===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshconnect2.c,v
retrieving revision 1.99
retrieving revision 1.99.2.3
diff -u -r1.99 -r1.99.2.3
--- src/usr.bin/ssh/sshconnect2.c	2002/03/26 15:58:46	1.99
+++ src/usr.bin/ssh/sshconnect2.c	2003/04/03 22:35:18	1.99.2.3
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.99 2002/03/26 15:58:46 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.99.2.3 2003/04/03 22:35:18 miod Exp $");
 
 #include "ssh.h"
 #include "ssh2.h"
@@ -45,6 +45,8 @@
 #include "match.h"
 #include "dispatch.h"
 #include "canohost.h"
+#include "msg.h"
+#include "pathnames.h"
 
 /* import */
 extern char *client_version_string;
@@ -93,10 +95,10 @@
 	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
 	if (options.compression) {
 		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
-		myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib";
+		myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib,none";
 	} else {
 		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
-		myproposal[PROPOSAL_COMP_ALGS_STOC] = "none";
+		myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib";
 	}
 	if (options.macs != NULL) {
 		myproposal[PROPOSAL_MAC_ALGS_CTOS] =
@@ -108,6 +110,8 @@
 
 	/* start key exchange */
 	kex = kex_setup(myproposal);
+	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
+	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
 	kex->client_version_string=client_version_string;
 	kex->server_version_string=server_version_string;
 	kex->verify_host_key=&verify_host_key_callback;
@@ -126,7 +130,6 @@
 	packet_send();
 	packet_write_wait();
 #endif
-	debug("done: ssh_kex2.");
 }
 
 /*
@@ -154,8 +157,7 @@
 	int last_key_hint;
 	AuthenticationConnection *agent;
 	/* hostbased */
-	Key **keys;
-	int nkeys;
+	Sensitive *sensitive;
 	/* kbd-interactive */
 	int info_req_seen;
 };
@@ -215,7 +217,7 @@
 
 void
 ssh_userauth2(const char *local_user, const char *server_user, char *host,
-    Key **keys, int nkeys)
+    Sensitive *sensitive)
 {
 	Authctxt authctxt;
 	int type;
@@ -223,24 +225,23 @@
 	if (options.challenge_response_authentication)
 		options.kbd_interactive_authentication = 1;
 
-	debug("send SSH2_MSG_SERVICE_REQUEST");
 	packet_start(SSH2_MSG_SERVICE_REQUEST);
 	packet_put_cstring("ssh-userauth");
 	packet_send();
+	debug("SSH2_MSG_SERVICE_REQUEST sent");
 	packet_write_wait();
 	type = packet_read();
-	if (type != SSH2_MSG_SERVICE_ACCEPT) {
-		fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
-	}
+	if (type != SSH2_MSG_SERVICE_ACCEPT)
+		fatal("Server denied authentication request: %d", type);
 	if (packet_remaining() > 0) {
 		char *reply = packet_get_string(NULL);
-		debug("service_accept: %s", reply);
+		debug2("service_accept: %s", reply);
 		xfree(reply);
 	} else {
-		debug("buggy server: service_accept w/o service");
+		debug2("buggy server: service_accept w/o service");
 	}
 	packet_check_eom();
-	debug("got SSH2_MSG_SERVICE_ACCEPT");
+	debug("SSH2_MSG_SERVICE_ACCEPT received");
 
 	if (options.preferred_authentications == NULL)
 		options.preferred_authentications = authmethods_get();
@@ -255,8 +256,7 @@
 	authctxt.success = 0;
 	authctxt.method = authmethod_lookup("none");
 	authctxt.authlist = NULL;
-	authctxt.keys = keys;
-	authctxt.nkeys = nkeys;
+	authctxt.sensitive = sensitive;
 	authctxt.info_req_seen = 0;
 	if (authctxt.method == NULL)
 		fatal("ssh_userauth2: internal error: cannot send userauth none request");
@@ -273,7 +273,7 @@
 	if (authctxt.agent != NULL)
 		ssh_close_authentication_connection(authctxt.agent);
 
-	debug("ssh-userauth2 successful: method %s", authctxt.method->name);
+	debug("Authentication succeeded (%s).", authctxt.method->name);
 }
 void
 userauth(Authctxt *authctxt, char *authlist)
@@ -299,12 +299,14 @@
 		}
 	}
 }
+
 void
 input_userauth_error(int type, u_int32_t seq, void *ctxt)
 {
 	fatal("input_userauth_error: bad message during authentication: "
 	   "type %d", type);
 }
+
 void
 input_userauth_banner(int type, u_int32_t seq, void *ctxt)
 {
@@ -316,6 +318,7 @@
 	xfree(msg);
 	xfree(lang);
 }
+
 void
 input_userauth_success(int type, u_int32_t seq, void *ctxt)
 {
@@ -327,6 +330,7 @@
 	clear_auth_state(authctxt);
 	authctxt->success = 1;			/* break out */
 }
+
 void
 input_userauth_failure(int type, u_int32_t seq, void *ctxt)
 {
@@ -343,7 +347,7 @@
 
 	if (partial != 0)
 		log("Authenticated with partial success.");
-	debug("authentications that can continue: %s", authlist);
+	debug("Authentications that can continue: %s", authlist);
 
 	clear_auth_state(authctxt);
 	userauth(authctxt, authlist);
@@ -375,7 +379,7 @@
 	}
 	packet_check_eom();
 
