src/usr.bin/ssh/auth2-hostbased.c - diff

Return to auth2-hostbased.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/auth2-hostbased.c between version 1.28 and 1.29

version 1.28, 2017/05/30 14:10:53

version 1.29, 2017/05/30 14:25:42

Line 38

#include "misc.h"

#include "servconf.h"

#include "compat.h"

#include "key.h"

#include "sshkey.h"

#include "hostfile.h"

#include "auth.h"

#include "canohost.h"

Line 47

#endif

#include "monitor_wrap.h"

#include "pathnames.h"

#include "ssherr.h"

#include "match.h"

/* import */

Line 57

Line 58

static int

userauth_hostbased(Authctxt *authctxt)

{

Buffer b;

struct ssh *ssh = active_state; /* XXX */

struct sshbuf *b;

struct sshkey *key = NULL;

char *pkalg, *cuser, *chost, *service;

u_char *pkblob, *sig;

u_int alen, blen, slen;

size_t alen, blen, slen;

int pktype;

int r, pktype, authenticated = 0;

int authenticated = 0;

if (!authctxt->valid) {

debug2("userauth_hostbased: disabled because of invalid user");

debug2("%s: disabled because of invalid user", __func__);

return 0;

}

pkalg = packet_get_string(&alen);

/* XXX use sshkey_froms() */

pkblob = packet_get_string(&blen);

if ((r = sshpkt_get_cstring(ssh, &pkalg, &alen)) != 0 ||

chost = packet_get_string(NULL);

(r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 ||

cuser = packet_get_string(NULL);

(r = sshpkt_get_cstring(ssh, &chost, NULL)) != 0 ||

sig = packet_get_string(&slen);

(r = sshpkt_get_cstring(ssh, &cuser, NULL)) != 0 ||

(r = sshpkt_get_string(ssh, &sig, &slen)) != 0)

fatal("%s: packet parsing: %s", __func__, ssh_err(r));

debug("userauth_hostbased: cuser %s chost %s pkalg %s slen %d",

debug("%s: cuser %s chost %s pkalg %s slen %zu", __func__,

cuser, chost, pkalg, slen);

#ifdef DEBUG_PK

debug("signature:");

buffer_init(&b);

sshbuf_dump_data(sig, siglen, stderr);

buffer_append(&b, sig, slen);

buffer_dump(&b);

buffer_free(&b);

#endif

pktype = key_type_from_name(pkalg);

pktype = sshkey_type_from_name(pkalg);

if (pktype == KEY_UNSPEC) {

/* this is perfectly legal */

logit("userauth_hostbased: unsupported "

logit("%s: unsupported public key algorithm: %s",

"public key algorithm: %s", pkalg);

__func__, pkalg);

goto done;

}

key = key_from_blob(pkblob, blen);

if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) {

error("%s: key_from_blob: %s", __func__, ssh_err(r));

goto done;

}

if (key == NULL) {

error("userauth_hostbased: cannot decode key: %s", pkalg);

error("%s: cannot decode key: %s", __func__, pkalg);

goto done;

}

if (key->type != pktype) {

error("userauth_hostbased: type mismatch for decoded key "

error("%s: type mismatch for decoded key "

"(received %d, expected %d)", key->type, pktype);

"(received %d, expected %d)", __func__, key->type, pktype);

goto done;

}

if (key_type_plain(key->type) == KEY_RSA &&

if (sshkey_type_plain(key->type) == KEY_RSA &&

(datafellows & SSH_BUG_RSASIGMD5) != 0) {

(ssh->compat & SSH_BUG_RSASIGMD5) != 0) {

error("Refusing RSA key because peer uses unsafe "

"signature format");

goto done;

Line 114

Line 117

goto done;

}

service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :

service = ssh->compat & SSH_BUG_HBSERVICE ? "ssh-userauth" :

authctxt->service;

buffer_init(&b);

if ((b = sshbuf_new()) == NULL)

buffer_put_string(&b, session_id2, session_id2_len);

fatal("%s: sshbuf_new failed", __func__);

/* reconstruct packet */

buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);

if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 ||

buffer_put_cstring(&b, authctxt->user);

(r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||

buffer_put_cstring(&b, service);

(r = sshbuf_put_cstring(b, authctxt->user)) != 0 ||

buffer_put_cstring(&b, "hostbased");

(r = sshbuf_put_cstring(b, service)) != 0 ||

buffer_put_string(&b, pkalg, alen);

(r = sshbuf_put_cstring(b, "hostbased")) != 0 ||

buffer_put_string(&b, pkblob, blen);

(r = sshbuf_put_string(b, pkalg, alen)) != 0 ||

buffer_put_cstring(&b, chost);

(r = sshbuf_put_string(b, pkblob, blen)) != 0 ||

buffer_put_cstring(&b, cuser);

(r = sshbuf_put_cstring(b, chost)) != 0 ||

(r = sshbuf_put_cstring(b, cuser)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

#ifdef DEBUG_PK

buffer_dump(&b);

sshbuf_dump(b, stderr);

#endif

pubkey_auth_info(authctxt, key,

Line 137

Line 142

/* test for allowed key and correct signature */

authenticated = 0;

if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&

PRIVSEP(sshkey_verify(key, sig, slen, buffer_ptr(&b),

PRIVSEP(sshkey_verify(key, sig, slen,

buffer_len(&b), 0)) == 0)

sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0)

authenticated = 1;

buffer_free(&b);

sshbuf_free(b);

done:

debug2("userauth_hostbased: authenticated %d", authenticated);

debug2("%s: authenticated %d", __func__, authenticated);

if (key != NULL)

key_free(key);

sshkey_free(key);

free(pkalg);

free(pkblob);

free(cuser);

Line 202

Line 207

}

debug2("%s: access allowed by auth_rhosts2", __func__);

if (key_is_cert(key) &&

if (sshkey_is_cert(key) &&

key_cert_check_authority(key, 1, 0, lookup, &reason)) {

sshkey_cert_check_authority(key, 1, 0, lookup, &reason)) {

error("%s", reason);

auth_debug_add("%s", reason);

return 0;

Line 222

Line 227

}

if (host_status == HOST_OK) {

if (key_is_cert(key)) {

if (sshkey_is_cert(key)) {

if ((fp = sshkey_fingerprint(key->cert->signature_key,

options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL)

fatal("%s: sshkey_fingerprint fail", __func__);

verbose("Accepted certificate ID \"%s\" signed by "

"%s CA %s from %s@%s", key->cert->key_id,

key_type(key->cert->signature_key), fp,

sshkey_type(key->cert->signature_key), fp,

cuser, lookup);

} else {

if ((fp = sshkey_fingerprint(key,

options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL)

fatal("%s: sshkey_fingerprint fail", __func__);

verbose("Accepted %s public key %s from %s@%s",

key_type(key), fp, cuser, lookup);

sshkey_type(key), fp, cuser, lookup);

}

free(fp);

}