t, const char *); diff --git a/sshsig.c b/sshsig.c index b19cd077d..8c7aba1b9 100644 --- a/sshsig.c +++ b/sshsig.c @@ -151,8 +151,9 @@ done: static int sshsig_wrap_sign(struct sshkey *key, const char *hashalg, - const struct sshbuf *h_message, const char *sig_namespace, - struct sshbuf **out, sshsig_signer *signer, void *signer_ctx) + const char *sk_provider, const struct sshbuf *h_message, + const char *sig_namespace, struct sshbuf **out, + sshsig_signer *signer, void *signer_ctx) { int r; size_t slen = 0; @@ -184,14 +185,14 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg, if (signer != NULL) { if ((r = signer(key, &sig, &slen, sshbuf_ptr(tosign), sshbuf_len(tosign), - sign_alg, 0, signer_ctx)) != 0) { + sign_alg, sk_provider, 0, signer_ctx)) != 0) { error("Couldn't sign message: %s", ssh_err(r)); goto done; } } else { if ((r = sshkey_sign(key, &sig, &slen, sshbuf_ptr(tosign), sshbuf_len(tosign), - sign_alg, 0)) != 0) { + sign_alg, sk_provider, 0)) != 0) { error("Couldn't sign message: %s", ssh_err(r)); goto done; } @@ -425,7 +426,7 @@ hash_buffer(const struct sshbuf *m, const char *hashalg, struct sshbuf **bp) } int -sshsig_signb(struct sshkey *key, const char *hashalg, +sshsig_signb(struct sshkey *key, const char *hashalg, const char *sk_provider, const struct sshbuf *message, const char *sig_namespace, struct sshbuf **out, sshsig_signer *signer, void *signer_ctx) { @@ -440,8 +441,8 @@ sshsig_signb(struct sshkey *key, const char *hashalg, error("%s: hash_buffer failed: %s", __func__, ssh_err(r)); goto out; } - if ((r = sshsig_wrap_sign(key, hashalg, b, sig_namespace, out, - signer, signer_ctx)) != 0) + if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, b, + sig_namespace, out, signer, signer_ctx)) != 0) goto out; /* success */ r = 0; @@ -551,7 +552,7 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp) } int -sshsig_sign_fd(struct sshkey *key, const char *hashalg, +sshsig_sign_fd(struct sshkey *key, const char *hashalg, const char *sk_provider, int fd, const char *sig_namespace, struct sshbuf **out, sshsig_signer *signer, void *signer_ctx) { @@ -566,8 +567,8 @@ sshsig_sign_fd(struct sshkey *key, const char *hashalg, error("%s: hash_file failed: %s", __func__, ssh_err(r)); return r; } - if ((r = sshsig_wrap_sign(key, hashalg, b, sig_namespace, out, - signer, signer_ctx)) != 0) + if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, b, + sig_namespace, out, signer, signer_ctx)) != 0) goto out; /* success */ r = 0; diff --git a/sshsig.h b/sshsig.h index e3eeb601b..487db116c 100644 --- a/sshsig.h +++ b/sshsig.h @@ -22,7 +22,7 @@ struct sshkey; struct sshsigopt; typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, - const u_char *, size_t, const char *, u_int, void *); + const u_char *, size_t, const char *, const char *, u_int, void *); /* Buffer-oriented API */ @@ -32,8 +32,9 @@ typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, * out is populated with the detached signature, or NULL on failure. */ int sshsig_signb(struct sshkey *key, const char *hashalg, - const struct sshbuf *message, const char *sig_namespace, - struct sshbuf **out, sshsig_signer *signer, void *signer_ctx); + const char *sk_provider, const struct sshbuf *message, + const char *sig_namespace, struct sshbuf **out, + sshsig_signer *signer, void *signer_ctx); /* * Verifies that a detached signature is valid and optionally returns key @@ -52,8 +53,8 @@ int sshsig_verifyb(struct sshbuf *signature, * out is populated with the detached signature, or NULL on failure. */ int sshsig_sign_fd(struct sshkey *key, const char *hashalg, - int fd, const char *sig_namespace, struct sshbuf **out, - sshsig_signer *signer, void *signer_ctx); + const char *sk_provider, int fd, const char *sig_namespace, + struct sshbuf **out, sshsig_signer *signer, void *signer_ctx); /* * Verifies that a detached signature over a file is valid and optionally -- cgit v1.2.3 From 2c55744a56de0ffc81fe445a1e7fc5cd308712b3 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Tue, 12 Nov 2019 19:33:08 +0000 Subject: upstream: enable ed25519 support; ok djm OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e --- authfd.c | 4 +- myproposal.h | 4 +- pathnames.h | 3 +- readconf.c | 4 +- ssh-add.c | 5 +- ssh-agent.c | 4 +- ssh-keygen.c | 25 ++++++--- ssh-sk-helper.c | 4 +- sshconnect.c | 4 +- sshconnect2.c | 13 ++--- sshkey.c | 154 +++++++++++++++++++++++++++++++++++++++++++++++++++++++- sshkey.h | 7 +-- 12 files changed, 200 insertions(+), 31 deletions(-) (limited to 'sshconnect2.c') diff --git a/authfd.c b/authfd.c index 1f0cd2ab3..e014f765c 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.118 2019/10/31 21:19:14 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.119 2019/11/12 19:33:08 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -484,6 +484,8 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, #endif case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: case KEY_XMSS: case KEY_XMSS_CERT: type = constrained ? diff --git a/myproposal.h b/myproposal.h index a22649a2e..90bb67bb3 100644 --- a/myproposal.h +++ b/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.60 2019/11/01 02:32:05 djm Exp $ */ +/* $OpenBSD: myproposal.h,v 1.61 2019/11/12 19:33:08 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -149,6 +149,7 @@ "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ "ecdsa-sha2-nistp521-cert-v01@openssh.com," \ + "sk-ssh-ed25519-cert-v01@openssh.com," \ "ssh-ed25519-cert-v01@openssh.com," \ "rsa-sha2-512-cert-v01@openssh.com," \ "rsa-sha2-256-cert-v01@openssh.com," \ @@ -157,6 +158,7 @@ "ecdsa-sha2-nistp256," \ "ecdsa-sha2-nistp384," \ "ecdsa-sha2-nistp521," \ + "sk-ssh-ed25519@openssh.com," \ "ssh-ed25519," \ "rsa-sha2-512," \ "rsa-sha2-256," \ diff --git a/pathnames.h b/pathnames.h index 3a1bd1977..f7ca5a75a 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.30 2019/10/31 21:22:01 djm Exp $ */ +/* $OpenBSD: pathnames.h,v 1.31 2019/11/12 19:33:08 markus Exp $ */ /* * Author: Tatu Ylonen @@ -78,6 +78,7 @@ #define _PATH_SSH_CLIENT_ID_ED25519 _PATH_SSH_USER_DIR "/id_ed25519" #define _PATH_SSH_CLIENT_ID_XMSS _PATH_SSH_USER_DIR "/id_xmss" #define _PATH_SSH_CLIENT_ID_ECDSA_SK _PATH_SSH_USER_DIR "/id_ecdsa_sk" +#define _PATH_SSH_CLIENT_ID_ED25519_SK _PATH_SSH_USER_DIR "/id_ed25519_sk" /* * Configuration file in user's home directory. This file need not be diff --git a/readconf.c b/readconf.c index f18194580..3d99367c3 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.310 2019/10/31 21:18:28 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.311 2019/11/12 19:33:08 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2055,6 +2055,8 @@ fill_default_options(Options * options) #endif add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ED25519, 0); + add_identity_file(options, "~/", + _PATH_SSH_CLIENT_ID_ED25519_SK, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0); } if (options->escape_char == -1) diff --git a/ssh-add.c b/ssh-add.c index 3c8849ac4..696b156d5 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.143 2019/10/31 21:19:56 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.144 2019/11/12 19:33:08 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -81,6 +81,7 @@ static char *default_files[] = { #endif #endif /* WITH_OPENSSL */ _PATH_SSH_CLIENT_ID_ED25519, + _PATH_SSH_CLIENT_ID_ED25519_SK, _PATH_SSH_CLIENT_ID_XMSS, NULL }; @@ -312,7 +313,7 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag, ssh_free_identitylist(idlist); } - if (sshkey_type_plain(private->type) != KEY_ECDSA_SK) + if (!sshkey_is_sk(private)) skprovider = NULL; /* Don't send constraint for other keys */ else if (skprovider == NULL) { fprintf(stderr, "Cannot load security key %s without " diff --git a/ssh-agent.c b/ssh-agent.c index 07f19c53a..dd9f85ae7 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.239 2019/10/31 21:23:19 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.240 2019/11/12 19:33:08 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -622,7 +622,7 @@ process_add_identity(SocketEntry *e) } } if (sk_provider != NULL) { - if (sshkey_type_plain(k->type) != KEY_ECDSA_SK) { + if (!sshkey_is_sk(k)) { error("Cannot add provider: %s is not a security key", sshkey_type(k)); free(sk_provider); diff --git a/ssh-keygen.c b/ssh-keygen.c index ac34f314b..030b3684e 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.361 2019/11/08 03:54:02 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.362 2019/11/12 19:33:08 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -287,6 +287,10 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_ED25519_CERT: name = _PATH_SSH_CLIENT_ID_ED25519; break; + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: + name = _PATH_SSH_CLIENT_ID_ED25519_SK; + break; case KEY_XMSS: case KEY_XMSS_CERT: name = _PATH_SSH_CLIENT_ID_XMSS; @@ -3255,16 +3259,23 @@ main(int argc, char **argv) printf("Generating public/private %s key pair.\n", key_type_name); if (type == KEY_ECDSA_SK) { + switch (type) { + case KEY_ECDSA_SK: + case KEY_ED25519_SK: #ifndef ENABLE_SK fatal("Security key support was disabled at compile time"); #else /* ENABLE_SK */ - if (sshsk_enroll(sk_provider, - cert_key_id == NULL ? "ssh:" : cert_key_id, - sk_flags, NULL, &private, NULL) != 0) - exit(1); /* error message already printed */ + if (sshsk_enroll(type, sk_provider, + cert_key_id == NULL ? "ssh:" : cert_key_id, + sk_flags, NULL, &private, NULL) != 0) + exit(1); /* error message already printed */ + break; #endif /* ENABLE_SK */ - } else if ((r = sshkey_generate(type, bits, &private)) != 0) - fatal("sshkey_generate failed"); + default: + if ((r = sshkey_generate(type, bits, &private)) != 0) + fatal("sshkey_generate failed"); + break; + } if ((r = sshkey_from_private(private, &public)) != 0) fatal("sshkey_from_private failed: %s\n", ssh_err(r)); diff --git a/ssh-sk-helper.c b/ssh-sk-helper.c index a996f5898..0acb8d172 100644 --- a/ssh-sk-helper.c +++ b/ssh-sk-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-helper.c,v 1.2 2019/11/12 19:30:50 markus Exp $ */ +/* $OpenBSD: ssh-sk-helper.c,v 1.3 2019/11/12 19:33:08 markus Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -114,7 +114,7 @@ main(int argc, char **argv) if ((r = sshbuf_froms(req, &kbuf)) != 0 || (r = sshkey_private_deserialize(kbuf, &key)) != 0) fatal("Unable to parse key: %s", ssh_err(r)); - if (sshkey_type_plain(key->type) != KEY_ECDSA_SK) + if (!sshkey_is_sk(key)) fatal("Unsupported key type %s", sshkey_ssh_name(key)); if ((r = sshbuf_get_cstring(req, &provider, NULL)) != 0 || diff --git a/sshconnect.c b/sshconnect.c index 177775f6e..7e9369ee3 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.321 2019/10/31 21:20:38 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.322 2019/11/12 19:33:08 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1425,7 +1425,7 @@ maybe_add_key_to_agent(char *authfile, struct sshkey *private, close(auth_sock); return; } - if (sshkey_type_plain(private->type) == KEY_ECDSA_SK) + if (sshkey_is_sk(private)) skprovider = options.sk_provider; if ((r = ssh_add_identity_constrained(auth_sock, private, comment, 0, (options.add_keys_to_agent == 3), 0, skprovider)) == 0) diff --git a/sshconnect2.c b/sshconnect2.c index 867d463d6..4e5cddf14 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.310 2019/10/31 21:23:19 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.311 2019/11/12 19:33:08 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -611,7 +611,7 @@ format_identity(Identity *id) if (id->key) { if ((id->key->flags & SSHKEY_FLAG_EXT) != 0) note = " token"; - else if (sshkey_type_plain(id->key->type) == KEY_ECDSA_SK) + else if (sshkey_is_sk(id->key)) note = " security-key"; } xasprintf(&ret, "%s %s%s%s%s%s%s", @@ -1468,8 +1468,7 @@ load_identity_file(Identity *id) quit = 1; break; } - if (private != NULL && - sshkey_type_plain(private->type) == KEY_ECDSA_SK && + if (private != NULL && sshkey_is_sk(private) && options.sk_provider == NULL) { debug("key \"%s\" is a security key, but no " "provider specified", id->filename); @@ -1554,8 +1553,7 @@ pubkey_prepare(Authctxt *authctxt) options.identity_files[i]); continue; } - if (key && sshkey_type_plain(key->type) == KEY_ECDSA_SK && - options.sk_provider == NULL) { + if (key && sshkey_is_sk(key) && options.sk_provider == NULL) { debug("%s: ignoring security key %s as no " "SecurityKeyProvider has been specified", __func__, options.identity_files[i]); @@ -1579,8 +1577,7 @@ pubkey_prepare(Authctxt *authctxt) options.identity_files[i]); continue; } - if (key && sshkey_type_plain(key->type) == KEY_ECDSA_SK && - options.sk_provider == NULL) { + if (key && sshkey_is_sk(key) && options.sk_provider == NULL) { debug("%s: ignoring security key certificate %s as no " "SecurityKeyProvider has been specified", __func__, options.identity_files[i]); diff --git a/sshkey.c b/sshkey.c index 269f37b39..1b66d4ec7 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.89 2019/11/12 19:31:18 markus Exp $ */ +/* $OpenBSD: sshkey.c,v 1.90 2019/11/12 19:33:08 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -107,6 +107,10 @@ static const struct keytype keytypes[] = { { "ssh-ed25519", "ED25519", NULL, KEY_ED25519, 0, 0, 0 }, { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", NULL, KEY_ED25519_CERT, 0, 1, 0 }, + { "sk-ssh-ed25519@openssh.com", "ED25519-SK", NULL, + KEY_ED25519_SK, 0, 0, 0 }, + { "sk-ssh-ed25519-cert-v01@openssh.com", "ED25519-SK-CERT", NULL, + KEY_ED25519_SK_CERT, 0, 1, 0 }, #ifdef WITH_XMSS { "ssh-xmss@openssh.com", "XMSS", NULL, KEY_XMSS, 0, 0, 0 }, { "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", NULL, @@ -337,6 +341,8 @@ sshkey_size(const struct sshkey *k) #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: case KEY_XMSS: case KEY_XMSS_CERT: return 256; /* XXX */ @@ -353,6 +359,7 @@ sshkey_type_is_valid_ca(int type) case KEY_ECDSA: case KEY_ECDSA_SK: case KEY_ED25519: + case KEY_ED25519_SK: case KEY_XMSS: return 1; default: @@ -368,6 +375,20 @@ sshkey_is_cert(const struct sshkey *k) return sshkey_type_is_cert(k->type); } +int +sshkey_is_sk(const struct sshkey *k) +{ + if (k == NULL) + return 0; + switch (sshkey_type_plain(k->type)) { + case KEY_ECDSA_SK: + case KEY_ED25519_SK: + return 1; + default: + return 0; + } +} + /* Return the cert-less equivalent to a certified key type */ int sshkey_type_plain(int type) @@ -383,6 +404,8 @@ sshkey_type_plain(int type) return KEY_ECDSA_SK; case KEY_ED25519_CERT: return KEY_ED25519; + case KEY_ED25519_SK_CERT: + return KEY_ED25519_SK; case KEY_XMSS_CERT: return KEY_XMSS; default: @@ -563,6 +586,8 @@ sshkey_new(int type) #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: case KEY_XMSS: case KEY_XMSS_CERT: /* no need to prealloc */ @@ -615,6 +640,12 @@ sshkey_free(struct sshkey *k) break; # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: + free(k->sk_application); + sshbuf_free(k->sk_key_handle); + sshbuf_free(k->sk_reserved); + /* FALLTHROUGH */ case KEY_ED25519: case KEY_ED25519_CERT: freezero(k->ed25519_pk, ED25519_PK_SZ); @@ -734,6 +765,13 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) return 1; # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: + if (a->sk_application == NULL || b->sk_application == NULL) + return 0; + if (strcmp(a->sk_application, b->sk_application) != 0) + return 0; + /* FALLTHROUGH */ case KEY_ED25519: case KEY_ED25519_CERT: return a->ed25519_pk != NULL && b->ed25519_pk != NULL && @@ -842,12 +880,18 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain, break; #endif /* WITH_OPENSSL */ case KEY_ED25519: + case KEY_ED25519_SK: if (key->ed25519_pk == NULL) return SSH_ERR_INVALID_ARGUMENT; if ((ret = sshbuf_put_cstring(b, typename)) != 0 || (ret = sshbuf_put_string(b, key->ed25519_pk, ED25519_PK_SZ)) != 0) return ret; + if (type == KEY_ED25519_SK) { + if ((ret = sshbuf_put_cstring(b, + key->sk_application)) != 0) + return ret; + } break; #ifdef WITH_XMSS case KEY_XMSS: @@ -1290,11 +1334,13 @@ sshkey_read(struct sshkey *ret, char **cpp) case KEY_ECDSA: case KEY_ECDSA_SK: case KEY_ED25519: + case KEY_ED25519_SK: case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_ECDSA_SK_CERT: case KEY_RSA_CERT: case KEY_ED25519_CERT: + case KEY_ED25519_SK_CERT: #ifdef WITH_XMSS case KEY_XMSS: case KEY_XMSS_CERT: @@ -1418,6 +1464,13 @@ sshkey_read(struct sshkey *ret, char **cpp) /* XXX */ #endif break; + case KEY_ED25519_SK: + freezero(ret->ed25519_pk, ED25519_PK_SZ); + ret->ed25519_pk = k->ed25519_pk; + ret->sk_application = k->sk_application; + k->ed25519_pk = NULL; + k->sk_application = NULL; + break; #ifdef WITH_XMSS case KEY_XMSS: free(ret->xmss_pk); @@ -1876,6 +1929,8 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp) #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: if (k->ed25519_pk != NULL) { if ((n->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL) { r = SSH_ERR_ALLOC_FAIL; @@ -1883,6 +1938,12 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp) } memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); } + if (k->type != KEY_ED25519_SK && + k->type != KEY_ED25519_SK_CERT) + break; + /* Append security-key application string */ + if ((n->sk_application = strdup(k->sk_application)) == NULL) + goto out; break; #ifdef WITH_XMSS case KEY_XMSS: @@ -2444,6 +2505,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ case KEY_ED25519_CERT: + case KEY_ED25519_SK_CERT: /* Skip nonce */ if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { ret = SSH_ERR_INVALID_FORMAT; @@ -2451,6 +2513,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, } /* FALLTHROUGH */ case KEY_ED25519: + case KEY_ED25519_SK: if ((ret = sshbuf_get_string(b, &pk, &len)) != 0) goto out; if (len != ED25519_PK_SZ) { @@ -2461,6 +2524,17 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, ret = SSH_ERR_ALLOC_FAIL; goto out; } + if (type == KEY_ED25519_SK || type == KEY_ED25519_SK_CERT) { + /* Parse additional security-key application string */ + if (sshbuf_get_cstring(b, &key->sk_application, + NULL) != 0) { + ret = SSH_ERR_INVALID_FORMAT; + goto out; + } +#ifdef DEBUG_PK + fprintf(stderr, "App: %s\n", key->sk_application); +#endif + } key->ed25519_pk = pk; pk = NULL; break; @@ -2790,6 +2864,9 @@ sshkey_to_certified(struct sshkey *k) newtype = KEY_ECDSA_SK_CERT; break; #endif /* WITH_OPENSSL */ + case KEY_ED25519_SK: + newtype = KEY_ED25519_SK_CERT; + break; case KEY_ED25519: newtype = KEY_ED25519_CERT; break; @@ -3223,6 +3300,29 @@ sshkey_private_serialize_opt(struct sshkey *key, struct sshbuf *buf, ED25519_SK_SZ)) != 0) goto out; break; + case KEY_ED25519_SK: + if ((r = sshbuf_put_string(b, key->ed25519_pk, + ED25519_PK_SZ)) != 0 || + (r = sshbuf_put_cstring(b, key->sk_application)) != 0 || + (r = sshbuf_put_u8(b, key->sk_flags)) != 0 || + (r = sshbuf_put_stringb(b, key->sk_key_handle)) != 0 || + (r = sshbuf_put_stringb(b, key->sk_reserved)) != 0) + goto out; + break; + case KEY_ED25519_SK_CERT: + if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { + r = SSH_ERR_INVALID_ARGUMENT; + goto out; + } + if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || + (r = sshbuf_put_string(b, key->ed25519_pk, + ED25519_PK_SZ)) != 0 || + (r = sshbuf_put_cstring(b, key->sk_application)) != 0 || + (r = sshbuf_put_u8(b, key->sk_flags)) != 0 || + (r = sshbuf_put_stringb(b, key->sk_key_handle)) != 0 || + (r = sshbuf_put_stringb(b, key->sk_reserved)) != 0) + goto out; + break; #ifdef WITH_XMSS case KEY_XMSS: if (key->xmss_name == NULL) { @@ -3532,6 +3632,57 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) k->ed25519_sk = ed25519_sk; ed25519_pk = ed25519_sk = NULL; /* transferred */ break; + case KEY_ED25519_SK: + if ((k = sshkey_new(type)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((r = sshbuf_get_string(buf, &ed25519_pk, &pklen)) != 0) + goto out; + if (pklen != ED25519_PK_SZ) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((k->sk_key_handle = sshbuf_new()) == NULL || + (k->sk_reserved = sshbuf_new()) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((r = sshbuf_get_cstring(buf, &k->sk_application, + NULL)) != 0 || + (r = sshbuf_get_u8(buf, &k->sk_flags)) != 0 || + (r = sshbuf_get_stringb(buf, k->sk_key_handle)) != 0 || + (r = sshbuf_get_stringb(buf, k->sk_reserved)) != 0) + goto out; + k->ed25519_pk = ed25519_pk; + ed25519_pk = NULL; + break; + case KEY_ED25519_SK_CERT: + if ((r = sshkey_froms(buf, &k)) != 0 || + (r = sshbuf_get_string(buf, &ed25519_pk, &pklen)) != 0) + goto out; + if (k->type != type) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if (pklen != ED25519_PK_SZ) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((k->sk_key_handle = sshbuf_new()) == NULL || + (k->sk_reserved = sshbuf_new()) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((r = sshbuf_get_cstring(buf, &k->sk_application, + NULL)) != 0 || + (r = sshbuf_get_u8(buf, &k->sk_flags)) != 0 || + (r = sshbuf_get_stringb(buf, k->sk_key_handle)) != 0 || + (r = sshbuf_get_stringb(buf, k->sk_reserved)) != 0) + goto out; + k->ed25519_pk = ed25519_pk; + ed25519_pk = NULL; /* transferred */ + break; #ifdef WITH_XMSS case KEY_XMSS: if ((k = sshkey_new(type)) == NULL) { @@ -4261,6 +4412,7 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, break; /* see below */ #endif /* WITH_OPENSSL */ case KEY_ED25519: + case KEY_ED25519_SK: #ifdef WITH_XMSS case KEY_XMSS: #endif /* WITH_XMSS */ diff --git a/sshkey.h b/sshkey.h index 8cd12bd95..1fb8369f0 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.37 2019/11/12 19:29:25 markus Exp $ */ +/* $OpenBSD: sshkey.h,v 1.38 2019/11/12 19:33:08 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -129,7 +129,7 @@ struct sshkey { /* KEY_ECDSA and KEY_ECDSA_SK */ int ecdsa_nid; /* NID of curve */ EC_KEY *ecdsa; - /* KEY_ED25519 */ + /* KEY_ED25519 and KEY_ED25519_SK */ u_char *ed25519_sk; u_char *ed25519_pk; /* KEY_XMSS */ @@ -138,7 +138,7 @@ struct sshkey { void *xmss_state; /* depends on xmss_name, opaque */ u_char *xmss_sk; u_char *xmss_pk; - /* KEY_ECDSA_SK */ + /* KEY_ECDSA_SK and KEY_ED25519_SK */ char *sk_application; uint8_t sk_flags; struct sshbuf *sk_key_handle; @@ -180,6 +180,7 @@ int sshkey_unshield_private(struct sshkey *); int sshkey_type_from_name(const char *); int sshkey_is_cert(const struct sshkey *); +int sshkey_is_sk(const struct sshkey *); int sshkey_type_is_cert(int); int sshkey_type_plain(int); int sshkey_to_certified(struct sshkey *); -- cgit v1.2.3 From e44bb61824e36d0d181a08489c16c378c486a974 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 12 Nov 2019 22:36:44 +0000 Subject: upstream: security keys typically need to be tapped/touched in order to perform a signature operation. Notify the user when this is expected via the TTY (if available) or $SSH_ASKPASS if we can. ok markus@ OpenBSD-Commit-ID: 0ef90a99a85d4a2a07217a58efb4df8444818609 --- ssh-agent.c | 13 +++++++++++-- ssh-keygen.c | 14 +++++++++++--- sshconnect2.c | 17 ++++++++++++++++- 3 files changed, 38 insertions(+), 6 deletions(-) (limited to 'sshconnect2.c') diff --git a/ssh-agent.c b/ssh-agent.c index dd9f85ae7..eb17b18b2 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.240 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.241 2019/11/12 22:36:44 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -289,9 +289,10 @@ provider_sign(const char *provider, struct sshkey *key, { int status, pair[2], r = SSH_ERR_INTERNAL_ERROR; pid_t pid; - char *helper, *verbosity = NULL; + char *helper, *verbosity = NULL, *fp = NULL; struct sshbuf *kbuf, *req, *resp; u_char version; + struct notifier_ctx *notifier = NULL; debug3("%s: start for provider %s", __func__, provider); @@ -344,10 +345,17 @@ provider_sign(const char *provider, struct sshkey *key, error("%s: send: %s", __func__, ssh_err(r)); goto out; } + if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT, + SSH_FP_DEFAULT)) == NULL) + fatal("%s: sshkey_fingerprint failed", __func__); + notifier = notify_start(0, + "Confirm user presence for key %s %s", sshkey_type(key), fp); if ((r = ssh_msg_recv(pair[0], resp)) != 0) { error("%s: receive: %s", __func__, ssh_err(r)); goto out; } + notify_complete(notifier); + notifier = NULL; if ((r = sshbuf_get_u8(resp, &version)) != 0) { error("%s: parse version: %s", __func__, ssh_err(r)); goto out; @@ -375,6 +383,7 @@ provider_sign(const char *provider, struct sshkey *key, if (errno != EINTR) fatal("%s: waitpid: %s", __func__, ssh_err(r)); } + notify_complete(notifier); if (!WIFEXITED(status)) { error("%s: helper %s exited abnormally", __func__, helper); if (r == 0) diff --git a/ssh-keygen.c b/ssh-keygen.c index 7b8dce7d8..46d642e17 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.362 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.363 2019/11/12 22:36:44 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -2506,8 +2506,7 @@ sign_one(struct sshkey *signkey, const char *filename, int fd, { struct sshbuf *sigbuf = NULL, *abuf = NULL; int r = SSH_ERR_INTERNAL_ERROR, wfd = -1, oerrno; - char *wfile = NULL; - char *asig = NULL; + char *wfile = NULL, *asig = NULL, *fp = NULL; if (!quiet) { if (fd == STDIN_FILENO) @@ -2515,6 +2514,15 @@ sign_one(struct sshkey *signkey, const char *filename, int fd, else fprintf(stderr, "Signing file %s\n", filename); } + if (signer == NULL && sshkey_is_sk(signkey) && + (signkey->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { + if ((fp = sshkey_fingerprint(signkey, fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) + fatal("%s: sshkey_fingerprint failed", __func__); + fprintf(stderr, "Confirm user presence for key %s %s\n", + sshkey_type(signkey), fp); + free(fp); + } if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, fd, sig_namespace, &sigbuf, signer, signer_ctx)) != 0) { error("Signing %s failed: %s", filename, ssh_err(r)); diff --git a/sshconnect2.c b/sshconnect2.c index 4e5cddf14..c8db626df 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.311 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.312 2019/11/12 22:36:44 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -73,6 +73,7 @@ #include "ssherr.h" #include "utf8.h" #include "ssh-sk.h" +#include "sk-api.h" #ifdef GSSAPI #include "ssh-gss.h" @@ -1149,6 +1150,8 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, { struct sshkey *sign_key = NULL, *prv = NULL; int r = SSH_ERR_INTERNAL_ERROR; + struct notifier_ctx *notifier = NULL; + char *fp = NULL; *sigp = NULL; *lenp = 0; @@ -1177,12 +1180,24 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, goto out; } sign_key = prv; + if (sshkey_is_sk(sign_key) && + (sign_key->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { + /* XXX match batch mode should just skip these keys? */ + if ((fp = sshkey_fingerprint(sign_key, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + fatal("%s: sshkey_fingerprint", __func__); + notifier = notify_start(options.batch_mode, + "Confirm user presence for key %s %s", + sshkey_type(sign_key), fp); + free(fp); + } } if ((r = sshkey_sign(sign_key, sigp, lenp, data, datalen, alg, options.sk_provider, compat)) != 0) { debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); goto out; } + notify_complete(notifier); /* * PKCS#11 tokens may not support all signature algorithms, * so check what we get back. -- cgit v1.2.3 From 72687c8e7c38736e3e64e833ee7aa8f9cd9efed1 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Wed, 13 Nov 2019 04:47:52 +0000 Subject: upstream: stdarg.h required more broadly; ok djm OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513 --- auth2-chall.c | 4 ++-- auth2-kbdint.c | 5 ++--- authfd.c | 4 ++-- clientloop.c | 4 ++-- match.c | 4 ++-- readconf.c | 4 ++-- session.c | 4 ++-- sftp-glob.c | 4 ++-- sshconnect.c | 4 ++-- sshconnect2.c | 4 ++-- umac.c | 2 +- 11 files changed, 21 insertions(+), 22 deletions(-) (limited to 'sshconnect2.c') diff --git a/auth2-chall.c b/auth2-chall.c index 671f2f05f..c57387b71 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.51 2019/09/06 04:53:27 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.52 2019/11/13 04:47:52 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -29,9 +29,9 @@ #include #include -#include #include #include +#include #include "xmalloc.h" #include "ssh2.h" diff --git a/auth2-kbdint.c b/auth2-kbdint.c index f88ef2c39..e23d2edd2 100644 --- a/auth2-kbdint.c +++ b/auth2-kbdint.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-kbdint.c,v 1.10 2019/09/06 04:53:27 djm Exp $ */ +/* $OpenBSD: auth2-kbdint.c,v 1.11 2019/11/13 04:47:52 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -27,10 +27,9 @@ #include -#include - #include #include +#include #include "xmalloc.h" #include "packet.h" diff --git a/authfd.c b/authfd.c index e014f765c..ab6305944 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.119 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: authfd.c,v 1.120 2019/11/13 04:47:52 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -44,8 +44,8 @@ #include #include #include -#include #include +#include #include #include diff --git a/clientloop.c b/clientloop.c index b5a1f7038..068506210 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.327 2019/07/24 08:57:00 mestre Exp $ */ +/* $OpenBSD: clientloop.c,v 1.328 2019/11/13 04:47:52 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -77,10 +77,10 @@ #include #endif #include -#include #include #include #include +#include #include #include #include diff --git a/match.c b/match.c index 91083470a..3a8fa9d78 100644 --- a/match.c +++ b/match.c @@ -1,4 +1,4 @@ -/* $OpenBSD: match.c,v 1.40 2019/10/04 04:13:39 djm Exp $ */ +/* $OpenBSD: match.c,v 1.41 2019/11/13 04:47:52 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -40,9 +40,9 @@ #include #include -#include #include #include +#include #include #include "xmalloc.h" diff --git a/readconf.c b/readconf.c index 3d99367c3..b7a1caa11 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.311 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: readconf.c,v 1.312 2019/11/13 04:47:52 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,9 +35,9 @@ #endif #include #include -#include #include #include +#include #include #ifdef USE_SYSTEM_GLOB # include diff --git a/session.c b/session.c index 8f5d7e0a4..80738b927 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.316 2019/06/28 13:35:04 deraadt Exp $ */ +/* $OpenBSD: session.c,v 1.317 2019/11/13 04:47:52 deraadt Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -56,10 +56,10 @@ #endif #include #include -#include #include #include #include +#include #include #include diff --git a/sftp-glob.c b/sftp-glob.c index feba0a23c..f573f98f0 100644 --- a/sftp-glob.c +++ b/sftp-glob.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-glob.c,v 1.28 2019/10/02 00:42:30 djm Exp $ */ +/* $OpenBSD: sftp-glob.c,v 1.29 2019/11/13 04:47:52 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -23,9 +23,9 @@ #endif #include -#include #include #include +#include #include "xmalloc.h" #include "sftp.h" diff --git a/sshconnect.c b/sshconnect.c index 7e9369ee3..0b33ea58b 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.322 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.323 2019/11/13 04:47:52 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -39,9 +39,9 @@ #include #endif #include -#include #include #include +#include #include #include #ifdef HAVE_IFADDRS_H diff --git a/sshconnect2.c b/sshconnect2.c index c8db626df..85c1c231a 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.312 2019/11/12 22:36:44 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.313 2019/11/13 04:47:52 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -36,9 +36,9 @@ #include #include #include -#include #include #include +#include #include #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) #include diff --git a/umac.c b/umac.c index e4929bcb7..2a6b6ae6b 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.17 2018/04/10 00:10:49 djm Exp $ */ +/* $OpenBSD: umac.c,v 1.18 2019/11/13 04:47:52 deraadt Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication -- cgit v1.2.3 From 49dc9fa928d77807c53bdc2898db7fb515fe5eb3 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 15 Nov 2019 02:37:24 +0000 Subject: upstream: close the "touch your security key" notifier on the error path too OpenBSD-Commit-ID: c7628bf80505c1aefbb1de7abc8bb5ee51826829 --- sshconnect2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sshconnect2.c') diff --git a/sshconnect2.c b/sshconnect2.c index 85c1c231a..d658ed07b 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.313 2019/11/13 04:47:52 deraadt Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.314 2019/11/15 02:37:24 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1197,7 +1197,6 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); goto out; } - notify_complete(notifier); /* * PKCS#11 tokens may not support all signature algorithms, * so check what we get back. @@ -1209,6 +1208,7 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, /* success */ r = 0; out: + notify_complete(notifier); sshkey_free(prv); return r; } -- cgit v1.2.3 From 881aded0389d999375f926051491a944c6d8752b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 21 Jan 2020 05:56:27 +0000 Subject: upstream: a little more verbosity in sign_and_send_pubkey() debug messages OpenBSD-Commit-ID: 6da47a0e6373f6683006f49bc2a516d197655508 --- sshconnect2.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'sshconnect2.c') diff --git a/sshconnect2.c b/sshconnect2.c index d658ed07b..6f9ee42cd 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.314 2019/11/15 02:37:24 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.315 2020/01/21 05:56:27 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1311,7 +1311,7 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) error("%s: no mutual signature supported", __func__); goto out; } - debug3("%s: signing using %s", __func__, alg); + debug3("%s: signing using %s %s", __func__, alg, fp); sshbuf_free(b); if ((b = sshbuf_new()) == NULL) @@ -1358,7 +1358,9 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) loc, sshkey_type(id->key), fp); continue; } - error("%s: signing failed: %s", __func__, ssh_err(r)); + error("%s: signing failed for %s \"%s\"%s: %s", __func__, + sshkey_type(sign_id->key), sign_id->filename, + id->agent_fd != -1 ? " from agent" : "", ssh_err(r)); goto out; } if (slen == 0 || signature == NULL) /* shouldn't happen */ -- cgit v1.2.3 From c4b3a128954ee1b7fbcbda167baf8aca1a3d1c84 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 23 Jan 2020 02:46:49 +0000 Subject: upstream: Remove unsupported algorithms from list of defaults at run time and remove ifdef and distinct settings for OPENSSL=no case. This will make things much simpler for -portable where the exact set of algos depends on the configuration of both OpenSSH and the libcrypto it's linked against (if any). ok djm@ OpenBSD-Commit-ID: e0116d0183dcafc7a9c40ba5fe9127805c5dfdd2 --- clientloop.c | 5 +-- myproposal.h | 138 ++++++++++------------------------------------------------ readconf.c | 53 ++++++++++++++-------- readconf.h | 3 +- servconf.c | 47 +++++++++++--------- sshconnect2.c | 8 ++-- 6 files changed, 92 insertions(+), 162 deletions(-) (limited to 'sshconnect2.c') diff --git a/clientloop.c b/clientloop.c index 8f0332df4..4acf2806d 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.330 2019/12/21 02:19:13 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.331 2020/01/23 02:46:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2046,8 +2046,7 @@ static int key_accepted_by_hostkeyalgs(const struct sshkey *key) { const char *ktype = sshkey_ssh_name(key); - const char *hostkeyalgs = options.hostkeyalgorithms != NULL ? - options.hostkeyalgorithms : KEX_DEFAULT_PK_ALG; + const char *hostkeyalgs = options.hostkeyalgorithms; if (key == NULL || key->type == KEY_UNSPEC) return 0; diff --git a/myproposal.h b/myproposal.h index 145704f49..dd2499d66 100644 --- a/myproposal.h +++ b/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.65 2020/01/22 04:58:23 tedu Exp $ */ +/* $OpenBSD: myproposal.h,v 1.66 2020/01/23 02:46:49 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -24,110 +24,47 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef WITH_OPENSSL -#include -#endif - -/* conditional algorithm support */ - -#ifdef OPENSSL_HAS_ECC -# ifdef OPENSSL_HAS_NISTP521 -# define KEX_ECDH_METHODS \ +#define KEX_SERVER_KEX \ + "curve25519-sha256," \ + "curve25519-sha256@libssh.org," \ "ecdh-sha2-nistp256," \ "ecdh-sha2-nistp384," \ - "ecdh-sha2-nistp521," -# define HOSTKEY_ECDSA_CERT_METHODS \ - "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ - "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ - "ecdsa-sha2-nistp521-cert-v01@openssh.com," \ - "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," -# define HOSTKEY_ECDSA_METHODS \ - "ecdsa-sha2-nistp256," \ - "ecdsa-sha2-nistp384," \ - "ecdsa-sha2-nistp521," \ - "sk-ecdsa-sha2-nistp256@openssh.com," -# else /* OPENSSL_HAS_NISTP521 */ -# define KEX_ECDH_METHODS \ - "ecdh-sha2-nistp256," \ - "ecdh-sha2-nistp384," -# define HOSTKEY_ECDSA_CERT_METHODS \ - "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ - "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ - "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," -# define HOSTKEY_ECDSA_METHODS \ - "ecdsa-sha2-nistp256," \ - "ecdsa-sha2-nistp384," \ - "sk-ecdsa-sha2-nistp256@openssh.com," -# endif /* OPENSSL_HAS_NISTP521 */ -#else /* OPENSSL_HAS_ECC */ -# define KEX_ECDH_METHODS -# define HOSTKEY_ECDSA_CERT_METHODS -# define HOSTKEY_ECDSA_METHODS -#endif /* OPENSSL_HAS_ECC */ - -#ifdef OPENSSL_HAVE_EVPGCM -# define AESGCM_CIPHER_MODES \ - ",aes128-gcm@openssh.com,aes256-gcm@openssh.com" -#else -# define AESGCM_CIPHER_MODES -#endif - -#ifdef HAVE_EVP_SHA256 -# define KEX_SHA2_METHODS \ + "ecdh-sha2-nistp521," \ "diffie-hellman-group-exchange-sha256," \ "diffie-hellman-group16-sha512," \ - "diffie-hellman-group18-sha512," -# define KEX_SHA2_GROUP14 \ - "diffie-hellman-group14-sha256," -#define SHA2_HMAC_MODES \ - "hmac-sha2-256," \ - "hmac-sha2-512," -#else -# define KEX_SHA2_METHODS -# define KEX_SHA2_GROUP14 -# define SHA2_HMAC_MODES -#endif - -#ifdef WITH_OPENSSL -# ifdef HAVE_EVP_SHA256 -# define KEX_CURVE25519_METHODS \ - "curve25519-sha256," \ - "curve25519-sha256@libssh.org," -# else -# define KEX_CURVE25519_METHODS "" -# endif -#define KEX_SERVER_KEX \ - KEX_CURVE25519_METHODS \ - KEX_ECDH_METHODS \ - KEX_SHA2_METHODS \ - KEX_SHA2_GROUP14 + "diffie-hellman-group18-sha512," \ + "diffie-hellman-group14-sha256" #define KEX_CLIENT_KEX KEX_SERVER_KEX #define KEX_DEFAULT_PK_ALG \ - HOSTKEY_ECDSA_CERT_METHODS \ + "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ + "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ + "ecdsa-sha2-nistp521-cert-v01@openssh.com," \ + "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \ "ssh-ed25519-cert-v01@openssh.com," \ "sk-ssh-ed25519-cert-v01@openssh.com," \ "rsa-sha2-512-cert-v01@openssh.com," \ "rsa-sha2-256-cert-v01@openssh.com," \ "ssh-rsa-cert-v01@openssh.com," \ - HOSTKEY_ECDSA_METHODS \ + "ecdsa-sha2-nistp256," \ + "ecdsa-sha2-nistp384," \ + "ecdsa-sha2-nistp521," \ + "sk-ecdsa-sha2-nistp256@openssh.com," \ "ssh-ed25519," \ "sk-ssh-ed25519@openssh.com," \ "rsa-sha2-512," \ "rsa-sha2-256," \ "ssh-rsa" -/* the actual algorithms */ - -#define KEX_SERVER_ENCRYPT \ +#define KEX_SERVER_ENCRYPT \ "chacha20-poly1305@openssh.com," \ - "aes128-ctr,aes192-ctr,aes256-ctr" \ - AESGCM_CIPHER_MODES + "aes128-ctr,aes192-ctr,aes256-ctr," \ + "aes128-gcm@openssh.com,aes256-gcm@openssh.com" #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT -#define KEX_SERVER_MAC \ +#define KEX_SERVER_MAC \ "umac-64-etm@openssh.com," \ "umac-128-etm@openssh.com," \ "hmac-sha2-256-etm@openssh.com," \ @@ -143,44 +80,16 @@ /* Not a KEX value, but here so all the algorithm defaults are together */ #define SSH_ALLOWED_CA_SIGALGS \ - HOSTKEY_ECDSA_METHODS \ + "ecdsa-sha2-nistp256," \ + "ecdsa-sha2-nistp384," \ + "ecdsa-sha2-nistp521," \ + "sk-ecdsa-sha2-nistp256@openssh.com," \ "ssh-ed25519," \ "sk-ssh-ed25519@openssh.com," \ "rsa-sha2-512," \ "rsa-sha2-256," \ "ssh-rsa" -#else /* WITH_OPENSSL */ - -#define KEX_SERVER_KEX \ - "curve25519-sha256," \ - "curve25519-sha256@libssh.org" -#define KEX_DEFAULT_PK_ALG \ - "ssh-ed25519-cert-v01@openssh.com," \ - "ssh-ed25519" -#define KEX_SERVER_ENCRYPT \ - "chacha20-poly1305@openssh.com," \ - "aes128-ctr,aes192-ctr,aes256-ctr" -#define KEX_SERVER_MAC \ - "umac-64-etm@openssh.com," \ - "umac-128-etm@openssh.com," \ - "hmac-sha2-256-etm@openssh.com," \ - "hmac-sha2-512-etm@openssh.com," \ - "hmac-sha1-etm@openssh.com," \ - "umac-64@openssh.com," \ - "umac-128@openssh.com," \ - "hmac-sha2-256," \ - "hmac-sha2-512," \ - "hmac-sha1" - -#define KEX_CLIENT_KEX KEX_SERVER_KEX -#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT -#define KEX_CLIENT_MAC KEX_SERVER_MAC - -#define SSH_ALLOWED_CA_SIGALGS "ssh-ed25519,sk-ssh-ed25519@openssh.com" - -#endif /* WITH_OPENSSL */ - #define KEX_DEFAULT_COMP "none,zlib@openssh.com" #define KEX_DEFAULT_LANG "" @@ -207,4 +116,3 @@ KEX_DEFAULT_COMP, \ KEX_DEFAULT_LANG, \ KEX_DEFAULT_LANG - diff --git a/readconf.c b/readconf.c index cb3ae6dc7..ff551c856 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.319 2019/12/21 02:19:13 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.320 2020/01/23 02:46:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -314,6 +314,16 @@ static struct { { NULL, oBadOption } }; +static char *kex_default_pk_alg_filtered; + +const char * +kex_default_pk_alg(void) +{ + if (kex_default_pk_alg_filtered == NULL) + fatal("kex_default_pk_alg not initialized."); + return kex_default_pk_alg_filtered; +} + /* * Adds a local TCP/IP port forward to options. Never returns if there is an * error. @@ -2003,6 +2013,7 @@ void fill_default_options(Options * options) { char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; + char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; int r; if (options->forward_agent == -1) @@ -2167,24 +2178,35 @@ fill_default_options(Options * options) all_kex = kex_alg_list(','); all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); + /* remove unsupported algos from default lists */ + def_cipher = match_filter_whitelist(KEX_CLIENT_ENCRYPT, all_cipher); + def_mac = match_filter_whitelist(KEX_CLIENT_MAC, all_mac); + def_kex = match_filter_whitelist(KEX_CLIENT_KEX, all_kex); + def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key); + def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig); #define ASSEMBLE(what, defaults, all) \ do { \ if ((r = kex_assemble_names(&options->what, \ defaults, all)) != 0) \ fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ } while (0) - ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, all_cipher); - ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac); - ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex); - ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); + ASSEMBLE(ciphers, def_cipher, all_cipher); + ASSEMBLE(macs, def_mac, all_mac); + ASSEMBLE(kex_algorithms, def_kex, all_kex); + ASSEMBLE(hostbased_key_types, def_key, all_key); + ASSEMBLE(pubkey_key_types, def_key, all_key); + ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); #undef ASSEMBLE free(all_cipher); free(all_mac); free(all_kex); free(all_key); free(all_sig); + free(def_cipher); + free(def_mac); + free(def_kex); + kex_default_pk_alg_filtered = def_key; /* save for later use */ + free(def_sig); #define CLEAR_ON_NONE(v) \ do { \ @@ -2634,14 +2656,7 @@ void dump_client_config(Options *o, const char *host) { int i; - char buf[8], *all_key; - - /* This is normally prepared in ssh_kex2 */ - all_key = sshkey_alg_list(0, 0, 1, ','); - if (kex_assemble_names( &o->hostkeyalgorithms, - KEX_DEFAULT_PK_ALG, all_key) != 0) - fatal("%s: kex_assemble_names failed", __func__); - free(all_key); + char buf[8]; /* Most interesting options first: user, host, port */ dump_cfg_string(oUser, o->user); @@ -2698,7 +2713,7 @@ dump_client_config(Options *o, const char *host) /* String options */ dump_cfg_string(oBindAddress, o->bind_address); dump_cfg_string(oBindInterface, o->bind_interface); - dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT); + dump_cfg_string(oCiphers, o->ciphers); dump_cfg_string(oControlPath, o->control_path); dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); dump_cfg_string(oHostKeyAlias, o->host_key_alias); @@ -2706,12 +2721,12 @@ dump_client_config(Options *o, const char *host) dump_cfg_string(oIdentityAgent, o->identity_agent); dump_cfg_string(oIgnoreUnknown, o->ignored_unknown); dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); - dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); - dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms ? o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS); + dump_cfg_string(oKexAlgorithms, o->kex_algorithms); + dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms); dump_cfg_string(oLocalCommand, o->local_command); dump_cfg_string(oRemoteCommand, o->remote_command); dump_cfg_string(oLogLevel, log_level_name(o->log_level)); - dump_cfg_string(oMacs, o->macs ? o->macs : KEX_CLIENT_MAC); + dump_cfg_string(oMacs, o->macs); #ifdef ENABLE_PKCS11 dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); #endif diff --git a/readconf.h b/readconf.h index dcecfc54a..feedb3d20 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.131 2019/12/21 02:19:13 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.132 2020/01/23 02:46:49 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -199,6 +199,7 @@ typedef struct { #define SSH_STRICT_HOSTKEY_YES 2 #define SSH_STRICT_HOSTKEY_ASK 3 +const char *kex_default_pk_alg(void); void initialize_options(Options *); void fill_default_options(Options *); void fill_default_options_for_canonicalization(Options *); diff --git a/servconf.c b/servconf.c index 09e9df8bd..1a4c49907 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.357 2019/12/15 20:59:23 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.358 2020/01/23 02:46:49 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -195,6 +195,7 @@ static void assemble_algorithms(ServerOptions *o) { char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; + char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; int r; all_cipher = cipher_alg_list(',', 0); @@ -202,24 +203,35 @@ assemble_algorithms(ServerOptions *o) all_kex = kex_alg_list(','); all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); + /* remove unsupported algos from default lists */ + def_cipher = match_filter_whitelist(KEX_SERVER_ENCRYPT, all_cipher); + def_mac = match_filter_whitelist(KEX_SERVER_MAC, all_mac); + def_kex = match_filter_whitelist(KEX_SERVER_KEX, all_kex); + def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key); + def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig); #define ASSEMBLE(what, defaults, all) \ do { \ if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ } while (0) - ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); - ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); - ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); - ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); + ASSEMBLE(ciphers, def_cipher, all_cipher); + ASSEMBLE(macs, def_mac, all_mac); + ASSEMBLE(kex_algorithms, def_kex, all_kex); + ASSEMBLE(hostkeyalgorithms, def_key, all_key); + ASSEMBLE(hostbased_key_types, def_key, all_key); + ASSEMBLE(pubkey_key_types, def_key, all_key); + ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); #undef ASSEMBLE free(all_cipher); free(all_mac); free(all_kex); free(all_key); free(all_sig); + free(def_cipher); + free(def_mac); + free(def_kex); + free(def_key); + free(def_sig); } static void @@ -2660,8 +2672,8 @@ dump_config(ServerOptions *o) /* string arguments */ dump_cfg_string(sPidFile, o->pid_file); dump_cfg_string(sXAuthLocation, o->xauth_location); - dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); - dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); + dump_cfg_string(sCiphers, o->ciphers); + dump_cfg_string(sMacs, o->macs); dump_cfg_string(sBanner, o->banner); dump_cfg_string(sForceCommand, o->adm_forced_command); dump_cfg_string(sChrootDirectory, o->chroot_directory); @@ -2677,16 +2689,11 @@ dump_config(ServerOptions *o) dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); dump_cfg_string(sHostKeyAgent, o->host_key_agent); - dump_cfg_string(sKexAlgorithms, - o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); - dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ? - o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS); - dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? - o->hostbased_key_types : KEX_DEFAULT_PK_ALG); - dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? - o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); - dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? - o->pubkey_key_types : KEX_DEFAULT_PK_ALG); + dump_cfg_string(sKexAlgorithms, o->kex_algorithms); + dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms); + dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types); + dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms); + dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types); dump_cfg_string(sRDomain, o->routing_domain); /* string arguments requiring a lookup */ diff --git a/sshconnect2.c b/sshconnect2.c index 6f9ee42cd..7f52cc55e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.315 2020/01/21 05:56:27 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -119,7 +119,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) for (i = 0; i < options.num_system_hostfiles; i++) load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); - oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); + oavail = avail = xstrdup(kex_default_pk_alg()); maxlen = strlen(avail) + 1; first = xmalloc(maxlen); last = xmalloc(maxlen); @@ -181,14 +181,14 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) if (options.hostkeyalgorithms != NULL) { all_key = sshkey_alg_list(0, 0, 1, ','); if (kex_assemble_names(&options.hostkeyalgorithms, - KEX_DEFAULT_PK_ALG, all_key) != 0) + kex_default_pk_alg(), all_key) != 0) fatal("%s: kex_assemble_namelist", __func__); free(all_key); myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(options.hostkeyalgorithms); } else { /* Enforce default */ - options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); + options.hostkeyalgorithms = xstrdup(kex_default_pk_alg()); /* Prefer algorithms that we already have keys for */ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( -- cgit v1.2.3 From 3bf2a6ac791d64046a537335a0f1d5e43579c5ad Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 23 Jan 2020 07:10:22 +0000 Subject: upstream: Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519 --- auth-pam.c | 8 ++++---- auth.c | 4 ++-- auth2-pubkey.c | 10 +++++----- clientloop.c | 26 +++++++++++++------------- entropy.c | 4 ++-- misc.c | 19 ++++++++++++++++++- misc.h | 4 +++- monitor.c | 10 +++++----- mux.c | 22 +++++++++++----------- openbsd-compat/bsd-openpty.c | 4 ++-- progressmeter.c | 6 +++--- readconf.c | 4 ++-- readpass.c | 14 +++++++------- sandbox-systrace.c | 6 +++--- scp.c | 22 +++++++++++----------- serverloop.c | 10 +++++----- session.c | 4 ++-- sftp.c | 26 +++++++++++++------------- ssh-agent.c | 10 +++++----- ssh-sk-client.c | 9 +++++---- ssh.c | 6 +++--- sshbuf.c | 4 ++-- sshconnect.c | 10 +++++----- sshconnect2.c | 8 ++++---- sshd.c | 34 ++++++++++++++++++---------------- 25 files changed, 153 insertions(+), 131 deletions(-) (limited to 'sshconnect2.c') diff --git a/auth-pam.c b/auth-pam.c index 856fdd40f..0cd2b0019 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -156,7 +156,7 @@ static mysig_t sshpam_oldsig; static void sshpam_sigchld_handler(int sig) { - signal(SIGCHLD, SIG_DFL); + ssh_signal(SIGCHLD, SIG_DFL); if (cleanup_ctxt == NULL) return; /* handler called after PAM cleanup, shouldn't happen */ if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG) @@ -208,7 +208,7 @@ pthread_create(sp_pthread_t *thread, const void *attr, *thread = pid; close(ctx->pam_csock); ctx->pam_csock = -1; - sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler); + sshpam_oldsig = ssh_signal(SIGCHLD, sshpam_sigchld_handler); return (0); } } @@ -216,7 +216,7 @@ pthread_create(sp_pthread_t *thread, const void *attr, static int pthread_cancel(sp_pthread_t thread) { - signal(SIGCHLD, sshpam_oldsig); + ssh_signal(SIGCHLD, sshpam_oldsig); return (kill(thread, SIGTERM)); } @@ -228,7 +228,7 @@ pthread_join(sp_pthread_t thread, void **value) if (sshpam_thread_status != -1) return (sshpam_thread_status); - signal(SIGCHLD, sshpam_oldsig); + ssh_signal(SIGCHLD, sshpam_oldsig); while (waitpid(thread, &status, 0) == -1) { if (errno == EINTR) continue; diff --git a/auth.c b/auth.c index 48838508e..b42d7e76c 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.144 2019/12/16 13:58:53 tobhe Exp $ */ +/* $OpenBSD: auth.c,v 1.145 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -921,7 +921,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, child_set_env(&child_env, &envsize, "LANG", cp); for (i = 0; i < NSIG; i++) - signal(i, SIG_DFL); + ssh_signal(i, SIG_DFL); if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { error("%s: open %s: %s", tag, _PATH_DEVNULL, diff --git a/auth2-pubkey.c b/auth2-pubkey.c index b656b1f8c..5b4a2cc02 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.97 2019/11/25 00:54:23 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.98 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -460,7 +460,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, * NB. all returns later this function should go via "out" to * ensure the original SIGCHLD handler is restored properly. */ - osigchld = signal(SIGCHLD, SIG_DFL); + osigchld = ssh_signal(SIGCHLD, SIG_DFL); /* Prepare and verify the user for the command */ username = percent_expand(options.authorized_principals_command_user, @@ -548,7 +548,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, out: if (f != NULL) fclose(f); - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); for (i = 0; i < ac; i++) free(av[i]); free(av); @@ -898,7 +898,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, * NB. all returns later this function should go via "out" to * ensure the original SIGCHLD handler is restored properly. */ - osigchld = signal(SIGCHLD, SIG_DFL); + osigchld = ssh_signal(SIGCHLD, SIG_DFL); /* Prepare and verify the user for the command */ username = percent_expand(options.authorized_keys_command_user, @@ -987,7 +987,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, out: if (f != NULL) fclose(f); - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); for (i = 0; i < ac; i++) free(av[i]); free(av); diff --git a/clientloop.c b/clientloop.c index 4acf2806d..d4c23d554 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.331 2020/01/23 02:46:49 dtucker Exp $ */ +/* $OpenBSD: clientloop.c,v 1.332 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -785,7 +785,7 @@ process_cmdline(struct ssh *ssh) memset(&fwd, 0, sizeof(fwd)); leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); - handler = signal(SIGINT, SIG_IGN); + handler = ssh_signal(SIGINT, SIG_IGN); cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); if (s == NULL) goto out; @@ -883,7 +883,7 @@ process_cmdline(struct ssh *ssh) } out: - signal(SIGINT, handler); + ssh_signal(SIGINT, handler); enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); free(cmd); free(fwd.listen_host); @@ -1306,15 +1306,15 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, * Set signal handlers, (e.g. to restore non-blocking mode) * but don't overwrite SIG_IGN, matches behaviour from rsh(1) */ - if (signal(SIGHUP, SIG_IGN) != SIG_IGN) - signal(SIGHUP, signal_handler); - if (signal(SIGINT, SIG_IGN) != SIG_IGN) - signal(SIGINT, signal_handler); - if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) - signal(SIGQUIT, signal_handler); - if (signal(SIGTERM, SIG_IGN) != SIG_IGN) - signal(SIGTERM, signal_handler); - signal(SIGWINCH, window_change_handler); + if (ssh_signal(SIGHUP, SIG_IGN) != SIG_IGN) + ssh_signal(SIGHUP, signal_handler); + if (ssh_signal(SIGINT, SIG_IGN) != SIG_IGN) + ssh_signal(SIGINT, signal_handler); + if (ssh_signal(SIGQUIT, SIG_IGN) != SIG_IGN) + ssh_signal(SIGQUIT, signal_handler); + if (ssh_signal(SIGTERM, SIG_IGN) != SIG_IGN) + ssh_signal(SIGTERM, signal_handler); + ssh_signal(SIGWINCH, window_change_handler); if (have_pty) enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); @@ -1413,7 +1413,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, /* Terminate the session. */ /* Stop watching for window change. */ - signal(SIGWINCH, SIG_DFL); + ssh_signal(SIGWINCH, SIG_DFL); if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 || (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_BY_APPLICATION)) != 0 || diff --git a/entropy.c b/entropy.c index 5de68016b..2eebadf4a 100644 --- a/entropy.c +++ b/entropy.c @@ -110,7 +110,7 @@ get_random_bytes_prngd(unsigned char *buf, int len, strlen(socket_path) + 1; } - old_sigpipe = signal(SIGPIPE, SIG_IGN); + old_sigpipe = ssh_signal(SIGPIPE, SIG_IGN); errors = 0; rval = -1; @@ -160,7 +160,7 @@ reopen: rval = 0; done: - signal(SIGPIPE, old_sigpipe); + ssh_signal(SIGPIPE, old_sigpipe); if (fd != -1) close(fd); return rval; diff --git a/misc.c b/misc.c index 5204c1e9f..f25b8cf5c 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.143 2019/11/22 06:50:30 dtucker Exp $ */ +/* $OpenBSD: misc.c,v 1.144 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -2221,3 +2221,20 @@ opt_match(const char **opts, const char *term) return 0; } +sshsig_t +ssh_signal(int signum, sshsig_t handler) +{ + struct sigaction sa, osa; + + /* mask all other signals while in handler */ + bzero(&sa, sizeof(sa)); + sa.sa_handler = handler; + sigfillset(&sa.sa_mask); + if (signum != SIGALRM) + sa.sa_flags = SA_RESTART; + if (sigaction(signum, &sa, &osa) == -1) { + debug3("sigaction(%s): %s", strsignal(signum), strerror(errno)); + return SIG_ERR; + } + return osa.sa_handler; +} diff --git a/misc.h b/misc.h index 7421fbdf9..2221a54c8 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.82 2019/11/12 22:34:20 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.83 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -190,4 +190,6 @@ void notify_complete(struct notifier_ctx *); #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) +typedef void (*sshsig_t)(int); +sshsig_t ssh_signal(int, sshsig_t); #endif /* _MISC_H */ diff --git a/monitor.c b/monitor.c index 6ee44204c..dc6d78d3c 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.206 2019/12/15 18:57:30 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -393,11 +393,11 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) pmonitor->m_recvfd = -1; monitor_set_child_handler(pmonitor->m_pid); - signal(SIGHUP, &monitor_child_handler); - signal(SIGTERM, &monitor_child_handler); - signal(SIGINT, &monitor_child_handler); + ssh_signal(SIGHUP, &monitor_child_handler); + ssh_signal(SIGTERM, &monitor_child_handler); + ssh_signal(SIGINT, &monitor_child_handler); #ifdef SIGXFSZ - signal(SIGXFSZ, SIG_IGN); + ssh_signal(SIGXFSZ, SIG_IGN); #endif mon_dispatch = mon_dispatch_postauth20; diff --git a/mux.c b/mux.c index f3ea11cdc..5efc849c4 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.80 2019/06/28 13:35:04 deraadt Exp $ */ +/* $OpenBSD: mux.c,v 1.81 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -1911,7 +1911,7 @@ mux_client_request_session(int fd) return -1; } - signal(SIGPIPE, SIG_IGN); + ssh_signal(SIGPIPE, SIG_IGN); if (stdin_null_flag) { if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1) @@ -2012,10 +2012,10 @@ mux_client_request_session(int fd) fatal("%s pledge(): %s", __func__, strerror(errno)); platform_pledge_mux(); - signal(SIGHUP, control_client_sighandler); - signal(SIGINT, control_client_sighandler); - signal(SIGTERM, control_client_sighandler); - signal(SIGWINCH, control_client_sigrelay); + ssh_signal(SIGHUP, control_client_sighandler); + ssh_signal(SIGINT, control_client_sighandler); + ssh_signal(SIGTERM, control_client_sighandler); + ssh_signal(SIGWINCH, control_client_sigrelay); rawmode = tty_flag; if (tty_flag) @@ -2145,7 +2145,7 @@ mux_client_request_stdio_fwd(int fd) return -1; } - signal(SIGPIPE, SIG_IGN); + ssh_signal(SIGPIPE, SIG_IGN); if (stdin_null_flag) { if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1) @@ -2219,10 +2219,10 @@ mux_client_request_stdio_fwd(int fd) } muxclient_request_id++; - signal(SIGHUP, control_client_sighandler); - signal(SIGINT, control_client_sighandler); - signal(SIGTERM, control_client_sighandler); - signal(SIGWINCH, control_client_sigrelay); + ssh_signal(SIGHUP, control_client_sighandler); + ssh_signal(SIGINT, control_client_sighandler); + ssh_signal(SIGTERM, control_client_sighandler); + ssh_signal(SIGWINCH, control_client_sigrelay); /* * Stick around until the controlee closes the client_fd. diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c index 123a9be56..b6b5ab49b 100644 --- a/openbsd-compat/bsd-openpty.c +++ b/openbsd-compat/bsd-openpty.c @@ -103,10 +103,10 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp, return (-1); /* XXX: need to close ptm on error? */ - old_signal = signal(SIGCHLD, SIG_DFL); + old_signal = ssh_signal(SIGCHLD, SIG_DFL); if (grantpt(ptm) < 0) return (-1); - signal(SIGCHLD, old_signal); + ssh_signal(SIGCHLD, old_signal); if (unlockpt(ptm) < 0) return (-1); diff --git a/progressmeter.c b/progressmeter.c index 72f40f8f9..8baf798f1 100644 --- a/progressmeter.c +++ b/progressmeter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.c,v 1.49 2019/10/29 07:47:27 dtucker Exp $ */ +/* $OpenBSD: progressmeter.c,v 1.50 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2003 Nils Nordman. All rights reserved. * @@ -252,8 +252,8 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) setscreensize(); refresh_progress_meter(1); - signal(SIGALRM, sig_alarm); - signal(SIGWINCH, sig_winch); + ssh_signal(SIGALRM, sig_alarm); + ssh_signal(SIGWINCH, sig_winch); alarm(UPDATE_INTERVAL); } diff --git a/readconf.c b/readconf.c index ff551c856..59443bfdb 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.320 2020/01/23 02:46:49 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.321 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -528,7 +528,7 @@ execute_in_shell(const char *cmd) execv(argv[0], argv); error("Unable to execute '%.100s': %s", cmd, strerror(errno)); /* Die with signal to make this error apparent to parent. */ - signal(SIGTERM, SIG_DFL); + ssh_signal(SIGTERM, SIG_DFL); kill(getpid(), SIGTERM); _exit(1); } diff --git a/readpass.c b/readpass.c index 4172bbc56..974d67f0b 100644 --- a/readpass.c +++ b/readpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.c,v 1.60 2019/12/06 03:06:08 djm Exp $ */ +/* $OpenBSD: readpass.c,v 1.61 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -65,10 +65,10 @@ ssh_askpass(char *askpass, const char *msg, const char *env_hint) error("%s: pipe: %s", __func__, strerror(errno)); return NULL; } - osigchld = signal(SIGCHLD, SIG_DFL); + osigchld = ssh_signal(SIGCHLD, SIG_DFL); if ((pid = fork()) == -1) { error("%s: fork: %s", __func__, strerror(errno)); - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); return NULL; } if (pid == 0) { @@ -98,7 +98,7 @@ ssh_askpass(char *askpass, const char *msg, const char *env_hint) while ((ret = waitpid(pid, &status, 0)) == -1) if (errno != EINTR) break; - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) { explicit_bzero(buf, sizeof(buf)); return NULL; @@ -243,10 +243,10 @@ notify_start(int force_askpass, const char *fmt, ...) free(prompt); return NULL; } - osigchld = signal(SIGCHLD, SIG_DFL); + osigchld = ssh_signal(SIGCHLD, SIG_DFL); if ((pid = fork()) == -1) { error("%s: fork: %s", __func__, strerror(errno)); - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); free(prompt); return NULL; } @@ -289,6 +289,6 @@ notify_complete(struct notifier_ctx *ctx) } if (ret == -1) fatal("%s: waitpid: %s", __func__, strerror(errno)); - signal(SIGCHLD, ctx->osigchld); + ssh_signal(SIGCHLD, ctx->osigchld); free(ctx); } diff --git a/sandbox-systrace.c b/sandbox-systrace.c index 93e63b8e0..e61d581ae 100644 --- a/sandbox-systrace.c +++ b/sandbox-systrace.c @@ -105,7 +105,7 @@ ssh_sandbox_init(struct monitor *monitor) box = xcalloc(1, sizeof(*box)); box->systrace_fd = -1; box->child_pid = 0; - box->osigchld = signal(SIGCHLD, SIG_IGN); + box->osigchld = ssh_signal(SIGCHLD, SIG_IGN); return box; } @@ -114,7 +114,7 @@ void ssh_sandbox_child(struct ssh_sandbox *box) { debug3("%s: ready", __func__); - signal(SIGCHLD, box->osigchld); + ssh_signal(SIGCHLD, box->osigchld); if (kill(getpid(), SIGSTOP) != 0) fatal("%s: kill(%d, SIGSTOP)", __func__, getpid()); debug3("%s: started", __func__); @@ -133,7 +133,7 @@ ssh_sandbox_parent(struct ssh_sandbox *box, pid_t child_pid, do { pid = waitpid(child_pid, &status, WUNTRACED); } while (pid == -1 && errno == EINTR); - signal(SIGCHLD, box->osigchld); + ssh_signal(SIGCHLD, box->osigchld); if (!WIFSTOPPED(status)) { if (WIFSIGNALED(status)) fatal("%s: child terminated with signal %d", diff --git a/scp.c b/scp.c index 762286c73..6901e0c94 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.206 2019/09/09 02:31:19 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -215,9 +215,9 @@ do_local_cmd(arglist *a) } do_cmd_pid = pid; - signal(SIGTERM, killchild); - signal(SIGINT, killchild); - signal(SIGHUP, killchild); + ssh_signal(SIGTERM, killchild); + ssh_signal(SIGINT, killchild); + ssh_signal(SIGHUP, killchild); while (waitpid(pid, &status, 0) == -1) if (errno != EINTR) @@ -268,9 +268,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout) close(reserved[0]); close(reserved[1]); - signal(SIGTSTP, suspchild); - signal(SIGTTIN, suspchild); - signal(SIGTTOU, suspchild); + ssh_signal(SIGTSTP, suspchild); + ssh_signal(SIGTTIN, suspchild); + ssh_signal(SIGTTOU, suspchild); /* Fork a child to execute the command on the remote host using ssh. */ do_cmd_pid = fork(); @@ -307,9 +307,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout) *fdout = pin[1]; close(pout[1]); *fdin = pout[0]; - signal(SIGTERM, killchild); - signal(SIGINT, killchild); - signal(SIGHUP, killchild); + ssh_signal(SIGTERM, killchild); + ssh_signal(SIGINT, killchild); + ssh_signal(SIGHUP, killchild); return 0; } @@ -561,7 +561,7 @@ main(int argc, char **argv) iamrecursive ? " -r" : "", pflag ? " -p" : "", targetshouldbedirectory ? " -d" : ""); - (void) signal(SIGPIPE, lostconn); + (void) ssh_signal(SIGPIPE, lostconn); if (colon(argv[argc - 1])) /* Dest is remote host. */ toremote(argc, argv); diff --git a/serverloop.c b/serverloop.c index 99d259201..1babc7a51 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.218 2019/11/27 05:38:43 dtucker Exp $ */ +/* $OpenBSD: serverloop.c,v 1.219 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -402,15 +402,15 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) debug("Entering interactive session for SSH2."); - signal(SIGCHLD, sigchld_handler); + ssh_signal(SIGCHLD, sigchld_handler); child_terminated = 0; connection_in = ssh_packet_get_connection_in(ssh); connection_out = ssh_packet_get_connection_out(ssh); if (!use_privsep) { - signal(SIGTERM, sigterm_handler); - signal(SIGINT, sigterm_handler); - signal(SIGQUIT, sigterm_handler); + ssh_signal(SIGTERM, sigterm_handler); + ssh_signal(SIGINT, sigterm_handler); + ssh_signal(SIGQUIT, sigterm_handler); } notify_setup(); diff --git a/session.c b/session.c index e16f876c5..8c0e54f79 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.317 2019/11/13 04:47:52 deraadt Exp $ */ +/* $OpenBSD: session.c,v 1.318 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1642,7 +1642,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) do_rc_files(ssh, s, shell); /* restore SIGPIPE for child */ - signal(SIGPIPE, SIG_DFL); + ssh_signal(SIGPIPE, SIG_DFL); if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) { error("Connection from %s: refusing non-sftp session", diff --git a/sftp.c b/sftp.c index 54538ff96..ff14d3c29 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.196 2019/11/01 03:54:33 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.197 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2243,7 +2243,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) interactive = !batchmode && isatty(STDIN_FILENO); err = 0; for (;;) { - signal(SIGINT, SIG_IGN); + ssh_signal(SIGINT, SIG_IGN); if (el == NULL) { if (interactive) @@ -2275,14 +2275,14 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) /* Handle user interrupts gracefully during commands */ interrupted = 0; - signal(SIGINT, cmd_interrupt); + ssh_signal(SIGINT, cmd_interrupt); err = parse_dispatch_command(conn, cmd, &remote_path, startdir, batchmode, !interactive && el == NULL); if (err != 0) break; } - signal(SIGCHLD, SIG_DFL); + ssh_signal(SIGCHLD, SIG_DFL); free(remote_path); free(startdir); free(conn); @@ -2339,20 +2339,20 @@ connect_to_server(char *path, char **args, int *in, int *out) * kill it too. Contrawise, since sftp sends SIGTERMs to the * underlying ssh, it must *not* ignore that signal. */ - signal(SIGINT, SIG_IGN); - signal(SIGTERM, SIG_DFL); + ssh_signal(SIGINT, SIG_IGN); + ssh_signal(SIGTERM, SIG_DFL); execvp(path, args); fprintf(stderr, "exec: %s: %s\n", path, strerror(errno)); _exit(1); } - signal(SIGTERM, killchild); - signal(SIGINT, killchild); - signal(SIGHUP, killchild); - signal(SIGTSTP, suspchild); - signal(SIGTTIN, suspchild); - signal(SIGTTOU, suspchild); - signal(SIGCHLD, sigchld_handler); + ssh_signal(SIGTERM, killchild); + ssh_signal(SIGINT, killchild); + ssh_signal(SIGHUP, killchild); + ssh_signal(SIGTSTP, suspchild); + ssh_signal(SIGTTIN, suspchild); + ssh_signal(SIGTTOU, suspchild); + ssh_signal(SIGCHLD, sigchld_handler); close(c_in); close(c_out); } diff --git a/ssh-agent.c b/ssh-agent.c index 09d12dc3f..dd5d21d5a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.251 2019/12/13 19:09:10 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.252 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1404,10 +1404,10 @@ skip: if (ac > 0) parent_alive_interval = 10; idtab_init(); - signal(SIGPIPE, SIG_IGN); - signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN); - signal(SIGHUP, cleanup_handler); - signal(SIGTERM, cleanup_handler); + ssh_signal(SIGPIPE, SIG_IGN); + ssh_signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN); + ssh_signal(SIGHUP, cleanup_handler); + ssh_signal(SIGTERM, cleanup_handler); if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1) fatal("%s: pledge: %s", __progname, strerror(errno)); diff --git a/ssh-sk-client.c b/ssh-sk-client.c index 359327b68..8d7e6c305 100644 --- a/ssh-sk-client.c +++ b/ssh-sk-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-client.c,v 1.6 2020/01/21 07:07:31 djm Exp $ */ +/* $OpenBSD: ssh-sk-client.c,v 1.7 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -39,6 +39,7 @@ #include "digest.h" #include "pathnames.h" #include "ssh-sk.h" +#include "misc.h" /* #define DEBUG_SK 1 */ @@ -73,13 +74,13 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) error("socketpair: %s", strerror(errno)); return SSH_ERR_SYSTEM_ERROR; } - osigchld = signal(SIGCHLD, SIG_DFL); + osigchld = ssh_signal(SIGCHLD, SIG_DFL); if ((pid = fork()) == -1) { oerrno = errno; error("fork: %s", strerror(errno)); close(pair[0]); close(pair[1]); - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); errno = oerrno; return SSH_ERR_SYSTEM_ERROR; } @@ -220,7 +221,7 @@ client_converse(struct sshbuf *msg, struct sshbuf **respp, u_int type) } sshbuf_free(req); sshbuf_free(resp); - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); errno = oerrno; return r; diff --git a/ssh.c b/ssh.c index 947558d1c..c0511f2a0 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.511 2020/01/05 16:28:22 beck Exp $ */ +/* $OpenBSD: ssh.c,v 1.512 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1535,8 +1535,8 @@ main(int ac, char **av) options.num_system_hostfiles); tilde_expand_paths(options.user_hostfiles, options.num_user_hostfiles); - signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */ - signal(SIGCHLD, main_sigchld_handler); + ssh_signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */ + ssh_signal(SIGCHLD, main_sigchld_handler); /* Log into the remote system. Never returns if the login fails. */ ssh_login(ssh, &sensitive_data, host, (struct sockaddr *)&hostaddr, diff --git a/sshbuf.c b/sshbuf.c index adfddf775..f4f7a220f 100644 --- a/sshbuf.c +++ b/sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.c,v 1.13 2018/11/16 06:10:29 djm Exp $ */ +/* $OpenBSD: sshbuf.c,v 1.14 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -42,7 +42,7 @@ sshbuf_check_sanity(const struct sshbuf *buf) buf->off > buf->size)) { /* Do not try to recover from corrupted buffer internals */ SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - signal(SIGSEGV, SIG_DFL); + ssh_signal(SIGSEGV, SIG_DFL); raise(SIGSEGV); return SSH_ERR_INTERNAL_ERROR; } diff --git a/sshconnect.c b/sshconnect.c index a2d759819..690240716 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.326 2020/01/22 07:38:30 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.327 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -259,7 +259,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg, /* Execute the proxy command. Note that we gave up any extra privileges above. */ - signal(SIGPIPE, SIG_DFL); + ssh_signal(SIGPIPE, SIG_DFL); execv(argv[0], argv); perror(argv[0]); exit(1); @@ -1383,10 +1383,10 @@ ssh_local_cmd(const char *args) if ((shell = getenv("SHELL")) == NULL || *shell == '\0') shell = _PATH_BSHELL; - osighand = signal(SIGCHLD, SIG_DFL); + osighand = ssh_signal(SIGCHLD, SIG_DFL); pid = fork(); if (pid == 0) { - signal(SIGPIPE, SIG_DFL); + ssh_signal(SIGPIPE, SIG_DFL); debug3("Executing %s -c \"%s\"", shell, args); execl(shell, shell, "-c", args, (char *)NULL); error("Couldn't execute %s -c \"%s\": %s", @@ -1397,7 +1397,7 @@ ssh_local_cmd(const char *args) while (waitpid(pid, &status, 0) == -1) if (errno != EINTR) fatal("Couldn't wait for child: %s", strerror(errno)); - signal(SIGCHLD, osighand); + ssh_signal(SIGCHLD, osighand); if (!WIFEXITED(status)) return (1); diff --git a/sshconnect2.c b/sshconnect2.c index 7f52cc55e..8d13310f2 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.317 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1924,7 +1924,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, error("%s: fork: %s", __func__, strerror(errno)); return -1; } - osigchld = signal(SIGCHLD, SIG_DFL); + osigchld = ssh_signal(SIGCHLD, SIG_DFL); if (pid == 0) { close(from[0]); if (dup2(from[1], STDOUT_FILENO) == -1) @@ -1996,11 +1996,11 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) { error("%s: buffer error: %s", __func__, ssh_err(r)); fail: - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); sshbuf_free(b); return -1; } - signal(SIGCHLD, osigchld); + ssh_signal(SIGCHLD, osigchld); sshbuf_free(b); return 0; diff --git a/sshd.c b/sshd.c index 46f693a8e..c447edfe1 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.543 2020/01/21 22:39:57 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.544 2020/01/23 07:10:22 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -313,7 +313,7 @@ sighup_restart(void) close_listen_socks(); close_startup_pipes(); alarm(0); /* alarm timer persists across exec */ - signal(SIGHUP, SIG_IGN); /* will be restored after exec */ + ssh_signal(SIGHUP, SIG_IGN); /* will be restored after exec */ execv(saved_argv[0], saved_argv); logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno)); @@ -342,6 +342,8 @@ main_sigchld_handler(int sig) pid_t pid; int status; + debug("main_sigchld_handler: %s", strsignal(sig)); + while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || (pid == -1 && errno == EINTR)) ; @@ -363,7 +365,7 @@ grace_alarm_handler(int sig) * keys command helpers. */ if (getpgid(0) == getpid()) { - signal(SIGTERM, SIG_IGN); + ssh_signal(SIGTERM, SIG_IGN); kill(0, SIGTERM); } @@ -1941,7 +1943,7 @@ main(int ac, char **av) error("chdir(\"/\"): %s", strerror(errno)); /* ignore SIGPIPE */ - signal(SIGPIPE, SIG_IGN); + ssh_signal(SIGPIPE, SIG_IGN); /* Get a connection, either from inetd or a listening TCP socket */ if (inetd_flag) { @@ -1950,10 +1952,10 @@ main(int ac, char **av) platform_pre_listen(); server_listen(); - signal(SIGHUP, sighup_handler); - signal(SIGCHLD, main_sigchld_handler); - signal(SIGTERM, sigterm_handler); - signal(SIGQUIT, sigterm_handler); + ssh_signal(SIGHUP, sighup_handler); + ssh_signal(SIGCHLD, main_sigchld_handler); + ssh_signal(SIGTERM, sigterm_handler); + ssh_signal(SIGQUIT, sigterm_handler); /* * Write out the pid file after the sigterm handler @@ -2043,12 +2045,12 @@ main(int ac, char **av) * will not restart on SIGHUP since it no longer makes sense. */ alarm(0); - signal(SIGALRM, SIG_DFL); - signal(SIGHUP, SIG_DFL); - signal(SIGTERM, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - signal(SIGCHLD, SIG_DFL); - signal(SIGINT, SIG_DFL); + ssh_signal(SIGALRM, SIG_DFL); + ssh_signal(SIGHUP, SIG_DFL); + ssh_signal(SIGTERM, SIG_DFL); + ssh_signal(SIGQUIT, SIG_DFL); + ssh_signal(SIGCHLD, SIG_DFL); + ssh_signal(SIGINT, SIG_DFL); /* * Register our connection. This turns encryption off because we do @@ -2109,7 +2111,7 @@ main(int ac, char **av) * mode; it is just annoying to have the server exit just when you * are about to discover the bug. */ - signal(SIGALRM, grace_alarm_handler); + ssh_signal(SIGALRM, grace_alarm_handler); if (!debug_flag) alarm(options.login_grace_time); @@ -2167,7 +2169,7 @@ main(int ac, char **av) * authentication. */ alarm(0); - signal(SIGALRM, SIG_DFL); + ssh_signal(SIGALRM, SIG_DFL); authctxt->authenticated = 1; if (startup_pipe != -1) { close(startup_pipe); -- cgit v1.2.3 From 7f8e66fea8c4e2a910df9067cb7638999b7764d5 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 23 Jan 2020 10:24:29 +0000 Subject: upstream: Make zlib optional. This adds a "ZLIB" build time option that allows building without zlib compression and associated options. With feedback from markus@, ok djm@ OpenBSD-Commit-ID: 44c6e1133a90fd15a3aa865bdedc53bab28b7910 --- cipher.c | 13 ++++++++++++- cipher.h | 3 ++- kex.c | 7 +++++-- packet.c | 38 ++++++++++++++++++++++++++++++++++++-- readconf.c | 12 ++++++++++-- servconf.c | 9 ++++++++- ssh.c | 19 +++++++++++++++---- sshconnect2.c | 6 +++--- 8 files changed, 91 insertions(+), 16 deletions(-) (limited to 'sshconnect2.c') diff --git a/cipher.c b/cipher.c index 25f98ba8e..820bc6ace 100644 --- a/cipher.c +++ b/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.113 2019/09/06 05:23:55 djm Exp $ */ +/* $OpenBSD: cipher.c,v 1.114 2020/01/23 10:24:29 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -143,6 +143,17 @@ cipher_alg_list(char sep, int auth_only) return ret; } +const char * +compression_alg_list(int compression) +{ +#ifdef WITH_ZLIB + return compression ? "zlib@openssh.com,zlib,none" : + "none,zlib@openssh.com,zlib"; +#else + return "none"; +#endif +} + u_int cipher_blocksize(const struct sshcipher *c) { diff --git a/cipher.h b/cipher.h index 5843aab49..1a591cd7f 100644 --- a/cipher.h +++ b/cipher.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.h,v 1.54 2019/09/06 05:23:55 djm Exp $ */ +/* $OpenBSD: cipher.h,v 1.55 2020/01/23 10:24:29 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -54,6 +54,7 @@ const struct sshcipher *cipher_by_name(const char *); const char *cipher_warning_message(const struct sshcipher_ctx *); int ciphers_valid(const char *); char *cipher_alg_list(char, int); +const char *compression_alg_list(int); int cipher_init(struct sshcipher_ctx **, const struct sshcipher *, const u_char *, u_int, const u_char *, u_int, int); int cipher_crypt(struct sshcipher_ctx *, u_int, u_char *, const u_char *, diff --git a/kex.c b/kex.c index 2195cea4e..ce85f0439 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.155 2019/10/08 22:40:39 dtucker Exp $ */ +/* $OpenBSD: kex.c,v 1.156 2020/01/23 10:24:29 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -798,11 +798,14 @@ choose_comp(struct sshcomp *comp, char *client, char *server) if (name == NULL) return SSH_ERR_NO_COMPRESS_ALG_MATCH; +#ifdef WITH_ZLIB if (strcmp(name, "zlib@openssh.com") == 0) { comp->type = COMP_DELAYED; } else if (strcmp(name, "zlib") == 0) { comp->type = COMP_ZLIB; - } else if (strcmp(name, "none") == 0) { + } else +#endif /* WITH_ZLIB */ + if (strcmp(name, "none") == 0) { comp->type = COMP_NONE; } else { error("%s: unsupported compression scheme %s", __func__, name); diff --git a/packet.c b/packet.c index 2b50ef415..cffadd9a4 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.287 2019/12/16 13:58:53 tobhe Exp $ */ +/* $OpenBSD: packet.c,v 1.288 2020/01/23 10:24:29 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -76,7 +76,9 @@ # endif #endif +#ifdef WITH_ZLIB #include +#endif #include "xmalloc.h" #include "compat.h" @@ -150,9 +152,11 @@ struct session_state { /* Scratch buffer for packet compression/decompression. */ struct sshbuf *compression_buffer; +#ifdef WITH_ZLIB /* Incoming/outgoing compression dictionaries */ z_stream compression_in_stream; z_stream compression_out_stream; +#endif int compression_in_started; int compression_out_started; int compression_in_failures; @@ -609,7 +613,8 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) state->newkeys[mode] = NULL; ssh_clear_newkeys(ssh, mode); /* next keys */ } - /* compression state is in shared mem, so we can only release it once */ +#ifdef WITH_ZLIB + /* comression state is in shared mem, so we can only release it once */ if (do_close && state->compression_buffer) { sshbuf_free(state->compression_buffer); if (state->compression_out_started) { @@ -635,6 +640,7 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) inflateEnd(stream); } } +#endif /* WITH_ZLIB */ cipher_free(state->send_context); cipher_free(state->receive_context); state->send_context = state->receive_context = NULL; @@ -690,6 +696,7 @@ ssh_packet_init_compression(struct ssh *ssh) return 0; } +#ifdef WITH_ZLIB static int start_compression_out(struct ssh *ssh, int level) { @@ -821,6 +828,33 @@ uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) /* NOTREACHED */ } +#else /* WITH_ZLIB */ + +static int +start_compression_out(struct ssh *ssh, int level) +{ + return SSH_ERR_INTERNAL_ERROR; +} + +static int +start_compression_in(struct ssh *ssh) +{ + return SSH_ERR_INTERNAL_ERROR; +} + +static int +compress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) +{ + return SSH_ERR_INTERNAL_ERROR; +} + +static int +uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) +{ + return SSH_ERR_INTERNAL_ERROR; +} +#endif /* WITH_ZLIB */ + void ssh_clear_newkeys(struct ssh *ssh, int mode) { diff --git a/readconf.c b/readconf.c index 59443bfdb..b25984548 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.321 2020/01/23 07:10:22 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.322 2020/01/23 10:24:29 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -837,6 +837,13 @@ static const struct multistate multistate_canonicalizehostname[] = { { "always", SSH_CANONICALISE_ALWAYS }, { NULL, -1 } }; +static const struct multistate multistate_compression[] = { +#ifdef WITH_ZLIB + { "yes", COMP_ZLIB }, +#endif + { "no", COMP_NONE }, + { NULL, -1 } +}; /* * Processes a single option line as used in the configuration files. This @@ -1046,7 +1053,8 @@ parse_time: case oCompression: intptr = &options->compression; - goto parse_flag; + multistate_ptr = multistate_compression; + goto parse_multistate; case oTCPKeepAlive: intptr = &options->tcp_keep_alive; diff --git a/servconf.c b/servconf.c index 1a4c49907..1e0718139 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.358 2020/01/23 02:46:49 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.359 2020/01/23 10:24:29 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -384,7 +384,12 @@ fill_default_server_options(ServerOptions *options) options->permit_user_env_whitelist = NULL; } if (options->compression == -1) +#ifdef WITH_ZLIB options->compression = COMP_DELAYED; +#else + options->compression = COMP_NONE; +#endif + if (options->rekey_limit == -1) options->rekey_limit = 0; if (options->rekey_interval == -1) @@ -1213,8 +1218,10 @@ static const struct multistate multistate_permitrootlogin[] = { { NULL, -1 } }; static const struct multistate multistate_compression[] = { +#ifdef WITH_ZLIB { "yes", COMP_DELAYED }, { "delayed", COMP_DELAYED }, +#endif { "no", COMP_NONE }, { NULL, -1 } }; diff --git a/ssh.c b/ssh.c index c0511f2a0..851d85b50 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.512 2020/01/23 07:10:22 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.513 2020/01/23 10:24:29 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -602,6 +602,7 @@ main(int ac, char **av) struct addrinfo *addrs = NULL; struct ssh_digest_ctx *md; u_char conn_hash[SSH_DIGEST_MAX_LENGTH]; + size_t n, len; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -753,10 +754,16 @@ main(int ac, char **av) cp = sshkey_alg_list(0, 1, 1, '\n'); else if (strcmp(optarg, "protocol-version") == 0) cp = xstrdup("2"); - else if (strcmp(optarg, "help") == 0) { + else if (strcmp(optarg, "compression") == 0) { + cp = xstrdup(compression_alg_list(0)); + len = strlen(cp); + for (n = 0; n < len; n++) + if (cp[n] == ',') + cp[n] = '\n'; + } else if (strcmp(optarg, "help") == 0) { cp = xstrdup( - "cipher\ncipher-auth\nkex\nkey\n" - "key-cert\nkey-plain\nmac\n" + "cipher\ncipher-auth\ncompression\nkex\n" + "key\nkey-cert\nkey-plain\nmac\n" "protocol-version\nsig"); } if (cp == NULL) @@ -959,7 +966,11 @@ main(int ac, char **av) break; case 'C': +#ifdef WITH_ZLIB options.compression = 1; +#else + error("Compression not supported, disabling."); +#endif break; case 'N': no_shell_flag = 1; diff --git a/sshconnect2.c b/sshconnect2.c index 8d13310f2..3b84a2d56 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.317 2020/01/23 07:10:22 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.318 2020/01/23 10:24:30 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -174,8 +174,8 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal(options.ciphers); myproposal[PROPOSAL_COMP_ALGS_CTOS] = - myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ? - "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib"; + myproposal[PROPOSAL_COMP_ALGS_STOC] = + (char *)compression_alg_list(options.compression); myproposal[PROPOSAL_MAC_ALGS_CTOS] = myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; if (options.hostkeyalgorithms != NULL) { -- cgit v1.2.3 From a47f6a6c0e06628eed0c2a08dc31a8923bcc37ba Mon Sep 17 00:00:00 2001 From: "naddy@openbsd.org" Date: Thu, 6 Feb 2020 22:30:54 +0000 Subject: upstream: Replace "security key" with "authenticator" in program messages. This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key". ok djm@ OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e --- auth2-pubkey.c | 5 +++-- monitor.c | 7 ++++--- ssh-add.c | 8 ++++---- ssh-agent.c | 6 +++--- ssh-keygen.c | 10 +++++----- ssh-sk.c | 26 ++++++++++++-------------- ssh.c | 4 ++-- sshconnect2.c | 13 +++++++------ 8 files changed, 40 insertions(+), 39 deletions(-) (limited to 'sshconnect2.c') diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 5b4a2cc02..815ea0f25 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.98 2020/01/23 07:10:22 