-	debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d",
+	debug("Server accepts key: pkalg %s blen %u lastkey %p hint %d",
 	    pkalg, blen, authctxt->last_key, authctxt->last_key_hint);
 
 	do {
@@ -395,7 +399,7 @@
 		if (key->type != pktype) {
 			error("input_userauth_pk_ok: type mismatch "
 			    "for decoded key (received %d, expected %d)",
-			     key->type, pktype);
+			    key->type, pktype);
 			break;
 		}
 		fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
@@ -418,7 +422,7 @@
 	clear_auth_state(authctxt);
 	dispatch_set(SSH2_MSG_USERAUTH_PK_OK, NULL);
 
-	/* try another method if we did not send a packet*/
+	/* try another method if we did not send a packet */
 	if (sent == 0)
 		userauth(authctxt, NULL);
 
@@ -463,7 +467,7 @@
 	packet_add_padding(64);
 	packet_send();
 
-	dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, 
+	dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
 	    &input_userauth_passwd_changereq);
 
 	return 1;
@@ -495,7 +499,7 @@
 	packet_put_cstring(authctxt->service);
 	packet_put_cstring(authctxt->method->name);
 	packet_put_char(1);			/* additional info */
-	snprintf(prompt, sizeof(prompt), 
+	snprintf(prompt, sizeof(prompt),
 	    "Enter %.30s@%.128s's old password: ",
 	    authctxt->server_user, authctxt->host);
 	password = read_passphrase(prompt, 0);
@@ -504,7 +508,7 @@
 	xfree(password);
 	password = NULL;
 	while (password == NULL) {
-		snprintf(prompt, sizeof(prompt), 
+		snprintf(prompt, sizeof(prompt),
 		    "Enter %.30s@%.128s's new password: ",
 		    authctxt->server_user, authctxt->host);
 		password = read_passphrase(prompt, RP_ALLOW_EOF);
@@ -512,7 +516,7 @@
 			/* bail out */
 			return;
 		}
-		snprintf(prompt, sizeof(prompt), 
+		snprintf(prompt, sizeof(prompt),
 		    "Retype %.30s@%.128s's new password: ",
 		    authctxt->server_user, authctxt->host);
 		retype = read_passphrase(prompt, 0);
@@ -530,8 +534,8 @@
 	xfree(password);
 	packet_add_padding(64);
 	packet_send();
-	
-	dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, 
+
+	dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
 	    &input_userauth_passwd_changereq);
 }
 
@@ -760,7 +764,7 @@
 	if (k == NULL) {
 		debug2("userauth_pubkey_agent: no more keys");
 	} else {
-		debug("userauth_pubkey_agent: testing agent key %s", comment);
+		debug("Offering agent key: %s", comment);
 		xfree(comment);
 		ret = send_pubkey_test(authctxt, k, agent_sign_cb, -1);
 		if (ret == 0)
@@ -788,7 +792,7 @@
 		key = options.identity_keys[idx];
 		filename = options.identity_files[idx];
 		if (key == NULL) {
-			debug("try privkey: %s", filename);
+			debug("Trying private key: %s", filename);
 			key = load_identity_file(filename);
 			if (key != NULL) {
 				sent = sign_and_send_pubkey(authctxt, key,
@@ -796,7 +800,7 @@
 				key_free(key);
 			}
 		} else if (key->type != KEY_RSA1) {
-			debug("try pubkey: %s", filename);
+			debug("Offering public key: %s", filename);
 			sent = send_pubkey_test(authctxt, key,
 			    identity_sign_cb, idx);
 		}
@@ -893,14 +897,86 @@
 	packet_send();
 }
 
