RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

revert stricter key type / signature type checking in
userauth path; too much software generates inconsistent messages, so we need
a better plan.

OpenBSD-Commit-ID: 4a44ddc991c803c4ecc8f1ad40e0ab4d22e1c519
This commit is contained in:
djm@openbsd.org 2017-12-21 00:00:28 +00:00 committed by Damien Miller
parent c5a6cbdb79
commit d45d69f2a9
3 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
auth2-pubkey.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-pubkey.c,v 1.73 2017/12/19 00:24:34 djm Exp $ */ /* $OpenBSD: auth2-pubkey.c,v 1.74 2017/12/21 00:00:28 djm Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* *
@ -214,7 +214,7 @@ userauth_pubkey(struct ssh *ssh)
authenticated = 0; authenticated = 0;
if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) && if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) &&
PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b),
sshbuf_len(b), pkalg, ssh->compat)) == 0) { sshbuf_len(b), NULL, ssh->compat)) == 0) {
authenticated = 1; authenticated = 1;
} }
sshbuf_free(b); sshbuf_free(b);

9
monitor.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.c,v 1.176 2017/12/18 02:25:15 djm Exp $ */ /* $OpenBSD: monitor.c,v 1.177 2017/12/21 00:00:28 djm Exp $ */
/* /*
* Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org> * Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -1353,6 +1353,12 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
!monitor_allowed_key(blob, bloblen)) !monitor_allowed_key(blob, bloblen))
fatal("%s: bad key, not previously allowed", __func__); fatal("%s: bad key, not previously allowed", __func__);
/* Empty signature algorithm means NULL. */
if (*sigalg == '\0') {
free(sigalg);
sigalg = NULL;
}
/* XXX use sshkey_froms here; need to change key_blob, etc. */ /* XXX use sshkey_froms here; need to change key_blob, etc. */
if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0) if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)
fatal("%s: bad public key blob: %s", __func__, ssh_err(r)); fatal("%s: bad public key blob: %s", __func__, ssh_err(r));
@ -1383,6 +1389,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
free(blob); free(blob);
free(signature); free(signature);
free(data); free(data);
free(sigalg);
monitor_reset_key_state(); monitor_reset_key_state();

4
monitor_wrap.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.c,v 1.96 2017/12/18 02:25:15 djm Exp $ */ /* $OpenBSD: monitor_wrap.c,v 1.97 2017/12/21 00:00:28 djm Exp $ */
/* /*
* Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org> * Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -458,7 +458,7 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
buffer_put_string(&m, blob, len); buffer_put_string(&m, blob, len);
buffer_put_string(&m, sig, siglen); buffer_put_string(&m, sig, siglen);
buffer_put_string(&m, data, datalen); buffer_put_string(&m, data, datalen);
buffer_put_cstring(&m, sigalg); buffer_put_cstring(&m, sigalg == NULL ? "" : sigalg);
free(blob); free(blob);
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);