dtucker Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.99 2020/02/06 22:30:54 naddy Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -231,7 +231,8 @@ userauth_pubkey(struct ssh *ssh) SSH_SK_USER_PRESENCE_REQD) == 0) { error("public key %s signature for %s%s from " "%.128s port %d rejected: user presence " - "(key touch) requirement not met ", key_s, + "(authenticator touch) requirement " + "not met ", key_s, authctxt->valid ? "" : "invalid user ", authctxt->user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); diff --git a/monitor.c b/monitor.c index dc6d78d3c..2ce89fe90 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */ +/* $OpenBSD: monitor.c,v 1.208 2020/02/06 22:30:54 naddy Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1445,8 +1445,9 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) if (req_presence && (sig_details->sk_flags & SSH_SK_USER_PRESENCE_REQD) == 0) { error("public key %s %s signature for %s%s from %.128s " - "port %d rejected: user presence (key touch) " - "requirement not met ", sshkey_type(key), fp, + "port %d rejected: user presence " + "(authenticator touch) requirement not met ", + sshkey_type(key), fp, authctxt->valid ? "" : "invalid user ", authctxt->user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); diff --git a/ssh-add.c b/ssh-add.c index f3b666c93..8057eb1fe 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.151 2020/01/25 23:02:13 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.152 2020/02/06 22:30:54 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -315,8 +315,8 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag, if (!sshkey_is_sk(private)) skprovider = NULL; /* Don't send constraint for other keys */ else if (skprovider == NULL) { - fprintf(stderr, "Cannot load security key %s without " - "provider\n", filename); + fprintf(stderr, "Cannot load authenticator-hosted key %s " + "without provider\n", filename); goto out; } @@ -546,7 +546,7 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag) int r, ok = 0; char *fp; - pass = read_passphrase("Enter PIN for security key: ", RP_ALLOW_STDIN); + pass = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN); if ((r = sshsk_load_resident(skprovider, NULL, pass, &keys, &nkeys)) != 0) { error("Unable to load resident keys: %s", ssh_err(r)); diff --git a/ssh-agent.c b/ssh-agent.c index 5c9a9de60..7eb6f0dc5 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.254 2020/01/25 00:06:48 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.255 2020/02/06 22:30:54 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -510,8 +510,8 @@ process_add_identity(SocketEntry *e) } if (sk_provider != NULL) { if (!sshkey_is_sk(k)) { - error("Cannot add provider: %s is not a security key", - sshkey_type(k)); + error("Cannot add provider: %s is not an " + "authenticator-hosted key", sshkey_type(k)); free(sk_provider); goto send; } diff --git a/ssh-keygen.c b/ssh-keygen.c index 2a64622c1..a6ba6cc7a 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.396 2020/02/04 09:58:04 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.397 2020/02/06 22:30:54 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -2971,7 +2971,7 @@ do_download_sk(const char *skprovider, const char *device) if (skprovider == NULL) fatal("Cannot download keys without provider"); - pin = read_passphrase("Enter PIN for security key: ", RP_ALLOW_STDIN); + pin = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN); if ((r = sshsk_load_resident(skprovider, device, pin, &keys, &nkeys)) != 0) { freezero(pin, strlen(pin)); @@ -3582,7 +3582,7 @@ main(int argc, char **argv) } } if (!quiet) { - printf("You may need to touch your security key " + printf("You may need to touch your authenticator " "to authorize key generation.\n"); } passphrase = NULL; @@ -3600,8 +3600,8 @@ main(int argc, char **argv) fatal("Key enrollment failed: %s", ssh_err(r)); if (passphrase != NULL) freezero(passphrase, strlen(passphrase)); - passphrase = read_passphrase("Enter PIN for security " - "key: ", RP_ALLOW_STDIN); + passphrase = read_passphrase("Enter PIN for " + "authenticator: ", RP_ALLOW_STDIN); } if (passphrase != NULL) freezero(passphrase, strlen(passphrase)); diff --git a/ssh-sk.c b/ssh-sk.c index 3e88aafff..5ff938193 100644 --- a/ssh-sk.c +++ b/ssh-sk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk.c,v 1.26 2020/01/28 08:01:34 djm Exp $ */ +/* $OpenBSD: ssh-sk.c,v 1.27 2020/02/06 22:30:54 naddy Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -120,39 +120,38 @@ sshsk_open(const char *path) return ret; } if ((ret->dlhandle = dlopen(path, RTLD_NOW)) == NULL) { - error("Security key provider \"%s\" dlopen failed: %s", - path, dlerror()); + error("Provider \"%s\" dlopen failed: %s", path, dlerror()); goto fail; } if ((ret->sk_api_version = dlsym(ret->dlhandle, "sk_api_version")) == NULL) { - error("Security key provider \"%s\" dlsym(sk_api_version) " - "failed: %s", path, dlerror()); + error("Provider \"%s\" dlsym(sk_api_version) failed: %s", + path, dlerror()); goto fail; } version = ret->sk_api_version(); debug("%s: provider %s implements version 0x%08lx", __func__, ret->path, (u_long)version); if ((version & SSH_SK_VERSION_MAJOR_MASK) != SSH_SK_VERSION_MAJOR) { - error("Security key provider \"%s\" implements unsupported " + error("Provider \"%s\" implements unsupported " "version 0x%08lx (supported: 0x%08lx)", path, (u_long)version, (u_long)SSH_SK_VERSION_MAJOR); goto fail; } if ((ret->sk_enroll = dlsym(ret->dlhandle, "sk_enroll")) == NULL) { - error("Security key provider %s dlsym(sk_enroll) " - "failed: %s", path, dlerror()); + error("Provider %s dlsym(sk_enroll) failed: %s", + path, dlerror()); goto fail; } if ((ret->sk_sign = dlsym(ret->dlhandle, "sk_sign")) == NULL) { - error("Security key provider \"%s\" dlsym(sk_sign) failed: %s", + error("Provider \"%s\" dlsym(sk_sign) failed: %s", path, dlerror()); goto fail; } if ((ret->sk_load_resident_keys = dlsym(ret->dlhandle, "sk_load_resident_keys")) == NULL) { - error("Security key provider \"%s\" " - "dlsym(sk_load_resident_keys) failed: %s", path, dlerror()); + error("Provider \"%s\" dlsym(sk_load_resident_keys) " + "failed: %s", path, dlerror()); goto fail; } /* success */ @@ -219,7 +218,7 @@ sshsk_ecdsa_assemble(struct sk_enroll_response *resp, struct sshkey **keyp) goto out; } if (sshkey_ec_validate_public(EC_KEY_get0_group(key->ecdsa), q) != 0) { - error("Security key returned invalid ECDSA key"); + error("Authenticator returned invalid ECDSA key"); r = SSH_ERR_KEY_INVALID_EC_VALUE; goto out; } @@ -758,8 +757,7 @@ sshsk_load_resident(const char *provider_path, const char *device, goto out; } if ((r = skp->sk_load_resident_keys(pin, opts, &rks, &nrks)) != 0) { - error("Security key provider \"%s\" returned failure %d", - provider_path, r); + error("Provider \"%s\" returned failure %d", provider_path, r); r = skerr_to_ssherr(r); goto out; } diff --git a/ssh.c b/ssh.c index 35972fe39..326ce21f6 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.517 2020/01/28 07:24:15 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.518 2020/02/06 22:30:54 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1376,7 +1376,7 @@ main(int ac, char **av) if (options.sk_provider != NULL && *options.sk_provider == '$' && strlen(options.sk_provider) > 1) { if ((cp = getenv(options.sk_provider + 1)) == NULL) { - debug("Security key provider %s did not resolve; " + debug("Authenticator provider %s did not resolve; " "disabling", options.sk_provider); free(options.sk_provider); options.sk_provider = NULL; diff --git a/sshconnect2.c b/sshconnect2.c index 3b84a2d56..4c4a61ba0 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.318 2020/01/23 10:24:30 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.319 2020/02/06 22:30:54 naddy Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -613,7 +613,7 @@ format_identity(Identity *id) if ((id->key->flags & SSHKEY_FLAG_EXT) != 0) note = " token"; else if (sshkey_is_sk(id->key)) - note = " security-key"; + note = " authenticator"; } xasprintf(&ret, "%s %s%s%s%s%s%s", id->filename, @@ -1487,8 +1487,8 @@ load_identity_file(Identity *id) } if (private != NULL && sshkey_is_sk(private) && options.sk_provider == NULL) { - debug("key \"%s\" is a security key, but no " - "provider specified", id->filename); + debug("key \"%s\" is an authenticator-hosted key, " + "but no provider specified", id->filename); sshkey_free(private); private = NULL; quit = 1; @@ -1571,7 +1571,7 @@ pubkey_prepare(Authctxt *authctxt) continue; } if (key && sshkey_is_sk(key) && options.sk_provider == NULL) { - debug("%s: ignoring security key %s as no " + debug("%s: ignoring authenticator-hosted key %s as no " "SecurityKeyProvider has been specified", __func__, options.identity_files[i]); continue; @@ -1595,7 +1595,8 @@ pubkey_prepare(Authctxt *authctxt) continue; } if (key && sshkey_is_sk(key) && options.sk_provider == NULL) { - debug("%s: ignoring security key certificate %s as no " + debug("%s: ignoring authenticator-hosted key " + "certificate %s as no " "SecurityKeyProvider has been specified", __func__, options.identity_files[i]); continue; -- cgit v1.2.3 From 96bd895a0a0b3a36f81c14db8c91513578fc5563 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 6 Feb 2020 22:48:23 +0000 Subject: upstream: When using HostkeyAlgorithms to merely append or remove algorithms from the default set (i.e. HostkeyAlgorithms=+/-...), retain the default behaviour of preferring those algorithms that have existing keys in known_hosts; ok markus OpenBSD-Commit-ID: 040e7fcc38ea00146b5d224ce31ce7a1795ee6ed --- sshconnect2.c | 41 ++++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) (limited to 'sshconnect2.c') diff --git a/sshconnect2.c b/sshconnect2.c index 4c4a61ba0..af00fb30c 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.319 2020/02/06 22:30:54 naddy Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.320 2020/02/06 22:48:23 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -119,7 +119,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) for (i = 0; i < options.num_system_hostfiles; i++) load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); - oavail = avail = xstrdup(kex_default_pk_alg()); + oavail = avail = xstrdup(options.hostkeyalgorithms); maxlen = strlen(avail) + 1; first = xmalloc(maxlen); last = xmalloc(maxlen); @@ -161,11 +161,28 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) { char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; char *s, *all_key; - int r; + int r, use_known_hosts_order = 0; xxx_host = host; xxx_hostaddr = hostaddr; + /* + * If the user has not specified HostkeyAlgorithms, or has only + * appended or removed algorithms from that list then prefer algorithms + * that are in the list that are supported by known_hosts keys. + */ + if (options.hostkeyalgorithms == NULL || + options.hostkeyalgorithms[0] == '-' || + options.hostkeyalgorithms[0] == '+') + use_known_hosts_order = 1; + + /* Expand or fill in HostkeyAlgorithms */ + all_key = sshkey_alg_list(0, 0, 1, ','); + if (kex_assemble_names(&options.hostkeyalgorithms, + kex_default_pk_alg(), all_key) != 0) + fatal("%s: kex_assemble_namelist", __func__); + free(all_key); + if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) fatal("%s: kex_names_cat", __func__); myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s); @@ -178,21 +195,15 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) (char *)compression_alg_list(options.compression); myproposal[PROPOSAL_MAC_ALGS_CTOS] = myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; - if (options.hostkeyalgorithms != NULL) { - all_key = sshkey_alg_list(0, 0, 1, ','); - if (kex_assemble_names(&options.hostkeyalgorithms, - kex_default_pk_alg(), all_key) != 0) - fatal("%s: kex_assemble_namelist", __func__); - free(all_key); - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = - compat_pkalg_proposal(options.hostkeyalgorithms); - } else { - /* Enforce default */ - options.hostkeyalgorithms = xstrdup(kex_default_pk_alg()); - /* Prefer algorithms that we already have keys for */ + if (use_known_hosts_order) { + /* Query known_hosts and prefer algorithms that appear there */ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( order_hostkeyalgs(host, hostaddr, port)); + } else { + /* Use specified HostkeyAlgorithms exactly */ + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = + compat_pkalg_proposal(options.hostkeyalgorithms); } if (options.rekey_limit || options.rekey_interval) -- cgit v1.2.3