-/*
- * this will be move to an external program (ssh-keysign) ASAP. ssh-keysign
- * will be setuid-root and the sbit can be removed from /usr/bin/ssh.
- */
+static int
+ssh_keysign(Key *key, u_char **sigp, u_int *lenp,
+    u_char *data, u_int datalen)
+{
+	Buffer b;
+	struct stat st;
+	pid_t pid;
+	int to[2], from[2], status, version = 2;
+
+	debug2("ssh_keysign called");
+
+	if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) {
+		error("ssh_keysign: no installed: %s", strerror(errno));
+		return -1;
+	}
+	if (fflush(stdout) != 0)
+		error("ssh_keysign: fflush: %s", strerror(errno));
+	if (pipe(to) < 0) {
+		error("ssh_keysign: pipe: %s", strerror(errno));
+		return -1;
+	}
+	if (pipe(from) < 0) {
+		error("ssh_keysign: pipe: %s", strerror(errno));
+		return -1;
+	}
+	if ((pid = fork()) < 0) {
+		error("ssh_keysign: fork: %s", strerror(errno));
+		return -1;
+	}
+	if (pid == 0) {
+		seteuid(getuid());
+		setuid(getuid());
+		close(from[0]);
+		if (dup2(from[1], STDOUT_FILENO) < 0)
+			fatal("ssh_keysign: dup2: %s", strerror(errno));
+		close(to[1]);
+		if (dup2(to[0], STDIN_FILENO) < 0)
+			fatal("ssh_keysign: dup2: %s", strerror(errno));
+		close(from[1]);
+		close(to[0]);
+		execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *) 0);
+		fatal("ssh_keysign: exec(%s): %s", _PATH_SSH_KEY_SIGN,
+		    strerror(errno));
+	}
+	close(from[1]);
+	close(to[0]);
+
+	buffer_init(&b);
+	buffer_put_int(&b, packet_get_connection_in()); /* send # of socket */
+	buffer_put_string(&b, data, datalen);
+	ssh_msg_send(to[1], version, &b);
+
+	if (ssh_msg_recv(from[0], &b) < 0) {
+		error("ssh_keysign: no reply");
+		buffer_clear(&b);
+		return -1;
+	}
+	close(from[0]);
+	close(to[1]);
+
+	while (waitpid(pid, &status, 0) < 0)
+		if (errno != EINTR)
+			break;
+
+	if (buffer_get_char(&b) != version) {
+		error("ssh_keysign: bad version");
+		buffer_clear(&b);
+		return -1;
+	}
+	*sigp = buffer_get_string(&b, lenp);
+	buffer_clear(&b);
+
+	return 0;
+}
+
 int
 userauth_hostbased(Authctxt *authctxt)
 {
 	Key *private = NULL;
+	Sensitive *sensitive = authctxt->sensitive;
 	Buffer b;
 	u_char *signature, *blob;
 	char *chost, *pkalg, *p;
@@ -909,17 +985,17 @@
 	int ok, i, len, found = 0;
 
 	/* check for a useful key */
-	for (i = 0; i < authctxt->nkeys; i++) {
-		private = authctxt->keys[i];
+	for (i = 0; i < sensitive->nkeys; i++) {
+		private = sensitive->keys[i];
 		if (private && private->type != KEY_RSA1) {
 			found = 1;
 			/* we take and free the key */
-			authctxt->keys[i] = NULL;
+			sensitive->keys[i] = NULL;
 			break;
 		}
 	}
 	if (!found) {
-		debug("userauth_hostbased: no more client hostkeys");
+		debug("No more client hostkeys for hostbased authentication.");
 		return 0;
 	}
 	if (key_to_blob(private, &blob, &blen) == 0) {
@@ -938,6 +1014,7 @@
 	strlcpy(chost, p, len);
 	strlcat(chost, ".", len);
 	debug2("userauth_hostbased: chost %s", chost);
+	xfree(p);
 
 	service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
 	    authctxt->service;
@@ -956,7 +1033,12 @@
 #ifdef DEBUG_PK
 	buffer_dump(&b);
 #endif
-	ok = key_sign(private, &signature, &slen, buffer_ptr(&b), buffer_len(&b));
+	if (sensitive->external_keysign)
+		ok = ssh_keysign(private, &signature, &slen,
+		    buffer_ptr(&b), buffer_len(&b));
+	else
+		ok = key_sign(private, &signature, &slen,
+		    buffer_ptr(&b), buffer_len(&b));
 	key_free(private);
 	buffer_free(&b);
 	if (ok != 0) {
@@ -1019,6 +1101,7 @@
 static Authmethod *current = NULL;
 static char *supported = NULL;
 static char *preferred = NULL;
+
 /*
  * Given the authentication method list sent by the server, return the
  * next method we should try.  If the server initially sends a nil list,
@@ -1027,7 +1110,6 @@
 static Authmethod *
 authmethod_get(char *authlist)
 {
-
 	char *name = NULL;
 	u_int next;
 
@@ -1048,7 +1130,7 @@
 
 	for (;;) {
 		if ((name = match_list(preferred, supported, &next)) == NULL) {
-			debug("no more auth methods to try");
+			debug("No more authentication methods to try.");
 			current = NULL;
 			return NULL;
 		}
@@ -1058,7 +1140,7 @@
 		if ((current = authmethod_lookup(name)) != NULL &&
 		    authmethod_is_enabled(current)) {
 			debug3("authmethod_is_enabled %s", name);
-			debug("next auth method to try is %s", name);
+			debug("Next authentication method: %s", name);
 			return current;
 		}
 	}